Bonum Certa Men Certa

Links 7/8/2018: TCP Vulnerability in Linux, Speck Crypto Code Candidate for Removal

GNOME bluefish



  • Audiocasts/Shows

    • Episode 34 | This Week in Linux
      On this episode of This Week in Linux: Linus Torvalds gave his opinion on Wireguard, Lubuntu Takes a New Direction, LineageOS launches their annual Summer Survey, and Hiri’s Experience with Selling on Linux. Then we’ll check out some distro news from Slackware, OpenWRT, Ubuntu LTS, and RebeccaBlackOS. Later in the show, we’ll look at the new NetSpectre vulnerability varient, Forbes’ 5 Reasons to Switch to Linux, a really interesting blog post from the KDE Team about Plasma’s Engineering and finally we’ll check out some Linux Gaming news. All that and much more!

  • Kernel Space

    • Linux 4.19 Kernel Getting STACKLEAK Feature
      Another security hardening measure coming to the Linux kernel is STACKLEAK.

      Kees Cook of Google queued STACKLEAK into one of his feature branches that will be sent in for the upcoming Linux 4.19 kernel.

    • Google Decides Not To Use Speck For Disk Encryption, Instead Developing HPolyC
      While the controversial Speck crypto support was added to Linux 4.17 and with Linux 4.18 it's being exposed via fscrypt for a disk encryption option, which Google intended to be used on low-end "Android Go" devices that don't have CPUs with capable native encryption extensions, instead Google is backtracking.

    • Linux "PSI" Patches Report Stall/Pressure Information For CPU / Memory / Storage
      One of the interesting patch series in the works is the "PSI" work by Johannes Weiner of Facebook.

      PSI in this context is actually Pressure Stall Information. This information to be exposed by future versions of the Linux kernel make it possible to quantify resource pressure on the system across CPU, memory, and I/O -- including within cgroups.

    • The Best Features Of The Linux 4.18 Kernel
      Following a one week delay, the Linux 4.18 kernel is set to be released this coming weekend. In case you forgot about the new features and improvements since the Linux 4.18 cycle kicked off back in June, here's a look back at some of the most prominent additions for this latest kernel version.

    • Linux kernel bug: TCP flaw lets remote attackers stall devices with tiny DoS attack
      Security researchers are warning Linux system users of a bug in the Linux kernel version 4.9 and up that could be used to hit systems with a denial-of-service attack on networking kit.

      The warning comes from Carnegie Mellon University's CERT/CC, which notes that newer versions of the Linux kernel can be "forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (DoS)".

    • SegmentSmack: TCP Flaw In Linux Kernel Could Trigger A Remote Denial Of Service
      The Linux kernel has been hit with a TCL flaw that was recently discovered by security researcher Juha-Matti Tilli. Assigned CVE-2018-5390, this flaw could be exploited by malicious actors to trigger a resource exhaustion attack using an available open port. This flaw, named SegmentSmack by Red Hat, affects the Linux kernel 4.9 or above.

    • TCP vulnerability found in Linux versions 4.9 and above
    • CVE-2018-5390: Vulnerability in Linux Kernel Allows for DoS Attacks

    • Speck Crypto Code Called For Removal From The Linux Kernel
      Now that Google will not be using the Speck crypto code for disk encryption on low-end Android devices but instead developing "HPolyC" as outlined in the aforelinked article, a plea has already been submitted to remove the current Speck code from the mainline Linux kernel.

      Following yesterday's mailing list announcement that Google has changed its mind on using Speck and instead investing in a new option, Linux developer Jason Donenfeld took the liberty of issuing a "request for comments" on removing the Speck crypto code. Donenfeld is the developer that's been working on WireGuard and the new Zinc crypto library.

    • Edge Security Developer Requests Speck Crypto be Pulled From Linux Kernel, as Google Abandoned It

    • STACKLEAK Security Added to Linux 4.19 Kernel to Prevent Stack Attacks
      A few days ago we covered Enhanced IBRS as mitigation against Spectre attacks being added to Linux 4.19 kernel, and now we just found out that another security hardening measure, known as STACKLEAK, is being added to the Linux 4.19 kernel as well.

    • Graphics Stack

      • Google Open-Sources "Filament" PBR Engine Using Vulkan/OpenGL
        Filament is a physically-based rendering engine that has now been open-sourced by Google for Android, Linux, macOS, and Windows systems.

        This physically-based rendering engine is designed to be as small and efficient as possible so that it can scale down and run with ease on Android-based systems. Filament is written in C++ and requires the use of the LLVM/Clang compiler, supports OpenGL 4.1+ / OpenGL ES 3.0+ / Vulkan 1.0 for rendering back-ends, supports a wide range of rendering capabilities, and all-around looks like quite an exciting PBR engine.

      • Sway 1.0 Alpha 5 Brings Multi-GPU Support, Virtual Keyboard Protocol
        The i3-inspired Sway Wayland compositor had already introduced many features ahead of Sway 1.0 while with today's fifth alpha release are yet more new features to advertise.

        Sway 1.0 Alpha 5 was released today and while it's just a few weeks past the alpha 4 milestone, there are more than 250 changes and a number of new features.

    • Benchmarks

      • PHP 7.3 Beta Benchmarks Showing Good Performance
        Following last week's PHP 7.3 beta release, which also marks the feature freeze for this next PHP7 update, I've been running some performance benchmarks on a couple different Linux systems.

        My latest PHP 7.3 benchmarks using the first beta copy jive with my earlier PHP 7.3 benchmarks showing this next PHP7 iteration being a nice evolution to the performance and continuing to run much better than during the PHP5 days.

  • Applications

  • Desktop Environments/WMs

    • 5 reasons the i3 window manager makes Linux better
      One of the nicest things about Linux (and open source software in general) is the freedom to choose among different alternatives to address our needs.

      I've been using Linux for a long time, but I was never entirely happy with the desktop environment options available. Until last year, Xfce was the closest to what I consider a good compromise between features and performance. Then I found i3, an amazing piece of software that changed my life.

      I3 is a tiling window manager. The goal of a window manager is to control the appearance and placement of windows in a windowing system. Window managers are often used as part a full-featured desktop environment (such as GNOME or Xfce), but some can also be used as standalone applications.

    • K Desktop Environment/KDE SC/Qt

      • KDE Plasma 5.14 Desktop Environment Lets You Upgrade Your Computer's Firmware
        One of the coolest new features of the KDE Plasma 5.14 desktop environment, as developer Nate Graham notes in his latest usability and productivity report, is the ability to upgrade your computer's firmware through the Plasma Discover graphical package manager, which is installed by default and helps KDE Plasma users update their GNU/Linux distributions and KDE applications.

        The ability to upgrade your computer’s firmware recently landed in the Plasma Discover package manager and was implemented by developer Abjiheet Sharma. KDE Plasma 5.14 looks to be the first release of the open-source desktop environment to ship with this features, as it doesn't look like it will be backported to Plasma 5.13.

      • Kube: new website, new flatpak

        What comes with it though is that we’ll also be publishing the flatpak and Mac OS nightlies there from now on. The CI that is building those nightlies will be integrated eventually, but that job is not complete just yet.

      • Musing About Communities Size and Activity: A Follow-up
        In my previous post I played with the team size and activity metrics on several communities and see what would come out of it. Interestingly, to me this wasn't necessarily the most interesting of what I posted (it's rather basic in what it presents) but somehow it's the one which triggered the most comments, especially in the KDE community. Looks like I struck a nerve. :-)

        Anyway, it got quite a lot of good comments, so I thought it deserved a follow-up post with a different tone. For the record, I generally try to avoid putting too much of my own personal opinion in posts where I present metrics. I think it's sane to try to shield facts on the data from my biased position. It's obviously super hard, if not impossible. Indeed, at a minimum I'm forced to mention potential events in the time frame considered (if I know them)... it's risky, but still I do it because otherwise things would be just very dry and super annoying to read! And I think that's why the previous post struck a nerve, but more on that below.

      • KDE Discover Gets Fwupd Integration For Handling Firmware Updates
        While GNOME Software has long offered integration with Fwupd for offering firmware upgrades on supported devices, KDE Discover has now received similar functionality.

        Being worked on this summer by Abhijeet Sharma as a Google Summer of Code (GSoC 18) project is a fwupd back-end for Discover to handle firmware updating. Firmware upgrades can now happen via Fwupd while integrating nicely with Discover and offering notifications on new upgrades being available. Details on the effort can be found via this KDE GSoC Wiki page.

      • Chakra at KDE’s Akademy 2018
        We’ll be participating and presenting Chakra in the KDE Distro BoF, where there will be “short introductions for GNU/Linux distributions and open discussion on distribution-related topics”.

      • The State of Akademy Sponsorship
        Akademy 2018 is less than a week away. Apart from meeting up again with friends and colleagues, the KDE community has another reason to be joyful: this year we have broken the record for the number of sponsors for the event. Although there have been many sponsors of Akademy over the years, never have there been so many at one time.

        Eike Hein, Treasurer of the KDE e.V. board, believes that the extra influx of sponsors is thanks to "KDE software being loved again." Eike points out that Plasma is reaching more kinds of devices every day, attracting larger communities and more hardware manufacturers -- some of which will be at Akademy this year. KDE applications are also becoming more mainstream and reaching larger audiences. Krita and Kdenlive, for example, are making inroads within the community of graphical artists, raising awareness of KDE in a whole new sector of end users. Kirigami is becoming the go-to framework for projects that need convergence on desktop and mobile devices.

        "I would also attribute the increase in support to the fact that KDE actively engages with partners" says Eike. A case in point is the Advisory Board. The Advisory Board makes organization-to-organization interaction more rewarding and helps build a stronger network of like-minded Free Software associations and companies. Through the Advisory Board, KDE can better reach and support a larger communities, which in turn reinforces KDE's position within Free Software.

    • GNOME Desktop/GTK

      • Lenovo Will Finally Offer Automatic Firmware Updates to Linux-Powered Computers
        According to Richard Hughes, who officially welcomed Lenovo to LVFS, tens of thousands of Linux users will soon receive automatic firmware updates in the coming weeks either through the GNOME Software graphical package manager or by running the fwupdmgr update command in a terminal emulator.

        In the coming months, hundreds of thousands of Linux users will also receive automatic firmware updates for their Lenovo computers as the team of developers behind the Linux Vendor Firmware Service initiative will move numerous Lenovo models from the testing channels to the stable ones.

        Read more
      • GNOME Keysign 0.9.8 released
        It’s been a while after my last post. This time, we have many exciting news to share. For one, we have a new release of GNOME Keysign which fixes a few bugs here and there as well as introduces Bluetooth support. That is, you can transfer your key with your buddy via Bluetooth and don’t need a network connection. In fact, it becomes more and more popular for WiFis to block clients talking to each other. A design goal is (or rather: was, see down below) to not require an Internet connection, simply because it opens up a can of worms with potential failures and attacks. Now you can transfer the key even if your WiFi doesn’t let you communicate with the other machine. Of course, both of you need have to have Bluetooth hardware and have it enabled.
      • Add a message context menu for Fractal
        Fractal is a Matrix client for GNOME and is written in Rust. Matrix is an open network for secure, decentralized communication.
      • Improving todo.txt & Todoist plugin
        The GSoC coding period just ended. I would first like to apologize for not updating about my work. I am working on improving Todo.txt and Todoist integration to GNOME To Do. During the coding period, a lot of improvements were added to Todo.txt and Todoist and in this blog post I write about my journey and describing the implementation details.
      • Talking at GUADEC 2018 in Almería, Spain
        I’ve more or less just returned from this year’s GUADEC in Almeria, Spain where I got to talk about assessing and improving the security of our apps. My main point was to make people use ASan, which I think Michael liked ;) Secondarily, I wanted to raise awareness for the security sensitivity of some seemingly minor bugs and how the importance of getting fixes out to the user should outweigh blame shifting games.

  • Distributions

    • New Releases

      • Netrunner Linux Gets Summer Release with Latest KDE Plasma 5.13 Desktop, More
        The developers behind the Netrunner Linux operating system announced over the weekend the availability of a new Rolling release with all the latest KDE technologies and recent software updates.

        Netrunner Rolling 2018.08 is here as the second installment for 2018, incorporating the KDE Plasma 5.13.3 desktop environment, along with the KDE Applications 18.04 and KDE Frameworks 5.48 software suites compiled against the Qt 5.11.1 application framework, as well as the Firefox Quantum 61.0 web browser, Mozilla Thunderbird 52.5 email and news client, and Krita 4.1.1 digital painting app.

        "Despite the hot summer in most of Europe, the Netrunner Team is happy to announce the immediate availability of Netrunner Rolling 2018.08 – 64bit ISO," reads today's announcement. "2018.08 comes with some new Plasma Theme that has some transparency built in to allow for experimenting with the new Blur options. It also features a new default wallpaper style, because… why not."

    • Red Hat Family

      • CRI-O now running production workloads in OpenShift Online
        After hitting 1.0 in October of last year and being shipped as generally available (GA) in OpenShift 3.9, CRI-O has reached another important milestone—it’s now being used in production for many workloads running on OpenShift Online Starter accounts using OpenShift 3.10. Using CRI-O in a real-world production environment with diverse Kubernetes workloads is an important part of the development feedback loop for improving and extending CRI-O and OpenShift.

      • Containers are Linux. Products run the enterprise. So why are we swimming in a sea of Kubernetes project-based services? Part 2
        The rush to enable and adopt Kubernetes is evident with nearly weekly announcements of new Kubernetes distributions or services. The CNCF Kubernetes Conformance Program lists, as of this writing, at least 37 conformant software distributions of Kubernetes alone, plus additional hosted services.

        That’s a lot of choice. But many of these vendors and organizations are certifying and delivering just Kubernetes, or Kubernetes plus one or two components that add some extended functionality, not an overall solution or platform in which Kubernetes plays a part. Just like the Linux Foundation is the governing body for the upstream development of Linux, which is also one piece of the much larger operating system platform, so is CNCF the governing body for Kubernetes. Conformance in the upstream development stage does not imply a viable enterprise solution.

      • The time for change is now - channeling the digital transformation opportunity
        IT suppliers of all types live in a time of great opportunity. Organizations across industries have accepted that digital transformation has to be an integral part of their business and the channel must step forward and become a leader that helps companies to modernize infrastructure, exploit hybrid cloud capabilities and develop applications faster than ever before. However joint research we conducted in collaboration with CRN UK shows that channel partners in Europe still have work to do: just 22 percent of IT suppliers feel capable of providing a complete service to cater for digital transformations.

      • After helping launch Red Hat Amphitheater and break records, GM moves to Cary venue
        Cary’s Booth Amphitheatre has a new general manager from a familiar place.

        Taylor Traversari, who has been general manager of downtown Raleigh’s Red Hat Amphitheater since it opened in 2010, will move from one municipal-owned venue to another.

      • DLT to Distribute Red Hat Products to Gov’t Agencies Via AWS GovCloud
        Red Hat‘s (NYSE: RHT) enterprise-grade products will be available to government agencies and regulated industries on Amazon Web Services‘ GovCloud marketplace via a distribution agreement with DLT Solutions, ExecutiveBiz reported Friday.

        DLT will offer Red Hat’s products and managed services as a “Certified Cloud Service Provider” through an agreement that builds on the companies’ strategic partnership that dates back to 2004, DLT said Wednesday.

      • Red Hat's expanding relationships with telcos

        It used to be that operators in the U.S. turned to Red Hat for their IT department needs, but for the past several years Red Hat has been increasingly involved on the network side of their businesses.

        With the emphasis on NFV and open source, Red Hat is becoming an increasingly significant player in the wireless space. “In the past few years, we’ve had interactions with every operator in the U.S.,” in some form or another, said Ian Hood, Red Hat's chief technologist and global service provider, in an interview with Fierce.

        Publicly, of course, the company is limited on which customers it can disclose. In the U.S., Verizon has openly participated in Red Hat’s OpenStack Summits and talked about its NFV deployments, for example.

      • 14 must-read tech newsletters

      • Building more trustful teams in four steps
        Robin Dreeke's The Code of Trust is a helpful guide to developing trustful relationships, and it's particularly useful to people working in open organizations (where trust is fundamental to any kind of work). As its title implies, Dreeke's book presents a "code" or set of principles people can follow when attempting to establish trust. I explained those in the first installment of this review. In this article, then, I'll outline what Dreeke (a former FBI agent) calls "The Four Steps to Inspiring Trust"—a set of practices for enacting the principles. In other words, the Steps make the Code work in the real world.

      • Finance

      • Fedora

    • Debian Family

      • Installing Linux app on Chromebooks gets easier with support for .deb packages

        You can already run some Linux applications on some Chromebooks thanks to Google’s Project Crostini software. But as I noted when testing Crostini on the Acer Chromebook Tab 10 last month, the feature is still very much a work in progress.

        For now it’s not available if you’re using the stable channel version of Chrome OS, it doesn’t run on all Chromebooks, and you have to jump through some hoops to enable Crostini. Once you do that, you’ll find that you generally need a little Linux know-how to find and install applications using the command-line apt tool.

      • Chrome OS Can Now Install Debian Linux Packages
        A few weeks back, I was tinkering around in the Canary channel and through some hacky loops and multiple attempts, I was able to install a Linux installer that allowed me to launch Debian(.deb) Linux packages on my Chromebox.

        Granted, the workaround was in vain as I got Steam up and running just to find that GPU support is still nowhere to be seen but hey, the installation worked so the experiment was a success.

      • GHDL Back in Debian

        As I have noted, I have been working on packaging the VHDL simulator GHDL for Debian after it has dropped out of the archive for a few years. This work has been on slow burner for a while and last week I used some time at DebConf 18 to finally push this to completion and upload it. ftpmasters were also working fast, so yesterday the package got accepted and is now available from Debian unstable.

        The package you get supports up to VHDL-93, which is entirely down to VHDL library issues. The libraries published by IEEE along with the VHDL standard are not free enough to be suitable for Debian main. Instead, the package uses the openieee libraries developed as part of GHDL, which are GPL’ed from-scratch implementations of the libraries required by the VHDL standard. Currently these only implement VHDL-89 and VHDL-93, hence the limitation.

      • Paul Wise: FLOSS Activities July 2018

      • Derivatives

  • Devices/Embedded

Free Software/Open Source

  • Aricent, CableLabs Team on NFV System
    Aricent, a global design and engineering company, today announced an Open Source collaboration with CableLabs, a non-profit innovation and R&D lab founded by members of the cable television industry, on a self-managed and optimized virtual infrastructure platform on the Kubernetes and the Docker container model.

  • CableLabs Connects With Kubernetes
    Following an earlier move centered on OpenStack, CableLabs has introduced a Kubernetes stack as the industry R&D house tries to add more open source software to the mix and MSOs size up their software defined networking and network functions virtualization strategies.

  • CableLabs, Aricent launch new open-source NFV platform

  • Spot the Bot: Researchers Open-Source Tools to Hunt Twitter Bots
    Their goal? To create a means of differentiating legitimate from automated accounts and detail the process so other researchers can replicate it.

    What makes Twitter bots tick? Two researchers from Duo Security wanted to find out, so they designed bot-chasing tools and techniques to separate automated accounts from real ones.

    Automated Twitter profiles have made headlines for spreading malware and influencing online opinion. Earlier research has dug into the process of creating Twitter datasets and finding potential bots, but none has discussed how researchers can find automated accounts on their own.

    Duo's Olabode Anise, data scientist, and Jordan Wright, principal R&D engineer, began their project to learn about how they could pinpoint characteristics of Twitter bots regardless of whether they were harmful. Hackers of all intentions can build bots and use them on Twitter.

  • Events

    • DevConf India 2018
      DevConf IN was organized at Christ University, Bangalore 05/06 August. It turned out to be totally fun-packed excited weekend for me. I really had a great time meeting people from various other open source communitites from India. I also delivered a talk on Flatpak mainly focusing on overall architecture, it’s benefits for the user and developers.

    • DevConf India-2018

  • Web Browsers

    • Mozilla

      • Mozilla Thunderbird 60 Released with New Dark & Light Themes, Many Improvements
        Mozilla released today the Mozilla Thunderbird 60 open-source email, calendar, and news client for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows.

        In development for the past several months, the Mozilla Thunderbird 60 release is a major one adding numerous new features and improvements, including new Light and Dark themes, OAuth2 authentication support for Yahoo and AOL accounts, individual update interval for RSS feeds, and support for WebExtension themes.

        Attachments handling during email compose has been greatly improved in Mozilla Thunderbird 60, which adds a new "Delete" button in the To/Cc/Bcc selector when writing emails to allow you to remove a recipient. Also, users can now re-order attachments using drag and drop, keyboard shortcuts, or a dialog.

      • Thunderbird 60 released

      • Thunderbird 60.0 Brings Light and Dark themes and adds Supports for OAuth2 for Yahoo and AOLs
        Mozilla developers have recently finalised version 60.0 of Thunderbird. This version has currently not been put up for distribution through update but can be directly downloaded from the official webpage by the users themselves.

      • Powerful Thunderbird 60 Email Client – Comes With Many Improvements

        Thunderbird is a free and open source Email client for Linux, Mac and Windows computers. It is a default email client for many Linux distribution. Thunderbird is a full featured Email client with features such as customization, calendars, Tasks, Reminders, Address Books and many more. Thunderbird is not only available for general users, also it is available for enterprises.

      • Firefox 62 Beta 14 Testday Results
        As you may already know, last Friday August 3rd – we held a new Testday event, for Firefox 62 Beta 14.

      • Firefox’s Trusted Recursive Resolver (TRR) may let Cloudflare and the US Government Spy on your Browsing Activity
        Mozilla Firefox is expected to introduce two new features in its next patch: DNS over HTTPs (DoH) and Trusted Recursive Resolver (TRR) which it has been testing in the web browser’s Nightly build. The latter is advocated by Mozilla with specific attention to security. This release attempts to override configured DNS servers with Cloudflare. This partnership has received stark criticism for security violation as this overhaul allows Cloudflare to access all DNS requests and the information that they entail.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • LLVM 7.0 RC1 Compiler Stack Available For Testing
      While the sources have been tagged in Git for several days now, the binaries are now available too with LLVM 7.0 RC1 now officially being announced.

      Hans Wennborg has announced the availability of LLVM 7.0 RC1, including sub-projects like Clang 7.0 RC1. Downloads of LLVM 7.0 RC1 are available from here.

  • Licensing/Legal

    • Flexera simplify OSS license compliance and vulnerability protection

      Flexera has released FlexNet Code 2018, according to their press release, this makes it easier for software suppliers to add a new layer of trust and transparency into their software supply chain.

      New functionality allows suppliers to analyse software assets and create an inventory Bill of Materials (BOM).

  • Openness/Sharing/Collaboration

    • UF/IFAS researchers to develop open-source library for farmers

    • Open Hardware/Modding

      • JPL releases plans for build-your-own Mars rover
        NASA's Curiosity lander touched down on the surface of Mars in August, 2012, and its rover payload rolled out shortly after to begin its meandering mission. While the intrepid explorer did its thing, NASA needed an educational project to help explain the technology and the mission to the general public. That role was filled by a scaled down version called ROV-E, and now tinkerers, students, part-time scientists and the rover curious can build their very own mini Mars rover for exploring backyard craters and vast garden mountain ranges.

  • Programming/Development

    • 6 ways programmers from underrepresented countries can get ahead
      Becoming a programmer from an underrepresented community like Cameroon is tough. Many Africans don't even know what computer programming is—and a lot who do think it's only for people from Western or Asian countries.

      I didn't own a computer until I was 18, and I didn't start programming until I was a 19-year-old high school senior, and had to write a lot of code on paper because I couldn't be carrying my big desktop to school. I have learned a lot over the past five years as I've moved up the ladder to become a successful programmer from an underrepresented community. While these lessons are from my experience in Africa, many apply to other underrepresented communities, including women.


  • DataOps: An Interview with Tamr CEO Andy Palmer
    Andy Palmer is the founder and CEO of Tamr, which offers a patented software platform for enterprise-scale data unification that combines machine learning and human expertise. He's generally credited with coining the term DataOps three years ago.

  • GraphicsFuzz Acquired By Google To Focus On Fuzzing Android GPU Drivers
    GraphicsFuzz is the company that started out via university research into fuzzing GPU drivers and finding many graphics driver bugs along the way. After forming the company GraphicsFuzz, the researchers took to fuzzing from the web browser with WebGL. That company has now been acquired by Google.

  • As Google Maps Renames Neighborhoods, Residents Fume
    For decades, the district south of downtown and alongside San Francisco Bay here was known as either Rincon Hill, South Beach or South of Market. This spring, it was suddenly rebranded on Google Maps to a name few had heard: the East Cut.

    The peculiar moniker immediately spread digitally, from hotel sites to dating apps to Uber, which all use Google’s map data. The name soon spilled over into the physical world, too. Real-estate listings beckoned prospective tenants to the East Cut. And news organizations referred to the vicinity by that term.

  • Science

    • Who's Responsible for Your Bad Tech Habits? It's Complicated

      But tech companies aren't the only ones shouldering responsibility for your digital well-being. Increasingly, governments are interceding. A new law in Georgia prohibits drivers from so much as touching their devices unless they're parked. A bill recently introduced in Congress with bipartisan, bicameral support requested $95 million to study tech's impact on kids. And in one of the most dramatic government interventions to date, France last week enacted a nationwide ban on smartphone use in schools—a measure French education minister Jean-Michel Blanquer has called “a public health message to families.”

    • Kurdish refugee wins the Fields medal – the biggest prize in maths

      Caucher Birkar, a mathematician at the University of Cambridge, UK won the award for his work on categorising different kinds of polynomial equations. He proved that the infinite variety of such equations can be split into a finite number of classifications, a major breakthrough in the field of arithmetic geometry. Born in a Kurdish village in pre-revolutionary Iran, Birkar sought and obtained political asylum in the UK while finishing his undergraduate degree in Iran.

    • Photography - Why You Should Use JPG (not RAW)
      When I started my modern journey into photography, I simply shot in JPG. I was happy with the results, and the images I was able to produce. It was only later that I was introduced to a now good friend and he said: “You should always shoot RAW! You can edit so much more if you do.”. It’s not hard to find many ‘beginner’ videos all touting the value of RAW for post editing, and how it’s the step from beginner to serious photographer (and editor).

      Today, I would like to explore why I have turned off RAW on my camera bodies for good. This is a deeply personal decision, and I hope that my experience helps you to think about your own creative choices. If you want to stay shooting RAW and editing - good on you. If this encourages you to try turning back to JPG - good on you too.

  • Hardware

  • Security

  • Defence/Aggression

  • Transparency/Investigative Reporting

    • Pamela Anderson Opens Up About ‘Romantic Kind Of Connection’ With WikiLeaks’ Julian Assange [Ed: Siege against journalism and a political refugee and this is what 'media' has to say...]
      Pamela Anderson is opening up about her relationship with WikiLeaks founder Julian Assange, who has been holed up in the Ecuadorian embassy in London since 2012, granted political asylum by Ecuador while he faces charges of sex crimes in Sweden.

      While the 51-year-old model, actress and animal-rights activist is currently dating French soccer star Adil Rami, she told TMZ’s Harvey Levin about her eyebrow-raising relationship with Assange in an interview with Levin’s Fox News series “OBJECTified”.

    • Pamela Anderson opens up about ‘romantic connection’ with Julian Assange [Ed: A reminder that the Kremlin's media from Russia (with love) is no better than gossip-centric media in the West]
    • Pamela Anderson Spills Beans on 'Romantic Connection' With Julian Assange
    • Pamela Anderson, Julian Assange 'Romance' Spices Up Wikileaks Probe

    • Are Pamela Anderson and Julian Assange Doing It or Nah?
      Former Baywatch star Pamela Anderson and WikiLeaks founder Julian Assange have been romantically linked for some time now, which is funny because Assange has been living in London’s Ecuadorian Embassy since the country granted him political asylum back in 2012. Per a report by Glenn Greenwald, Assange may leave the embassy soon, though that may lead to him being arrested “for breaching his bail conditions.”

    • Pamela Anderson says she has a 'romantic' connection with WikiLeaks founder Julian Assange and they talk about everything from the Bible to animal rights in Ecuadorian embassy
      Pamela Anderson has spoken of her 'romantic' connection with WikiLeaks founder Julian Assange.

      The Canadian-American actress, 51, said Assange is one of her favorite people in an interview with Harvey Levin that aired on Fox News on Sunday night.

      Describing him as 'imperfect', the former Baywatch star said: 'He's definitely an interesting person and there's definitely a romantic kind of connection 'cause it's a romantic struggle.

    • Clarifying asylum
      June 19th was the sixth anniversary of WikiLeaks Editor-in-Chief Julian Assange entering the Ecuadorian embassy in London. He was granted asylum in 2012 by then President of Ecuador, Rafael Correa. Mr. Correa’s successor, Lenin Moreno, has made his hostility to Mr. Assange clear, calling him a “hacker,” “stone in the shoe” and an “inherited problem,” among other things. Ecuador recently cut off Mr. Assange’s Internet access and has restricted phone calls and visitors, rendering him practically incommunicado. In contrast to the fierce anti-Americanism of Mr. Correa, Mr. Moreno is keen to normalise trade relations with the U.S. and attract foreign investment from American businesses.

    • Julian Assange is “in solitary confinement” and declining health

    • Julian Assange: What next for the Australian-born hacker, who may soon face eviction from Ecuadorian embassy
      Julian Assange's six-year stay in the Ecuadorian embassy in London is drawing to a close, with Ecuador's President Lenin Moreno signalling progress on a deal with the United Kingdom to evict the Australian-born hacker.

      Mr Assange has been living in the embassy in the Knightsbridge neighbourhood of London since 2012, when he first sought asylum there while on bail awaiting a possible extradition to Sweden to face an investigation into rape claims.

      The Swedish investigation was dropped in May of last year, but Mr Assange has remained in the embassy building, fearing a possible eventual extradition to the US on yet-to-be-laid spying charges.

      But amid reports his eviction is imminent, the ABC's daily news podcast The Signal has been investigating what will happen when Mr Assange's time in the embassy runs out.

    • Julian Assange will leave the Embassy because of health problems
      According to the Agency Bloomberg, the recent scandalous journalist and Creator of WikiLeaks Julian Assange was experiencing serious problems with health. In late July, the network appeared information that the authorities of South American state and British authorities started negotiations on further questioning Julian in the Embassy, and on July 27 the President of Ecuador made an official statement that Assange still leaves the UK. It is worth noting that now on the agenda is the issue of security of Assange.

    • Ecuador’s president issues new threat to Julian Assange

      In a tweet and television interview, Ecuadorian President Lenín Moreno has declared he will “take measures” against WikiLeaks editor Julian Assange unless he stops “intervening” in the politics and affairs of countries.

      Moreno’s tweet yesterday stated: “To Mr. Assange we have put a condition: That he stop intervening in politics and self-determination of the country. Otherwise, measures will be taken.”

      These “measures” can only mean forcing Assange out of Ecuador’s London embassy, to be immediately arrested by the British police and imprisoned, pending extradition proceedings by the Trump administration.

    • VIPS Pleas for Humanitarian Asylum for Julian Assange

      For six years, WikiLeaks editor Julian Assange has been effectively imprisoned without charges at Ecuador’s London embassy. In that time, two international courts and dozens of respected legal and human rights organizations have decried actions of the UK, US and Swedish governments that confine the journalist in what now amounts to torturous isolation, deprived of space, sunlight, visitors, communication with the outside and necessary medical care.

    • Ecuador bans Assange from talking about Catalonia
      The country had, in March, cut off his internet access because his "behaviour, with his messages on social media, is putting at risk [Ecuador's] good relations with the United Kingdom, with the other members of the European Union and other nations". In the days before the ban, he had tweeted about the poisoning of a former Russian spy in the UK and had criticised the arrest of Carles Puigdemont in Germany.

      Wikileaks quickly came out in support of its founder, saying that "reporting is not a crime". It criticises them for saying measures will be taken for what they say is him doing his job.

  • Environment/Energy/Wildlife/Nature

    • Neoliberalism drives climate breakdown, not human nature
      Many zoos have an exhibit like this: a wall with a hatch, and under the hatch words like “Do you want to see the most dangerous animal in the world?”. Of course everyone does, and before they open the hatch they speculate as to what the animal behind the hatch will be. A lion? A crocodile? However, when you open the hatch there is a mirror, and you see yourself staring back. You are the most dangerous animal in the world.

      Of course this is nonsense. Not everyone who opens that hatch and sees themselves looking back is equally dangerous. We are not all equally responsible for destruction of the world’s ecosystems. Some humans who open the hatch probably are responsible for a great deal of destruction. Other are not. Many people bear the brunt of someone else's destruction.

  • Finance

    • Writing Business Cashflow

      Most craft businesses fail. It’s not surprising. Being an expert knitter doesn’t mean you should open a yarn shop. Lots of those hobbyist stores go broke in the first year because the excited, enthusiastic storekeeper doesn’t know how to pay himself and the landlord. In business, cashflow is king.


      This is roughly how I do it, in both my long-gone consulting career and as a professional writer. I did not invent this method; rather, I accumulated it over decades of largely involuntary exposure to business. It covers how I decided I could afford to become a full-time writer, because that decision is an utterly critical part of cash flow management. There are other methods; I am not offering you the One Word of Truth here.

    • The Deficit That Will Eat the Budget and Other Ever-Popular Scare Stories
      A Wall Street Journal column by Greg Ip (3/28/18) gave us another rendition of this old scare story. The argument is that the interest paid on US government debt will soon impose an enormous burden on the federal government, choking off spending on important government programs.

      The key part of this story is that interest rates will jump at some point in the not-too-distant future. While this is in fact what the Congressional Budget Office predicts, it is also what it has been predicting ever since the Great Recession, and it has consistently been shown wrong.

  • AstroTurf/Lobbying/Politics

    • Can Science Save Politics?

      That could help him in a general election in a Republican-leaning district. Gupta told me he thinks it could help him even in the primary, though that’s less clear. Democrats don’t have as strong of an attraction towards inexperienced candidates — take Greimel’s lead in the primary as an example. But to Gupta, the real fight in American politics isn’t between Democrats and Republicans, it’s between average voters and the powerful special interests that professional politicians represent. In his vision, science and evidence are a thing the warring parties can agree on, and then use to fight the real enemy.

    • Court Says Comey And Other DOJ Officials Must Answer BuzzFeed's Questions About The Steele Dossier
      Since publishing the urine-soaked "Steele Dossier," BuzzFeed has been targeted with multiple defamation lawsuits. Trump's former lawyer, Michael Cohen, ultimately dropped his lawsuit against the website after his own legal problems pretty much demanded he focus his legal attention elsewhere. Oh, and it was a lawsuit he was likely to lose, what with a lot of the alleged defamation being factual statements and any remaining defamation having been penned by the author of the dossier, not BuzzFeed itself.

      Another doomed lawsuit is still active -- this one brought by Aleksej Gubarev and a couple of his companies (XBT Holdings and Webzilla, Inc.). Gubarev claims the next-to-last paragraph of the Steele Dossier defames him and his by linking Gubarv to Russian hacking attempts targeting the Democratic National Committee.

      This lawsuit is likely doomed to fail as well, what with the alleged defamation having been penned by Steele, not BuzzFeed. But while it rolls towards this seemingly inevitable conclusion, the process continues with the subpoenaing of witnesses for both sides. BuzzFeed wants to depose people with knowledge of the events depicted in the dossier -- high-powered people like former FBI Director James Comey and other DOJ/FBI officials.
    • The Russians are coming
      This updates my last blog post where I said that we’re getting a flood of spambots. Summary: if you’re an admin affected by this, you must act now. I’ll cut to the chase.
    • Illinois House Candidate Will Walk for Votes — And Has To

      Amanda Biela was campaigning door to door in north suburban Glenview one afternoon last week when she stopped to talk with a senior watering his front lawn.

      “I’m running for 15th District state rep,” Biela told him, “and I’m basically running against the Madigan machine.”

      Biela explained that she’s challenging incumbent Rep. John D’Amico, which means she’s also taking on his ally Michael Madigan, the long-serving state House Speaker and Democratic Party leader. Biela, a former Chicago Public Schools teacher and mother of three, added that her top priority is lowering property taxes.

      She didn’t mention that she’s a Republican. Why bring it up right away in a Democrat-dominated district?

    • Mnangagwa, Chamisa, rule out GNU…ED to appoint MDC ministers
      Emmerson Mnangagwa has ruled out the possibility of an inclusive Government when he appoints his new Cabinet after inauguration expected in the next few days.

      Mnangagwa is of the view that though a coalition government was not bad, it is not necessary at the moment.

    • Mnangagwa rules out GNU
      Emmerson Mnangagwa has ruled out the possibility of an inclusive Government when he appoints his new Cabinet after inauguration expected in the next few days.

  • Censorship/Free Speech

  • Privacy/Surveillance

    • Bill Says US Tech Companies Must Let The Feds Know When Foreign Companies Poke Around In Their Source Code
      American tech companies don't want to give up their cut of a $20 billion Russian software/hardware market, so they've been allowing purchasers to examine devices and vet source code before shelling out for new products. This isn't exactly ideal for American companies, but Russia is as concerned as anyone else products might be shipping with adversaries' backdoors pre-installed. American companies don't necessarily like having entities linked to Russia's government vetting source code, but the market is too big to be ignored.

      Russia has every right to suspect government backdoors may be unlisted features. Checking products and source code before purchase just makes sense, what with leaked documents showing the NSA intercepts foreign-bound hardware to install backdoors and other leaks exposing a fair bit of the agency's exploit collection. But now that Russia appears to have engaged in cyberwarfare efforts during the 2016 election, legislators are demanding US companies let the US government know who's been poking around in their products.

    • NSA questioned over unauthorized call-record collection by Sens. Wyden, Paul
    • The NSA routinely fails to protect privacy, but no one is fixing it
      Last week, very quietly, the National Security Agency's Office of the Inspector General released a report on the agency that should concern us all. In it, the IG finds that the NSA routinely fails to keep data safe. Just prior to the report’s publication, the world learned that Russian hackers infiltrated hundreds of power grids. “They got to the point they could have thrown switches,” a Homeland Security official told the Wall Street Journal.

    • Battle lines drawn over US mass surveillance as senators probe NSA's bonfire of phone records
      A fight has begun over another of the US government's mass surveillance systems – with two Senators raising questions about an unusual data deletion by the National Security Agency (NSA).

      Senators Ron Wyden (D-OR) and Rand Paul (R-KY) have sent a letter [PDF] to the NSA's inspector general asking him to look into the agency's torching of metadata for hundreds of millions of phone calls.

      "We write to request that you conduct an investigation into the circumstances surrounding, and any systemic problems that may have led to, the deletion by the National Security Agency (NSA) of certain call detail records (CDRs) collected from telecommunications service providers pursuant to Title V of the Foreign Intelligence Surveillance Act (FISA)," the letter begins.

    • NSA questioned over unauthorized call-record collection by Sens. Ron Wyden, Rand Paul
      Senators from both sides of the aisle sought answers from the ’s internal watchdog Thursday involving the “technical irregularities” that resulted in the recently deleting several years’ worth of call records collected outside the scope of its authority.

      Sen. Ron Wyden, Oregon Democrat, and Sen. Rand Paul, Kentucky Republican, wrote the ’s inspector general in response to the stating recently that it was erasing call records that it had obtained from telecommunications providers but “was not authorized to receive.”

    • SpiderOak warrant canary to be replaced by 'transparency report'
    • GDPR is eroding our privacy, not protecting it
      It’s been more than a couple of months since GDPR (the EU General Data Protection Regulation) came into force. The promise of giving the citizens back control of their personal data was brash and resonated with many of us, but apart from emboldening few data protection activists, the GDPR has not meaningfully changed the privacy...

    • BBC Wants Microsoft to Expose ‘Doctor Who’ Leaker

      New court documents suggest that the BBC has yet to find the source of the leaked 'Doctor Who' footage that previously appeared online. The British company is hoping that Microsoft can help. At a federal court in Washington, the BBC requested a DMCA subpoena targeted at a OneDrive user who shared the infringing material online late June.

    • How to Stay Safe on Public Wi-Fi

      Connecting to a public Wi-Fi network can put you at risk. Here's how to minimize the damage.
    • The Terrible Things That Can Happen When VPNs Go Rogue
      Not every VPN is created equal. In fact, most of them aren’t worth their salt. Truth be told, it’s increasingly important to conduct in-depth tech reviews of VPN (virtual private network) services before you simply subscribe to one. Credible VPN providers are out there, but you’ve got to know what to look for. A VPN client encrypts your traffic through a VPN gateway. Simply put, it’s as if your online activity is masked by an invisible shroud.

    • BBC Migrates Everything To HTTPS, Immediately Finds Itself Blocked By The Chinese Government
      Move to HTTPS; lose the Chinese. That's the revised internet maxim. China's Great Firewall has gradually reduced the number of foreign sites accessible by Chinese citizens... "gradually" only in the sense that it's been a continuous rollout steadily decreasing web access. The government blocked an entire content delivery network at one point, so even this gradual rollout has seen its share of spikes.


      The BBC recommends a VPN to bypass Chinese web filtering, but that suggestion only goes so far in country where VPN use has been banned for the most part. Businesses still rely on VPNs for securing their communications and content, so the capitalist heart of the authoritarian government has granted exceptions. But the exceptions are limited to VPNs registered with the government, which presumably contain government backdoors.

    • Facebook asking major US banks for financial data: report

    • Facebook seeks access to bank data of Americans: report

      Undeterred by its recent travails, social media giant Facebook has started asking large American banks to share detailed information about their customers in order that it can offer new services to its two billion-plus users.

      The Wall Street Journal reported that among the information sought were credit and debit car[d] transactions and account balances for those who held cheque accounts.

    • Facebook: We’re not asking for financial data, we’re just partnering with banks

      Diana further explained that account linking is already live with PayPal, Citi in Singapore, and American Express in the United States.

    • Facebook Now Wants Your Banking Information As Well
      A report published today on The Wall Street Journal says that Facebook wants customers’ bank details on their platform to bolster user engagement. As per the report, Facebook wants to come to a mutual arrangement with banks to share data to improve the quality of services offered to the users.
    • Facebook to Banks: Give Us Your Data, We’ll Give You Our Users
      Facebook Inc. wants your financial data.

      The social-media giant has asked large U.S. banks to share detailed financial information about their customers, including card transactions and checking-account balances, as part of an effort to offer new services to users.

    • Facebook Pushes Online Ads, Then Spends Its Cash on Billboards

      As tech companies like Facebook Inc. and Google vacuum up billions of dollars in online advertising, they’re pouring their own marketing dollars into billboards and other forms of outdoor signage. That’s driving growth in one of the oldest forms of marketing and is one reason why the category is the only traditional channel expected to grow this year.

  • Civil Rights/Policing

    • Head of German secret service advised far-right Alternative for Germany

      Whoever criticizes the far-right or rejects the brutal and inhumane refugee policy of the grand coalition in the Bundestag (parliament), is, according to the definition of the secret service, a “left-wing extremist” and a threat to the Constitution. Still more reprehensible, according to the report, is the collection of “information on alleged or actual right-wing extremists and their institutions.”

    • Surprisingly Rational TSA Plan To Drop Screening At Small Airports Has Almost Zero Chance Of Getting Off The Ground

      Of course, a lot of the risk assumption is based on another assumption: that the TSA actually prevents terrorist attacks. There's a lot of evidence indicating it doesn't. Screeners miss explosives and other dangerous objects at an alarming rate. And for all the bragging the TSA does about taking harmless objects away from passengers, attempted terrorist attacks have always been thwarted in the air by passengers, rather than by TSA agents on the ground or air marshals on the targeted planes.

    • Federal Judge Declares ‘Policing for Profit’ Unconstitutional
      Police in New Mexico were ignoring the state’s law against civil asset forfeiture until a federal ruling last week.

      Anybody who has watched at least one episode of Law & Order knows that in America, anyone accused of a crime is considered “innocent until proven guilty.” That’s the way it should be, at least. When a person is accused of a crime, the burden of proof belongs to the accuser.

      But what most people don’t realize is that police routinely use a constitutionally dubious form of legal jiu-jitsu called “civil asset forfeiture” to flip this basic principle of fairness on its head. With civil asset forfeiture, police literally accuse your stuff of a crime, and you as the owner have to prove that your stuff is innocent.

      Here’s an example: In 2010 Stephen Skinner and his son Jonathan, both African-American, were on a road trip to Las Vegas, Nevada, for a vacation when they were pulled over by New Mexico State Police for going 5 mph over the speed limit. The trooper searched their rental car and found several thousand dollars in cash and coins in their luggage that the two men had set aside for gaming at the casinos. The trooper called Skinner, then in his late 50s, “boy” and released him with a warning that “it’s not over.”

      And sure enough, it wasn’t.

    • A Jury May Have Sentenced a Man to Death Because He Is Gay. It’s Time for a Federal Court to Hear His Bias Claim
      Jurors in a South Dakota death penalty case thought a gay man might enjoy being sentenced to life in prison with other men, so they voted for death.

      Last week, civil rights groups, including the ACLU and Lambda Legal, urged the Eighth Circuit Court of Appeals to accept the case of Charles Rhines, a gay man in South Dakota whose sexual orientation may have played a role in his death sentence in 1993.

      In a related appeal, the Eighth Circuit denied relief on many of Mr. Rhines’s claims the day after the friend-of-the-court filing. But the federal appeals court didn’t address whether Mr. Rhines will be allowed to present evidence of anti-gay bias, as the groups had asked in their friend-of-the-court brief. The Eighth Circuit can still take the case, and it should. Here’s why.

    • Saudi Arabia suspends Toronto flights

      It comes after Canada called for the release of women's rights activists, including Samar Badawi.

    • Using the Power of the Crowd to Document Hate
      Today we’re debuting a documentary with Frontline that chronicles some of our reporting on hate groups over the past year.

      Reporters A.C. Thompson and Ali Winston have been investigating the rise of white supremacist groups in the U.S. after the violent August 2017 Unite the Right rally in Charlottesville. Their work is part of a project at ProPublica called Documenting Hate.

      The project, which started shortly after Election Day in 2016, has an ambitious goal: collect as much data as we can to make up for the wholly inadequate records collected by the government.

    • For Charlottesville Authorities, a Painful Post-Mortem on Preparedness
      On Aug. 2, 2017, Charlottesville Mayor Michael Signer convened a closed meeting of the City Council. The Unite the Right rally was days off, and Signer was concerned about how to manage the potential for trouble. The Virginia State Police were there. So, too, was the chief of the Charlottesville Police Department.

      Signer and the council members asked the law enforcement officers present directly: Was there a “specific, credible threat” of violence?

      There was none, the elected officials said they were told.

      Mayhem, of course, ensued some 10 days later, as marches by white supremacists turned bloody and left a 32-year-old woman dead. The violence set off a national political firestorm, and also a great deal of soul-searching by the city of Charlottesville.

      Months later, a 200-page independent review of law enforcement’s handling of the rally excoriated the local and state police for failing to intervene earlier and more effectively to limit the bloodshed.

    • Is the Proposed Sentence for NSA Whistleblower Reality Winner Too Harsh?
      On June 26th, National Security Agency (NSA) whistleblower Reality Winner pleaded guilty in federal court, agreeing to 63 months in prison in plea agreement for a single charge of espionage. Winner’s case has made national headlines throughout the past year after she was arrested in June 2017 for leaking NSA documents regarding a Russian hack in the 2016 election to a news outlet. Ms. Winner was arrested under the Espionage Act, a federal law that was created for spies, not whistleblowers.

      Ms. Winner, 26, was the first person to be accused of leaking classified information by the Trump administration. Ms. Winner, who is also a decorated Air Force veteran, has served over a year in jail in Lincoln County, Georgia, under harsh conditions.

  • Internet Policy/Net Neutrality

    • Trump Admin Hopes Kavanaugh Supreme Court Delivers The Killing Blow To Net Neutrality
      So you'll recall that before Comcast, AT&T, Verizon and friends convinced the Trump FCC to ignore the public and kill net neutrality, they had attempted to dismantle the rules legally. That effort didn't go very well, with the U.S. Court of Appeals for the D.C. Circuit upholding the FCC's Open Internet Order in June of 2016, and ISPs losing a subsequent en banc appeal. More specifically, the courts found that the former Wheeler-run FCC was well within its legal right to reclassify ISPs as common carriers under the Telecom Act.

      The 2016 FCC victory made sense, especially if you recall that the agency lost its 2014 legal fight with Verizon in part because it tried to implement net neutrality without first putting itself on legal footing by classifying ISPs as common carriers under Title II. You might also recall that Wheeler at the time initially wasn't sure about the Title II route, but changed his mind based on available facts and evidence, back when people, you know, actually still did that.

      But that was then and this is now. Lawyers for the FCC and Department of Justice filed a brief (pdf) with the Supreme Court last Friday, urging it to vacate the 2016 court ruling that upheld the Wheeler-era net neutrality rules.

    • Decentralising the web: Maintaining the momentum

      The Decentralized Web Summit played host to a gathering of web luminaries such as Sir Tim Berners-Lee, Brewster Kahle and Vint Cerf. On top of that, activists and authors and screenwriters such as Jennifer Stisa Granick, Emili Jacobi, Mike Judge and Corey Doctorow put in an appearance, as did cryptocurrency pioneers like Zooko Wilcox, blockchain developers, and academics.

    • Facebook Killed the Feed

      There’s a movement to reclaim blogging as a vibrant, vital space in academia. Dan Cohen, Kathleen Fitzpatrick, and Alan Jacobs have written about their renewed efforts to have smart exchanges of ideas take place on blogs of their own. Rather than taking place on, say Twitter, where well-intentioned discussions are easily derailed by trolls, bots, or careless €¯\_(ツ)_/€¯. Or on Facebook, where Good Conversations Go to Dieâ„¢.

  • Intellectual Monopolies

    • Analysis: CJEU SPC basic patent ruling “doesn’t give any more clarity”
      The CJEU attempted to clarify the meaning of “protected by a basic patent” in Teva v Gilead, but practitioners and in-house counsel say it raises more questions than it has answered including a new test that is not clear

    • Why Chinese biotech inventions have yet to make an impact globally, despite patenting surge
      A new academic article about patenting in the BRICS countries makes fascinating reading for life sciences IP professionals interested in gauging the development and current state of China’s biotechnology patent landscape. On the one hand, it highlights the drastic increases achieved in the number of biotech patent applications made by China-based innovators over recent years – a surge that far exceeds that in other emerging economies. But, on the other hand, the study casts doubt on the commercial value of the resultant grants. Life sciences patent professionals have strong reason to be interested in the development of China’s IP landscape

    • Pinduoduo and its IPO in the U.S. -- The dark force rises?
      Even this Chinese Kat who is currently located in The Netherlands did not find Pinduoduo (or PDD) and its advertisements unfamiliar -- simply no escape is possible from its brain-washing marketing campaigns launched everywhere in the Chinese media.

      On July 19, days ahead of its IPO on the Nasdaq, PDD was sued by a Chinese diaper manufacturer, Beijing Daddy's Choice Science and Technology Co., Ltd. (hereinafter referred to as Daddy’s Choice or the plaintiff), for trade mark infringements before the New York Federal Court. See the document here.

      In a nutshell, based on the two trade mark registrations in the U.S. (No. 5463121 and No. 5238282), the plaintiff accused PDD of knowingly allowing the sale of counterfeited and unauthorized products bearing the Daddy’s Choice name.

      The infringement lawsuit itself, in this Kat’s viewpoint, is quite straightforward. What seems more intriguing is the nation-wide discussions triggered by PDD and its IPO in China, on which from this Kat’s observation are mostly one-sided criticism.

    • Ericsson and LG Electronics Sign Global Patent License Agreement
      Ericsson (NASDAQ: ERIC) and LG Electronics have renewed a global patent license agreement on FRAND terms and conditions between the two companies. Ericsson and LG Electronics are two of the leading contributors to the GSM (2G), UMTS (3G), and LTE (4G) cellular communication standards and both companies are making significant investments in the development of the NR (5G) standard. The agreement includes a cross license that covers patents relating to both companies’ 2G, 3G, and 4G standard-essential patents. The terms of the agreement are confidential.

    • Beware of “added matter” in Spain
      On 13 April 2018, the Barcelona Court of Appeal (Section 15) wrote a decision highly illustrative of the challenges that an “added matter” objection may raise in Spain, particularly in the context of preliminary injunction proceedings. The decision confirmed a ruling of 18 July 2017 from Barcelona Commercial Court number 4, which had lifted a preliminary injunction ordered against a manufacturer of generic medicaments, for considering that the patent was unlikely to overcome an “added matter” objection in the main proceedings.

      The first question addressed by the Barcelona Court of Appeal (Section 15) was to what extent “nullity” may be raised as a defence in preliminary injunction proceedings, where life is very short. The Court reiterated, citing the case law stemming from its decisions of 4 January 2006 (amlodipine), that in the context of preliminary injunction proceedings the validity of a patent cannot be examined in depth. The patent will be deemed to be valid unless the defendant alleges “very clear and evident indicia” supporting nullity. After clarifying that the burden of proving these “very clear and evident indicia” lies with the defendant, the Court examined whether or not the arguments alleged to found the “added matter” objection in the case at hand were sufficiently robust as to lift the preliminary injunction, as the Court of First Instance had done.

    • The need to protect ideas

      Intellectual properties must be guarded if the country wants to push towards an innovation economy.

      Getting a patent is like buying insurance – it’s not something people think they need until it’s too late.

      Australian patent attorney Leon Allen enjoys drawing parallels between the two.

      Running with the metaphor, he says it’s like an insurance policy – there are good and bad ones. In the case of patents, the quality of the initial application defines how likely it will hold up to challenges in the future.

    • Copyrights

      • MPAA: To Save Free Speech, We Must Broadly Censor Free Speech
        Earlier this year, we wrote about a thought-provoking article by Zeynep Tufecki discussing how some people were deliberately trying to use the open "marketplace of ideas" to effectively attempt to poison the marketplace of ideas. Also mentioned in that article was an excellent Yale Journal Article called Real Talk About Fake News by Nabiha Syed, which raised similar issues, and wondered if we needed a new framework for thinking about free speech online. We later had Syed on our podcast to discuss this further. Both Tufecki and Syed were raising important, thought-provoking issues that were not at all like the usual attacks on free speech -- because neither was an attack on free speech. Instead, they were attempting to protect free speech by pointing out that the way we often frame these discussions may not be the most effective way of thinking about these issues -- and that might actually lead to the silencing of voices.

        This has certainly spurred many more thoughtful discussions on these topics. But... it won't surprise you that some are now looking to exploit this open discussion in their own way. The MPAA recently filed some comments with the NTIA, and what's striking about them, is how they appear to be co-opting the language of Tufecki to attack free speech online, and push for legal changes that would lead to massive censorship. But, in doing so, they claim these changes are necessary to "protect" free speech. The MPAA's VP Neil Fried also put out a somewhat snarky blog post about the filing, in which the MPAA insists that CDA 230 and DMCA 512 must be changed because "the status quo does not seem to be working."
      • Evidence Mounts: UK Study Shows Better Legal Alternatives Pushing Pirates To Become Customers
        The theory that piracy enforcement is a far inferior method for combating copyright infringement when compared with better and innovative business models and offerings is certainly old hat for us here. And, while there have certainly been studies going back years showing that to be the case, it seems notable that the past few months have seen a wave of these studies all coming on top of each other. We had MUSO, of all organizations, essentially concluding a survey it did in the UK showing how much content "pirates" actually buy legitimately by saying, "Hey, content industries, get your shit together!" That was followed quite recently by a study performed by Dutch researchers that did an amazing and large-sampled survey that concluded quite clearly that user-friendly legal alternatives depressed piracy rates at a far greater clip than enforcement measures.

        And, now, because good things always come in threes, yet another study in the UK has shown that once-pirates of music are morphing into very real customers due to convenient and user-friendly streaming services.

      • Major Labels Sue More YouTube Ripper Sites

        Major labels including Universal, Warner Bros, Sony, and others have teamed up to sue two more YouTube-ripping sites. and are reportedly operated out of Russia, but according to information provided to the US Trade Representative by rightsholders earlier this year, the sites provide MP3 downloads to users from servers hosted in Germany.

Recent Techrights' Posts

Girlfriends, Sex, Prostitution & Debian at DebConf22, Prizren, Kosovo
Reprinted with permission from
Martina Ferrari & Debian, DebConf room list: who sleeps with who?
Reprinted with permission from Daniel Pocock
Europe Won't be Safe From Russia Until the Last Windows PC is Turned Off (or Switched to BSDs and GNU/Linux)
Lives are at stake
[Video] IBM's Poor Results Reinforce the Idea of Mass Layoffs on the Way (Just Like at Microsoft)
it seems likely Red Hat layoffs are in the making
Ulrike Uhlig & Debian, the $200,000 woman who quit
Reprinted with permission from
IRC Proceedings: Wednesday, April 24, 2024
IRC logs for Wednesday, April 24, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Links 24/04/2024: Layoffs and Shutdowns at Microsoft, Apple Sales in China Have Collapsed
Links for the day
Sexism processing travel reimbursement
Reprinted with permission from
Microsoft is Shutting Down Offices and Studios (Microsoft Layoffs Every Month This Year, Media Barely Mentions These)
Microsoft shutting down more offices (there have been layoffs every month this year)
Balkan women & Debian sexism, WeBoob leaks
Reprinted with permission from
Links 24/04/2024: Advances in TikTok Ban, Microsoft Lacks Security Incentives (It Profits From Breaches)
Links for the day
Gemini Links 24/04/2024: People Returning to Gemlogs, Stateless Workstations
Links for the day
Meike Reichle & Debian Dating
Reprinted with permission from
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 23, 2024
IRC logs for Tuesday, April 23, 2024
[Meme] EPO: Breaking the Law as a Business Model
Total disregard for the EPO to sell more monopolies in Europe (to companies that are seldom European and in need of monopoly)
The EPO's Central Staff Committee (CSC) on New Ways of Working (NWoW) and “Bringing Teams Together” (BTT)
The latest publication from the Central Staff Committee (CSC)
Volunteers wanted: Unknown Suspects team
Reprinted with permission from Daniel Pocock
Debian trademark: where does the value come from?
Reprinted with permission from Daniel Pocock
Detecting suspicious transactions in the Wikimedia grants process
Reprinted with permission from Daniel Pocock
Links 23/04/2024: US Doubles Down on Patent Obviousness, North Korea Practices Nuclear Conflict
Links for the day
Stardust Nightclub Tragedy, Unlawful killing, Censorship & Debian Scapegoating
Reprinted with permission from Daniel Pocock
Gunnar Wolf & Debian Modern Slavery punishments
Reprinted with permission from Daniel Pocock
On DebConf and Debian 'Bedroom Nepotism' (Connected to Canonical, Red Hat, and Google)
Why the public must know suppressed facts (which women themselves are voicing concerns about; some men muzzle them to save face)
Several Years After Vista 11 Came Out Few People in Africa Use It, Its Relative Share Declines (People Delete It and Move to BSD/GNU/Linux?)
These trends are worth discussing
Canonical, Ubuntu & Debian DebConf19 Diversity Girls email
Reprinted with permission from
Links 23/04/2024: Escalations Around Poland, Microsoft Shares Dumped
Links for the day
Gemini Links 23/04/2024: Offline PSP Media Player and OpenBSD on ThinkPad
Links for the day
Amaya Rodrigo Sastre, Holger Levsen & Debian DebConf6 fight
Reprinted with permission from
DebConf8: who slept with who? Rooming list leaked
Reprinted with permission from
Bruce Perens & Debian: swiping the Open Source trademark
Reprinted with permission from
Ean Schuessler & Debian SPI OSI trademark disputes
Reprinted with permission from
Windows in Sudan: From 99.15% to 2.12%
With conflict in Sudan, plus the occasional escalation/s, buying a laptop with Vista 11 isn't a high priority
Anatomy of a Cancel Mob Campaign
how they go about
[Meme] The 'Cancel Culture' and Its 'Hit List'
organisers are being contacted by the 'cancel mob'
Richard Stallman's Next Public Talk is on Friday, 17:30 in Córdoba (Spain), FSF Cannot Mention It
Any attempt to marginalise founders isn't unprecedented as a strategy
IRC Proceedings: Monday, April 22, 2024
IRC logs for Monday, April 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Don't trust me. Trust the voters.
Reprinted with permission from Daniel Pocock
Chris Lamb & Debian demanded Ubuntu censor my blog
Reprinted with permission from
Ean Schuessler, Branden Robinson & Debian SPI accounting crisis
Reprinted with permission from
William Lee Irwin III, Michael Schultheiss & Debian, Oracle, Russian kernel scandal
Reprinted with permission from