Bonum Certa Men Certa

Links 15/11/2018: Zentyal 6.0, Deepin 15.8, Thunderbird Project Hiring





GNOME bluefish

Contents





GNU/Linux



  • Desktop



  • Server



    • Getting Clarity on the Private vs. Public Cloud Decision
      News flash: Private cloud economics can offer more cost efficiency than public cloud pricing structures.

      Private (or on-premises) cloud solutions can be more cost-effective than public cloud options, according to "Busting the Myths of Private Cloud Economics," a report 451 Research and Canonical released Wednesday. That conclusion counters the notion that public cloud platforms traditionally are more cost-efficient than private infrastructures.

      Half of the enterprise IT decision-makers who participated in the study identified cost as the No. 1 pain point associated with the public cloud. Forty percent mentioned cost-savings as a key driver of cloud migration.

      "We understand that people are looking for more cost-effective infrastructure. This was not necessarily news to us," said Mark Baker, program director at Canonical.



    • ​OpenStack: Beyond the cloud
      Kata "Containers" is something of a misnomer. Rather than true containers, such as LXC, Kara Containers are lightweight VMs designed to feel and perform like containers. Why bother? Eric Ernst, an Kata Containers Architecture Committee member, explained, they "provide the workload isolation and security advantages of VMs."


    • 6 Best Practices for High-Performance Serverless Engineering
      When you write your first few lambdas, performance is the last thing on your mind. Permissions, security, identity and access management (IAM) roles and triggers all conspire to make the first couple of lambdas, even after a “hello world” trial just to get your first serverless deployments up and working. But once your users begin to rely on services your lambdas provide, it’s time to focus on high-performance serverless.



    • The IBM-Red Hat Deal Cuts Both Ways for Canonical
      Mark Shuttleworth, CEO of Canonical, made some negative comments about his competitors’ licensing fees during his speech at the OpenStack Summit in Vancouver in May. People in the audience were looking at each other with raised eyebrows, and a few people even laughed out loud at the audacity. Still, Shuttleworth was invited to keynote the OpenStack Summit in Berlin this week. But this time, he says he was asked “not to name names.”

      Shuttleworth said for his keynote this week he planned to continue the discussion about the long-term operability of OpenStack and the economics of operating it. “We’re very conscious that organizations will only do private cloud if it makes common sense,” he said. “And they can also work in public cloud. We’re very focused on deploying the cloud cost effectively.”



    • Scalyr Rolls Out New Troubleshooting Features to Advance Engineering Productivity and Collaboration Across Modern Architectures


    • Red Hat expands PHL operations, opens new office in Makati


    • 7 open source platforms to get started with serverless computing
      The term serverless has been coming up in more conversations recently. Let’s clarify the concept, and those related to it, such as serverless computing and serverless platform.

      Serverless is often used interchangeably with the term FaaS (Functions-as-a-Service). But serverless doesn’t mean that there is no server. In fact, there are many servers—serverful—because a public cloud provider provides the servers that deploy, run, and manage your application.

      Serverless computing is an emerging category that represents a shift in the way developers build and deliver software systems. Abstracting application infrastructure away from the code can greatly simplify the development process while introducing new cost and efficiency benefits. I believe serverless computing and FaaS will play an important role in helping to define the next era of enterprise IT, along with cloud-native services and the hybrid cloud.



    • DLT Named Red Hat Public Sector Partner for 2019; Brian Strosser Quoted
      Red Hat has selected DLT Solutions as its Public Sector Partner of the Year in recognition of the Herndon, Va.-based tech firm’s contributions to the former’s business efforts.

      DLT said Tuesday it provides government agencies with resale access to open-source technologies such as Red Hat’s cloud, middleware and Linux software offerings.

      The company has provided services in support of Red Hat’s products through contracts under the General Services Administration‘s GSA Schedule, NASA‘s SEWP V, the Defense Department‘s Enterprise Software Initiative and the National Institutes of Health‘s Chief Information Officer – Commodities and Solutions vehicles.






  • Kernel Space



    • AMD Is Hiring Another Mesa/RadeonSI Driver Developer
      AMD is hiring another open-source Linux graphics driver developer with a focus on the Mesa/RadeonSI driver stack.

      There is a new job posting for a Senior Software Development Engineer with a focus on open-source graphics. This job role will be working on their open-source graphics driver, work on driver bring-up, debug issues, improve driver performance, coordinate with Linux distributions, and engage with the open-source graphics development community. I've been able to confirm with AMD that this is focused on their Mesa/RadeonSI driver as opposed to say just their AMDGPU kernel driver.


    • AMD Stages Latest Radeon/AMDGPU Changes For Linux 4.21 Kernel
      AMD has posted their initial set of AMDGPU driver changes slated to go into the future Linux 4.21 kernel by way of DRM-Next.

      This is the first of likely two or three feature pull requests to DRM-Next for staging until the Linux 4.21 kernel cycle kicks off in the final days of 2018 or early 2019.


    • Zinc: a new kernel cryptography API
      We looked at the WireGuard virtual private network (VPN) back in August and noted that it is built on top of a new cryptographic API being developed for the kernel, which is called Zinc. There has been some controversy about Zinc and why a brand new API was needed when the kernel already has an extensive crypto API. A recent talk by lead WireGuard developer Jason Donenfeld at Kernel Recipes 2018 would appear to be a serious attempt to reach out, engage with that question, and explain the what, how, and why of Zinc.

      WireGuard itself is small and, according to Linus Torvalds, a work of art. Two of its stated objectives are maximal simplicity and high auditability. Donenfeld initially did try to implement WireGuard using the existing kernel cryptography API, but after trying to do so, he found it impossible to do in any sane way. That led him to question whether it was even possible to meet those objectives using the existing API.

      By way of a case study, he considered big_key.c. This is kernel code that is designed to take a key, store it encrypted on disk, and then return the key to someone asking for it if they are allowed to have access to it. Donenfeld had taken a look at it, and found that the crypto was totally broken. For a start, it used ciphers in Electronic Codebook (ECB) mode, which is known to leave gross structure in ciphertext — the encrypted image of Tux on the left may still contain data perceptible to your eye — and so is not recommended for any serious cryptographic use. Furthermore, according to Donenfeld, it was missing authentication tags (allowing ciphertext to be undetectably modified), it didn't zero keys out of memory after use, and it didn't use its sources of randomness correctly; there were many CVEs associated with it. So he set out to rewrite it using the crypto API, hoping to better learn the API with a view to using it for WireGuard.

      The first step with the existing API is to allocate an instance of a cipher "object". The syntax for so doing is arguably confusing — for example, you pass the argument CRYPTO_ALG_ASYNC to indicate that you don't want the instance to be asynchronous. When you've got it set up and want to encrypt something, you can't simply pass data by address. You must use scatter/gather to pass it, which in turn means that data in the vmalloc() area or on the stack can't just be encrypted with this API. The key you're using ends up attached not to the object you just allocated, but to the global instance of the algorithm in question, so if you want to set the key you must take a mutex lock before doing so, in order to be sure that someone else isn't changing the key underneath you at the same time. This complexity has an associated resource cost: the memory requirements for a single key can approach a megabyte, and some platforms just can't spare that much. Normally one would use kvalloc() to get around this, but the crypto API doesn't permit it. Although this was eventually addressed, the fix was not trivial.


    • 4.20 Merge window part 2
      At the end of the 4.20 merge window, 12,125 non-merge changesets had been pulled into the mainline kernel repository; 6,390 came in since last week's summary was written. As is often the case, the latter part of the merge window contained a larger portion of cleanups and fixes, but there were a number of new features in the mix as well.


    • Linux Foundation



      • Results: Linux Foundation Technical Board Election 2018
        The results of the 2018 election for members of the Linux Foundation's Technical Advisory Board have been posted; the members elected this time around are Chris Mason, Laura Abbott, Olof Johansson, Dan Williams, and Kees Cook. Abbott and Cook are new members to the board this time around. (The other TAB members are Ted Ts'o, Greg Kroah-Hartman, Jonathan Corbet, Tim Bird, and Steve Rostedt).


      • LF Deep Learning Delivers First Acumos AI Release Making it Easier to Deploy and Share Artificial Intelligence Models
        The LF Deep Learning Foundation, a project of The Linux Foundation that supports open source innovation in artificial intelligence (AI), machine learning (ML), and deep learning (DL), today announced the availability of its first software release of the Acumos AI Project – Athena.

        Acumos AI is a platform and open source framework that makes it easy to build, share and deploy AI applications. Acumos AI standardizes the infrastructure stack and components required to run an out-of-the-box general AI environment. This frees data scientists and model trainers to focus on their core competencies and accelerate innovation.


      • Linux Foundation's Acumos Wants To Make It Easier Deploying AI Apps
        The latest software initiative out of the Linux Foundation -- and in particular their Deep Learning Foundation -- is the Acumos AI "Athena" release that tries to make it easier dealing with artificial intelligence apps.

        Acumos Athena is an effort to make it easier to deploy AI applications across private/public clouds and other environments. Acumos is a framework for building, sharing, and deploying AI applications and provides a standardized stack for these components.


      • Linux Foundation launches Acumos platform for quick AI deployment
        LF Deep Learning Foundation today announced the first publicly available release of Acumos AI, an open source framework and platform for the training and deployment of AI models.

        Created in March, the LF Deep Learning Foundation is part of the Linux Foundation project and supports open source projects for machine learning, deep learning, and AI.

        Founding members include Tencent, Baidu, Huawei, ZTE, AT&T, and Nokia.

        Acumos AI, whose release version is codenamed Athena, also began in March and includes the participation of about 75 developers, a foundation spokesperson told VentureBeat in an email. An updated version is due out in mid-2019, according to a statement provided to VentureBeat.


      • Observatory joins Ceph Foundation to advance open source storage
        Yesterday in Berlin SARAO joined 30 other members in the establishment of the Ceph Foundation, to manage the massive growth in data and information generated from cloud, container and artificial intelligence applications.

        The Linux Foundation, a non-profit organization enabling mass innovation through open source, announced that over 30 global technology leaders are forming a new foundation to support the Ceph open source project community. The Ceph project develops a unified distributed storage system providing applications with object, block, and file system interfaces.

        "Ceph has a long track record of success when it comes to helping organisations effectively manage high growth and expanding data storage demands," said Jim Zemlin, Executive Director of the Linux Foundation. "This partnership will assist us to store and retrieve the huge volumes of data that will be collected by the MeerKAT radio telescope," says Dr. Rob Adam, Managing Director of SARAO.

        The MeerKAT is a 64-antenna array radio telescope that has been built on the SKA site in the Karoo, and which will be integrated into the first phase of the Square Kilometre Array. MeerKAT has the capacity to process 275 gigabytes per second in real time - that equates to approximately 58 DVDs per second. SARAO currently uses Ceph to synthesise a ~20 petabyte object-based storage system, for the data generated by the MeerKAT radio telescope array.


      • SARAO joins the Ceph Foundation to advance open source storage
      • SA astronomers go open source for massive MeerKAT data


        MeerKAT has the capacity to process 275GBps in real-time, equating to approximately 58 DVDs per second. The South African Radio Astronomy Observatory (SARAO) has joined the Ceph Foundation to advance open source storage.

        SARAO manages SA's activities in the Square Kilometre Array (SKA) radio telescope in engineering, science and construction.

        It is a national facility managed by the National Research Foundation. It incorporates radio astronomy instruments and programmes such as the MeerKAT and KAT-7 telescopes in the Karoo, the Hartebeesthoek Radio Astronomy Observatory in Gauteng, the African Very Long Baseline Interferometry programme in nine African countries, as well as the associated human capital development and commercialisation endeavours.

        This week, in Berlin, Germany, SARAO joined 30 other members in the establishment of the Ceph Foundation, to manage the massive growth in data and information generated from cloud, container and artificial intelligence applications.





    • Graphics Stack



      • The Newest Mesa NIR/SPIR-V Code For Handling OpenCL Kernels
        It's now been nearly one year since longtime Nouveau contributor Karol Herbst joined Red Hat where one of his big projects has been working on OpenCL support for this open-source NVIDIA driver by bringing up NIR/SPIR-V support and making the necessary improvements for allowing OpenCL kernels to be represented in that IR commonly used by the Mesa drivers. The work still isn't yet in Mesa Git, but Karol this week sent out his newest patches.

        Karol Herbst sent out 22 patches this week in regards to adding support for OpenCL kernels within Mesa's NIR and SPIR-V common code. The patches are mostly adding the necessary OpenCL bits to the common NIR/SPIR-V compiler code for handling the intricacies of OpenCL kernels with features like physical pointer support, cl_size/cl_alignment, and other bits.






  • Applications



  • Desktop Environments/WMs



    • GNOME Desktop/GTK



      • Carlos Garnacho: On the track for 3.32
        It happens sneakily, but there’s more things going on in the Tracker front than the occasional fallout. Yesterday 2.2.0-alpha1 was released, containing some notable changes.

        On and off during the last year, I’ve been working on a massive rework of the SPARQL parser. The current parser was fairly solid, but hard to extend for some of the syntax in the SPARQL 1.1 spec. After multiple attempts and failures at implementing property paths, I convinced myself this was the way forward.
      • Robert Ancell: Counting Code in GNOME Settings
        I've been spending a bit of time recently working on GNOME Settings. One part of this has been bringing some of the older panel code up to modern standards, one of which is making use of GtkBuilder templates.

        I wondered if any of these changes would show in the stats, so I wrote a program to analyse each branch in the git repository and break down the code between C and GtkBuilder.






  • Distributions



    • Reviews



      • A Linux Noob Reviews: The Pop!_OS Installer From System76
        Welcome to a new series here at Forbes that zeroes in on your very first experience with a new desktop Linux operating system: the installer. In this debut review I'm going to explain why the heck I'm doing this, and give you a closer look at the relatively new Pop!_OS installer from boutique PC manufacturer System76 -- the same installer that actually inspired these articles. (Spoiler: yes it's that good.)

        [...]

        That tagline, present in the default wallpaper for Pop!_OS, also says a little something about the installer itself. This is, in my experience, sets a benchmark for other installers in the desktop Linux world. Even the most complex aspect of installing a Linux OS -- partitioning -- is explained in detail. Granted, the simplest partitioning tasks will take rookies a few tries to comprehend and master (myself included), but System76 did an exemplary job with the included help pages, and the interface is the most intuitive I've used. So far anyway!

        Seriously folks, I never thought I'd walk away from an installer and feel excited. Nor did I imagine it would inspire an entire series of articles. But here we are! System76 has crafted an intuitive, fast and streamlined installation process that improves the incoming perception of desktop Linux for newcomers, and may perhaps feel like a breath of fresh air for Linux veterans. Overall, it looks fantastic and made me eager to dig into the daily Pop!_OS experience.




    • New Releases



    • Fedora



      • Fedora Perfecting Their Flicker-Free Boot Experience With A New Plymouth Theme
        The recent release of Fedora 29 the long-desired goal of a flicker-free boot experience to the Linux desktop was finally achieved... Well, assuming you are for now using Intel graphics and set a couple extra settings and don't have any quirky hardware. While all of the key components are in place, for Fedora 30 and beyond they will likely be taking care of the "rough edges" and already there is work on a new Plymouth boot theme for pairing with this flicker-free boot process.


      • New plymouth theme for flickerfree boot
        Since the transition to plymouth is not entirely smooth plymouth by default will wait 5 seconds (counted from starting the kernel) before showing itself so that on systems which boot under 5 seconds it never shows. As can be seen in this video, this leads to a very non-smooth experience when the boot takes say 7 seconds as plymouth then only shows briefly, leading to a kinda "flash" effect while it briefly shows.

        Another problem with the 5 second wait, is now that we do not show GRUB the user is looking at the firmware's bootsplash for not only the often long firmware initialization time, but also for the 5 seconds plymouth waits on top, making it look as if nothing is happening.

        To fix this I've been working on a new plymouth theme which draws a spinner over the firmware boot splash, eliminating the ugly transition from the firmware boot splash to plymouth. This also allows removing the show-delay, so that we provide feedback that something is happening as soon as plymouth starts.


      • Fedora Community Blog: Elections nominations now open


      • Linux Day 2018 – Italy
        Every year, on the last Saturday of October, in Italy there is a national event called “Linux Day”. This year was the 18th edition and it was held on October 27.

        The event is promoted by the Italian Linux Society, and it is independently organized in many cities all around the country by groups of volunteers, LUGs and various associations. Even if it is highly fragmented (many little events in many cities), it is probably the biggest Italian event related to Linux and FLOSS, that is directly organized by people involved in the communities and by ordinary users.

        The aim of such event is to to promote Linux and FLOSS in general: in each city there are many talks, presentations and installation parties. The target audience is not limited to computer enthusiasts, hackers or IT professionals, but newbies, students and curious citizens are welcome as well.




    • Debian Family



      • Limiting the power of package installation in Debian
        There is always at least a small risk when installing a package for a distribution. By its very nature, package installation is an invasive process; some packages require the ability to make radical changes to the system—changes that users surely would not want other packages to take advantage of. Packages that are made available by distributions are vetted for problems of this sort, though, of course, mistakes can be made. Third-party packages are an even bigger potential problem because they lack this vetting, as was discussed in early October on the debian-devel mailing list. Solutions in this area are not particularly easy, however.

        Lars Wirzenius brought up the problem: "when a .deb package is installed, upgraded, or removed, the maintainer scripts are run as root and can thus do anything." Maintainer scripts are included in a .deb file to be run before and after installation or removal. As he noted, maintainer scripts for third-party packages (e.g. Skype, Chrome) sometimes add entries to the lists of package sources and signing keys; they do so in order to get security updates to their packages safely, but it may still be surprising or unwanted. Even simple mistakes made in Debian-released packages might contain unwelcome surprises of various sorts.

        He suggested that there could be a set of "profiles" that describe the kinds of changes that might be made by a package installation. He gave a few different examples, such as a "default" profile that only allowed file installation in /usr, a "kernel" profile that can install in /boot and trigger rebuilds of the initramfs, or "core" that can do anything. Packages would then declare which profile they required. The dpkg command could arrange that package's install scripts could only make the kinds of changes allowed by its profile.


      • Derivatives



        • Deepin 15.8 - Attractive and Efficient, Excellent User Experience
          Deepin is an open source GNU/Linux operating system, based on Linux kernel and desktop applications, supporting laptops, desktops and all-in-ones. deepin preinstalls Deepin Desktop Environment (DDE) and nearly 30 deepin native applications, as well as several applications from the open source community to meet users’ daily learning and work needs. In addition, about a thousand of applications are offered in Deepin Store to meet your more needs. deepin, developed by a professional operating system R&D team and deepin technical community (www.deepin.org), is from the name of deepin technical community - “deepin”, which means deep pursuit and exploration of the life and the future.

          Compared with deepin 15.7, the ISO size of deepin 15.8 has been reduced by 200MB. The new release is featured with newly designed control center, dock tray and boot theme, as well as improved deepin native applications, hoping to bring users a more beautiful and efficient experience.


        • Canonical/Ubuntu



          • Snaps are the new Linux Apps that work on every Distro
            See, when using Linux, you couldn’t exactly Google the name of a program you want, then download the .exe file, double click it and it is installed like you would on Windows (although technically you can do that now with .deb files). You had to know your way around the Terminal. Once in the Terminal, like for the case of Ubuntu, you needed to add the software source to your Repository with sudo apt commands, then now update the cache, then finally install the app you want with sudo apt-get install. In most cases, the dependencies would be all messed up and you’d have to scroll through endless forums trying to figure out how to fix that one pesky dependency that just won’t allow your app to run well.

            You’d jump through all these hoops and then finally the app would run, but then it would look all weird because maybe it wasn’t made for your distro. Bottom line, it takes patience and resilience to install Linux Apps.










  • Devices/Embedded





Free Software/Open Source



  • Finos launches open source programme
    Finos (the Fintech Open Source Foundation), a nonprofit foundation promoting open innovation in financial services, today announced the launch of a new Program focused on Decentralized Ecosystem Growth (DEG).

    Amber Baldet, CEO of Clovyr and former Blockchain Program Lead for J.P. Morgan Chase, revealed the Program in London during her keynote at FINOS’ annual flagship Open Source Strategy Forum - the only conference dedicated to open source in financial services. IHS Markit, FINOS Gold Member, will sponsor the program with Baldet serving as the first Program Management Committee (PMC) lead.


  • Open Source Identity and Access Management
    Looking back on the year as we enter the homestretch of 2018, one thing is apparent. With 2018 on track to be one of the worst years for security breaches ever, strong identity and access management (IAM) needs to be at the top of any IT organization’s checklist. Those that are cost conscious are asking, are there any viable open source identity and access management solutions on the market?



  • Free Open Source Techologies Are Big Business. Wait, What?


  • SpamAssassin is back
    The SpamAssassin 3.4.2 release was the first from that project in well over three years. At the 2018 Open Source Summit Europe, Giovanni Bechis talked about that release and those that will be coming in the near future. It would seem that, after an extended period of quiet, the SpamAssassin project is back and has rededicated itself to the task of keeping junk out of our inboxes. Bechis started by noting that spam filtering is hard because everybody's spam is different. It varies depending on which languages you speak, what your personal interests are, which social networks you use, and so on. People vary, so results vary; he knows a lot of Gmail users who say that its spam filtering works well, but his Gmail account is full of spam. Since Google knows little about him, it is unable to train itself to properly filter his mail.

    Just like Gmail, SpamAssassin isn't the perfect filter for everybody right out of the box; it's really a framework that can be used to create that filter. Getting the best out of it can involve spending some time to write rules, for example.


  • Web Browsers



    • WebP images won’t load in Microsoft Edge with Application Guard
      This issue affects a lot of prominent websites who’ve opted to take advantage of the higher compression gains they get with a modern image format like WebP. You can also see it here on Ctrl blog where most images will just not work in Microsoft Edge.

      There isn’t really anything web developers can do to work around this issue other than strip out unsupported photo formats when encountering the Microsoft Edge User-Agent. The images won’t fire an error even when it fails to display, and you can’t detect that Microsoft Edge is running in Application Guard mode from the web platform.


    • Chrome



    • Mozilla



      • The Thunderbird project is hiring: Software Engineers
        We need your help to improve and maintain Thunderbird. Moving Thunderbird forward includes replacing/rewriting components to be based primarily on web technologies, reducing the reliance on Mozilla-internal interfaces. It also includes boosting the user experience of the product.

        Maintenance involves fixing bugs and regressions, as well as addressing technical debt and enhancing performance. Most tasks have a component of both maintenance and improvement, and any new component needs careful integration with the existing system.

        We have compiled a high level list of tasks here; the work assigned to you will include a subset of these items. Let us know in your cover letter where you believe you can make most impact and how.


      • Firefox 64 Beta 12 Testday, November 23th
        We are happy to let you know that Friday, November 23th, we are organizing Firefox 64 Beta 12 Testday. We’ll be focusing our testing on: Multi-Select Tabs and Widevine CDM.


      • New & Experimental Web Design Tools: Feedback Requested
        A year ago, the Firefox DevTools team formed a subgroup to focus on new tools for working in web design, CSS, and HTML. Motivated by the success of the Grid Inspector, and with help from the Developer Outreach, Gecko Platform, and Accessibility teams, we launched the Variable Fonts Editor and the Shape Path Editor, added an Accessibility Inspector, and revamped our Responsive Design Mode.

        [...]

        We’re just getting started, and now we want to learn more about you. Tell us about your biggest CSS and web design issues in the first-ever Design Tools survey!


      • Firefox Monitor Launches in 26 Languages and Adds New Desktop Browser Feature
        Since the launch of Firefox Monitor, a free service that notifies you when your email has been part of a breach, hundreds of thousands of people have signed up.

        In response to the excitement from our global audience, Firefox Monitor is now being made available in more than 26 languages. We’re excited to bring Firefox Monitor to users in their native languages and make it easier for people to learn about data breaches and take action to protect themselves.

        When your personal information is possibly at risk in a data breach, reading news and information in the language you understand best helps you to feel more in control. Now, Firefox Monitor will be available in Albanian, Traditional and Simplified Chinese, Czech, Dutch, English (Canadian), French, Frisian, German, Hungarian, Indonesian, Italian, Japanese, Malay, Portuguese (Brazil), Portuguese (Portugal), Russian, Slovak, Slovenian, Spanish (Argentina, Mexico, and Spain), Swedish, Turkish, Ukranian and Welsh.

        We couldn’t have accomplished this feat without our awesome Mozilla community of volunteers who worked together to make this happen. We’re so grateful for their support in making Firefox Monitor available to more than 2.5 billion non-English speakers.



      • When does Firefox alert for breached sites?
        Data breaches are common for online services. Humans make mistakes, and humans make the Internet. Some online services discover, mitigate, and disclose breaches quickly. Others go undetected for years. Recent breaches include “fresh” data, which means victims have less time to change their credentials before they are in the hands of attackers. While old breaches have had more time to make their way into scripted credential stuffing attacks. All breaches are dangerous to users.

        As stated in the Mozilla Manifesto: “Individuals’ security and privacy on the internet are fundamental and must not be treated as optional.” Most people simply don’t know that a data breach has affected them. Which makes it difficult to take the first step to secure their online accounts because they don’t know they’re insecure in the first place. This is why we launched Firefox Monitor.



      • Mozilla GFX: WebRender newsletter #30
        Hi! This is the 30th issue of WebRender’s most famous newsletter. At the top of each newsletter I try to dedicate a few paragraphs to some historical/technical details of the project. Today I’ll write about blob images.

        WebRender currently doesn’t support the full set of graphics primitives required to render all web pages. The focus so far has been on doing a good job of rendering the most common elements and providing a fall-back for the rest. We call this fall-back mechanism “blob images”.

        The general idea is that when we encounter unsupported primitives during displaylist building we create an image object and instead of backing it with pixel data or a texture handle, we assign it a serialized list of drawing commands (the blob). For WebRender, blobs are just opaque buffers of bytes and a handler object is provided by the embedder (Gecko in our case) to turn this opaque buffer into actual pixels that can be used as regular images by the rest of the rendering pipeline.






  • Pseudo-Open Source (Openwashing)



  • Funding



    • The Houdini Project: Fundraising Software for Non-Profits Joins Conservancy
      First we were excited find out that a project like the Houdini Project even existed and now we can proudly say that they are also a Conservancy member! Services and applications for non-profits -- that are also free software -- are very close to our fiscal umbrella heart here at Conservancy. Houdini is our second incoming project this year that specifically caters to the needs of non-profits. Back in May, we welcomed Backdrop CMS a lightweight content management system that is great for non-profits, to the Conservancy fold. As long-time readers of the Conservancy blog know, the offerings for non-profits that care about software freedom are pretty slim, which is why we've also been working on our own non-profit accounting solution.

      The Houdini Project's ('Houdini's) software is used by many worthy and hard-working organizations, but perhaps the most notable is the Panzi Foundation. The foundation focuses on ending sexual violence in wars and supporting survivors at the Panzi Hospital in the Democratic Republic of Congo as they rebuild their lives. Panzi Foundation's co-founder, Dr. Denis Mukwege, a surgeon and activist who has devoted his life to this work received a Nobel Peace Prize this year. Other major users include Public Radio Exchange,WeMove.eu and Charter for Compassion.




  • FSF/FSFE/GNU/SFLC



    • A "joke" in the glibc manual
      A "joke" in the glibc manual—targeting a topic that is, at best, sensitive—has come up for discussion on the glibc-alpha mailing list again. When we looked at the controversy in May, Richard Stallman had put his foot down and a patch removing the joke—though opinions of its amusement value vary—was reverted. Shortly after that article was published, a "cool down period" was requested (and honored), but that time has expired. Other developments in the GNU project have given some reason to believe that the time is ripe to finally purge the joke, but that may not work out any better than the last attempt.

      The joke in question refers to a US government "censorship rule" from over two decades ago regarding sharing of information about abortion. It is attached to documentation of the abort() call in glibc and the text of it can be seen in the patch to remove it. One might think that an age-old US-centric joke would be a good candidate for removal regardless of its subject matter. That it touches on a topic that is emotionally fraught for many might also make it unwelcoming—thus unwelcome in documentation. But, according to Stallman, that's not so clear cut.

      [...]

      When pressed for more information about what these larger issues are, as O'Donell did, Stallman counseled patience. He did not offer any more information than that; perhaps the discussion has moved to a private mailing list or the like.

      For many, including me, it is a little hard to understand why there is any opposition to removing the joke at all. It is clearly out of place, not particularly funny, and doesn't really push the GNU anti-censorship philosophy forward in any real way even if you grant that anti-censorship is a goal of the project (which some do not). There are, of course, those who oppose removing it because they are opposed to "political correctness" and do not see how it could be "unwelcoming", but even they might concede that it is an oddity that is poked into a back corner of a entirely unrelated document. And it is not hard for many to see that tying the topic of abortion to a C function might be upsetting to some; why waste a bunch of project time defending it when it has effectively no impact in the direction that Stallman wants, while putting off some (possibly small) percentage of glibc manual readers?





  • Licensing/Legal



    • Protecting the open-source license commons
      Enforcement, especially involving version 2 of the GPL, has always been a part of the open-source landscape. It only reached the point of actual litigation in the early 2000s, where we saw enforcement efforts showing up in three broad classes. Community enforcement came directly from the developers, either individually or through organizations like the Software Freedom Conservancy (SFC). Commercial entities have done some enforcement, usually in support of an associated proprietary licensing model. And "non-community developers", such as Patrick McHardy, have been pursuing extortionate actions in search of commercial gain. These are the so-called copyright trolls, though he does not like that term. There has been an increase in all three types of enforcement in the last few years; one outcome has been the SFC enforcement principles that try to distinguish the first two types of enforcement from the last, he said.

      A lot of thought has gone into enforcement at his employer Red Hat; Fontana said that enforcement activities should be judged by whether they promote collaboration or not. Enforcement that promotes certainty, predictability, and a level playing field will do that, while commercially motivated enforcement will reduce the incentive to collaborate. So he believes, like many others, that enforcement should not be done for commercial gain. Beyond that, there needs to be transparency around the funding of litigation and the selection of targets. Proceedings should be open; the secrecy built into the German legal system (where much enforcement activity to date has taken place) has not helped here. And, overall, litigation is a poor way to achieve license compliance.




  • Programming/Development



    • Amazon Web Services promises to support OpenJDK through 2023 with release of internal tool as new open source project
      Developers using the popular OpenJDK (Java Development Kit) software tool can breathe a little easier Wednesday after Amazon Web Services announced it would support the tool with bug fixes and enhancements for the next several years with the release of an internally developed implementation of OpenJDK known as Amazon Coretto.

      Announced at Devoxx in Europe Wednesday, Coretto is an open-source distribution of OpenJDK developed for internal use at Amazon to manage Java applications. While Java is widely used to build enterprise applications, the future of OpenJDK has been in doubt thanks to Oracle’s decision to end support for the free version of OpenJDK as of this coming January.



    • One More Reaction to IBM's Acquisition of Red Hat
      Now that the dust has settled around the explosive announcement that IBM will be acquiring open source software provider and longtime Java Community Process (JCP) leader Red Hat, I wanted to share the reaction to the deal of one of the keenest (and most fearless) observers of the Java universe.



    • New Open Source Java SDK Helps Devs with Active Directory Projects [Ed: When this Microsoft propaganda site mentions Java it’s actually promoting Microsoft’s lock-in, proprietary AD]
      Information security provider Imperva has been in the headlines recently, thanks to news that tech investment firm Thoma Bravo LLC plans to acquire it. But the Redwood Shores, Calif.-based company caught my eye again last week when it announced that it has open sourced a new Java SDK designed to simplify interaction with Microsoft's Active Directory (AD) for small, medium and large development projects using LDAP.



    • PHP Lands Preload Feature, Boosting Performance In Some Cases 30~50%
      PHP developers unanimously approved and already merged support for the new "preloading" concept for this web server language. PHP preloading basically allows loading PHP code that persists as long as the web server is running and that code will always be ready for each subsequent web request, which in some cases will dramatically speed-up the PHP performance on web servers.

      While PHP has long supported caching to avoid PHP code recompilation on each new web request, with each request PHP has still had to check to see if any of the source file(s) were modified, re-link class dependencies, and similar work. PHP preloading allows for given functions/classes to be "preloaded" that will survive as long as the web server is active. It effectively allows loading of functions or entire/partial frameworks that will then be present for each new web request just as if it were a built-in function.


    • Google Announces a Managed Cron Service: Google Cloud Scheduler
      Google announced a new Service on the Google Cloud Platform (GCP) - Cloud Scheduler, a fully managed cron job service that allows any application to invoke batch, big data and cloud infrastructure operations. The service is currently available in beta.

      With Google Cloud Scheduler customers can use the cron service with no need to manage the underlying infrastructure. There is also no need to manually intervene in the event of transient failure, as the services retries failed jobs. Furthermore, customers will only pay for the operations they run -- GCP takes care of all resource provisioning, replication and scaling required to operate Cloud Scheduler. Also, customers can, according to Vinod Ramachandran, product manager at Google, benefit from:






Leftovers



  • Science



    • US travel ban blocking students from presenting their research

      At an academic conference, the question “where are you from?” can have many meanings. “For anybody who’s in science, that’s a complicated question,” says paleontologist P. David Polly. “Where are we now, where did we get our degree, where did we grow up, where did we get the other degree?” For many people in science, the list of answers will span multiple countries.



    • Real-world IT vs. computer science: 4 ways colleges are morphing
      While cloud computing is IT’s present, artificial intelligence (AI) in many ways is its future. The practical application of AI in the enterprise has not typically been taught at the undergraduate level. But that’s beginning to change. Earlier this year, Carnegie Mellon University launched its bachelor of science degree in Artificial Intelligence to address the growing demand addresses for AI specialists in the marketplace.

      Offering the first undergraduate AI degree in the U.S., the program will focus on providing students with in-depth knowledge of how to transform large amounts of data into actionable decisions.

      CMU’s bachelor’s degree program in computer science “teaches students to think broadly about methods that can accomplish a wide variety of tasks across many disciplines”, research professor of robotics and computer science and director of the new AI degree program Reid Simmons said in a statement. However, the bachelor’s degree in AI "will focus more on how complex inputs, such as vision, language, and huge databases, are used to make decisions or enhance human capabilities."




  • Health/Nutrition



    • Chicago City Council Members Seek Hearing on Psychiatric Hospital
      Two Chicago City Council members Wednesday called for a hearing to look into reports that children at a psychiatric hospital were physically and sexually abused, including those in state care.

      Alderman Ed Burke, the powerful chairman of the council’s Finance Committee, and Alderman Margaret Laurino, from the Northwest Side’s 39th Ward, introduced the resolution calling for a hearing on Aurora Chicago Lakeshore Hospital. The request, which cited ProPublica Illinois investigations, asks for details on the hospital’s business license and a review of the allegations.

      ProPublica Illinois found 16 allegations of abuse or neglect at the hospital in Uptown involving children since January. The Illinois Department of Children and Family Services, which is charged with investigating those allegations, found sufficient evidence to support four. Seven were not substantiated, and five continue to be investigated.

      Some of those children had already been cleared for discharge but remained at the hospital because DCFS failed to find them a more appropriate placement.


    • A ProPublica and Malheur Enterprise Forum Asks: What Happens When People Found “Guilty Except for Insanity” Attack Again?
      This year, the Malheur Enterprise and ProPublica have examined how Oregon allows people charged with serious crimes, who were found “guilty except for insanity,” to be released from the state psychiatric hospital or supervised community programs. After reviewing the records of people set free by the state’s Psychiatric Security Review Board from Jan. 1, 2008, and Oct. 15, 2015, Malheur Enterprise reporter Jayme Fraser found that in almost 35 percent of those cases, people were charged with new crimes within three years.

      [...]

      What changes might better protect the public without sacrificing the rights of people with mental illness



    • Pricey Precision Medicine Often Financially Toxic For Cancer Patients
      when Kristen Kilmer was diagnosed with incurable breast cancer at age 38, her first thought was of her 8-year-old daughter. Kilmer lost her own mother as a teenager and was determined to get more time with her only child.

      Kilmer searched for experimental treatments, opting for an unproven approach in which researchers select drugs based on the genes in patients’ tumors. Doctors have selected her treatments for the past three years based on the unique, ever-changing DNA of her cancer cells. Now 41, Kilmer has responded better than anyone dared to hope. Her cancer has gone into hiding; her tumors are no longer visible on medical scans.

      Kilmer’s insurance company calls it experimental. As a consequence, her insurer has covered only a fraction of her care, forcing Kilmer to make an agonizing choice: stop taking a drug that costs nearly $17,000 a month or pay out-of-pocket, burdening her family with tremendous debt.


    • Spraying Poisons, Chasing Ghosts
      The twentieth first century continues the toxic business as usual of the twentieth century. Agribusiness, part of the military-industrial-complex, is king. The new weapon is spraying the world with mostly badly tested chemical poisons. And the strategy is the control of the natural world and societies.

      Few people know exactly what these chemical poisons do. Occasionally, they do kill insects and weeds. But they do much more, mostly harm. Scientists have revealed certain facts about those invisible effects. But agribusiness nullifies the significance of that knowledge. It does that by buying agricultural universities, the media and influencing politicians. Agribusiness guards its secrets, including how it has been controlling the politics of the world.

      [...]

      We see and hear a person in Miami Beach saying: “Well… they’re spraying again so I am just trying to shut it down and we’re going to the federal courts to try to do that. In August 2016, neurotoxic chemicals banned in Europe were first sprayed over Miami residents to kill Zika mosquitoes… many people were upset, including myself and have addressed the city of Miami Beach previously regarding the spaying of Naled onto our community.”

      Another Miami resident says: “I’m growing herbs that I’m thinking are organic, and they just sprayed Naled all over them.”

      Naled is a nerve poison related to chemical warfare agents.

      Spray planes “bombed” Miami Beach residents with the neurotoxic insecticide naled 2 to 3 times a day: “We only walked at night… I could see a thick layer of dust, smoke everywhere.” The helicopters flew about 100 feet over homes. The spraying lasted for five hours in the morning. The chemical coming down felt “like a little light rain.” The immediate effect was a “pounding headache you could not get rid of.”





  • Security



    • That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

      If you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers.

      [...]

      If you’re on the fence about whether to renew a domain and it’s one of several you own, it may make sense to hold onto it and simply forward any incoming traffic to a domain you do want people to visit. In the event you decide to relinquish a domain, make sure you take stock of any online accounts you created with email addresses tied to that domain and move those to another email address, as those accounts will likely come under someone else’s control when the domain expires.



    • Stolen credit card details of nearly 250,000 British Airways customers on sale for up to €£9.4m


    • Watch a real hacker hack into Hollywood's hacky hacking scenes
      As with bad sex, most bad hacking scenes in movies and television involve someone needing to announce, “I’m in!” Since not long after people started connecting computers to other computers, Hollywood has been depicting fictional people attempting to use those connections for nefarious means. Naturally, Hollywood has also spent a lot of its time getting those depictions wrong. In the above clip from Wired, security researcher Samy Kamkar assesses a number of famous hacking scenes from TV and film to see just how off they are.



    • Red Team 101: Understanding Kali Linux
      Your security environment is complicated. You’re invested in multiple security tools – antivirus, firewalls, IDS, IPS, SIEM, DLP, and more. If you haven’t invested in a red team, however, you’re doing security wrong. How could you know that your expensive defenses are working unless you’ve tested them out?

      A red team is a great way to test your defenses. In brief, a red team is a small group of employees whose job is to try to hack into your organization, understand its vulnerabilities, and then help you patch them up.


    • Adobe Flash Player Update Version 31.0.0.148 Addresses a Significant Vulnerability Issue
    • It's November 2018, and Microsoft's super-secure Edge browser can be pwned eight different ways by a web page
      Microsoft and Adobe have delivered the November edition of Patch Tuesday with another sizable bundle of security fixes to install as soon as you're able to.

      The trick is to test and deploy the fixes before exploits are developed to leverage the vulnerabilities.


    • A Research Paper Proposes Seven New Types of Spectre Attacks
      A group of nine scholastics has uncovered today seven new CPU attacks. The seven effect AMD, ARM, and Intel CPUs to different degrees. Two of the seven new attacks are varieties of the Meltdown attack, while the other five are a minor departure from the first Specter attacks – two surely understood attacks that have been uncovered toward the beginning of the year and found to affect CPUs models returning to 1995.

      Scientists say they’ve found the seven new CPU attacks while playing out “a sound and extensible systematization of transient execution attacks” – a catch-all term the examination group used to depict attacks on the different inner instruments that a CPU uses to process information, for example, the theoretical execution process, the CPU’s interior reserves, and other inward execution stages.




  • Defence/Aggression



    • Brothers Who Were Online Friends With Pittsburgh Shooting Suspect Had Ties to Violent Neo-Nazis
      Ever since, the authorities have been piecing together a disturbing portrait of Clark and his older brother, Jeffrey Clark, 30, who had been online friends with the suspect in the Pittsburgh attack. Online, Jeffrey Clark had called the massacre a “dry run for things to come.”

      Now, there are new indications that the lives of the Clark brothers in Washington intersected with some of the most violent white supremacist groups in the country — including Atomwaffen Division, a neo-Nazi organization that calls for racially motivated, lone-wolf terror attacks like Pittsburgh and whose members or associates have been charged in five murders in the last two years.


    • Paktia protestors say drone killed 7 civilians
      Residents of the Zazai Aryub district in southeastern Paktia province on Monday protested against what they claimed the killing of seven civilians in an American drone strike.

      The protesting residents said the seven innocent civilians were killed in Alikhel area on Saturday.





  • Transparency/Investigative Reporting



    • Has Time Run Out For Julian Assange? Signs Point to Imminent Extradition
      It appears increasingly likely Wikileaks founder and publisher Julian Assange will wind up in the clutches of the U.S. government.

      It’s hardly surprising, given that in ten years’ time, Wikileaks published more classified information than all other media combined. It exposed human rights abuses, government spying, torture, and war crimes on an unprecedented scale.

      WikiLeaks put the government, corporations and even the Pentagon, the FBI, the CIA and other intel agencies on notice that they could no longer count on operating in secret.It appears increasingly likely Wikileaks founder and publisher Julian Assange will wind up in the clutches of the U.S. government.

      It’s hardly surprising, given that in ten years’ time, Wikileaks published more classified information than all other media combined. It exposed human rights abuses, government spying, torture, and war crimes on an unprecedented scale.

      WikiLeaks put the government, corporations and even the Pentagon, the FBI, the CIA and other intel agencies on notice that they could no longer count on operating in secret.

      [...]

      Moral and racial superiority entitles the U.S. to occupy the world with military bases, ringing any nation that challenges its hegemony with military aircraft, battleships, assault vehicles, and military surveillance. Moral and racial superiority entitles its spy state agencies to shut down access to information deviating from its narratives and therefore to arrest and extradite Julian Assange.

      The Republican Party shares the same supremely intolerant nature as the Democrats, but differentiates itself by insisting that, although Russia is the enemy, Donald Trump did not collude with Russia to steal the 2016 presidential election.

      The Republicans also want to silence the founder of Wikileaks and find a way to shut the organization down. Trump’s former CIA director, and now Secretary of State Mike Pompeo, has called Wikileaks a “non-state hostile intelligence service often abetted by state actors like Russia” and vowed to hunt Assange down.


    • Christine Assange Issues Call For All Journalists, Politicians, Medical Professionals and Activists To Stand Up For Julian Assange
      WikiLeaks founder and former editor Julian Assange is in dire need of health assistance, according to his mother in an emergency plea to the world uploaded to the Unity4J YouTube channel.

      Christine Assange urged officials to allow access to medical attention for her son, and for the UK and Ecuador to end Assange’s illegal 8-year detainment (2 years of virtual house arrest, 6 years confined inside the Ecuadorian embassy) without charge as determined by the UN.




  • Environment/Energy/Wildlife/Nature



    • We’re Going to Keep Paying Price If We Ignore Climate Change


    • Forty-Eight Dead and Counting From California’s Deadliest Wildfire
      When it began, the Camp Fire in Northern California was growing at a rate of 80 football fields every minute.

      It has now killed at least 48 people, scorched 130,000 acres of land, and torched thousands of houses and commercial buildings.

      And that isn’t the only fire raging across the now chronically parched Golden State. Near Los Angeles the Woolsey Fire, which ignited last Thursday and doubled in size overnight, has torched 100,000 acres and killed at least two people.

      More than 200,000 people have been evacuated because of those two fires alone.

      The Hill Fire in Ventura County burned 4,500 acres.


    • 2018 Pacific Expeditions: Corals and Clean-Up
      The second expedition, aboard NOAA Ship Oscar Elton Sette, focused on cleaning up marine debris from the remote Northwestern Hawaiian Islands. During this voyage, the team removed more than 160,000 pounds of lost or abandoned fishing nets and plastics from this ecologically and culturally significant area, part of Papahānaumokuāea Marine National Monument.


    • Landowners Fight the Bayou Bridge Pipeline in Court
      New Orleans – Under the United States Constitution, can private fossil fuel companies legally seize private property to build oil pipelines? Do private oil pipelines that threaten sensitive ecosystems provide a real service to the public, or do they simply pad the profit margins of fossil fuel companies and their wealthy investors?

      On Friday, a state judge in rural Louisiana will consider these questions and more in a preliminary hearing on the most significant legal challenge to date against the Bayou Bridge Pipeline, a 162-mile oil pipeline that bisects much of southern Louisiana and the sensitive Atchafalaya Basin, the nation’s largest river swamp.

      Most of the pipeline has already been built, and it’s expected to connect Louisiana refineries and export facilities to the Dakota Access Pipeline that faced sustained Indigenous-led resistance at Standing Rock in 2016.

      Across the country, states allow for-profit pipeline companies to seize private land under laws governing eminent domain, which is the government’s right to expropriate private property for public use in exchange for compensation. Many rural landowners lack the resources necessary to challenge wealthy oil and gas firms. A sweeping ruling against the Bayou Bridge’s attempt to expropriate private property in Louisiana could curb the fossil fuel industry’s ability to ram infrastructure projects through local communities nationwide. The Iowa Supreme Court recently heard a similar legal challenge to the Dakota Access Pipeline that also threatens the industry’s power.






  • Finance



    • 15 Months In Prison In Chicago's First Cryptocurrency Conviction
    • Top Chicago Alderman Adds to Growing Momentum for Ticket and Debt Reform
      Chicago’s most powerful alderman on Tuesday joined the growing chorus of leaders calling for reforms to the city’s ticketing and debt collection, introducing a measure to substantially limit the decades-old practice of seeking driver’s license suspensions over unpaid tickets.

      The proposal from Finance Committee Chairman Ed Burke would require the city to take into account motorists’ income before taking away their driving privileges and create more affordable payment plans for them.

      Burke’s proposal was the latest in a series of reforms that aim to respond to growing public pressure over the way Chicago punishes motorists who can’t afford to pay tickets.

      “The impact of license suspensions truly hurts lower-income residents the hardest because of an inability they have to pay these steep ticket fines,” Burke, who represents the 14th Ward on the city’s Southwest Side, told the Finance Committee. “For many motorists, the loss of the privilege to drive equates to higher unemployment, and in worst-case scenarios, Chapter 13 bankruptcy filings become necessary in order to protect licenses and vehicles required to get to work.”

      ProPublica Illinois has been reporting all year — including more recently in collaboration with WBEZ — on how unpaid tickets send thousands of mostly black Chicagoans into bankruptcy, a phenomenon seen nowhere else in the country. Bankruptcy gives motorists whose licenses have been suspended because of ticket debt the ability to get them back, in addition to other legal protections.
    • Chicago City Council Approves Modest First Reforms on Ticketing and Debt
      The Chicago City Council on Wednesday approved the first reforms aimed at helping the city’s low-income motorists cope with ticket debt, with more significant changes potentially on the way.

      The approved measures, tucked into Mayor Rahm Emanuel’s final city budget, chip away at a massive problem that has exploded during his tenure: debt and bankruptcies concentrated in black neighborhoods.

      In a way, the new policies come full circle, as they seek to undo some of the damage done by a hike in the price of tickets for mandatory vehicle stickers introduced in the mayor’s first budget, in 2011.
    • Today It’s Treasure Island, Tomorrow Your Neighborhood Store: Could Local Currencies Help?
      Amazon has reached the far corners of the earth… and the highest elevations. Delivery men venture 11,562 feet up in the Himalayas to leave a package. While the company may serve a useful purpose in remote regions, its phenomenal growth also reveals that no town is immune from its less desirable consequences. The online retailer’s omnipresence has been all too apparent in Chicago, New York, and London in recent months, where stores have been closing in droves.

      Treasure Island Foods of Chicago, a family-owned business started by Christ Kamberos in 1963, announced at the end of September that after 55 years it was closing all remaining stores in just two weeks. Now, the lights are out and the shadows empty shelves are all that remain, with the scent of fresh sourdough and gyros cooking on the spit only in shoppers’ reminiscences as they walk by the darkened windows.

      Julia Child once described Treasure Island as “America’s Most European Supermarket.” In my memory, it was unforgettable. The stores always had treasure troves for every season, from delicious green picholine olives from France, to liver pâté and English Blue Stilton at Christmas, and of course, Marmite. Not to mention exotic cookies and chocolates from all over the world: marzipan and chocolate from Switzerland and Austria, shortbread from Scotland, and crisp butter wafers from the Netherlands are a few examples. It was a haven for special gifts during the holidays.
    • Former CIA Cryptographer Says Bitcoin Is Perfect Vehicle for ‘Entire Shadow Banking System’
      Bill Barhydt, a former cryptographer at the Central Intelligence Agency and the founder of cryptocurrency investment platform Abra, is mapping out how cryptocurrency can operate outside of the current regulatory environment to power a crypto bank.

      In a new Off the Chain interview with host Anthony Pompliano of Morgan Creek Digital, Barhydt notes that his collective experience in various industries – from intelligence to the internet to finance – has all come together, allowing him and his team to lay the groundwork for a radically different banking model for everyday people.

      In addition to the CIA, Barhydt worked as a quantitative analyst in fixed income research at Goldman Sachs and as the former technical director at Netscape where he focused on e-commerce and banking projects.


    • Ukania: the Land Where the Queen’s Son Has His Shoelaces Ironed by His Valet
      I’ve just left Ukania, where I attended the Historical Materialism conference in London. After some much needed psychological decompression, I’m now back in the Land of Caged Toddlers.

      In the UK at the same time was the UN Special Rapporteur on poverty and human rights, Philip Alston, travelling to some of the UK’s poorest areas to investigate the impact Tory austerity has had on the UK’s indigents.

      Ukania has been misruled for decades, indeed for centuries (if the truth be told). The sole possible exception to this was the immediate postwar Labour government, which created the welfare state.

      The all-party consensus around the NHS lasted for three decades, but every government after that, Tory and Labour alike, acquiesced in the slow whittling-down or outright gutting of the welfare state. Only Corbyn’s “old” Labour seems to be an exception to this trend.

      So what will Professor Alston find?

      The UK’s highest paid executive got the boot while I was there, but will keep his €£75million/US$99 million bonus. Such is the state of corruption in Ukania that he might well have received a knighthood if he lasted another year or two, and would probably have been able to keep that as well.



    • As Jeff Bezos Earns $191K Per Minute, Why Are NY & VA Giving Amazon $3 Billion in Corporate Welfare?
      Amazon has selected a pair of cities to host its new, expanded headquarters: Crystal City in Arlington, Virginia, and Long Island City in Queens, New York. Amazon’s decision came after a 14-month search that saw cities around the U.S. promise tax breaks, taxpayer-funded infrastructure and business-friendly ordinances in an effort to win what Amazon says will be $5 billion in new investment and thousands of jobs. Democratic Virginia Governor Ralph Northam called the Amazon headquarter “a big win for Virginia,” and New York City Mayor Bill de Blasio has similarly applauded Amazon’s decision. But many local politicians have openly criticized authorities in New York and Virginia for backing the deals, which will create a total of 50,000 jobs. We host a roundtable discussion about Amazon and corporate welfare. In New York, we speak with Ron Kim, member of the New York State Assembly. He recently co-wrote an opinion piece for The New York Times headlined “New York Should Say No to Amazon.” In Washington, D.C., we speak with Greg LeRoy, executive director of Good Jobs First, a watchdog group on economic development incentives. And in Portland, Maine, we speak with Stacy Mitchell, co-director of the Institute for Local Self-Reliance. She is the author of “Big-Box Swindle: The True Cost of Mega-Retailers and the Fight for America’s Independent Businesses.”





  • AstroTurf/Lobbying/Politics



    • CNN sues White House for using doctored video to bar Jim Acosta

      The lawsuit also cites White House counselor Kellyanne Conway’s incoherent comments on Fox News on Sunday during which she acknowledged the video was “sped up,” but argued there’s a difference between that and doctoring footage.



    • Google Will Reveal Advertisers Behind Political Ads In India’s Next Election
      Google is planning to make the information of advertisers who will pay for political ads in the upcoming lower-house (Lok Sabha) elections in India freely available to the public.

      The company did the same with recent the U.S. Mid-term elections, where it took the initiative of publicly making information about who is spending on political advertisements. Also keeping a close eye on people who are paying for political adverts.

      Sunita Mohanty, Google India’s Director of Trust and Safety, said to Indian Express that the company is also establishing tools to fight misinformation and fake news, which often gets active in any elections.
    • House To Investigate Whether DOJ's AT&T Antitrust Lawsuit Was Political
      When the Trump DOJ sued to stop AT&T's $89 billion merger with Time Warner last year, more than a few eyebrows were raised. After all, the DOJ's antitrust suit, allegedly a bid to protect consumers, came as other arms of the Trump administration were busy utterly dismantling a wide variety of popular consumer protections (like net neutrality) at the direct request of industry. It raised the question: why suddenly care about consumer protection and antitrust power when you've shown absolutely no general concern for those concepts previously?

      As a result, there's always been a lingering question as to whether Trump's obvious disdain for Time Warner owned CNN was driving a petty bid for vengeance. Others wondered if the DOJ's lawsuit was a personal favor to Trump ally Rupert Murdoch, who had tried unsuccessfully to buy CNN from AT&T at least twice, and had spent much of 2017 lobbying Trump to scuttle the deal as a competitive favor to his Fox empire.
    • Con man exposed: Trump’s acting so erratic because midterms made him look like a loser
      President Donald Trump is not himself. And by "not himself" I mean he seems to have lost his swagger. Ever since the midterm elections, he's been churlish and petulant. His brazen braggadocio is suddenly dull and off-key. The question is what exactly has him brooding and upset.

      Sure, he held a press conference the morning after the election at which he ludicrously asserted, "I’ll be honest: I think it was a great victory. And actually, some of the news this morning was that it was, in fact, a great victory." The news that morning was nothing of the kind, of course. And even he couldn't pull it off. He rapidly devolved into his patented media-bashing to change the subject and ended up looking like the worst sore loser in presidential history.

      That same day he fired Attorney General Jeff Sessions and replaced him with someone he believed would protect him from the Mueller investigation -- a man described by George Conway -- Kellyanne Conway's husband -- as a "constitutional nobody." And that wasn't his worst day last week.

      On Friday, the Wall Street Journal published a big scoop revealing that the feds have unearthed plenty of evidence that Trump had personally broken campaign finance laws. More troubling for him is that the three people given immunity -- lawyer Michael Cohen, National Enquirer publisher David Pecker and Trump Organization CFO Allen Weisselberg -- know where a lot of other metaphorical bodies are buried. (We hope there are no real bodies involved.)
    • Trump’s Attorney General Pick Is a Menace to More Than Mueller
      On the surface, acting Attorney General Matthew Whitaker has a fairly respectable resume. He earned masters and law degrees at the University of Iowa, and even caught a touchdown pass for the Hawkeyes during the 1991 Rose Bowl. He was the US Attorney for the Southern District of Iowa from 2004 to 2009, when he resigned after the election of Barack Obama. Whitaker ran against Joni Ernst in the 2014 Republican Senate primary but was beaten like a gong. He rejoined the DoJ in August of 2017 and became Sessions’s chief of staff.

      It is this last bit that serves to dent the boilerplate legal-beagle credentials Whitaker has amassed during his career, because his posting at the right hand of Jeff Sessions was almost certainly not an accident. According to The New York Times, “People close to Mr. Trump believe that he sent Mr. Whitaker to the department in part to limit the fallout from the Mueller investigation, one presidential adviser said.”

      How did Matt Whitaker manage to land a gig as Trump’s secret squirrel within the Justice Department? Like as not, his many television appearances and opinion articles lambasting the Mueller investigation lifted his profile like a feather in an updraft. Trump loves his loyalists (until he doesn’t), and Whitaker carried Trump’s anti-Mueller water with enthusiasm. “It is time for [Rod] Rosenstein, who is the acting attorney general for the purposes of this investigation, to order Mueller to limit the scope of his investigation to the four corners of the order appointing him special counsel,” wrote Whitaker in an August 2017 CNN editorial.
    • The 2018 Midterm Elections Demonstrate Criminal Justice Reform Is a Winner at the Ballot Box
      The criminal justice reform movement is thriving and building for continued success in dismantling decades’ worth of tough on crime policies. Criminal justice reform was on the ballot from coast to coast in the 2018 midterm elections. There were over 1,000 prosecutor elections. Pro-reform candidates ascended to powerful roles in cities like Birmingham, St. Louis, and Boston, including a historic number of first-ever Black and female district attorneys. Voters overturned Jim Crow laws in Florida and Louisiana. Judges that have tried to grind publicly supported reforms to a halt were swept out en masse by black women in Houston.

      These results alone are truly historic. But like any election, the outcomes are a result of a variety of factors, many that have little to do with the public’s actual demand for criminal justice reform. Digging deeper, and looking not just at what was won but how these races were run, reveals a movement that is thriving and building the long-term momentum and political infrastructure needed to undo decades’ worth of tough-on-crime policies that have decimated communities.

      It’s important to start with some perspective. At least since the 1980s, criminal justice reform has been an untouchable third rail in electoral politics. The 2018 midterms show that the landscape has shifted. This year, politicians across the country, led by Black candidates, took principled and passionate positions on criminal justice reform, including in high stakes gubernatorial races in Florida, Georgia, and Maryland, where they had everything to lose.

      To be sure, in these places and elsewhere, their opponents continued the age-old tradition of stoking fear and racism to defend harsh and punitive approaches — with some success. But while such positions were mostly met with silence in the past, the 2018 elections show how years of sustained grassroots activism has now begun to open up the political space for candidates to run on unabashedly pro-reform platforms, often for the first time in generations.
    • An Anarchist Uprising Against the Liberal Ego
      The liberal ego poses an interesting contradiction. It insists not upon being“egotistical” in the way we think of it, of thinking “too much” of oneself, being self-centered, selfish, etc., but upon being servile, second-rate, low worth, “co-dependent” in relation to the existing power structures. The liberal, while accepting the rewards of bourgeois attainment and thus living comparatively well, in failing to challenge her ego’s supremacy, is automatically obedient to the illegitimate authority of the existing capitalist structures. She cannot do otherwise; she is profoundly disoriented in the metaphysical sense meant by Huston Smith. The drastically ungrounded liberal soul is oriented, not to its “noble origins” but to the reduced view of human life issuing from scientism, unalleviated by imagination, that says we ascend from lesser beings (thus we emphasize “progress”) rather than having descended from gods (i.e., having been born with perfection or wholeness in us). This is not an argument for creationism, but against the negation of imagination that has us training ourselves and our children to become cogs in a machine, rather than to love – and serve – “the Great” and “the Whole.”

      The dilemma we face is real: without orientation to the vertical, modern post-religious people have three ways to stay above the terrifying abyss of non-being, the task once performed by religion: 1) turn the clock back to rigid authoritarian tradition, to toxic masculinity, nationalism, militarism, fascism, 2) neoliberal vapid verticality, with its flattened masculinity, normalized neurosis and addictions, and covert barbarism, or 3) to in some non-authoritarian way, restore the relation to verticality (I include those who maintain that relation within traditional religion).

      For the secular liberal, following choice #2, the ego is practically unchallenged in the context of mediated reality and social fragmentation that supports neoliberal totality. We add to the debasement demanded by our imperial egos in countless ways. Our stories of childhood origins are narratives of defect and weakness (i.e., I’m ADHD, family dysfunctional, Dad a drunk, I was abused, neglected, etc.), rather than how once we saw that everything, magically, had meaning. Unquestionably childhood wounds must be brought to light, but they are part of the story not the whole. We slander our higher nature as we fixate on fitness and nutrition, and in other ways corroborate the conviction of low self worth (machine-hood) that is by now second nature. Always polite, sometimes witty and clever, we liberals never express authentic opinion for fear of exposure. Our positive will is atrophied; if it were possible to film the liberal will it would be seen to slink, flinch, evade, excuse itself, look sheepish. This is so even if we have all outward signs of material grace. We can pass a lie detector test only if we are not asked: why do you live?

    • Sixteen Midterm Races Are Still Up for Grabs by Democrats
      It’s been nearly a week since Election Day, but a number of races still lack an official winner. Massive voter turnout, archaic voting machines, outdated state regulations and Republicans determined to undermine the process all created a perfect storm, in which votes haven’t been finalized — and, in some cases, were never counted in the first place.

      [...]

      Sure, the GOP may have expanded its majority in the Senate, but it may not be nearly as big of a win as Republicans thought. They flipped seats in Missouri, North Dakota and Indiana as they hoped, but they didn’t nab West Virginia, Ohio or Montana – and they lost their seat in Nevada to the Democrats.

      On election night, the Republicans were certain that they would be keeping Arizona red and flipping the Senate seat in Florida, making their gains more significant. But now neither are a sure thing.

      As the final votes are being tallied, it turns out that Democratic Rep. Kyrsten Sinema is actually the final winner, turning Republican Jeff Flake’s seat blue. Meanwhile, Florida’s Senate race is turning into a recount situation — one that will hopefully resolve the massive undervote in Broward County due to a faulty ballot design. Democrat Bill Nelson could keep his seat.

      If all goes well, the GOP may one gain one seat in the end, despite Democrats being forced to defend 26 seats this cycle.
    • Climate of Rage
      My former teaching colleague at the State University of New York/College at Old Westbury, Warren Goldstein, who now teaches U.S. history and chairs the History Department at the University of Hartford, hit the nail exactly on the head in regard to the main source of hate in the United States in an article in The Villager, a New York City newspaper.

      “Enough squeamishness from the MSM. The violent, hateful rhetoric comes overwhelmingly from one side only and from its padron, Donald Trump. Period,” wrote Goldstein, who has a doctorate in American Studies from Yale University. He knows the U.S. well.

      “Who have their rhetorical targets been? Immigrants, Democrats, black people and George Soros. And who were actual targets last week? Democrats, blacks and immigrant- and refugee-supporting Jews,” he wrote in the piece published on November 1.

      As to what he relates is the reluctance by Mainstream Media to focus squarely on the main cause of the vitriol in U.S. society today, Goldstein wrote that “in order to make peace, we need first to talk truth, and say who provided the soil, the nourishment, the encouragement and the spark to these homegrown terrorists and killers: the would-be pipe bomber of Democrats; the racist Kentucky Kroger murderer; the Pittsburgh killer. Not, alas, according to Sunday’s New York Times: ‘The anguish of Saturday’s massacre heightened a sense of national unease over increasingly hostile political rhetoric.’”

      “Really? I don’t feel unease—I feel rage at the Trumpian big lies,” declared Goldstein.

      [...]

      Many of the “Trumpsters”—the angry people who populate Trump’s non-stop rallies—also seem to have found a father in Trump with his violent rhetoric, rhetoric not only full of vitriol but also of lies, thousands and thousands of lies.

      We’ve had some beauts as U.S. presidents. But Trump, according to a determination of nearly 200 top U.S. political scientists, is the worst. The social science researchers voted in recent months in a 2018 Presidents and Executive Policy Greatness Survey. Trump bumped James Buchanan out of the bottom spot of the survey done every four years. Other analyses confirm this determination as, surely, will history. Trump is the leading personification of hate, of malice, of ill will and of malevolence in the United States. We, indeed, all know who is fueling the hate—and we must say it.



    • In the Wake of the Blue Wave: the Midterms, Recounts, and the Future of Progressive Politics
      In the wake of the 2018 midterms, President Trump and his foot soldiers on the right have continued to repeat paranoid and fact-free claims about “electoral fraud” via the recounts in Florida and Arizona. Trump is seeking to save face by weighing in on the Florida gubernatorial race (Nelson v. Scott) and the Florida (Gillum v. DeSantis) and Arizona (Sinema v. McSally) Senate races. These are political battles, plain and simple, and Trump is trying to preserve as many Senate seats as possible for Republicans moving toward 2020.

      For progressively-minded Americans, the discussion now should focus on what the 2018 election tells us about the state of American politics and prospects for democratic change. For those who want an analysis of my thoughts on the election and how it relates to protest movements, take a look at my recent talk at the Open University of the Left (Chicago), which explores this issue in detail. For a shorter analysis of the election, I provide a brief review here of the exit polling data and what it tells us about the “pulse” of American voters following the large gains for Democrats in the House.



    • The Midterms Did Not Stop the March of Fascism, But We Can
      Twenty-two months into the Trump administration, the United States is a country in denial. Even amid the Democrats’ recent electoral gains, Trump’s would-be opposition is not poised to halt the rise of fascism. Nancy Pelosi announced plans to pursue “bipartisanship” and “common ground,” even before her own electoral victory was complete. Trump himself endorsed Pelosi as Speaker of the House — making clear that there is no leadership in the legislative branch that is equipped to confront the steady rise of Trumpian fascism. Meanwhile, as Pelosi flaunted her establishment takes, some on the left smugly mocked leftists who had joined Democratic electoral efforts, backing candidates and working to get out the vote. Was this what they had been fighting for, the critics asked? For a Pelosi-Trump partnership that would aid in Trump’s expansion of the military-industrial complex?

      Even as those divisions simmered, another moment of left-of-center conflict broke out when news emerged that protesters had paid a visit to Tucker Carlson’s home in Washington, DC. Protesters, who apparently knocked on Carlson’s door a few times, chanted and shook a tambourine, before one of them spray-painted an “A” on Carlson’s driveway, were characterized as “monstrous” by Stephen Colbert and condemned as “disastrous for any republic” by television producer David Simon. Colbert and Simon had apparently made no inquiry about the protests before commenting, instead basing their analysis on Carlson’s now-debunked version of events, thereby accepting the account of a white supremacist propagandist (who was not home at the time of the protest).


    • How Two Demagogues Inspired Their Followers
      The parallels between the rise to power of Adolf Hitler and that of Donald J. Trump have been widely noted. A new book by James M. Longo, Hitler and the Habsburgs: The Führer’s Vendetta Against the Austrian Royals (Diversion Books, 2018) brings out similarities as well as differences. As in 21stcentury America, economic and political troubles clouded the judgment of many Germans and other peoples in the 1920s and 1930s. Across the Continent, as Longo says, people “searched for a leader, a savior, a dictator to rescue them from their economic and political woes. Hitler believed he was that man.” The aspiring Führer spoke only German but proved himself “a chameleon able to articulate the unspoken emotional language of his listeners.”

      Wealthy industrialists secretly financed Hitler’s rise to power after 1924. For unemployed workers he promised full employment; for the forgotten German, he pledged respect. Hitler won financial support and many followers, but he craved legitimacy and political power to make his vision a reality. In public Hitler met with enthusiastic crowds. Behind closed doors he beguiled wealthy monarchists. One-third of German’s ancient nobility joined his Nazi Party, while many others supported him through their silence. President Trump also craves symbols of legitimacy and seeks to destroy any sign that he was not duly and freely elected.

      The insightful American journalist Dorothy Thompson interviewed Hitler and described him as an “agitator of genius….the most golden tongued of demagogues.” She advised her readers: “Don’t bother about the fact that what he says, read the next day in cold news print, is usually plain nonsense.” To understand what was happening, “You must imagine the crowds he addresses: Little people. Weighted with a feeling of inferiority.” Appeals to their racial pride were “the cheapest form of self-exaltation.” If one was debt, if one had not made a success in life, there was still the consolation that one belonged to the master race.




  • Censorship/Free Speech



    • Macron wants to rein in Silicon Valley, from Brussels

      But Macron wants to go further, by upending the legal framework that currently underpins platforms in Europe and grants them limited liability over hosted content.



    • France to 'embed' regulators at Facebook to combat hate speech

      From January, Macron’s administration will send a small team of senior civil servants to the company for six months to verify Facebook’s goodwill and determine whether its checks on racist, sexist or hate-fuelled speech could be improved.



    • UCLA Flails Amid Pro-Palestine Group's Planned Conference, While L.A.'s City Council Goes Full Stupid
      Those of you who geek out over trademark law like me may have seen the recent dust-up between UCLA and a group called National Students for Justice in Palestine this past week. I had intended on writing something up about the whole thing because of how blatantly stupid it was. The pro-Palestinian group has a chapter at UCLA and it is hosting a conference in the future, for which it put out some promotional materials that feature a bear flying a kite with the colors of the Palestinian flag and dared to mention that the conference was being held at UCLA. For this, UCLA lawyers sent a cease and desist to SJP, claiming that the way the promo material displayed the UCLA name and its use of bear imagery created confusion in the public suggesting that the school was affiliated with the conference.

      [...]

      None of that is hate speech, no matter what some silly State Department missive might suggest. Words matter, after all, and we can no more accept that the kind of political speech above, even if you disagree with it, is hate speech any more than we can condone the government crying terrorism anytime it's convenient. It also seems obvious to me that if you replaced this pro-Palestinian group with a pro-Israel group, we never would have heard this story at all. Argue with that if you like, but you're wrong.

      And, yet, the L.A. City Council is now getting involved in the stupidest way possible, passing a resolution that first acknowledges UCLA's need to adhere to free speech rights and then somehow calling for the cancellation of this conference entirely.
    • Judge Lets NRA's 1st Amendment Lawsuit Against Andrew Cuomo Move Forward
      Let's put some cards on the table to start off this post: I think Andrew Cuomo is a terrible governor of NY (and he was a terrible Attorney General before that), and doesn't deserve to be in office. I also think the NRA is a joke of an organization, that stirs up bullshit fear and racial divisions, and frequently shits on the 1st Amendment plenty of times when people try to challenge the 2nd Amendment. I recognize that some percentage of you probably feel differently about Cuomo and (chances are...) a non-overlapping venn diagram of you probably feel differently about the NRA. I think they're both terrible and should disappear from public life. And I say that upfront because my position on this particular lawsuit has nothing to do with which side I "like." I don't like either one.

      But on the law in this particular case, clearly the NRA is in the right, while Cuomo is wrong. And thankfully, so far a judge agrees.

      Let's take a step back, though, to look at what's happening. Cuomo is no fan of the NRA. And he decided to use his position as governor to punish the NRA for its advocacy. Back in April, he put pressure on banks and other financial institutions to cut all ties with the NRA. It's kind of incredible that he would think this would fly. Indeed, the situation is pretty damn close to that time that Cook County (Illinois) Sheriff Thomas Dart pressured credit card companies to stop doing business with Backpage, leading to a pretty massive judicial smackdown from Judge Richard Posner.


    • PayPal’s corporate censorship
      Since the populist revolts of 2016, much of the liberal establishment has turned on Silicon Valley. The tech giants were once held in great esteem, talked of as enablers of data-driven democracy or as the providers of invaluable tools for progressive campaigning. Today they are accused of promoting and profiting from the far right.

      Pressure has been piled on Facebook, Twitter and YouTube to ban a number of right-wing activists and channels from their platforms. Most infamously, Alex Jones and his conspiratorial website Infowars were summarily banned by Apple, Facebook, Spotify, YouTube and payments processor PayPal in August this year.

      Last week, PayPal froze the account of Tommy Robinson after receiving a 60,000-strong petition from campaign group SumOfUs calling for him to be struck off its books. The group’s executive director, Hannah Lownsbrough, wrote in the Guardian that PayPal’s decision ‘will send an earthshaking message to the global far right: huge corporations will not enable your hatred’. The ban was ‘proof that people can take on big corporations and win’, she said.

      But while politicians, the Twitterati and much of the old media see themselves as ‘taking on’ the internet giants, the pressure piled on them to purge their platforms of ‘extreme’ political views is actually handing them vast amounts of unchecked power. Where tech companies were once keen to present themselves as neutral platforms, Silicon Valley is now expected to decide which political views it considers acceptable or beyond the pale.

    • PayPal Is Banning Accounts Employed By Gavin Mcinnes, The Proud Boys, And Antifa Groups
      PayPal claimed this week that it will cancel accounts employed by Proud Boys (the far-right group) as well as anti-fascist groups’ multiple accounts. The decision will make it much complicated for the groups to raise online money. The move is the newest act of “de-platforming” by the tech sector, which has been struggling with how to efficiently handle consumers that promote violent or hateful ideologies.

      The ban will comprise the Proud Boys account in addition to an account employed by Gavin Mcinnes (its founder), PayPal claimed to the media in an interview. The firm is also banning accounts for Antifa Sacramento, Atlanta Antifa, and the Anti-Fascist Network. PayPal had earlier banned accounts for Antifa Arkansas, Antifa Philadelphia, Rose City Antifa, and Belfast Antifa. The firm also banned an account employed by ex-leader of the English Defence League (the far-right group), Tommy Robinson.
    • Watch: PM insists on no information censorship
      Prime Minister Joseph Muscat said that there needs to be assurance that information will not be censored, meanwhile action must be taken for people not to fall victim to misinformation.

      Muscat was speaking about censorship and fake news during an international conference in Paris about technology. In a statement, the Office of the Prime Minister said that Muscat spoke about how technology can be used to help in the fight against the spreading of fake news which is harming democracy around the world. The Prime Minister was speaking in a meeting in which the French President invited a small number of European leaders and international organisations to discuss the future of democracy in light of modern technological advances.

      [...]

      The Prime Minister also took part in a debate during the GovTech Summit about ‘Digital Identity: The Next Frontier for Smart Governments’ where he said that every individual should be given the liberty to use personal data however they please.



    • Online censorship enforced by governments is curbing people's power to criticise
      Recently two leading Pakistani activists alleged the increased governmental censorship against critical voices on social media. The two activists, as per this report, received warnings from Twitter against tweets which, as per Twitter, violated Pakistani laws. The actual tweets of the activists, however, were against a cleric who had posted tweets threatening the government and inciting violence. The tweets of the activists themselves did not have such content. One of the tweets, as per the activists, was, in fact, a call for the government to take action against the cleric.

      The absurdity of the warnings, given that the tweets themselves (as per the report) were not incendiary, raised questions that Twitter’s warnings may have come from a governmental drive to censor critical voices, as opposed to being an actual violation of Twitter policy or Pakistani law.

      Closer home, instances of governmental censorship in India are on the rise, such as in the form of the increasingly frequent internet shutdowns, the blocking of websites or defamation suits.


    • Facebook Allowing French Censors To Embed With The Company, And Maybe That's A Good Thing?
      While many people may have the instinctual reaction that having government regulators coming in to see how to "better" censor speech on your platform is inherently a problem, one hopes that the end result of this is influencing things in the other direction. A bad outcome would be French regulators deciding that this experience gives them enough info to craft impossible regulations to wave digital magic wands and "make the bad stuff disappear." But a more optimistic argument would be that it gives these French regulators a chance to get some first hand knowledge of (1) how seriously Facebook takes this issue (don't laugh, because the company absolutely does take this issue seriously now, even if it didn't in the past) and (2) just how impossible it is to do a particularly good job at it (even as Facebook has gotten much better in the past year).

      So while I'm always a little concerned about the idea of having government regulators come into a company when the upfront stated objective is about more content moderation demands, it certainly would be beneficial for French officials not to be so incredibly ignorant about how content moderation at scale truly works, and why the easy solutions they always seem to propose won't help (and could make problems significantly worse).



    • Exiled Chinese author attends Tai Kwun events
      Tai Kwun, an arts center managed by Jockey Club CPS, reversed its earlier decision to cancel two literary events arranged for exiled Chinese author Ma Jian amid criticisms that it was engaging in political censorship.

      Ma Jian, a Hong Kong permanent resident who now lives in London, showed up at the events held on Saturday as scheduled at Tai Kwun, the former Central Police Station compound on Hollywood Road that has been transformed into a center for heritage and the arts.



    • Hong Kong Lawmakers Protest Over Reported Loss of Border Land to China
      Reports that a garrison of Chinese border guards has taken over land on Hong Kong's side of the internal border, which its personnel also cross at will, have sparked protests in the former British colony over promises that the city would remain a separate jurisdiction after the 1997 handover.

      The investigative journalism group FactWire found that some 21,000 square feet of privately owned land within a high-security area along the Hong Kong side of the border with mainland China has been used by the 6th Detachment of the Guangdong provincial border defense corps of the People's Liberation Army (PLA) for the past six years.


    • The death knell for freedom of speech in Hong Kong


    • CE denies gov't link to self censorship and Ma Jian furore




  • Privacy/Surveillance



    • Tor anonymity gateway-maker InvizBox chases VPN subscriptions down rabbit hole
      The InvizBox Tor-gateway router stopped receiving firmware and secuirty updates two years after release. Ten months later, InvizBox decided to try and reinvent their product with an alternative firmware that focused on selling virtual private network (VPN) services from InvizBox instead of relying on the free Tor onion network.

      InvizBox was a specialized Wi-Fi router that acted as a gateway to the Tor onion network. That is no longer what the product does, but you can read my 2016 review of InvizBox for the historical perspective.

      The economy of maintaining device firmware have shifted from using the free Tor anonymizing network to selling ubscription services. InvizBox sent out an email to existing customers offering “90 days free VPN service” to incentivize existing customers to upgrade from their now unsupported Tor firmware to the newer VPN firmware.

      90 days of free VPN sounded interesting and I thought I could get a little more life out of my InvizBox. I was sold and proceeded to upgrade my device’s firmware. This experience would end up completely changing my impressions about the InvizBox.


    • Judge Says Amazon Needs To Hand Over Recordings Created By Murder Victim's Echo Speaker
      New Hampshire investigators will be deposing Alexa in the near future, according to a recent court ruling. The advent of in-home digital, voice-activated assistants has created a wealth of personal recordings law enforcement may now have access to. It's only been a couple of years since we first saw law enforcement attempt to obtain Alexa recordings from Amazon, but as Mike pointed out then, this was going to be the new normal. So the onus is on companies like Apple, Google, and Amazon to give customers more direct control of stored data and recordings.

      In this case, prosecutors are seeking recordings made by a murder victim's Amazon Echo speaker. They hope the victim's device captured the attack and the removal of her body. Amazon has issued some boilerplate about "valid legal demands" in response, but it's likely the company won't interject itself into this case.




  • Civil Rights/Policing



    • The Outgoing Congress Shouldn’t Reward Trump With More Homeland Security Funding
      Before Dec. 7, Congress will have to make a decision: Will they reward the department responsible for family separation, jailing immigrants, raids on communities of color, and abuses at the border by increasing their budget? Or will they stand up and rein in Trump’s detention and deportation force?

      The Department of Homeland Security is currently funded by a continuing resolution, a short-term bill that extends its budget from last year. It was passed in late September so that Congress could avoid a messy budget fight before the midterm elections. On Dec. 7, it will expire at midnight.

      By that time, Congress has to decide how it will fund the government next year — a negotiation that really comes down to how it will fund DHS, as The Washington Post reported. Democratic leader Sen. Chuck Schumer (D-N.Y.) is treating funding for a border wall as a foregone conclusion, while Rep. Nancy Pelosi (D-Calif.), his counterpart on the House of Representatives side, said on Tuesday she isn't interested in negotiating. Republicans, therefore, are going to try to jam through their anti-immigrant agenda in the last gasp of their majority in the House of Representatives, including increased funding for Immigration and Customs Enforcement and Customs and Border Protection as well as billions of dollars for a border wall.


    • Inside the #MeToo Revolt at Google
      The November 1 walkout by 20,000 Google employees at some 50 offices around the world may be the largest international action of its kind in modern labor history — and it shined a spotlight on the potential for tech workers to stand up for justice for themselves and their co-workers.

      The immediate cause of the walkout — which involved more than 20 percent of Google’s nearly 95,000 workers worldwide — was the revelation of Google’s cover-up of sexual misconduct by Andy Rubin, a former top executive and the creator of the Android operating system.

      Google protected Rubin, giving him a $90 million exit package, while keeping silent about his history of sexual harassment and abuse. But Rubin is clearly one of many sexual harassers that Google has shielded, contributing to a hostile internal climate.

      The walkout gave voice to workers’ grievances about that work environment. At a rally at Google’s YouTube headquarters in San Bruno, California, one worker stated: “Where did they get that $90 million? They got it from every day you worked late. From every promotion you didn’t get. From every [temporary contract worker] who was never converted to full time.”

      The walkout was organized in less than a week, and workers harnessed Google’s tools — Drive and Gmail, Docs and Calendar — to make it a success.


    • Radical Idealism: Jesus and the Radical Tradition
      My education began where the school and church curriculum would not go.

      The tradition of radical thinking, writing, organizing, and fighting for a better world – the foundation of radical idealism – is a fringe tradition. I recognized this early on, and made a connection to things I read in the Bible, namely the life and teachings of Jesus of Nazareth.

      Jesus was a threat to the power structures during His time and was exiled immediately after birth. He taught his followers a lifestyle incompatible with greed, individualism, authoritarianism, militarism, and nationalism. He healed, preached, and educated without a place to lay His head because He knew what awaited Him if He was captured by the authorities. His Sermon on the Mount wasn’t meant to comfort the listener in turbulent times, but rather establish an ideal: an impossible standard to guide and provide hope for humanity. Like so many radical idealists before and after Him, Jesus was executed by the State.


    • Advocates: Trump Creating Border Crisis by Pitting Troops Against Women & Children Fleeing Violence
      Defense Secretary Jim Mattis is traveling to McAllen, Texas, today to visit some of the thousands of troops deployed at the U.S.-Mexico border by President Donald Trump. Nearly 6,000 active-duty troops are currently stationed in Texas, California and Arizona, following Trump’s escalating attacks against the Central American caravan heading toward the border. Trump has warned that that number could swell to 15,000—more than the U.S. forces in Afghanistan and almost triple the number of troops in Iraq. According to some reports, the border deployments could cost $220 million, despite the fact the Pentagon does not see the caravan as a risk. Mattis’s visit comes just days after the Trump administration announced new immigration rules to deny asylum to anyone who enters the country outside of a port of entry, a move the American Civil Liberties Union has called “illegal.” We speak with Fernando Garcia, the founding director of the Border Network for Human Rights, an advocacy organization based in El Paso. We also speak with Liz Castillo, immigration reporter and managing editor with Neta, a community news outlet in the Rio Grande Valley.



    • Honoring the 2018 Pioneer Award Winners and John Perry Barlow
      EFF’s annual Pioneer Awards Ceremony recognizes extraordinary individuals for their commitment and leadership in extending freedom and innovation on the electronic frontier. At this year’s event held on September 27 in San Francisco, EFF rededicated the Pioneer Awards to EFF co-founder and Grateful Dead lyricist John Perry Barlow. Barlow’s commitment to online freedom was commemorated by dubbing the Pioneer Awards statuette the “Barlow.” EFF welcomed keynote speaker Daniel Ellsberg, known for his work in releasing the Pentagon papers, to help award the very first Barlows. This year's honorees were fair use champion Stephanie Lenz, European Digital Rights leader Joe McNamee, and groundbreaking content moderation researcher Sarah T. Roberts.



    • CIA WHISTLEBLOWER SAYS HE WAS TARGETED BY BRENNAN, MUELLER, STRZOK
      When the FBI asked John Kiriakou to meet at the Washington field office in January 2012, the former CIA officer says he gladly agreed to the request.

      “Anything for the FBI,” Kiriakou told the FBI agent who contacted him.

      Months earlier, as a senior investigator on the Senate Foreign Relations Committee, Kiriakou had helped the FBI investigate a Japanese diplomat who had approached him offering a bribe.

      Or so he thought.

      Instead, Kiriakou says the FBI was running a sting operation against him for what he claims is payback for revealing secrets about the CIA’s waterboarding program.

      The government officials behind that investigation have resurfaced in the probe of the Trump campaign, which officially began as an FBI matter on July 31, 2016 and is now overseen by the special counsel’s office.

      As the Obama White House’s number 2 official on the National Security Council at the time, John Brennan ordered the Justice Department to charge Kiriakou with espionage, Kiriakou says. As FBI director, Robert Mueller formed a 12-person task force to investigate the 15-year CIA veteran. And as a top counterintelligence official at the FBI’s Washington office, Peter Strzok oversaw the investigation and arrested Kiriakou on Jan. 15, 2012.
    • New Documents Reveal CIA Spied on Congress, Whistleblowers
      Newly declassified documents reveal the CIA—which is supposed to be strictly limited in the types of surveillance and other secret operations it conducts on U.S. soil—routinely monitors U.S. government computer systems.

      That information is contained in two formerly secret letters of “congressional notification” written in 2014 by the Intelligence Community inspector general at the time, Charles McCullough. In the letters, McCullough reveals the CIA secretly intercepted and collected emails between congressional staff and the CIA’s head of whistleblowing and source protection. The collection was said to occur as part of the CIA’s “routine counterintelligence monitoring of government computer systems.”

    • Alabama Voters Say At Least One Sheriff Won't Be Enriching Himself With Federal Inmate Food Funds
      Things will get a little less crooked in part of Alabama in the near future. Sheriffs will no longer be able be able to personally benefit from federal funds meant to feed the state's prisoners.

      More than one sheriff in the state had been caught starving prisoners while picking up nice things for themselves with the leftover money. Weirdly, this is all legal under state law, which allows personal use of unused food funds by sheriffs running the state's jails.

      [...]

      A sheriff in Etowah County also brought down the heat on himself by taking home $250,000 a year in federal food funds that were supposed to be used to feed inmates. The $750,000 that managed to be accounted for is likely only a small part of the sheriff's total take. According to public records, Sheriff Todd Entrekin managed to acquire $1.7 million in property while officially taking home a $93,000 salary.




  • Internet Policy/Net Neutrality

    • Colorado Voters Continue To Opt Out Of State's Protectionist, ISP-Written Broadband Law
      For years we've discussed how ISPs like Comcast have spent millions of dollars quite literally buying shitty, protectionist laws in 21 states. Said laws either ban or significantly hamstring towns and cities from building their own broadband networks, or in some cases from even engaging in public/private partnerships. It's a scenario where ISPs get to have their cake and eat it too; they often refuse to upgrade their networks in under-served areas (particularly true among telcos offering DSL), but also get to write shitty laws preventing these under-served towns from doing anything about it.

      This dance of dysfunction has been particularly interesting in Colorado, however. While lobbyists for Comcast and CenturyLink managed to convince state leaders to pass such a law (SB 152) in 2005, the legislation contains a provision that lets individual Colorado towns and cities ignore the measure with a simple referendum, something telecom lobbyists have certainly come to regret. Not surprisingly, with frustration mounting over sub-standard broadband and awful customer service, more than a hundred Colorado cities have voted to exempt themselves from the state law over the last few years.

      That happened again during the recent midterm elections, when eighteen additional communities voted to opt out of the restrictive, protectionist law. According to the Institute For Local Self Reliance (which helps communities help themselves to improve local connectivity) the votes weren't even close in most of these towns and cities, with voter approval rates like 73%, 80%, and 90%. With this week's votes, the group notes that more than 60% of Colorado communities have taken back their rights to make their own decisions on infrastructure for themselves...


    • Google Internet Traffic Wasn't Hijacked, But It Was Out of Control

      Google noted that almost all traffic to its services is encrypted, and wasn't exposed during the incident no matter what. As traffic pinballed across ISPs, though, some observers, including the monitoring firm ThousandEyes, saw signs of malicious BGP hijacking—a technique that manipulates the web's Border Gateway Protocol, which helps ISPs automatically collaborate to route traffic seamlessly across the web.

      ThousandEyes saw Google traffic rerouting over the Russian ISP TransTelecom, to China Telecom, toward the Nigerian ISP Main One. "Russia, China, and Nigeria ISPs and 150-plus [IP address] prefixes—this is obviously very suspicious," says Alex Henthorne-Iwane, vice-president of product marketing at ThousandEyes. "It doesn’t look like a mistake."



    • Domain Registrars and Registries Don’t Want to ‘Police’ Piracy

      Copyright holders would like domain name registrars and registries to take a more active anti-piracy approach. There was some serious movement in this direction last year when a new copyright arbitration process was proposed that put domains including that of The Pirate Bay at risk. However, the plan has since been canned, as various parties believe that it went a step too far.





  • Intellectual Monopolies

    • http://www.ippropatents.com/ippropatentsnews/europenewsarticle.php?article_id=6184
      The UK Supreme Court has dismissed an appeal from Warner-Lambert in the Pregabalin second medical use case.

      The Supreme Court dismissed Warner-Lambert’s appeal with Lord Jonathan Mance and Lord Patrick Hodge questioning whether there was sufficient disclosure in the specification for certain claims.

      The court unanimously affirmed a lower court decision and rejected Warner-Lambert’s application to amend its patent in order to narrow it. The Supreme Court’s ruling could make patents for biotech pharma companies easier to avoid and make it them more vulnerable to invalidation.


    • UK Supreme Court affirms Warner-Lambert’s pregabalin patent is invalid
      Warner-Lambert patent was insufficiently disclosed and would not have been infringed by generics even if the claims were valid, in a ruling that raises the bar for plausibility of Swiss form claims


    • Pregabalin – The Ruling of the UK Supreme Court
      Today, after nine months of waiting, the decision of the UK Supreme Court in the pregabalin litigation was handed down. Like Brexit and the nation, it is clear that the Supreme Court Judges were divided on several crucial issues.

      In this post, we will not attempt to give a detailed analysis of the decision but rather to give a short summary of the principal points. A more detailed analysis will follow in the coming days.

      The background to the case is well known. Warner-Lambert had a patent with Swiss-type claims to the use of pregabalin in the treatment of pain (the “Patent”). The Patent had subsidiary claims to the use of pregabalin in inflammatory pain and neuropathic pain. Following the expiry of the compound patent for pregabalin in spring 2013, various generics companies wanted to sell pregabalin for non-patented indications including epilepsy and general anxiety disorder. However, the law was unclear as to what additional steps the generics companies should take, besides carving out pain from their label, to try and ensure that their pregabalin medicines were not used for the treatment of pain whilst Warner-Lambert’s patent was in force. In addition to taking such steps, the generics companies also sought to revoke the Patent and thus clear the way ahead of sales of their medicines for the treatment of pain. Warner-Lambert denied that the Patent was invalid and alleged that the Patent was infringed.


    • Copyrights



      • Dear EU Politicians: You Really Don't Have To Wreck The Internet
        As you'll recall, back in September, the EU Parliament voted to approve a draft of the EU Copyright Directive, despite it including a bunch of very problematic pieces -- mainly Article 13's mandatory filters and Article 11's snippet tax. What the EU Parliament approved was not the same as what the EU Council of member states had approved, nor what the EU Commission had approved, so now those three bodies have been working on a "trilogue" process to sync up the various versions and come up with a master version that will have to be approved again by all three institutions. There has been a lot of activity in the past few weeks -- and Italy's change of government has made things a bit interesting.



      • Piracy Debt Collectors Back Off After Massive Backlash in Finland

        Opponents of copyright trolling efforts in Finland scored a major victory last week. A local debt collection company, which came under fire after going after individuals with unpaid settlement letters, has announced that it has withdrawn from the piracy debt collection business.









Recent Techrights' Posts

"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
 
Links 13/10/2024: Science, Politics, and Some Gemini
Links for the day
Links 13/10/2024: Writing, Remembering John Wheeler, Voice Cloning
Links for the day
Certificate Authority Let's Encrypt Falls to 0.7% in Geminispace (It Was Around 12% Just 2 Years Ago and 7.5% This Past February)
Let's Encrypt is down again
Gemini Links 13/10/2024: Self-hosting Snac2 and Invasion of e-ink
Links for the day
SDxCentral, which the Linux Foundation Paid to Produce Marketing SPAM, Has Now Become Slop (LLM Spew) Disguised as 'Articles'
Google should delist it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 12, 2024
IRC logs for Saturday, October 12, 2024
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024
Gemini Links 11/10/2024: Against Cynicism, on Atheism, and Dropping Off The Internet
Links for the day
IBM Employees Smell Another Wave of Mass Layoffs (and Explain the Signs)
IBM currently has the policy of hiding the layoffs from shareholders and from the press using NDAs
Links 11/10/2024: Lots More Censorship and Growing Concerns About Health Impact of Social Control Media
Links for the day
Going Almost 4.5 Decades Back to Find 'Dirt' on a Person
That incident was 42.5 years ago. Is that how far some people would go in an effort to discredit a person?
XBox is Dead. This is Just the Beginning.
the main reason Microsoft bought Activision/Blizzard was to hide the growing losses and failure of XBox
The Risk to the "Linux" Brand
Brands that are not guarded from misuse/abuse will inevitably lose their original meaning and their value
Gemini Links 11/10/2024: Deploying Common Lisp Programs and Examining FreeBSD
Links for the day
Links 11/10/2024: Discord Still Blocked in Turkey, Google Might be Split
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 10, 2024
IRC logs for Thursday, October 10, 2024