Bonum Certa Men Certa

Links 21/10/2020: Alpine 3.12.1, Tor Browser 10.0.2



  • GNU/Linux

    • Magazines and Shows

      • Linux IS fun! | Linux Format

        Some people have gained the impression that Linux might not be fun. How did that happen? So this issue we’re putting the fun back into Lin(f)u(n)x! We’re not sure that’s going to catch on…

        This issue we’re going to look at Plex. While no longer open source, it’s always treated Linux as a first-class citizen and delivers a super-slick media streaming experience across networks, devices and all media. You can use it for free and if you get on with it there are membership levels that unlock extra features and app access. It’s certainly a system that works for Plex.

      • Enabling A Firewall Is Easy In Linux - YouTube

        I am going to show you how to install and enable the Uncomplicated Firewall (ufw) and how to add and delete rules for it. Ufw is a very easy-to-use command line utility, and for those that want a graphical tool, gufw is available as well.

      • Destination Linux 196: Going Sub-Atomic With Quantum Computing - Destination Linux

        This week We’re going to take a look at what’s new for KDE’s latest Plasma 5.20 release! We’re going visit the Quantum Realm to discuss Quantum Computing and an article Red Hat released about the subject including what sysadmins will need to do to manage in this new realm without an Ant Man suit. In our gaming section, we’re going to be howling at the moon because this week we’ll be checking out Werewolf: The Apocalypse — Heart of the Forest. Later in the show, we’ll give you our popular tips/tricks and software picks. Plus so much more, on this week’s episode of Destination Linux.

      • mintCast 346 – It’s Not You, It’s Me – mintCast

        First up, in our Wanderings, Leo makes web apps, Moss sends a Telegram, Joe gets an upgrade, Josh fights with a mic, and Bo gets a gnome.

    • Kernel Space

      • Graphics Stack

        • Nouveau + LLVMpipe Drivers Enable OpenCL Image Support - Phoronix

          The interesting work continues pouring in for Mesa 20.3 as the Q4'2020 feature release to this open-source graphics stack... The latest excitement is on the "Clover" front for Gallium3D OpenCL.

          The LLVMpipe software back-end and Nouveau NVC0 Gallium3D drivers now are advertising OpenCL image support! This is important for making use of OpenCL acceleration with programs like Darktable and LuxCore, among many other imaging type programs supporting OpenCL.

        • Intel OpenGL/Vulkan Linux Drivers Strike Another Optimization For Tiger Lake - Phoronix

          It was just on Monday that Intel's talented open-source developers merged a hefty Tiger Lake graphics optimization into the Mesa 20.3 code that for some games/software can be around ~11% faster thanks to greater caching. Just a day later another optimization has arrived for helping these latest-generation Intel graphics.

          Merged on Tuesday was a change to benefit Intel's Iris Gallium3D (OpenGL) and ANV Vulkan drivers for making use of the HDC data cache for uniform buffer object (UBO) pulls on Gen12+ hardware, namely Tiger Lake at this point.

        • Vulkan update: merged to Mesa
        • New NVIDIA Vulkan Beta Driver 455.26.02 is out

          Need the latest bleeding-edge Linux drivers from NVIDIA? There's a new release out of the Vulkan Beta Driver.

          [...]

          Reminder: This special Vulkan beta driver is where all the shiny new stuff goes in before making its way into the stable release for everyone. Really, it's mostly aimed at developers and serious enthusiasts. Unless you need what's in them, it's generally best to use the stable drivers.

          The newest stable versions of the main NVIDIA driver for Linux are at 450.80.02 released on September 30 from their "long lived" series or 455.28 released on October 7 from their "short lived" series. Confused?

    • Benchmarks

      • Windows 10 vs. Ubuntu 20.10 Performance With Intel Tiger Lake, AMD Renoir

        Stemming from our initial Intel Core i7 1165G7 "Tiger Lake" benchmarks on the Dell XPS 13 9310 last week and then also discovering better single-threaded performance on Ubuntu 20.10, one of the pressing questions was whether this is expected performance on Linux or if it's coming up short of Microsoft Windows for this first tier-one notebook to market with Intel Tiger Lake. So following those earlier tests I proceeded to do a Windows 10 Pro with all available updates comparison on Ubuntu 20.10 with the i7-1165G7. For added context, the same software stack and tests were repeated on an AMD Ryzen "Renoir" notebook.

        Today's article answers the question of Intel Tiger Lake performance on if it's coming up short against Windows and where any outliers are between the Windows and Linux support for these latest-generation Intel mobile processors. Plus with the AMD Ryzen 5 4500U "Renoir" Lenovo Flex 15 performance added in there it also helps address whether any of the tests/benchmarks may be favoring one operating system over the other and ultimately seeing how the Windows vs. Linux raw performance is for these autumn 2020 notebooks.

    • Applications

    • Instructionals/Technical

      • Installing PHP 8 on Debian 10

        PHP is a general-purpose open-source scripting language that can be embedded in HTML. It stands for HypertextProcessor and is widely used in web development. A scripting language is used to write ready-made programs that are later used to automate tasks. PHP scripts are often used on Linux, Unix, Windows, Mac OS, and other operating systems. With PHP, you have the freedom to choose an operating system and the underlying web server, according to your needs.

        In this article, we will explain how to install PHP 8, PHP 7.4, and PHP 5.6 on Debian. After you have installed the multiple PHP versions, we will also explain how to disable one version and choose a default version on the system.

      • Install a minimal KDE on Debian 10 "buster" - PragmaticLinux

        If you select the KDE desktop environment, while installing Debian, the installer installs several extra desktop applications. Kmail, Knotes, Korganizer, Kaddressbook, to name just a few. Not all KDE users are interested in these extra desktop applications. However, when attempting to remove them, Debian removes the entire KDE. Luckily, a method exists to install just a minimal version of KDE in Debian. Grab yourself a drink and read on to find out how you can install a minimal KDE on Debian.

      • How to delete container with lxc (LXD) command on Linux - nixCraft

        Explains how to delete and remove LXD based container or instance with the lxc command on Linux operating systems using the CLI.

      • Building Resilient Microservices with Istio and Red Hat OpenShift Service Mesh (Course DO328)
      • Understanding Linux File Permissions and Ownership – Linux Hint

        Linux operating system, which is a clone of UNIX, is developed to handle multiple users with multi-tasking features. This means than more than one user can work in this operating at the same time when the computer is attached to a network or Internet. The remote users can connect with the computer that contains the Linux operating system through SSH and work on the system. It is very important to maintain security when multiple users work in the same operating system at the same time. Many built-in security features exist in the Linux operating system that can be used when local or remote access is granted from different users. The Linux users have to understand the concept of file permissions and the ownership of the file to provide security at the file system level. How the Linux users can view and modify the permissions, and the ownership of the file and folders is shown in this article.

      • Wikimedia’s CDN

        The Wikimedia Foundation, the non-profit organization behind Wikipedia and other well known wiki-based projects, operates websites and services that are high volume and rank in the world’s top 20. We serve about 21 Billion read requests per month and sustain 55 Million edits to our articles. On a normal day over 90% of these read requests are served by our caching solution, our own Content Delivery Network (CDN). Like other parts of our technology stack, the CDN is based on Open Source software and is constantly evolving. During the last couple of years, we have performed various changes in terms of on-disk HTTP caching and request routing.

        This 3 part series of articles will describe some of the changes, which included replacing Varnish with Apache Traffic Server (ATS) as the on-disk HTTP cache component of the CDN. ATS allowed us to significantly simplify the CDN architecture, increase our uptime, and accelerate the procedure to switch between our two primary data centers in Virginia and Texas.

      • UNIX printing demystified

        Every now and then people post a "question" about printing to this mailng list which exposes their confusion. I am putting this email together so that anybody capable of searching through the mailing list can at least have terminology straight before asking for help. Information presented here is in the public domain and I make no claims of posting anything new.

      • How to Create a New user and Grant Permissions in MySQL

        How to Create a New user and Grant Permissions in MySQL . Learn how to assign specific permissions like delete, update, insert, all privileges

      • How to Install Elasticsearch on Fedora 32/31/30 – TecAdmin

        Elasticsearch is a modern search and analytics engine based on Apache Lucene. It is completely open source and built with Java. It stored data in form of documents and provides APIs for the full-text search. Elasticsearch is distributed under the Apache 2 license, which provides it flexibility.

        This tutorial will help you to install and configure elasticsearch on Fedora Linux systems.

      • How to Install Kali Linux Easily?

        One of the most popular and go-to Linux distributions for cybersecurity enthusiasts and professionals is Kali Linux, mainly because of the numerous security features it brings to the table. If ethical hacking interests you then there’s no best way of getting started other than installing Kali Linux and using it. In this article, let’s have a look at how you can swiftly install Kali Linux and start your ethical hacking journey.

        There are two ways to install Kali Linux; the first one uses VirtualBox, and the second is using dual boot method. The latter requires prior installation knowledge, and believe us, you don’t want to mess with your disk if you’re new to the field. Hence, we suggest you install Kali on VirtualBox. With VirtualBox, you will be able to run Kali Linux as if you’re running any other applications like Chrome or VLC.

      • How to Schedule a Task in Linux? – Linux Hint

        Whenever using a UNIX-based operating system, certain tasks are to be performed repeatedly. UNIX comes with its built-in task schedulers. In the case of Linux, it comes with two basic but powerful tools: Cron daemon (default task scheduler) and at (more suitable for one-time task scheduling). How to Schedule a Task in Linux are explained in this article.

      • How to Setup and Manage Log Rotation Using Logrotate in Linux

        In this article, we will explain how to use logrotate to automatically rotate system logs, compress, remove, and mail logs on a periodic basis in Linux servers.

      • How to Use Cron in Linux – Linux Hint

        Cron is a built-in automatic scheduler for the Linux operating system and is responsible for running the commands or scripts that are added to the crontab file at a specified time. This article shows you how to use Cron in the Linux operating system.

      • How to Write a Simple Bash Script – Linux Hint

        Apart from being the default command-line interpreter for the Linux operating system, Bash is also a full-fledged programming language. This article shows beginning users the process for writing a simple Bash script in Linux Mint 20.

      • How To Install Asterisk 17 VoIP Server on Ubuntu 20.04

        Asterisk is a free and open-source VoIP server created by Sangoma. It is used for building a VoIP telephony infrastructure for all sizes of organizations. VoIP is a Voice Over Internet Protocol used to make a call using the TCP/IP stack. With VoIP, you can make a call from your mobile device or computer to other devices without any cost. It runs on Unix and Linux based operating systems and able to connect any traditional global telephony network. It offers a set of features including, conference call, voice mail, IVR, and automatic call distribution.

      • Install Ansbile on CentOS and Red Hat [RHCE Ansible Series]

        In this Ansible series, you will learn all the skills you need to manage and automate your IT infrastructure operations with Ansible.

        Also, all the objectives for the RHCE (Red Hat Certified Engineer) EX294 exam will be covered in this series. This means that you will be fully prepared to pass the EX294 exam and become a Red Hat Certified Engineer if you follow the series.

    • Games

      • Tsuro - The Game of The Path is a gorgeous digital adaption out now | GamingOnLinux

        A new digital adaption of the original board game Tsuro is out now with Tsuro - The Game of The Path, and it's really lovely. Note: The developer sent over a key to our Steam Curator.

        In Tsuro you each have indirect control of a coloured pebble, while taking it in turns to place down a single path tile in front of your little pebble to move it across the board. Incredible simple to get into, yet there's plenty of strategy involved in it and it really is quite brilliant. It's a wonderful adaption, with some digital-exclusive modes. You can play for the longest movement loop, the last one remaining on the board and more.

      • Retro 3D indie first-person shooter 'Perilous Warp' has released | GamingOnLinux

        The growing list of retro-fuelled shooters has another entry now with Perilous Warp which has released.

        Inspired by the greats like Quake, Unreal, Doom and Chasm: The Rift. There's cramped hallways, deadly weapons and plenty of action. Created by Crystice Softworks, who are known for the Half-Life mod Headcrab Frenzy and for the J.A.C.K level editor, this is their first full commercial release.

      • Go and cure Director's Gut in the Two Point Hospital: Culture Shock DLC out now | GamingOnLinux

        I sure do love a good pun and the Two Point Hospital: Culture Shock DLC that's out now is full of it, with plenty of new illnesses that you need to conquer. No laughing at the patients please.

        Two Point Hospital: Culture Shock is the biggest expansion so far in terms of total illness, however just like the other packs only a few of them are entirely new with new visuals and machines. As for the actual illnesses they're themed after the arts and media like Stunt Trouble, Private Parts, Snot Twist, Culture Shock, Stage Hand, Square Eyes, Wardrobe Malfunction and so on.

      • Fire a magical sword at goblins in the physics-based puzzler 'Sword Slinger' out now | GamingOnLinux

        Sword Slinger is a rather unique physics-based puzzle game about slaying goblins by controlling a sword with magical behaviours. Combine magical logic blocks together, to unleash amusing solutions. Out now with Linux support.

        Created by Firebelley, an indie game developer and software engineer based out of Northeast Ohio. Sword Slinger was created over a period of 7 months, after being fascinated with the idea that simple inputs can create complex outputs.

      • Brimstone & Mist is the latest update to the MMO Albion Online out now | GamingOnLinux

        As their player numbers continue climbing, Sandbox Interactive have just released a big mid-season update to Albion Online with Brimstone & Mist.

        While they regularly released big free expansions, this is a smaller and more focused update that continues to refine lots of new features from previous upgrades.

        That said, it's still quite a big update by itself considering it's an interim update. It adds in a new boss, multiple new enemies, new traps, more locations to go fishing, you can now roast Chicken, Goose, and Pork to create a new food line and the same for some of the new Fish, the mini-map had a big refresh to improve visual quality and readability, an optional language filter and much more.

      • Creature taming metroidvania Monster Sanctuary launches on December 8 | GamingOnLinux

        After a successful crowdfunding campaign on Kickstarter back in 2018 and then over a year in Early Access, Monster Sanctuary is now set for a full release.

        It's going to leave Early Access on December 8, and they've confirmed that the launch of Monster Sanctuary will include brand new content to expand the experience even further.

        Denis Sinner, the Managing Director at Moi Rai Games mentioned "The full release of the game will bring an exciting five-year journey to an end. Monster Sanctuary originally started out as a hobby project of mine while having a normal day job, and back then I couldn't imagine that it would be released as a full-fledged game on multiple platforms with a publisher on my side. Ever since we launched the game into Early Access last year, the community feedback we’ve received has helped to improve the game and make it the best possible experience."

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Plasma 5.20 is an exceptionally refined desktop

          There you go. I have to say, this is the best Plasma release in a long while. I would say since 5.12. In fact, this should have been the LTS. You get everything: speed, stability, consistency, beautiful looks, highly functional software. And now, the challenge: this ought to remain, without regressions, for three releases.

          There are some small niggles here and there, but all in all, there's nothing cardinally wrong with this edition. Quite the contrary, it brings massive improvements on many levels, and infuses joy into my jaded soul, a ray of hope that has been absent for many months now. If you're contemplating Linux, or contemplating replacing your desktop environment, then Plasma 5.20 offers the freshest, most elegant solution by a huge margin. Worth testing and using - and hopefully, there will be some long-term version available somewhere, so that people need stability and minimal change can settle in and enjoy a refined, pleasant desktop. That's my wish for the new year, and now off you go testing. Bottom line: awesome. Bye bye.

        • Inside KDE: leadership and long-term planning

          Based on my post about KDE’s anarchic organization and the micro-not-macro nature of my This Week in KDE series, you would be forgiven for having the impression that KDE is directionless and has no leadership or long-term planning capabilities. In fact the opposite is true, and I’d like to talk a bit about that today, since this information may not be obvious to users and the wider community.

          Now, since KDE is so vast, I can only provide my personal perspective based on the projects I’m most heavily involved in: the VDG, Plasma, and a few apps.

          [...]

          KDE doesn’t lack for strategic long-term goals and direction, so I think that part can be pretty solidly marked as a success. As for tactical leadership and direction within and between individual projects, I also think things are pretty rosy overall. KDE’s maintainer-led projects generally have excellent maintainers. The variety of KDE apps using this model model is a testament to how successful it can be with a high-quality maintainer–especially our professional-class apps like Krita. And in my opinion, KDE’s council of elders projects also have very good leadership today

      • GNOME Desktop/GTK

        • Accessibility in GTK 4

          The big news in last weeks GTK 3.99.3 release is that we have a first non-trivial backend for our new accessibility implementation. Therefore, now is a good time to take a deeper look at accessibility in GTK 4.

          Lets start with a quick review of how accessibility works on Linux. The actors in this are applications and assistive technologies (ATs) such as screen readers (for instance, Orca), magnifiers and the like.

          The purpose of ATs generally is to provide users with alternative ways to interact with the application that are tailored to their needs (say, an enlarged view, text read out aloud, or voice commands). To do this, ATs need a lot of detailed information about the applications UI, and this is where the accessibility stack comes into play—it is the connecting layer between the application (or its toolkit) and the ATs.

    • Distributions

      • Now and Then: The Fate of 15 Linux Distributions

        A typical desktop Linux distribution consists of various software components including the Linux kernel, a broad collection of programming tools produced by the GNU Project, a graphical server, and other free and open source software.

        Due to Linux’s open source nature, there are many hundreds of actively maintained distributions or ‘distros’ of the OS. Linux distros are like Linux software in general. They come and (some) go.

        Back in 2006, Distrowatch ranked the following distributions in terms of page hit ranking1. The top ranked distro was Ubuntu. The other places were taken by openSUSE, Fedora, MEPIS, Mandriva, Damn Small, Debian, PCLinuxOS, Slackware, Gentoo, KNOPPIX, FreeBSD, Kubuntu, VectorLinux, and CentOS.

      • New Releases

      • BSD

        • OpenBSD Officially Available for PPC64

          OpenBSD 6.8 is now available and with it the first official release of the big-endian ppc64 port (which they call powerpc64). The port is specifically advertised for PowerNV machines (i.e., bare metal) with POWER9, which naturally includes the Raptor family but should also support IBM PowerNV systems as well. POWER8 support is described as "included but untested.

        • NetBSD 9.1 released

          After a small delay*, the NetBSD Project is pleased to announce NetBSD 9.1, the first feature and stability maintenance release of the netbsd-9 stable branch.

          The new release features (among various other changes) many bug fixes, a few performance enhancements, stability improvements for ZFS and LFS and support for USB security keys in a mode easily usable in Firefox and other applications.

        • NetBSD 9.1 Released: Highly Portable, Free And Open Source BSD Distro

          After the major release of OpenBSD 6.8, here comes NetBSD 9.1, another popular and one of the oldest free and open source operating system from BSD family.

          NetBSD 9.1 is the first point update for the NetBSD-9 release branch, bringing new features, bug fixes, enhancements, and stability improvements for ZFS and LFS.

          [...]

          Furthermore, v9.1 has added support for the Xen 4.13 hypervisor and updated NVMM hypervisor to bring improved emulation, performance, and stability.

          For security purposes, version 9.1 has brought Parallelized disk encryption support with CGD cryptographic disk driver. You can even now use USB security keys in raw mode for several applications like Firefox.

      • SUSE/OpenSUSE

        • Ride the Kubernetes wave confidently with SUSE Cloud Application Platform - SUSE Communities

          Many businesses today are struggling through digital transformation, dealing with a rapidly changing technology landscape that often seems to present too many choices, too much uncertainty, and too little support. Maybe your business is struggling too. For sure you want to ride the next great technology wave, but just as surely you don’t want to get crushed by it.

          Take Kubernetes for example. It’s an incredibly powerful container management platform that’s fast becoming a modern infrastructure standard. It could enable you to deliver new digital capabilities more quickly, to create the exceptional customer experiences that will launch you ahead of your competition. But Kubernetes is notoriously difficult to use, especially for the application development and operations teams that stand to benefit from it most.

        • New Exam Provider For SUSE Certifications - SUSE Communities

          Our SUSE Certification Program offers industry-leading certifications and exams that are globally recognized. High-stakes assessments are vital, so it is important to always look for ways to improve the overall experience for the certification candidate. We have begun transitioning all of our exams to Questionmark. Questionmark is as full-service, enterprise-grade assessment platform, which enables him-stakes exams and assessments to be conducted remotely and securely.

        • New Zealand’s Wellington Institute of Technology students build Ceph proof of concept with help from SUSE

          A team of students at the Wellington Institute of Technology (WelTec) is developing a proof of concept that involves implementing a software defined storage solution for campus-wide staff and student use. WeITec is one of New Zealand’s oldest tertiary education institutions that trains over 6,000 students each year. They offer degree programmes that are future-focused, developed alongside industry and provide students with practical real-world skills.

      • IBM/Red Hat/Fedora

        • Deconstructing an Ansible playbook | Enable Sysadmin

          A straightforward explanation of the sections of an Ansible playbook, including packages, modules, and variables.

        • Kubernetes basics for sysadmins | Enable Sysadmin

          Learn when Kubernetes can be effectively used and how the containers it manages might be better than virtual machines.

        • Start your Red Hat training and certification journey with a skills path that's right for you

          When we talk to our customers they are often engaged in digital transformation projects where they have trouble finding employees with the right skills to drive the projects to success. If you want to prove you have the knowledge needed to lead these projects, a skills path can guide you through the right training and certification programs to develop and demonstrate those abilities.

          The Red Hat Training and Certification team has restructured its curriculum around 23 new skills paths to prepare you and your team to complete digital transformation projects successfully. Each new skills path provides a curated guide for learning industry leading, open hybrid cloud technologies, whether you’re in the beginning of your journey to becoming a Red Hat Certified Professional or you’re already an expert in your discipline. We offer skills paths that help prepare for the future of open hybrid cloud for administrators, developers, engineers, or architects.

        • How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Technology

          IBM has been innovating to create new products for its clients and the world for over a century. Customers look to IBM Power Systems to address their hybrid multicloud infrastructure needs. Larger POWER9 servers can have up to 192 CPU cores, 64 TB of memory, dozens of PB of SAN storage and typically run a mixture of AIX (UNIX) and Enterprise Linux (RHEL or SLES) workloads. As part of its sales process, IBM is always benchmarking its new hardware and software which clients use to monitor their systems.

        • National Information Resources Service Daegu Center and Orange Life Named Winners of the Red Hat APAC Innovation Awards 2020 for Korea

          Red Hat, Inc., the world's leading provider of open source solutions, today announced the winners of the Red Hat APAC Innovation Awards 2020 for South Korea. The National Information Resources Service (NIRS) Daegu Center and Orange Life were honored at the Red Hat Forum Asia Pacific 2020 today for their exceptional and innovative use of Red Hat solutions.

        • ANZ Named Winner of the Red Hat APAC Innovation Awards 2020 for Australia and New Zealand Region

          Red Hat, Inc., the world's leading provider of open source solutions, today announced the winner of the Red Hat APAC Innovation Awards 2020 for the Australia and New Zealand region. Australia and New Zealand Banking Group Limited (ANZ) was honored at the Red Hat Forum Asia Pacific 2020 today for its exceptional and innovative use of Red Hat solutions.

      • Debian Family

        • TrueNAS 12 Released As The Marriage Of FreeNAS + TrueNAS [Ed: Debian and/or BSD]

          OpenBSD 6.8, NetBSD 9.1, and now TrueNAS 12.0 is out... It seems to be BSD release week!

          TrueNAS 12.0 is a big release in that iXsystems has unified TrueNAS and FreeNAS into a single code-base. This week's TrueNAS 12.0-RELEASE is the first production release of the unified FreeNAS+TrueNAS platform now known as TrueNAS CORE and then the professional version as TrueNAS Enterprise.

        • Debian donation for Peertube development

          The Debian project is happy to announce a donation of 10,000 USD to help Framasoft reach the fourth stretch-goal of its Peertube v3 crowdfunding campaign -- Live Streaming.

          This year's iteration of the Debian annual conference, DebConf20, had to be held online, and while being a resounding success, it made clear to the project our need to have a permanent live streaming infrastructure for small events held by local Debian groups. As such, Peertube, a FLOSS video hosting platform, seems to be the perfect solution for us.

          We hope this unconventional gesture from the Debian project will help us make this year somewhat less terrible and give us, and thus humanity, better Free Software tooling to approach the future.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • 5 open source tools I can't live without

        Some time ago, I engaged with a Twitter thread that went viral among techies. The challenge? Pick only five tools that you cannot live without. I started to think about this in relation to my everyday life, and picking just five tools was not easy. I use many tools that I consider essential, such as my IRC client to connect with my colleagues and friends (yes, I still use IRC), a good text editor to hack on things, a calendar app to keep organized, and a videoconferencing platform when more direct interaction is needed.

        So let me put a twist on this challenge: Pick just five open source tools that boost your productivity. Here's my list; please share yours in the comments.

      • How anyone can contribute to open source software in their job

        Imagine a world where your software works perfectly for you. It meets your needs, does things your way, and is the ideal tool to achieve great things toward your goals.

        Open source software stems from these roots. Many projects are built by engineers that have a problem and build a solution to solve it. Then they openly share their solution with others to use and improve.

        Unfortunately, building software is hard. Not everyone has the expertise to build software that works perfectly for their needs. And if the software developers building applications don't fully understand users' needs and how they do their job, the solutions they build may not meet the users' needs and may accidentally create a lot of gaps.

      • Web Browsers

        • Mozilla

          • This Week in Glean: Cross-Platform Language Binding Generation with Rust and “uniffi” – Data@Mozilla

            As the Glean SDK continues to expand its features and functionality, it has also continued to expand the number and types of consumers within the Mozilla ecosystem that rely on it for collection and transport of important metrics. On this particular adventure, I find myself once again working on one of these components that tie into the Glean ecosystem. In this case, it has been my work on the Nimbus SDK that has inspired this story.

            Nimbus is our new take on a rapid experimentation platform, or a way to try out new features in our applications for subsets of the population of users in a way in which we can measure the impact. The idea is to find out what our users like and use so that we can focus our efforts on the features that matter to them. Like Glean, Nimbus is a cross-platform client SDK intended to be used on Android, iOS, and all flavors of Desktop OS that we support. Also like Glean, this presented us with all of the challenges that you would normally encounter when creating a cross-platform library. Unlike Glean, Nimbus was able to take advantage of some tooling that wasn’t available when we started Glean, namely: uniffi.

            So what is uniffi? It’s a multi-language bindings generator for Rust. What exactly does that mean? Typically you would have to write something in Rust and create a hand-written Foreign Function Interface (FFI) layer also in Rust. On top of that, you also end up creating a hand-written wrapper in each and every language that is supported. Instead, uniffi does most of the work for us by generating the plumbing necessary to transport data across the FFI, including the specific language bindings, making it a little easier to write things once and a lot easier to maintain multiple supported languages. With uniffi we can write the code once in Rust, and then generate the code we need to be able to reuse these components in whatever language (currently supporting Kotlin, Swift and Python with C++ and JS coming soon) and on whatever platform we need.

          • New Release: Tor Browser 10.5a2

            Tor Browser 10.5a2 for Desktop platforms is now available from the Tor Browser Alpha download page and also from our distribution directory.

            Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

          • New Release: Tor Browser 10.0.2

            Tor Browser 10.0.2 is now available from the Tor Browser download page and also from our distribution directory.

            This release updates Firefox to 78.4.0esr and NoScript to 11.1.3. This release includes important security updates to Firefox.

      • FSF

        • Licensing/Legal

          • I enforced the AGPL on my code, here's how it went

            How should they have acted?

            They should have provided the source code to anyone asking, preferably online, right from the start when they set up their service. Even if they would not have named me, but had provided source code, it would be fine by me.

            I'm not sure how long their site was online (they state 3 years in the email), but they have been violating the license all that time, and the half-assed attempt ended badly. I suspect their service was not used that much, because they just took it down without notice. I hope all their subscribers know of it, since they will never be notified if their certificate is about to expire.

            When I still hosted this code myself, I had about 20,000 (twenty thousand) domains being checked. When I cancelled the service, each and every one of those domains got a message notifying them that their service would be cancelled after 30 days with a few alternative services they could use.

      • Programming/Development

        • [Older] QList changes in Qt 6

          With Qt 6, changes are coming to many components. Containers are no exception. In this blog post I tried to capture the most significant changes to QList and related classes.

        • [Older] Join the increasing group of Qt Installer 4.0 beta testers

          We are about a month away from the Qt Online Installer 4.0 final release. We call Qt developers to test the beta release, published today.

          After several months of heavy work, we are almost ready to release Qt Online Installer and Maintenance Tool 4.0. Since the alpha release, several improvements have been implemented to Installer.

        • [Older] Qt Network in Qt 6

          In this blog post we want to tell you about some of the recent updates and changes that Qt Network module received in Qt 6, and also about some potential future developments.

        • [Older] Qt Automotive Suite 5.15.1 Released

          Qt Automotive Suite 5.15.1 was released today. It is a patch release and based on Qt 5.15.1 LTS.

        • What's New in QMetaType + QVariant

          As you might know, Qt has a metatype system which provides run-time dynamic information about types. It enables storing your types in QVariant, queued connections in the signal slot system and is used throughout the QML engine. With the upcoming Qt 6.0 release, we used the chance to revisit its fundamentals and make use of the functionality that C++17 gives us. In the following, we examine those changes, and explain how they might affect your projects.

        • Introducing JSDB

          Yesterday, I released version 1.0 of JavaScript Database (JSDB), a new database for Node.js optimised for use with Small Web sites and apps.

        • Dirk Eddelbuettel: RcppArmadillo 0.10.1.0.0

          Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 786 other packages on CRAN.

          A little while ago, Conrad released version 10.1.0 of Armadillo, a a new major release. As before, given his initial heads-up we ran two full reverse-depends checks, and as a consequence contacted four packages authors (two by email, two via PR) about a miniscule required change (as Armadillo now defaults to C++11, an old existing setting of avoiding C++11 lead to an error). Our thanks to those who promptly update their packages—truly appreciated. As it turns out, Conrad also softened the error by the time the release ran around.

        • Kushal Das: Fixing errors on my blog's feed

          For the last few weeks, my blog feed was not showing up in the Fedora Planet. While trying to figure out what is wrong, Nirik pointed me to the 4 errors in the feed according to the W3C validator. If you don't know, I use a self developed Rust application called khata for my static blog. This means I had to fix these errors.

        • DevOps: Principles and Practice

          The term DevOps has been around for more than a decade now, and the related practices have been widely adopted by companies including Google and Amazon as a way to accelerate the pace of software development and deployment. DevOps is, however, still evolving and finding new applications in the enterprise. These days, a DevOps approach is seen as crucial to successful digital transformation, cloud computing, security, site reliability engineering, and more.

          In this article, we’ll look at the basic ideas that define DevOps and point to resources to help you understand and implement the philosophies, practices, and tools that work for your organization.

        • Python

          • Python uppercase string – Linux Hint

            The upper() function translates all the lowercase characters in a string into uppercase and returns the string. The upper() function is an integral function in Python. In certain cases, the upper() function is very useful. For example, if we are developing a university management system and want to convert the name of all the students into uppercase letters, in this case, we will definitely use the upper() function. This article explains the use of the upper() function with the help of simple examples.

          • Basics of Parsing Command Line Arguments in Python | FOSS Linux

            Command-line applications are one of the oldest and most used types of apps. If you are an experienced Linux user, you may have hardly used GUI tools instead of command-line tools to do the same task. For example, Anaconda, the package manager for python, has command-line tools named conda and GUI tool named anaconda navigator.

          • How To Take A Screenshot Using Python & Selenium? | Codementor

            The goto software framework for any web developer looking for an open-source, free test automation tool is Selenium. It is used with various programming languages, including Java, Python, PHP, Perl, and C#. Selenium can also be used as a web-scraping tool or to create a human-replica bot to automate social-media or even test PDF files ! Geeks at Google & Thoughtworks are highly credited for its development and maintenance.

            In this Python Selenium screenshot tutorial, we are going to explore different ways of taking screenshots using Selenium’s Python bindings. Before we hop-on to capturing Python Selenium screenshots, let’s first acquaint ourselves with Selenium Python bindings.

          • The More, the Better — Why Become a Multi-Language Programmer | Codementor

            Are you just taking your first step into web development, and you want to learn programming? Discover the benefits of learning more than one programming language.

          • Datacamp Review 2020 - PythonForBeginners.com

            DataCamp is the best source of reference material for data science. It is the first online learning platform dedicated to providing data science training to professionals seeking the knowledge and understanding of the topic. Established in 2014, DataCamp is a MOOC-providing platform. MOOC stands for Massive Open Online Courses meaning that the company specializes in providing online courses to students all over the world.

            In this Datacamp review, I am going to tell how easy it is to use DataCamp then touch on the quality of courses offered. I’ll follow with telling you about some of the features you will find with DataCamp and how you can start exploring DataCamp for free before finishing up the review with the pricing and whether or not it is worth paying for DataCamp.

          • How To: Simple HTTP Server with Python

            When building new infrastructure elements and deploying servers, quite often you need to test firewall rules before the rest of application stack is deployed. The basic tool of my choice here is curl which is great to testing TCP connections. But it has an important dependency: you actually need to have something listening on the other end of the connection you’re testing. If there’s no software running and servicing the port you specify, you will receive an error.

            Traditionally there have been small programs or scripts you’d write - first (many years ago now) in C, later in Perl. They would imply that you have to bring your test code or compiled binary to the server you need to test.

            Today I’d like to share a super easy way to start a basic HTTP server with Python - it’s literally just one line that will work in most cases since Python is now ubiqutous enough to be installed by default in most Linux distributions.

          • How to Iterate over Rows in a Pandas DataFrame

            Pandas is an immensely popular data manipulation framework for Python. In a lot of cases, you might want to iterate over data - either to print it out, or perform some operations on it.

          • Matplotlib Scatter Plot - Tutorial and Examples

            Matplotlib is one of the most widely used data visualization libraries in Python. From simple to complex visualizations, it's the go-to library for most.

            In this tutorial, we'll take a look at how to plot a scatter plot in Matplotlib.

        • Shell/Bash/Zsh/Ksh

          • How to use flags in AWK (revisited)

            Flags in AWK are variables which are set to either true or false. They're handy for defining ranges over which AWK can act, as shown below. The AWK used here is GNU AWK 4 (gawk 4).

        • JavaScript

          • The Javascript for…in Loop – Linux Hint

            Javascript is one of the most popular programming languages in the world. In any programming language, loops have an essential value. Like many other languages, Javascript provides different loop syntax formats, as well. This article discusses an important Javascript topic known as the for…in loop. Sometimes, we may have to iterate through every single element of an object/array. But, we do not usually know the length of that particular object/array. The for…in loop even comes in handy when working with JSON. In this article, we will take a look at the for…in loop, its syntax, and some examples using this loop.

          • Global Variables in Javascript – Linux Hint

            JavaScript is a versatile yet functional language. Variables, which are key to any programming language, can be used to store values that can be accessed at any time. However, when using functions, there are certain factors related to the scope of the function that limit our ability to access a variable.

            We cannot access a variable if it is outside the scope of the function, and so the variables we want to use must have the proper scope upon declaration. To avoid issues related to scope, it is important to understand global variables. Therefore, in this article, we are going to discuss global variables and scope.

            The scope of a function can be considered as a boundary within which the function can be accessed. However, while a function does not know what is happening beyond the curly brackets that define it, a global variable can be accessed from anywhere in the program.

          • Joining Arrays in JavaScript – Linux Hint

            In JavaScript, as in many other scripting and programming languages, we often need to use arrays. Furthermore, it is often useful to combine the elements of an array into a single string. In PHP, for example, the implode function is used to join the elements of an array. In this context, “implode” can be viewed as a synonym for “join”. In JavaScript, however, there is no “implode” function; instead, there is a built-in “join” function that performs the same task. In this article, we are going to examine JavaScript’s join function in some detail.

    • Standards/Consortia

      • SAML vs. OAUTH – Linux Hint

        SAML and OAUTH are technical standards for authorizing users. These standards are used by Web Application developers, security professionals, and system administrators who are looking to improve their identity management service and enhance methods that clients can access resources with a set of credentials. In cases where access to an application from a portal is needed, there is a need for a centralized identity source or Enterprise Single Sign On. In such cases, SAML is preferable. In cases where temporary access to resources such as accounts or files is needed, OAUTH is considered the better choice. In mobile use cases, OAUTH is mostly used. Both SAML (Security Assertion and Markup Language) and OAUTH (Open Authorization) are used for web Single Sign On, providing the option for single sign-on for multiple web applications.

      • The Long Road to HTTP/3 : Short History of HTTP Protocol

        While HTTP/3 specification is still in the draft stage, the latest version of the Chrome browser already supports it by default . With Chrome holding around 70% of browser market share, you could say HTTP/3 has gone mainstream.

        The new revision of this foundational protocol aims to make the web more efficient, secure, and shorten the content-delivery latencies. In some ways, it’s a braver take of HTTP2: similar goals addressed by replacing the underlying TCP protocol with a new, purpose-built protocol QUIC. The best way to explain the benefits of QUIC is to illustrate where TCP falls short as a transport for HTTP requests. And to do that, we’ll start at the very beginning.

  • Leftovers

    • [Old] What does raymii.org cost to run?

      This site is generated with my self-written open source static site generator named ingsoc (named after 1984). The hosting therefore consists of just simple VPS servers, running some form of Linux or BSD that I can manage with Ansible. The VPS servers don't need many resources, 2 GB of disk and 128 MB of RAM is enough, all of the current servers have better specs because nobody sells low end VPSes anymore. After the first sale of LowEndBox.org the fun was gone there, I used to be very active on the site and forum there.

    • An Ex-Fox News Commentator Is Backing Away from the Seth Rich Conspiracy Theories

      Now, after years of fighting in court and insisting that Rich was WikiLeaks’ inside source, Butowsky is retreating from his legal offensive. In the past few days, he has moved to voluntarily dismiss nearly half a dozen Seth Rich-related lawsuits. That includes a high-profile defamation suit he had filed in 2018 against NPR, NPR editors and executives, and one of NPR’s senior reporters, David Folkenflik, for in-depth reporting about Butowsky and his role in promoting the baseless Rich theories.

    • Science

      • Elation as [NASA]'s Osiris-Rex probe tags asteroid Bennu in sample bid

        Radio signals from 330 million km away confirm the probe made contact with the 500m-wide object known as Bennu.

        But the [NASA]-led mission will have to wait on further data from Osiris-Rex before it's known for sure that material was actually picked up.

        The aim was to acquire at least 60g, perhaps even a kilo or more.

      • Patent Docs: Sequence Variants in Human Olfaction Genes Associated with Perceptual Differences

        Recently, an international* team of researchers published a paper entitled "Sequence Variants in TAAR5 and Other Loci Affect Human Odor Perception and Naming," Current Biology 30: 1-11, that shed some light on these genetic questions. Olfactory receptors (OR) in humans, as in most mammals, are encoded by genes having high DNA sequence diversity. These genes (termed "canonical olfactory genes") are supplemented by genes involved in olfaction of amines termed trace amine-associated receptors (TAAR), a family of G-protein coupled receptors. But OR genes have been reduced during primate evolution; in humans, most of these genes are inactive pseudogenes, wherein out of 855 genes in this group only about 400 encode functional genes involved in olfaction. As a consequence, each individual has "a highly personalized set of functional ORs." The question posed by these researchers was "[h]ow does genetic sequence diversity in this unusual class of genes translate to perception and behavior?"

        The study was performed with 9,122 Icelanders, first to establish phenotype and then to correlate phenotype with genetic variants. In their phenotypic assessments, a challenged cohort of almost 10,000 Icelanders were tested for perception of five different smells: licorice; cinnamon; fish; lemon; and menthol. Participants ranged in age from 18-96 years old; the mean age was 55.3 years and 44% were men. Each participant was asked to identify the smell and then provide "pleasantness" and intensity ratings for each. Consistent with common experience perception of intensity decreased with age, but the fish odor was consistently the least pleasant.

        [...]

        Compared with earlier genome-wide association studies only one previously detected variant (within an OR gene cluster on chromosome 11) correlated with any of the phenotypes (increased pleasantness for lemon aroma) tested in this study.

        The authors speculate regarding the significance of these results to explain selection against sensitivity to fish smells in an Icelandic culture dependent on fish and without traditional means (besides freezing) for preservation. They also discuss the difficulty humans have with naming smells (which has led to speculation that the sense of smell is "muted" in humans compared with other animals), and consider whether this difficulty stems from deficiencies in "brain circuitry" in the piriform cortex and elsewhere in the brain. They state that "[i]t could be that the effects on odor naming are mediated by sensory perception, i.e., increased or reduced sensitivity. However, we cannot rule out that variation in OR receptors results in altered neuronal connectivity, leading to the observed differences in naming."

      • Donald Knuth: A Professional Biography

        Born to German-American parents Ervin Henry Knuth and Louise Marie Bohning on January 10, 1938 in Wisconsin, Donald Ervin Knuth was a child prodigy. He went to Milwaukee Lutheran High School and was already showcasing his analytical genius after winning a contest in eighth’ grade by developing an algorithm that found 4500 words in the title of ‘Ziegler’s Giant Bar, beating the judges’ former measure at 2500 words.[1]

        In college, Knuth majored in physics after receiving a scholarship at Case Institute of Technology, but later switched to mathematics. While in college, he stumbled upon an IBM 650 computer which he then used to build different computer programs. Among the popular programs he created was one used to analyse the performance of basketball players on the team he managed, thereby helping them win games.

        Knuth is one of the rare individuals receiving two degrees in the same year. He earned his B.S. in mathematics in 1960, and was awarded an M.S. in mathematics as a special faculty award, which noted his academic performance as exceptional. [2] Three years later, he earned his PhD in mathematics at the California Institute of Technology (CalTech).

      • The History of Computer Mouse

        Many of today’s online transactions can be conveniently done with just a click of a mouse. Prior to the invention of the mouse, people were only using the keyboard as an input device. Imagine the struggle of memorizing a whole gamut of commands to perform the functions and operations using just a keyboard. Douglas Engelbart must’ve gone through the same struggle when he thought of inventing a device that would make things easier for computer operators.

        A Mouse on the Wheels

        Douglas Engelbart invented the very first mouse in 1964 at Stanford Research Institute (SRI). Unlike today’s optical mouse, Engelbart’s invention used two perpendicular wheels enclosed in a wooden box, with one button on top. It can move from side to side and forwards and backward; thus, it was first called “X-Y position indicator for a display system.”[1] The name sounds too technical and lengthy for a layman to use. Hence, Bill English, the man who helped Engelbart build the device, used a mouse to refer to the device in his 1965 publication “Computer-Aided Display Control” [2] because of its resemblance to the small mammal.

        Get the Ball Rolling

        In 1968, German company Telefunken, led by Rainer Mallebrein, developed a mouse that used a rolling ball instead of wheels. It was called Rollkugel (rolling ball) and was an optional device for the SIG 100-86 computer system of Germany’s Federal Air Traffic Control.[3] Telefunken didn’t create any patent for the device and considered it unimportant at the time.

        Billie English, while working at Xerox PARC (Palo Alto Research Center), further developed Engelbart’s invention by replacing the wheels with a rolling ball in 1972. Infrared light and sensors were used to detect x and y directions. In addition, it used a 9-pin connector to send the signals to the computer. English’s version of the mouse rolled in with Xerox’s minicomputer system with a graphical user interface, Xerox Alto, the first computer released for individual use, and the first computer to use a mouse.[4] Because it’s far easier to explore the GUI with this small device, Xerox continued to include it as part of the package in their subsequent releases of personal computers. Now, this also piqued Apple’s interest, and made an agreement with Xerox to use their mouse for Macintosh computers.[5] Apple issued Macintosh computers with the device in 1984, and this further boosted the mouse’s popularity.

      • The History of Cray Supercomputers – Linux Hint

        Today’s fastest supercomputer, Fugaku by Fujitsu, has a speed of 415 petaflops (Pflops).[1] But would you believe that the first supercomputer is slower than an iPhone? The CDC 6600, considered to be the first supercomputer, was running at a speed of 3 megaflops (Mflops) and was the fastest supercomputer from 1964 to 1969. [2] It was later overtaken by its successor, CDC 7600, designed by the same man behind CDC 6600, Seymour Cray.

        [...]

        While Cray Y-MP was being developed, Seymour Cray was simultaneously developing Cray-3. Aiming to achieve 12 times the speed of Cray 2, he explored using gallium arsenide as semiconductors for the new machine. With Cray Y-MP underway, and because Cray 2’s sales were lower than Cray X-MP, the company decided to put its development on hold. Undaunted, Cray left CRI and formed another company, Cray Computer Corporation (CCC), in Colorado Springs, Colorado, in 1988 and continued to work on the Cray-3 project. Because it was more ambitious than Cray-2 and various experiments were necessary, it proved to be more expensive than any of its predecessors. With numerous supercomputers emerging in the market, Cray-3 had no launch customer when it was completed in 1993. Its first and only model was instead sent to the National Center for Atmospheric Research (NRAC) for demonstration. [10] With no other sales prospect for Cray-3, CCC filed for bankruptcy in 1995.

    • Education

      • Distance learning is not the best model for pandemic teaching

        As a result of such injunctions, many lecturers have sought inspiration for their own teaching by looking at existing distance learning (DL) courses. As the course leader of a DL MA programme in international relations, I can confirm that DL does indeed offer great insights into how to improve “distant” learning and student-lecturer interaction. However, as an academic who, like most, had to move her face-to-face teaching online earlier this year as a result of Covid-19, I am also very conscious of the folly of seeking to replicate DL techniques in interim online teaching.

        One reason is a recognition that it isn’t possible. Setting up a high-quality DL course takes years of planning and preparation: time we simply do not have at the moment. But, more to the point, fully fledged DL teaching is not what either lecturers or students signed up for and it is not what they want.

      • As QAnon Conspiracy Theories Draw New Believers, Scientists Take Aim at Misinformation Pandemic

        The moves may be too little too late. "The technology has generally done more to help those who purvey this misinformation than those trying to defend against it," says Travis Trammell, an active-duty Army lieutenant colonel who earlier this year received a science and engineering doctorate from Stanford. "I can't think of anything that has had such nefariously disruptive impact on the United States."

        Neil Johnson, a George Washington University physicist, agrees. "This is a problem that's bigger than the individuals in these communities, and bigger than any effort of a platform to control it," he says. "It's a huge challenge, and it absolutely requires new science to deal with it."

        Johnson and Trammel are part of a cadre of scientists who are at the forefront of efforts to map QAnon and understand how it works. The explosion of disinformation that has upended American life and now threatens its democratic institutions has given rise to a new branch of science called "infodemiology." Inspired by epidemiology, the study of how diseases spread through a population, infodemiology seeks to understand how misinformation and conspiracy theories spread like a disease through a free-wheeling democracy like America's, with the ultimate goal of understanding how to stem its spread.

        If Big Tech can't stop QAnon, perhaps scientists can.

    • Hardware

    • Health/Nutrition

      • COVID-19 in Prisons Is Far Worse Than Previously Thought, Data Trackers Say

        James King was incarcerated in California’s San Quentin State Prison for roughly six years. He spent much of that time analyzing the politics of incarceration by chronicling his experiences living in one of the country’s most notorious prisons. When he was released from prison in December 2019, he joined the staff of the Ella Baker Center for Human Rights, where he has campaigned for decarceration.

      • 300,000 Excess Deaths This Year Suggest COVID Death Rate Is Higher Than Reported

        The Centers for Disease Control and Prevention (CDC) reported on Tuesday that hundreds of thousands more Americans died this year than in previous years, likely owing to the coronavirus pandemic.

      • Trump Called 'Mass Murderer' After White House Docs Show He Lied About Recent Covid-19 Surge

        The congressman who released the reports said they reveal "Trump's contempt for science and refusal to lead during this crisis have allowed the coronavirus to surge."

      • Facebook moderators in India were pressured to return to the office despite COVID-19 concerns

        Genpact, one of many firms Facebook outsources moderation to around the world, employs roughly 1,600 moderators in India, where employees analyze offensive and disturbing content posted in large volumes to Facebook’s platforms for potential rule violations. The company was pressuring employees to return to its offices in Hyderabad as early as July, Rest of World reports, with Genpact claiming key parts of its moderation services had to be performed in the office due to privacy issues and other technical hurdles.

        Genpact claims any in-office work was done so voluntarily. “To make this manageable, safe, and clear, employees need to sign a weekly form that asks them to voluntarily agree to this,” a Genpact spokesperson told Rest of World. But according to interviews with employees, Genpact management allegedly instructed some employees that their jobs may be at risk if they chose not to perform in-office duties.

    • Integrity/Availability

      • Proprietary

        • OLED-sensitive people left out from the iPhone 12

          If you haven’t seen my earlier posts about this, OLED screens flicker uncomfortably for some of us, especially in low light and when being moved. This is amplified when holding a phone that literally moves in your field of vision as a function of its regular operation. The visual sensation can cause headaches even after a short time; I get them because I find focusing difficult, which irritates my eyes and mimics the unsettling colour shimmer I get at the onset of a migraine.

        • Security

          • Kaspersky's Secur'IT hacking competition attracts entrants from 24 universities

            Four university students, competing as ByteMe, have won the first prize in the Secur'IT Cup, an annual hacking competition jointly organised by security outfit Kaspersky and Hackathons Australia.

          • Hackers Use Billboards to Trick Self-driving Cars into Slamming on the Brakes

            “The attacker just shines an image of something on the road or injects a few frames into a digital billboard, and the car will apply the brakes or possibly swerve, and that’s dangerous,” Ben Gurion University researcher Yisroel Mirsky told the magazine. “The driver won’t even notice at all. So somebody’s car will just react, and they won’t understand why.”

          • File Exfiltration via Libreoffice in BigBlueButton and JODConverter

            BigBlueButton is a free web-based video conferencing software that lately got quite popular, largely due to Covid-19. Earlier this year I did a brief check on its security which led to an article on Golem.de (German). I want to share the most significant findings here.

            BigBlueButton has a feature that lets a presenter upload a presentation in a wide variety of file formats that gets then displayed in the web application. This looked like a huge attack surface. The conversion for many file formats is done with Libreoffice on the server. Looking for ways to exploit server-side Libreoffice rendering I found a blog post by Bret Buerhaus that discussed a number of ways of exploiting such setups.

            One of the methods described there is a feature in Opendocument Text (ODT) files that allows embedding a file from an external URL in a text section. This can be a web URL like https or a file url and include a local file.

            This directly worked in BigBlueButton. An ODT file that referenced a local file would display that local file. This allows displaying any file that the user running the BigBlueButton service could access on the server. A possible way to exploit this is to exfiltrate the configuration file that contains the API secret key, which then allows basically controlling the BigBlueButton instance. I have a video showing the exploit here. (I will publish the exploit later.)

            I reported this to the developers of BigBlueButton in May. Unfortunately my experience with their security process was not very good. At first I did not get an answer at all. After another mail they told me they plan to sandbox the Libreoffice process either via a chroot or a docker container. However that still has not happened yet. It is planned for the upcoming version 2.3 and independent of this bug this is a good idea, as Libreoffice just creates a lot of attack surface.

            Recently I looked a bit more into this. The functionality to include external files only happens after a manual user confirmation and if one uses Libreoffice on the command line it does not work at all by default. So in theory this exploit should not have worked, but it did.

            It turned out the reason for this was another piece of software that BigBlueButton uses called https://github.com/sbraconnier/jodconverter JODConverter. It provides a wrapper around the conversion functionality of Libreoffice. After contacting both the Libreoffice security team and the developer of JODConverter we figured out that it enables including external URLs by default.

          • New Gitjacker tool lets you find .git folders exposed online

            A new open-source tool called Gitjacker can help developers discover when they've accidentally uploaded /.git folders online and have left sensitive information exposed to attackers. Gitjacker is available as a free download on Github.

          • Privacy/Surveillance

            • German proposal: Prohibited EU secret service cooperation through the back door

              Although this violates EU treaties, the police agency Europol is to cooperate closely with secret services. This involves lists of suspicious persons originating from third countries. The individuals listed there will then be discreetly searched for throughout Europe.

            • Google says bug causing Chrome cookie issue only on its own sites

              Google claims that a bug in its Chrome browser is the reason why deleting cookies from the application does not get rid of cookies from its own sites such as Search and YouTube after the browser is closed and restarted.

            • German proposal: EU to take over working group on covert observation and surveillance

              European police forces are organised in three informal networks for the exchange of information on techniques and methods of clandestine surveillance. The German Presidency wants to merge the structures and establish them with the EU. Europol could be responsible for coordination.

            • Members of Congress Join the Fight for Protest Surveillance Transparency

              Three members of Congress have joined the fight for the right to protest by sending a letter to the Privacy and Civil Liberties Oversight Board (PCLOB) to investigate federal surveillance against protesters. We commend these elected officials for doing what they can to help ensure our constitutional right to protest and for taking the interests and safety of protesters to heart.

              It often takes years, if not longer, to learn the full scope of government surveillance used against demonstrators involved in a specific action or protest movement. Four months since the murder of George Floyd began a new round of Black-led protests against police violence, there has been a slow and steady trickle of revelations about law enforcement agencies deploying advanced surveillance technology at protests around the country. For example, we learned recently that the Federal Bureau of Investigation sent a team specializing in cellular phone exploitation to Portland, site of some of the largest and most sustained protests.€  Before that, we learned about federal, state, and local aerial surveillance done over protests in at least 15 cities. Now, Rep. Anna Eshoo, Rep. Bobby Rush, and Sen. Ron Wyden have asked the PCLOB to dig deeper..

            • The Week in Internet News: Seven Countries Repeat Calls for Encryption Backdoors

              Here we go again: Seven countries, including the U.S., U.K., Japan, and India, are again pushing tech companies to provide encryption backdoors for law enforcement, The Verge reports. The new international statement says encryption poses “significant challenges to public safety.” The U.S. and allies have long pushed for backdoors, even as security advocates have warned that criminals will find ways to exploit holes in encryption.

            • Australians are being urged to consider a publicly-funded alternative to Facebook

              Many of the worst ills of social media — from its addictive nature to its psychological effects to its corporate surveillance capabilities — emerge because of its status as a for-profit, capitalist enterprise.

              But if social media has become a public good — the digital equivalent of a public forum — does it make sense to consign it to the private sphere? And in turn, couldn't those ills be cured by making a publicly-owned alternative?

            • Facebook Building Neighborhood Feature as Nextdoor Eyes IPO

              Facebook had been pushing people toward more intimate interactions within the app in recent years, including private groups and messaging, as a way to increase usage of its services. It has also started to encourage users to create separate profiles within their larger Facebook profile for specific cases, like dating and college connections.

            • US Election Carries High Stakes for Twitter, Facebook

              But it isn’t just some Republicans who are frustrated. Lawmakers from both parties are considering changing the laws that say the companies are not responsible for the speech other people publish on their sites.

              Take that protection away and the companies will be destroyed, said Ken Paulson, director of the Free Speech Center at Middle Tennessee University.

            • Choose your browser carefully

              Privacy on the Internet is important because privacy risks range from the gathering of statistics on users to more malicious acts such as the spreading of spyware and the exploitation of various forms of bugs (software faults). Many companies, such as Google, track which websites people visit and then use the information, for instance by sending advertising based on one's web browsing history. Sometimes prices on products are changed on the same website, depending on tracking information, and two people may view the exact same product on the exact same website yet be presented with very different prices.

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • Half of Trump supporters believe baseless QAnon pedophilia claim about Democrats: poll

        The Yahoo/YouGov poll, conducted October 16-18, asked participants, "Do you believe that top Democrats are involved in elite child sex trafficking rings?" — and 50% of Trump supporters said "yes" compared to only 5% of former Vice President Joe Biden's supporters.

      • We’re Going to Need a Truth and Reconciliation Commission to Recover From Trump

        The depth of that failure has only grown over time. Many of the legal apparatchiks who made torture possible still wield power today. Take, for instance, Gina Haspel. The current director of the CIA is the former head of a “black site” where torture went down. The fact that she’s allowed to hold power today is an indictment of our country and our commitment to human rights.

        Moreover, failing to hold accountable those who abuse their power signals to future abusers that all will be forgiven. It tells people in power that they can commit atrocities while they hold office, because nobody will be coming for them when they’re on the other side. It is important to distinguish crimes against humanity from mere political policy differences, but acting like no distinction can be made is a mistake.

      • Fact-checking Trump's dishonest weekend: The President made at least 66 false or misleading claims in three days

        President Donald Trump's dishonesty is getting worse.

        Trump has been reliably deceptive for his entire presidency, filling his speeches and tweets with lies and other false statements.

        The frequency and magnitude of his deception tends to accelerate, however, during campaign season -- when he complements his usual ad-libbed inaccuracy with a barrage of inaccurate statements that are written into his speech scripts.

        For fact checkers, the period from Friday through Sunday was one of the most challenging of Trump's entire presidency: he made at least 66 separate false or misleading claims over that three-day span. In other words, it was 66 false or misleading claims without even counting all the times he repeated some of those same 66 claims over the course of the three days.

      • Swedish authorities charge documentary filmmakers Henrik Evertsson and Linus Andersson for MS Estonia film

        The journalists’ five-episode documentary began streaming on September 28 on Dplay, an online video service of Discovery, Inc. Their reporting using an underwater camera shows that the ship’s hull has a large hole, suggesting that something hit the ship, not that it capsized due to a malfunction, which is the official explanation, according to The Guardian and The New York Times.

    • Environment

      • “I’ve lost count of the number of fires I’ve covered this year”: How journalists stay safe covering U.S. wildfires

        Photojournalist Kent Porter has covered wildfires in the western United States for more than 30 years. But this year, he says, the fires are different. The season’s first fire usually burns about one or two acres, Porter told CPJ in a phone interview. This year, however, the first fire he covered was 140 acres.

      • Rising heat means more methane, warmer nights

        Nights are warmer. So are northern lakes. And farm livestock are at greater risk of disease, thanks to rising heat.

      • The New Humanitarian | Twin storms drive ‘catastrophic’ Vietnam floods as a third approaches

        Severe floods and landslides, fuelled by a pair of tropical storms striking in quick succession, have caused “catastrophic” damage in parts of Vietnam, Cambodia, and Laos. A third storm is projected to hit inundated central Vietnam within days.

        The UN says more than 110,000 people have been pushed from their homes in the three countries, and authorities have recorded at least 130 deaths in Vietnam and Cambodia.

        The brunt of the damage is in central Vietnam, where some 178,000 homes are submerged and at least 900,000 people are directly affected. Vietnam’s Red Cross reports flood levels are at their highest since 1999 in some areas.

      • Wildlife/Nature

        • Amazonia: In the Flames, They See Money

          On behalf of the Association of Indigenous Peoples of Brazil, APIB, I thank you for this award. It is an important recognition of the work APIB has been developing. Indigenous peoples are protecting the Amazon rainforest against a genocidal government that values the profits of international corporations at the expense of life — often our own lives.

          This award reminds the world that protecting tropical forests like the Amazon is not only an environmental issue, but also a human rights issue. Brazil is one of the most dangerous places to be a defender of human rights and the environment.

    • Finance

    • AstroTurf/Lobbying/Politics

      • With DMVs Closed And Backlogged, People Who Want to Vote Are Struggling Even To Register
      • Mendham GOP Tells Voters They Can’t Vote In Person. That’s Not True
      • Moscow prosecutors launch internal investigation over orders issued to universities on reporting anti-Kremlin activity

        The Moscow District Attorney’s Office has launched an internal investigation concerning prosecutor Konstantin Prostakov and his orders asking local universities to report on any students or faculty involved in “anti-Russian campaigns,” reports the Russian business newspaper Kommersant.€ 

      • Reimagining American Foreign Policy

        The so-called Age of Trump is also an age of instantly forgotten best-selling books, especially ones purporting to provide the inside scoop on what goes on within Donald Trump’s haphazard and continuously shifting orbit. With metronomic regularity, such gossipy volumes appear, make a splash, and almost as quickly vanish, leaving a mark no more lasting than a trout breaking the surface in a pond.

      • Cambridge Analytica's Crime Was Not Violating Your Privacy Or Taking Data From Facebook, It Was A Massive Campaign Finance Scam

        If you asked most people what the Cambridge Analytica scandal was about, many would insist that it involved the company illegally sucking up all sorts of data from Facebook and using that to nefariously micro-target people with ads or information in a way that supported Donald Trump or suppressed the interest in voting for Hillary Clinton. As we pointed out years ago, it seemed like everyone was very much misinterpreting what happened with Cambridge Analytica.

      • Trump Makes Alarming Call for AG Barr to Investigate Biden “Before the Election”

        During a Fox News interview on Tuesday morning, President Donald Trump called on Attorney General William Barr to investigate his political rival, Joe Biden, and his son, Hunter, over allegations made in a disputed story by an unnamed staff reporter in the New York Post last week.

      • Rights Advocates and Dems Reiterate Calls to #BlockBarrett as McConnell Vows to Confirm Trump Nominee on Monday

        "If we're to have courts that protect equal justice for everyone, we need a nominee who will defend our civil and human rights. Amy Coney Barrett is not that nominee."

      • “A Blow Against Neoliberalism”: Socialist Wins Bolivian Election a Year After Coup Ousted Evo Morales

        Former Bolivian President Evo Morales’s political party MAS has claimed victory in the country’s presidential election, with Morales’s handpicked successor Luis Arce securing over 50% of the vote, according to exit polls. If confirmed, the result will put the socialist party back in power almost a year after a right-wing coup that ousted Morales and installed Jeanine Áñez as president. The election was postponed twice, and protests rocked Bolivia for months leading up to the vote, calling out the government’s use of military and police repression and violence against Indigenous communities. “It’s an extraordinary election,” says Ollie Vargas, a reporter for Kawsachun News. “In 2019, Evo Morales won by a margin of just over 10%, and now we have a margin of over 20% with which the left is ahead.” We also speak with Leonardo Flores, Latin America campaign coordinator of CodePink, who calls the election results “a huge, huge victory” for Bolivian people and for democracy itself. “It’s a blow against neoliberalism and fascism in this country,” says Flores.

      • “A Fire That Has Spread Across the Country”: Jelani Cobb on Voter Suppression in the 2020 Election

        As tens of millions of people across the U.S. cast their ballots in early voting ahead of the November 3 election, we look at voter suppression efforts with journalist and academic Jelani Cobb. His new “Frontline” documentary “Whose Vote Counts” examines the long lines, record number of mail-in ballots and the legal fights that have marked voting during the pandemic, with a focus on Wisconsin. “This is a state where the presidency was essentially decided in the last election,” says Cobb, a professor of journalism at Columbia University and a contributor to The New Yorker. He describes voter suppression as “a fire that has spread across the country.”

      • What A Post-Trump America Looks Like Is Anyone’s Guess

        With or without Donald Trump at the helm, the future of the United States should concern everyone, writes Stephen Scher.

      • How to Stop Trump from Stealing the Election

        But he won’t necessarily keep that advantage after the election. If the decision goes to the House, it would be made by lawmakers elected in November, who will be sworn in on January 3 – three days before they’ll convene to decide the winner of the election.Which is why House Speaker Nancy Pelosi is focusing on races that could tip the balance of state delegations – not just in Pennsylvania and Michigan but any others within reach. “It’s sad we have to plan this way,” she wrote recently, “but it’s what we must do to ensure the election is not stolen.”The targets are Alaska (where replacing the one House member, now a Republican, with a Democrat, would result in a vote for Biden), Montana (ditto), Pennsylvania (now tied, so flipping one would be enough), Florida (now 14 Republicans and 13 Democrats, but 3 Republicans are retiring) and Michigan (where Republicans now have 6 members and Democrats 7). Congress has decided contested elections only three times in U.S. history, in 1801, 1825, and 1877. But we might face another because Donald Trump will stop at nothing to retain his power.That’s why it’s even more critical for you to vote. Make this a blowout victory for Joe Biden and Democrats down the ballot, and stop Trump from stealing this election.

      • “Trumpcare” Does Not Exist. Nevertheless Facebook and Google Cash In on Misleading Ads for “Garbage” Health Insurance.

        “Trumpcare” insurance will “finally fix healthcare,” said an advertisement on Facebook.

        A Google ad urged people to “Enroll in Trumpcare plans. Healthcare changes are coming.”

      • AOC’s debut Twitch stream is one of the biggest ever

        That peak viewership puts her broadcast among the 20 biggest streams ever, according to the third-party metrics site TwitchTracker, and much higher if you’re only looking at broadcasts from individual streamers. Ninja holds the record for an individual streamer, with more than 600,000 viewers during a Fortnite match with Drake in 2018. TwitchTracker’s metrics suggest that AOC’s stream could in the top 10 for an individual in terms of peak viewers.

        Politicians have increasingly been using tech and games to get out their message. The Biden campaign debuted an Animal Crossing island last week. Last year, Sen. Bernie Sanders (I-VT) joined Twitch to reach a “potentially supportive audience that we may not be hitting other ways.”

      • Sweden bans Huawei, ZTE from 5G, calls China biggest threat

        Sweden is banning Chinese tech companies Huawei and ZTE from building new high-speed wireless networks after a top security official called China one of the country's biggest threats.

        The Swedish telecom regulator said Tuesday that four wireless carriers bidding for frequencies in an upcoming spectrum auction for the new 5G networks must not use equipment from Huawei or ZTE.

        Wireless carriers that plan to use existing telecommunications infrastructure for 5G networks must also rip out any existing gear from Huawei or ZTE, the Swedish Post and Telecom Authority said.

      • Sweden bans use of Huawei, ZTE equipment in new 5G networks

        PTS noted that it was following advice from the Swedish Armed Forces and Security Services, with these organizations carrying out studies to ensure that the use of radio equipment in the spectrum bands being auctioned in November “does not cause harm to Sweden’s security.”

      • Mauritius: Cybersecurity Bill

        The Minister of Technology, Communication and Innovation (TCI), Deepak Balgobin, announced that the Cybersecurity Bill will be introduced to the National Assembly of Mauritius as parliament resumes on the 3rd of November 2020.

      • Foreign reporters describe safety concerns covering US elections and protests

        This year, however, amid the spread of COVID-19, curtailed campaigns, civil unrest, visa issues, and an unpredictable political environment, the elections beat has been particularly challenging for foreign reporters.

        CPJ spoke with three foreign journalists about the challenges of covering the United States in 2020. These interviews have been edited for length and clarity.

    • Censorship/Free Speech

      • Thailand orders ISPs to block Telegram amid ongoing protests

        Thai users of Telegram will soon need a VPN to access the increasingly popular messaging app. The government of Thailand has ordered Thai internet service providers (ISPs) to block the Telegram encrypted messaging service. This news comes to us from a leaked government document that was sent from Thailand’s digital economy ministry to the country’s National Broadcasting and Telecommunications Commission. The government is also making moves against four media outlets that are accused of promoting the protests. Thai protesters have defied orders not to demonstrate for several days in a row. A lot of the organization of these protests is happening on Telegram, and thus the current Thai government seeks to ban Telegram.

    • Civil Rights/Policing

      • Baseball’s Race Problem

        Roger Angell, who turned 100 in this year of pandemic and upheaval, is one of the best and most beloved writers on baseball, in large part because of his lyrical, sinewy prose. Over the decades, he has cogently analyzed the “summer game” and its importance to American life. Baseball, he wrote, boasts “the most enviable corporate image in the world.” Its evocations, overtones, and loyalties, firmly planted in the mind of every American male during childhood and nurtured thereafter by millions of words of free newspaper publicity, appear to be unassailable. It is the national pastime. It is youth, springtime, a trip to the country, part of our past. It is the roaring excitement of huge urban crowds and the sleepy green afternoon silences of midsummer.

      • SCOTUS mail-in voting ruling raises alarm: Democrats may “never win another national election"

        With Chief Justice John Roberts joining the court's three liberals, the court split 4-4 to reject a request from Pennsylvania Republicans to block an order from the state's Supreme Court allowing mail-in ballots to be counted if they are received within three days of Election Day — even if they do not have a clear postmark. The tie left the state decision in place, which Democratic lawyers hailed as "great news for voting rights."

      • Uniformed Miami cop spotted wearing pro-Trump mask near voting site will be disciplined

        Simeonidis, an attorney who works downtown, said he was passing through Government Center when he spotted Ubeda “well within” the 150-foot barrier that police and campaigners are not permitted under state statute during an election if they are endorsing a candidate. He photographed the officer and tweeted about the encounter.

        “He may have been going to vote. But he was in full uniform with the mask and a gun. That’s voter intimidation,” Simeonidis said.

      • Anti-stalkerware group still working to protect domestic abuse victims

        Security firms, victim advocacy groups and anti-domestic abuse organizations combined forces roughly a year ago to bring an end to stalkerware, the kind of technology that people use to monitor their domestic partners’ devices. The group, known as the Coalition Against Stalkerware, has made progress in the past 12 months or so, though there’s still a long road ahead, said Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation, one of the founding members of the coalition.

      • Former Tibetan Political Prisoner Takna Jigme Sangpo Dies in Switzerland

        Takna Jigme Sangpo, famous as Tibet’s longest-serving political prisoner, has died in Switzerland at the age of 91 after spending 37 years in Chinese prisons and 18 years in exile, where he spoke out against Chinese human rights abuses in Tibet.

      • The New Humanitarian | An Indigenous protest movement emerges in Colombia

        Four years after being promised changes as part of a landmark peace accord, Indigenous communities have had enough and are demanding action.

    • Digital Restrictions (DRM)

      • Netflix’s subscriber growth slows, but company isn’t worried about running out of content

        One easy and anticipated answer, Benes says, is a price hike. Netflix already introduced a price hike in Canada this month, and that’s a good sign subscribers in the US should prepare, too. Benes believes that Netflix is still underpriced as a service, adding that people get “a lot of value for not a whole lot of money.” It’s a good time for Netflix to ask people for an extra dollar a month, Benes said, because they’ll probably pay. “Some people might cancel, but I bet it would pay off for them,” Benes added.

      • Netflix Co-CEOs Defend ‘Keeper Test’ After Programming Exec Exits

        Sarandos, Netflix’s chief content officer who was elevated to co-CEO in July, was asked about the recent executive churn by Barclays Capital analyst Kannan Venkateshwar on the company’s third-quarter 2020 earnings interview.

      • Netflix Misses Wall Street Expectations With 2.2M Subscriber Additions

        The company had been predicting that it would see a pullback in new subscribers after a strong first half of the year as people became accustomed to life amid a global pandemic. As a result, it forecast that it would add a relatively modest 2.5 million subscribers during the three-month period from July to September.

        Still, Wall Street analysts were expecting the streamer to add around 3.6 million subscribers during the period, per Goldman Sachs. The company's soft quarter — down from 6.8 million net adds in the same period last year — sent the stock down around 5 percent during after-hours trading on Tuesday.

    • Monopolies

      • Both the GOP and the Democrats want to break up Big Tech. Could it really happen?

        In general, the Democrats and Republicans seemed united in their desire to rein in big technology companies. Cicilline declared at one point that "these once-scrappy, underdog startups have grown into the kinds of monopolies we last saw more than a century ago."

        Gus Hurwitz, an associate professor of law at the University of Nebraska – Lincoln, told Salon that this narrative of "little guy" companies growing dangerous big is consistent with perceptions of technology corporations since the late 20th century. In the 1990s they were viewed as bringing about a potential utopia — the logic, as he described it to Salon, was "Hey, this is going to be a incredibly important platform that's going to bring the world together and create a new global entity that is independent from any nation." Now they are perceived with suspicion because of concerns that normally would not have fallen under the purview of antitrust legislation. These include the belief that Big Tech companies violate users' privacy and, on the right, the accusation that companies discriminate against conservative voices.

      • US files anti-trust suit against Google, 11 states join action

        The US has filed a civil anti-trust suit against search firm Google, saying it was aimed at stopping the company, which dominates the sector, "from unlawfully maintaining monopolies through anti-competitive and exclusionary practices in the search and search advertising markets and to remedy the competitive harms".

      • Bill Barr's Google 'Antitrust Inquiry' Is A Weaponized Farce

        Last month we noted how Bill Barr was rushing DOJ staffers (much to their chagrin) to launch his "antitrust inquiry" into Google. Why? Three reasons. One, it helps Trump allies and Google adversaries like "big telecom," Oracle, and Rupert Murdoch. Two, it helps put the utterly false narrative of "social media unfairly censors Conservatives" into headlines during an election. And three, it creates leverage over companies that have finally just begun to take online hate speech and disinformation (a cornerstone of Trumpism) seriously. Genuine concerns about "monopoly power" are the last thing on these folks' minds.

      • The US government has filed antitrust charges against Google

        In a call this morning, Justice Department officials emphasized the scale and power of Google’s control over the search market. “Google’s conduct is illegal under traditional antitrust principles and must be stopped.... Google owns or controls search distribution channels accounting for about 80 percent of general search queries in the United States,” said Ryan Shores, the Justice Department’s senior advisor for tech industries. “We’re asking the court to break Google’s grip on search distribution so that competition and innovation can take hold.”

      • Here’s Why Google Shares Rose After the U.S. Antitrust Suit

        For starters, the lawsuit had few major surprises and many elements that investors expected. Bloomberg and other media already reported that Google’s search default deals would be a focus of the DOJ, and some Wall Street analysts had written research about this.

        There’s also speculation that any eventual remedies won’t have a deep, lasting impact on Google’s ability to make money from its leadership in search advertising. Mark Shmulik, an analyst at Sanford C. Bernstein, told investors on Tuesday that the firm sees “limited risk” to Google from the suit.

        In the end, the U.S. government could force Google to stop paying partners, such as Apple Inc., billions of dollars to make its search engine the default on their devices and browsers. And even if users have more choice, they may end up gravitating toward Google anyway.

      • U.S. Case Against Google Mimics Lawsuit That Weakened Microsoft

        The suit focuses on payments Google makes to ensure its search engine is the default on mobile phones and web browsers. Google’s dominant market share and massive revenue allows it to spend billions of dollars a year on these deals, blocking out competitors from the valuable placements and limiting consumer choice, the Justice Department alleged.

        It’s a similar argument the government made against Microsoft when it alleged in 1998 that the software company was requiring computer makers to set its web browser as the default on their machines. That lawsuit dragged on for years, distracted executives and helped Microsoft competitors -- Google among them.

      • Google Abuses Its Monopoly Power Over Search, Justice Department Says In Lawsuit

        Justice Department lawyers accuse Google of illegally using its monopoly power to stifle competition and hurt consumers through exclusionary agreements, including deals like the one it struck with Apple making Google the default search engine on the Safari browser on iPhones.

      • Justice Department Hits Google With Antitrust Lawsuit

        In the complaint filed in D.C. federal court (read in full below), the DOJ and 11 states focus on how Google has allegedly abused market power to protect its 90 percent share of internet search and 95 percent share of mobile search. The government asserts that Google is violating Section 2 of the Sherman Act through its alleged monopoly maintenance.

      • The Federal Government Just Took a Big Step Toward Regulating Big Tech

        Among the maybe-not-quite-so-legal practices outlined in the 57-page complaint are the “exclusionary agreements” Google has struck with manufacturers like Apple to ensure Google is the default search engine on all of their products. The complaint estimates that these agreements have given Google control over around 80 percent of the online search engine market. “For many years, Google has used anticompetitive tactics to maintain and extend its monopolies in the markets for general search services, search advertising and general search text advertising — the cornerstones of its empire,” the complaint reads.

      • Patents

        • Watch Out: The Patent Maximalists Are On The Warpath To Destroy Innovation And Empower Patent Trolls

          Over the last year or so there's been a concerted effort by patent maximalists to try to shred a long line of very good Supreme Court rulings that finally (after two decades) limited just some of the destructive nature of patent trolling. There was an attempt in Congress to literally reject all of those key Supreme Court cases, and bring back Congress's full support for patent trolling. The current head of the patent office has been spewing a bunch of similar nonsense as well, and seems to have no recognition that patents that are too broad hinder, rather than help innovation. And now we have Judge Randall Rader, who ran the federal patent court, the Court of Appeals for the Federal Circuit (CAFC), for many years before stepping down due to an ethics scandal.

        • Software Patents

          • Nokia enforcing video codec patent injunction against Lenovo in Germany: standard-essential patent case law diverging from CJEU's Huawei v. ZTE guidance

            Bloomberg reported earlier today, and Lenovo has meanwhile confirmed to me, that Nokia is enforcing a standard-essential patent (SEP) injunction it obtained from the Munich I Regional Court against computer maker Lenovo after posting collateral to the amount of 3.25 million euros (less than $4 million). Lenovo has asked the Munich Higher Regional Court to stay the enforcement of the injunction.

            [...]

            If the Munich appeals court wanted to prevent reversible lower-court decisions from causing irreversible economic harm, it could do what its equivalent in Karlsruhe did in a Nokia v. Daimler case this year. Judge Andreas Voss ("Voß" in German), who presides over the Karlsruhe Higher Regional Court's patent-specialized panel, gave Nokia a pretty clear indication that if they didn't commit to refrain from enforcement, he'd order a micro-stay for the period during which his court would weigh Daimler's motion for a stay during the entire appellate proceedings. But in that Apple v. Qualcomm case, the Munich appeals court said that a micro-stay was only an option if, essentially, a company would go out of business.

            Nokia's SEP enforcement campaign against Daimler has hit a snag with the Dusseldorf Regional Court poised to refer certain legal questions relating to component-level SEP licensing to the CJEU. Nokia even tried a Hail Mary pass by making a new round of licensing offers to some of Daimler's suppliers. That lack of success on the automotive front makes it all the more important for increasingly trollish Nokia to demonstrate to the wider tech industry that it will vigorously enforce any injunctions unless the amount of security is unaffordable and/or an appeals court takes swift and decisive action.

      • Copyrights

        • Brilliant satirist Tom Lehrer's catalog now in the public domain

          Tom Lehrer has released all his works into the public domain. We have til 2024 to download them, however, when it appears his website will go down.

        • There's a Hidden 'Proxy War' Between YouTube and Stream Rippers

          Every day millions of people use YouTube rippers, tools that are often used to download music for free. Music industry insiders are sounding the alarm about this piracy threat but YouTube itself is not very vocal about the issue. Behind the scenes, however, YouTube is fighting an ongoing battle to block these sites, one that they're not winning just yet.

        • Hollywood Wins New 'Pirate' Blocking Order After Contentious Sites Removed

          In the summer a group of major Hollywood studios, Netflix, and other movie companies filed a new pirate site blocking application in Australia. The list contained plenty of obviously infringing sites but also the domains of Iran's 'YouTube' and an Israeli newspaper. The Federal Court has now awarded the injunction but following our initial report, both contentious domains have been removed.

        • Nintendo Nukes 'Zelda' Fan Game, As Per Usual

          I've tried with Nintendo. For some years now, I have both complained about how strict and hamfisted the company is when it comes to allowing fans to express their fandom in the form of fan-created games and content, as well as offered the company advice as to how it could be just a little more cool about all of this. The frustration really starts to boil over when you realize just how much cool content the world could have if Nintendo could figure out some way not to be as protectionist as possible and instead seek out ways to work with fans to allow for this sort of thing. To be clear, as I have said in the past, Nintendo certainly can act this way when it comes to how it treats its fans, but it doesn't have to act this way.



Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024