Bonum Certa Men Certa

Links 12/12/2019: KDE Applications 19.12, Qt Creator 4.11, New VirtualBox



  • GNU/Linux

    • Desktop/Laptop

      • Most essential apps for every Linux user | 2020

        When you first install a Linux distro or do a fresh install on a system, you need to install the essential apps for regular use. That is why I have prepared a quick guide list of the essential apps for every Linux user. So that you can check and go through the installation easily and get the needed apps for your better use and workflow.

      • HP Linux Imaging & Printing Drivers Are Now Supported on Debian GNU/Linux 10.2

        HP Linux Imaging and Printing (HPLIP) software, an open-source and free print, scan and fax driver solution for HP printers and scanners, has been updated today to version 3.19.12 for Linux-based operating systems. HPLIP 3.19.12 is here to add support for several new printers, including HP Color LaserJet Pro M256dn, HP Color LaserJet Pro M255dn, HP Color LaserJet Pro M256nw, HP Color LaserJet Pro M255nw, HP Color LaserJet Pro M256dw, HP Color LaserJet Pro M255dw, HP Color LaserJet Pro M155a, HP Color LaserJet Pro M156a, HP Color LaserJet Pro M155nw, HP Color LaserJet Pro M156nw, HP Color LaserJet Pro MFP M282nw, and HP Color LaserJet Pro MFP M284nw.

        Additionally, HP Color LaserJet Pro MFP M283fdn, HP Color LaserJet Pro MFP M285fdn, HP Color LaserJet Pro MFP M283fdw, HP Color LaserJet Pro MFP M285fdw, HP Color LaserJet Pro MFP M283cdw, HP Color LaserJet Pro MFP M285cdw, HP Color LaserJet Pro MFP M182n, HP Color LaserJet Pro MFP M184n, HP Color LaserJet Pro MFP M182nw, HP Color LaserJet Pro MFP M184nw, HP Color LaserJet Pro MFP M183fw, and HP Color LaserJet Pro MFP M185fw are also supported by the new version.

      • HPLIP 3.19.12 Released with New Printers Support

        HPLIP 3.19.12, open source Linux driver for HP printers and scanners, was released today with many new devices support.

    • Server

      • Creating Kubernetes distributions

        Making a comparison between Linux and Kubernetes is often one of apples to oranges. There are, however, some similarities and there is an effort within the Kubernetes community to make Kubernetes more like a Linux distribution. The idea was outlined in a session about Kubernetes release engineering at KubeCon + CloudNativeCon North America 2019. "You might have heard that Kubernetes is the Linux of the cloud and that's like super easy to say, but what does it mean? Cloud is pretty fuzzy on its own," Tim Pepper, the Kubernetes release special interest group (SIG Release) co-chair said. He proceeded to provide some clarity on how the two projects are similar.

        Pepper explained that Kubernetes is a large open-source project with lots of development work around a relatively monolithic core. The core of Kubernetes doesn't work entirely on its own and relies on other components around it to enable a workload to run, in a model that isn't all that dissimilar to a Linux distribution. Likewise, Pepper noted that Linux also has a monolithic core, which is the kernel itself. Alongside the Linux kernel is a whole host of other components that are chosen to work together to form a Linux distribution. Much like a Linux distribution, a Kubernetes distribution is a package of core components, configuration, networking, and storage on which application workloads can be deployed.

        Linux has community distributions, such as Debian, where there is a group of people that help to build the distribution, as well as a community of users that can install and run the distribution on their own. Pepper argued that there really isn't a community Kubernetes distribution like Debian, one that uses open-source tools to build a full Kubernetes platform that can then be used by anyone to run their workloads. With Linux, community-led distributions have become the foundation for user adoption and participation, whereas with Kubernetes today, distributions are almost all commercially driven.

      • The total cost of software-defined storage

        In the current economic climate, the cost of everything is often closely examined to be sure we’re not paying too much. However, many focus on just the cost of acquisition – the capital expenditure – as opposed to looking at the bigger picture – the total cost of ownership, or TCO.

        In the world of IT, it’s easy to forget that the cost of owning servers, networking and storage equipment is more than the purchase price of the hardware. The total cost also includes installation, software licenses, service, support, training and upgrades amongst other things.

      • IBM

        • Red Hat customers want the hybrid cloud

          If you listen to some people, everyone and their corner office wants to move to the public cloud. Red Hat's global customers have a different take. Thirty-one percent of Red Hat's customers say "hybrid" describes their strategy best, 21% are leaning toward a private cloud approach, while only 4% see the public cloud as their first choice. There's only one little problem: Finding the staff with the right skills to make the jump from old-school IT to the cloud.

          Businesses prefer the hybrid cloud strategy for many different reasons -- but, overall, data security, cost benefits, and data integration led the pack. For years, the hybrid cloud wasn't that popular. With the rise of the Kubernetes-based hybrid cloud model and with Red Hat being one of the new-model hybrid cloud's leading proponents, customers are embracing the hybrid cloud.

        • Red Hat Gets NIST Recertification for ‘Enterprise Linux’ Operating System; Paul Smith Quoted

          A Red Hat operating system offering has earned recertification that validates the platform's capacity to process sensitive information in line with National Institute of Standards and Technology requirements.

          Red Hat said Tuesday it renewed Federal Information Processing Standard 140-2 cryptography certification for the Enterprise Linux 7.6 software built to support agencies and organizations in government-regulated industries.

    • Audiocasts/Shows

      • 2019-12-11 | Linux Headlines

        CodeWeavers brings new tricks to Wine, Google pushes Flutter for the desktop, and the Linux Foundation brings attention to a new tool.

      • Going Linux #382 €· Switching from Windows and Upgrading to Linux Part 3

        After a discussion about distro hopping, we wrap up our series on switching to Linux from Windows by discussing how to get updates, additional drivers, the kernel, finding and installing sowtware, and personalizing your computer.

      • FLOSS Weekly 559: Open Source Chat

        On FLOSS Weekly, Randal Schwartz, Aaron Newcomb, and Jonathan Bennett talk about the various things going on within the world of open-source.

      • Angela Brown from The Linux Foundation on Delivering Great Events

        Angela Brown should know: she is one of the most talented people in the events business. Leading events at The Linux Foundation, Angela and her team run a broad range of events, all over the world, from small gatherings to conferences spanning tens of thousands. This includes the Open Source Summit, KubeCon, and many.

      • The Linux Link Tech Show Episode 837

        echo dot, google services, aws, spanner, docker, alpine linux

      • EPYC Netflix Stack | BSD Now 328

        LLDB Threading support now ready, Multiple IPSec VPN tunnels with FreeBSD, Netflix Optimized FreeBSD’s Network Stack More Than Doubled AMD EPYC Performance, happy eyeballs with unwind(8), AWS got FreeBSD ARM 12, OpenSSH U2F/FIDO support, and more.

      • What We Wish We’d Known Earlier | Choose Linux 24

        All three of us have different levels of experience with Linux but there are tons of things that we wish we'd learned earlier in our journey.

        From gatekeeping to community culture, command line tricks to backups, and more.

      • Destination Linux Episode #151

        When we launched the Destination Linux Network we also wanted to partner with our growing community to find ways we could give back. So we put up a post on our Discourse forum and asked the community to provide us feedback on the charities you would like for us to work with. Free Geek was highly recommended by many of you and we’re so excited to partner with them and launch our first giving back campaign.

        Free Geek’s mission is to sustainably reuse technology and enable digital access and education to the community. The best part is they have many ways for everyone to get involved. In this episode we interview Hilary Shohoney of FreeGeek. Hilary is Free Geek’s Manager of Development and manages the relationships between Free Geek and the local community working on issues like the digital divide.

    • Kernel Space

      • Fixing SCHED_IDLE

        The scheduler implements many "scheduling classes", an extensible hierarchy of modules, and each class may further encapsulate "scheduling policies" that are handled by the scheduler core in a policy-independent way. The scheduling classes are described below in descending priority order; the Stop class has the highest priority, and Idle class has the lowest.

        The Stop scheduling class is a special class that is used internally by the kernel. It doesn't implement any scheduling policy and no user task ever gets scheduled with it. The Stop class is, instead, a mechanism to force a CPU to stop running everything else and perform a specific task. As this is the highest-priority class, it can preempt everything else and nothing ever preempts it. It is used by one CPU to stop another in order to run a specific function, so it is only available on SMP systems. The Stop class creates a single, per-CPU kernel thread (or kthread) named migration/N, where N is the CPU number. This class is used by the kernel for task migration, CPU hotplug, RCU, ftrace, clock events, and more.

        The Deadline scheduling class implements a single scheduling policy, SCHED_DEADLINE, and it handles the highest-priority user tasks in the system. It is used for tasks with hard deadlines, like video encoding and decoding. The task with the earliest deadline is served first under this policy. The policy of a task can be set to SCHED_DEADLINE using the sched_setattr() system call by passing three parameters: the run time, deadline, and period.

        To ensure deadline-scheduling guarantees, the kernel must prevent situations where the current set of SCHED_DEADLINE threads is not schedulable within the given constraints. The kernel thus performs an admittance test when setting or changing SCHED_DEADLINE policy and attributes. This admission test calculates whether the change can be successfully scheduled; if not, sched_setattr() fails with the error EBUSY.

        The POSIX realtime (or RT) scheduling class comes after the deadline class and is used for short, latency-sensitive tasks, like IRQ threads. This is a fixed-priority class that schedules higher-priority tasks before lower-priority tasks. It implements two scheduling policies: SCHED_FIFO and SCHED_RR. In SCHED_FIFO, a task runs until it relinquishes the CPU, either because it blocks for a resource or it has completed its execution. In SCHED_RR (round-robin), a task will run for the maximum time slice; if the task doesn't block before the end of its time slice, the scheduler will put it at the end of the round-robin queue of tasks with the same priority and select the next task to run. The priority of the tasks under the realtime policies range from 1 (low) to 99 (high).

      • Virtio without the "virt"

        One might ask why it makes sense to implement virtio devices in hardware. After all, they were originally designed for hypervisors and have been optimized for software rather than hardware implementation. Now that virtio support is widespread, the network effects allow hardware implementations to reuse the guest drivers and infrastructure. The virtio 1.1 specification defines ten device types, among them a network interface, SCSI host bus adapter, and console. Implementing a standards-compliant device interface lets hardware implementers focus on delivering the best device instead of designing a new device interface and writing guest drivers from scratch. Moreover, existing guests will work with the device out of the box, and applications utilizing user-space drivers, such as the DPDK packet processing toolkit, do not need to be relinked with new drivers — this is especially helpful when static linking is utilized.

        Implementing virtio in hardware also makes it easy to switch between hardware and software implementations. A software device can be substituted without changing guest drivers if the hardware device is acting up. Similarly, if the driver is acting up, it is possible to substitute a software device to make debugging the driver easier. It is possible to assign hardware devices to performance-critical guests while assigning software devices to the other guests; this decision can be changed in the future to balance resource needs. Finally, implementing virtio in hardware makes it possible to live-migrate virtual machines more easily. The destination host can have either software or hardware virtio devices.

      • 5.5 Merge window, part 1

        The 5.5 merge window got underway immediately after the release of the 5.4 kernel on November 24. The first week has been quite busy despite the US Thanksgiving holiday landing in the middle of it. Read on for a summary of what the first 6,300 changesets brought for the next major kernel release.

      • Radeon Linux 5.6 Changes Begin Queuing - Better Power Management, Adds DMCUB Controller

        While the Linux 5.5 merge window has just been over for less than one week, AMD has already submitted their first batch of feature updates to DRM-Next of new graphics driver material aiming for Linux 5.6 early next year.

      • Graphics Stack

        • AMD Publishes Vega 7nm ISA Documentation - 300 More Pages Of GPU Docs

          Beyond AMD's open-source graphics driver stack of the past decade, part of their original open-source plans have also involved providing public (NDA-free) GPU hardware documentation. That has come with time though the documentation drops are not coordinated in-step with code drops. Out today, for example, is the ISA documentation on Vega 7nm.

          Back in 2017 was the timely release of the Vega ISA documentation and earlier this summer was even the RDNA 1.0 ISA documentation but missing out until now was the Vega 7nm ISA documentation.

        • Intel's Iris Gallium3D Driver Continuing To See Performance Optimizations On Mesa 20.0

          With the current Mesa 19.3 there is the Intel Gallium3D driver generally performing much better than their "classic" i965 driver and for Mesa 20.0 it looks to only make more ground as it switches over to this driver by default.

          Beyond the recent build system changes for supporting an Intel Gallium3D default and building it as part of the default x86/x86_64 Gallium3D drivers with hopes of soon flipping the switch for Broadwell and newer, more performance optimizations are still being done.

        • Dreamcast emulator Flycast adds a Vulkan renderer

          There seems to be quite a lot of interest in Vulkan lately, as more projects begin using it. Now we have the Dreamcast emulator Flycast adding Vulkan support.

          In the technical blog post announcing it on the Libretro site, it gives a bit of brief history of the Dreamcast GPU and mentions the usual "less overhead, more reliability and better performance in many cases" when it comes to using Vulkan although it's a lot more complicated to use.

        • NVIDIA have two new Linux drivers available, one stable and one Vulkan Beta

          NVIDIA continue pushing their drivers forwards with two new Linux driver updates available. Let's take a quick look.

          First, the stable 440.44 driver release as part of their long-lived branch. This adds support for the Quadro T2000 with Max-Q Design, you can now use the "__GL_SYNC_DISPLAY_DEVICE" environment variable for Vulkan applications and it fixes a few bugs like tearing with a G-SYNC or G-SYNC Compatible monitor when you've got something running directly on a display (like VR).

    • Applications

      • VirtualBox 6.1 Officially Released with Linux Kernel 5.4 Support, Improvements

        Oracle released today the final version of the VirtualBox 6.1 open-source and cross-platform virtualization software for GNU/Linux, macOS, and Windows operating systems. VirtualBox 6.1 is the first major release in the VirtualBox 6 series of the popular virtualization platform and promises some exciting new features, such as support for the latest and greatest Linux 5.4 kernel series, the ability to import virtual machines from the Oracle Cloud Infrastructure, as well as enhanced support for nested virtualization.

        "Support for nested virtualization enables you to install a hypervisor, such as Oracle VM VirtualBox or KVM, on an Oracle VM VirtualBox guest. You can then create and run virtual machines in the guest VM. Support for nested virtualization allows Oracle VM VirtualBox to create a more flexible and sophisticated development and testing environment," said Oracle.

      • VirtualBox 6.1 Released With 3D Improvements, Linux 5.4 Support

        A new major VirtualBox version has been released, bringing improvements for the new VBoxSVGA and VMSVGA graphics controllers, experimental support for file transfers via shared clipboard, support for Linux 5.4, and more.

        VirtualBox is a x86 and AMD64/Intel64 virtualization software that runs on Windows, Linux, macOS and Solaris, and supports many guest operating systems, including Windows Linux, Solaris, OpenSolaris, OS/2 and OpenBSD.

        The new VirtualBox 6.1 brings the ability to import a virtual machine from Oracle Cloud Infrastructure, by launching the Import Appliance feature. Also, the Oracle Cloud Infrastructure now has enhanced support for exporting a virtual machine to Oracle Cloud Infrastructure, allowing the creation of multiple VMs without re-uploading.

      • Oracle VirtualBox 6.1 Released as New Major Update

        Oracle announced the new major Virtualbox 6.1.0 a few days ago with many great new features.

      • How To Fix Upgrading Ubuntu Repositories VirtualBox To Oracle-Provided VirtualBox

        When I upgraded to Ubuntu 19.10 I installed VirtualBox from the Ubuntu repositories since it was the same version as the one provided by Oracle anyway. But when I upgraded to VirtualBox 6.1 downloaded from the Oracle VirtualBox website, I noticed I couldn't start any virtual machine anymore, receiving an error.

        This article explains how to properly upgrade to VirtualBox downloaded from Oracle (either by downloading it from the VirtualBox website, or installed from the Oracle VirtualBox repository) when you have the Ubuntu repositories version of VirtualBox installed on your system. This also applies to those using Ubuntu-based Linux distributions, like Linux Mint, elementary OS and Pop!_OS.

      • VirtualBox 6.1 Debuts with Linux 5.4 Support, Accelerated Video Playback + More

        Elsewhere, the Virtualbox 6.1.0 update implements support for importing VMs from the Oracle Cloud infrastructure, and exporting them to it too.

        Experimental changes include making vboxim-mount available on Linux hosts (which allows read-only access to NTFS, FAT and ext2/3/4 filesystems inside a disk image) and introducing VirtIO SCSI capabilities (where supported) for faster machine performance.

        A glut of GUI tweaks are on offer too, including an improved VISO creation and file manager; enhanced VM search; and more detail in the VM information pane.

        There’s also a new virtual keyboard (with multimedia keys) is available to enable input to guest systems; and the VM CPU load is now related in the VM status bar CPU indicator.

        Of note, this release no longer includes the “old style 3D support” using VBoxVGA.

    • Instructionals/Technical

    • Games

      • Seems like Feral Interactive may have a few surprises for Linux in 2020

        Porting studio Feral Interactive [Official Site] have already given Linux a lot of games and it sounds like more are coming.

        While this year they've already released Shadow of the Tomb Raider Definitive Edition, a Vulkan beta for Shadow of Mordor, Total War: THREE KINGDOMS and DiRT 4 plus plus big updates/expansions to Company of Heroes 2 and Total War: WARHAMMER II. Still to come is Life is Strange 2, which Feral previously teased to arrive sometime soon.

      • Fighting game Fantasy Strike adds full cross-platform online play with PC and Consoles

        The very pretty fighting game Fantasy Strike from Sirlin Games just got a great update, enabling cross-platform online play between Linux/macOS/Windows and the Nintendo Switch and Playstation 4 consoles.

        Apply to all online modes including Casual and Ranked, find a match should be a lot easier now. You can also challenge or spectate others from your in-game friends list, which also works across all platforms too as you can add people from any platform based on tags.

      • Looking towards other operating systems

        Learning a new operating system from scratch is a daunting experience for many people. Fortunately, there are a few Linux distributions that come with a Windows-like desktop environment such as a form of a star bar at the bottom. However, Windows and Linux operating on vastly different philosophies, to the way that they are organized to the way that the files are handled. Linux employs the traditional monolithic kernel and it provides a hierarchical view of the files. Because it is modular, most of the necessary drivers can be loaded and unloaded dynamically. One of the major appeals of Linux is that it is open-source, compared to Microsoft which is a closed and inaccessible environment. Windows is made for simple and out of the box use and directed toward inexperienced users, a reason why the OS has been adopted by so many people. Linux puts more emphasis on the user, who has the possibility of customizing the desktop environment to suit their needs. Windows also offer a few, but fairly limited customization options.

        The main reason why people avoid switching to Linux is their gaming habits. Linux is known for not playing well with most PC games. Most PC games are being developed with Windows as the main platforms with some companies providing Linux support sometime after the original release. Games that do not have a Linux release require third party compatibility applications to run Windows games. The major application that is used to play Windows games on Linux is Wine. The developers of Wine have specified that the software is not an emulator but more of a compatibility layer for Linux to run Windows programs, not just games. In the world of programming, Wine is considered a masterpiece and one of the greatest feats of open source development that allows most Windows binaries to run on Linux without relying on any of Microsoft’s dependencies. Most of the Wine resources are dedicated to running the complicated frameworks of various DirectX components.

        [...]

        Many people prefer to enjoy online gaming, especially casino games. The beauty of these games is that most are available and can be played directly in the browser. The default browser that Linux uses is Mozilla Firefox, which itself, is a powerful browser. Because online casinos are played directly in the browser, there is almost no difference between playing them on Linux and playing them in Windows. There are also casino games that can be downloaded with most of them being made to run only on Windows due to a large number of people using the OS. As mentioned before, to run most Windows software, players have the option to use WINE. However, since because playing the casinos using the browser, most people are better off sticking with that version. Many games from online roulette to poker, and other table games are available online. Almost all online casinos found online have the option to play instantly with no download required, which is why any OS that can run a browser is perfectly capable to run casino games. Linux has been around for a long time, but it was only in the last 10 years that people have started noticing the operating system becoming more friendlier and easy to learn. Besides the many desktop environments, customizability, community and growing compatibility of games, as well as more security, many have started the transition from Windows to Linux.

      • Build a transportation empire with Transport Fever 2 out now, same-day support for Linux

        Urban Games and Good Shepherd Entertainment are back, with Transport Fever 2 now officially available with same-day support for Linux.

        With a wide variety of transportation options available to build across multiple generations, there's a huge amount of content included. Prepare to kiss your time and friendships goodbye as we've got another great time-sink on our hands.

      • Vampire: The Masquerade - Coteries of New York for Linux is now uncertain

        Before release, the store pages for Vampire: The Masquerade - Coteries of New York very clearly listed Windows, MAC OS, Linux and now it's only available for Windows.

        Not to be confused with Bloodlines 2, Coteries of New York is styled like an interactive fiction (a fancy way to say: Visual Novel). It does look good though and it sounded very interesting so we were quite excited to see the mention of Linux support.

      • Rocket League's new Item Shop and Blueprints get a price reduction

        Oh Psyonix, what have you done? Rocket League recently had the loot boxes removed, with Blueprints and an Item Shop instead so you see exactly what you get but the pricing is terrible.

        As someone who has hundreds of hours in Rocket League, Psyonix really did disappoint with the big update recently. It could have been handled a lot better, but it came across as incredibly greedy. It's a game you have to pay for, yet they wanted us to spend a ridiculous amount of money on Credits for some of the items.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Qt Creator 4.11 is released

          We added experimental support for Qt for WebAssembly and Qt for MCUs.

          We improved the general handling of configuring, building and running projects in so many smaller ways that I fail to choose anything for being highlighted here.

          If you use CMake 3.14 or later we now use CMake's file-base API for configuring and parsing projects. Which behaves much more reliably than the previous server-mode, especially if you also use CMake from a terminal or other applications.

        • Qt 5.14 Released With Better HiDPI, Lots Of 3D Work Ahead Of Qt 6 Next Year

          After being delayed from last month, Qt 5.14 is shipping today as the newest Qt5 tool-kit release while developers become increasingly focused on next year's Qt 6.0 end-of-year release and Qt 5.15 in the spring that will serve as an LTS release and the last hurrah for Qt5.

          Qt 5.14 brings in tow a graphics API independent scenegraph renderer that will continue to be worked on for Qt 6.0 and important for Qt on Vulkan, ongoing HiDPI improvements for dealing with today's high pixel density displays, improvements to Qt 3D threading and other Qt Quick 3D work, support for GStreamer OpenGL with Qt Multimedia, the introduction of the Qt Quick Timeline, an updated Qt WebEngine and all the latest goodies there from Chromium, Qt for Automation updates, and much more as outlined on the Qt Wiki.

        • KDE's December 2019 Apps Update

          The release of new versions for KDE applications is part of KDE’s continued effort to bring you a complete and up-to-date catalog of fully-featured, beautiful and useful programs for your system.

          Available now are new versions of KDE’s file browser Dolphin; Kdenlive, one of the most complete open source video editors; the document viewer Okular; KDE’s image viewer, Gwenview; and all of your other favorite KDE apps and utilities. All of these applications have been improved, making them faster and more stable and they boast exciting new features. The new versions of KDE applications let you be productive and creative, while at the same time making use of KDE software easy and fun.

          We hope you enjoy all the novel features and improvements worked into all of KDE’s apps!

        • KDE Applications 19.12 Open-Source Software Suite Released, Here's What's New
        • KDE Applications 19.12 Released With Big Improvements To Kdenlive + Other KDE Programs
        • Apps Update for December

          But that is not all by any means: Dolphin, Spectacle, Okular and dozens of other applications have included new features you are sure to find useful. Even more projects, broaching apps, libraries and frameworks, have tweaked their code making them more stable and secure.

          If you want to get an idea of the full range of changes, visit the official release announcement, or check out the changelog for every single detail of what has changed.

          Getting applications made by KDE is also now easier: most are now available as Flatpaks, Snaps and AppImages. You just have to download them and they run straight out of the box. Many programs are also available for more platforms, such as Android, macOs and Windows. Krita and Okular have been available in the Microsoft Store for some time now, and they have recently been joined by Kile, a user-friendly LaTeX document editor.

          Distributions will be updating their own repos and making the new versions available to Linux users over the next few weeks.

        • Jonathan Riddell: KDE’s releases debranding

          A new step in KDE’s branding has happened today, or rather debranding. The old dump of everything we made used to be called just “KDE” and then some projects wanted to release on their own timetable so calling it “KDE” became less accurate. After a while our flagship Plasma project wanted to release on its own and lots of projects did their own release too but many wanted that faff taken care of for them still so those projects got called “KDE Applications”. But that didn’t quite fit either because there were many plugins and libraries among them and many Applications from KDE which were not among them. So today we removed that brand too and just make releases from a release service, which are source tars that are not very interesting to end users so they get a boring factual release page.

        • Latte bug fix release v0.9.5

          Latte Dock v0.9.5 has been released containing important fixes and improvements!

      • GNOME Desktop/GTK

        • Molly de Blanc: Keeping the (server) lights on

          Building and maintaining infrastructure for the GNOME project is one of the many activities of the GNOME Foundation, and it’s one of the most important. Building software like the GNOME desktop environment requires a lot of technical support, including managing servers and providing collaboration tools. Since GNOME is focused on being a self-sustaining community, we look as much as possible to managing our own services and software, and making sure it is free and open source.

          The GNOME Infrastructure Team currently supports a total of 34 virtual machines hosted on a total of eight bare metal nodes. These virtual machines allow us to run services like the Openshift Container Platform (OSCP), which provides self-service access to the community to run any of their workflows on an automated and containarized fashion.

          GNOME is build using self-hosted FOSS. We collaboratively build GNOME using a GitLab instance, which has a total of 15k accounts. We do shared storage using NextCloud. Community discussion is handled over Mailman, Discourse, and MoinMoin. We are currently using Indico and Connfa for our event planning and management.

        • GNOME Shell 3.35.2 Begins Launching Spawned Processes Within Systemd Scopes

          Out today is a new development release of GNOME Shell on the road to GNOME 3.36 in March.

          Among the changes in this new GNOME Shell snapshot include:

          - Spawned processes are now placed within systemd scopes in order to improve out-of-memory behavior for applications, an easy means of being able to kill other processes when the shell is restarted, and other use-cases. Systemd scopes allow managing of processes for organization and resource management purposes.

        • GNOME and gestures, Part 3: HdyLeaflet again

          0.0.12 brings some changes to HdyLeaflet mode and child transitions. Separate mode and child transition types have been deprecated in favor of a unified transition-type property. It can take 4 values: none, slide, over, under. Crossfade doesn’t make much sense spatially and was deprecated as well, though it’s still works if used via child-transition-type property. Additionally, over and under transitions have a subtle shadow now, similar to the WebKit gesture.

          It’s recommended that the apps using the gesture use over transition.

    • Distributions

      • Screenshots/Screencasts

      • Fedora Family

        • Fedora's modularity mess

          Fedora's Modularity initiative has been no stranger to controversy since its inception in 2016. Among other things, there were enough problems with the original design that Modularity went back to the drawing board in early 2018. Modularity has since been integrated with both the Fedora and Red Hat Enterprise Linux (RHEL) distributions, but the controversy continues, with some developers asking whether it's time for yet another redesign — or to abandon the idea altogether. Over the last month or so, several lengthy, detailed, and heated threads have explored this issue; read on for your editor's attempt to integrate what was said. The core idea behind Modularity is to split the distribution into multiple "streams", each of which allows a user to follow a specific project (or set of projects) at a pace that suits them. A Fedora user might appreciate getting toolchain updates as soon as they are released upstream while sticking with a long-term stable release of LibreOffice, for example. By installing the appropriate streams, this sort of behavior should be achievable, allowing a fair degree of customization.

          Much of the impetus — and development resources — behind Modularity come from the RHEL side of Red Hat, which has integrated Modularity into the RHEL 8 release as "Application Streams". This feature makes some sense in that setting; RHEL is famously slow-moving, to the point that RHEL 7 did not even support useful features like Python 3. Application Streams allow Red Hat (or others) to make additional options available with support periods that differ from that of the underlying distribution, making RHEL a bit less musty and old, but only for the applications a specific user cares about.

          The use case for Modularity in Fedora is arguably less clear. A given Fedora release has a support lifetime of 13 months, so there are limits to the level of stability that it can provide.

        • Moving bugzilla overrides to dist-git

          A while ago Fedora had pkgdb to configure ACLs for each package repo and package related admin actions. When we moved to 'pagure over dist-git', pagure already provided some of these capabilities. pkgdb would have needed a lot of effort to make it work with the modern package branching (modularity) [1] with different lifecycles for each package that are unrelated to Fedora releases and thus we've decided to retire it and replace it with a different solution.

          One of the missing parts after retireing pkgdb was the ability to set different default bugzilla assignees for EPEL and Fedora. This was solved by creating a new repository called fedora-scm-requests [2]. A script would then parse the contents of the repository, merge that information with the main package admins and repo watchers from dist-git and sync this information to bugzilla so that new bugs get assigned to the correct maintainers and all the interested parties get put on CC:. Each change required a pull request to this repo and someone from the infrastructure team to review and merge the patch. It is obvious that this doesn't scale with the huge number of packages that Fedora and EPEL have.

      • Debian Family

        • Enrico Zini: Init systems documentation

          Systemd has an excellent reference documentation in its manpages, but it does a lot of things, and a reference documentation isn't the best starting point for getting introduced to them.

          I would like to see a bit more documentation of the kind that sits between a systemctl start|stop|status and the reference manpages. Things like simple HOWTO posts on how to get a simple job done, or high-level explanations of how some specific feature works.

          I put some of what I know and used (or wrote) into systemd/documentation, I'll try to add to it when I find more, and I encourage you to do the same.

        • Debian Begins Vote On Supporting Non-Systemd Init Choices

          There’s detailed descriptions of every possibility on the Debian builders mailing checklist. “It is a non-secret vote,” the publish explains. “After the voting interval is over the main points on who voted what can be printed.”

        • Astronomy!

          Starting in January of 2020, I will be joining the Data Management team (specifically the Science Quality and Reliability Engineering team) for the Large Synoptic Survey Telescope.

          There's a much longer description at the above Wikipedia link and also at LSST's own site, but the short version is that the mission of LSST is to survey the entire southern night sky about twice a week for ten years. This in turn will provide vast amounts of data that will be used to do wide-ranging research in astronomy. All of that data requires indexing and processing so that scientists can use it. The team I'm joining is applying current software engineering techniques (containers, Jupyter notebooks, continuous integration, and so on) to that problem.

          For me, this is an opportunity to return to the academic, non-profit world that's always been my first love. It's also an opportunity to learn a bunch of new things (astronomy, for the most obvious, and scientific research computing more generally, but also some areas of technology that I've never had enough time to explore). Even better, everything my new team does is free software and is developed on GitHub, which means I'll be returning to a job where free software is at the center of the work instead of an optional side project for which there's rarely time.

      • Canonical/Ubuntu Family

        • Ubuntu 20.04 LTS Might Still End Up Shipping With WireGuard Support

          There are early discussions going on over the possibility of shipping WireGuard support in Ubuntu 20.04 LTS that could be done either using the existing DKMS kernel module or patching their Linux 5.5-based kernel with WireGuard now that the necessary crypto API changes made it into that release.

          Part of the unfortunate aspect of not having WireGuard merged for Linux 5.5 due to the timing of the merge window is that it unfortunately misses the mark for Ubuntu 20.04 LTS but is already in net-next for Linux 5.6. With Linux 5.5 being out in late January or early February, this will almost definitively be the kernel powering this next Ubuntu Long-Term Support release as Linux 5.6 would cut simply too close to the April launch date for the LTS distribution.

        • Which Ubuntu Release (2010-2019) is Your Favourite? Vote Now!

          With the end of the year, and indeed the decade, fast approaching I’ve been spending my time looking backwards, getting all misty-eyed and nostalgic about Ubuntu and how far its come since 2010.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • 9 of the biggest open source stories in 2019

        The year is 2019. Although cries of "world domination" still echo in the hallowed halls of Linux land, everyone knows this great event will have to wait for another year, but that doesn't mean all those who are invested in open source need to hang their heads in shame. Failure was never an option, and it wasn't an issue--not in the year of subtle takeover.

        If I have to give 2019 a title for open source, it is just that--subtle takeover. Why? Because subtle things happened, many of which will have reverberations for years to come.

        Let's take a look at the some of the moments that defined the year for Linux and open source.

      • 8 of the worst open source innovations of the decade

        Over the years, Linux and open source have been a master class on slow burn success. From out of nothing, Linux has become the champion of the cloud, IoT, and containers. And although it hasn't reached the "world domination" status it swore in the early 2000s, Linux desktop is still very much alive and building momentum.

        But that doesn't mean it's been all success; in fact, there have been a few stumbles along the way. Let's take a look at some of the worst open source failures of the decade.

      • Events

        • Watch these videos from the Linux App Summit

          For some, the holidays are a hectic time of shopping, cooking, and a house overflowing with loved ones. For others, they’re quiet times spent with just a few friends, or even in solitude behind the warm glow of a computer monitor. And for still others, it’s a workday like any other.

          No matter how you end up spending the holiday season this year, there’s comfort to be found in the Linux App Summit of 2019. This summit, which combined the strengths of everyone involved in developing applications for Linux, focused on a few major topics...

      • Web Browsers

        • Mozilla

          • Heroku Review apps available for Treeherder

            In bug 1566207 I added support for Heroku Review Apps (link to official docs). This feature allows creating a full Treeherder deployment (backend, frontend and data ingestion pipeline) for a pull request. This gives Treeherder engineers the ability to have their own deployment without having to compete over the Treeherder prototype app (a shared deployment). This is important as the number of engineers and contributors increases.

            Once created you get a complete Heroku environment with add-ons and workers configured and the deployment for it.

            Looking back, there are few new features that came out of the work, however, Heroku Review apps are not used as widely as I would have hoped for.

          • Async Interview #2: cramertj, part 3

            This blog post is continuing my conversation with cramertj. This will be the last post.

            In the first post, I covered what we said about Fuchsia, interoperability, and the organization of the futures crate.

            In the second post, I covered cramertj’s take on the Stream, AsyncRead, and AsyncWrite traits. We also discussed the idea of attached streams and the importance of GATs for modeling those.

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice 6.3.4 Is Now Available for Download on Windows, Linux, and Mac

          LibreOffice 6.3.4 is a significant release in terms of bug fixes and improvements, as the changelog includes over 120 lines, many of which concern document compatibility.

          This is without a doubt welcome polishing to the overall experience with LibreOffice, especially because this is considered the main alternative to the much more expensive Microsoft Office suite.

        • LibreOffice 6.3.4 available for download

          For enterprise class deployments, TDF strongly recommend sourcing LibreOffice from one of the ecosystem partners to get long-term supported releases, dedicated assistance, custom new features and other benefits, including Service Level Agreements (SLAs). Also, the work done by ecosystem partners flows back into the LibreOffice project, benefiting everyone.

          Also, support for migrations and trainings should be sourced from certified professionals who provide value-added services which extend the reach of the community to the corporate world and offer CIOs and IT managers a solution in line with proprietary offerings.

          In fact, LibreOffice – thanks to its mature codebase, rich feature set, strong support for open standards, excellent compatibility and long-term support options from certified partners – represents the ideal solution for businesses that want to regain control of their data and free themselves from vendor lock-in.

      • Programming/Development

        • A static-analysis framework for GCC

          One of the features of the Clang/LLVM compiler that has been rather lacking for GCC may finally be getting filled in. In a mid-November post to the gcc-patches mailing list, David Malcolm described a new static-analysis framework for GCC that he wrote. It could be the starting point for a whole range of code analysis for the compiler.

          According to the lengthy cover letter for the patch series, the analysis runs as an interprocedural analysis (IPA) pass on the GIMPLE static single assignment (SSA) intermediate representation. State machines are used to represent the code parsed and the analysis looks for places where bad state transitions occur. Those state transitions represent constructs where warnings can be emitted to alert the user to potential problems in the code.

          There are two separate checkers that are included with the patch set: malloc() pointer tracking and checking for problems in using the FILE * API from stdio. There are also some other proof-of-concept state machines included: one to track sensitive data, such as passwords, that might be leaked into log files and another to follow potentially tainted input data that is being used for array indexes and the like.

          The malloc() state machine is found in sm-malloc.cc, which is added by this patch, looks for typical problems that can occur with pointers returned from malloc(): double free, null dereference, passing a non-heap pointer to free(), and so on. Similarly, one of the patches adds sm-file.c for the FILE * checking. It looks for double calls to fclose() and for the failure to close a file.

        • RUST howto getting started – hello world

          if one is viewing this site using Firefox or Gecko-Engine… one is running RUST already.

          At the beginning – one was big fan of Java – Java was/still is all the rage – theoretically write once – run anywhere linux, osx and (thanks to Google) on mobile and even on the closed source OS who’s name shall not be mentioned, nobody knows what the Java Virtual Machine does besides running bytecode, Java on slow ARM CPUs is kind of a burden.

        • Excellent Free Tutorials to Learn PHP

          PHP has been at the helm of the web for many years. It’s an extremely popular, interpreted scripting language that is ideally suited for web development in part because it has an approachable syntax and supports different operating systems. This language powers millions of web sites on the net and is extremely well supported by its user community.

          PHP is also used as a general-purpose programming language. PHP code can be executed with a command-line interface (CLI) and to implement standalone graphical applications. CLI PHP programs often automate common tasks such as testing, deployment, and application administration. The language offers a very complete set of object-oriented programming features as well as support for functional programming. The latest TIOBE Index (August 2019 at time of writing) ranks PHP in 8th place, behind Java, C, C++, C#, Python, Visual Basic .NET, and JavaScript.

          The language is released under a non-copyleft free software license / open source license. The latest stable version adds lots of new features.

        • Intel's MKL-DNN/DNNL 2.0 Beta 3 Release Adds SYCL + Data Parallel C++ Compiler

          Intel's MKL-DNN Deep Neural Network Library (DNNL) that is open-source and catering to deep learning applications like Tensorflow, PyTorch, DeepLearning4J, and others is nearing its version 2.0 release. With DNNL 2.0 is now support for Data Parallel C++ as Intel's new language as part of their oneAPI initiative.

          MKL-DNN/DNNL 2.0 Beta 3 was released on Wednesday and to my knowledge is their first public test release of the forthcoming 2.0. Notable with DNNL 2.0 is supporting SYCL API extensions and interoperability now with SYCL code, the single-source C++-based programming language backed by The Khronos Group and a crucial to Intel's new oneAPI initiative.

        • Watch this machine made out of Lego sort other Lego using AI

          Dubbed the “Universal Lego Sorting Machine” by its creator, Daniel West, it’s a pretty neat contraption that’s far more useful than any of the Lego science projects I used to make. The machine is apparently able to use AI to sort Lego into one of 18 different buckets at a rate of “about one brick every two seconds.” West says he trained the neural network that sorts the bricks using 3D images of Lego parts, and he says the network can learn to recognize any piece as long as there’s a 3D image to train on.

        • Reactive programming, a new way of thinking

          Get to know Reactive Programming and Grace Jansen, co-author of a new O'Reilly report that introduces Reactive and Reactive Architecture.

          [...]

          At Devoxx Belgium, Grace gave a number of talks, including one about Reactive programming and the pitfalls, entitled “Reacting to the future of application architecture.” In the talk, she uses an analogy from biology, namely how bees live and function together. “I compare the behavior of bees with how we would like applications to function and meet the requirements and expectations of users.”

        • Future-proof monolithic applications with modular design

          DevNation tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this talk, you’ll learn about future-proofing applications from Eric Murphy and Ales Nosek, Architects with Red Hat Consulting.

          When building an MVP software application, you may immediately jump to a microservices architecture because it’s the new norm for building cloud-native applications. You may also be skeptical about starting off with a monolith because of the perception of such applications as relics of the past.

        • Python

          • Python 3.7.6rc1 and 3.6.10rc1 are now available for testing

            Python 3.7.6rc1 and 3.6.10rc1 are now available. 3.7.6rc1 is the release preview of the next maintenance release of Python 3.7; 3.6.10rc1 is the release preview of the next security-fix release of Python 3.6. Assuming no critical problems are found prior to 2019-12-18, no code changes are planned between these release candidates and the final releases. These release candidates are intended to give you the opportunity to test the new security and bug fixes in 3.7.6 and security fixes in 3.6.10. While we strive to not introduce any incompatibilities in new maintenance and security releases, we encourage you to test your projects and report issues found to bugs.python.org as soon as possible. Please keep in mind that these are preview releases and, thus, their use is not recommended for production environments.

          • Merge Sort in Python

            Merge Sort is one of the most famous sorting algorithms. If you're studying Computer Science, Merge Sort, alongside Quick Sort is likely the first efficient, general-purpose sorting algorithm you have heard of. It is also a classic example of a divide-and-conquer category of algorithms.

          • Updates on Unoon in December 2019

            This Saturday evening, I sat with Unoon project after a few weeks, I was continuously running it, but, did not resume the development effort. This time Bhavin also joined me. Together, we fixed a location of the whitelist files issue, and unoon now also has a database (using SQLite), which stores all the historical process and connection information. In the future, we will provide some way to query this information.

          • Summarising, Aggregating, and Grouping data in Python Pandas

            In this post, I will talk about summarizing techniques that can be used to compile and understand the data. I will use Python library Pandas to summarize, group and aggregate the data in different ways.

            I will be using college.csv data which has details about university admissions.

        • Shell/Bash/Zsh/Ksh

          • Print all git repos from a user (only curl and grep)
          • Linux Fu: Debugging Bash Scripts

            A recent post about debugging constructs surprised me. There were quite a few comments about how you didn’t need a debugger, as long as you had printf. For that matter, we’ve all debugged systems where you had nothing but an LED to flash or otherwise turn on to communicate with the user. However, it is hard to deny that a debugger can help with complex code.

            To say you only need printf would be like saying you only need machine language. Technically accurate — you can do anything in machine language. But it sure makes things easier to have an assembler or some language to help you work out your problem. If you write a simple bash script, you can use the equivalent to printf — maybe that’s the echo command, although there is usually a printf command on a typical system, if you want to use it. However, there are other things you can do with bash including a pretty cool debugger if you know how to find it.

            I assume you already know how to use echo and printf, but let’s dig into how to use trace execution line by line without the need for echo statements on every other line. Along the way, you’ll learn how to get started with the bash debugger.

      • Standards/Consortia

        • If you ARIA label something, give it a role

          As a rule of thumb, if you label something via aria-label or aria-labelledby, make sure it has a proper widget or landmark role.

          The longer version is that several elements created extraneous amount of announcements in screen readers in the past that were not really useful. Especially in the ARIA 1.0 days where a lot of things weren’t as clear and people were still gathering experience, this was an issue for elements or roles that mapped to regions, multiple landmarks of the same type on a page, etc. Therefore, best practice has become to label both widgets (which should be labeled anyway), and landmarks with means such as aria-label or aria-labelledby, to make them more useful.

        • Twitter Makes A Bet On Protocols Over Platforms

          It looks like Twitter is making a bet on protocols over platforms for its future.

  • Leftovers

    • Protest Song Of The Week: ‘Goat Head’ By Brittany Howard

      Best known as the powerhouse lead vocalist of Alabama Shakes, Brittany Howard recently released her critically acclaimed debut album “Jamie.”

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Microsoft Teams now available for Linux users
        • Microsoft Previews Microsoft Teams for Linux
        • Microsoft debuts its first native Office app for Linux

          The public preview (beta) of Microsoft Teams for Linux has landed, with packages in both .deb and .rpm formats, which should cover it for most flavours of your favourite open-source operating system.

        • How to install Microsoft Teams Linux on Ubuntu and CentOS
        • Microsoft Teams is Now Available on Linux

          The last time I talked about Working with Microsoft without a 3rd-party client was when we published on Hiri, a desktop email client for Microsoft and Hotmail. Although this was game-changing news in 2016, I’m happy to bring you news on one of 2019’s game-changers for developers.

          Microsoft Teams is a platform for unified communication and collaboration designed for workplace conversations, file storage, group video meetings, and application integration and it is now available for Linux users on any platform.

          This is the first time a Microsoft 365 app is coming to Linux desktops with all of its major features so we are all excited about it.

        • Microsoft Bringing Teams to Linux in Preview
        • Microsoft begins Windows 10's 1809-to-1909 compulsory upgrade

          Microsoft has begun forcibly upgrading Windows 10 PCs running version 1809 with the latest, the November 2019 Update, aka 1909, which the company launched less than a month ago.

        • Pseudo-Open Source

          • Openwashing

            • Xs:code launches subscription platform to monetize open-source projects [Ed: This is basically about making proprietary software add-ons, betraying Free software premises]

              Open source is a great source of free tools for developers, but as these projects proliferate, and some gain in popularity, the creators sometimes look for ways to monetize successful ones. The problem is that it’s hard to run a subscription-based, dual-license approach, and most developers don’t even know where to start. Enter Israeli startup xs:code, which has created a platform to help developers solve this problem.

              “Xs:code is a monetization platform for open-source projects. Unlike donation platforms which are pretty popular today, xs:code allows open-source developers to provide added value in exchange for payments. That comes on top of what they offer for free. This added value can be a different license, more features, support services or anything they can think of,” Netanel Mohoni, co-founder and CEO of xs:code told TechCrunch.

              This does not mean the open-source part of this goes away, only that the company is providing a platform for those developers who want to monetize their work, Mohoni said. “Companies pay for accessing the code, and they enjoy better software created by motivated developers who are now compensated for their work. Because our solution makes sure that the code remains open source, developers can continue accepting contributions so the community enjoys better code than ever before,” he explained.

          • Privatisation/Privateering

        • Security

          • It's the end of the 20-teens, and your Windows PC can still be pwned by nothing more than a simple bad font

            With the year winding to a close and the holiday parties set to kick off, admins will want to check out the December Patch Tuesday load from Microsoft, Adobe, Intel, and SAP and get them installed before downing the first of many egg nogs.

            [...]

            Also of note is CVE-2019-1471, a critical hypervisor escape bug that would allow an attacker running on a guest VM to execute code on the host box.

            The bulk of this month's critical fixes were for a series of five remote code execution flaws in Git for Visual Studio. In each of the flaws, said to be caused by improper handling of command-line input, an attacker would launch the exploit by convincing the target to clone a malicious repo.

            The remaining critical patch is for CVE-2019-1468, a play on the tried-and-true font-parsing vulnerability. In the wild, an attacker would embed the poisoned font file in a webpage and attack any system that visits.

          • Exploring Legacy Unix Security Issues

            The operating system SGI IRIX 6.5.22 was declared end of life in 2003, so it has limited use as a production system. I decided I could relive the good old days by looking for new vulnerabilities on an old system in my spare time. It was also an excuse to write some C code, and refresh my memory.

            One of my favorite vulnerabilities is the Insecure Temporary File (CWE-377). This involves manipulating files created in /tmp in an insecure manner. A file is created in /tmp by a piece of software that doesn’t check if the file exists before creating it. Allowing a malicious local user to symlink that file to a critical system file and overwriting it with the contents of what is written to the file in /tmp.

            So I started looking under the /usr/sbin directory for binaries to target. I did a quick examination of binaries and scripts in using the find command to give myself a starting point.

          • Private Internet Access updates Linux desktop client to prevent against [CVE-2019-14899]

            The Breakpointing Bad team at the University of New Mexico recently reported a VPN vulnerability that affects Linux, MacOS, iOS, Android, and more. The vulnerability allows malicious actors to not only see your VPN IP address, but also identify sites you are visiting and inject data into connections. The team consists of William J. Tolley, Beau Kujath, and Jedidiah R. Crandall and the public was notified on December 4th, 2019. Designated [CVE-2019-14899], the vulnerability shook the VPN industry due to the breadth of affected systems. [CVE-2019-14899] affects many different types of VPN protocols including OpenVPN, WireGuard, and IKEv2/IPSec.

            Private Internet Access has released an update to its Linux client that mitigates [CVE-2019-14899] from being used to infer any information about our users’ VPN connections. To our knowledge, Private Internet Access is the first commercial VPN to release a new client that prevents this ongoing security vulnerability.

          • Chrome now warns you when your password has been stolen

            Google is rolling out Chrome version 79 today, and it includes a number of password protection improvements. The biggest addition is that Chrome will now warn you when your password has been stolen as part of a data breach. Google has been warning about reused passwords in a separate browser extension or in its password checkup tool, but the company is now baking this directly into Chrome to provide warnings as you log in to sites on the web.

          • Google Chrome Will Now Alert You If Your Passwords Have Been Hacked

            Google yesterday rolled a new stable version of the company’s web browser, Chrome 79 for Windows, Mac, Linux, Android, and iOS. The new web browser comes with several security improvements and better secure browsing protections.

            The biggest highlight of this browser is that Chrome will now automatically warn you if your password has been compromised in a data breach. The new feature was also tweeted by Google CEO Sundar Pichai.

            With the latest release of Chrome, anyone whose login credentials has been leaked in a data breach previously will get a notification when logging into a site.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • OpenBSD Local Privilege Escalation Vulnerability (CVE-2019-19726)

              This vulnerability exists in OpenBSD’s dynamic loader versions of OpenBSD 6.5 and OpenBSD 6.6. It is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and could allow local users or malicious software to gain full root privileges. For more technical details on this vulnerability, please see our security advisory. Also refer to our recently published OpenBSD blog post.

          • Privacy/Surveillance

            • Defense Department To Congress: 'No, Wait, Encryption Is Actually Good; Don't Break It'

              As Senate Judiciary Committee Chair Lindsey Graham has continued his latest quest to undermine encryption with a hearing whose sole purpose seemed to be to misleadingly argue that encryption represents a "risk to public safety." The Defense Department has weighed in to say that's ridiculous. As you may recall, the DOJ and the FBI have been working overtime to demonize encryption and pretend -- against nearly all evidence -- that widespread, strong encryption somehow undermines its ability to stop criminals.

            • Victory: San Diego to Suspend Face Recognition Program, Limits ICE Access To Criminal Justice Data

              We just stopped one of the largest, longest running, and most controversial face recognition programs operated by local law enforcement in the United States.€ 

              A face recognition system used by more than 30 agencies in San Diego County, California will be suspended on Jan. 1, 2020, according to a new agenda published by the San Diego Association of Governments (SANDAG), which manages the program.€ 

            • DOJ Headed By William Barr Asked To Explain Warrantless Bulk Data Collection William Barr Authorized 27 Years Ago When He Was The Head Of The DOJ

              More than a quarter-century ago, then-Attorney General William Barr gave the DEA something it shouldn't have had and something it certainly hadn't earned. The War on Drugs was a forever war and it demanded an expansion of the government's powers. AG Barr OK'ed it: the warrantless bulk collection of multiple third party records, including call records, banking information, and the tracking of purchases.

            • Toys “R” Us Is Back—Now With More Surveillance!

              After filing for bankruptcy and closing more than 800 stores last year, Toys "R" Us is back. The iconic retailer has opened two new mall outposts, one in Texas and another in New Jersey, just in time for the holidays. The stores are packed with some of the most kid-coveted products of the year, but have been garnering attention for another reason: the surveillance technology they’re using.

              Media reports described how Toys "R" Us partnered with the startup b8ta to install sensors in the stores‘ ceilings, which track people as they walk around and look at toys. “Toys ‘R’ Us is monitoring where kids go to produce data for brands,” wrote iO9 last week. Tweets expressing outrage that the stores would "spy" on kids have collectively been shared thousands of times.

            • Twitter is funding research into a decentralized version of its platform

              Twitter is funding a small team of researchers to build an “open and decentralized standard for social media,” with the goal of making Twitter a client for that standard. CEO Jack Dorsey announced the news and laid out his reasoning in a tweet thread this morning, although he acknowledged that the process could take years.

              The project is called Bluesky, and nobody’s working on it yet. Twitter CTO Parag Agrawal is tasked with finding a lead for the project, who will build a team of up to five people. The Bluesky account’s only tweet quotes Dorsey with the comment “lo” — a reference to the first message ever sent on the [Internet].

            • YouTube FTC Push on Kids’ Privacy Criticized by Consumer Groups

              A coalition of 19 privacy and children’s advocacy groups called on the U.S. Federal Trade Commission to maintain privacy protections for all viewers of content aimed at young people, pushing back on an exception sought by YouTube.

              The latest clash between the advocacy groups and the internet video giant comes as the agency considers changing its rules under the Children’s Online Privacy Protection Act, or COPPA, which bans data collection on those under age 13 without parental consent. Initial comments on the rewrite are due Wednesday.

            • Break up the YouTube Premium bundle and give me ad-free only

              Google has cranked up the annoyance factor on YouTube lately. Frequent pop-overs and ads promoting YouTube Premium. The service has become all the more annoying for it.

              YouTube Premium is a bundled subscription service priced roughly the same as Netflix. You get access to YouTube Original shows, a music streaming service, and you pay the creators you watch from your subscription. Premium subscribers don’t see any ads on the service.

              YouTube is a near-monopoly when it comes to streaming video from individual and small niche creators. An ad-free subscription to support your favorite creators makes a lot of sense. It’s a more sure-fire deal than premium video streaming services like Hulu, Disney+, and Netflix.

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • Fox News Is Now a Threat to National Security

        The threat posed to our democracy by Fox News is multifaceted: First and most simply, it’s clearly advancing and giving voice to narratives and smears backed and imagined by our foreign adversaries. Second, its overheated and bombastic rhetoric is undermining America’s foundational ideals and the sense of fair play in politics. Third, its unique combination of lies and half-truths has built a virtual reality so complete that it leaves its viewers too misinformed to fulfill their most basic responsibilities as citizens to make informed choices about the direction of the country.

    • Environment

    • Finance

      • President Trump’s War on the Poor

        The economy continues to generate jobs that won’t support a family. That’s why so-called poverty programs—from CHIP to food stamps to public housing to low income heating assistance to Medicaid—are so necessary.

      • Will the Democratic Presidential Nomination Be Bought by the Oligarchs?

        The wealthiest and most powerful people in the country are putting their big thumbs on the scale.

      • 'Tax the Rich' Is No Longer Just a Political Slogan

        It's a national necessity and a moral imperative. And, at long last, it's actually within our reach.

      • Payday Loan Sharks
      • Paul Volcker’s Long Shadow

        Former Federal Reserve Chairman Alan Greenspan called Paul Volcker “the most effective chairman in the history of the Federal Reserve.” But while Volcker, who passed away Dec. 8 at age 92, probably did have the greatest historical impact of any Fed chairman, his legacy is, at best, controversial.

      • Papers Owned by Oligarchs Unsurprisingly Oppose a Wealth Tax

        When wealth-tax advocates like senators Bernie Sanders and Elizabeth Warren are two of the top three contenders for winning the 2020 Democratic primaries, you can bet that the US ruling class is terrified by the possibility of being slightly less rich (FAIR.org, 4/16/19). Notably, US oligarch Jeff Bezos (who owns the Washington Post) asked fellow oligarch Michael Bloomberg (and owner of Bloomberg News) to consider running for president, which Bloomberg decided to do a month after Sanders declared that billionaires shouldn’t exist, and a week after Warren proposed expanding her wealth tax (Washington Post, 11/9/19).

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

    • Freedom of Information / Freedom of the Press

      • Julian Assange, Thanks for Warning Japanese About Washington

        Who is Julian Assange?

      • For the sake of press freedom, Julian Assange must be defended

        Nine years ago this month, the Committee to Protect Journalists took a stand on one of the most polarizing figures in journalism. We wrote President Barack Obama and his attorney general, Eric Holder, urging them not to prosecute Julian Assange.

        The Australian hacker and WikiLeaks founder was in the administration’s crosshairs for publishing classified ‘war logs’ from the U.S. military in Afghanistan and Iraq, along with diplomatic cables.

        The leaks unnerved the Washington political and security establishment. Then Vice-President Joe Biden branded Assange a “high-tech terrorist” and Holder said he was considering prosecuting WikiLeaks and Assange under the 1917 Espionage Act.

        We argued that wielding a blunt World War I-era legal weapon against WikiLeaks would undermine the right to gather, receive, or publish information of important public interest.

    • Civil Rights/Policing

      • Guess What Happened After ICE, Which Has Torn Thousands of Families Apart, Tried to Honor Human Rights Day on Twitter

        In 2019, a record-breaking 70,000 children were held in ICE custody.

      • Balancing the Public Interest and a Family’s Grief

        Video and audio recorded by government surveillance cameras, cell phones, and police body cameras have emerged as a powerful force in accountability journalism.

        ProPublica’s release of an audio tape of wailing children separated from their parents at the border last year was so emotionally wrenching, it prompted President Donald Trump to halt one of his signature policies. Our forensic analysis of videos shot in Charlottesville and elsewhere spurred federal prosecutions of four white supremacists who had brutally beaten counter-protestors. We obtained audio that revealed leaders of a heart transplant unit in Newark, New Jersey had kept a vegetative patient alive for more than a year to avoid a federal review of their survival rates. Our story sparked a federal investigation.

      • US State of Ohio Proposes Extreme Abortion Ban

        When I flew to Honduras this year to report on the country’s total abortion ban – including in cases of rape – I couldn’t imagine that lawmakers in my home state of Ohio would propose a ban that is arguably even more extreme.

        The bill, introduced in November, bans abortion entirely – unless a woman’s life is in danger – and requires doctors to attempt to “reimplant an ectopic pregnancy” into a woman’s uterus or face charges of “abortion murder,” punishable by life in prison. An ectopic pregnancy occurs when a fertilized egg implants outside the uterus, and can be deadly.

      • We Investigated Magistrates. Now, Lawmakers Want to Overhaul the System.

        A South Carolina lawmaker is proposing the most sweeping changes in two decades to the state’s magistrate system after an investigation by The Post and Courier and ProPublica exposed how politics and flawed oversight provided fertile ground for incompetence and corruption on the bench.

        The legislation filed Wednesday by Sen. Tom Davis, a Beaufort Republican, would bolster the required legal training for magistrates who aren’t lawyers, increase protections for the many criminal defendants who appear before them and add a layer of scrutiny to magistrate appointments — posts that often go to politically connected insiders.

      • Kentucky governor to restore ex-felon voting rights

        Kentucky Gov. Andy Beshear (D) will sign an executive order Thursday restoring voting rights to more than 100,000 felons who have completed their sentences, he said Tuesday.

      • Uber Driver Says He Was Fired After Being in Protest Photo

        Former Uber Technologies Inc. driver Ahmed Youssef claims he was fired for participating in a peaceful protest against the company.

        In a lawsuit filed Wednesday in Illinois federal court, Youssef says he faced retaliation after participating in an October 2018 protest urging Uber and rival ride-share company Lyft Inc. to limit the number of their drivers on the road. Youssef was captured in a Chicago Tribune photograph holding a sign that said, “Lyft/Uber Respect Chicago Drivers.”

    • Internet Policy/Net Neutrality

    • Monopolies

      • Patents

        • Peter v. NantKwest, Inc. (2019)

          In Peter v. NantKwest, Inc., decided by the U.S. Supreme Court earlier today, the Court considered whether the U.S. Patent and Trademark Office could compel an aggrieved applicant to pay its attorney's fees in a ۤ 145 review, regardless of who wins or loses. The Court unanimously rejected the USPTO's arguments. In doing so, the Court bolstered the "American Rule" on attorney's fees and preserved ۤ 145 proceedings as a financially viable option for review of adverse Patent Trial and Appeal Board ("PTAB") decisions. The decision expressly considered only patent reviews, but it also applies to analogous reviews of trademark decisions. Thus, it has impact on cases far more broadly than just ۤ 145 proceedings.

          A patent applicant dissatisfied with a PTAB decision[1] has two options for review of that decision. First, the applicant can appeal the decision to the U.S. Court of Appeals for the Federal Circuit under 35 U.S.C. ۤ 141. In such cases -- which are the vast majority of reviews of PTAB decisions -- the Federal Circuit considers only the record before the PTAB and reviews that record deferentially for administrative correctness. Second, the applicant can also file a civil action in the U.S. District Court for the Eastern District of Virginia under 35 U.S.C. ۤ 145 and introduce new evidence for consideration de novo. One downside of the second route, however, is that "[a]ll of the expenses of the proceeding shall be paid by the applicant." In NantKwest, Inc. v. Lee, which later became Peter v. NantKwest, the USPTO argued for the first time that those expenses included the salaries of the USPTO attorneys and paralegals trying the case, regardless of the outcome of the case.

          The Supreme Court's starting point in considering the USPTO's argument was the "American Rule" on attorney's fees: "Each litigant pays his own attorney's fees, win or lose, unless a statute or contract provides otherwise." The USPTO argued that the American Rule didn't apply to €§ 145 proceedings because fee-shifting statutes usually reward only prevailing parties, and €§ 145 doesn't require the USPTO to be a prevailing party in order to recover expenses. But the Court noted that there are exceptions to the prevailing party requirement, such as cases brought under the National Childhood Vaccine Injury Act; those exceptions are—and are required to be—extremely clear in order to create an exception to the American Rule.

        • Nokia's winning streak continues: Munich Higher Regional Court surprisingly affirms anti-antisuit injunction

          A few hours after Judge Lucy H. Koh of the United States District Court for the Northern District of California granted Avanci, Nokia et al.'s motion to transfer Continental's U.S. FRAND/antitrust lawsuit to the Northern District of Texas, the Oberlandesgericht München (Munich Higher Regional Court) surprisingly affirmed the Munich I Regional Court's Nokia v. Continental anti-antisuit injunction. At the hearing held four weeks ago, the court actually indicated an inclination to reverse.

          The reasons for the decision are unknown. Maybe Nokia's modified wording of the injunction played a role.

          After the U.S. venue transfer decision, it would have been difficult at any rate to obtain in the very short term a U.S. antisuit injunction against the Nokia v. Daimler (as well as Sharp v. Daimler and Conversant v. Daimler) patent infringement cases pending in Germany. But it might still have happened just in time before Nokia will secure its first German SEP injunction. Now, with the German anti-antisuit injunction in place, a new U.S. antisuit motion would have to have a narrower scope.

        • Avanci, Nokia win transfer of Continental's FRAND/antitrust case from San Jose to Dallas

          The Avanci patent pool firm and its co-defendants--most notably, Nokia--never wanted Judge Lucy H. Koh of the United States District Court for the Northern District of California, famous for (among other high-profile cases) FTC v. Qualcomm, to adjudicate Continental Automotive Systems' FRAND/antitrust complaint. The first challenge they brought related to intra-district assignment. The N.D. of Cal. has multiple divisions, the two most important ones of which are San Jose (Judge Koh's location) and San Francisco. Avanci and Nokia (as well as some other, less significant defendants) asked for the case to be handled in San Francisco rather than San Jose, but that request was declined, and subsequently the case was assigned to Judge Koh.

          The difference between San Jose and San Francisco is a one-hour drive under perfect conditions, though it's taken me up to four hours.

          [...]

          Here's what I would advise Conti to do in light of the current landscape and recent--not final but nevertheless hurtful--blows: Conti either has to push far harder and smarter (they have great lawyers in Germany, but the problems they face are 100% political, 0% legal) for getting Nokia investigated by the European Commission's Directorate-General for Competition (DG COMP) or if they don't want or don't know how to do that (Nokia certainly does play the game holistically, but Daimler and Conti are employing 19th-century methods against an agile, clever, no-holds-barred rival in the 21st century), they should bring a Dusseldorf lawsuit against Nokia as Huawei did. At this point they might even still get a Dusseldorf case merged for case management purposes (though technically retaining a separate case number) with Huawei's case.

        • Commissioner Vestager makes competition-chilling remarks on automotive complaints against Nokia at Chillin'Competition conference

          "Chillin'Competition" is a nice wordplay for a conference title. To my dismay, that event provided the setting for competition-chilling utterances by EU competition commissioner Margrethe Vestager. "Competition-chilling" in the sense of doing nothing to promote fair and vibrant competition--and free movement of goods, one of the bloc's key objectives--with respect to automotive components that come with cellular connectivity. The best way to promote competition in that field is to ensure the makers of those components receive exhaustive component-level licenses on FRAND terms. Commissioner Vestager made herself a name as being supposedly tougher than even the legendary "Steely Neelie," but with respect to standard-essential patents (SEPs), her predecessor Joaquín Almunia used to take swifter and more decisive action.

          Daimler's antitrust complaint was filed more than a year ago. Then, a few months later, four suppliers (Continental, Valeo, Gemalto, and BURY Technologies) lodged their complaints. There's no justification whatsoever for not bringing the antitrust hammer down now.

          Khushita Vasant, a Brussels-based reporter for the Policy & Regulatory Report (PaRR), was first to break the news on Nokia's mediation offer to Daimler and its Tier 1 (= direct) suppliers, and also first to report on Monday that Mrs. Vestager told reporters after the aforementioned conference that "it would be a good thing if there was mutual understanding [between Nokia and the automotive complainants]." The Commission expects an update "by mid-February," writes PaRR.

      • Trademarks

        • Chooseco Chooses An Adventure In Bullying Indie Game Devs Over Trademark

          Earlier this year, after Netflix released an iteration of its Black Mirror series entitled Bandersnatch, which allowed the viewer to choose their own story path through the narrative, the company behind the famed Choose Your Own Adventure books from our childhood sued. Chooseco, armed with a trademark registration for "Choose your own adventure", claimed that Bandersnatch infringed on that trademark, first because the film has a nod of homage to the literary series within the script, and second simply because many in the public compared the film with the books of their youth. Meanwhile, thanks to the renewed attention that Netflix gave CYOA books -- for FREE! -- , Chooseco inked a deal with Amazon to create CYOA style narratives for the Alexa device.

        • Goats Remain on the Roof

          In the case, Mr. Bank petitioned to cancel the mark. Bank is not a competitor or customer. Rather, Mr. Bank is offended by the way that the mark demeans goats — denigrating the value that he (and society) places on the “dignity and worth of animals.” On the merits, Bank argued that the mark is functional and also disparaging to animal lovers. This second theory is no longer viable (if it ever were) under Matal v. Tam.

          The patent statute allows for any person to raise an inter partes review (IPR) challenge of an issued patent. Trademark cancellation petitions are more limited — requiring the petitioner to “believe[] that he is or will be damaged” by the mark. Although the “belief” requirement appears quite broad and subjective, the court has created objective standards of reasonableness — requiring (1) a “real,” “legitimate,” and “personal” interest in the proceedings and (2) a “reasonable basis” for the belief of damage.

          Here, the TTAB and CAFC agreed that Mr. Bank lacks standing. The court held that Mr. Bank provided neither a real interest nor a reasonable basis for his belief of damage.

      • Copyrights

        • The Pirate Bay Expands into Streaming — Introducing 'BayStream'

          The infamous pirate website The Pirate Bay is reportedly testing a new video streaming service called BayStream.

        • General Election 2019 - possible copyright infringement, actually

          Readers from outside of the UK political bubble (and who therefore might not yet be sick of UK politics) may be interested to know that (i) there is a general election on Thursday; and (ii) this election campaign has had more than its fair share of campaigning tactics that are dubious from an IP perspective.

          For example, the Conservative Party registered labourmanifesto.co.uk and promoted the site, which contained a critique of the Labour manifesto, via Google Ads on the day of the Labour manifesto launch. The campaign group Led By Donkeys registered thebrexitparty.com, offering it to sell the domain to the real Brexit Party for €£1 million (and rising).

          It seems, however, that the best has been saved until last. The Conservatives have just released what may well be Boris Johnson's magnum opus, a film that has been dubbed "Brexit, Actually" online:

        • Most Active Copyright Trolls Have Stopped Filing U.S. Piracy Lawsuits, For Now

          The two companies behind nearly all U.S. file-sharing lawsuits in recent years haven't filed any new complaints recently. Instead of submitting hundreds of new complaints in federal courts, there are none. It's unclear why both companies have halted their efforts but it could have something to do with recent legal developments.

        • Google's Top UK "Where to Watch" Searches Weren't a Piracy Concern in 2019

          Google has just released its Year in Search 2019 report which reveals what users searched for during the past year. Some of the most popular questions in the UK were "where to watch" followed by popular TV shows and events, something which prompted a warning from anti-piracy group FACT. But are these searches really a major concern anymore?

        • Marvin Gaye Family Not Done With Pharrell Just Yet: Bring Him Back To Court Claiming Perjury

          The Blurred Lines lawsuit is the case that just keeps on giving... if the gift you're looking for is legal shenanigans and ridiculous situations. As you'll recall, that was the case in which Marvin Gaye's family suggested that because the Pharrell/Robin Thicke song "Blurred Lines" paid homage to Marvin Gaye's "Got To Give It Up" with a similar groove, that it was infringing on Gaye's copyright. The whole thing was crazy -- and somehow the court bought it. Despite there not being any actual copying of any copyright-protected content, just the mere similarity of feeling in the song is enough to infringe.



Recent Techrights' Posts

Microsoft's GitHub is Losing Traffic, Based on an Extensive Web Survey, and Its Future is Uncertain
Remember that Microsoft keeps close to its chest the operations and finances of GitHub (because it's embarrassing!)
[Meme] Shoestring Budget With Record Profits (Because Hundreds of Thousands of Fake European Patents Get Granted)
Record profits? EPO staff does not benefit!
 
Links 14/10/2024: Keeping Multiple Blogs, Wrestling With Misinformation
Links for the day
[Meme] Class of Microsoft
"Everything started with Microsoft DOS!"
History Education and Rejecting Creation Myths
The creator of Linux isn't the creator of GNU/Linux
How to Follow Our Updates About EPO (or Everything Else for That Matter)
follow us via RSS feeds
EPO Administration: Wait Several Months or Until Next Year for Clarifications
"After the intranet announcements of 18 September and 27 September and recent emails from CIGNA concerning opting into the VECOZO network, colleagues have been contacting us with queries and requests for guidance."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 13, 2024
IRC logs for Sunday, October 13, 2024
Unrest at the European Patent Office as School Costs Eat Away the Income
"Letter to the administration on the Education Allowance - DISDH - German School"
Gemini Links 13/10/2024: ArcMenu, Emacs decide-mode, Midnight Pub Mass-Deletion Option
Links for the day
Links 13/10/2024: Science, Politics, and Some Gemini
Links for the day
Links 13/10/2024: Writing, Remembering John Wheeler, Voice Cloning
Links for the day
Certificate Authority Let's Encrypt Falls to 0.7% in Geminispace (It Was Around 12% Just 2 Years Ago and 7.5% This Past February)
Let's Encrypt is down again
Gemini Links 13/10/2024: Self-hosting Snac2 and Invasion of e-ink
Links for the day
SDxCentral, which the Linux Foundation Paid to Produce Marketing SPAM, Has Now Become Slop (LLM Spew) Disguised as 'Articles'
Google should delist it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 12, 2024
IRC logs for Saturday, October 12, 2024
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024