Bonum Certa Men Certa

Links 20/12/2018: Skrooge 2.17.0, Linux Mint 19.1, HardenedBSD 12

GNOME bluefish



Free Software/Open Source

  • Lessons in Vendor Lock-in: Messaging
    Is messaging really so complicated that you need five different messaging apps on your phone? Discover the reasons behind messaging vendor lock-in.

    One of the saddest stories of vendor lock-in is the story of messaging. What makes this story sad is that the tech industry has continued to repeat the same mistakes and build the same proprietary systems over the last two decades, and we as end users continue to use them. In this article, I look at some of the history of those mistakes, the lessons we should have learned and didn't, and the modern messaging world we find ourselves in now. Along the way, I offer some explanations for why we're in this mess.

  • How to open source your Python library
    You wrote a Python library. I'm sure it's amazing! Wouldn't it be neat if it was easy for people to use it? Here is a checklist of things to think about and concrete steps to take when open sourcing your Python library.

  • Open source confronts its midlife crisis

    So it seemed like only a matter of time before the companies built around open source software would have to confront their own crisis of confidence: open source business models are really tough, selling software-as-a-service is one of the most natural of them, the cloud service providers are really good at it — and their commercial appetites seem boundless. And, like a new cherry red two-seater sports car next to a minivan in a suburban driveway, some open source companies are dealing with this crisis exceptionally poorly: they are trying to restrict the way that their open source software can be used. [...]

  • Events

    • All the News from the OpenShift Commons Gathering at Kubecon Seattle
      The OpenShift Commons Gathering at KubeCon Seattle, last week, was packed with information on the past, present and future of Red Hat OpenShift in all its forms. Over 350 people from over 115 companies from around the world to gathered at the event and hear about the future of the platform. The event even included the first live demo of Red Hat OpenShift 4.0, which is currently in development.

      This was the first time the outside world got a glimpse of the OpenShift 4.0 platform in action. The goal for the platform, said Derek Carr, senior principal software engineer at Red Hat, is similar to the original goal of Kubernetes. While Kubernetes was built to enable a 10 fold increase in the velocity of application operations, the goal of OpenShift 4.0 is to provide a 10 fold increase in velocity for Kubernetes-based operations.

    • An introduction to Python and containers: 6 conference talks you may have missed

  • Web Browsers

    • Chrome

      • Chrome OS 71 Adds Fingerprint Authentication, Android P Support to Pixel Slate
        After promoting the Chrome 71 web browser to the stable channel earlier this month, Google has updated the Chrome OS operating system for Chromebook devices to version 71. Chrome OS 71 is now the most stable and advanced version of the Linux-based operating system that powers Chromebook devices of all sizes and shapes, and it brings quite a bunch of improvements and new features, especially to newer models, such as Google's Pixel Slate tablet that rivals most Android and iOS-powered tablets.

      • Chrome 72 Beta Deprecates TLS 1.0/1.1, Steps Towards Deprecating FTP
        Google has rolled out the public beta of the Chrome 72 web browser across all supported platforms. This is a sizable feature release that also packs its share of deprecations.

    • Mozilla

  • LibreOffice

    • Coming up on December 20: Next C++ workshop
      Improve your C++ skills! Last week, we had a workshop covering an introduction to the language, and looking at functions and strings. Participants watched a couple of presentation videos, and then had the opportunity to put questions to experienced LibreOffice developers.

    • Save the bibliography?
      LibreOffice has the capability to add references to a document and finally a bibliographical index, which is essential for scientific publications. The style of references depend on the journal and the discipline. So it is common to just add numbers in square brackets like [1] in engineering whereas humanities show name and year like (author, year). And finally the formatting of the bibliographical index is a science itself. LibreOffice can handle this to some extend but not in a nice and convenient way.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • FreeBSD ZFS File-System Code To Be Re-Based Over ZFS On Linux
      With ZFS On Linux (ZOL) being more actively developed than the ZFS file-system code within the OpenSolaris-derived Illumos kernel, FreeBSD will be transitioning their ZFS file-system kernel driver to be based on ZOL.

      Particularly with Delphix moving their ZFS code to be based upon ZOL rather than the Illumos kernel tree, that ZFS code isn't being maintained as well as ZOL. As a result, the FreeBSD ZFS maintainers have decided to transition to ZOL -- and the upstream ZOL developers are willing to allow FreeBSD support directly within ZOL as a single shared code-base.
    • FreeBSD vs Linux: 20 Things To Know About Both The System
      If you’re an avid Linux system user like me or are working as a sysadmin for managing company networks, chances are you’ve stumbled at least once with terms like FreeBSD and BSD. So, what are these and what is their significance? In this guide, we’ll cover the differences between FreeBSD vs Linux thoroughly, and will also highlight their similarities at the same time. Overall, our objective is to enlighten our readers about the different variations of the infamous Unix systems and how they are categorized. Stay tuned throughout this guide to learn more about these legacy systems in order to choose the right one for your job.

    • HardenedBSD 12 Released With Jailed Bhyve, Disables SMT By Default
      While FreeBSD tends to be pretty good about security by default, the HardenedBSD downstream derivative is out with their latest release based upon FreeBSD 12.

      In addition to re-basing against upstream FreeBSD 12.0-RELEASE, the inaugural stable release of HardenedBSD 12 adds Non-Cross-DSO CFI, introduces support for jailed Bhyve virtualization, per-jail toggles for unprivileged process debugging, enables Spectre V2 mitigation with Retpolines by default, disables SMT/HT by default, makes greater use of the LLVM compiler toolchain components, and for increasing performance its applications are now built with link-time optimizations (LTO).

    • Stable release: HardenedBSD-stable 12-STABLE v1200058
      The first public release of hardened/12-stable/master branch, which contains lots of security improvements over 11-STABLE.

    • HardenedBSD 12 released
      HardenedBSD has released version 12 of its security-enhanced fork of FreeBSD. Improvements in this release include Non-Cross-DSO Control-Flow Integrity (CFI) for applications on amd64 and arm64; jailed bhyve; per-jail toggles for unprivileged process debugging; Spectre v2 mitigation with retpoline applied to the entirety of base and ports; Symmetric Multi-Threading (SMT) disabled by default; and more.


    • sed-4.6 released [stable]
      This is to announce sed-4.6, a stable release.

      There have been 52 commits by 6 people in the 38 weeks since 4.5.

      See the NEWS below for a brief summary.

      Special thanks to Assaf Gordon for doing so much of the work. Thanks to everyone else who has contributed!

    • GNU Sed 4.6 Released With Better Write Performance
      GNU Sed 4.6 is worth mentioning since now by default it uses fully-buffered output rather than line-buffered outputs in writing to files. This should "noticeably improve performance" for the common sed -i commands and other Sed configurations when writing out to files. The previous behavior though can be used if desired by the -u switch.

    • GCC Is Still Months Away From Transitioning To Git, Reposurgeon Being Ported To Golang
      2018 sadly wasn't the year that the GNU Compiler Collection (GCC) transitioned to a Git workflow for developing this flagship open-source compiler... But Eric S Raymond does continue making progress on being able to convert the GCC tree from SVN to Git.

      Back during the summer Eric S Raymond said the Git transition was being held up by RAM prices, in particular needing more DDR4 in his main workstation with 64GB not being enough for his software to convert the massive SVN tree to Git. And that's when he said his system with more RAM would work out better than using a public cloud, the GCC build infrastructure, or other alternatives to quickly access more computing resources with greater amounts of RAM to handle this conversion of the revision control system.

    • Support GNU Guix!
      A little over six years ago, the GNU Guix project was announced. Since that first email, the project and the community gathering around Guix have grown steadily.

      Around 265 people have collectively contributed tens of thousands of commits to the project. In the past year alone, we have received close to 11,000 commits. More than 8,700 packages are now available, and Guix is supported on five different CPU architectures. Guix has made inroads in the field of scientific computing, and we have been able to secure institutional support for parts of our build farm providing binary substitutes to users. As a welcoming community, you have spent countless hours introducing Guix to new users, to help them when they experienced bugs, and to remove those bugs from Guix.

      In addition to all of that, your generous financial contributions in the past year have been instrumental in bootstrapping and maintaining our new build new farm, for which we experimented with hardware that has been stripped of Intel's Management Engine, and which is running Libreboot instead of a proprietary BIOS. While it turned out to be not quite as simple as we had expected, we have learned valuable lessons from this experience. Your contributions have also paid for server hosting fees, for hardware replacement and maintenance costs, and for additional ARM build hosts.

  • Public Services/Government

    • Canton of Bern removes barriers to sharing its software as open source

      Rules and regulations were one of the barriers to sharing the source code of software solutions, the canton explains in a press release. The existing rules allowed sharing, but this permission was made crystal clear in the ICT regulations approved in January this year.

      This encouraged the IT department to offer tools that make it easy for the canton’s public services to share their code. The IT department created a page for the canton on GitHub, a popular platform for sharing source code.

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • MIPS Goes Open Source

        Since 2000, 8.5 billion chips based on MIPS cores have been shipped, according to Swift. A broad range of customers are sticking with MIPS, including Microchip, Mobileye (now an Intel company), MediaTek, and Denso, Japan’s leading tier one.

        Although commanding consistent respect among engineers, MIPS — whose ownership has been anything but stable — has struggled to build its ecosystem and generate momentum. MIPS trails far behind Arm today. Wave’s goal is to reverse a trend that looked for a long time like a downward spiral for MIPS. `

      • MIPS chip architecture is going open source

        Wave Computing says it plans to “open source its MIPS instruction set architecture (ISA)” to make it easier for chip makers, developers, and researches to use the chip designs for their projects.

        The MIPS Open program will allow participants to access “the most recent versions of the 32-bit and 64-bit MIPS ISA free of charge — with no licensing or royalty fees.” Users will also be covered by hundreds of patents owned by MIPS.

      • MIPS Processor ISA To Be Open-Sourced In 2019

        The MIPS ISA will be open-sourced with both the 32-bit and 64-bit versions opening up and will be free of any licensing or royalty fees as well as access to existing MIPS patents.

      • Wave Computing Launches the MIPS Open Initiative to Accelerate Innovation for MIPS Architecture

        Wave Computing, the Silicon Valley company that is accelerating artificial intelligence (AI) from the edge to the data center, announced it will open source its MIPS instruction set architecture (ISA) to accelerate the ability for semiconductor companies, developers and universities to adopt and innovate using MIPS for next-generation system-on-chip (SoC) designs. Under the MIPS Open program, participants will have full access to the most recent versions of the 32-bit and 64-bit MIPS ISA free of charge – with no licensing or royalty fees. Additionally, participants in the MIPS Open program will be licensed under MIPS’ hundreds of existing worldwide patents.

      • The LibreRouter project aims to make mesh networks simple and affordable
        In the city, we’re constantly saturated with the radio waves from 10 or 20 different routers, cell towers and other wireless infrastructure. But in rural communities there might only be one internet connection for a whole village. LibreRouter is a hardware and software project that looks to let those communities build their own modern, robust mesh networks to make the most of their limited connectivity.

        The intended use case is in situations where, say, a satellite or wired connection terminates at one point, the center of an area, but the people who need to use it live nearby — but well outside the hundred feet or so you can expect a Wi-Fi signal to travel. Often in such a case it’s also prohibitively expensive to run more wires or install cellular infrastructure.

  • Programming/Development

    • Dillinger – An AngularJS Powered Online HTML5 Markdown Editor
      Dillinger is a cloud-enabled Markdown editor which is free to use. Its simple and modern interface will make you feel more comfortable to work with. If you are a beginner and looking for a tool that will allow you to convert your Markdown text to HTML or HTML to Markdown easily then here you have Dillinger. What you need to do is just write your text or drop your file in the left window there then select the format you want it to be converted, and you will see it has been converted to the chosen format in the right window.

    • The Servo Blog: This Week In Servo 121
      Our roadmap is available online, including the overall plans for 2018.

    • Tools in the 2018 edition
      Tooling is an important part of what makes a programming language practical and productive. Rust has always had some great tools (Cargo in particular has a well-deserved reputation as a best-in-class package manager and build tool), and the 2018 edition includes more tools which we hope further improve Rust users' experience.

      In this blog post I'll cover Clippy and Rustfmt – two tools that have been around for a few years and are now stable and ready for general use. I'll also cover IDE support – a key workflow for many users which is now much better supported. I'll start by talking about Rustfix, a new tool which was central to our edition migration plans.

    • 2018 Malcolm Tredinnick Memorial Prize Nominations
      It is that time of year again when we recognize someone from our community in memory of our friend Malcolm.

      Malcolm was an early core contributor to Django and had both a huge influence and large impact on Django as we know it today. Besides being knowledgeable he was also especially friendly to new users and contributors. He exemplified what it means to be an amazing Open Source contributor. We still miss him.

    • Dynamic function creation at run time with Python's exec built-in

    • Django 2 Ajax CRUD with Python 3.7 and jQuery

    • A Pythonista's Holiday Wish List

    • The Fastest Growing Programming Languages In 2018, According To GitHub [Ed: Stop measuring everything Free software based on one single site of Microsoft (which attacks Free software)]

    • Eclipse Che 7 is Coming and It’s Really Hot (1/4)
      A better plugin model, a new IDE, and Kubenative Workspaces — Eclipse Che Is on Fire !

    • The modern programmer: 10 must-read articles from this year
      Programming is about languages, of course, but also much more. Along with good languages, programmers need toolsets to support coding: software development kits (SDKs), command-line utilities for source-code inspection and even editing, package managers, repositories targeted at developers, and so on. The ten articles listed below cover programming in this broad sense.

    • Python Qt5 - application with QML file.
      The PyQt5 includes QML as a means of declaratively describing a user interface and is possible to write complete standalone QML applications.
    • This Week in Rust 265

    • How to Develop Web Applications on Alibaba Cloud with Django Framework
      The demand in business applications is growing fast and developers are facing many challenges such as evolutivity, scalability, and re-usability. In order to satisfy business needs, developers around the world need to create new tools that will help them solve the above presented challenges.

    • Facebook Releases HHVM 3.30 As The Final Version Officially Supporting PHP
      While Facebook's HHVM "HipHop Virtual Machine" project was born as a faster PHP implementation, with PHP7 offering significant upstream performance improvements and Facebook pursuing their own Hack programming language implementation with HHVM, the v3.3.0 release is the last release officially focusing on PHP language support.

    • HHVM 3.30

    • Pandas Library for Data Visualization in Python
    • Eclipse Foundation Drives $9 Billion in Open Source Innovation

      The Eclipse Foundation, the platform for open collaboration and innovation, finishes the year 2018 driving innovation through open source in a wide range of global initiatives, including Internet of Things, Java runtimes, GeoSpatial, Automotive, Model-based engineering, IDEs, and emerging technologies. Serving as a platform enabling open collaboration for the world’s new digital economy -- managed by an efficient staff of just 30 full-time professionals -- the Eclipse Foundation now boasts oversight of more than 360 projects and 1,550+ code committers who have contributed more than 162 million lines of code to date with a estimated software value of approximately $9 billion.

    • Announcing: Weekly Python Exercise, Newbie Edition
      Since I launched it 18 months ago, three cohorts of students have participated in Weekly Python Exercise — receiving a new Python challenge via e-mail every Tuesday, and the solution the following Monday. Students had access to our exclusive forums, and traded ideas, solutions, and techniques with one another. Some attended my live, video office hours, when I answered Python questions that they might have.
    • Forecasting with Random Forests
      When it comes to forecasting data (time series or other types of series), people look to things like basic regression, ARIMA, ARMA, GARCH, or even Prophet but don’t discount the use of Random Forests for forecasting data.

      Random Forests are generally considered a classification technique but regression is definitely something that Random Forests can handle.

    • RSA with one shared prime
    • Installing Python and virtualenv on OSX
      Every time I need to install Python on OSX or whenever a colleague asks for help, I have to search fo the most updated instructions on Google, and every time I find different ways of doing the exact same thing.

      Tired of this, I decided to write down my own notes. Please note that I don't claim this to be the best way of installing Python on OSX. It works fine for me so use it at your own risk.
    • 4 Strategies to Deal With Large Datasets Using Pandas
      Every data scientist knows that data pre-processing and feature engineering is paramount for a successful data science project. Often, however, these steps are time-consuming and involve you waiting for computations to finish, keeping you from creating that awesome model. In this post we will look at a few tricks that intend to speed up your pandas data-crunching workflows by enabling Pandas to use your machine in an optimal way.

    • How to Write Beautiful Python Code With PEP 8
      PEP 8, sometimes spelled PEP8 or PEP-8, is a document that provides guidelines and best practices on how to write Python code. It was written in 2001 by Guido van Rossum, Barry Warsaw, and Nick Coghlan. The primary focus of PEP 8 is to improve the readability and consistency of Python code.

    • The game is ready for upload
      Welcome to the final chapter of this pygame project where we have finally concluded the pygame project which has been ongoing for some time already.
    • PyPI Security and Accessibility Q1 2019 Request for Proposals Update
    • Eclipse Che 7 is Coming and It’s Really Hot (2/4)
      Eclipse Che is a great platform to build cloud-native tools. For Eclipse Che to be successful in its mission, it requires a strong extensibility model with an enjoyable developer experience for contributors.

      In the past, Eclipse Che’s extensibility was focused on white-labelling use cases. ISVs were able to customize Eclipse Che, building their own version by completely customizing it and distributing it to their own audiences. While that extensibility approach has been great for many partners, it has always been seen as complex, with a technology stack (especially GWT in the IDE) which resulted in a non-optimal developer experience. The lack of a dynamic extensibility also forced a Che Plugin to be packaged in a “Che assembly” in order to make it available to end users. There was no way to quickly build a plugin, package it so that it could be installed in a running Che and make it available without rebuilding all of Che.

      To address these issues we’ll be phasing out the GWT-based IDE in favour of another open Eclipse Foundation IDE project: Eclipse Theia. As introduced earlier, Eclipse Theia is a framework to build web IDEs. It is built in TypeScript and will give contributors a more enjoyable experience with a programming model that is more flexible and easier to use, and makes it faster to deliver their new plugins.

      Our main goal is to provide a dynamic plugin model. In Che, a user shouldn’t need to worry about the dependencies needed for the tools running in their workspace — they should just be available when needed. This means that a Che plugin provides its dependencies, its back-end services (which could be running in a sidecar container connected to the user’s workspace), and the IDE UI extension. By packaging all these elements together, the user’s impression is that Che “magically” provided language services and the developer tooling they need for their workspace.
    • Open a picture with pillow module
    • PyCharm 2018.3.2
      PyCharm 2018.3.2 is now available. This version comes with a couple of small improvements. Get it now from our website.
    • Why isn’t it their job
      Bruce Lawson has written a rather nice description of the practical value of semantic HTML, and you should read it, especially if you’re a full-stack developer who feels that HTML is the super-easy part of your toolkit and the components are the most important. But there’s one extra argument I’d like to add to his list; less important than some of the others, but a different nuance.

    • How to Use JWT Authentication with Django REST Framework
    • Concurrent download with hashin without --update-all
    • Data Science is Festive: Christmas Light Reliability by Colour
    • Why Data Scientists Love Kubernetes
      This talk will introduce the workflows and concerns of data scientists and machine learning engineers and demonstrate how to make Kubernetes a powerhouse for intelligent applications. We’ll show how community projects like Kubeflow and support the entire intelligent application development lifecycle. We’ll cover several key benefits of Kubernetes for a data scientist’s workflow, from experiment design to publishing results. You’ll see how well scale-out data processing frameworks like Apache Spark work in Kubernetes. System operators will learn how Kubernetes can support data science and machine learning workflows. Application developers will learn how Kubernetes can enable intelligent applications and cross-functional collaboration. Data scientists will leave with concrete suggestions for how to use Kubernetes and open-source tools to make their work more productive.

    • New public course on Successfully Delivering Data Science Projects for Feb 1st
      During my Pythonic data science team coaching I see various problems coming up that I’ve helped solve before. Based on these observations and my prior IP design and delivery for clients over the years I’ve put together a 1 day public course aimed at data scientists (any level) who want to be more confident with lower-risk approaches to delivering data science projects.

      Successfully Delivering Data Science Projects runs on Friday February 1st 2019, early bird tickets have sold out, a handful of regular tickets remain (be quick). This course suits any data scientist who has discovered just how vague and confusing a research to deployment project can be, who’d like to be more confident in their plans and outcomes.

    • Python Qt5 - complex QML file.

  • Standards/Consortia


  • HQ Trivia and Vine co-founder dead at 34

    A New York Police Department spokesman told Ars that Kroll died of a drug overdose.

  • Colin Kroll, 34, HQ Trivia and Vine Co-Founder, Is Found Dead

    Colin Kroll, the co-founder and chief executive of the popular app HQ Trivia, was found dead on Sunday, apparently of a drug overdose, at his home in Lower Manhattan. He was 34.

  • Top 5 Reasons Great Tech Talent Quits
    Continually ask yourself, “How much is too much?” when it comes to your employees. Good employees often get more and more responsibility and may be asked to do things outside of the norm, like handling big problems over a weekend or being expected to answer management ASAP, even when they specifically asked off. Small projects can balloon into a big mess due to stakeholders or bad project management, which can double or triple the work they need to do, and then they get blamed when the work isn’t working. Employees who feel overworked and undervalued may quit in search of a more balanced opportunity.

  • Science

    • These faces show how far AI image generation has advanced in just four years

      In the image above you can see what four years of progress in AI image generation looks like. The crude black-and-white faces on the left are from 2014, published as part of a landmark paper that introduced the AI tool known as the generative adversarial network (GAN). The color faces on the right come from a paper published earlier this month, which uses the same basic method but is clearly a world apart in terms of image quality.

      These realistic faces are the work of researchers from Nvidia. In their paper, shared publicly last week, they describe modifying the basic GAN architecture to create these images. Take a look at the pictures below. If you didn’t know they were fake, could you tell the difference?

    • How the internet imperils good citizenship

      The online culture of instant gratification robs us of the endorphins normally produced of effort and endurance

    • The Yoda of Silicon Valley

      He is the author of “The Art of Computer Programming,” a continuing four-volume opus that is his life’s work. The first volume debuted in 1968, and the collected volumes (sold as a boxed set for about $250) were included by American Scientist in 2013 on its list of books that shaped the last century of science — alongside a special edition of “The Autobiography of Charles Darwin,” Tom Wolfe’s “The Right Stuff,” Rachel Carson’s “Silent Spring” and monographs by Albert Einstein, John von Neumann and Richard Feynman.


      “I am worried that algorithms are getting too prominent in the world,” he added. “It started out that computer scientists were worried nobody was listening to us. Now I’m worried that too many people are listening.”

    • Computing pioneer Evelyn Berezin died this week—she should be remembered

      Computing pioneer Evelyn Berezin died at 93 this week. She was most known as the designer of the first true word-processing computer. But she designed many other innovative computing systems and helmed Redactron Corporation, a company that helped transform offices by producing and distributing her word-processor device.

  • Hardware

    • Samsung Dominates Over The OLED Market With A Whooping 93.3% Market Share
      OLED Displays have become an integral part of the mobile industry. There are a number of notable advantages of using OLED displays over normal LCDs. That includes, vibrant colors, thinner display module, lesser power consumption and greater contrast ratio.

      In a report recently released by market research firm IHS Markit, in the third quarter of 2018 OLED displays dominated over 61 percent of the global market for smartphone displays (by revenue). Samsung was dominating the market in the period between July and September 2018 with a market share of 93.3%.

    • Samsung rules the OLED display market with a 93.3 percent share
      Samsung’s bet with the OLED display technology is paying off big time. According to a report released by market research firm IHS Markit, the OLED panels accounted for more than 61 percent of the global market for smartphone displays (by revenue) in the third quarter of 2018. Samsung held 93.3 percent of the entire market during the three month period between July and September 2018.

  • Health/Nutrition

    • Will the Supreme Court Overturn Roe v. Wade After All?
      The decision drew a dissent from three conservative justices, Clarence Thomas, Neil Gorsuch and Samuel Alito, who suggested that the court was ducking the cases because they involved Planned Parenthood and touched on abortion. But, intriguingly, the court’s two other conservatives, Chief Justice John Roberts Jr. and the court’s latest member, Brett Kavanaugh, sided with the court’s liberals in rejecting the case.

      What are we to make of it?

      It’s not easy to read the tea leaves here because the cases didn’t pose a direct challenge to the constitutionality of abortion restrictions. Instead, they centered on whether those states could exclude Planned Parenthood from providing contraception and other health services in the Medicaid program. Those states object to Planned Parenthood providing access to abortion outside Medicaid, which does not cover the procedure. Had the court accepted the states’ arguments, tens of thousands of indigent women could have lost the health care they receive from the group.

  • Security

    • Security updates for Monday

    • FreeBSD wget cannot verify certificate, issued by Let’s Encrypt

    • I don't think it's going to end well: Bruce Schneier on encryption law

      Australian law enforcement agencies have pushed for the encryption law which passed on 6 December because they don't know that there is no need for access to encrypted content in order to solve crimes, world-renowned security technologist Bruce Schneier says.

    • [Older] Warnings As Destructive 'Shamoon' Cyber Attacks Hit Middle East Energy Industry

      Though the malware has already been named as a version of Shamoon, sources in the cybersecurity industry have cautioned against attributing it to Iran. It’s unclear whether it’s the original creators of Shamoon or some other nation state trying to implicate Iran as part of a flase flagging operation, said one source who’d been actively responding to the incident. (Multiple sources were granted anonymity for this story as they weren’t permitted to go on record by their employers.)

    • The Iran [Cracks] Cybewrsecurity Experts Feared May Be Here

      Researchers who have tracked Shamoon for years say that the new variant has similarities to its predecessors, which were attributed to Iranian state-sponsored hackers. This doesn't definitively mean that this new malware was created by the same actor, but so far analysts say that the new Shamoon attacks recall past assaults.

    • Yet Another NASA Computer Break In. Employee Data May Be Affected

      "On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored. After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised. Upon discovery of the incidents, NASA cybersecurity personnel took immediate action to secure the servers and the data contained within. NASA and its Federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals. This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any Agency missions were jeopardized by the cyber incidents."

    • We Broke Into A Bunch Of Android Phones With A 3D-Printed Head

      Anyone worried about anyone having their device compromised with a fake head, either through our method or others', should perhaps consider not using facial recognition at all. Instead, use a strong alphanumeric passcode, recommended Matt Lewis, research director at cybersecurity contractor NCC Group.

    • Android facial recognition can be [cracked] with a 3D-printed model head

      As the world still tries to find a really good alternative to passwords, there's bad news for those that thought that facial recognition was the key, after a journalist from Forbes was able to fool most phones with a 3D printed head.

    • A Chief Security Concern for Executive Teams

      KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Only a little more than a third even listed a CTO in their executive leadership pages.

      The reality among high-tech firms that make up the top 50 companies in the NASDAQ market was even more striking: Fewer than half listed a CTO in their executive ranks, and I could find only three that featured a person with a security title.

    • Twitter’s Support Form Hit By Data Breach; State-Sponsored Actors Suspected
      Twitter today announced that the platform’s support form had been hit by a data breach exposing user data to IP addresses from Saudi Arabia and China.

      The leaked data contains the country codes of the phone numbers linked to users’ accounts. In an official statement, the social media platform said that phone numbers and other confidential user data had not been exposed in the attack.

    • Chkrootkit Linux/Ebury message - What now?
      Occasionally, I test the few security tools that exist in Linux distributions, to see what they offer and whether they really have merit. One such tool is Chkrootkit, and so far, I've reported not one but two false positives over the years - including lkm warning and suckit infected message. And now I've stumbled upon another dud, and this is one called Linux/Ebury - Operation Windigo.

      I came across this result while testing the Ubuntu-based Robolinux 9.3, and given its strong focus on security, the finding is doubly alarming. But as I suspected right away, it seems to be another false positive, and so I did a little more testing and checking. Let me show you what gives.

    • Reproducible Builds: Weekly report #190

    • Google Chrome Is Working To Prevent Back Button Hijacking In Browser
      We all have been in a situation where we are stuck on a shady website that hits us with a barrage of ads and suspicious content. And no matter how many times you hit the back button, you remain trapped.

      This annoying issue is called “history manipulation” which is done by websites to prevent from you going back to the original page where you began.

    • 5 Dedicated Server Security Vulnerabilities and How to Troubleshoot Them

    • Pivoting the Network
      Pivoting is the unique technique of using an instance (also referred to as a ‘plant’ or ‘foothold’) to be able to move around inside a network. Basically using the first compromise to allow and even aid in the compromise of other otherwise inaccessible systems. In this scenario we will be using it for routing traffic from a normally non-routable network.

      For example, we are a pentester for Security-R-Us. You pull the company directory and decide to target a user in the target IT department. You call up the user and claim you are from a vendor and would like them to visit your website in order to download a security patch. At the URL you are pointing them to, you are running an Internet Explorer exploit.

    • Security updates for Tuesday

    • Security updates for Wednesday

    • On the first day of Christmas, Microsoft gave to me... an emergency out-of-band security patch for IE
      Microsoft today emitted an emergency security patch for a flaw in Internet Explorer that hackers are exploiting in the wild to hijack computers.

      The vulnerability, CVE-2018-8653, is a remote-code execution hole in the browser's scripting engine.

      Visiting a malicious website abusing this bug with a vulnerable version of IE is enough to be potentially infected by spyware, ransomware or some other software nasty. Thus, check Microsoft Update and install any available patches as soon as you can.

      Any injected code will run with the privileges of the logged-in user, which is why browsing the web using Internet Explorer as an administrator is like scratching an itch with a loaded gun.

  • Defence/Aggression

    • Saudi Arabia rejects Senate position on Khashoggi killing

      The statement was released after the Senate passed a resolution via voice vote last week holding bin Salman responsible for the death of Khashoggi, who was killed after entering the Saudi consulate in Istanbul on Oct. 2.

    • Saudi Arabia rejects U.S. Senate position on Khashoggi: statement

      The U.S. Senate delivered a rare double rebuke to President Donald Trump on Saudi Arabia last week, voting to end U.S. military support for the war in Yemen and blame the Saudi crown prince for the murder of journalist Khashoggi.

    • Will Anger in Washington Over the Murder of Khashoggi End the War in Yemen?
      The number of people killed fighting in the war in Yemen jumped to 3,068 in November, the first time it has exceeded the 3,000 mark in a single month since the start of the four-year conflict. This is about the same number as were being killed in Iraq at the height of the slaughter there in 2006.

      The difference is that the Iraqis were not starving to death as is happening in Yemen. Aid organisations have long warned of mass starvation as 14 million hungry people are on the verge of famine, according to the United Nations. In a ruined economy, many Yemenis do not have the money to buy the little food that is available.

      But at the last moment, just as millions of Yemenis were being engulfed by the crisis, a final calamity may have been averted.

    • Mass nationwide protests bring Togo to the brink of ending 50 years of dictatorship
      Hundreds of thousands took to the streets of cities across the West African country of Togo on December 8, as part of a recently revived wave of nationwide protests demanding political reforms. At the center of their demands is the reinstatement of the 1992 constitution, which included a two-term limit on the presidency before being stripped away by former president Eyadéma Gnassingbé, father of current president Faure Gnassingbé.

      Mass protests first erupted in August 2017, forcing the government into internationally-moderated negotiations, which — in an attempt to resolve the decades-long political crisis — led to the reinstatement of the two-term limit. However, outrage was soon reignited when it was discovered that past presidential terms would not apply, thereby allowing Faure Gnassingbé — already in his third term — to run for president in 2020 as if it were his first time. Negotiations broke down soon after that, leading to the revival of protests last month.

      “Nobody is willing to take that in Togo,” said Togolese Civil League executive director Farida Nabourema. “After 51 years of the Gnassingbé, asking us to give them an additional 10 years, starting 2020, is basically asking us to commit suicide. It’s something we cannot let happen, and it’s the reason we are back on the streets.”

      After first allowing protests in pre-approved zones, the government outright banned large demonstrations before the December 8 mobilization. When upwards of 500,000 people turned out in Lomé, the capital city, the regime deployed heavy military force, wounding dozens of civilians and killing at least three — including an 11-year-old boy.

      A coalition of 14 opposition parties, known as C14, have been one of the major forces driving the protests and what’s known as the Faure Must Go movement. Since negotiations with the government ended last month, they have called for the cancellation of the legislative elections on December 20 and urged their members not to participate. According to movement leaders, the government has been engaging in voter fraud — by enrolling minors, as well as disenfranchising eligible voters through coercive tactics — in preparation for Faure Gnassingbé’s 2020 presidential bid.

    • “Alexa, Drop a Bomb”: Amazon Wants in on US Warfare
      Amazon is seeking to build a global “brain” for the Pentagon called JEDI, a weapon of unprecedented surveillance and killing power, a profoundly aggressive weapon that should not be allowed to be created.

      Founded in 1994 as an online book seller, Amazon is now the world’s largest online retailer, with more than 300 million customers worldwide, and net sales of $178 billion in 2017.

      Amazon has built a vast, globally distributed data storage capacity and sophisticated artificial intelligence programs to propel its retail business that it hopes to use to win a $10 billion Pentagon contract to create the aforementioned “brain” that goes by the project name Joint Enterprise Defense Infrastructure, a moniker obviously concocted to yield the Star Wars acronym — JEDI.

      As of the October 12, 2018, deadline for submitting proposals for JEDI, Amazon is the betting favorite for the contract, which will go to just one bidder, in spite of protests by competitors, chief among them Microsoft and IBM. The Pentagon appears likely to select a winner for the contract in 2019.

  • Transparency/Investigative Reporting

    • The Intelligence Community's Official Whistleblower Channel Is Going To Start Hunting Down Leakers

      The Inspector General for the Intelligence Community is finally implementing long-resisted whistleblower-related reforms. The IG has previously buried reports indicating whistleblowers were being greeted with retaliation for going through the proper channels. Despite this, government officials continue to claim the only whistleblowers they'll recognize are those who use the internal options -- options that allow the government to control the narrative and, in many cases, do as little as possible to address complaints.

  • Environment/Energy/Wildlife/Nature

    • Climate in the Courts
      We have a bit of internal conflict within the federal government these days, to put it mildly. On the one hand, there’s our climate-denying president, not to mention a solidly red Senate that’s not exactly jumping at the chance to take action on climate change. On the other, we have a now blue House of Representatives, and the 13 federal agencies that in late November issued the country’s Fourth National Climate Assessment, a grim report on how climate change is already impacting the daily lives of Americans. And then we have the courts, which have become battlefields for many a climate fight these days, as youth sue the federal government, cities sue oil companies, and nonprofits sue, well, both, in an effort to move the bar forward on climate action.

    • Until We Confront Capitalism, We Will Not Solve the Climate Crisis
      International climate negotiations have failed to curb runaway greenhouse gas emissions since the first UN treaty on emission reductions was adopted in 1992. Consumer-focused solutions to climate change such as eating less meat or reducing food mileage, though important, simply won’t be enough to address the systemic nature of the crisis. So what needs to be done to halt global warming? Truthout spoke to Simon Pirani about his newest book, Burning Up: A Global History of Fossil Fuel Consumption, and the prospects for transitioning to a post-fossil fuel world.

  • Finance

    • Millennials Don’t Love Capitalism but Can’t Stop Using Amazon

      “But there are consequences for that,” he added. He imagined, with dread, a retail landscape in which Amazon was one of very few options—if not the only one. He also decried Amazon’s pervasiveness in his city’s landscape: Even before the company’s Long Island City “HQ2” move, delivery trucks filled with Amazon boxes, or apartment hallways littered with the same, were practically inescapable. (It should be noted that Brickel, too, has watched the aforementioned Patriot Act episode.)

    • "It's About the Students!" 50,000 LA Teachers Join Protest, Accusing District of Hoarding Funds Instead of Investing in Schools
      Los Angeles teachers set out to provide a "show of force" on Saturday, with tens of thousands rallying in the city's downtown area to illustrate the power in their numbers, ahead of a potential strike next month.

      The city's teachers' union, United Teachers Los Angeles (UTLA), has been embroiled in contract negotiations with the school district for 18 months, with union leaders rejecting the district's latest offer of a three percent retroactive raise starting from July 2017. The teachers are demanding a 6.5 percent raise as well as smaller class sizes and more school support staff.

  • AstroTurf/Lobbying/Politics

    • Russian Trolls Came for Instagram, Too

      In the wake of the 2016 election, Instagram — known as the home of preening influencers, artfully arranged grain bowls and Icelandic vacation photos — somehow escaped much of the scrutiny of other social networks.

      But two new reports suggest that may have been a mistake. The reports, conducted by independent groups and released by the Senate Intelligence Committee on Monday, concluded that Instagram — which is owned by Facebook — became a favored tool of Russian internet trolls after the 2016 election.

    • Facebook, Twitter and YouTube Withheld Russia Data, Reports Say

      The tech companies’ foot-dragging was described in a pair of reports that the Senate Intelligence Committee published on Monday, in what were the most detailed accounts to date about how Russian agents have wielded social media against Americans in recent years.

    • How Russian Trolls Used Meme Warfare to Divide America

      The most explosive finding in the report may be the assertion that both Facebook and Google executives misled Congress in statements. The researchers suggest that Facebook “dissembled” about the IRA’s voter suppression efforts on the platform in written responses to Congress in October, following the testimony of chief operating officer Sheryl Sandberg in October. At the time, the company was asked: “Does Facebook believe that any of the content created by the Russian Internet Research Agency was designed to discourage anyone from voting?” Facebook responded: “We believe this is an assessment that can be made only by investigators with access to classified intelligence and information from all relevant companies and industries.”

  • Censorship/Free Speech

    • NY Times Columnist Nick Kristof Led The Charge To Get Facebook To Censor Content, Now Whining That Facebook Censors His Content

      As we noted at the time, this was an astoundingly ignorant thing to say, but of course now that Kristof helped get the law passed and put many more lives at risk, the "meh, no big deal if there are some more lawsuits or more censorship" attitude seems to be coming back to bite him.

    • As A Final Fuck You To Free Speech On Tumblr, Verizon Blocked Archivists
      By now, of course, you're aware that the Verizon-owned Tumblr (which was bought by Yahoo, which was bought by Verizon and merged into "Oath" with AOL and other no longer relevant properties) has suddenly decided that nothing sexy is allowed on its servers. This took many by surprise because apparently a huge percentage of Tumblr was used by people to post somewhat racy content. Knowing that a bunch of content was about to disappear, the famed Archive Team sprung into action -- as they've done many times in the past. They set out to archive as much of the content on Tumblr that was set to be disappeared down the memory hole as possible... and it turns out that Verizon decided as a final "fuck you" to cut them off. Jason Scott, the mastermind behind the Archive Team announced over the weekend that Verizon appeared to be blocking their IPs:

    • Tumblr porn vanishes today

      All posts that are currently flagged as explicit are now being hidden from view, according to Tumblr, and that includes posts that users are in the process of appealing. In addition to what’s already gone, more adult content is going to be flagged in coming weeks, Tumblr says, and it hopes that the automated tools will be more accurate at picking out what counts as explicit.

    • Google's secret China project appears to have come to a halt

      Google's attempts to launch a censored search engine in China appear to have been put on the backburner after the company shut down a data analysis system used for building the engine.

    • Google Halts Chinese Search Engine Project ‘Dragonfly’ After Backlash
      After a series of backlash, Google has ceased its censored search engine project named Dragonfly. This report comes from The Intercept, which was the first to bring the very existence of Dragonfly into the light.

      This project, which aims at providing censored search results to Chinese citizens, has received a lot of criticism from Google employees as well as the White House.
      GOOGLE HAS BEEN forced to shut down a data analysis system it was using to develop a censored search engine for China after members of the company’s privacy team raised internal complaints that it had been kept secret from them, The Intercept has learned.

      The internal rift over the system has had massive ramifications, effectively ending work on the censored search engine, known as Dragonfly, according to two sources familiar with the plans. The incident represents a major blow to top Google executives, including CEO Sundar Pichai, who have over the last two years made the China project one of their main priorities.

    • Nicaragua moves to silence independent media and NGOs critical of government

      Non governmental organizations have been doing what they can to bring the wrongs committed by the Nicaraguan government to light. In a bid to shut NGO cake holes, Ortega and his cronies have begun to strip the outfits of their legal status.

    • Nicaraguan police raid NGO offices, seize records

      The raids were the latest strong-arm actions taken by the government of President Daniel Ortega. Since popular street protests destabilized his government in April, Ortega has reconsolidated power and methodically pursued perceived enemies.

    • For 3rd straight year, Turkey jailed more journalists than any other country: Report

      Even as Turkish leaders call for an international inquiry into Saudi Arabian journalist Jamal Khassogi's murder, the Committee to Protect Journalists found the Turkish government to be the world's biggest jailer of journalists for the third consecutive year, according to a newly released report.

      According to the global press freedom watchdog's Annual Prison Census, 251 journalists are currently in jails around the world as of Dec. 1 for charges related to their work -- 68 in Turkey, 47 in China and 25 in Egypt, collectively responsible for more than half of the journalists behind bars.

    • Report: Turkey Has Imprisoned More Journalists in 2018 Than Any Other Country

      Turkish president Recep Tayyip Erdogan has been perhaps the fiercest critic of the Saudi Arabian government’s assassination of Khashoggi in the Saudi consulate in Istanbul. But he has continued his own government’s repression of dissident journalists across Turkey, which began after an ultimately unsuccessful coup in 2016, when roughly 100 Turkish media organizations were shut down and many of their employees were jailed.

    • Hundreds of journalists jailed globally becomes the new normal

      For the third year in a row, 251 or more journalists are jailed around the world, suggesting the authoritarian approach to critical news coverage is more than a temporary spike. China, Egypt, and Saudi Arabia imprisoned more journalists than last year, and Turkey remained the world’s worst jailer. A CPJ special report by Elana Beiser

    • Jailing Hundreds of Journalists Worldwide Is the ‘New Normal,’ Group Finds

      For the third year in a row, Turkey, China and Egypt were responsible for more than half of those jailed, the group found.

    • Jailing journalists has become a 'new normal,' says advocacy group

      The non-profit group found that least 251 journalists were jailed in 2018 -- with 70% facing anti-state charges, such as belonging to or aiding groups deemed terrorist organizations.

      This represents a "new normal" as countries around the globe take an "authoritarian approach to critical news coverage," said the report, which does an annual count of detained journalists.

      "The West that traditionally stood up to this ... is missing in action," the report's author, Elana Beiser, told CNN. In terms of human rights, "You don't see pressure from any kind coming from the White House, at least publicly," she added.

    • Turkey seeks 15-year prison terms for prominent journalists

      Turkey’s state-run news agency says prosecutors are seeking maximum 15-year prison terms for five journalists of an opposition newspaper, intensifying concerns over authorities’ crackdown on news coverage critical of the government.

    • Where The Most Journalists Are Imprisoned Worldwide [Infographic]

      Collectively, Turkey, China and Egypt are responsible for more than half of all jailed journalists for the third year in a row. CPJ blamed a fresh wave of repression in those countries, as well as elsewhere such as Saudi Arabia, for the global crackdown on press freedom in 2018. The vast majority of journalists behind bars are facing anti state charges such as belonging to or aiding groups deemed by authorities as terrorist organizations. Worldwide, 28 journalists have been imprisoned on false news charges and Egypt jailed the highest number, 19.

  • Privacy/Surveillance

    • Facebook Gave Microsoft, Amazon, Netflix Unrestricted Access To User Data
      Facebook gave unrestricted access to users’ personal data to more than 150 companies including big names like Microsoft, Netflix, Amazon, Spotify, and Yahoo, according to a New York Times report.

      The publication obtained over 270 pages of Facebook’s internal documents from 2017. It revealed how the social media giant considered these companies business partners and exempted them from its privacy rules.

    • Tim May, Father of 'Crypto Anarchy,' Is Dead at 67
      "Just as the technology of printing altered and reduced the power of medieval guilds and the social power structure," he wrote, "so too will cryptologic methods fundamentally alter the nature of corporations and of government interference in economic transactions."

      In September 1992, May and his friends Eric Hughes and Hugh Daniel came up with the idea of setting up an online mailing list to discuss their ideas. Within a few days of its launch, a hundred people had signed up for the Cypherpunks mailing list. (The group's name was coined by Hughes' girlfriend as a play on the "cyberpunk" genre of fiction.) By 1997, it averaged 30 messages daily with about 2,000 subscribers. May was its most prolific contributor.

      May and Hughes, along with free speech activist John Gilmore, wore masks on the cover of the second issue of Wired magazine accompanying a profile by journalist Steven Levy, who described the Cypherpunks as "more a gathering of those who share a predilection for codes, a passion for privacy, and the gumption to do something about it."

    • "Owning your data" will not save you from data capitalism

      As Martin Tisney points out in an excellent essay in MIT Tech Review, property rights aren't just a dysfunctional way to make sense of privacy -- they're also ineffective. Even if you never share your data, corporations and governments can still make potentially compromising inferences about you by analyzing other peoples' data.

    • It’s time for a Bill of Data Rights

      The answer is that policy experts and technologists too often tacitly accept the concept of “data capitalism.” They see data either as a source of capital (e.g., Facebook uses data about me to target ads) or as a product of labor (e.g., I should be paid for the data that is produced about me). It is neither of these things. Thinking of data as we think of a bicycle, oil, or money fails to capture how deeply relationships between citizens, the state, and the private sector have changed in the data era. A new paradigm for understanding what data is—and what rights pertain to it—is urgently needed if we are to forge an equitable 21st-century polity.

    • German IT watchdog says no evidence to back Huawei spying claims

      Germany's tech watchdog says it has seen no evidence to back up claims being flung around that Chinese telecommunications equipment firm Huawei Technologies could use its products to spy for China.

    • 'No evidence' of Huawei spying, says German IT watchdog

      All three of Germany's main mobile network operators use infrastructure provided by Huawei, Spiegel pointed out.

    • Facebook still hasn’t launched a big privacy feature that Mark Zuckerberg promised more than seven months ago

      As it turns out, clearing your browser history was harder to implement than Facebook expected. It’s been more than seven months since Zuckerberg’s announcement and Facebook hasn’t mentioned Clear History since.

    • Doppelgänger accounts are still a powerful tool for cyberstalkers

      The attack is a byproduct of an unfortunate fact about the online space: it’s very easy to sign up for things, and very hard to quit. Services like Scruff want more users, of course, and a rigorous identity check would make sign-up a lot harder. Attacks like this don’t happen very often, so it’s rarely easy for victims to delete the account. With so many services, it’s easy to find one your target isn’t on, and never any problem finding pictures or details to fill it out. It’s a persistent problem in modern tech, and one you can find over and over again in stalking cases.

    • ButterflyVPN Traveler review: A convenient package for a serviceable VPN

      Once it’s running, the Traveler acts as a Wi-Fi access point where any device within range can connect to it regardless of operating system—a definite advantage of a hardware-based VPN.

    • DPC confirms it is investigating Facebook breach under GDPR

      The latest privacy breach at Facebook that affected nearly 7m users is being investigated by the Data Protection Commission (DPC) in Ireland under the General Data Protection Regulation (GDPR), a spokesperson confirmed to

      GDPR rules came into law across Europe on 25 May this year.

    • Facebook gave Spotify and Netflix access to users’ private messages

      What to make of the New York Times’ latest story about Facebook’s broad data-sharing agreements? The story, which draws on internal documents describing the company’s partnerships, reports on previously undisclosed aspects of business partnerships with companies including Apple, Amazon, Microsoft, Spotify, and Netflix. In some cases, companies had access to data years after it was supposed to have been cut off.

    • Bombshell report shows Facebook let companies like Spotify and Netflix read private messages

      The partnerships allowed Facebook to grow, and other companies — from tech, to retail, to entertainment — could access certain data. And though the privacy policy since 2010 has disclosed shared partnerships, who its sharing with and what it is sharing are not explicitly outlined.

    • As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants

      Facebook allowed Microsoft’s Bing search engine to see the names of virtually all Facebook users’ friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users’ private messages.

      The social network permitted Amazon to obtain users’ names and contact information through their friends, and it let Yahoo view streams of friends’ posts as recently as this summer, despite public statements that it had stopped that type of sharing years earlier.

    • Walt Mossberg, Veteran Technology Journalist, Quits Facebook

      Mr. Mossberg, a veteran of The Wall Street Journal, The Verge and Recode, said on Monday he would be deactivating his Facebook account, along with the Facebook-owned Messenger and Instagram apps.

      “I am doing this — after being on Facebook for nearly 12 years — because my own values and the policies and actions of Facebook have diverged to the point where I’m no longer comfortable here,” he wrote on Facebook.

    • [Old] ‘No Company Is So Important Its Existence Justifies Setting Up a Police State’

      The Frightful Five — I think in France they’re called GAFAM — may have special power to cause harm. Certainly Facebook does. But each one is different and they’re doing things that other companies are also doing, and it’s just as bad when other companies do it. So I think it’s a mistake to focus on the especially large companies, and instead we should look at the things they are doing that are the basis for being harmful. And then we should stop anyone from doing that.

    • Rising Instagram Stars Are Posting Fake Sponsored Content

      A decade ago, shilling products to your fans may have been seen as selling out. Now it’s a sign of success. “People know how much influencers charge now, and that payday is nothing to shake a stick at,” said Alyssa Vingan Klein, the editor in chief of Fashionista, a fashion-news website. “If someone who is 20 years old watching YouTube or Instagram sees these people traveling with brands, promoting brands, I don’t see why they wouldn’t do everything they could to get in on that.”

      But transitioning from an average Instagram or YouTube user to a professional “influencer”—that is, someone who leverages a social-media following to influence others and make money—is not easy. After archiving old photos, redefining your aesthetic, and growing your follower base to at least the quadruple digits, you’ll want to approach brands. But the hardest deal to land is your first, several influencers say; companies want to see your promotional abilities and past campaign work. So many have adopted a new strategy: Fake it until you make it.

  • Civil Rights/Policing

    • Chinese Police Are Raiding Churches and Arresting Pastors as Christmas Approaches

      It's shaping up to be a very un-merry Christmas for China's Christians. In the last four months, Chinese authorities have raided three of the country's most-prominent underground churches, detaining nearly 100 in a wave of pre-Christmas crackdowns on houses of worship that the government claims are threats to the state.

    • China shuts leading underground Christian church, third this winter

      Lamb spent more than 20 years behind bars, including 13 years of hard labour in dangerous coal mines, for defending his faith and resisting the Three-Self Patriotic Movement, a governing body overseeing official Protestant churches approved by the government.

    • Why Is Congress Trying To Pass An Obviously Unconstitutional Bill That Would Criminalize Boycotts Of Israel?
      As we've noted in the past on articles discussing this topic, I recognize that people have very, very, very strong views on both Israel and the whole "BDS" movement, and (trust me) you're not going to convince anyone about the rightness or wrongness of those views in our comments. However, even if you support the Israeli government fully, and think the BDS movement is a sham, hopefully you can still agree that an American law criminalizing supporting the BDS movement is blatantly unconstitutional.

      It is true, if horrifying, that a bunch of states have passed such laws, all of which are quite clearly unconstitutional as well. Challenges to the state laws in Kansas and Arizona have already been (easily) successful. There are other legal challenges against the other laws, and they will almost certainly be tossed out as well.

    • Attacks against women health workers show how workplace violence hurts us all
      The worldwide #MeToo movement has revealed how sexual harassment and assault are part of most women’s professional lives. However, we must not overlook other forms of violence that women suffer at work – and how this affects society at large. The experiences of emergency nurses and other health workers, a majority of whom around the world are women, shows this clearly.

      Insults, humiliation, and discrimination have become ‘natural’ aspects of many work relationships. When attacked, many women do not report these incidents, not knowing who to turn to or out of fear of losing their jobs. Even worse, some women feel that violence is an inevitable ‘part of their jobs.’

      In Mexico, as many as nine out of 10 women who’ve experienced physical or sexual violence at work never asked their colleagues or supervisors for help or filed complaints to police or their employers.

  • Internet Policy/Net Neutrality

    • With Friday Deadline, These 16 House Democrats About to Go Down in History for Helping GOP Kill Internet as We Know It
      The U.S. House still has an opportunity to side with the vast majority of the American public and overturn the Republican-controlled FCC's net neutrality repeal, but time is quickly running out.

      With Friday, Dec. 21, marking the official deadline to restore net neutrality in this session of Congress, the House still needs 38 signatures to pass the Congressional Review Act (CRA) resolution that would reverse the FCC's deeply unpopular repeal, which was crafted by agency chairman and former Verizon lawyer Ajit Pai.

  • DRM

    • 2018 DMCA anti-circumvention exemption process: some progress, but not enough
      The anti-circumvention provisions of the Digital Millennium Copyright Act (DMCA) are still a threat. The latest round of its exemptions process showed some successes, and where the work needs to continue.

      The DMCA has quite a few troubling provisions in it, but the nastiest of them all are the anti-circumvention rules. These provisions create legal penalties for anyone trying to control their own software or devices, and potential criminal risk when users try to share tools for avoiding Digital Restrictions Management (DRM). These rules are grossly unfair, and deprive users of the right to repair the devices that they own, to study or research potential security flaws, or to make or modify their own copies of works to meet their needs. As paltry compensation, Congress carved out a complicated process run by the US Copyright Office for reclaiming the ability to control your computing in narrow circumstances.

  • Intellectual Monopolies

    • 'Fresh Prince of Bel Air' star accuses 'Fortnite' creators of stealing his 'Carlton dance'

      "Mr. Ribeiro is seeking his fair and reasonable share of profits Epic has earned by use of his iconic intellectual property [sic] in 'Fortnite' and as a result is requesting through the courts that Epic cease all use of Mr. Ribeiro’s signature dance," Hecht added, according to NBC New York.

    • Fresh Prince’s Alfonso Ribeiro suing Epic Games over Fortnite Carlton Dance use

      This dispute comes specifically in regards to the game’s dance “Fresh” emote, which came out in January of 2018. The dance was immediately recognized by the community as the “Carlton Dance,” which Ribeiro made famous. Even the Fresh name is a clear reference to the sitcom itself.

    • Copyrights

      • National Party Wins Copyright Damages Appeal Over Eminem Track

        New Zealand's National Party has won its appeal against Eminem's publishers. The party was previously ordered to pay $600,000 for infringing the copyrights of Eminem's track "Lose Yourself" in a 2014 election spot. But, on appeal, the damages amount was reduced to $225,000.

      • Courts Want “Something More” Than an IP-Address to Catch Pirates

        Following a high-profile order at the Ninth Circuit Court of Appeals this summer, copyright holders are facing a roadblock in their quest to demand settlements from alleged file-sharers. Referencing the August order, federal courts in districts across the US are demanding more evidence than an IP-address alone.

      • ISP Faces ‘Net Neutrality’ Investigation For Pirate Site Blocking Retaliation

        After being ordered to block a number of piracy-related domains following a complaint from academic publisher Elsevier, Swedish ISP Bahnhof retaliated by semi-blocking Elsevier's own website and barring the court from visiting Those actions have now prompted Sweden's telecoms watchdog to initiate an inquiry to determine whether the ISP breached net neutrality rules.

      • Join us for A Grand Re-Opening of the Public Domain
        It’s time to celebrate! For the first time in decades, new creative works such as Cecil B. DeMille’s 1923 silent film, “The Ten Commandments,” Kahlil Gibran’s classic “The Prophet,” and Virginia Woolf’s third novel, “Jacob’s Room,” will enter the public domain on the first day of 2019. Please join us for a Grand Re-opening of the Public Domain, featuring a keynote address by Creative Commons’ founder, Lawrence Lessig, on January 25, 2019. Co-hosted by the Internet Archive and Creative Commons, this celebration will feature legal thought leaders, lightning talks, demos, and the chance to play with these new public domain works. The event will take place at the Internet Archive in San Francisco.

      • Warner Bros. Files Copyright Complaint Against Harry Potter-Inspired Kickstarter

        A Kickstarter campaign to raise funds for a 'sizzle reel' to pitch a horror story collection to production companies has been hit with a takedown notice. According to Warner Bros., The Monster Book of Monsters Film Project infringes copyright by using the same title as a book featured in the series created by J K Rowling.

      • Copyright Directive: how competing big business lobbies drowned out critical voices

        This is the continuation of the battle that took over the European Parliament this summer, where accusations of deceptive and unfair lobbying, including tactics like astroturfing and spambots, played a decisive role. The voices of civil society organisations, small platforms, libraries, academics, citizens and even the UN Special Rapporteur on Freedom of Opinion and Expression were the collateral damage of the dispute between competing big business lobbies. Lobbyists and groups with a vested interest dominated the debate, while citizens’ opinions and interests were crowded out of the discussion.

Recent Techrights' Posts

[Video] Time to Acknowledge Debian Has a Real Problem and This Problem Needs to be Solved
it would make sense to try to resolve conflicts and issues, not exacerbate these
Daniel Pocock elected on ANZAC Day and anniversary of Easter Rising (FSFE Fellowship)
Reprinted with permission from Daniel Pocock
Ulrike Uhlig & Debian, the $200,000 woman who quit
Reprinted with permission from
Girlfriends, Sex, Prostitution & Debian at DebConf22, Prizren, Kosovo
Reprinted with permission from
[Video] Debian's Newfound Love of Censorship Has Become a Threat to the Entire Internet
SPI/Debian might end up with rotten tomatoes in the face
Joerg (Ganneff) Jaspert, Dalbergschule Fulda & Debian Death threats
Reprinted with permission from
Amber Heard, Junior Female Developers & Debian Embezzlement
Reprinted with permission from
[Video] IBM's Poor Results Reinforce the Idea of Mass Layoffs on the Way (Just Like at Microsoft)
it seems likely Red Hat layoffs are in the making
IRC Proceedings: Wednesday, April 24, 2024
IRC logs for Wednesday, April 24, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Links 24/04/2024: Layoffs and Shutdowns at Microsoft, Apple Sales in China Have Collapsed
Links for the day
Sexism processing travel reimbursement
Reprinted with permission from
Microsoft is Shutting Down Offices and Studios (Microsoft Layoffs Every Month This Year, Media Barely Mentions These)
Microsoft shutting down more offices (there have been layoffs every month this year)
Balkan women & Debian sexism, WeBoob leaks
Reprinted with permission from
Martina Ferrari & Debian, DebConf room list: who sleeps with who?
Reprinted with permission from Daniel Pocock
Links 24/04/2024: Advances in TikTok Ban, Microsoft Lacks Security Incentives (It Profits From Breaches)
Links for the day
Gemini Links 24/04/2024: People Returning to Gemlogs, Stateless Workstations
Links for the day
Meike Reichle & Debian Dating
Reprinted with permission from
Europe Won't be Safe From Russia Until the Last Windows PC is Turned Off (or Switched to BSDs and GNU/Linux)
Lives are at stake
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 23, 2024
IRC logs for Tuesday, April 23, 2024
[Meme] EPO: Breaking the Law as a Business Model
Total disregard for the EPO to sell more monopolies in Europe (to companies that are seldom European and in need of monopoly)
The EPO's Central Staff Committee (CSC) on New Ways of Working (NWoW) and “Bringing Teams Together” (BTT)
The latest publication from the Central Staff Committee (CSC)
Volunteers wanted: Unknown Suspects team
Reprinted with permission from Daniel Pocock
Debian trademark: where does the value come from?
Reprinted with permission from Daniel Pocock
Detecting suspicious transactions in the Wikimedia grants process
Reprinted with permission from Daniel Pocock
Links 23/04/2024: US Doubles Down on Patent Obviousness, North Korea Practices Nuclear Conflict
Links for the day
Stardust Nightclub Tragedy, Unlawful killing, Censorship & Debian Scapegoating
Reprinted with permission from Daniel Pocock
Gunnar Wolf & Debian Modern Slavery punishments
Reprinted with permission from Daniel Pocock
On DebConf and Debian 'Bedroom Nepotism' (Connected to Canonical, Red Hat, and Google)
Why the public must know suppressed facts (which women themselves are voicing concerns about; some men muzzle them to save face)
Several Years After Vista 11 Came Out Few People in Africa Use It, Its Relative Share Declines (People Delete It and Move to BSD/GNU/Linux?)
These trends are worth discussing
Canonical, Ubuntu & Debian DebConf19 Diversity Girls email
Reprinted with permission from
Links 23/04/2024: Escalations Around Poland, Microsoft Shares Dumped
Links for the day
Gemini Links 23/04/2024: Offline PSP Media Player and OpenBSD on ThinkPad
Links for the day
Amaya Rodrigo Sastre, Holger Levsen & Debian DebConf6 fight
Reprinted with permission from
DebConf8: who slept with who? Rooming list leaked
Reprinted with permission from
Bruce Perens & Debian: swiping the Open Source trademark
Reprinted with permission from
Ean Schuessler & Debian SPI OSI trademark disputes
Reprinted with permission from
Windows in Sudan: From 99.15% to 2.12%
With conflict in Sudan, plus the occasional escalation/s, buying a laptop with Vista 11 isn't a high priority
Anatomy of a Cancel Mob Campaign
how they go about
[Meme] The 'Cancel Culture' and Its 'Hit List'
organisers are being contacted by the 'cancel mob'
Richard Stallman's Next Public Talk is on Friday, 17:30 in Córdoba (Spain), FSF Cannot Mention It
Any attempt to marginalise founders isn't unprecedented as a strategy
IRC Proceedings: Monday, April 22, 2024
IRC logs for Monday, April 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Don't trust me. Trust the voters.
Reprinted with permission from Daniel Pocock
Chris Lamb & Debian demanded Ubuntu censor my blog
Reprinted with permission from
Ean Schuessler, Branden Robinson & Debian SPI accounting crisis
Reprinted with permission from
William Lee Irwin III, Michael Schultheiss & Debian, Oracle, Russian kernel scandal
Reprinted with permission from