Bonum Certa Men Certa

Links 20/12/2019: Proton 4.11-11 and GNUnet 0.12.0



  • GNU/Linux

    • Server

      • Chef KubeCon 2019 Highlights: Lean, Mean, and Open to Cloud-Native

        The record breaking attendance at this year’s KubeCon 2019 North America further solidifies the fact that Kubernetes is one of the hottest technologies to come into the ring in the last few years. In addition to changing the way organizations run and manage workloads at scale, Kubernetes has also driven a new and rapidly growing ecosystem. The sponsor showcase was packed with more than 250+ sponsors from all categories of the CNCF vendor landscape.

        The showcase provided a great opportunity for Chef to talk to attendees about our current CNCF projects – Chef Habitat for Application Definition and Packaging, Chef InSpec for Security and Compliance, and Chef Infra for Configuration Automation.

      • IBM

        • National Science Foundation Awards Grant to Develop Next-Generation Cloud Computing Testbed Powered by Red Hat

          Red Hat, Inc., the world's leading provider of open source solutions, today announced that the National Science Foundation (NSF) Division of Computer and Network Systems has awarded a grant to a research team from Boston University, Northeastern University and the University of Massachusetts Amherst (UMass) to help fund the development of a national cloud testbed for research and development of new cloud computing platforms.

        • SANTALUCÍA Digitalizes Customer Experience with Red Hat
        • Companies Prefer Hybrid Cloud To Escape Public Cloud Data Grabbity
        • IBM Z Open Editor Support for Language Server Protocol is a Game Changer

          The integrated development environment (IDE) is an indispensable tool for software developers. Before it came along, coding was a laborious, detail ladened undertaking. We’ve become accustomed to the syntax checking and code completion features than even the most basic IDEs provide. These days we tend to forget how hard it was programming with nothing but a rudimentary text editor. Something as simple as finding a missing comma or a misplaced curly bracket that was causing a compilation error could take hours, maybe days should the codebase be big enough. When it came to tracing your way through a seemingly endless chain of functions and classes in order to find the culprit of a runtime error, well…fuggedaboutit! Without the modern IDE, we’d be sunk. Well, that was then and this is now. A few years back, a new technology emerged on the technical landscape that’s boosting the power of the IDE, and subsequently the scope of work a developer does and the decisions he or she makes by an order of magnitude. This new technology is Language Server Protocol (LSP).

    • Audiocasts/Shows

      • Destination Linux 152 - Opt-In vs Opt-Out, Ubuntu Cinnamon, Microsoft Teams, Xfce, Upstream Graphics

        Topics covered in this episode:

        Opt-Out vs Opt-In – initiated by feedback on the Zorin OS discussion on DL150 – related to the DLN Forum thread of “Is opt-out ever ethical?” Ubuntu Releases User Survey Ubuntu Cinnamon Microsoft Teams Out For Linux Canonical Sponsors WSL Conference? Upstream Graphics Too Little Too Late Type Knight

      • 2019-12-19 | Linux Headlines

        Canonical's Multipass virtual machine manager reaches its 1.0 milestone, the Django project releases a major security update out-of-band, Kdenlive receives major improvements, and Mozilla is replacing IRC for its community communications.

      • LHS Episode #318: The Weekender XXXIX

        In this episode, the last episode of 2019, the hosts turn The Weekender into a roundtable free-for-all where fans of the show could join us on Mumble and talk about anything they wanted to. We touch on amateur radio, Linux, open source, sociology, thoughts about the past and the future and throw in a healthy dose of hedonism. Thank you to everyone who participated and who listens to our program. May you have a wonderful holiday season and a prosperous new decade.

      • Larry Two-tails | User Error 81

        The future of Internet video, the best way to develop open source software, skills vs talents, and our favourite types of animal companions.

    • Applications

      • Quick List Of Top Server Monitoring Tools For 2020

        Without any explanation, let’s have a quick look into the list of useful and top server monitoring tools for the server administrators.

      • 8 Best Free Linux Astrology Software

        Astrology is a set of traditions, beliefs and systems which hold that there is a connection between the movement of heavenly bodies and events that take place on Earth such as human affairs, and personality. Astrologists use the position of the planets to try to predict future events, and to inform the psychological understanding of an individual’s psyche.

        Up until the 17th century astrology and astronomy were inextricably intertwined. However, it’s important to recognize that astronomy and astrology are two very different disciplines. Astronomy is the scientific study of celestial objects and is widely respected in the scientific community, whereas astrology is based on universal, timeless symbolism, it is often regarded as a pseudo-science, and thought of as an art.

    • Instructionals/Technical

    • Wine or Emulation

      • Proton 4.11-11 Released With DXVK 1.5, Few Game Fixes

        Just in time for those taking advantage of Valve's annual Steam Winter Sale, a new release of the Wine-based Proton software is now available that powers Steam Play for running Windows games generally very well on Linux.

        Just a week after Proton 4.11-10 that brought support for Halo: Master Chief Collection, full-screen integer scaling, and other improvements, version 4.11-11 is now available.

      • Steam Play Proton gets turned up to 11 in the latest update

        Steam Play Proton has been updated once again, dealing with a mouse issue from the last update and other improvements.

    • Games

      • 'Civilization' and Strategy Games' Progress Delusion

        Now you don’t need me to tell you that the 4X genre is problematic (the four Xs stand for explore, expand, exploit, exterminate, after all). And I’d hazard to guess that most 4X developers take a systemic approach to game design which treats theme as a largely secondary issue (Sid Meier has repeated Bruce Shelley’s joke that they do their research in the kid’s section of the library [48 minutes into the linked recording]). But games are an artifact produced within a given social context and as such reproduce aspects of their worldview, particularly those aspects that are seen as being natural.

        And what do we find in most historical 4X games? A largely uniform tech tree that all factions will progress through in a unilateral direction. Even non-historical 4X games feature uniform tech trees, they just use the present as a starting point and not an endpoint. But what is progress in an historical 4X game? To be blunt, it’s the elimination of difference. The closer you are to “us”, the more you have progressed. [...]

    • Desktop Environments/WMs

      • Why Vim fans love the Herbstluftwm Linux window manager

        Everybody loves Vim (aside from Dvorak and Emacs users). Vim is so popular that there are entire web browsers dedicated to navigating the web with Vim keybindings, a Vim mode in the wildly popular Zsh terminal emulator, and even a text editor. There's also a window manager called herbstluftwm that models itself partly after the "Vim way." Herbstluftwm does away with windows, as such, and replaces them with tiles, or quadrants, into which applications are loaded and used. You use the keyboard (Alt+h, Alt+j, Alt+k, and Alt+l) to navigate from one tile to another.

        Install herbstluftwm from your distribution's software repository. After installing it, log out of your current desktop session so you can log into your new one. By default, your session manager (KDM, GDM, LightDM, or XDM, depending on your setup) will continue to log you into your previous desktop, so you must override that before logging in.

    • Distributions

      • New Releases

        • Alpine Linux 3.11 released

          Version 3.11 of the lightweight Alpine Linux distribution is available. Changes include the 5.4 kernel, Raspberry Pi 4 support, GNOME and KDE support, and the deprecation of Python 2.

        • Alpine 3.11.0 Linux Version Released with Kernel 5.4 & Raspberry 4 Extended Support!

          Alpine 3.11.0 Linux Version Released Today: Alpine Linux is also one of the best Linux Distro. Alpine 3.11.0 Linux is an open-sourced Linux based operating system mainly focuded to provide the secured server based secure computing environment. What?s New in Alpine Linux 3.11.0:

          Comes with Linux 5.4 kernel (Linux-LTS) support Initial GNOME and KDE support added MinGW-w64 and DXVK support added Added support for Raspberry Pi 4 (aarch64 and armv7) Added support for Vulkan Rust is available on all architectures No rust support for s390x architectures These are the key new features comes with Alpine Linux 3.11.0

      • Screenshots/Screencasts

      • Gentoo Family

        • MichaÅ‚ Górny: A distribution kernel for Gentoo

          The traditional Gentoo way of getting a kernel is to install the sources, and then configure and build one yourself. For those who didn’t want to go through the tedious process of configuring it manually, an alternative route of using genkernel was provided. However, neither of those variants was able to really provide the equivalent of kernels provided by binary distributions.

          I have manually configured the kernels for my private systems long time ago. Today, I wouldn’t really have bothered. In fact, I realized that for some time I’m really hesitant to even upgrade them because of the effort needed to update configuration. The worst part is, whenever a new kernel does not boot, I have to ask myself: is it a real bug, or is it my fault for configuring it wrong?

          I’m not alone in this. Recently Михаил Коляда has talked to me about providing binary kernels for Gentoo. While I have not strictly implemented what he had in mind, he inspired me to start working on a distribution kernel. The goal was to create a kernel package that users can install to get a working kernel with minimal effort, and that would be upgraded automatically as part of regular @world upgrades.

        • Gentoo Developers Exploring The Possibility Of Shipping Distribution Binary Kernels

          While much of the lure to Gentoo Linux is on being a source-based distribution and assembling your system packages from source, some Gentoo developers are toying with the idea of providing some new kernel binary options similar to that of the more conventional binary Linux distributions.

          Gentoo developer MichaÅ‚ Górny explained some of the problems leading to this new idea with fellow Gentoo developer Михаил Коляда for a distribution binary kernel option. "The worst part is, whenever a new kernel does not boot, I have to ask myself: is it a real bug, or is it my fault for configuring it wrong?"

      • SUSE/OpenSUSE

        • SUSE CEO Melissa Di Donato's strategy comes into focus

          Melissa Di Donato has held the chief executive post for just over 100 days, arriving at SUSE from SAP, where she was chief operating officer and chief revenue officer. Prior to her time at SAP, Di Donato had been an executive at Salesforce.

          Now she has her feet on the ground she wants to double the growth of the open source firm by helping customers "simplify", "modernise", and "accelerate", as was often stressed during a recent interview with Computerworld.

      • Fedora Family

        • Matthias Clasen: More on Flatpak updates

          In the terminal, I’m building a new version of the the portal test app, and update my (local) repository. The flatpak portal is noticing that the update appeared (I’m running it with a short poll timeout here, instead of the usual 30 minutes), and sends out a D-Bus signal to the application, which requests to be updated, and then restarts itself.

          Using the portal API directly is not very convenient, since you have to listen to D-Bus signals and whatnot. Therefore, we now have a library called libportal, which is providing simple async wrappers for most portals. That is what the portal test app in the demo is using, and you should be using it too in your applications.

          The first stable release of libportal will appear very soon, with Flatpak 1.6, and then it will find its way into runtimes.

      • SystemD Issuea and Devuan Family

        • Systemd In Ten Years Has Redefined The Linux Landscape

          Systemd got its start in 2010 in providing a better init system and expanded its scope from there. As part of our year-end and end-of-2010s articles, here is a look at the top systemd stories from the past distribution controversies to new features and other highlights.

          Systemd certainly had a wild ride over these past ten years and is now used by nearly all of the Linux distributions out there. While many still seem to hate it with a passion, it's brought many interesting features and new innovations to the Linux ecosystem. Below is a look at the most-viewed systemd stories of the decade.

        • Escape from System D, episode VI: freedom in sight

          Sometimes I feel like there’s no hope of avoiding a Systemd monoculture, but occasionally there’s news that shows that other options remain alive and well. Debian is having a vote on whether to continue to support other init systems, and to what extent; we’ll see soon enough what the outcome is. Adélie linux recently announced support for using Laurent Bercot’s S6-RC (an init alternative that’s certainly solid and which deserves respect, though it’s a little minimalist for my own taste). Devuan continues to provide a Systemd-free variant of Debian, as Obarun does for Arch Linux. I’d love to have a distribution decide to give Dinit a try, but of course I have to face the possibility that this will never happen.

          I’ll end with a plea/encouragement: if you’re interested in the project at all, please do download the source, build it (it’s easy, I promise!), perhaps configure services and get it to run. And let me know! I’m happy to receive constructive feedback (even if I won’t agree with it, I want to hear it!) and certainly would like to know if you have any problem building or using it, but even if you just take a quick peek at the README and a couple of source files, feel feel to drop me a note.

      • Debian Family

        • Introducing dpkg source format for git repositories

          There is a large disagreement inside Debian on how a git repository used for Debian packages should look like. You just have to read debian-devel to get too much of it.

          Some people prefer that the content of the repository looks like a "modern" (3.0) source package the Debian archive accepts. This means it includes upstream source and stuff in debian/patches that need to get applied first to have something usable. But by definition this concept is incompatible with a normal git workflow; e.g. you can't use cherry-pick of upstream patches, but need to convert it into a patch file either by hand or with another tool. It also can't use upstream test definitions using a CI without adopting it and patching source first.

          Other people prefer to have a complete patched source available always. This allows for use of cherry-pick and all the other git concepts available. But due to the way our "modern" (3.0) source formats are definied, it is impossible to use those together. So everyone wanting to use this can only use ancient 1.0 source packages, which lack a lot of features like modern compression formats.

          Some do stuff that is much more weird. Weird things like git-dpm, which is also incompatible with merges. But we can't save everyone.

          I started working on bridging the gap between a proper git repository and modern Debian source package by building a source package from some special target in debian/rules. But people maybe rightfully complained that not be able to use dpkg-source got a big downside and needs a lot of documentation. To get this into proper shape, I'd like to introduce a new dpkg source format.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

      • FSF

        • The FSF can't campaign for free software without your help

          The Free Software Foundation's (FSF) campaigns team works tirelessly to spread the message to the world that all software must be free. Campaigning for free software takes creativity, hard work, and a dedicated community. We amplify free software organizations and projects, mobilize activists, and provide resources. We're only three people, but we are the point of connection for hundreds of thousands of supporters annually. You hold the power to exponentially increase this number. It is our goal to make the free software conversation a kitchen table issue, and we need your help!

          Since many families and friends get together at the end of the year, we worked with our recent FSF intern, Valessio Brito, on translating some of the reasons why our fight is so important into illustrations, to facilitate conversations during these gatherings.

          The images we developed, which we are using in our annual fundraiser, seek to raise the issue of free software by focusing on common issues with proprietary software, like privacy violations, exemplified by a simple flashlight app and its permissions in your device. We visualize issues like data mining, back doors into your devices, and the vulnerability of cameras and microphones in so-called "smart devices." We also comment on Digital Restrictions Management's (DRM) power over you and your devices. We put a lot of thought into designing these images to be conversation starters, and now we're asking you, as the free software community and our main channel of communication, to share them. You can find the images, their embed codes, and their .SVG source files on the FSF Web site. Please use them to start conversations with the people you care about, using the hashtag #ISupportFreeSoftware.

          [...]

          This year, we organized four member meetups in different locations in the US, and we hosted free software introductions to students of local public schools. We also organized the LibrePlanet conference with live instances on IRC (#libreplanet on Freenode) and mumble, and livestreamed all 40 sessions on social justice and technology. We held our annual associate member meeting, a "hackathon," an FSF office open house, and two social events during this time as well. We were also one of two EmacsConf satellite instances, and took to the streets in protest of DRM twice this year, once (in conjunction with fourteen online partners) to stand up for students against Pearson Education for the International Day Against DRM (IDAD), and once against Disney+ at the opening night of Frozen II, here in Boston.

          To organize quality events such as LibrePlanet, IDAD, Continuing Legal education (CLE) seminars, and others, we need to invite speakers and collaborators from all over the world, and we also need to make sure the events are accessible remotely. With your support, we can add an additional "workshop room" to the annual LibrePlanet conference, host smaller educational gatherings and talks throughout the year, do more student outreach, and grant more speakers and attendees access to events by growing our scholarship fund. We will work together with other organizers to set up and promote local instances of events, like an upcoming LibrePlanet 2020 satellite in Ontario, Canada, and we are developing a program to help financially support free software local activist groups.

          Public speaking is another way of increasing our footprint in the community. Campaigns manager Greg Farough spoke at a local maker space, and executive director John Sullivan traveled to both South America and Europe to talk about free software issues this year. We also host informational booths all over the world, with the help of volunteers and our operations team. These are very effective way of reaching a large audience, and so we want to do more of it.

          The campaigns team is at the center of all communications and events here at the FSF, working closely with all other teams. Along with the tech team, we are always thinking about how we can improve the user experience of our campaigns and our Web sites. Together, we are working on developing a petition site to allow us to turn around signature actions quickly, and on a major update to the fsf.org Web site, which will enhance user experience on mobile phones. With the licensing team, we work to release the latest Respects Your Freedom (RYF) announcements, and we organize the CLE seminars to educate law professionals on licensing issues.

        • GNU Projects

          • GNUnet 0.12.0 released

            We are pleased to announce the release of GNUnet 0.12.0. This is a new major release. It breaks protocol compatibility with the 0.11.x versions. Please be aware that Git master is thus henceforth INCOMPATIBLE with the 0.11.x GNUnet network, and interactions between old and new peers will result in signature verification failures. 0.11.x peers will NOT be able to communicate with Git master or 0.12.x peers.

            In terms of usability, users should be aware that there are still a large number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.12.0 release is still only suitable for early adopters with some reasonable pain tolerance.

      • Public Services/Government

        • CERN to switch to Kopano mail server for its 40,000 users

          In June the IT trade press reported widely on CERN's Microsoft Alternatives (MALT) project. “It started off as a very unfortunate situation with license costs increasing, but has turned into a great opportunity to review the way we do things in order to move towards open solutions,” Tenaglia told the European Commission’s Open Source Observatory.

          The first tangible outcome of this is a switch to the Kopano mail server. CERN is currently evaluating Kopano, aiming in due course to support 40,000 users and some 60 terabytes of mail data. CERN is running an on-premises pilot of the same size as its production server, which uses Microsoft Exchange. The research organisation, based in Meyrin, Switzerland, has a support contract with Kopano, the Dutch/German software company that is developing the eponymous mail server. “Kopano offers support for their 100% open source software. That sets it apart from business that offer support for premium features built onto their basic open source product,” Tanaglia says.

      • Programming/Development

        • Flutter 1.12, Dart 2.7, Android 10, & much more!

          TL;DR 186 | The Google Developer News Show

        • Huawei Contributes Some Glibc AArch64 Performance Optimizations

          Huawei isn't known as much of an upstream contributor to the GNU toolchain and as far as GNU C Library (glibc) commits go prior to Thursday had just authored three patches from a Huawei emailing address. But that count more than doubled thanks to some optimizations they have successfully landed upstream.

          Huawei has contributed optimized implementations of strlen_asimd, memrchr, strnlen, strcpy, and memcpy for Glibc's AArch64 (64-bit ARM) code that stands to benefit for all modern Arm SoCs and just not Huawei hardware. For strcpy it's possible to be 5~18% faster, strnlen in the range of 11~24% for longer strings, and other optimized functions in the range of upper single digit percentages to around ~20% in best case scenarios.

        • Top 50 Frequently Asked Ruby Interview Questions and Answers

          Ruby is a modern-day programming language developed in Japan around the 90s. This high-level language is intended for general-purpose software development. Ruby gained immense popularity during the transition of websites to web apps. It fuels the first generation of these apps due to its high-scalability and robust feature set. Even after the JS boom, Ruby is still enjoying increasing demand. Companies often seek developers fluent in Ruby and Rails, Ruby’s flagship web framework for maintaining their existing products and adding new functionalities. So, it’s essential to know common ruby interview questions if you want to grab a Ruby job.

        • e2k19 Hackathon Report: Stefan Sperling on GoT and wireless

          By the end of the hackathon the Game of Trees 0.22 release was published. I was glad to see growing support for this project among the developer base.

        • Python

          • How to Generate Random Numbers in Python

            There are different ways, we can generate random numbers in Python. We can categorize them in following ways.

            Random numbers generate from a list using Python random

            Random numbers using Numpy Random

            Lets go through the above methods one by one.

            We need random package from Python. Lets import that.

          • Python 3.8.1, 3.7.6, 3.6.10, and 3.9.0a2 are now available!

            On behalf of the entire Python development community, and the currently serving Python release team in particular, I'm pleased to announce the unprecedented combined release of no less than four versions of Python. Let's dig in!

            [...]

            Python 3.9 is still in development. This releasee, 3.9.0a2 is the second of six planned alpha releases. Alpha releases are intended to make it easier to test the current state of new features and bug fixes and to test the release process. During the alpha phase, features may be added up until the start of the beta phase (2020-05-18) and, if necessary, may be modified or deleted up until the release candidate phase (2020-08-10). Please keep in mind that this is a preview release and its use is not recommended for production environments.

        • Shell/Bash/Zsh/Ksh

          • How To Automate Directory Database And Website Backup Using Bash

            If there is anything that makes Linux a great server OS when it comes to maintenance, it is scripting.

            Be it simple bash scripting, python or perl, it’s awesome when you can automate boring repetitive tasks, knowing that the system will handle everything perfectly.

            From creating database dumps, syncing filesystem backups, to automating application installations, scripting is present everywhere in Linux.

            In this tutorial, we will cover the basics of bash scripting, enabling you to write your own bash scripts you can use to make your life easier. Also checkout how to write bash functions.

          • Msot popele can undreatnsd tihs setennce

            I wrote about this particular kind of text garbling five years ago on the Linux Rain website. For some background, see the last section of this post.

      • Standards/Consortia

        • Google Reader Killed RSS

          Google Reader reigned for so long that people towards the end of its run weren’t wistful for a return to the old ways. They were wistful for the thing that wrecked the old ways. The old ways were a world not even remembered.

        • Beyond integration: how APIs can form a platform for connected health

          Neither of these interoperability models is well suited to provide just enough information, when needed, for the burgeoning ecosystem of internet-based applications that we see today. These apps grew up in the world of the internet, web and mobile applications, and expect to connect via Application Programming Interfaces (APIs), leveraging ubiquitous standards such as REST transactions (think HTTPs), in human readable JSON or XML formats, with readily discoverable “descriptions” of the APIs understandable to developers and connecting applications.

          To meet this need, the HL7 Fast Healthcare Interoperability Resources (FHIR) standard was created to enable secure exchange of just enough information on demand or via subscription over the internet in packets of clinically related data termed “Resources” in self-describing FHIR APIs. This new FHIR API standard is well suited for supporting rapid innovation and the flattening of the healthcare ecosystem.

        • Situation: there are too many competing smart home standards

          The idea behind the the standard is to make it easier to get new smart home devices onboarded on to your network and to minimize the need for consumers to have to check to see what is or isn’t compatible with their smart home control system — whether that be Alexa, Apple HomeKit, Google Assistant, or something more professional like Control4.

          Think of it this way: the smart home has a plumbing problem. Imagine none of the companies making faucets or even pipes were willing to talk to each other, so every single connector was different, depending on the company. And none of them even agree on how to route hot, cold, and sewage water. Just to fix your sink you have to commit to working with a single company in perpetuity and probably make five trips to the hardware store for adapters if you didn’t.

          Command Line is The Verge’s daily newsletter about computers, gadgets, and software. You should subscribe! I’m eager to hear your feedback. Please feel free to email me at dieter@theverge.com if you have thoughts. -Dieter

          By subscribing, you are agreeing to receive a daily newsletter from The Verge that highlights top stories of the day, as well as occasional messages from sponsors and / or partners of The Verge.

          That’s what’s happening right now when you screw in a smart lightbulb or wire up a smart thermostat. Some of that pain is made invisible by software abstraction from Amazon or Google, but it’s still a snarled mess underneath.

  • Leftovers

    • Education

      • Why Public College Should Be Free

        In 2017, the most recent year for which we have data, all of the tuition and fees charged by public colleges came to $75.8 billion. That’s less than what the federal government spends to subsidize the cost of college. In the same year, the government disbursed about $160 billion in the form of student loans, grants, and tax breaks to help make higher education less of a burden on American families.

    • Health/Nutrition

      • Court Voids 'Obamacare' Individual Mandate, Sidesteps Whole Law Issue

        A federal appeals court on Wednesday struck down “Obamacare’s” now-toothless requirement that Americans carry health insurance but sidestepped a ruling on the law’s overall constitutionality. The decision means the law remains in effect for now.

      • Traveling for the Holidays? Here's How to Not Get Sick

        The quick wipe-down makes things seem less icky, especially since the cleaning between flights is minimal. (Though it’s worth noting that planes get a thorough cleaning overnight, so your most hygienic option is to take the first flight of the day.) But the gloves and hand sanitizer might be more useful in the airport. A study during the 2015-2016 influenza season in Finland detected respiratory viruses on 10 percent of surfaces, including bins in the security area, a plastic child’s toy on an airport playground, stair handrails, and the buttons on a payment terminal in an airport pharmacy.

        The influenza virus can survive on surfaces for 24 hours, says Mark Gendreau, an emergency medicine physician and specialist in air-travel-related health. “Humans touch their face about 200 times a day,” says Gendreau, who is chief medical officer of Beverly Hospital in suburban Boston. “The eyes, nose, and mouth are the port of entry for these infectious agents.”

    • Integrity/Availability

      • Proprietary

        • 10 Best Tools to Open RAR Files
        • Undocumented Catalina file access change

          File access privacy protections were introduced in macOS 10.14 Mojave and then expanded in Catalina. Mojave restricted access to directories such as "~/Library/Application Support/AddressBook" and "~/Library/Safari". Catalina added even more restricted directories, such as "~/Downloads" and "~/Documents". I've discussed macOS privacy protections (and their shortcomings) several times before on this blog. You can grant special exceptions to the built-in file access policies by clicking one of the much beloved permissions dialogs that pop up in Mojave and Catalina or by manually configuring the exceptions in the Security & Privacy pane of System Preferences. That's all quite explicit to the user. What I just discovered, though, is that on Catalina you can also implicitly — even accidentally — grant special exceptions, not only to the built-in policies but also to your own explicitly chosen special exceptions. I'll illustrate with an example.

        • Why Ring can’t just blame users for those home-invading camera ‘hacks’

          This is not the local TV sweeps week “you’re not safe anywhere” story, and that’s why it resonates so strongly: the reporters ask security experts what’s missing from Ring’s security measures, detailing each small thing. For example, Ring doesn’t check if your password was swept up in a hack elsewhere. It doesn’t send notifications to your phone to make sure a log-in is legitimate. And if someone who manages to find your password accesses your Ring account, there doesn’t appear to be any record of it. So an unwelcome guest could be watching you and you’d never be the wiser. It’s a methodical, careful look at the small things Ring (and other companies; it’s not just Ring) could be doing to make its cameras more secure, but isn’t.

        • Vivaldi opens up an exciting new front in the browser wars, seeks to get around blocking with cunning code

          Browser maker Vivaldi celebrated its last release of 2019 with a handbags-at-dawn move that will see it don a Google Chrome disguise.

          The move comes as the Oslo-based outfit reached the end of its tether with web sites rejecting its Chromium-based browser, while waving the similarly Chromium-based Google Chrome through with a cheery smile.

          The issue, according to a recent rant blog post by QA lead, Ruarí Ødegaard, comes down to the User Agent string, passed from the browser to the web site upon connection.

          It's a handy string, and lets sites sniff all kinds of interesting things, such as the operating system on the client as well as the browser and version (among other nuggets of data.)

        • Pseudo-Open Source

          • Openwashing

            • Telefónica, flexiWAN Drive Open Source SD-WAN Development

              Open source SD-WAN vendor flexiWAN today announced a partnership with Telefónica to develop a proof-of-concept SD-WAN service designed to run on white-box consumer premises equipment (CPE). The partnership, which began in June, will continue through 2020 and involve testing flexiWAN’s performance for consumer branches that need throughputs from 50 Mb/s to 1 Gb/s of encrypted traffic.

              flexiWAN’s open source SD-WAN platform entered public beta in late July promising to disrupt the market with an open architecture. CEO and co-founder of the Tel Aviv, Israel-based startup Amir Zmora imagines a future where the open standard has become the No. 1 deployed SD-WAN on the market, similar to what pfSense did for firewalls.

            • Amazon Snaps at New York Times Open Source Critique

              This licensing issue has come to the fore as a number of firms, including Elastic, have changed the licensing model on some of their technology in an attempt to prevent larger cloud providers from taking that technology, changing up a bit of the code, and offering it as-a-service. That move ignited considerable debate within the open source community as to the continued “openness” of those platforms.

              “This puts open source software vendors in a difficult place,” explained Paul Dix, founder and CTO of InfluxData, in an interview with SDxCentral earlier this year. “We are trying to create something valuable that has a community around it but we have to have a value proposition to allow those community members to be customers.”

              Chris Aniszczyk, CTO and COO of the Linux Foundation-based Cloud Native Computing Foundation (CNCF), earlier this year told SDxCentral that such moves could “confuse” downstream adopters that these new models were still open source.

              “We are cool with businesses trying to come up with new and innovative business models, but don’t call it open source,” Aniszczyk said.

            • AWS denies claims it steals features from open source software

              The cloud giant was less than pleased with a recent article in the New York Times which criticized the company for integrating open source software created by others into its own offerings. In the article, the chief executive of the open source database MariaDB, Michael Howard even went as far as to say that “A.W.S.’s success is built on strip-mining open-source technology”.

            • AWS hits back at open source theft allegations

              During 2019, there have been a number of reports about how open source software providers have had their business models undermined by AWS taking the free version of their software and making it available as a fully managed cloud service.

              The New York Times article describes how, in 2015, AWS copied and integrated open source software from Elastic into its new Elasticsearch service. This effectively meant that Elastic was competing with AWS to offer a managed service, based around the open source software it had spent time and money developing and supporting.

              As Computer Weekly has reported previously, MongoDB and Redis have both changed their products to differentiate between the freely distributed version and a licence that explicitly covers organisations that want to use the product in a managed service.

            • AWS hits back at open-source software critics

              Amazon Web Services (AWS) has rejected criticism that the company ‘strip mines’ open source software projects for their innovations. AWS wasn’t happy with how it was portrayed in a recent New York Times article about open source database makers which criticised the the cloud giant for integrating open source software pioneered by others into its offerings.

              But rather than copying software and profiting from the others’ labor the world’s top cloud computing company is just giving customers what they want, according to Andi Gutmans, vice president of AWS analytics and ElastiCache.

          • Privatisation/Privateering

            • Microsoft Made More Linux / Open-Source Announcements In 2019 From exFAT To WSL2

              Under the continued guidance of Satya Nadella, Microsoft made more interesting open-source / Linux moves in 2019 most notably with allowing exFAT support to be introduced into the mainline Linux kernel and also introducing Windows Subsystem for Linux 2.

            • Linux Foundation

              • Cloud Native Computing Foundation Announces TUF Graduation

                The Cloud Native Computing Foundation€® (CNCF€®), which builds sustainable ecosystems for cloud native software, today announced that The Update Framework (TUF) is the ninth project to graduate, following Kubernetes, Prometheus, Envoy, CoreDNS, containerd, Fluentd, Jaeger, and Vitess. For projects to move from the maturity level of incubation to graduation, they must demonstrate thriving adoption, an open governance process, and a strong commitment to community, sustainability, and inclusivity. TUF, an open-source technology that secures software update systems, is the first specification and first security-focused project to graduate. Justin Cappos, associate professor of computer science and engineering at NYU Tandon School of Engineering, initially developed the project in 2009. Cappos is also the first academic researcher to lead a graduated project and TUF is the first project born out of a university to graduate.

              • Cloud Native Computing Foundation announces TUF graduation

                The Cloud Native Computing Foundation (CNCF) is part of the Linux Foundation that is focused on Kubernetes and other cloud technologies. It has announced that The Update Framework (TUF) has graduated to a full member project.

        • Security

          • Security Flaws in KeyWe Smart Lock Leave It Vulnerable to Hacks

            Smart home products seem to be keeping white-hat hackers in business. It’s a safe bet at this point to say in the near future, they’ll be kept in business, as the smart home products continue to have many vulnerabilities.

            One of those products is the KeyWe Smart Lock. It was discovered that it has a design flaw that can be exploited by an attacker to easily pick the lock.

          • [Older] AsusWrt-Merlin Firmware 384.14 Beta 3 Is Available for Several ASUS Routers

            AsusWrt-Merlin has made available its new 384.14 Beta 3 firmware version compatible with some of ASUS’ routers which merges with GPL 384_81351 and adds “split” busybox applet and IPv6 support to Network Analysis WebUI.

            In addition to that, this release updates miniupnpd (20190824), dnsmasq (2.80-95-g1aef66b), OpenSSL (1.1.1 to 1.1.1d), Curl (7.66.0), nano (4.4), OpenVPN (2.4.8), OUI database (2018-08-17), and CA root certificates (October 9th 2019).

            Moreover, the developer has managed to implement an option to prevent Firefox's automatic usage of DoH, make the WebUI SSL certificate generation compliant with IOS 13 and MacOS 10.15, and allow IPv6 firewall to use empty values for local IP.

          • What You Probably Didn’t Know About Sudo

            I hope this article proved to you that sudo is a lot more than just a simple prefix. There are tons of possibilities to fine-tune permissions on your system. You cannot just fine-tune permissions, but also improve security by checking digests. Session recordings enable you to check what is happening on your systems. You can also extend the functionality of sudo using plugins, either using something already available or writing your own. Finally, given the list of upcoming features you can see that even if sudo is decades old, it is a living project that is constantly evolving.

          • pf-badhost

            It's been just over a year since version 0.1 of pf-badhost was released. pf-badhost has been downloaded thousands of times. The BSD Now guys even did a spot on pf-badhost. Considering the attention pf-badhost has received, I figured it deserved some love.

            Version 0.2 is a complete rewrite of the script. I've written a basic address parser to allow for proper address verification and error checking. As an added benefit of the new address parsing function, IPv6 lists are now supported as well as mixed lists containting any combination of IPv4, IPv6 and/or CIDR notation.

            The parser also supports arbitrary input formatting for address lists. This means it can be fed addresses in HTML, XML, JSON, CSV etc and be able to parse it into a format suitable for feeding into pf.

          • Privacy/Surveillance

            • Just Two Days After Product Warning Issued for Amazon Ring, Reporting Reveals Data of 3,000 Users Leaked

              "This gives a potential attacker access to view cameras in somebody's home in some of these cases—that's a real serious potential invasion of privacy right there."

            • Joint Letter from 80 organisations: Ban Security and Surveillance Facial Recognition

              The Observatoire des Libertés Numériques1The Observatoire des Libertés Numériques federates several French NGOs monitoring legislation impacting digital freedoms: Le CECIL, Creis-Terminal, Globenet, La Ligue des Droits de l’Homme (LDH), La Quadrature du Net (LQDN), Le Syndicat des Avocats de France (SAF), Le Syndicat de la Magistrature (SM). and 80 organisations are signing a joint letter calling French Government and Parliament to ban any present and future use of facial recognition for security and surveillance purposes. The wide diversity of organisations signing this letter shows how deeply the population condemns this technology.

            • Facebook Acquired a Startup to Build a Live Shopping Feature

              The social media company bought Packagd, a five-person company founded by Eric Feng, a former partner with Kleiner Perkins Caufield & Byers, and most of the startup’s team joined Facebook in September. Packagd was building a shopping product for YouTube videos. “Think of it as a re-imagination of QVC or a home shopping network,” Feng said in a 2017 interview with Bloomberg Television’s Emily Chang.

            • Still Why No HTTPS?

              Back in July last year, Scott Helme and I shipped a little pet project that tracked the world's largest websites not implementing HTTPS by default. We called it Why No HTTPS? and it gave people a way to see the largest websites not taking transport layer security seriously. We also broke the list down on a country-by-country basis and it quickly became a means of highlighting security gaps and serving as a "list of shame". I've had many organisations reach out and ask to be removed once they'd done their TLS things properly so clearly, the site is driving the right behaviour. Today, we're happy to share the first update since November last year.

            • Edward Snowden’s book profits must go to the government, judge rules

              The government argued that since Snowden had failed to provide the book for a contractually obligated review, he had no right to the profits from the book or his public speeches. Snowden’s lawyers have countered that it would be impossible for the book to receive a good-faith review from the government.

              But in yesterday’s ruling, a federal judge in Virginia sided with the government, finding that “the contractual language is clear.” The judge writes that Snowden’s “failure to participate in the prepublication review process” made it impossible for the judge to question hypothetical decisions about that review.

              Brett Max Kaufman, a senior staff attorney with the ACLU’s Center for Democracy who worked on Snowden’s legal team, said in a statement that it was “farfetched” to think Snowden’s book would receive a fair government review.

            • Forget piggy banks. Kids are using mobile apps for pocket money

              These apps offer a simple money management service for children, often for a monthly subscription fee paid by the parents. Parents can add money to children's accounts, set limits and monitor transactions, while children can choose to save their money or spend it using a prepaid card that works like a debit card. The apps suggest minimum ages ranging from six to nine for the prepaid card.

            • Facebook Is Building an Operating System for Future Devices

              The planned operating system, earlier reported by The Information, would be focused more on future products, such as augmented-reality glasses, according to a Facebook spokeswoman. Facebook has shared plans to build this type of glasses, with software built in, but the social-media giant is likely years away from launching anything in this area.

            • Firefox UX: How people really, really use smart speakers [Ed: There's no such thing as "Smart speakers". They're listening devices or microphones connected to someone else in the wiretapping sense.]

              More and more people are using smart speakers everyday. But how are they really using them? Tawfiq Ammari, a doctoral candidate at the University of Michigan, in conjunction with researchers at Mozilla and Yahoo, published a paper which sheds some light on the question. To do this, he gathered surveys and user logs from 170 Amazon Alexa and Google Home users, and interviewed another 19 users, to analyze their daily use of voice assistants.

              Users of both Google Home and Alexa devices can access a log showing all the interactions they’ve had with their device. Our 170 users gave us a copy of this log after removing any personal information, which meant we could understand what people were really using their devices for, rather than just what they remembered using their devices for when asked later. Together, these logs contained around 259,164 commands.

              We collected 193,665 commands on Amazon Alexa which were issued between May 2015 and August 2017, a period of 851 days. On average, the datasets for our 82 Amazon Alexa users span 210 days. On the days when they used their VA, Alexa users issued, on average,18.2 commands per day. We collected 65,499 commands on Google Home between September 2016 and July 2017, a period of 293 days. On average, the datasets for each of the 88 Google Home users spans 110 days. On days when they used their VA,Google Home users issued, on average, 23.2 commands per day with a median of 10.0 commands per day.

              For both Amazon Alexa and Google Home, the top three command categories were listening to music, hands-free search, and controlling IoT devices. The most prevalent command for Amazon Alexa was listening to music, while Google Home was used most for hands-free search. We also found a lot of items in the logs reflecting that both devices didn’t often understand queries, or mis-heard other conversation as commands — that’s 17% in the case of Google Home and 11% in the case of Alexa, although those aren’t quite comparable because of the way that each device logs errors.

              People used their smart speakers for all sorts of searches. For example, some of our respondents use VAs to convert measurement units while cooking. Others used their VAs to look up trivia with friends. Users also searched for an artist who sang a particular song, or looked for a music album under a specific genre (e.g., classical music).

            • Confidentiality

              • How bad can text security be? One company just showed us.

                "The TrueDialog database is hosted by Microsoft Azure and runs on the Oracle Marketing Cloud in the USA. When we last looked at the database it included 604 GB of data. This included nearly 1 billion entries of highly sensitive data," the report noted. "Millions of email addresses, usernames, cleartext passwords, and base64 encoded passwords (which are easy to decrypt) were easily accessible within the database. ... "We also found in the database logs of internal system errors as well as many http requests and responses, which means that whoever found it could see the site’s traffic. This could [have] by itself exposed vulnerabilities. ...

              • OpenSSH Key Shielding

                On June 21, 2019, support for SSH key shielding was intro– duced into the OpenBSD tree, from which the OpenSSH releases are derived. SSH key shielding is a measure intended to protect private keys in RAM against attacks that abuse bugs in speculative execution that current CPUs exhibit.[0] This functionality has been part of OpenSSH since the 8.1 re– lease. SSH private keys are now being held in memory in a shielded form; keys are only unshielded when they are used and re–shielded as soon as they are no longer in active use. When a key is shielded, it is encrypted in memory with AES–256–CTR; this is how it works: [...]

    • Defence/Aggression

      • Multiple people killed in shooting at Russia’s Federal Security Service headquarters

        A shooting has taken place in central Moscow at the Federal Security Service (FSB) building on Lubyanka Square. RBC reported that an unknown individual opened fire there using a Kalashnikov automatic rifle. Preliminary eyewitness reports indicated that one individual began shooting in the FSB’s reception area, after which he ran out into the street and continued shooting there. RT reported that the shooter barricaded himself inside a nearby building while exchanging fire with officers.

      • Masterminds Guilty in Philippines Massacre

        When I heard the verdict handed down in the Maguindanao Massacre case today, I was ecstatic. As a former journalist, I’ve waited 10 long years for a court to convict the perpetrators of the country’s worst case of political violence, in which 58 people, 32 of them journalists, were killed execution-style.

        The masterminds of this horrific crime – Andal Ampatuan Jr. and his brother Zaldy Ampatuan Jr. – were sentenced to life in prison without parole. But out of more than 107 who stood trial, only 28 people were convicted of murder, receiving 40-year prison terms, minus 10 for time served. Another 15 people were found guilty as accessory to the murders. The court acquitted 55 defendants of all charges. Then there are the 80 suspects that police have failed to arrest.

      • How War Targets the Young

        One day in October 2001, shortly after the U.S. invaded Afghanistan, I stood at the front of a private high school classroom. As a new social studies teacher, I had been tasked with describing violence against women in that country. I showed the students an article from the front page of the New York Times featuring Afghan women casting off their burqas as they bathed in a stream near Kabul.

      • Democrats Are Shifting on Foreign Policy – But Not Far Enough to End War

        After months of debate, the crowded Democratic primaries have begun to narrow. Major candidates have largely avoided foreign policy discussions, instead focusing on issues like health care, trade, immigration and gun control, which are seen as more important to the U.S. electorate. Although they have clear differences in vision, it is obvious that both progressives and traditionalists on the ticket see foreign policy as a secondary concern. This is standard for U.S. politics. Often, campaign staff will see few incentives to discuss foreign policy, regarding it as too abstract to be understood by a U.S. public that is largely inward-looking.

      • Chinese [Cracking] Group, Quiet for Years, Resumes Global Attacks

        Fox-IT, a security company based in the Netherlands, said in a report published Thursday that the group’s attacks have extended to 10 countries, including the U.S., the U.K., France, Germany and Italy.

        The Chinese [attackers] carried out a global espionage campaign that targeted industries including aviation, construction, finance, health care, insurance, gambling and energy, the firm said.

    • Environment

      • Acidifying Oceans Could Eat Away at Sharks' Skin and Teeth

        For hundreds of millions of years, sharks have been roaming Earth’s oceans making meals out of a huge range of critters, from the whale shark gobbling up tiny krill to the 60-foot megalodon that could take down whales. Their ancestral line has survived mass extinctions with ease, most notably the catastrophe that took down the dinosaurs.

        But nothing could have prepared them for the scourge that is humanity—we’re polluting their waters and snatching up their prey and hunting them to extinction. And now, thanks to climate change, humans may be transforming the very water sharks swim into an existential threat: In findings published today in the journal Scientific Reports, researchers show that prolonged exposure to acidified water corrodes the scales, known as denticles, that make up a shark’s skin. To be clear, this work was done in the lab and on only one species, but the implications are troubling. As we belch still more CO2 into the atmosphere, which reacts with seawater and makes the oceans more acidic, the seas themselves could become yet another threat that pushes sharks over the brink.

      • Bernie Sanders' Climate Change Message Cheered in L.A. Debate

        Sen. Bernie Sanders received widespread applause during Thursday night’s Democratic Party presidential debate when he challenged what he considered a flimsy question on the issue of the climate crisis and then offered a far-reaching critique about a global system in which trillions are spent on war and destruction but similar investments are not made to address the emergency of global heating.

      • After Telling Moderator Climate Question 'Misses the Mark,' Sanders Says Real Issue Is Will We 'Save the Planet for Our Children and Grandchildren' [Ed: Same as above]

        "Instead of spending $1.8 trillion a year on war, globally, on weapons of destruction," said Sanders, "maybe we pool our resources and fight our common enemy which is climate change."

      • Heat the Arctic to cool the Earth, scientists say

        If we seriously want to tackle the climate crisis, here’s a drastic idea: we could heat the Arctic to cool the planet.

      • Energy

        • Biosphere Collapse?

          Five years ago: Nations of the world met in Paris to draft a climate agreement that was subsequently accepted by nearly every country in the world, stating that global temperatures must not exceed +2C pre-industrial. Global emissions must be cut! Fossil fuel usage must be cut!

        • World’s first floating nuclear power station begins operations in Russia’s Far East

          In the far eastern Russian region of Chukotka, the first nuclear power station located on a waterborne vessel has begun operations, Rosatom announced. The station is named the Academic Lomonosov.

    • Finance

      • If Current Trends Hold, Women Around the World Will Have to Wait 257 More Years for Gender Pay Gap to Close

        "None of us will see gender parity in our lifetimes, and nor likely will many of our children."

      • Betsy DeVos's Family Foundation Funnels Money to Her Right-Wing Supporters

        The family foundation of Education Secretary Betsy DeVos and her billionaire husband, Dick, gave more than $1 million to purportedly “independent” right-wing groups that have helped boost her assault on public education, according to a recent tax filing obtained by the government watchdog group Allied Progress and shared with Salon.

      • 100 million Indians, no hope and future

        What will happen when you have a 100 million Indians in the productive age of 14-40 are not working, neither looking for work, neither training or have any hopes that they will get any jobs. This is the India that most Indians are inheriting which has been shared in a recent Govt. report released about a month back.

        [...]

        There has been no uptake in rural demand and there is no policy by the Govt to tackle this. Couple of months back the FM gave 1.45 lakh crore or $20 billion dollar tax bonanza to corporate houses which make a measly 3-4% of the total economy and are already swimming in cash, while the other 96% of the economy which actually oils the Indian market which is the small businesses, the farmers who are net loosers in the current regime. Even essential commodities prices have gone up both in retail and wholesale markets with almost all of the profits acruing to the middleman rather than the farmer or the agricultural labor . We are on the path of being England which imports all of its veggies. Last not but not the last exports have been down from India for straight fourth month.

        Conclusion

        Unless India fixes lot of structural issues for e.g. adherance to legal contracts or fast resolution in case of issues, don’t see India bouncing back anytime soon. Nobody from the other side even comments why economies of Bangladesh, Vietnam, China and even Cambodia are able to ramp up their economies even if the argument is ‘global slowdown’ . Some people have argued for cyclical slowdown but haven’t had any evidence to prove that other than conjecture.

      • Why big business can count on courts to keep its deadly secrets

        It was an evidence log, a detailed inventory of documents and other exhibits that had been used in an injured worker’s lawsuit. And it was freely available to anyone who bothered to look for it – for this was long ago in 1978, before the routine use of protective orders, sealed documents and other tools of concealment wrapped U.S. courts in lethal secrecy.

        Motley, a lanky, deep-drawling South Carolina lawyer, had been representing sick workers in lawsuits against companies that used asbestos. And he was losing, as defense lawyers convinced juries that the companies had only recently learned of the dangers of the cancer-causing mineral. Now, the log might guide him to proof that the companies had long known that asbestos exposure could be deadly.

        [...]

        Motley shared the documents with other plaintiff lawyers and with Los Angeles Times reporter Henry Weinstein, who was with Motley in Newark that day in 1978 and recounted the lawyer’s discovery to Reuters. A member of Congress got them, too. In a matter of months, the Sumner Simpson papers unlocked what one prominent plaintiff lawyer had dubbed a new “industrial Watergate.” Congress held hearings, workplace safety rules were enacted, workers won more lawsuits, and scores of companies, including Raybestos, declared bankruptcy. The companies set up victim trust funds that have paid out more than $30 billion in settlements and that continue compensating victims even now.

        Today, there’s little chance a lawyer – or a journalist or a concerned citizen – could do what Motley did. That’s because in the intervening decades, big business and its legal lieutenants succeeded in a focused, concerted campaign that has ensured that secrecy cloaks lawsuits alleging that their products can kill or injure people.

    • AstroTurf/Lobbying/Politics

      • To Understand Trump, You Must Understand His Cult

        As Americans watch the political drama of impeachment against President Donald Trump unfold in Congress, it seems clear that Democrats and Republicans seem to occupy entirely different planes of reality, speaking in opposite terms about the same issues. It is a reflection of the political polarization in the nation at large that social scientists have struggled to understand. But there is a simple explanation: We are witnessing the development of a dangerous and massive cult. And Trump, the cult leader, knows exactly how to wield his power over his supporters in order to retain his position.

      • Trump Could Be Impeached More Than Once

        “And still I rise, Madam Speaker,” Congressmember Al Green, Democrat of Houston, said, opening his statement during the House hearing on the impeachment of President Donald Trump. Those words were taken from Maya Angelou’s poem, “Still I Rise”...

      • A Leader of Grossly Immoral Character: The Chosen One Gets Unchosen
      • Reich on presidential primaries
      • Humans
      • PBS Taps Journalist With Anti-Sanders Bias to Help Moderate Debate

        Tonight’s Democratic presidential debate will be sponsored by Politico and PBS, simulcast by CNN, and moderated by Politico chief political correspondent Tim Alberta, along with PBS NewsHour’s anchor and managing editor Judy Woodruff, senior national correspondent Amna Nawaz and White House correspondent Yamiche Alcindor.

      • To Corporate Media, an Exercise Bike Ad Is More Newsworthy Than 3/4 of a Trillion for the Pentagon

        What is more newsworthy—a decision to give the Pentagon three-quarters of a trillion dollars, or an ad for an exercise bike? If you picked the Pentagon spending, you may not have a future in corporate media.

      • Mitch McConnell and Lindsey Graham Must Pay for Enabling Trump

        In modern history, only Adolf Hitler’s enablers received anything like accountability for their furtherance of the Nazi agenda. A post–World War II West was determined to punish the purveyors of atrocity. But those days are long over. Oh, if you’re an African despot, the International Criminal Court will come for you, but if you’re committing war crimes on behalf of a Western country, they call you “Dick Cheney” and pretend they can’t see you.

        The enablers of President Donald Trump are likely well aware of how history gets made. The record of these times will show that Donald Trump, and Donald Trump alone, was impeached for abuse of power and obstruction of justice. It will show that Donald Trump was a liar, a bigot, and a sexual predator. It will show that Donald Trump presided over the failure of America, if there even is an America left when he’s done with it.`

      • The House Has Impeached President Trump. Here’s What We Learned.

        But in looking at their words and deeds over the past few months, House Republicans have effectively given Trump the green light to solicit other foreign governments to help him win next year’s election. It looks like House Republicans would defend Trump if he, for example, asked Saudi Arabia to investigate the Democratic nominee next year.

    • Censorship/Free Speech

      • Ethiopia: Bill Threatens Free Expression
      • Why India shuts down the internet more than any other democracy

        The internet has been shut down 93 times so far this year, according to the Internet Shutdown Tracker, a portal which tracks such incidents across the country.

      • India: The world leader in Internet shutdowns

        According to the Internet shutdown tracker, India has the highest number of network disruptions ordered by the state with 91 reported instances (at the time of writing) alone in 2019. The number stood at 134 in 2018. These are just the incidents that have been reported; the actual number is likely to be more. This makes India the Internet shutdown capital of the world. The world's biggest democracy leads in digital authoritarianism -- and by some margin.

        The reason? The government wants to silence dissenting voices.

      • More than 350 Internet shutdowns in India since 2014

        India Today Data Intelligence Unit (DIU) analysed Internet shutdowns in the country and found that terror activities and communal tensions have been the biggest contributors to suspension of services.

      • India’s internet shutdown is the longest in history

        The Indian government defended this move as necessary to thwart what it calls Pakistan-led terrorist groups from launching attacks on security forces.

        “Social media platforms like Facebook, WhatsApp, Twitter, and YouTube are likely to be used for spreading of rumours and also for transmission of information like pictures, videos and text that have the potential to inflame passions and thus exacerbate the law and order situation,” said officials in the state of Assam.

    • Freedom of Information / Freedom of the Press

      • The INQUIRER reaches end-of-life

        Our publisher, Incisive Media, has made the decision to shut down the website, which has come as a huge shock to everyone here at The INQUIRER. We were informed by our publisher last week - Merry Christmas! Happy Tory landslide! - which has made the decision that due to a recent decline in digital advertising, along with a change of focus for the business, it was time for The INQUIRER to go dark.

        The site will remain live until the end of March, but Thursday will be the final day that we will be publishing new content.

      • Britain’s election fallout spells danger for the BBC

        Those who argue that the Beeb’s troubles will blow over point out that its licence fee is protected by royal charter until 2027. But it will need to reach another fee settlement in 2022. Mr Cummings and the prime minister were willing to prorogue Parliament; they might well countenance legislation to change the BBC’s funding. Changing the BBC’s leadership could be another approach. In the past the corporation could count on allies on both sides of politics. Just now it is looking rather friendless.

      • Assange’s Defense Outlines Extradition Arguments
      • Spanish judge to question Julian Assange over Ecuador embassy spying claims

        Assange will be transferred from Belmarsh prison in southeast London to Westminster Magistrates Court to answer questions from De la Mata, who is investigating alleged violations of client-attorney privilege between the cyber-activist and his lawyers, and allegations that these conversations were passed on to the CIA.

        British civil servants visited Assange in prison last week, asked him whether he agreed to be questioned by De la Mata, and delivered a document listing the events under investigation by the judge, who had issued a European Investigation Order (EIO) in September requesting assistance from British authorities.

        This list of events under investigation, which EL PAÍS has seen, notes that David Morales, owner of the Spanish security firm UC Global, SL “invaded the privacy of Assange and his lawyers by placing microphones inside the Ecuadorian embassy in London without consent from the affected parties.” It also states that the information thus collected was distributed to other people and institutions, including “authorities from Ecuador and agents from the United States.”

        [...]

        This position created unease in judicial circles, and was viewed as resistance to an investigation that could hinder Assange’s extradition to the US. The WikiLeaks founder’s hearing is scheduled for February.

        Several Spanish judges consulted by this newspaper said that EIO requests are generally granted on an automatic basis. With an EIO, a legal authority from a EU member state can ask a legal authority from another EU country for assistance in obtaining evidence or means of evidence, including witness statements.

        The US justice system is accusing Assange of 18 crimes that add up to 175 years in prison in connection with WikiLeaks’ publication of classified material on military operations in Iraq and Afghanistan.

    • Civil Rights/Policing

      • More Than Thirty Human Rights Groups Protest the Targeting of Digital Rights Defenders in Ecuador, Argentina, and Beyond

        Protecting human rights comes in many forms. Some human rights defenders are lawyers, defending clients against violations of their basic humanity. Some are journalists, exposing corruption and the secret injustices that might otherwise hide behind power. Some are activists, working in politics and in their communities to give support to those who might not be able to defend themselves.

        And some human rights defenders are technologists: building tools to defend or enhance the practice of human rights, and calling out the errors or lies of those who might misuse technology€ against€ its users.

      • Beyond Prisons: Sunlight Is A Human Right

        Abolitionist and journalist Jared Ware joins the Beyond Prisons podcast for a conversation on deteriorating abusive conditions within South Carolina prisons.

        Jared gives us an update on recent organizing efforts by prisoners in South Carolina and their comrades on the outside, who delivered a demand letter to UN offices in the United States, Carribean, and United Kingdom last month. They argue the South Carolina Department of Corrections (SCDC) is violating international standards for confinement known as The Mandela Standards.

      • EU court rules that Catalan leader was jailed improperly
      • New Report From Bernie Sanders Details Declining Living Standards for Millennials

        "If we don’t fundamentally transform our economy, we are facing — for the first time in the history of this country — the possibility that our young people will suffer a worse future than their parents had. This report confirms my fears,” Sanders said in a statement provided to Teen Vogue.

        According to the report, in the 1970s, 94% of 30-year-olds earned more than their parents did at that age, as opposed to 2010, when only 50% of 30-year-olds earned more than their parents. In 2016, the median net worth (assets minus debt) of millennials between ages 25-34 was 36% lower than it was for Gen X'ers at that age; just $20,038, compared with $31,240 for Gen X'ers. The report goes on to highlight the unique factors that have led to this change: a decrease in homeownership and an increase in student loan debt.

      • Labor board rolls back employee email rights after Google recommendation

        The federal labor board ruled this week that employers can block workers from using email to organize, in a decision that companies, including Google, have asked for.

        The National Labor Relations Board said in the 3–1 decision that “employees have no statutory right to use employer equipment, including IT resources,” for union activity, giving management leeway to ban organizing on their work email systems. The decision undoes a previous ruling from the board decided under the Obama administration, which gave workers more latitude to use their work email for legally protected labor activity. "“employees have no statutory right to use employer equipment.”"

      • Indigenous Eurasian Islamic Populations

        This blog was defending the human rights of the Uighurs a decade before the neo-conservatives for whom they are now a fashionable cause even knew of their existence. The Uighurs are the closest linguistic and cultural cousins of the Uzbeks, and the populations are contiguous. (China is not contiguous with Uzbekistan but Osh and the eastern Ferghana Valley in Kirghizstan are Uzbek majority areas).

      • Sudanese brides who feel forced to undergo FGM to get married

        In the mainly Muslim country this can involve the removal of the clitoris and labia and often includes some stitching to narrow the vaginal opening- a process known as infibulation.

        These stitches come away when a woman has sex.

        If a bride-to-be opts for further FGM, the operation, usually carried out by midwives, can involve cutting away more of the labia and re-stitching the vagina.`

    • Internet Policy/Net Neutrality

      • New York State Legislature Introduces a Net Neutrality Bill

        Following the€ lead of California, New York is now introducing€ measures to implement net neutrality in the state.

      • This Page is Designed to Last

        Bookmark after bookmark led to dead link after dead link. Vanished are amazing pieces of writing on kuro5hin about tech culture, and a collection of mathematical puzzles and their associated discussion by academics that my father introduced me to; gone are Woodman's Reverse Engineering tutorials from my high school years, where I first tasted the god-like feeling of dominance over software; even my most recent bookmark, a series of posts on Google+ exposing usb-c chargers' non-compliance with the specification, disappeared.

        This is more than just link rot, it's the increasing complexity of keeping alive indie content on the web, leading to a reliance on platforms and time-sorted publication formats (blogs, feeds, tweets).

    • Monopolies

      • German court hands Uber another legal setback

        A court in Germany has banned Uber from offering rides through rental car firms. It's another blow for the US ride-hailing company which has had its European ambitions curtailed by the courts.

      • Amazon Seeks Out First Irish Warehouse as Brexit Date Looms

        Irish property investors including Green REIT Plc, which was acquired by private equity firm Henderson Park last month, and IPUT Plc have been investing in Dublin warehouses and land for industrial development, betting Brexit could amplify already strong demand for logistics properties. Large retailers including Amazon and Marks & Spencer Group Plc ship goods to Irish customers from warehouses in the U.K. That leaves them vulnerable if the U.K. fails to agree a deal that would ensure the smooth movement of goods across the Irish Sea when it leaves the EU.

      • TCS: Current IP paradigm inadequate for the age of AI
      • Patents

        • House approves Trump's USMCA trade deal amid shadow of impeachment

          The House on Thursday passed a bill to implement President Trump’s overhaul of the North American Free Trade Agreement (NAFTA), advancing a crucial piece of his economic agenda with strong bipartisan support.

          The bill to enact Trump’s United States-Mexico-Canada Agreement (USMCA) passed 385 to 41, with 38 Democrats, two Republicans and Rep. Justin Amash (I-Mich.) voting against the deal. The measure now moves to the Senate, where it is expected to pass after the chamber concludes Trump’s impeachment trial.

        • House Passes USMCA Trade Deal With Broad Bipartisan Support

          One day after its historic impeachment votes, the Democratic-led House gave President Donald Trump an overwhelming bipartisan victory Thursday on a renegotiated trade agreement€ with Canada and Mexico.

        • PCT Office Moving Toward Standardization of Electronic Document Submissions [Ed: Big patent offices making proprietary software of Microsoft the 'standard']

          Patent attorneys are always concerned about the risk of document discrepancies arising when submitting electronic documents to patent offices.

        • Amgen Inc. v. Hospira, Inc. (Fed. Cir. 2019)

          The Federal Circuit has grappled with, divisively in some instances, the extent to which the safe harbor provisions of 35 U.S.C. ۤ 271(e)(1) extend to activities not strictly for obtaining regulatory approval, such as post-approval quality testing and "stockpiling" product used for commercial purposes. For example, in Classen Immunotherapies, Inc. v. Biogen IDEC, then-Chief Judge Rader joined by Judge Newman held that "routine" post-approval submissions are outside the safe harbor (over a vigorous dissent by Judge Moore), whereas in the following case, Momenta Pharm. v. Amphastar Pharm., the roles were reversed, with Judge Moore finding herself in the majority (with Judge Dyk), and then-Chief Judge Rader filing a dissent. Yesterday, the Federal Circuit revisited these issues in its decision in Amgen Inc. v. Hospira, Inc.

          The case arose over Amgen's complaint that Hospira infringed its U.S. Patent Nos. 5,865,298 and 5,756,349 relating to cells and methods of preparing erythropoietin (EPO). The jury found that Hospira had not carried its burden of showing either patent to be invalid by clear and convincing evidence; and that Hospira infringed claims 24 and 27 of the '298 patent but had not infringed claims 1-7 of the '349 patent...

          [...]

          The opinion also affirmed based on substantial evidence the jury's finding that Hospira's EPO preparations infringed claim 27 of the '298 patent based on expert testimony and portions of Hospira's aBLA. The Federal Circuit also affirmed the jury's decision that claim 27 was not anticipated by a prior art reference because it did not disclose "a composition with a predetermined in vivo activity" but just that the EPO produced according to the reference was "biologically active."

        • Guest post by Profs. Yu and Contreras: The Uncertain Criminal Status of PAE Litigation in China

          On September 30, 2019, the Shanghai Pudong New Area People’s Court (court of first instance) ruled that an individual, Mr. Li Xingwen, was guilty of criminal extortion for asserting patents against a number of Chinese companies shortly before their initial public offerings (IPOs). The case was widely reported in the international press (see here, here and here) before the official release of this first-instance judgment, and gave rise to concern about the risks of asserting patents in China. The full text of the Shanghai court’s decision was finally released on September 30, 2019 and reveals several interesting details about the case. In particular, Mr. Li’s conduct giving rise to the judgment of extortion involved the falsification and backdating of a license agreement with a related company in order to extract additional royalties from a company with which Li had already settled. However, most of Mr. Li’s other patent assertions, notwithstanding their strategic filing prior to the defendants’ IPOs, were viewed as legitimate. Then, on October 18, 2019, the Shanghai Pudong New Area People’s Procuratorate lodged a protest with the Shanghai No.1 Intermediate People’s Court, arguing that the judgment against Mr. Li was too lenient. Below, we summarize the facts of the case and the findings of the court of first instance, then assess the implications of the People’s Prosecutor’s protest.

      • Copyrights

        • Police Raid in Moscow’s NGINX HQ

          Russian police raided Nginx’s Moscow offices, a company that’s behind the open source web server and reverse proxy server suite, a fast-growing alternative to Apache (about 30% of websites use Nginx, including Netflix and Twitch).

          According to local media, in addition to the raid at the Nginx offices, Russian police have arrested Igor Sysoev, Nginx’s conceptual founder and his colleague and co-founder, Maxim Konovalov.

        • MPA Wants Enhanced Border Enforcement Against Pirate Streaming Boxes

          The Motion Picture Association hopes that changes to U.S. Customs and Border Protection regulations will enhance enforcement against pirate devices. The movie industry group proposes to expand the definition of a “copyright protection measure,” so that a broader range of piracy tools can be seized at the border.

        • Mega Now Stores 63.8 Billion Files, Has Suspended 78,000 Users For Copyright Infringement

          Now one of the Internet's most-visited sites, Mega currently hosts 63.8 billion files but receives relatively few copyright takedown notices, around 317,500 during the first nine months of 2019. Since its 2013 launch, around 78,000 Mega users have been suspended for breaching its repeat infringer policy, which currently sits at "three strikes".

        • Ghosh Yoga College Claims Copyright Infringement Over Netflix Documentary On Bikram Choudhury

          While the volume isn't enormous, I would still say that there are entirely too many Techdirt posts on the topic of yoga. Most of those center around yoga instructors somehow thinking that a specific progression of yoga poses is somehow deserving of copyright protection or patents. The whole thing feels antithetical to yoga practices to begin with, which are at least in part about bringing a calm spiritual experience into a healthy living style. Paywalling that is an odd choice.

        • Indie Music Consumption Has More Than Doubled Since 2015 on Napster

          Napster says indie music growth on its platform has more than doubled since 2015. 33% of the top 100 streamed artists are from indie artists and labels.



Recent Techrights' Posts

Small Codebase is Typically Safer (More Aftermarket Snakeoil Means More Holes)
Rust is just more code
Spending Christmas Pasting Microsoft's Chatbot Garbage - Anti-Linux and Anti-BSD FUD - Into LinuxSecurity.com (Under the Guise of 'Article')
In 2025 we need to tackle this problem
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
 
With 5 Days Left (Sans Time Extension, Which is Expected) FSF Has Already Raised 60% of the Money It Sought
Technically 59.6485%
Links 27/12/2024: Ongoing Demise of Real Healthcare, Gemlog Cleanup, Fingers Point to Russia After Passenger Plane Crash
Links for the day
Links 27/12/2024: Perfect Desk, Banning Cellphones, Many Cables Cut Near Finland
Links for the day
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day