Language Selection

English French German Italian Portuguese Spanish

Techrights

Syndicate content
Free Software Sentry – watching and reporting maneuvers of those threatened by software freedom
Updated: 2 hours 3 min ago

Links 16/10/2019: Halo Privacy, Ubuntu Release Imminent

10 hours 58 min ago

Contents
  • GNU/Linux
    • Google launches the $649 Pixelbook Go Chromebook

      At its annual hardware event, Google today announced the launch of the Pixelbook Go, the latest iteration of its first-party Chromebook lineup. Starting at $649, the Pixelbook Go marks a return to the standard laptop format after last year’s Pixelbook with a 180-degree hinge and the Pixel Slate 2-in-1.

      The Go will come with a 16:9 13.3-inch touch screen and either an HD or 4K display, two USB-C ports, a built-in Titan-C security chip, up to 16GB of RAM and up to 256GB of storage. It’s powered by Intel Core CPUs, starting with an m3 chip at the low end and an i7 at the top end. Available colors are black and “not pink” and pre-orders start now, but only for the black version. “Not pink” is coming soon.

    • Purism
      • Purism Partners with Halo Privacy to Bring Extra Security to Its Linux Devices

        Purism is already known for providing top notch security and privacy for its Linux laptops and phones, but with the new partnership with Halo Privacy, the company wants to bring strong cryptography and custom managed attribution techniques to secure communications from direct attacks.

        These new, unique security stack provided by Halo Privacy works together with Purism’s state-of-the-art security implementations for its Linux devices, including the Librem Key USB security token with tamper detection and PureBoot secure UEFI replacement, to cryptographically guarantee signing of the lowest level of firmware and user’s privacy.

      • Halo Privacy partners with Purism

        Halo Privacy partners with Purism to provide best-in-class secure hardware devices to large enterprise customers in defense, aerospace, and the cryptocurrency/fintech sector.

        Halo is excited to deliver solutions utilizing Purism’s industry unique security stack across Librem Laptops, the Librem 5 phone, and including the recently released Made in the USA Librem Key. This advanced security combines hardware with PureBoot, Purism’s UEFI replacement (combining coreboot, Heads, TPM, and Librem Key), to cryptographically guarantee signing of the lowest level of hardware and firmware.

        Halo Privacy, combines custom managed attribution techniques with strong cryptography to secure communications from direct attack while maintaining confidentiality for a user’s identity. By integrating with the Purism suite, Halo significantly reduces the attack surface while providing strong assurance based on the integrity of Purism’s supply chain.

        Building on a foundation of shared enthusiasm for privacy and control, Purism and Halo Privacy are happy to announce a partnership focused around delivering Purism hardware into Halo Privacy’s Corona & Eclipse secure communications platforms. Halo is a solutions partner with its network of Government and private sector clients. As an additional step, Halo is allocating developer resources to deliver additional functionality on Purism’s platform.

        “Halo Privacy has proven to be an instrumental partner with Purism, helping shape some of the security products by getting involved in the early phases of development and product purchasing.” says Todd Weaver, Founder & CEO of Purism.

        “When looking to mitigate the supply chain risk in publicly available hardware offerings, nothing compares to Purism. Delivering solutions using the foundational strength of Purism’s products provides an unparalleled level of confidence and control” says Lance Gaines, Founder & CTO of Halo Privacy.

      • Librem 5 Aspen Batch – Photo and Video Gallery

        Librem 5‘s from the Aspen batch have started shipping to early backers so we’ve done a roundup of some of the best photos and videos shared by us and others as well as some never seen before photos.

        The Librem 5 case has evolved to a black anodized aluminium shell (with non-metal backing to keep radio reception quality high) with flush, easy-to-slide hardware kill switches.

        The Purism factory is ready to ship thousands of Librem 5s to backers over the coming months.

      • Purism Shares More Photos Of Initial Librem 5 Phones, PureOS UI
    • Server
      • Eirinix: Writing Extensions for Eirini

        At the recent Cloud Foundry Summit EU in the Netherlands, Vlad Iovanov and Ettore Di Giacinto of SUSE presented a talk about Eirini — a project that allows the deployment and management of applications on Kubernetes using the Cloud Foundry Platform. They introduced eirinix — a framework that allows developers to extend Eirini. Eirinix is built from the Quarks codebase, which leverages Kubernetes Mutating Webhooks. With the flexibility of Kubernetes and Eirini’s architecture, developers can now build features around Eirini, like Persi support, access to the application via SSH, ASGs via Network Policies and more. In this talk, they explained how this can be done, and how everyone can start contributing to a rich ecosystem of extensions that will improve Eirini and the developer experience of Cloud Foundry.

      • IBM
        • Building an open ML platform with Red Hat OpenShift and Open Data Hub Project

          Unaddressed, these challenges impact the speed, efficiency and productivity of the highly valuable data science teams. This leads to frustration, lack of job satisfaction and ultimately the promise of AI/ML to the business is not redeemed.

          IT departments are being challenged to address the above. IT has to deliver a cloud-like experience to data scientists. That means a platform that offers freedom of choice, is easy to access, is fast and agile, scales on-demand and is resilient. The use of open source technologies will prevent lockin, and maintain long term strategic leverage over cost.

          In many ways, a similar dynamic has played out in the world of application development in the past few years that has led to microservices, the hybrid cloud and automation and agile processes. And IT has addressed this with containers, kubernetes and open hybrid cloud.

          So how does IT address this challenge in the world of AI – by learning from their own experiences in the world of application development and applying to the world of AI/ML. IT addresses the challenge by building an AI platform that is container based, that helps build AI/ML services with agile process that accelerates innovation and is built with the hybrid cloud in mind.

        • Launching OpenShift/Kubernetes Support for Solarflare Cloud Onload

          This is a guest post co-written by Solarflare, a Xilinx company. Miklos Reiter is Software Development Manager at Solarflare and leads the development of Solarflare’s Cloud Onload Operator. Zvonko Kaiser is Team Lead at Red Hat and leads the development of the Node Feature Discovery operator.

        • Red Hat and SAS: Enabling enterprise intelligence across the hybrid cloud

          Every day 2.5 quintillion bytes of big data is created – this data comes from externally sourced websites, blog posts, tweets, sensors of various types and public data initiatives such as the human genome project as well as audio and video recordings from smart devices/apps and the Internet of Things (IoT). Many businesses are learning how to look beyond just data volume (storage requirements), velocity (port bandwidth) and variety (voice, video and data) of this data; they are learning how to use the data to make intelligent business decisions.

          Today, every organization, across geographies and industries can innovate digitally, creating more customer value and differentiation while helping to level the competitive playing field. The ability to capture and analyze big data and apply context-based visibility and control into actionable information is what creates an intelligent enterprise. It entails using data to get real-time insights across the lines of business which can then drive improved operations, innovation, new areas of growth and deliver enhanced customer and end user experiences

        • Working together to raise mental health awareness: How Red Hat observed World Mental Health Day

          Cultivating a diverse and inclusive workspace is an important part of Red Hat’s open culture. That’s why we work to create an environment where associates feel comfortable bringing their whole selves to work every single day. One way we achieve this mission is by making sure that Red Hatters who wish to share their mental health experiences, are met with compassion and understanding, but most importantly, without stigma. It is estimated that one in four adults suffers from mental illness every year.

        • Introducing Red Hat OpenShift 4.2: Developers get an expanded and improved toolbox

          Today Red Hat announces Red Hat OpenShift 4.2 extending its commitment to simplifying and automating the cloud and empowering developers to innovate.

          Red Hat OpenShift 4, introduced in May, is the next generation of Red Hat’s trusted enterprise Kubernetes platform, reengineered to address the complexity of managing container-based applications in production systems. It is designed as a self-managing platform with automatic software updates and lifecycle management across hybrid cloud environments, built on the trusted foundation of Red Hat Enterprise Linux and Red Hat Enterprise Linux CoreOS.

          The Red Hat OpenShift 4.2 release focuses on tooling that is designed to deliver a developer-centric user experience. It also helps cluster administrators by easing the management of the platform and applications, with the availability of OpenShift migration tooling from 3.x to 4.x, as well as newly supported disconnected installs.

        • A look at the most exciting features in OpenStack Train

          With all eyes turning towards Shanghai, we’re getting ready for the next Open Infrastructure Summit in November with great excitement. But before we hit the road, I wanted to draw attention to the latest OpenStack upstream release. The Train release continues to showcase the community’s drive toward offering innovations in OpenStack. Red Hat has been part of developing more than 50 new features spanning Nova, Ironic, Cinder, TripleO and many more projects.

          But given all the technology goodies (you can see the release highlights here) that the Train release has to offer, you may be curious about the features that we at Red Hat believe are among the top capabilities that will benefit our telecommunications and enterprise customers and their uses cases. Here’s an overview of the features we are most excited about this release.

        • New developer tools in Red Hat OpenShift 4.2

          Today’s announcement of Red Hat OpenShift 4.2 represents a major release for developers working with OpenShift and Kubernetes. There is a new application development-focused user interface, new tools, and plugins for container builds, CI/CD pipelines, and serverless architecture.

        • Red Hat CodeReady Containers overview for Windows and macOS

          Red Hat CodeReady Containers 1.0 is now available with support for Red Hat OpenShift 4.2. CodeReady Containers is “OpenShift on your laptop,” the easiest way to get a local OpenShift environment running on your machine. You can get an overview of CodeReady Containers in the tech preview launch post. You can download CodeReady Containers from the product page.

        • Tour of the Developer Perspective in the Red Hat OpenShift 4.2 web console

          Of all of the new features of the Red Hat OpenShift 4.2 release, what I’ve been looking forward to the most are the developer-focused updates to the web console. If you’ve used OpenShift 4.1, then you’re probably already familiar with the updated Administrator Perspective, which is where you can manage workloads, storage, networking, cluster settings, and more.

          The addition of the new Developer Perspective aims to give developers an optimized experience with the features and workflows they’re most likely to need to be productive. Developers can focus on higher level abstractions like their application and components, and then drill down deeper to get to the OpenShift and Kubernetes resources that make up their application.

          Let’s take a tour of the Developer Perspective and explore some of the key features.

        • VirtualBox Adds Support for Linux Kernel 5.3, Red Hat Enterprise Linux 8.1 Beta

          Oracle released today VirtualBox 6.0.14, a new maintenance update in the latest VirtualBox 6.0 series of their open-source and cross-platform virtualization software.

          VirtualBox 6.0.14 is here to add support for new technologies, fix bug, and add various improvements. For example it implements support for the Linux 5.3 kernel series, as well as for the Red Hat Enterprise Linux 7.7, CentOS Linux 7.7, Oracle Linux 7.7m and Red Hat Enterprise Linux 8.1 Beta operating systems.

          On top of that, VirtualBox 6.0.14 improves the detection of the Python version during the creation of the RPM package on Linux hosts to address some installation issues addresses and package dependencies, and improves shared folders for Linux guests, especially when unmounting them in service script.

    • Audiocasts/Shows
    • Kernel Space
      • libinput’s bus factor is 1

        Let’s arbitrarily pick the 1.9.0 release (roughly 2 years ago) and look at the numbers: of the ~1200 commits since 1.9.0, just under 990 were done by me. In those 2 years we had 76 contributors in total, but only 24 of which have more than one commit and only 6 contributors have more than 5 commits. The numbers don’t really change much even if we go all the way back to 1.0.0 in 2015. These numbers do not include the non-development work: release maintenance for new releases and point releases, reviewing CI failures [1], writing documentation (including the stuff on this blog), testing and bug triage. Right now, this is effectively all done by one person.

        This is… less than ideal. At this point libinput is more-or-less the only input stack we have [2] and all major distributions rely on it. It drives mice, touchpads, tablets, keyboards, touchscreens, trackballs, etc. so basically everything except joysticks.

      • Graphics Stack
        • Khronos Opens Door For Allowing More Open-Source Drivers To Reach Conformance Status

          Khronos president Neil Trevett was at this month’s XDC2019 conference in Montreal and he clarified their position on accepting conformance submissions by the open-source drivers.

          He clarified that any of the open-source driver projects working on a conformant implementation for OpenGL / OpenCL / Vulkan can indeed submit to Khronos without paying any vendor fees, etc. That includes all drivers, just not those part of (or not) Khronos Group members.

        • TURNIP Vulkan Driver Gets MSAA Working

          Mesa’s TURNIP Vulkan driver that provides open-source Vulkan API support for Qualcomm Adreno hardware in recent weeks has been back to seeing new activity and this week more useful contributions are being made.

          On Tuesday a number of TURNIP commits were made by Jonathan Marek as well as Eric Anholt. The latest work includes a number of fixes, adding the ASTC texture compression format layout, VK_KHR_sampler_mirror_clamp_to_edge, and ultimately getting basic MSAA working. The multi-sample anti-aliasing support for this open-source TURNIP driver for Adreno graphics has been described as “not perfect but gets through some tests.”

    • Benchmarks
      • A Quick Look At EXT4 vs. ZFS Performance On Ubuntu 19.10 With An NVMe SSD

        For those thinking of playing with Ubuntu 19.10′s new experimental ZFS desktop install option in opting for using ZFS On Linux in place of EXT4 as the root file-system, here are some quick benchmarks looking at the out-of-the-box performance of ZFS/ZoL vs. EXT4 on Ubuntu 19.10 using a common NVMe solid-state drive.

        Given Canonical has brought ZFS support to its Ubiquity desktop installer as an easy-to-deploy option for running on this popular file-system, for this initial round of testing from Ubuntu 19.10 a lone NVMe SSD is being used (Corsair Force MP600) as opposed to doing any multi-disk setups, etc, where ZFS is more common due to its rich feature set.

        Clean installs of Ubuntu 19.10 were done both with EXT4 and ZFS while using the stock mount options / settings each time. The ZoL support in Ubuntu 19.10 is relying upon various back-ports from ZFS On Linux 0.8.2 and this imminent Linux distribution update is shipping with a 5.3-based kernel.

    • Applications
      • 6 Excellent Free Linux Reference Management Tools

        Reference management software is software for academics and authors to use to record and use bibliographic citations. This type of software typically uses a database to store the bibliographic references, together with a system for filtering the list in a format needed desirable to scholarly journals and publishers.

        This category of software is one of the most useful digital tools for a researcher today. It enables users to import references from sources, manage and edit the references, export the references, format the bibliography, and in accordance with international standards. Researchers and academics appreciate the essential functions offered by reference management tools, minimising the tedious task of collecting, organising and citing their sources.

        There are a number of different types of software packages that you can use to manage the bibliographic details of information and the documents you find during your degree or research. All of the software featured in this article is available to use without charge, and with the exception of Mendeley Desktop are released under an open source license.

      • Handwritten Notes And PDF Annotation Tool Xournal++ Update Brings New Floating Toolbox

        Xournal++ was updated to version 1.0.14 recently, quickly followed by a minor 1.0.15 release. With this update, the application has received a new experimental floating toolbox, redesigned preferences, and some notable quality of life changes.

        Xournal++ is a handwriting notetaking application that supports PDF annotations, which runs on Linux, macOS and Windows 10.

        Written in C++ with GTK+ 3, the tool can be used to take notes with pen input devices such as Wacom Tablets, while also allowing users to take audio notes thanks to its audio recording and playback functionality. This application is not just for taking handwritten and audio notes though, as it can also annotate PDF documents (and more) – it can insert text / LaTeX, draw shapes, and insert black or delete existing PDF pages.

      • Proprietary
        • BGH Capital backs major new cyber security player

          Former national cyber security adviser Alastair MacGibbon and former Optus Business managing director John Paitaridis joined forces to create the country’s largest pure cyber security company, with 400 staff and backing from private equity firm BGH Capital.

          Led by Mr Paitaridis, CyberCX brings together 12 niche cyber security players to form one large company.

        • Malware That Spits Cash Out of ATMs Has Spread Across the World [iophk: Windows TCO]

          Part of the security issue for ATMs is that many of them are, in essence, aged Windows computers.

        • Migration Complete – Amazon’s Consumer Business Just Turned off its Final Oracle Database

          We migrated 75 petabytes of internal data stored in nearly 7,500 Oracle databases to multiple AWS database services including Amazon DynamoDB, Amazon Aurora, Amazon Relational Database Service (RDS), and Amazon Redshift. The migrations were accomplished with little or no downtime, and covered 100% of our proprietary systems. This includes complex purchasing, catalog management, order fulfillment, accounting, and video streaming workloads. We kept careful track of the costs and the performance, and realized the following results: [...]

    • Instructionals/Technical
    • Games
      • Shadow of the Tomb Raider coming to Linux on Nov 5

        Gamers are in for a treat as Shadow of the Tomb Raider Definitive Edition is set to make its debut on both Linux and macOS systems this November 5th.

        Shadow of the Tomb Raider is the third and final installment to the famous Tomb Raider origins trilogy. Similar to its previous parts, it is going to be based around Lara Croft herself and will accompany tons of action and adventure. In this game, most of Lara’s adventures will take place in Paititi, where she would battle to stop a Mayan apocalypse with the help of her two best friends: firearms and stealth.

      • AI War 2, the massive RTS game confirmed for launch on October 22

        Arcen Games have now fully confirmed that October 22 is the final launch date for AI War 2 to leave Early Access.

        This is the sequel to the critically acclaimed AI War: Fleet Command released back in 2009, which eventually came to Linux too later in 2014. The release of AI War 2 is going to mark 10 years since the original! Funded on Kickstarter back in 2016 with the help of around 2,545 backers.

        AI War 2 is a grand strategy RTS hybrid against an overwhelming, inhuman enemy who has conquered the galaxy. The enemy has made only a single error: underestimating you. You must steal as much technology as you can, take enough territory to fortify your bases and launch your last stand.

      • Dominus Galaxia, a 4x strategy game heavily inspired by Master of Orion 1 has a Linux demo up

        Their aim with Dominus Galaxia is to be an upgraded spiritual successor to the original Master of Orion, they said to think of it like if Master of Orion 2 was a proper sequel and not a “a radical re-imagining”.

        It’s currently crowdfunding on Kickstarter which has 10 days to go with nearly 50% of the funding needed, with a bit of a stretch it may be able to make it. Just recently, they put up a full demo of the game with Linux support on itch.io.

      • Creature building action and survival game ‘Sipho’ adds some fun new zooids for your monstrosity

        Swim, kill, adapt and hopefully survive. That’s the aim of the game in Sipho and the recent update adds in some new pieces for you to unlock to build your horrific sea creature with.

        It’s such a strange game, blending together furious action with a creature builder where you unlock different parts and species. Based on real science, inspired by the Siphonophorae with your creature being built with zooids, an animal that forms part of a colony that all move together.

      • No Linux version of Lonely Mountains: Downhill yet due to IL2CPP in Unity

        Megagon Industries have now confirmed the status of Lonely Mountains: Downhill for Linux and currently it’s not good news.

        This is a game that was funded on Kickstarter, that had Linux as a platform for release. If this sounds familiar, it’s because we wrote about this game recently where the developer seemed a bit confused on the Linux version and they weren’t clear on what they were doing.

      • Project RIP, a new FPS released recently with Linux support and it looks action-packed

        Fight off waves of demons in Project RIP from developer Storming Tech, a new Unreal Engine first-person shooter that has Linux support. This is the same developer who also made Escape Legacy: Ancient Scrolls, an escape room puzzle game which also seemed quite good.

      • The Northgard free Conquest expansion is launching October 22

        The huge free Conquest expansion for the strategy game Northgard is now confirmed to be releasing on October 22.

        As announced before this free update is going to include a new standalone game mode, which can be played solo or in co-op. Offering up a series of missions, offering a what they claim is “100+” hours of extra possible play time. The missions don’t seem to be linked, offering up something new each time with specific victory conditions and rule sets.

      • The impressively smooth roguelike Jupiter Hell has a big AI upgrade and a first sale

        ChaosForge continue advancing their turn-based shooter roguelike shooter Jupiter Hell, with another big update now available.

        A big focus has been on the AI to actually make it a bit smarter. Humanoid enemies will now attempt to take cover and not always run in a straight line at you, which can make it a little more difficult for sure. Most enemies will also react to noise you and other NPCs make. The demon-like enemies will now track you by smell, so you can’t hide from them. You might find the need to retreat more often, to find a better position.

    • Desktop Environments/WMs
      • K Desktop Environment/KDE SC/Qt
        • Some nice widgets for your Plasma desktop

          Plasma is an extremely extensible, flexible desktop environment, and it lets you customize and change anything and everything to the tiniest detail. You can go about mimicking other desktops and systems as you please, limited only by your imagination and patience. If you want a Mac-like look or a Unity look, you can.

          So I thought, I should revisit my old Plasma widgets article and explore some fresh applets out there, to see what else you can do here. Indeed, there are lots of hidden goodies lurking beneath the surface, and if you’re curious, you will discover fresh tools and features that can make the Plasma desktop experience even more enjoyable.

      • GNOME Desktop/GTK
        • Patent Attacks Against Open Source Intensify!

          We previously reported on how popular open source has been under attack from patent assertion entities. The attacks continue. The GNOME Foundation recently acknowledged that it was sued for patent infringement by Rothschild Patent Imaging LLC. The allegedly infringing product is Shotwell, a free and open source personal photo manager. Neil McGovern, Executive Director for the GNOME Foundation says “We have retained legal counsel and intend to vigorously defend against this baseless suit.” The suit alleges infringement of a single patent 9,936,086 titled “Wireless Image Distribution System and Method.”

          This suit is noteworthy in that it is not targeted at users of the open source product, but rather the entity that oversees the development. In the prior lawsuits we reported, the targets were typically companies using the open source.

          One of the potentially interesting issues that could be addressed if the case goes the distance is the request for injunctive relief. Rothschild seeks as part of its relief: “an Order Enjoining Defendant, its agents, officers, servants, employees, attorneys, and all persons in active concert or participation with Defendant who receive notice of the order from further infringement of United States Patent No. 9,936,086.” Shotwell is licensed under GNU Lesser General Public License version 2.1 (LPGL). This license permits licensees to copy and redistribute Shotwell to others. If somehow Rothschild obtains an injunction, will it apply just to the GNOME Foundation or downstream users as well? One of the novel underlying legal questions that would need to be addressed is whether licensees who redistribute an open source program are “in active concert or participation with Defendant.”

    • Distributions
      • Reviews
        • Manjaro | Review from an openSUSE User

          There are many flavors of Linux, we call them distributions but in a way, I think “flavor” is a good word for it as some some are a sweet and delightful experience while with others a lingering, foul taste remains. Manjaro has not left a foul taste in any way. In full disclosure, I am not a fan of Arch based Linux distributions. I appreciate the idea of this one-step-removed Gentoo and for those that really like to get into the nitty-gritty bits Arch is good for that. My problem with Arch is the lack of quality assurance. The official repository on Arch Wiki describes the process of how core packages need to be signed off by developers before they are allowed to move from staging into the official repositories. With the rate at which packages come in, it is almost an impossibility that through manual testing software will continue to work well with other software as some dependencies may change. Admittedly, I don’t use it daily, outside of VMs for testing nor do I have a lot of software installed so this is not going to be a problem I am likely to experience.

          Manjaro, from my less than professional opinion, is a slightly slower rolling Arch that seems to do more testing and the process, from what I understand, is similar. Developers have to approve the packages before they are moved into the official repositories. I also understand that there isn’t any automated QA to perform any testing so this is all reliant on user or community testing, which, seemingly, Manjaro is doing a good job of it.

          My dance with Manjaro is as part of a BigDaddyLinuxLive Community challenge, to give it a fair shake and share your experience.

          This is my review of Manjaro with the Plasma Desktop. Bottom Line Up Front, this is quite possibly the safest and most stable route if you like the Arch model. In the time I ran it, I didn’t have any issues with it. The default Plasma Desktop is quite nice, and the default themes are also top notch. The graphical package manager works fantastically well and you do have Snap support right out of the gate. It’s truly a great experience. Was it good enough to push me from my precious openSUSE? No, but it has made for a contender and something about which to think.

      • SUSE/OpenSUSE
        • openSUSE to have Summit in Dublin

          The openSUSE Community is going to Ireland March 27 and 28, 2020, for openSUSE Summit Dublin.

          Registration for the summit has begun and the Call for Papers is open until Feb. 14.

          The summit will begin at the end of SUSE’s premier annual global technical conference SUSECON.

          Partners of openSUSE, open-source community projects and community members are encouraged to register for the summit and submit a talk.

          The schedule for the openSUSE Summit Dublin will be posted on Feb. 17.

      • Arch Family
        • Required update to recent libarchive

          The compression algorithm zstd brings faster compression and decompression, while maintaining a compression ratio comparable with xz. This will speed up package installation with pacman, without further drawbacks.

          The imminent release of pacman 5.2 brings build tools with support for compressing packages with zstd. To install these packages you need libarchive with support for zstd, which entered the repositories in September 2018. In order for zstd compressed packages to be distributed, we require all users to have updated to at least libarchive 3.3.3-1. You have had a year, so we expect you already did update. Hurry up if you have not.

      • Fedora Family
        • Contribute to Fedora Magazine

          Do you love Linux and open source? Do you have ideas to share, enjoy writing, or want to help run a blog with over 60k visits every week? Then you’re at the right place! Fedora Magazine is looking for contributors. This article walks you through various options of contributing and guides you through the process of becoming a contributor.

        • Fabiano Fidêncio: Libosinfo (Part I)

          Libosinfo is the operating system information database. As a project, it consists of three different parts, with the goal to provide a single place containing all the required information about an operating system in order to provision and manage it in a virtualized environment.

        • Τι κάνεις FOSSCOMM 2019

          When the students visited our Fedora booth, they were excited to take some Fedora gifts, especially the tattoo sticker. I was asking how many of them used Fedora, and most of them were using Ubuntu, Linux Mint, Kali Linux and Elementary OS. It was an opportunity to share the Fedora 30 edition and give the beginner’s guide that the Fedora community wrote in a little book. Most of them enjoyed taking photos with the Linux frame I did in Edinburgh…

          [...]

          I was planning to teach the use of the GTK library with C, Python, and Vala. However, because of the time and the preference of the attendees, we only worked with C. The workshop was supported by Alex Angelo who also traduced some of my expressions in Greek. I was flexible in using different Operating Systems such as Linux Mint, Ubuntu, Kubuntu among other distros. There were only two users that used Fedora. Almost half of the audience did not bring a laptop, and then I grouped in groups to work together. I enjoyed to see young students eager to learn, they took their own notes, and asked questions. You might see the video of the workshop that was recorded by the organizers.

        • Extending the Minimization objective

          Earlier this summer, the Fedora Council approved the first phase of the Minimization objective. Minimization looks at package dependencies and tries to minimize the footprint for a variety of use cases. The first phase resulted in the development of a feedback pipeline, a better understanding of the problem space, and some initial ideas for policy improvements.

        • Fedora at 15: Why Matthew Miller sees a bright future for the Linux distribution

          Fedora—as a Linux distribution—will celebrate the 15th anniversary of its first release in November, though its technical lineage is much older, as Fedora Core 1 was created following the discontinuation of Red Hat Linux 9 in favor of Red Hat Enterprise Linux (RHEL).

          That was a turbulent time in Red Hat history, and Fedora has had its own share of turbulence as well. Since becoming project leader in June 2014, Matthew Miller had led the Fedora.next initiative, intended to guide the second decade of the Fedora project. That initiative resulted in the creation of separate Fedora Workstation, Server, and Cloud editions—the latter of which has since been replaced with CoreOS—as well as the addition of an Internet of Things (IoT) edition.

      • Debian Family
        • Canonical/Ubuntu Family
          • Ubuntu 19.10 overview | Fast, secure and simple.

            In this video, I am going to show an overview of Ubuntu 19.10 and some of the applications pre-installed.

          • Ubuntu 19.10: Complete Screenshot Tour

            Wondering what the Ubuntu 19.10 release will look like? I’ve put together a screenshot tour to illustrate the changes and new features it brings.

            Part spoiler, part pre-install prep; if sampling the Eoan Ermine through the medium of compressed .jpeg sounds like your thing, you’ve landed in the right place!

            Remember: you can upgrade to Ubuntu 19.10 from 19.04 directly, but not if you’re on 18.04 LTS. If you’re on the LTS you’ll need to wait and upgrade to Ubuntu 20.04 LTS in April of next year.

          • There’s an Ubuntu 19.10 Release Party in London, Tomorrow

            Ubuntu 19.10 is released tomorrow and to mark the occasion some folks at Canonical have found a small London pub in which they plan to congregate and celebrate the Eoan Ermine’s emergence into the world at large, with the Ubuntu community at large!

            Yes, that includes you; whatever your interest in Ubuntu, if you fancy supping over-priced beverages with like-minded folk then this is the event for you.

            And, just to sweeten the deal, the first couple of lucky bucks to join the event will snag themselves an party bag full* of Ubuntu swag (expect pens and sticker, not an Orange Box though).

          • Ubuntu 19.10 Release Date, Major Updates Revealed

            Ubuntu 19.10 development is almost complete. One of the biggest changes in Ubuntu 19.10 is the decision to include NVIDIA drivers on the ISO install image. So, this is going to make things easier for Ubuntu users who have NVIDIA hardware to install the proprietary drives for their graphics card alongside the system.

            The other big change in the release is support for installing Ubuntu using the ZFS file system. The film system is considered to be experimental. Ubuntu is the first desktop Linux distro to offer native support for ZFS out of the box.

            Ubuntu developers have worked really hard to make sure that the distro has a working 32-but userspace for legacy apps and software, including Steam and WINE. It also contains the best GNOME 3.34 features. Now, it is possible to drag and drop applications in the Application Overview in order to create app folders. There is also a refreshed set of the main apps that include Document Scanner, Todo, and Files.

          • Freespire 5.0 Linux OS Is Out with Linux Kernel 5.0, Based on Ubuntu 18.04.3 LTS

            Based on the latest Ubuntu 18.04.3 LTS operating system, Freespire 5.0 is here to respond to users’ accusations of a bloated system. Freespire doesn’t aim to become a bloatware, so Freespire 5.0 only ships with the best-of-breed apps and packages and nothing else.

            Among these, we can mention the KDE Plasma 5.12.9 LTS desktop environment, Chromium 77 web browser, Calligra office suite, Amarok music player, DragonPlayer video player, KolourPaint paint software, Kpatience and DreamChess games, Ice 6.0.4 browser installer, as well as Synaptic Package Manager, Boot Repair, and Kamerka.

          • Ansible vs Terraform vs Juju: Fight or cooperation?

            Ansible vs Terraform vs Juju vs Chef vs SaltStack vs Puppet vs CloudFormation – there are so many tools available out there. What are these tools? Do I need all of them? Are they fighting with each other or cooperating?

            The answer is not really straightforward. It usually depends on your needs and the particular use case. While some of these tools (Ansible, Chef, StaltStack, Puppet) are pure configuration management solutions, the others (Juju, Terraform, CloudFormation) focus more on services orchestration. For the purpose of this blog, we’re going to focus on Ansible vs Terraform vs Juju comparison – the three major players which have dominated the market.

            [...]

            Contrary to both Ansible and Terraform, Juju is an application modelling tool, developed and maintained by Canonical. You can use it to model and automate deployments of even very complex environments consisting of various interconnected applications. Examples of such environments include OpenStack, Kubernetes or Ceph clusters. Apart from the initial deployment, you can also use Juju to orchestrate deployed services too. Thanks to Juju you can backup, upgrade or scale-out your applications as easily as executing a single command.

            Like Terraform, Juju uses a declarative approach, but it brings it beyond the providers up to the applications layer. You can not only declare a number of machines to be deployed or number of application units, but also configuration options for deployed applications, relations between them, etc. Juju takes care of the rest of the job. This allows you to focus on shaping your application instead of struggling with the exact routines and recipes for deploying them. Forget the “How?” and focus on the “What?”.

      • Devices/Embedded
    • Free, Libre, and Open Source Software
      • Open source interior design with Sweet Home 3D

        Historically, I practiced the little-known fourth principle: don’t have furniture. However, since I became a remote worker, I’ve found that a home office needs conveniences like a desk and a chair, a bookshelf for reference books and tech manuals, and so on. Therefore, I have been formulating a plan to populate my living and working space with actual furniture, made of actual wood rather than milk crates (or glue and sawdust, for that matter), with an emphasis on plan. The last thing I want is to bring home a great find from a garage sale to discover that it doesn’t fit through the door or that it’s oversized compared to another item of furniture.

      • Web Browsers
        • Chromium
          • The top 5 alternatives to Google Chrome

            Google Chrome is the most popular web browser on the market. It provides a user-friendly, easy-to-use interface, with a simple appearance featuring a combined address and search bar with a small space for extensions.

            Chrome also offers excellent interconnectivity on different devices and easy syncing that means that once a user installs the browser on different devices, all their settings, bookmarks and search history come along with it. Virtually all a user does on Google chrome is backed up to Google Cloud.

            Chrome also offers easy connectivity to other Google products, such as Docs, Drive, and YouTube via an “Apps” menu on the bookmarks bar, located just below the address/search bar. Google Translate, one of the best translation applications currently available on the internet, is also included.

      • Linux Foundation
        • Databricks brings its Delta Lake project to the Linux Foundation

          Databricks, the big data analytics service founded by the original developers of Apache Spark, today announced that it is bringing its Delta Lake open-source project for building data lakes to the Linux Foundation and under an open governance model. The company announced the launch of Delta Lake earlier this year and even though it’s still a relatively new project, it has already been adopted by many organizations and has found backing from companies like Intel, Alibaba and Booz Allen Hamilton.

          “In 2013, we had a small project where we added SQL to Spark at Databricks […] and donated it to the Apache Foundation,” Databricks CEO and co-founder Ali Ghodsi told me. “Over the years, slowly people have changed how they actually leverage Spark and only in the last year or so it really started to dawn upon us that there’s a new pattern that’s emerging and Spark is being used in a completely different way than maybe we had planned initially.”

          This pattern, he said, is that companies are taking all of their data and putting it into data lakes and then do a couple of things with this data, machine learning and data science being the obvious ones. But they are also doing things that are more traditionally associated with data warehouses, like business intelligence and reporting. The term Ghodsi uses for this kind of usage is ‘Lake House.’ More and more, Databricks is seeing that Spark is being used for this purpose and not just to replace Hadoop and doing ETL (extract, transform, load). “This kind of Lake House patterns we’ve seen emerge more and more and we wanted to double down on it.”

        • The Delta Lake Project Turns to Linux Foundation to Become the Open Standard for Data Lakes

          Amsterdam and San Francisco, October 16, 2019 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced that it will host Delta Lake, a project focusing on improving the reliability, quality and performance of data lakes. Delta Lake, announced by Databricks earlier this year, has been adopted by thousands of organizations and has a thriving ecosystem of supporters, including Intel, Alibaba and Booz Allen Hamilton. To further drive adoption and contributions, Delta Lake will become a Linux Foundation project and use an open governance model.

          Every organization aspires to get more value from data through data science, machine learning and analytics, but they are massively hindered by the lack of data reliability within data lakes. Delta Lake addresses data reliability challenges by making transactions ACID compliant enabling concurrent reads and writes. Its schema enforcement capability helps to ensure that the data lake is free of corrupt and not-conformant data. Since its launch in October 2017, Delta Lake has been adopted by over 4,000 organizations and processes over two exabytes of data each month.

      • SaaS/Back End/Databases
        • syslog-ng in two words at One Identity UNITE: reduce and simplify

          UNITE is the partner and user conference of One Identity, the company behind syslog-ng. This time the conference took place in Phoenix, Arizona where I talked to a number of American business customers and partners about syslog-ng. They were really enthusiastic about syslog-ng and emphasized two major reasons why they use syslog-ng or plan to introduce it to their infrastructure: syslog-ng allows them to reduce the log data volume and greatly simplify their infrastructure by introducing a separate log management layer.

          [...]

          When you collect log messages to a central location using syslog-ng, you can archive all of the messages there. If you add a new log analysis application to your infrastructure, you can just point syslog-ng at it and forward the necessary subset of log data there.

          Life at both security and operations in your environment becomes easier, as there is only a single software to check for security problems and distribute on your systems instead of many.

      • CMS
        • Drupal shows leadership on diversity and inclusion

          Drupal is far from alone among open source communities with a diversity gap, and I think it deserves a lot of credit for tackling these issues head-on. Diversity and inclusion is a much broader topic than most of us realize. Before I read DDI’s August newsletter, the history of indigenous people in my community was something that I hadn’t really thought about before. Thanks to DDI’s project, I’m not only aware of the people who lived in Maryland long before me, but I’ve come to appreciate and respect what they brought to this land.

          I encourage you to learn about the native people in your homeland and record their history in DDI’s Land Acknowledgements blog. If you’re a member of another open source project, consider replicating this project there. The more we know about people who differ from us, the more we respect and appreciate our collective roles as members of the human race.

      • Pseudo-Open Source (Openwashing)
        • Google unplugs AMP, hooks it into OpenJS Foundation after critics turn up the volume [Ed: Microsoft Tim on Google passing a bunch of EEE to a foundation headed by a Microsoft ‘mole’, ‘open’JS ]

          AMP – which originally stood for Accelerated Mobile Pages though not any more – was launched in 2015, ostensibly to speed up page loading on smartphones. The technology includes AMP HTML, which is a set of performance-optimized web components, and the AMP Cache, which serves validated AMP pages. Most AMP pages are served by Google’s AMP Cache.

      • Openness/Sharing/Collaboration
        • Open Hardware/Modding
          • i2c clock : DS3231

            Like any clock, the DS3231 must be set at the 1st start. The registers listed in Figure 4 are accessible for reading and writing. This allows us to program the exact time and date at the time of initialization. Then the DS3231 operates autonomously, with leap years up to 2100 To compensate for the power failure, a CR1220 battery can be added to the back of the Adafruit ADA3013.

          • CHIPS Alliance Growth Continues With New Members and Design Workshop this November
          • CHIPS Alliance growth continues with new members and design workshop this November

            CHIPS Alliance, the leading consortium advancing common, open hardware for interfaces, processors and systems, today announced Codasip GmbH and Munich University of Applied Science have joined the CHIPS Alliance. In addition, on November 14–15, CHIPS Alliance will be joining the university for a workshop on open source design verification.

            CHIPS Alliance is a project hosted by the Linux Foundation to foster a collaborative environment to accelerate the creation and deployment of open SoCs, peripherals and software tools for use in mobile, computing, consumer electronics, and Internet of Things (IoT) applications. The CHIPS Alliance project develops high-quality open source Register Transfer Level (RTL) code relevant to the design of open source CPUs, RISC-V-based SoCs, and complex peripherals for Field Programmable Gate Arrays (FPGAs) and custom silicon.

            Codasip is a leading supplier of configurable RISC-V® embedded processor IP. Codasip provides a portfolio of various RISC-V implementations along with a suite of processor developers tools to allow for rapid core customization, and will contribute to working groups on verification platforms and open cores.

            “Codasip has years of processor development experience and has shown its dedication to open platforms by its contributions to open source compiler and compliance projects. We welcome their participation in the CHIPS Alliance to facilitate the adoption of open architectures,” said Zvonimir Bandić, senior director of next-generation platforms architecture at Western Digital and Chairman, CHIPS Alliance.

      • Programming/Development
        • Test and Code: 91: Python 3.8 – what’s new

          Python 3.8.0 final is live and ready to download.

          On todays episode, we’re going to run through what’s new, picking out the bits that I think are the most interesting and affect the most people, including

          new language features
          standard library changes
          optimizations in 3.8
          porting to 3.8

        • Fedora 30 : News about python 3.8.0 and install on Linux.
        • Python 3.8 is now available with walrus operator, positional-only parameters support for Vectorcall, and more

          Python 3.8 has a new walrus operator := that assigns values to variables as part of a larger expression. It is useful when matching regular expressions where match objects are needed twice. It can also be used with while-loops that compute a value to test loop termination and then need that same value again in the body of the loop. It can also be used in list comprehensions where a value computed in a filtering condition is also needed in the expression body.

          The walrus operator was proposed in PEP 572 (Assignment Expressions) by Chris Angelico, Tim Peters, and Guido van Rossum last year. Since then it has been heavily discussed in the Python community with many questioning whether it is a needed improvement. Others are excited as the operator does make the code more readable.

          One user commented on HN, “The “walrus operator” will occasionally be useful, but I doubt I will find many effective uses for it. Same with the forced positional/keyword arguments and the “self-documenting” f-string expressions. Even when they have a use, it’s usually just to save one line of code or a few extra characters.”

        • Chemists bitten by Python scripts: How different OSes produced different results during test number-crunching

          Chemistry boffins at the University of Hawaii have found, rather disturbingly, that different computer operating systems running a particular set of Python scripts used for their research can produce different results when running the same code.

          In a research paper published last week in the academic journal Organic Letters, chemists Jayanti Bhandari Neupane, Ram Neupane, Yuheng Luo, Wesley Yoshida, Rui Sun, and Philip Williams describe their efforts to verify an experiment involving cyanobacteria, better known as blue-green algae.

          Williams, associate chair and professor in the department of chemistry at the University of Hawaii at Manoa, said in a phone interview with The Register on Monday this week that his group was looking at secondary metabolites, like penicillin, that can be used to treat cancer or Alzheimer’s.

        • Chemists discover cross-platform Python scripts not so cross-platform

          In a paper published October 8, researchers at the University of Hawaii found that a programming error in a set of Python scripts commonly used for computational analysis of chemistry data returned varying results based on which operating system they were run on—throwing doubt on the results of more than 150 published chemistry studies. While trying to analyze results from an experiment involving cyanobacteria, the researchers—Jayanti Bhandari Neupane, Ram Neupane, Yuheng Luo, Wesley Yoshida, Rui Sun, and Philip Williams—discovered significant variations in results run against the same nuclear magnetic resonance spectroscopy (NMR) data.

          The scripts, called the “Willoughby-Hoye” scripts after their authors—Patrick Willoughby and Thomas Hoye of the University of Minnesota—were found to return correct results on macOS Mavericks and Windows 10. But on macOS Mojave and Ubuntu, the results were off by nearly a full percent.

        • Sending Emails in Python — Tutorial with Code Examples

          What do you need to send an email with Python? Some basic programming and web knowledge along with the elementary Python skills. I assume you’ve already had a web app built with this language and now you need to extend its functionality with notifications or other emails sending.

          [...]

          Sending multiple emails to different recipients and making them personal is the special thing about emails in Python.

          To add several more recipients, you can just type their addresses in separated by a comma, add Cc and Bcc. But if you work with a bulk email sending, Python will save you with loops.

          One of the options is to create a database in a CSV format (we assume it is saved to the same folder as your Python script).

          We often see our names in transactional or even promotional examples. Here is how we can make it with Python.

        • Binning Data with Pandas qcut and cut

          When dealing with continuous numeric data, it is often helpful to bin the data into multiple buckets for further analysis. There are several different terms for binning including bucketing, discrete binning, discretization or quantization. Pandas supports these approaches using the cut and qcut functions. This article will briefly describe why you may want to bin your data and how to use the pandas functions to convert continuous data to a set of discrete buckets. Like many pandas functions, cut and qcut may seem simple but there is a lot of capability packed into those functions. Even for more experience users, I think you will learn a couple of tricks that will be useful for your own analysis.

          [...]

          The concept of breaking continuous values into discrete bins is relatively straightforward to understand and is a useful concept in real world analysis. Fortunately, pandas provides the cut and qcut functions to make this as simple or complex as you need it to be. I hope this article proves useful in understanding these pandas functions. Please feel free to comment below if you have any questions.

        • Analysing music habits with Spotify API and Python

          I’m using Spotify since 2013 as the main source of music, and back at that time the app automatically created a playlist for songs that I liked from artists’ radios. By innertion I’m still using the playlist to save songs that I like. As the playlist became a bit big and a bit old (6 years, huh), I’ve decided to try to analyze it.

        • Python IDEs and Code Editors

          A code editor is a tool that is used to write and edit code. They are usually lightweight and can be great for learning. However, once your program gets larger, you need to test and debug your code, that’s where IDEs come in.

          An IDE (Integrated Development Environment) understand your code much better than a text editor. It usually provides features such as build automation, code linting, testing and debugging. This can significantly speed up your work. The downside is that IDEs can be complicated to use.

        • Announcing Anaconda Distribution 2019.10

          As there were some significant changes in the previous Anaconda Distribution 2019.07 installers, this release focuses on polishing up rough edges in that release and bringing all the packages up to date with the latest available in repo.anaconda.com. This means many key packages are updated including Numpy, Scipy, Scikit-Learn, Matplotlib, Pandas, Jupyter Notebook, and many more. As many of the package updates have addressed Common Vulnerabilities and Exposures (CVEs), it is important to update to the latest.

          Another key change since the last release is that Apple released macOS version 10.15 – Catalina. Unfortunately, this was a breaking release for previous versions of Anaconda that used the pkg installer. The Anaconda Distribution 2019.10 installers address the issues and should install without trouble on macOS Catalina. If you would rather repair your current Anaconda installation, please check out this blog post for tips.

        • Apple’s Numbers and the All-in-One CSV export

          The hierarchical form requires a number of generator functions for Sheet-from-CSV, Table-from-CSV, and Row-from-CSV. Each of these works with a single underlying iterator over the source file and a fairly complex hand-off of state. If we only use the sheet iterator, the tables and rows are skipped. If we use the table within a sheet, the first table name comes from the header that started a sheet; the table names come from distinct headers until the sheet name changes.

          The table-within-sheet iteration is very tricky. The first table is a simple yield of information gathered by the sheet iterator. Any subsequent tables, however, may be based one one of two conditions: either no rows have been consumed, in which case the table iterator consumes (and ignores) rows; or, all the rows of the table have been consumed and the current row is another “sheet: table” header.

        • Formatting NFL data for doing data science with Python

          No matter what medium of content you consume these days (podcasts, articles, tweets, etc.), you’ll probably come across some reference to data. Whether it’s to back up a talking point or put a meta-view on how data is everywhere, data and its analysis are in high demand.

          As a programmer, I’ve found data science to be more comparable to wizardry than an exact science. I’ve coveted the ability to get ahold of raw data and glean something useful and concrete from it. What a useful talent!

        • Sony Pushes More AMD Jaguar Optimizations To Upstream LLVM 10 Compiler

          Sony engineers working on the PlayStation compiler toolchain continue upstreaming various improvements to the LLVM source tree for helping the AMD APUs powering their latest game console.

          Several times now we’ve pointed out Sony engineers contributing AMD “btver2″ improvements to upstream LLVM with the company using LLVM/Clang as their default code compiler and the PlayStation 4 relying on a Jaguar APU.

        • [llvm-dev] GitHub Migration Schedule and Plans Hi, We're less than 2 weeks away from the developer meeting, so I wanted to give an update on the GitHub migration and what's (hopefully) going to happen during the developer meeting. Everyone who has added their information to the github-usernames.txt file in SVN before today should have received an invite to become a collaborator on the llvm-project repository. If you did not receive an invite and think you should have, please contact me off-list. I will continue to monitor the file for new updates and periodically send out new batches of invites. There is still some ongoing work to get the buildbots ready and the mailing lists ready, but we are optimistic that the work will be done in time. The team at GitHub has finished implementing the "Require Linear History" branch protection that we requested. The feature is in beta and currently enabled in the llvm-project repository. This means that we will have the option to commit directly via git, in addition to using the git-llvm script. A patch that updates git-llvm to push to git instead of svn can be found here: https://reviews.llvm.org/D67772. You should be able to test it out on your own fork of the llvm-project repository. The current plan is to begin the final migration steps on the evening (PDT) of October 21. Here is what will happen: 1. Make SVN read-only. 2. Turn-off the SVN->git update process. 3. Commit the new git-llvm script directly to github. 4. Grant all contributors write access to the repository. 5. Email lists announcing that the migration is complete. Once the migration is complete, if you run into any issues, please file a bug, and mark it as a blocker for the github metabug PR39393. If you have any questions or think I am missing something, please let me know. Thanks, Tom
        • LLVM Plans To Switch From Its SVN To Git Workflow Next Week

          On 21 October they plan to make LLVM’s SVN repository read-only and finish their git-llvm script to bring all the changes into Git, and then allow developers to begin contributing to the LLVM GitHub project as the new official source repository.

        • Excellent Free Books to Learn Erlang

          Erlang is a general-purpose, concurrent, declarative, functional programming language and runtime environment developed by Ericsson, a Swedish multinational provider of communications technology and services. Erlang is dynamically typed and has a pattern matching syntax. The language solves difficult problems inherent in parallel, concurrent environments. It uses sets of parallel supervised processes, not a single sequential process as found in most programming languages.

          Erlang was created in 1986 at the Ellemtel Telecommunication Systems Laboratories for telecommunication systems. The objective was to build a simple and efficient programming language resilient large-scale concurrent industrial applications.

          Besides telecommunication systems and applications and other large industrial real-time systems, Erlang is particularly suitable for servers for internet applications, e-commerce, and networked database applications. The versatility of the language is, in part, due to its extensive collection of libraries.

        • Predicting NFL play outcomes with Python and data science

          If you made through part 1, congrats! You have the patience it takes to format data. In that article, I cleaned up my National Football League data set using a few Python libraries and some basic football knowledge. Picking up where I left off, it’s time to take a closer look at my data set.

  • Leftovers
    • Health/Nutrition
      • US: Rolling Back Coal Ash Rules Threatens Health

        The United States Environmental Protection Agency’s proposal to significantly weaken rules governing coal ash, a toxic byproduct of burning coal, poses a serious threat to public health and will make air and water pollution worse, Human Rights Watch said today in a submission opposing the proposed changes.

    • Security (Confidentiality/Integrity/Availabilitiy)
      • Google USB-C Titan Security Keys Begin Shipping Tomorrow

        Google announced their new USB-C Titan Security Key will begin shipping tomorrow for offering two-factor authentication support with not only Android devices but all the major operating systems as well.

        The USB-C Titan Security Key is being manufactured by well known 2FA key provider Yubico. This new security key is using the same chip and firmware currently used by Google’s existing USB-A/NFC and Bluetooth/NFC/USB Titan Security Key models.

      • One of Linux’s most important commands had a glaring security flaw
      • Security Flaw in Sudo allows Users to Run Commands on Linux Systems

        Security researchers discovered a security bypass vulnerability in one of the most widely used Linux commands, the Sudo.

        According to researcher Joe Vennix, who discovered the vulnerability, the Sudo security bypass flaw can allow a malicious user to run random commands as root on a targeted Linux system. The researcher stated the vulnerability, named as CVE-2019-14287, works even when the Sudoers configuration forbids root access.

        Sudo, which stands for Superuser Do, is one of the most important and commonly used utilities that comes as a core command, installed on almost every UNIX and Linux-based operating system.

      • Sudo Vulnerability

        ‘sudo’ is one of the most useful Linux/UNIX commands that allows users without root privileges to manage administrative tasks. However, a new vulnerability was discovered in sudo package that gives users root privileges.

        “When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295,” according to the sudo advisory.

      • Big security flaw in Linux sudo command

        Apple security researcher Joe Vennix has found a security bug in the important sudo command in Linux.

        The sudo command, which is short for “super user do”, is widely used in various Linux distributions to separate administrator-level permissions from ordinary system users.

        When installing programs, for instance, you would typically use the sudo command. Using sudo in front of any command or program causes it to be run as the administrator, or “root” user.

      • Linux/Unix exploit allows some restricted commands to be run as root without clearance

        The ‘sudo’ keyword in Unix and Linux allows users to execute certain commands with special-access privileges that cannot otherwise run on a given machine by a user with a lower level of clearance. Unsurprisingly, it is one of the most important commands in the entire Linux/Unix ecosystem, one that can substantially compromise the device’s security if it is exploited.

        One such exploit/bug was discovered by Joe Vennix from Apple Information Security. The vulnerability has been titled CVE-2019-14287 in the Common Vulnerabilities and Exposure database. As stated before, ‘sudo’ lets you run commands that cannot otherwise be run by normal users on the machine. With CVE-2019-14287, you could circumvent this by simply changing the user ID to -1 or 4294967295 with the ‘sudo’ command. That means that by spoofing their identity, any user could execute restricted commands on the machine.

      • Security updates for Wednesday

        Security updates have been issued by Debian (apache2 and unbound), Fedora (opendmarc, runc, and sudo), openSUSE (epiphany, GraphicsMagick, and libopenmpt), Oracle (kernel and sudo), Red Hat (java-1.8.0-openjdk, jss, kernel, kernel-rt, and kpatch-patch), SUSE (crowbar-core, crowbar-openstack, grafana, novnc, openstack-keystone, openstack-neutron, openstack-neutron-lbaas, openstack-nova, openstack-tempest, python-pysaml2, python-urllib3, rubygem-chef, rubygem-easy_diff, sleshammer, libpcap, sudo, and tcpdump), and Ubuntu (aspell and libsdl1.2).

      • Cybersecurity Awareness Month: Increasing our self-awareness so we can improve security

        October has been National Cybersecurity Awareness Month since 2004. According to staysafeonline.org, this initiative was started by the National Cybersecurity Alliance and the US Department of Homeland Security to help all Americans stay safe and secure when online. This month is usually marked with a significant uptick in cybersecurity outreach and training. It’s also the one month of the year when you can get a significant amount of cybersecurity swag such as webcam covers, mugs, and pens. This event has an outward focus to raise awareness of security globally,

        Many other events have come into existence along with this. For example, there are numerous electronics recycling events that now occur in October where people can securely dispose of their old computers. Some municipalities have extended this to include safe disposal of old prescription medications, paints, and other hazardous materials.

        Recent events in the greater technology community, specifically the resignation of Richard Stallman from both MIT and the Free Software Foundation, have become character foils that show us that while we have come a long way, we still have a long way ahead of us to improve.

      • Michael Tremer/IPFire: On quadrupling throughput of our Quality of Service

        There have been improvements to our Quality of Service (or QoS) which have made me very excited.

        Our QoS sometimes was a bottleneck. Enabling it could cut your bandwidth in half if you were unlucky. That normally was not a problem for larger users of IPFire, because if you are running a 1 Gigabit/s connection, you would not need any QoS in the first place, or your hardware was fast enough to handle the extra load.

        For the smaller users this was, however, becoming more and more of a problem. Smaller systems like the IPFire Mini Appliance are designed to be small (the clue is in the name) and to be very energy-efficient. And they are. They are popular with users with a standard DSL connection of up to 100 Megabit/s which is very common in Germany. You have nothing to worry about here. But if you are lucky to have a faster Internet connection, then this hardware and others that we have sold before might be running out of steam. There is only so much you can get out of them.

      • The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up [Ed: Windows]

        The City of Baltimore was hit with a ransomware attack in May of this year. Criminals using remodeled and rebranded NSA exploits (EternalBlue) knocked out a “majority” of the city’s servers and crippled many of its applications. More details didn’t surface until September when the city’s government began reshuffling the budget to cover the expenses of recovering from the attack.

    • Defence/Aggression
      • Trump and Erdogan ‘Just Got Played’ by Putin Says Terrorism Expert, As Kurds in Syria Strike Deal With Russia and Bashar al-Assad

        In response to a tweet that suggested America was played as well, Smith said: “America did not get played. Trump did.”

        [...]

        “This is a game of optics and what Putin has done is made Erdogan and Trump look like clowns.”

      • Turks rally around Erdogan’s war against Syria’s Kurds

        Aside from Turkey’s biggest Kurdish party, known as the HDP, few people have opposed the offensive or expressed any sympathy with its victims. Those who do so risk ending up behind bars. In the past week at least 121 people have been detained on terrorist charges for social-media posts critical of the invasion. “People who classify this as a war”, as opposed to a counter-terrorism operation, Turkey’s interior minister, Suleyman Soylu, has said, “are committing treason.” Three opposition MPs have been placed under investigation. The HDP’s former leaders, including a former presidential contender, Selahattin Demirtas, have been in prison since 2016.

      • Erdogan says Turkey will never declare ceasefire in northern Syria

        Syrian army deployments into Kurdish-held territory mark a victory for Assad and Russia, giving them a foothold in the biggest remaining swathe of Syria that had been beyond their grasp through much of its eight-year-old war.

      • For many US military vets, the offensive against the Kurds is personal

        Kurdish fighters have served alongside US military personnel for decades. The withdrawal of US troops from northern Syria is bringing back memories for American military veterans.

    • Transparency/Investigative Reporting
    • Environment
      • 5th person in Michigan dies of EEE mosquito virus. Risk still high despite frost advisory

        This has been a record-breaking year for the EEE virus in Michigan and around the country. In an average year, there are seven cases of the virus nationally, according to the U.S. Centers for Disease Control and Prevention. This year, there have been at least 35.

        In addition to the 10 human cases in Michigan, the CDC is reporting 12 human cases in Massachusetts; three in Rhode Island; four in Connecticut; three in New Jersey; and one case each in Tennessee and North Carolina.

      • Melting Permafrost Imperils Arctic Residents

        When Holmén first arrived here some 30 years ago, the ground thawed to a maximum depth of 1 meter in the summer. Now the measurements show thaws of up to 1.7 meters. Similar things are happening in other parts of the Arctic as well.

        Holmén has studied polar climates his entire life — in Siberia, in Greenland and in far-off Antarctica and is well-versed in the problem presented by the thaw. Twenty-four percent of the land mass in the northern hemisphere has a more or less frozen soil, an area larger than all of Russia. That permafrost stores up to 1.6 billion tons of carbon in the form of dead trees, dead animals or withered grass — about twice as much carbon as is currently found in the atmosphere today.

      • US green economy has 10 times more jobs than the fossil fuel industry

        The fossil fuel sector, from coal mines to gas power plants, employed around 900,000 people in the US in 2015-16, government figures show. But Lucien Georgeson and Mark Maslin at University College London found that over the same period this was vastly outweighed by the green economy, which provided nearly 9.5 million jobs, or 4 per cent of the working age population. The pair defined the green economy broadly, covering everything from renewable energy to environmental consultancy.

        Their analysis showed the green economy is worth $1.3 trillion, or about 7 per cent of US GDP.

      • The William Perry Pendley Rehabilitation Tour
      • Vineyards battle to keep the Champagne cool

        As rising temperatures threaten the vines that produce Champagne, concerned growers are fighting to adapt to the very real threat of climate change.

      • Wildlife/Nature
        • Orangutans Can Play The Kazoo, And It’s Changing Our Knowledge of How Speech Evolved

          In our study, some of the orangutans activated the kazoo within minutes, producing sounds of varying pitches and durations in response to kazoo demonstrations by the human experimenters.

          The speed with which these orangutans changed the quality of their voices shows that they were producing the sounds at will, rather than through training – which, as any dog trainer will reassert, requires months of reflex building and conditioning.

          These findings show that orangutan voice control lags not far behind that of humans. They confirm that the vocal abilities of great apes have been largely underestimated.

    • Finance
      • Media Smears, Political Persecution Set the Stage for Austerity and the Backlash Against It in Ecuador
      • The Problem With Partnerships and Roundtables

        When the laws regulating forest practices, endangered species, clean air and water were put on the books, it was well before the 1990s when our society became enthralled with neoliberalism that elevated economic utility and job creation above all in matters of public policy. Public resource managers now face local political pressure to base every decision on its financial impact to the local economy. During the last 25 years, public land managers have developed a “creative” new approach to administering laws which give local communities a voice and even quasi-control over land-use decisions through an array of public-private partnerships, roundtables and stewardship agreements. In all these partnerships, agencies seek to find local environmental representatives to represent the public view in these processes.

      • UK: No-Deal Brexit Risks Hunger for Poorest

        If the United Kingdom leaves the European Union without a withdrawal agreement, it will seriously threaten people’s ability to access and receive adequate food, including families with children, Human Rights Watch said today. While intense negotiations between the UK and the rest of the EU are ongoing, if no agreement is reached or extension agreed upon by October 31, 2019, the UK will leave the EU without a deal.

    • AstroTurf/Lobbying/Politics
      • Why Bother Protesting When the President Doesn’t Care?

        In the age of Trump, protesters once again face a president who claims to be impervious to criticism and responsive only to his far-right base, though he may more accurately be characterized as thin-skinned and reactive. Attention to the conditions of his Republican predecessor’s undoing—and the role of public protest in forming those conditions—has therefore taken on new relevance.

      • Amazon Pledges $1 Million More in Heated Seattle Elections

        Amazon’s latest commitment makes the company the biggest spender so far this election cycle, according to CASE, topping the $855,000 spent by a group affiliated with the Service Employees International Union. mazon this year has also hosted and sponsored city council candidate forums, and contributed $400,000 to a campaign to defeat a ballot measure that would cut Washington state car-tab taxes at the expense of transportation projects.

      • Bad Faith Negotiation

        I seldom comment on Brexit, largely because I neither see leaving the EU as a panacea nor the EU itself as a Utopia, and am alienated by the over-extravagant passions and claims on both sides. In addition to that, the FCO is largely excluded from Brexit negotiations, being perceived by the Tories as a nest of remainers, so I seldom get any interesting information fed to me by ex-colleagues.

      • Listen to Conference-Goers at Trump Resort Chant for “War!”

        On Sunday, news broke that a video of a fake President Donald Trump massacring journalists and others had been shown during a conference at one of the president’s resorts last week.

        The video was swiftly condemned by the White House, the organizers of the pro-Trump conference, as well as Donald Trump Jr. and Sarah Huckabee Sanders, who both spoke at the event.

      • Update: We Found a “Staggering” 281 Lobbyists Who’ve Worked in the Trump Administration

        At the halfway mark of President Donald Trump’s first term, his administration has hired a lobbyist for every 14 political appointments made, welcoming a total of 281 lobbyists on board, a ProPublica and Columbia Journalism Investigations analysis shows.

        With a combination of weakened rules and loose enforcement easing the transition to government and back to K Street, Trump’s swamp is anything but drained. The number of lobbyists who have served in government jobs is four times more than the Obama administration had six years into office. And former lobbyists serving Trump are often involved in regulating the industries they worked for.

      • UN: Defeat Venezuela in Human Rights Council Election

        Several candidates vying for seats on the United Nations Human Rights Council have problematic rights records, and UN member states should not vote for Venezuela.

    • Censorship/Free Speech
      • Elizabeth Warren’s Feud With Facebook Over ‘False’ Ads Just Highlights The Impossibility Of Content Moderation At Scale

        You may have heard over the past few days about a bit of a feud between Presidential candidates — mainly Elizabeth Warren — and Facebook about how the company handles political ads with false information. It began a week or so ago when the Trump campaign started running a bunch of Facebook ads around impeachment, some of which were blatantly false, based on totally debunked claims. Facebook, however, just recently clarified its policy, noting that while it will block ads that its partner fact-checkers have determined to be untrue, that does not apply directly to political candidate ads themselves:

      • Blizzard’s Face Plant Creates Marketing Opportunity For Companies With A Spine

        Blizzard’s decision to pander to the Chinese government is a PR headache that simply isn’t going away. Last week, games giant Blizzard stepped in a minefield when it severely punished a Hearthstone player for supporting the protests in Hong Kong during a championship live stream. The reaction was swift, justified, and severe, with everyone from gamers to Blizzard employees accusing the company of prioritizing profits over principles.

      • Thanks Blizzard: Riot Games Forced To Let Everyone Know They’re Allowed To Use Hong Kong’s LoL Team’s Name

        The fallout from Blizzard’s heavy-handed move on a professional Hearthstone player for voicing support for the ongoing Hong Kong protests on a livestream, which included ripping away prize money and issuing a 1 year ban on competing, continues to blaze. But while most of the backlash has been directed solely at Blizzard, the company’s actions are having a ripple effect across the eSports landscape.

      • Tunisia: Prosecutions for Online Commentary

        (Tunis) – Tunisian authorities are using laws on criminal defamation, “spreading false information,” and “harming others via public telecommunications networks” to prosecute people for their online commentary, Human Rights Watch said today.    

    • Civil Rights/Policing
      • Ethiopia’s Abiy Ahmed Wins Nobel Peace Prize, But It Takes Two to Make Peace

        Ethiopian Prime Minister Abiy Ahmed has been awarded the 2019 Nobel Prize for Peace which begs the question, if it takes two sides to fight a war doesn’t it take two sides to make peace? Just as it takes two hands to clap it takes two to make peace and P.M. Abiy has taken pains to give credit where credit is due, that Eritrea President Issias Aferwerki, his partner in the peace process was the leader in this process. Abiy said it unequivocally on July 8, 2018 at the end of his speech welcoming Issias for the first time to Addis Ababa, stating that “Issias is leading us”.

      • Citizens Must Remove Trump From Office

        Familiarize yourself with the hashtag #OutNow, it is refusefacism.org’s message: “In the name of humanity we refuse to accept a fascist America!” Their goal is seeing the Trump/Pence regime gone—now. The protests in Los Angeles and New York to be held on October 19th will showcase this necessary cause—there is no higher form of patriotism than protest and dissent against politicians and policies that harm humans and our environment—and no cause more noble than the effort to save humanity from the most corrupt Whitehouse administration in history.

      • Cop Peforming A Welfare Check Kills Woman By Shooting Her Through Her Own Backyard Window

        I’m really not sure what to tell anyone at this point. None of this works.

      • Kenya: Film Festival Features Activists’ Struggles

        The seventh edition of the Human Rights Watch Nairobi Film Festival will showcase 5 films at various locations in the city between October 15 and 18, 2019. Each film will be followed by a panel discussion about human rights activism.

      • Uganda: Brutal Killing of Gay Activist

        Ugandan authorities should thoroughly investigate the fatal attack on October 4, 2019 on an activist for the rights of lesbian, gay, bisexual, and transgender (LGBT) people.

      • Mauritania: Take Key Steps for Women’s Rights

        Mauritania’s President Mohamed Ould Ghazouani should prioritize women’s rights during his administration, Human Rights Watch said today in a letter to the new president. In particular, he should take steps to reduce the high incidence of gender-based violence and ensure that victims have access to justice. 

      • Australia: Older People in Aged Care Drugged Up

        When older people are silenced by drugs rather than given person-centered support, it risks their health and insults their humanity. Older people with dementia need an understanding helping hand, not a pill.

      • West Africa’s #SexForGrades Scandal Epitomizes Global Plight

        A hard-hitting BBC television documentary, Sex for Grades, has uncovered rampant sexual abuse, harassment, and bullying of students at two prestigious universities in Nigeria and Ghana, and launched what will hopefully be a new movement.  

    • Internet Policy/Net Neutrality
      • Wireless Industry Is Trying To Hide Where 5G Is Actually Available

        Buried underneath the blistering hype surrounding fifth-generation (5G) wireless is a quiet but growing consensus: the technology is being over-hyped, and early incarnations were rushed to market in a way that prioritized marketing over substance. That’s not to say that 5G won’t be a good thing when it arrives at scale several years from now, but early offerings have been almost comical in their shortcomings. AT&T has repeatedly lied about 5G availability by pretending its 4G network is 5G. Verizon has repeatedly hyped early non-standard launches that, when reviewers actually got to take a look, were found to be barely available.

    • Monopolies
      • Patents and Software Patents
        • USITC investigates HTC smart devices

          The US International Trade Commission (USITC) has instituted an investigation into certain devices sold by HTC.

          In an announcement on Friday, October 11, the USITC said it had launched an investigation following a patent infringement complaint by non-practising entity Innovation Sciences.

          The complaint, filed in August, alleged that the importation and sale of certain wireless communication devices by HTC violate the country’s Tariff Act 1930.

          It claims that a number of HTC products, including smartphones, smart home devices and video cameras infringe two of its patents (US patent numbers 10,136,179 and 10,104,425).

          Both patents cover a “method and system for efficient communication”.

          Smart devices maker Resideo Technologies is also named as a defendant in the investigation.

          The USITC said it has not yet made any decision on the merits of the case, and that HTC and Resideo had 20 days to file a response to the investigation.

        • PTAB Says Privacy Management Patent Covers Abstract Idea

          Law360 (October 11, 2019, 7:17 PM EDT) — The Patent Trial and Appeal Board invalidated a OneTrust patent related to privacy management software on Thursday, finding it covered only an abstract idea.

          The board’s decision came in an America Invents Act post-grant review requested by AvePoint, a New Jersey software developer. The board found the patent was directed to a mental process — one of the categories of abstract ideas outlined in U.S. Patent and Trademark Office guidance.

      • Copyrights

No, Microsoft is Not an ‘Open Source Company’ But a Lying Company

21 hours 54 min ago

Even GitHub itself is proprietary software!

Summary: The world’s biggest proprietary software companies want to be seen as “open”; what else is new?

MICROSOFT IS A company full of lies. Lots and lots of lies. See this morning's article about Satya Nadella. “Microsoft through the years,” according to our associate, is this:

1970s programs
1980s systems
1990s marketing
2000s lobbying
2010s cult

Never mind if many of the above “programs” are ripoffs, licensed, or worse. Microsoft was never ever an honest company. This is why so many geeks never did and never will trust Microsoft. Last night we were alerted that Jason from Forbes (their best technology writer by the way), who had been manipulated by Microsoft (maybe the publisher participates in it!) again reprinted the ‘Microsoft ❤️ Linux’ and/or ‘Microsoft ❤️ Open Source’ lies. Jason knows these statements aren’t true, so his headline contained quotes: “Microsoft To Linux Community: ‘We Are An Open Source Company’” [sic]

What’s the point even printing this? The summary says: “17 years ago ex-Microsoft CEO Steve Ballmer called Linux a cancer. Is it finally time to let that comment go?”

They’re just hiding it better. They recently approached this blogger in an effort to change his mind, as we noted some weeks ago.

“To be most frank, Jason might be better off writing independently, not for Forbes, a publication that works for Bill Gates and spins for Bill Gates (he desperately needs spin right now).”Quite frankly, he should ignore them and focus on facts. Other Microsoft liars such as Bogdan Popa pushed (once again) the same lies/lines without even as much as scepticism. Jason doesn’t need to ‘help’ them. These people will spread whatever lies Microsoft thinks are essential to spread. Microsoft used to do lots of that through its pedophile, Microsoft Peter, who spread all these lies to the point where the Open Source section in Ars Technica was literally nothing but Microsoft lies. He did that even days before he was arrested and the publisher collapsed. Is Softpedia next? Popa is doing “Softpedia News” no favour every time he’s relaying Microsoft lies from Microsoft staff. This cannot possibly be good for the site in the long term…

To be most frank, Jason might be better off writing independently, not for Forbes, a publication that works for Bill Gates and spins for Bill Gates (he desperately needs spin right now).

Meme: Setting the Record Straight

Wednesday 16th of October 2019 05:52:52 AM

Did Stallman defend Epstein like the corporate media said?

Richard Stallman’s “Statements about Epstein” when it all began: “I want to respond to the misleading media coverage of messages I posted about Marvin Minsky’s association with Jeffrey Epstein. The coverage totally mischaracterised my statements.

“Headlines say that I defended Epstein. Nothing could be further from the truth. I’ve called him a “serial rapist”, and said he deserved to be imprisoned. But many people now believe I defended him — and other inaccurate claims — and feel a real hurt because of what they believe I said.

“I’m sorry for that hurt. I wish I could have prevented the misunderstanding.”

Summary: Stallman never defended Epstein. He had called him “Serial Rapist”. It’s Bill Gates who defended Epstein and possibly participated in the same acts.

EPO Staff Resolution Against Neoliberal Policies of António Campinos

Wednesday 16th of October 2019 04:56:16 AM

Last week: EPO Leak: António Campinos Announces Impending Cuts While Outsourcing to Private Firms Like Serco

Summary: “After Campinos announced 17 financial measures,” a source told us, “staff gathered at multiple sites last week for general assemblies. The meeting halls were crowded. The resolution was passed unanimously and without abstentions.”

Satya Nadella is a Distraction From Microsoft’s Real Leadership and Abuses

Wednesday 16th of October 2019 04:39:06 AM

By Mitchel Lewis (“Is Satya Real?”)

Summary: “I’m merely wondering if his image and accolades that we’re incessantly bombarded with by the press actually reflect his accomplishments or if they’re being aggrandized.”

Few executives have garnered more positive press than Satya Nadella since he took the reins at Microsoft. As shown with Elizabeth Holmes though, hype resulting from artificial press coverage is a commodity for major tech companies, hence why they all seem to have massive legal and PR teams to spin press favorably, too much of it can serve as correlate of the opposite being true; similar to a lifted truck with a pair of nuts hanging off the hitch.

With the influence of the media in mind, it’s easy to see why Nadella is credited with the lion’s share of Microsoft’s recent success while being revered as a mountaintop guru of sorts by many in the press. However, few, if any, tech companies are more notorious for manipulating the media than Microsoft. As such, when I ask if Satya Nadella is real, I’m not asking if he’s a real person. Instead, I’m merely wondering if his image and accolades that we’re incessantly bombarded with by the press actually reflect his accomplishments or if they’re being aggrandized.

So, is Satya real? Is he a genuine hyper-woke leader that hit refresh at Microsoft? Is he the champion of growth mindset and change? Or Is he just another manufactured figurehead doing what he’s told by a pasty white cabal of lawyers and PR people? Or is he somewhere in between?

If you were to ask Dina Bass of Bloomberg, she would maintain that Satya is the real deal and that Microsoft is going through a renaissance under his leadership. So would Jim Cramer and the list goes on and on. To their credit, Microsoft has made a boatload of money since Nadella took the reins. But correlation doesn’t always equal causation. Change occurs slowly on an enterprise scale and any manager at Microsoft will gladly affirm that it can be a big ship to steer. Resultantly, Microsoft has to plot its course so far in advance that the profits earned today are the byproduct of strategic planning and decisions made 5–10 years ago; none of which immediately goes out the door with leadership changes. As such, it can take 5–10 years for the merits of their new leadership to come into play and be realized as they slowly come out of the shadow of their predecessor.


Cut out for space? Or cut out because it contradicts the renaissance narrative?

As a result of this executive runoff, which Dina openly admits (omits?), it’s safe to say that Nadella’s influence is still gradually being realized, for better or for worse. Ironically, much of the success that Microsoft is seeing today can still be credited back to Steve Ballmer and his old guard which is still mostly intact to this day. From the present success of Office 365, Azure, Windows 10, Server, Surface, Visual Studio, Hololens, and Xbox to their GitHub and LinkedIn Acquisitions, virtually all of the major decisions bringing these products where they are today were put in motion before Satya’s ascent to the CEO position. It’s just not advantageous for Microsoft to hype up Satya’s predecessors or their old guard with any of their accomplishments.

Sure, he could be the harbinger of ethical change at Microsoft, but it’s not as if Satya was at odds with Ballmer or Gates while under their leadership. Nadella gladly worked under both of them at a company where being ethical was/is a career-limiting move and seemingly taking no issue with anything that Microsoft became notorious for. He didn’t take a stand against their blatant anticompetitive behavior. He is seemingly fine with their commitment to lock-in and is chill with patent trolling too. Bribery? HR and management systematically retaliating against dissenters, whistleblowers, and abuse victims? Pay inequality? No problem at all as far as Nadella is concerned.

Presently, Microsoft is supplying ICE and CBP with its entire suite of software and services despite their participation in genocide. Meanwhile, Microsoft is also catering to China’s facial recognition ambitions and remain complicit in their various human rights violations; they aren’t the only ones though. In response, Satya has tried to downplay Microsoft’s relationship with these government entities while trying to distance the complicity of their productivity software from their deplorable behavior. But his lip service ultimately seems to contradict itself when it doesn’t dance around the subject entirely while his actions are par for the course with his predecessors.

In a recent interview and rather than acknowledging their complicity, Nadella claims to maintain some ethical control over their software, from who gets to use it to how they get to use it. Yet, he’s mum when ICE and CBP are blatantly violating their code of conduct with regard to the welfare of children. Even worse, he also seems to prefer to leave ethical decisions to the various laws of the land that they’re operating within like a modern Protagoras in the same breath; legal does not equal ethical. All while ignoring protests of this sort of behavior on his doorstep, internally, and abroad.

“We do have control on who gets to use our technology…and we do have principles. Beyond how we build it, how people use it is something that we control through Terms of Use. And we are constantly evolving the terms of use.”

“We also recognize whether it’s in the United States, whether it’s in China, whether it’s in the United Kingdom, they will all have their own legislative processes on what they accept or don’t accept, and we will abide by them.”
-Satya Nadella

With the above in mind, it’s quite obvious that Satya is towing the company line and deferring ethical decisions to his legal and PR teams while parroting whatever said teams mandate that he say. But ethics deferred are ethics abandoned and this is especially true when one defers to the likes of corporate counsel, PR teams, or the bastardized logic of regimes. As is the case for a proper figurehead, you would be hard-pressed to find Satya going against the grain of anything that Microsoft has become notorious for. None of which is a hallmark of the leadership qualities and ethical stances that he is supposedly a champion of.

While he’s positioned as a techno demigod in the media, Nadella is not even allowed to check his email according to his legal team which is a solid indicator of who is truly wearing the pants at Microsoft. That said, how much sway corporate counsel has within an organization the size of Microsoft often goes overlooked. When you’re walking the line between legal and criminal as Microsoft has done historically, you tend to do whatever your lawyer tells you to do and this is no different for a corporation. And this is especially the case at a law firm with a software problem such as Microsoft which was founded by the affluenza’d son of a Halliburton attorney.

Given the undue amount of influence of Microsoft’s legal team has within its walls, it borders on the irrational to expect a significant amount of change from such a company so long as they retain the same lawyers regardless of who their CEO is. Just as you don’t need a criminal defense attorney when you’re not committing crimes, you also won’t need the king of anti-trust such as Brad Smith working at the top legal position of your company unless you’re maintaining a monopoly and violating the Sherman Act.

When I was a vendor at Microsoft, I was told that it was not my job to think, only to do as I was told. Much like a vendor, it’s not Satya’s job to think as a figurehead either. Instead, it’s Satya’s job to operate at the behest of Brad Smith and his legal/PR teams. This isn’t to say that this makes Nadella is a bad person though. He’s just not the person we’ve been sold. Ethically speaking, the real Satya Nadella is most likely no better or worse than anyone else doing their job at Microsoft or anywhere else that requires employees to shelve ethics for a paycheck. You’re welcome to believe the hype though.

Raw: EPO Comes Under Fire for Lowering Patent Quality Under the Orwellian Guise of “Collaborative Quality Improvements” (CQI)

Wednesday 16th of October 2019 04:10:24 AM

Summary: Stephen Rowan, the President’s (António Campinos) chosen VP who promotes the notorious “Collaborative Quality Improvements” (CQI) initiative/pilot, faces heat from the CSC, the Central Staff Committee of the EPO

Making The Most of The Fourth Age of Free Software

Wednesday 16th of October 2019 03:53:15 AM

By figosdev

Summary: “For better or for worse, we can be certain the Free Software Foundation will never be the same.”

Internet eras come and go in one lifetime. Other technological ages approach and wane with the same haste.

The First Age of Free software arrived in the 1950s, when source code was both available and unrestricted. Neither copyright nor patents were applicable to code, and the A-2 compiler gave customers the opportunity to study and improve the software.

The First Age continued through the 1970s, and gave birth to C, UNIX and BSD. In 1980, Software became copyrightable in the United States — as of the late 1990s, Microsoft had still not yet found a way to abuse the patent system to increase their level of control over the market.

“In 1980, Software became copyrightable in the United States — as of the late 1990s, Microsoft had still not yet found a way to abuse the patent system to increase their level of control over the market.”The Second, and first deliberate Age of Free software, began in the 1980s as Richard Stallman created the Free Software Foundation. Now that monopolies were exerting additional control over software, Stallman realised that this ultimately meant exerting unjust control over the users themselves. For an extreme example of this, one need only consider the level of control that Amazon has today over your ebook library.

You may “purchase” an ebook, but Amazon controls your digital reader and with that, your library. You have less of a say over your own books than the company you bought them from, which is an unprecedented level of control over libraries that circumvents First-sale doctrine.

First-sale doctrine dictates that even if you don’t have the right to publish a book, the physical copy you purchase is yours to change, resell, destroy — you don’t control the publishing rights but you do own your copy.

The Digital Millennium Copyright Act (where applicable) is at odds with First-sale doctrine, making it a crime to circumvent the encryption scheme on ebooks, music and films. But it’s Amazon’s control of the software that gives them their control of your library — and poses an existential threat to public libraries, which have nearly always existed in the (legally and constitutionally defended) defiance of publishers.

“But it’s Amazon’s control of the software that gives them their control of your library — and poses an existential threat to public libraries, which have nearly always existed in the (legally and constitutionally defended) defiance of publishers.”There are countless other examples of how non-free software creates a lack of freedom for the user, but the threat that companies who promote such software pose to libraries is as good an example as any. Similar modern injustices exist for users of automobiles, pacemakers and farm equipment.

In the late 90s, the Third Age of Free software began. This was an age where Free software worked to maintain awareness as a schism took place. As the GNU project moved forward from creating the rest of an operating system to creating a viable kernel, another free kernel emerged. We know this as the Linux kernel, which has included a Free software license since 1992.

It was not a problem that the Linux kernel was created outside of the GNU project per se, but it created a unique challenge. The authors of Linux were not interested in promoting Free software; they preferred to promote an offshoot or alternative concept called “Open Source.” And one of the primary goals of Open Source was to focus on goals that businesses liked, without having to talk about politics or freedom.

“The authors of Linux were not interested in promoting Free software; they preferred to promote an offshoot or alternative concept called “Open Source.” And one of the primary goals of Open Source was to focus on goals that businesses liked, without having to talk about politics or freedom.”The Third Age is an age of excessive compromise, as well as greater awareness of the products of Free software — through an often unsympathetic, pro-corporate and monopoly-sponsored tech press. This age created great misconceptions and frequently misrepresented history prior to “informing” the public about it. The Third Age helped to steal Free software from the poor and the general public, and give it to the rich and monopolistic.

The Third Age is largely successful, from the standpoint of people who are happy to find that Free software is now actually less free than before. If you ask someone sympathetic to Open Source, they may refer to the movement they co-opted as consisting of “neckbeards”, “whiners” and “zealots”. They mock people who spent years working hard to make software free for everyone as “cheapskates”. But for them, Open source is a triumph. It has entirely different standards of success, but by those standards things are going very well.

If an outside group co-opting Free software forms the Third Age, then the next great Schism in Free Software is the Fourth or present Age. This is a potentially dark age where Free Software itself splits apart — the cause could be considered as a combination of factors.

One factor is the damage to the Free software ecosystem caused by monopoly interference. This has been recognised for years by Free software supporters in various camps, closer to the outskirts (or frontiers) of the movement than the Free Software Foundation itself.

A second factor is the failure of the Free Software Foundation to respond to this category of interference. For many years, a debate has existed between these frontier supporters and the FSF on what the greatest threats to Free software are today. None of this negates or tries to negate the original or primary threats to freedom that have always existed and are still relevant — this a key difference between the current schism and Open Source.

“The First Age was an age of de facto software freedom, the Second Age was the first age of deliberate and intentional freedom, the Third Age was an age of challenged freedom — and in the Fourth Age, we find a dramatic change in leadership and organisation.”Finally, there are people working closely with the Free Software Foundation who have supported the complete political and social ousting of its leader. While voluntarily stepping down as president may have given the FSF the chance to find and transition in a leader suitable to the movement, this has now taken place under other, more disruptive circumstances (including leaving the board instead of just the position) and this dramatic change makes the Fourth Age of Free software that much more distinct.

The First Age was an age of de facto software freedom, the Second Age was the first age of deliberate and intentional freedom, the Third Age was an age of challenged freedom — and in the Fourth Age, we find a dramatic change in leadership and organisation.

You may choose to define this age as the one where its founder was ousted and rejected. Alternatively, you may choose to define this age as the one where the FSF lost credibility with the treatment of its founder. Stallman himself encourages us not to blame the FSF as an organisation, and I can still appreciate and try to support that request. How we go about supporting the FSF in the future is something we are all ultimately going to be discussing.

Speaking personally, I am not the only person that thinks we need the FSF just as much as ever before. I think this is mostly an attack by monopolies, enabled by damage done by Open Source, and that ceding too much control to those who never cared about freedom has weakened the FSF to the point of nearly falling apart.

I do think we should work to save the Free Software Foundation, and abandoning it will not likely save it.

“I do think we should work to save the Free Software Foundation, and abandoning it will not likely save it.”But it will only be saved on terms that no longer neglect the problems that led to this age in the first place. In other words, if we continue to support the FSF, it will be clear that Free software advocates have a greater input in the future and are not so easily waved aside.

It’s important that the FSF not compromise on its goals, but it is also important that it not shy away from addressing new problems. It can be argued that the FSF has fallen short on both. Since we cannot trust the FSF to get everything right, since it has proven unable to sustain its mission in a number of notable ways, it must be willing to accept help that it waved aside in the past.

This does not mean giving into the false compromise and false promise of Open Source. If anything, it has done too much of that already.

But since the FSF was founded, many organisations sympathetic to Software Freedom and (with varying degree) the FSF itself have formed. These are typically smaller organisations, often focusing on certain aspects of freedom that the FSF may neglect or even try to negate.

These organisations cannot and will not be ignored or hastily dismissed any longer. We have predicted several of the crises the FSF is bleeding out from, and if the FSF insists on continuing to bleed out this way, it will die. We can’t force them to listen, or to agree. But we can certainly point out the foolishness of some of the key mistakes that brought us to this point in time. We can also point out solutions that are within the FSF’s ability to implement.

“Regardless of what happens to a sole organisation, this is the second and new age where lines have appeared between those who would have Richard Stallman as captain, and those who would not.”The FSF remains very important to Free software. It holds documents, software, history and talent that can probably do far more good where it belongs — sheltered and maintained by the FSF, if they are willing to work with a broadening, ideologically diverse but sincere and devoted Free software community. By no means will we have a net benefit if the FSF falls.

But we also know that the FSF has failed us in ways we won’t put aside. Even if the organisation is vital, even if the majority of its volunteers are better described as “with us” than “against us,” those who are responsible for these failures will be noted and trusted less than in the past.

The FSF must choose — between becoming less trusted as an organisation, or understanding that certain individuals will become less trusted as a result of all this. We owe it to Stallman, as well as ourselves, not to be hasty or superficial in where we place or withdraw our trust. But the First and Second ages of Free software were ages of innocence and growing up. The Third and Fourth ages will prove to be ages of hard lessons and struggling to regain lost ground, as well as ages of new ideas and evolution.

“For better or for worse, we can be certain the Free Software Foundation will never be the same.”In many ways, it was our own decisions that led us here. In another sense, this is the direction we were swept into. The Free Software Foundation lacks a leader, and the Free software movement is searching for a new anchor. What once was a great ship, is very arguably now a fleet. Regardless of what happens to a sole organisation, this is the second and new age where lines have appeared between those who would have Richard Stallman as captain, and those who would not.

For some of us, this could be the age where Stallman is retired as captain and is promoted (by us) to Admiral, as several new captains appear. For better or for worse, we can be certain the Free Software Foundation will never be the same. Free software sails on, into uncharted waters. We venture forth in search of greater freedom — we do not abandon the quest for freedom for marketshare alone.

Long Live Stallman, and Happy Hacking.

Licence: Creative Commons CC0 1.0 (public domain)

FSF is Not for Free Speech Anymore

Wednesday 16th of October 2019 03:05:50 AM

Mr. Pocock was right

Summary: The FSF gave orders to silence people

Bradley M. Kuhn (largely responsible for the RMS resignation): “I have been silent the last month because, until two days ago, I was an at-large member of FSF’s Board of Directors, and a Voting Member of the FSF. As a member of FSF’s two leadership bodies, I was abiding by a reasonable request from the FSF management and my duty to the organization. Specifically, the FSF asked that all communication during the crisis come directly from FSF officers and not from at-large directors and/or Voting Members. Furthermore, the FSF management asked all Directors and Voting Members to remain silent on this entire matter — even on issues only tangentially related to the current situation, and even when speaking in our own capacity (e.g., on our own blogs like this one). The FSF is an important organization, and I take any request from the FSF seriously — so I abided fully with their request.” (no direct link, but it can be read here)

Links 16/10/2019: Plasma 5.17.0, Project Trident Moves to GNU/Linux, NuTyX 11.2

Wednesday 16th of October 2019 01:54:32 AM

Contents
  • GNU/Linux
    • [Project Trident] 2020 OS Migration

      After several months of examination and testing of the various operating systems that are available right now, we have reached a conclusion. Project Trident will rebasing with Void Linux.

    • Project Trident Switching From TrueOS/FreeBSD Distribution To Basing On Void Linux

      Project Trident has been one of the lesser known BSD distributions derived from TrueOS (formerly PC-BSD) and making use of the FreeBSD package set. But moving forward the distribution is looking to reinvent itself as a derivative of Void Linux.

      Project Trident had been looking at re-basing itself on a new operating system platform especially with TrueOS being less desktop focused these days and encountering “multiple long-standing issues with the underlying FreeBSD”. In the end, they announced on Monday they selected Void Linux as their new target.

    • Desktop
      • 16 Places To Buy A Linux Laptop With Linux Preloaded

        Are you looking for Linux laptops? Do you want a Linux system without having to pay a Microsoft tax? The hardest part of using Linux is to find out the correct hardware. Hardware compatibility and drivers can be a big issue. But where one can find Linux desktops or Laptop for sale? Here are sixteen places to buy a preinstalled Linux Desktop and Laptop.

    • Server
      • IBM
        • Top 10 highlights at Red Hat Summit 2019

          As we careen into Fall, we at Red Hat have had a few months to catch our breath after another fantastic Red Hat Summit. Which means… we’re busy planning for next year’s Red Hat Summit. As we get everything lined up for next year, let’s take a look back at some of the highlights from our time in Boston.

          [...]

          Every year the Red Hat Innovation Awards recognize the technological achievements of Red Hat customers around the world who demonstrate creative thinking, determined problem-solving and transformative uses of Red Hat technology.

          The 2019 winners were: BP, Deutsche Bank, Emirates NBD, HCA Healthcare and Kohl’s. In addition, HCA Healthcare was voted the 2019 Red Hat Innovator of the Year for its efforts to use data and technology to support modern healthcare. A cross-functional team of clinicians, data scientists and technology professionals at HCA Healthcare used Red Hat solutions to create a real-time predictive analytics product system to more accurately and rapidly detect sepsis, a potentially life-threatening condition.

        • Red Hat Sacks CFO Over Alleged Workplace Standards Violation

          Red Hat CFO has been shown the door in alleged workplace standards violation.

        • Red Hat Developers Eyeing CPU Thermal Management Improvements For Fedora 32

          Several Red Hat developers are looking at improving the CPU thermal management capabilities for Fedora Workstation 32 and in turn possibly helping Intel CPUs reach better performance.

          The change being sought for Fedora Workstation 32 would be shipping Intel’s thermal daemon (thermald) by default with Fedora 32 and with that carrying various hardware specific configuration data for helping CPUs reach their optimal thermal/power limits. Intel’s open-source thermal daemon can already be installed on most Linux distributions as a separate package but isn’t normally shipped by default. With Fedora Workstation 32 it could be shipped by default for its goal of trying to keep CPUs operating in the correct temperature envelop and to reach maximum performance.

        • What’s new in Red Hat Dependency Analytics

          We are excited to announce a new release of Red Hat Dependency Analytics, a solution that enables developers to create better applications by evaluating and adding high-quality open source components, directly from their IDE.

          Red Hat Dependency Analytics helps your development team avoid security and licensing issues when building your applications. It plugs into the developer’s IDE, automatically analyzes your software composition, and provides recommendations to address security holes and licensing problems that your team may be missing.

          Without further ado, let’s jump into the new capabilities offered in this release. This release includes a new version of the IDE plugin and the server-side analysis service hosted by Red Hat.

        • Awards roll call: Red Hat awards, July 2019 – October 2019

          As we head into the new season, we?d like to spread the excitement by sharing some of our latest awards and industry recognition. Since our last roundup, Red Hat has been honored with accolades highlighting our unique culture, our creative and design work and our expansive product portfolio.

    • Audiocasts/Shows
      • 2019-10-15 | Linux Headlines

        A double dose of Python, AWS credits for open source projects, a new kernel development course from the Linux Foundation, and an exciting release for KDE Plasma.

      • A Chat with Allan Jude | Jupiter Extras 22

        Brent sits down for an in-person chat with Allan Jude for a retrospective storytelling of his beginnings in BSD, his long history with podcasting, BSDNow and Jupiter Broadcasting, a beginner’s guide to the benefits of FreeBSD, with technical nuggets and nostalgic bits throughout.

        Allan Jude wears many hats including FreeBSD developer and member of the FreeBSD Core team, ZFS expert, co-founder and VP Engineering at Klara Inc., co-founder and VP Operations at ScaleEngine Inc., host of BSDNow, former host of TechSNAP among many others.

      • Podcast.__init__: Andrew’s Adventures In Coderland

        Software development is a unique profession in many ways, and it has given rise to its own subculture due to the unique sets of challenges that face developers. Andrew Smith is an author who is working on a book to share his experiences learning to program, and understand the impact that software is having on our world. In this episode he shares his thoughts on programmer culture, his experiences with Python and other language communities, and how learning to code has changed his views on the world. It was interesting getting an anthropological perspective from a relative newcomer to the world of software.

        [...]

        Software development is a unique profession in many ways, and it has given rise to its own subculture due to the unique sets of challenges that face developers. Andrew Smith is an author who is working on a book to share his experiences learning to program, and understand the impact that software is having on our world. In this episode he shares his thoughts on programmer culture, his experiences with Python and other language communities, and how learning to code has changed his views on the world. It was interesting getting an anthropological perspective from a relative newcomer to the world of software.

      • 2019-10-14 | Linux Headlines

        Perl 6 is renamed, AWS goes metal with ARM, OnionShare just got a big upgrade, and Google has a new security dongle.

      • Fedora Removes 32bit, System76 Coreboot, Flatpak, Valve, Atari VCS, Docker | This Week in Linux 84

        On this episode of This Week in Linux, we talk about Fedora Removing 32-bit, well sort of. System76’s announced two laptops using Coreboot firmware. There is some interesing news regarding Docker and its future. Then we’ll check out some Linux Gaming news with some really exciting news from Valve!

    • Kernel Space
      • Linux Kernel 5.2 Reached End of Life, Users Urged to Upgrade to Linux Kernel 5.3

        Released in early July 2019, the Linux 5.2 kernel series brought various new features and enhancements, among which we can mention an open-source firmware to support DSP audio devices, support for case-insensitive names in the EXT4 file system, a new file system mount API, better resource monitoring for Android devices, as well as new open-source GPU drivers for ARM Mali devices.

        Additionally, Linux kernel 5.2 introduced some performance improvements to the BFQ I/O scheduler, a new CPU bug infrastructure that better protects your computers against the recently disclosed Intel MDS (Microarchitectural Data Sampling) hardware vulnerabilities, and a new device mapper “dust” target for simulating devices with failing sectors and read failures.

      • Highly Threaded Linux Software Running Under CFS Quotas See Big Performance Fix

        Thanks to a Linux kernel fix that is likely to be back-ported to the various stable series, highly threaded software running under CFS quotas for enforcing CPU limits are about to be much faster. At least in a synthetic test case, the kernel fix yields a 30x improvement in performance.

        Spotted by the Kubernetes community but affecting others with highly threaded workloads and making use of a CFS quota to restricted shared CPU resources, it turns out that highly-threaded applications are routinely not getting “their fair share” of the CPU, leading to lower than expected performance and higher latency.

      • New “FUSE2″ Kernel Driver Being Experimented With For File-Systems In User-Space

        Longtime FUSE developer Miklos Szeredi of Red Hat has been working on a new “FUSE2″ FUSE kernel driver for implementing file-systems in user-space.

        FUSE2 is a completely new “File-System in User-Space” kernel driver being worked on and presented as a new FUSE2_FS Kconfig option that simply describes it as an “experimental new fuse driver” and with interface changes compared to the existing FUSE kernel driver is now exposed via /dev/fuse2.

      • Graphics Stack
        • Intel Linux Graphics Driver Adds Bits For Jasper Lake PCH

          Details are still light on Jasper Lake, but volleyed onto the public mailing list today was the initial support for the Jasper Lake PCH within the open-source Linux graphics driver side.

          The patch adds in the Jasper Lake PCH while acknowledging it’s similar to Icelake and Tigerlake behavior. The Jasper Lake PCI device ID is 0x4D80. The patch doesn’t reveal any other notable details but at least enough to note that the Jasper Lake support is on the way. Given the timing, the earliest we could see Intel Jasper Lake support out in the mainline kernel would be for Linux 5.5, which will be out as stable as the first kernel series of 2020 and in time for the likes of Ubuntu 20.04 LTS and Fedora 32.

        • Linux Graphics Drivers Could Have User-Space API Changes More Strictly Evaluated

          In response to both the AMD Radeon and Intel graphics drivers adding new user-space APIs for user-space code that just gets “[thrown] over the wall instead of being open source developed projects” and the increase of Android drivers introducing their own UAPI headaches, Airlie is looking at enforcing more review/oversight when DRM drivers want to make user-space API changes.

          The goal ultimately is to hopefully yield more cross-driver UAPI discussions and in turn avoiding duplicated efforts, ensuring good development implementations prior to upstreaming, and better quality with more developers reviewing said changes.

        • xf86-video-ati 19.1 Released With Crash & Hang Fixes

          For those making use of xf86-video-ati on X.Org-enabled Linux desktops, the version 19.1 release brings just a handful of new fixes. This release was announced today by Michel Dänzer who last month departed AMD to now work on Red Hat’s graphics team. Michel is sticking around the Mesa/X.Org world for Red Hat’s duties but is hoping someone else will be picking up maintenance of the xf86-video-ati/xf86-video-amdgpu DDX drivers going forward. Granted, not a lot of activity happens to these X.Org DDX drivers these days considering more Linux desktops slowly moving over to Wayland, many X11 desktops using the generic xf86-video-modesetting, and these AMD drivers being fairly basic now with all of the big changes in the AMDGPU DRM kernel driver.

    • Benchmarks
      • Windows 10 vs. Linux OpenGL/Vulkan Driver Performance With Intel Icelake Iris Plus Graphics

        With picking up the Dell XPS 7390 with Intel Core i7-1065G7 for being able to deliver timely benchmarks from Intel’s long-awaited 10nm+ Icelake generation, one of the first areas we have been testing is the Iris Plus “Gen 11″ graphics performance. In this article are our initial Windows 10 vs. Linux graphics performance numbers for Ice Lake.

        For this very first Intel Iris Plus Gen11 graphics testing are results from Windows 10 compared to Ubuntu 19.10. Ubuntu Linux was benchmarked with its stock driver stack comprised of Mesa 19.2.1 as well as opting for the “Iris” Gallium3D driver and also testing Mesa 19.3-devel both with the default i965 OpenGL driver and the Iris Gallium3D driver. Of course, for the Vulkan tests on Linux is their sole “ANV” Vulkan driver.

        The Dell XPS 7390 was equipped with the Intel Core i7-1065G7 Ice Lake processor and its Iris Plus Graphics, 2 x 8GB LPDDR4 3733MHz memory, 500GB Toshiba NVMe solid-state drive, and 1920×1200 panel.

    • Applications
      • Rudimentary KBibTeX client using Kirigami2

        KBibTeX is a bibliography editor (BibTeX and somewhat BibLaTex) used in conjunction with LaTeX and friends. Based on this code base, a SailfishOS client called ‘BibSearch’ exists which allows to search for bibliographic data in various online sources (IEEE Xplore, Google Scholar, ACM Digital Library, …). BibSearch’s code makes use of KBibTeX’s C++ code, has its user interface implemented in SailfishOS’s Silica QML, and provides just two C++ files on its own to glue together everything.

      • Unoon, a tool to monitor network connections from my system

        I always wanted to have a tool to monitor the network connections from my laptop/desktop. I wanted to have alerts for random processes making network connections, and a way to block those (if I want to).

        Such a tool can provide peace of mind in a few cases. A reverse shell is one the big one, just in case if I manage to open any random malware (read downloads) on my regular Linux system, I want to be notified about the connections it will make. The same goes for trying out any new application. I prefer to use Qubes OS based VMs testing random binaries and applications, and it is also my daily driver. But, the search for a proper tool continued for some time.

        [...]

        A few weeks back, on a Sunday late night, I was demoing the very initial version of the tool to Saptak. While we were talking about the tool, suddenly, an entry popped up in the UI /usr/bin/ssh, to a random host. A little bit of search showed that the IP belongs to an EC2 instance. For the next 40 minutes, we both were trying to debug to find out what happened and if the system was already compromised or not. Luckily I was talking about something else before, and to demo something (we totally forgot that topic), I was running Wireshark on the system. From there, we figured that the IP belongs to github.com. It took some more time to figure out that one of my VS Code extension was updating the git, and was using ssh. This is when I understood that I need to show the real domain names on the UI than random IP addresses.

      • NordPy: An Open-Source Linux Client for NordVPN

        NordVPN is a personal VPN software with the main focus on protecting user privacy and granting them access to regionally restricted content. It features a strong encryption protocol with a no-log policy and works with north of 5700 servers in at least 60 countries. It is available for Linux, Windows, macOS, AndroidTV, Android, iOS and NAS platforms. It can also be manually set up on WiFi routers.

        NordVPN is one of the most recommended VPN services and while it continues to receive positive reviews from customers, developers are beginning to dedicate some time to it and this is how NordPy has come to be.

        NordPy is an open-source GUI client for Linux users who like NordVPN and it inherits all the features in the official NordVPN applications. Its feature list includes connection to OpenVPN or NetworkManager-OpenVPN via TCP and UDP, no DNS leak when using OpenVPN,

      • 7 Linux Applications You Should Start Using Right Now

        Linux used to be the go-to operating system among the tech-savvy crowd. Because back in the day, it was a lot more demanding to use. Now Linux has modern, user-friendly distributions such as Ubuntu and Mint. The application repository they have in common has matured too. Customizing it to your heart’s desire is now easier than ever before. And this should be the end goal — to mold the OS into a tool that’s custom-tailored to your needs. So if you haven’t already, consider installing the following types of applications.

      • Proprietary
        • Compromised AWS API Key Allowed Access to Imperva Customer Data

          Imperva has shared more information on how [attackers] managed to obtain information on Cloud Web Application Firewall (WAF) customers, and revealed that the incident involved a compromised administrative API key.

        • Oil Refiner Reports Major IT Incident in Finland

          It’s not yet clear whether the cause is a malfunction or a cyber attack, according to spokeswoman Susanna Sieppi. The issue is under investigation, and it’s too early to estimate when the systems will be fixed, she said by phone.

    • Instructionals/Technical
    • Games
      • 2D using Godot

        This brings me to the GUI parts. I’m still not convinced that I understand how to properly layout stuff using Godot, but at least it looks ok now – at the cost of some fixed element sizes and such. I need to spend some more time to really understand how the anchoring and stretching really works. I guess I have a hard time wrapping my head around it as the approach is different from what I’m used to from Qt.

        Looking at the rest of the code, I’ve tried to make all the other scenes (in Godot, everything is a scene) like independent elements. For instance, the card scene has a face, and an is_flipped state. It can also signal when it is being flipped and clicked. Notice that the click results in a signal that goes to the table scene, which decides if the card needs to be flipped or not.

        The same goes for the GUI parts. They simple signal what was clicked and the table scene reacts. There are some variables too, e.g. the number of pairs setting in the main menu, and the points in the views where that is visible.

      • City building god sim ‘The Universim’ will now let you launch rockets with satellites into orbit

        The Universim is slowly turning into a city building god game truly worth playing, with the Sky High update now available expanding the game into planetary orbit.

        Being able to actually launch things into space is a stepping stone towards visiting other planets. Currently, the Cosmodrome will allow you to send up Defence Satellites that will enable ground to air defences for your Defence Towers. So now you have a reasonable chance to take down meteors and other threats from space.

      • POSTAL 4: No Regerts released into Early Access, Linux version likely in future

        Running With Scissors are back, with a surprise release of POSTAL 4: No Regerts on Steam and a Linux version is looking likely in future.

        Naturally, someone posted on Steam to ask about the possibility of Linux support. This is something that happens a lot but here it’s a bit different. RWS already supported Linux with multiple previous Postal releases.

      • PlayStation 3 emulator RPCS3 is coming along quickly with their August progress report up

        Delayed as usual due to the progress reports being done by contributors, the team working on the PlayStation 3 emulator RPCS3 have another post up to show off more incredible progress.

        To start with, they have again changed how they list what games are playable and not with the removal of games that won’t work due to servers being shut down. They said even if RPCS3 becomes 100% complete, they wouldn’t work unless someone accurately emulated and hosted servers for them. With that in mind, they also did a lot of testing of games that previously only went in-game to see how many are now properly playable. Thanks to all the testing, the Playable category has jumped up to 1,426 titles!

      • Feral Interactive Launches ‘Shadow Of The Tomb Raider’ Plus All DLC On Linux November 5

        Lara Croft’s latest sprawling adventure is finally landing on Linux next month, courtesy of the porting masters at Feral Interactive. Shadow of the Tomb Raider: Definitive Edition marks the conclusion of the rebooted Tomb Raider trilogy, and it will feel fantastic to see the entire series natively playable on our favorite OS.

      • Shadow of the Tomb Raider Arrives for Linux and macOS on November 5th

        UK-based video games publisher Feral Interactive announced today that the Shadow of the Tomb Raider video game will arrive for Linux and macOS platforms on November 5th, 2019.

        Developed by Crystal Dynamics and Eidos-Montréal, Shadow of the Tomb Raider was launched on September 14, 2018, as the last instalment in the spectacular and thrilling action-adventure puzzle game Tomb Raider origins trilogy. It’s also the twelfth title in the Tomb Raider series featuring the famous character Lara Croft. In this game, players will adventure into a Maya apocalypse world where they need shape Lara’s destiny to become the Tomb Raider.

      • Shadow of the Tomb Raider Coming To Linux On 5 November

        Feral Interactive revealed today that Shadow of the Tomb Raider will be released for Linux on 5 November.

        While Shadow of the Tomb Raider already works quite well under Steam Play, Feral Interactive has been porting Shadow of the Tomb Raider Definitive Edition over to macOS and Linux. They now revealed 5 November is the launch date for this AAA game.

        The Linux system requirements have yet to be revealed but it is another Vulkan exclusive Linux game port.

      • Shadow of the Tomb Raider Definitive Edition arrives on Linux on November 5th

        Feral Interactive have finally confirmed the Linux release date for Shadow of the Tomb Raider after announcing it for Linux back in November last year.

        They’ve said today it will officially release as “Shadow of the Tomb Raider Definitive Edition” on November 5th! Looking around at dates, technically this is the earliest we’ve seen any of the newer Tomb Raider series arrive on Linux. The first Tomb Raider came to Linux in 2016 after an original 2013 release, with Rise of the Tomb Raider arriving on Linux 2018 after an original 2016 release and we get the final game in the reboot trilogy next month!

      • The Internet Archive website has added another 2,500 MS-DOS games

        Another point scored for game preservation. The Internet Archive have added another 2,500 MS-DOS games you can play right in your browser.

        In their official announcement, they said that while they’ve added a few more to their collection here and there this is the biggest yet and it ranges from “tiny recent independent productions to long-forgotten big-name releases from decades ago”.

      • 2,500 More MS-DOS Games Playable at the Archive

        Another few thousand DOS Games are playable at the Internet Archive! Since our initial announcement in 2015, we’ve added occasional new games here and there to the collection, but this will be our biggest update yet, ranging from tiny recent independent productions to long-forgotten big-name releases from decades ago.

      • Vulkan support is not far away now for the flight sim X-Plane 11, physics & flight model updates coming

        X-Plane 11, the detailed flight simulator is finally closing in on an update that will bring in Vulkan support as detailed in a new developer blog post.

      • Google have confirmed the Stadia launch date is November 19

        Stadia, Google’s new fancy Linux-powered game streaming service is officially set to launch on November 19, that is if you forked out for the expensive Stadia Founder’s Edition.

        In the blog post over on Google, written by John Justice the “Vice President of Product, Stadia”, they mention that the Founder’s Edition should start arriving on doorsteps on November 19. From then, you will be able to buy and play games beginning at 4PM UTC and it will work across devices right away (so you don’t need to use that fancy Chromecast Ultra). As long as your Linux PC has a Chrome browser installed, it should work fine.

        However, there’s an important note included to say that they will be shipped out “in the same order that pre-orders were received”. So if your country still had them available yesterday and you ordered, you’re probably in for a wait. Justice said once your package ships, you will then get an email and sometime shortly after a code to activate it all.

      • Godlike village sim ‘Rise to Ruins’ has officially left Early Access with a huge upgrade

        Rise to Ruins (formerly Retro-Pixel Castles) is a great blend of genres, pulling in inspiration from the likes of Black and White, Rimworld, and Dwarf Fortress to make something entirely unique.

        After being in Early Access for nearly five years, this is a huge milestone for Raymond Doerr of SixtyGig Games. It’s another title I’ve followed along closely all these years, after personally purchasing it back in 2015 and it’s really delightful to play. The Linux support has been in good shape for a long time too, no noteworthy issues.

      • Stranger Things have entered Rocket League for the Haunted Hallows event

        As a big fan of both Stranger Things (the TV series) and Rocket League, I approve of the little crossover they’re currently doing for the new Halloween event the Haunted Hallows.

        Running from now until November 11 at 6PM UTC, the Farmstead Arena has been given a bit of a makeover to be a bit more spooky. Complete with a freaky creature called the Mind Flayer watching over the arena. During the event you can once again earn Candy Corn to redeem for new themed in-game items. I’m quite a big fan of the animated spider decal, looks awesome.

    • Desktop Environments/WMs
      • K Desktop Environment/KDE SC/Qt
        • Plasma 5.17.0

          Plasma 5.17 is the version where the desktop anticipates your needs. Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11. Your Plasma desktop also recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshow. If you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor.

          The best part? All these improvements do not tax your hardware! Plasma 5.17 is as lightweight and thrifty with resources as ever.

        • Plasma 5.17 is out!

          Plasma 5.17 is the version where the desktop anticipates your needs. Among many new features and improvements, your desktop now starts up faster; Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11; your Plasma desktop recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshows; and, if you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor.

        • KDE Plasma 5.17 Desktop Environment Officially Released, Here’s What’s New

          KDE Plasma 5.17 brings numerous new features and enhancements, such as Night Color support on X11, multi-screen and HiDPI improvements, fractional scaling on Wayland, support for managing and configuring Thunderbolt devices in System Settings, much-improved notifications with automatic detection of presentations, as well as Breeze GTK theme support for Google Chrome and Chromium web browsers.

        • KDE Plasma 5.17 Released With Wayland Improvements, Better HiDPI

          Plasma 5.17.0 is out as the newest desktop feature release from the KDE project.

          KDE Plasma 5.17 is another significant release with ongoing improvements for Wayland, ongoing work as well for better HiDPI handling, faster start-up performance, slight RGB hinting for font rendering is enabled by default, better Thunderbolt device integration, settings improvements, and many small feature additions.

          Notable on the Wayland front is that KWin now supports fractional scaling but there are also many fixes and other Wayland improvements too.

        • KDE Plasma 5.17 Arrives Packed Full of New Features

          Well, Plasma 5.17 boasts a native “night light” feature (dubbed ‘night color’) to help protect eye from blue light.

          This feature, which was previously available in Wayland but now supported in X11 sessions, is something all major desktop operating systems offer, including Ubuntu, macOS and Windows 10.

        • KDE Plasma 5.17 released

          The KDE project has announced the release of version 5.17 of the Plasma desktop environment.

        • [Qt Quick] Very Hot New Stuff

          K’, Hot off the presses, here’s some New Stuff for you, with the Quickness! …terribly sorry about that, i shall endeavour to do better. Let’s try that again.

          As of KDE Frameworks 5.63, released on 2019/10/12, we officially introduce the fruits of my labour over the last few months, the shiny, new Qt Quick components, which were created to bring the Qt Quick submodule of KNewStuff up to par with the old QWidget based UX. Not only that, they also bring with them some shiny, new abilities in KNewStuff, which previously did not have any concept of comments outside of the very basic information of how many a content item had (which, incidentally, was also incorrect, and had been since, well… since that code was written about a decade ago – guess nobody noticed, because the information is a bit useless on its own).

          [...]

          Also don’t hesitate to mention, when you discover it, the various holes in the documentation that undoubtedly are there, so that we might get those fixed. Even better yet, we are very happy to take patches over on Phabricator, both code and documentation ones. One thing that i know is missing is a porting guide, to help people transition from the old QWidgets based stuff to the Qt Quick components for people who have got applications they’re looking to port or are already porting.

      • GNOME Desktop/GTK
        • How GNOME uses Git

          “What’s your GitLab?” is one of the first questions I was asked on my first day working for the GNOME Foundation—the nonprofit that supports GNOME projects, including the desktop environment, GTK, and GStreamer. The person was referring to my username on GNOME’s GitLab instance. In my time with GNOME, I’ve been asked for my GitLab a lot.

          We use GitLab for basically everything. In a typical day, I get several issues and reference bug reports, and I occasionally need to modify a file. I don’t do this in the capacity of being a developer or a sysadmin. I’m involved with the Engagement and Inclusion & Diversity (I&D) teams. I write newsletters for Friends of GNOME and interview contributors to the project. I work on sponsorships for GNOME events. I don’t write code, and I use GitLab every day.

    • Distributions
      • New Releases
        • NuTyX 11.2 Available

          I’m very pleased to announce the new NuTyX 11.2 release.

          The 64-bit version contains more than 2800 packages upgraded.

          The 32-bit version of NuTyX, still actively supported contains more then 1800 packages upgraded.

          In the newest release, base NuTyX comes with the Long-Term Support (LTS) kernel 4.19.79 (4.9.196 for the 32-bit version).

          For 64-bit systems,the kernel release 5.3.6 is also available.

          The gnu compiler collection, gcc, is now gcc 9.2.0.

          The graphical server is xorg-server 1.20.5.

          The mesa lib is 19.2.1, gtk3 is 3.24.12, and qt has been updated to 5.13.1.

          Python interpreters 3.7.4 and 2.7.16 have been included in this release.

          The MATE Desktop Environment comes in 1.22.2, the latest version.

      • Screenshots/Screencasts
      • SUSE/OpenSUSE
        • The OpenStack Train keeps chugging on

          SUSE, formerly a Platinum member of the OpenStack Foundation, may have left the open-source, Infrastructure-as-a-Service (IaaS) OpenStack cloud, but the project is going to move forward with the forthcoming 20th release of OpenStack: Train.

          That’s because while SUSE may no longer find OpenStack profitable, others are finding it works well for them and for their customers. “OpenStack is the market’s leading choice of open-source infrastructure for containers, VMs and bare metal in private cloud,” said Mark Collier, COO of the OpenStack Foundation in a statement.

        • KDE neon 5.17

          KDE neon 5.17 is out. You can upgrade your existing KDE neon User Edition install or install fresh from an ISO image or run the Docker image. Featuring Plasma 5.17 it is packed full of new features according to OMG Ubuntu.

        • openSUSE OBS Can Now Build Windows WSL Images

          As Windows Subsystem for Linux (WSL) is becoming a critical piece of Microsoft’s cloud and data-center audience, openSUSE is working on technologies that help developers use distributions of their choice for WSL. Users can run the same WSL distribution that they run in the cloud or on their servers.

          The core piece of openSUSE’s WSL offering is the WSL appx files, which are basically zip files that contain a tarball of a Linux system (like a container) and a Windows exe file, the so called launcher.

      • Slackware Family
        • KDE Plasma 5 – Slackware October release

          I had already finished compiling KDE-5_19.10 and was waiting for the Plasma 5.17 public release announcement, when Pat upgraded libdvdread in slackware-current. That could mean trouble because of the dreaded ‘Shared library .so-version bump‘ message.
          But he added the older libdvdread.so.4 library to aaa_elflibs so that the k3b program in Plasma5 does not break, and hopefully it remains in there until after I recompile k3b (which ultimately happens for the Plasma5 November release).

          Unfortunately the earlier update of the ‘icu4c’ package broke some other stuff in Plasma5 as well. Be sure to install my ‘icu4c-compat‘ package, which contains the libraries from several older icu4c packages. Read my older article on ‘shared library .so version bumps‘ if you have not already done so, to understand the causes for this breakage.

          The packages for KDE-5_19.10 are available for download from my ‘ktown‘ repository. As always, these packages are meant to be installed on a full installation of Slackware-current which has had its KDE4 removed first. These packages will not work on Slackware 14.2.

      • Debian Family
        • State of Calibre in Debian

          To counter some recent FUD spread about Calibre in general and Calibre in Debian in particular, here a concise explanation of the current state.

          Many might have read my previous post on Calibre as a moratorium, but that was not my intention. Development of Calibre in Debian is continuing, despite the current stall.

          Since it seems to be unclear what the current blockers are, there are two orthogonal problems regarding recent Calibre in Debian: One is the update to version 4 and the switch to qtwebengine, one is the purge of Python 2 from Debian.

        • What to expect in Debian 11 Bullseye for nftables/iptables

          Debian 11 codename Bullseye is already in the works. Is interesting to make decision early in the development cycle to give people time to accommodate and integrate accordingly, and this post brings you the latest update on the plans for Netfilter software in Debian 11 Bullseye. Mind that Bullseye is expected to be released somewhere in 2021, so still plenty of time ahead.

          The situation with the release of Debian 10 Buster is that iptables was using by default the -nft backend and one must explicitly select -legacy in the alternatives system in case of any problem. That was intended to help people migrate from iptables to nftables. Now the question is what to do next.

        • Debian 11 To Further Deprecate IPTables In Favor Of Nftables Plus Promoting Firewalld

          With Debian 11 “Bullseye” the plan is to drop the “important” priority on the iptables package while promoting nftables to important. That change of priority effectively makes NFTables set to be installed by default for Debian 11 while dropping IPTables from the default package set. IPTables though is still expected to be found within the Debian 11 archive but not installed by default.

        • Debian XMPP Team: New Dino in Debian

          Dino (dino-im in Debian), the modern and beautiful chat client for the desktop, has some nice, new features.

          [...]

          Note, that users of Dino on Debian 10 (buster) should upgrade to version 0.0.git20181129-1+deb10u1, because of a number of security issues, that have been found (CVE-2019-16235, CVE-2019-16236, CVE-2019-16237).

        • Freexian’s report about Debian Long Term Support, September 2019

          Like each month, here comes a report about
          the work of paid contributors
          to Debian LTS.

      • Canonical/Ubuntu Family
        • Ubuntu 19.10 (Eoan Ermine) Enters Final Freeze Ahead of October 17th Release

          As of October 10th, the Ubuntu 19.10 release is officially in Final Freeze, the last step of its development stage, which means that only release critical bugs affecting the ISO images or the installers will be accepted in the archives. Release Candidate images are also now available for testing to ensure an uneventful and smooth release.

          “We will shut down cronjobs and spin some RC images late Friday or early Saturday once the archive and proposed-migration have settled a bit, and we expect everyone with a vested interest in a flavour (or two) and a few spare hours here and there to get to testing to make sure we have another uneventful release next week,” said Adam Conrad.

        • Design and Web team summary – 11 October 2019

          This was a fairly busy two weeks for the Web & design team at Canonical. This cycle we had two sprints. The first was a web performance workshop run by the amazing Harry Roberts. It was a whirlwind two days where we learned a lot about networking, browsers, font loading and more. We also spent a day working on implementing a lot of the changes. Hopefully our sites will feel a bit faster. More updates will be coming over the next few months. The second sprint was for the Brand and Web team, where we looked at where the Canonical and Ubuntu brands need to evolve. Here are some of the highlights of our completed work.

        • Ubuntu’s ZFS Trajectory Is Going From Exciting To Even More Exciting

          While it is already exciting to have the Ubuntu 19.10 desktop easily support installations to a root ZFS file-system, moving ahead with their original Zsys effort it should be even more exciting for Ubuntu storage possibilities on both the desktop and server.

          With Ubuntu 19.10 due for release on Thursday and the ZFS support now plumbed through Ubiquity and ready for the release, Canonical’s Didier Roche wrote about this Ubuntu 19.10 ZFS support.

        • Ubuntu ZFS support in 19.10: ZFS on root

          This is part 2 of our blog post series on our current and future work around ZFS on root support in ubuntu. If you didn’t yet read the introductory post, I strongly recommend you to do this first!

          Here we are going to discuss what landed by default ubuntu 19.10.

        • Ubuntu Weekly Newsletter Issue 600

          Welcome to the Ubuntu Weekly Newsletter, Issue 600 for the week of October 6 – 12, 2019.

    • Devices/Embedded
    • Free, Libre, and Open Source Software
      • Daniel Stenberg: Me, curl and Dagens Nyheter

        In the afternoon of October 1st 2019, I had the pleasure of welcoming Linus Larsson and Jonas Lindkvist into my home in Huddinge, south of Stockholm, Sweden. My home is also my office as I work full-time from home. These two fine gentlemen work for Sweden’s largest morning newspaper, Dagens Nyheter, which boasts 850,000 daily readers.

        Jonas took what felt like a hundred photos of me, most of them when I sit in my office chair at my regular desk where my primary development computers and environment are. As you can see in the two photos on this blog post. I will admit that I did minimize most of my regular Windows from the screens to that I would accidentally reveal something personal or sensitive, but the plus side is that if you pay close attention you can see my Simon Stålenhag desktop backgrounds better!

        Me and Linus then sat down and talked. We talked about my background, how curl was created and how it has “taken off” to an extent I of course could never even dream about. Today, I estimate that curl runs in perhaps ten billion installations. A truly mind boggling – and humbling – number.

      • Events
        • Akademy 2019 Talks Videos

          We now have the Akademy 2019 videos ready for you to enjoy, see the previous summary of talks on the dot for some inspiration on what to watch. The talk schedule has the full list

          We had keynotes on Developers Italia and the New Guidelines: Let the Open Source Revolution Start! by Leonardo Favario and Towards Qt 6 by Lars Knoll

          We also got updates on KDE Community’s goals

        • Gnome-shell Hackfest 2019 – Day 1

          There’s a decent number of attendants from multiple parties (Red Hat, Canonical, Endless, Purism, …). We all brought various items and future plans for discussion, and have a number of merge requests in various states to go through. Some exciting keywords are Graphene, YUV, mixed DPI, Xwayland-on-demand, …

          But that is not all! Our finest designers also got together here, and I overheard they are discussing usability of the lock screen between other topics.

          [...]

          This event wouldn’t have been possible without the Revspace hackerspace people and specially our host Hans de Goede. They kindly provided the venue and necessary material, I am deeply thankful for that.

        • LibreOffice Conference 2019: Meet the Engineering Steering Committee

          Who makes the big technical decisions in the LibreOffice project? In this video from our recent LibreOffice Conference in Spain, the Engineering Steering Committee (ESC) introduces itself and provides an update on the latest updates…

        • Hello from Nutanix .NEXT Copenhagen

          Nutanix is, of course, a fast growing software company that works with many of the same Independent Hardware Vendors (IHVs) as SUSE to deliver solutions in the Hyperconverged Infrastructure (HCI) space. Nutanix pioneered the HCI market and they position themselves as a key element to making it easier than ever before to design, build, and manage datacenter IT. They were originally a single source for turnkey HCI infrastructure, leveraging a close partnership with SuperMicro. They’ve since branched out become more hardware agnostic, supporting a variety of specialized HCI hardware from other vendors, including IBM, Lenovo, Dell, HPE, and Fujitsu.

        • GStreamer Conference 2019: Full Schedule, Talks Abstracts and Speakers Biographies now available

          The GStreamer Conference team is pleased to announce that the full conference schedule including talk abstracts and speaker biographies is now available for this year’s lineup of talks and speakers, covering again an exciting range of topics!

          The GStreamer Conference 2019 will take place on 31 October – 1 November 2019 in Lyon, France just after the Embedded Linux Conference Europe (ELCE).

        • openSUSE.Asia Summit 2019, Bali, Indonesia

          I was at openSUSE.Asia summit 5-6 Oct 2019 at Udayana University, Bali, Indonesia . It was a great experience to be there. I got the opportunity to meet Douglas DeMaio openSUSE project Manager, Dr. Gerald Pfeifer, Chairman openSUSE. It was really great to meet Neil McGovern and Rosanna Yuen, from GNOME Foundation. Rosanna shared GNOME stickers that I will share with my students back in India. I would like to congratulate openSUSE.Asia summit local organizing team. They had really done a great job. It was a nice combination of quality talks and keynotes. I also presented my proposal at the conference for openSUSE.Asia 2020 to happen in India next year. It is been more than six year that I am an open source practitioner and promoter. It has been memorable Journey till date..

        • Join Us at the Open Source Summit Europe

          The Open Source Summit Europe, a premier open source events hosted by The Linux Foundation, will take place October 28-30 in Lyon, France at the Lyon Convention Centre. It is the leading conference for developers, architects, and other technologists – as well as open source community and industry leaders – to collaborate, share information, learn about the latest technologies and gain a competitive advantage by using innovative open solutions. Over 2,000 attendees are expected to gather for Open Source Summit Europe this year.

        • Join SUSE, AWS, SAP and Lemongrass in Sydney for a half-day workshop
        • Grace Hopper Conference 2019

          We are so excited about what just happened that we felt we should tell everyone about it!

          A group of 24 of us at Canonical from various teams including sales, HR and engineering, attended the Grace Hopper Celebration in Orlando, Florida. This year, it was an epic gathering of more than 26,000 people from all over the globe interested in tech. Despite its start as women’s work, the tech industry has gained a reputation of being dominated by and mostly suited for men. In reality, this only made the Grace Hopper conference feel more impactful, especially knowing that in its very first edition in 1994, only 500 women were present at the event. The Grace Hopper Conference was an awesome celebration of women; diverse, multi-talented, and deeply skilled!

          Both women and men, mostly students, interested in everything from security to machine learning came by the Canonical booth to hear about Ubuntu. We brought along an Orange box so we could demo MaaS, Openstack, and other incredible technologies happening on Ubuntu at Canonical.

        • Ubucon Europe 2019 | Sintra edition [Ed: Not English, but lots of photos here]
      • Web Browsers
        • Mozilla
          • Karl Dubost: This is not a remote work

            I have started working in a distributed environment very early. In 1994, when I was studying for my DEA in Astrophysics and Spatial Techniques, I was also doing my national service (mandatory at the time) at Observatoir de Meudon in France. The work included working with people and data across the world. Probably my first experience of having to deal with alocalized, asynchronous tasks.

            But my skills of really working in a distributed environment was when I landed a job at W3C from 2000 to 2008. There is a specific culture at W3C which is first class in terms of working in a distributed fashion. This is essential. I worked both from offices and from home (or cafes or airports). Location didn’t matter that much. I had years where I worked only in offices, and years working exclusively not from an office. I insist on saying “not from an office” compared “from home”.

            Then I worked for Opera Software from 2010 to 2013, again not in an office. And the same for Mozilla from 2013.

            W3C is still the place which fares the best in terms of working in a distributed, alocalized fashion. At Mozilla, for example, too many people relies on slack discussions, closed google documents or private email threads for working. This should not happen.

          • Firefox’s New WebSocket Inspector

            The Firefox DevTools team and our contributors were hard at work over the summer, getting Firefox 70 jam-packed with improvements. We are especially excited about our new WebSocket inspection feature, because you told us in feedback how important it would be for your daily work.

            To use the inspector now, download Firefox Developer Edition, open DevTools’ Network panel to find the Messages tab. Then, keep reading to learn more about WebSockets and the tricks that the new panel has up its sleeve.

            But first, big thanks to Heng Yeow Tan, the Google Summer of Code (GSoC) student who’s responsible for the implementation.

          • has google won the browser wars? – should Mozilla build their own SmartPhones?

            on the desktop: one refuses to believe it.

            on mobile: should Mozilla start building their own SmartPhone and ship Firefox.apk per default?

          • Why you should review your credit report after a data breach

            When significant data breaches happen where high risk data is at stake, there’s often a lot of talk about credit reports. Some companies that have been hacked may even be required to provide credit monitoring to their customers as part of their breach notification requirements. Whether the breached company provides credit monitoring or not, security experts recommend you check your credit reports for suspicious activity. To protect your identity, they also recommend you freeze your credit. Here’s what that means and why it’s important.

          • Search Engine add-ons to be removed from addons.mozilla.org

            For the last eleven years, Firefox Search Engine add-ons have been powered by OpenSearch. With the recent implementation of the search overrides API, a WebExtensions API that offers users more controls for opting into changes, Mozilla intends to deprecate OpenSearch and eventually remove it from Firefox. Search Engine add-ons will be removed from AMO on December 5, 2019.

          • Improved Security and Privacy Indicators in Firefox 70

            The upcoming Firefox 70 release will update the security and privacy indicators in the URL bar.

            In recent years we have seen a great increase in the number of websites that are delivered securely via HTTPS. At the same time, privacy threats have become more prevalent on the web and Firefox has shipped new technologies to protect our users against tracking.

            To better reflect this new environment, the updated UI takes a step towards treating secure HTTPS as the default method of transport for websites, instead of a way to identify website security. It also puts greater emphasis on user privacy.

      • SaaS/Back End/Databases
        • Dodging derailment by SUSE, OpenStack Train is scheduled to arrive this week

          With its OpenInfrastructure summit mere weeks away, the OpenStack gang is emitting its next release in the form of “Train” with a focus on data protection and machine learning.

          The release comes after foundation platinum member SUSE threw in the towel over OpenStack Cloud in order to move on to a bright, Kubernetes-based future.

          Not that the “S” word was mentioned, even in a waveringly high-pitched tone, as OpenStack readied Train ahead of a release expected on 16 October.

          As is the norm, OpenStack was keen to shout about the more than 25,500 accepted code changes this time around, from 1,125 developers over 150 organisations. A glance at the content of the release shows that OpenStack is as bewilderingly vast as ever, although a number of tweaks merit closer attention.

        • PostgreSQL 12 boosts open source database performance

          Performance gains are among the key highlights of the latest update of the open source PostgreSQL 12 database.

          PostgreSQL 12 became generally available Oct. 3, providing users of the widely deployed database with multiple enhanced capabilities including SQL JSON query support and improved authentication and administration options. The PostgreSQL 12 update will potentially affect a wide range of use cases in which the database is deployed, according to Noel Yuhanna, an analyst at Forrester Research.

          “Organizations are using PostgreSQL to support all kinds of workloads and use cases, which is pushing the needs for better performance, improved security, easier access to unstructured data and simplified deployments,” Yuhanna said. “To address this, PostreSQL12 improves performance by improving its indexing that requires less space and has better optimization to deliver faster access.”

      • Productivity Software/LibreOffice/Calligra
        • Coming up on October 21: First Bug Hunting Session for LibreOffice 6.4!

          LibreOffice 6.4 is being developed by our worldwide community, and is due to be released in early February 2020 – see the release notes describing the new features here. Of course, we’re still early in the development cycle, so many more features are still to come!

          In order to find, report and triage bugs, the LibreOffice QA team is organizing the first Bug Hunting Session for LibreOffice 6.4 on Monday October 21, 2019. Tests will be performed on the first Alpha version, which will be available on the pre-releases server a few days before the event. Builds will be available for Linux (DEB and RPM), macOS and Windows, and can be installed and run in parallel along with the production version.

          Mentors will be available from 07:00 UTC to 19:00 UTC for questions or help in the IRC channel #libreoffice-qa and the Telegram QA Channel. Of course, hunting bugs will be possible also on other days, as the builds of this particular Alpha release (LibreOffice 6.4.0 Alpha 1) will be available until mid November. Check the Release Plan.

        • Microsoft Office for free? Try these great alternatives

          Libre Office has been around in its current form since 2010 when it split from Free Office and has never failed to impress. Stemming from The Document Foundation, Libre Office is free and open-source software meaning it is worked on by a global community of collaborating developers.

          With Libre Office, you’ll find comparable programs to Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and more. You’ll also be able to run Libre Office on Microsoft Windows devices as well as Apple devices running Mac OS. Libre Office works on Linux machines too. There is also a Libre Office app for viewing your PDF files on Android devices and a plethora of add-ons to play around with too.

      • CMS
        • Responsible Participation In Online Communities

          In our first article in this series, we highlighted the WordPress mission to democratize publishing. WordPress introduced a tool to independent and small publishers who did not have the resources of the larger publishing platforms. Access to a free content management system to create websites has empowered thousands of people to find their voice online. People have been able to share their enthusiasm for hobbies, causes, products and much more. Through these different voices, we can encourage understanding, spark creativity, and create environments where collaboration can happen. But as we build more digital communities, it’s easy to forget that online safety is a group effort.

        • WordPress 5.3 Release Candidate

          The first release candidate for WordPress 5.3 is now available!

          This is an important milestone as we progress toward the WordPress 5.3 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.3 is currently scheduled to be released on November 12, 2019, but we need your help to get there—if you haven’t tried 5.3 yet, now is the time!

        • Top 20 Best NodeJS CMS Platforms To Use in 2019

          NodeJs has been a popular web framework. It has been used to develop highly scalable web applications. A statistic shows that more than 1.5 Lakh websites are using NodeJs on a regular basis. And the number is increasing proportionally. When it comes to Content Management System (CMS), many NodeJs frameworks have been leading the way to a consistent digital content platform. For years now, NodeJs has been used to create some powerful CMS architectures. If you look closely, you will find some useful NodeJs CMS structures that you have been looking for your projects.

      • FSF/FSFE/GNU/SFLC
        • Meet the Villupuram group of engineers educating students about free and open software

          small group of software engineers are changing the face of computer education in Tamil Nadu’s Villupuram, empowering students from working class families by giving them a strong foundation in software programming. The Villupuram GNU/Linux Users Group (GLUG) is a not-for-profit initiative by a group of software professionals and students who believe in software freedom.

          Stared in 2013 by a group of six software engineers, the Villupuram chapter of GLUG was formed as part of a global social movement aimed at educating people about free software.

          Vijisulochana (Viji), the group’s current representative, tells TNM that the Villupuram GLUG is focused on training interested students so as to make them technically strong.

          “Students can always get trained in software training centres, but those centres may not be best equipped to teach them all the latest software developments. We also choose a handful of deserving students based out of Villupuram for whom travelling to Chennai or to other centres in town may not be financially viable. Here, we do it for free,” she says. Their weekly sessions are attended by hundreds of students.

        • Installing Gerrit and Keycloak for GDB

          Back in September, we had the GNU Tools Cauldron in the gorgeous city of Montréal (perhaps I should write a post specifically about it…). One of the sessions we had was the GDB BoF, where we discussed, among other things, how to improve our patch review system.

          I have my own personal opinions about the current review system we use (mailing list-based, in a nutshell), and I haven’t felt very confident to express it during the discussion. Anyway, the outcome was that at least 3 global maintainers have used or are currently using the Gerrit Code Review system for other projects, are happy with it, and that we should give it a try. Then, when it was time to decide who wanted to configure and set things up for the community, I volunteered. Hey, I’m already running the Buildbot master for GDB, what is the problem to manage yet another service? Oh, well.

          Before we dive into the details involved in configuring and running gerrit in a machine, let me first say that I don’t totally support the idea of migrating from mailing list to gerrit. I volunteered to set things up because I felt the community (or at least the its most active members) wanted to try it out. I don’t necessarily agree with the choice.

          Ah, and I’m writing this post mostly because I want to be able to close the 300+ tabs I had to open on my Firefox during these last weeks, when I was searching how to solve the myriad of problems I faced during the set up!

        • Bradley M. Kuhn: On Recent Controversial Events

          The last 33 days have been unprecedentedly difficult for the software freedom community and for me personally. Folks have been emailing, phoning, texting, tagging me on social media (— the last of which has been funny, because all my social media accounts are placeholder accounts). But, just about everyone has urged me to comment on the serious issues that the software freedom community now faces. Until now, I have stayed silent regarding all these current topics: from Richard M. Stallman (RMS)’s public statements, to his resignation from the Free Software Foundation (FSF), to the Epstein scandal and its connection to MIT. I’ve also avoided generally commenting on software freedom organization governance during this period. I did this for good reason, which is explained below. However, in this blog post, I now share my primary comments on the matters that seem to currently be of the utmost attention of the Open Source and Free Software communities.

          I have been silent the last month because, until two days ago, I was an at-large member of FSF’s Board of Directors, and a Voting Member of the FSF. As a member of FSF’s two leadership bodies, I was abiding by a reasonable request from the FSF management and my duty to the organization. Specifically, the FSF asked that all communication during the crisis come directly from FSF officers and not from at-large directors and/or Voting Members. Furthermore, the FSF management asked all Directors and Voting Members to remain silent on this entire matter — even on issues only tangentially related to the current situation, and even when speaking in our own capacity (e.g., on our own blogs like this one). The FSF is an important organization, and I take any request from the FSF seriously — so I abided fully with their request.

          The situation was further complicated because folks at my employer, Software Freedom Conservancy (where I also serve on the Board of Directors) had strong opinions about this matter as well. Fortunately, the FSF and Conservancy both had already created clear protocols for what I should do if ever there was a disagreement or divergence of views between Conservancy and FSF. I therefore was recused fully from the planning, drafting, and timing of Conservancy’s statement on this matter. I thank my colleagues at the Conservancy for working so carefully to keep me entirely outside the loop on their statement and to diligently assure that it was straight-forward for me to manage any potential organizational disagreements. I also thank those at the FSF who outlined clear protocols (ahead of time, back in March 2019) in case a situation like this ever came up. I also know my colleagues at Conservancy care deeply, as I do, about the health and welfare of the FSF and its mission of fighting for universal software freedom for all. None of us want, nor have, any substantive disagreement over software freedom issues.

          I take very seriously my duty to the various organizations where I have (or have had) affiliations. More generally, I champion non-profit organizational transparency. Unfortunately, the current crisis left me in a quandary between the overarching goal of community transparency and abiding by FSF management’s directives. Now that I’ve left the FSF Board of Directors, FSF’s Voting Membership, and all my FSF volunteer roles (which ends my 22-year uninterrupted affiliation with the FSF), I can now comment on the substantive issues that face not just the FSF, but the Free Software community as a whole, while continuing to adhere to my past duty of acting in FSF’s best interest. In other words, my affiliation with the FSF has come to an end for many good and useful reasons. The end to this affiliation allows me to speak directly about the core issues at the heart of the community’s current crisis.

        • Meet the FSF staff in Raleigh, NC on October 15

          On Tuesday, October 15th, the Free Software Foundation (FSF) staff would like to meet you at a social event at Raleigh’s Whiskey Kitchen!

          Executive director John Sullivan, licensing and compliance manager Donald R. Robertson, III, copyright and licensing associate Craig Topham, and program manager Zoë Kooyman, will all be in Raleigh, NC on October 15th, in anticipation of this year’s licensing seminar on GPL Enforcement and Legal Ethics.

          We look forward to hosting this informal meetup to show our appreciation for your support of the FSF’s work. We’ll share some bites and drinks while giving you the opportunity to meet other FSF associate members and supporters while learning about what the FSF is currently working on. We are curious to hear your thoughts, and would love to answer any questions you may have.

      • Openness/Sharing/Collaboration
      • Programming/Development
        • Python 3.7.5 is now available

          Note that the next feature release of Python 3, Python 3.8.0, is also now available. Python 3.8 contains many new features and optimizations. You should consider upgrading to it. We plan to continue regular bugfix releases of Python 3.7.x through mid-year 2020 and provide security fixes for it until mid-year 2023. More details are available in PEP 537, the Python 3.7 Release Schedule (https://www.python.org/dev/peps/pep-0537/).

        • PyPy v7.2 released

          As always, this release is 100% compatible with the previous one and fixed several issues and bugs raised by the growing community of PyPy users. We strongly recommend updating. Many of the fixes are the direct result of end-user bug reports, so please continue reporting issues as they crop up.

        • PyPy 7.2 released

          Version 7.2 of PyPy, an implementation of the Python language, is out.

        • PyPy 7.2 Released With Full 64-bit AArch64 Support, PyPy 3.6 Beyond Beta

          PyPy 7.2 is out today as a big update for this alternative Python implementation that currently provides interpreters for compatibility with Python 2.7 and Python 3.6.

          In cooperation with Arm and Crossbar.io, PyPy developers have been working on complete 64-bit ARM (AArch64) support and this summer they achieved getting the PyPy JIT running on 64-bit ARM. PyPy 7.2 is the first release with this 64-bit ARM support now in good standing.

        • Python 3.8.0 : New release of python development.

          Good news from the python development area with the new release of python development:
          Python 3.7.5 Oct. 15, 2019 and Python 3.8.0 Oct. 14, 2019

          Now you can use the new python version 3.8.0 from the official webpage.

        • Python 3.8.0 released

          Version 3.8.0 of the Python language has been released. New features include the controversial assignment expressions, positional-only arguments, the Vectorcall mechanism, and more; see the what’s new in Python 3.8 document for more information.

        • Python 3.8.0 is now available

          On behalf of the Python development community and the Python 3.8 release team, I’m pleased to announce the availability of Python 3.8.0.

          Python 3.8.0 is the newest feature release of the Python language, and it contains many new features and optimizations. You can find Python 3.8.0 here:

          https://www.python.org/downloads/release/python-380/

          Most third-party distributors of Python should be making 3.8.0 packages available soon.

        • Python 3.8 Released With Assignment Expressions, Runtime Audit Hooks

          Python 3.8 brings support to the Python syntax for assignment expressions, positional-only parameters, a parallel file-system cache for compiled bytecode files, runtime audit hooks, Pickle protocol 5 support and its ability to handle out-of-band buffers, many module improvements like a shared memory multi-processing module, Vectorcall as a fast calling protocol for CPython, and various performance improvements.

        • Announcing Rustup 1.20.0

          The rustup working group is happy to announce the release of rustup version 1.20.0. Rustup is the recommended tool to install Rust, a programming language that is empowering everyone to build reliable and efficient software.

        • Uploading Files to AWS S3 with Python and Django

          In the quest to build more interactive websites, we don’t only relay information to users but also allow them to upload data of their own. This opens up more opportunities and more ways that our websites can serve the end-users.

          By allowing users to upload files, we can allow them to share photographs, videos, or music with others or back them up for safekeeping. We can also provide the functionality to manage files and convert them into other formats through websites instead of installing native apps.

          The rise of social media globally can be attributed to the ability of users to upload their files, mostly in the form of images and videos for other users to see and also as a means of communication. By enabling users to upload files to websites and platforms, means of communication have been enhanced and information can now be spread in very many different formats.

          In this post, we will explore how Django handles file uploading and how we can tap into and extend this functionality with cloud storage to suit our needs.

        • PyCoder’s Weekly: Issue #390 (Oct. 15, 2019)
        • The Python range() Function

          Python’s built-in range function is handy when you need to perform an action a specific number of times. As an experienced Pythonista, you’ve most likely used it before. But what does it do?

        • Perl 6 renamed to Raku

          The pull request changing the name of Perl 6 to Raku has been merged. See the full text for more information. “This document describes the steps to be taken to effectuate a rename of ‘Perl 6′ to ‘Raku’, as described in issue #81. It does not pretend to be complete in scope or in time. To change a name of a project that has been running for 19+ years will take time, a lot of effort and a lot of cooperation. It will affect people in foreseen and unforeseen ways.”

        • Top three mistakes with K-Means Clustering during data analysis

          In this post, we will take a look at a few cases, where KMC algorithm does not perform well or may produce unintuitive results.

        • Agile project management: 10 mistakes to avoid

          Agile project management holds a lot of promise for leaders. Those who have successfully made the switch in their organizations sing agile’s praises, like the ability to rapidly course-correct, release software faster, and create happier teams and customers. But if you’ve been working at it for a while and you still aren’t seeing the promised benefits, you might start to think that agile is more hype than substance, or that it isn’t right for your organization.

      • Standards/Consortia
        • Heading levels

          the headings would be “Apples” (level 1), “Taste” (level 2), “Sweet” (level 3), “Color” (level 2). Determining the level of any given heading requires traversing through its previous siblings and their descendants, its parent and the previous siblings and descendants of that, et cetera. That is too much complexity and optimizing it with caches is evidently not deemed worth it for such a simple feature.

          However, throwing out the entire feature and requiring everyone to use h1 through h6 forever, adjusting them accordingly based on the document they end up in, is not very appealing to me. So I’ve been trying to come up with an alternative algorithm that would allow folks to use h1 with sectioning elements exclusively while giving assistive technology the right information (default styling of h1 is already adjusted based on nesting depth).

          The simpler algorithm only looks at ancestors for a given heading and effectively only does so for h1 (unless you use hgroup). This leaves the above example in the weird state it is in in today’s browsers, except that the h1 (“Color”) would become level 2. It does so to minimally impact existing documents which would usually use h1 only as a top-level element or per the somewhat-erroneous recommendation of the HTML Standard use it everywhere, but in that case it would dramatically improve the outcome.

  • Leftovers
    • Health/Nutrition
      • Mental health experts see Trump is dangerous, but our professional gatekeepers protect him

        Trump is psychologically unfit: President Donald Trump’s poor mental health is grounds for impeachment

        In response, the American Psychiatric Association (APA) has effectively gagged an entire profession, thus protecting a destructive government.

        The organization’s ethical guideline includes an affirmative obligation: to “contribut(e) to the improvement of the community and the betterment of public health.” In the midst of this political moment, the APA emphasized only one part of this guideline, the do-not-diagnose part, known as the so-called Goldwater Rule. Rather than take on a leadership role that acknowledges our profession’s societal responsibility at a critical time, the APA released statements that appear to suppress the educate-to-better-public-health part.

    • Security (Confidentiality/Integrity/Availabilitiy)
      • Debian and Ubuntu Patch Critical Sudo Security Vulnerability, Update Now

        Discovered by Joe Vennix, the security vulnerability (CVE-2019-14287) could be exploited by an attacker to execute arbitrary commands as the root user (system administrator) because sudo incorrectly handled certain user IDs when it was configured to allow users to run commands as an arbitrary user through the ALL keyword in a Runas specification.

        “Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID- -1 or 4294967295,” reads Debian’s security advisory.

      • Flaw In Sudo Enables Non-Privileged Users To Run Commands As Root

        A vulnerability has been discovered in Sudo — one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system. The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access. Sudo, stands for “superuser do,” is a system command that allows a user to run applications or commands with the privileges of a different user without switching environments — most often, for running commands as the root user.

      • Sudo Flaw Lets Linux Users Run Commands As Root Even When They’re Restricted

        A vulnerability has been discovered in Sudo—one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system.
        The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access.
        Sudo, stands for “superuser do,” is a system command that allows a user to run applications or commands with the privileges of a different user without switching environments—most often, for running commands as the root user.

      • Linux security hole: Much sudo about nothing

        There’s a lot of hubbub out there now about a security hole in the Unix/Linux family’s sudo command. Sudo is the command, which enables normal users to run commands as if they were the root user, aka the system administrator. While this sudo security vulnerability is a real problem and needs patching, it’s not nearly as bad as some people make it out to be.

        At first glance the problem looks like a bad one. With it, a user who is allowed to use sudo to run commands as any other user, except root, can still use it to run root commands. For this to happen, several things must be set up just wrong.

        First the sudo user group must give a user the right to use sudo but doesn’t give the privilege of using it to run root commands. That can happen when you want a user to have the right to run specific commands that they wouldn’t normally be able to use. Next, sudo must be configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification.

      • Linux Sudo bug opens root access to unauthorized users

        Sudo, the main command in Linux that allows users to run tasks, has been found to have a vulnerability that allows unauthorized users to execute commands as a root user.

        The vulnerability, known as CVE-2019-14287, does require a nonstandard configuration but nonetheless does open the door to unauthorized users.

        The vulnerability allows users to bypass the nonroot restriction by simply using -u#-1 in the command line. As The Hacker News described it Monday, the sudo security policy bypass issue allows “a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the ‘sudoers configuration’ explicitly disallows the root access.”

      • Potential bypass of Runas user restrictions

        When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.

        This can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification.

        Log entries for commands run this way will list the target user as 4294967295 instead of root. In addition, PAM session modules will not be run for the command.

      • WordPress 5.2.4 Security Release

        WordPress 5.2.4 is now available! This security release fixes 6 security issues.

        WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Updated versions of WordPress 5.1 and earlier are also available for any users who have not yet updated to 5.2.

      • Ubuntu Releases Patch for Major ‘sudo’ Security Exploit

        Canonical has issued an urgent security fix to the ‘sudo’ package in the Ubuntu archives following the discovery of a major security flaw.

        A critical fix has rolled out to all users of Ubuntu 16.04 LTS, 18.04 LTS, 19.04 and 19.10 (and one assumes Ubuntu 14.04 ESR too) — just run a sudo apt upgrade to install it.

        But what about the flaw inquisition? Well, if you’re yet to hear about it I appreciate meditative disconnect from social media. The oft toxic waste pools of chatter were with wet with alarm — some manufactured, the rest well weighted — over CVE-2019-14287 when it was announced yesterday, October 14.

      • Security updates for Tuesday

        Security updates have been issued by Debian (sudo and xtrlock), openSUSE (sudo), Red Hat (Single Sign-On), Slackware (sudo), SUSE (binutils, dhcp, ffmpeg, kernel, kubernetes-salt, sudo, and tcpdump), and Ubuntu (sudo).

    • Defence/Aggression
      • Trump’s Undeclared State of Emergency

        Trump’s public appeal to China last week to help with uncovering dirt on the Biden family was both a brazen flouting of the law and (it pains me to say) an astute political tactic.

      • Britain Isn’t the Only Empire Headed for the Dustbin of History

        Donald Trump may prove to be the ultimate Brexiteer. Back in August 2016, in the midst of his presidential campaign, he proudly tweeted, “They will soon be calling me MR. BREXIT!” On the subject of the British leaving the European Union (EU) he’s neither faltered nor wavered. That June, he was already cheering on British voters, 51.9% of whom had just opted for Brexit in a nationwide referendum. They had, he insisted, taken “their country back” and he predicted that other countries, including you-know-where, would act similarly. As it happened, Mr. “America First” was proven anything but wrong in November 2016.

      • Graphically Violent Parody Video Shown at Trump Resort

        A graphically violent parody video, shown at a meeting of President Donald Trump’s supporters at his Miami resort, depicted a likeness of the president shooting and stabbing his opponents and members of the news media in a church, The New York Times reported Sunday.

      • What Evil Empire?

        When did the Cold War begin? In 1917! When, if ever, did it end? Never! What is its most dramatic moment? The dropping of atomic bombs on Hiroshima and Nagasaki! Who if anyone won? No one!

      • As Turkey Prepares to Slice Through Syria, the US has Cleared a New Breeding Ground for Isis

        “Never get into a well with an American rope” goes the saying spreading across the Middle East, as the US abandons its Kurdish allies in Syria to a Turkish invasion force. People in the region are traditionally cynical about the loyalty of great powers to their local friends, but even they are shocked by the speed and ruthlessness with which Donald Trump greenlit the Turkish attack.

      • Trump Orders Turkey Sanctions as U.S. Scrambles for Syria Exit

        Targeting Turkey’s economy, President Donald Trump announced sanctions Monday aimed at restraining the Turks’ assault against Kurdish fighters and civilians in Syria — an assault Turkey began after Trump announced he was moving U.S. troops out of the way.

      • ‘No Friend But the Mountains’: A History of US Betrayal of the Kurds

        To be clear, what follows is not an endorsement of a continued US military presence in Syria. There is, however, a difference between President Donald Trump attempting to fulfill a campaign promise to end American involvement in wars that have cost so much in blood and treasure and giving the green light to what many fear will be the great death and destruction, even ethnic cleansing, that will accompany a Turkish invasion of Syrian Kurdistan. Trump’s announcement on Sunday that the United States would step aside and allow the Turks to launch their long-desired offensive against Syria’s Kurds is nothing less than the latest of many epic US betrayals of a steadfast ally, one which has stood and fought with America in conflicts for over half a century. The president’s crass dismissal of his country’s latest abandonment of the Kurds — “they didn’t help us at Normandy,” he said — pours salt in the wound of a proud, loyal people who have time and again laid down their lives in service of their own freedom — and US interests.

      • The Apotheosis of Emperors

        Sometimes it may be instructive to look beyond foreign policy and pay attention to the actors and their words. I was struck by one of Trump’s tweets of this week not because of the threatening reference to Turkey (“I will totally destroy and obliterate the Economy of Turkey”) or the reason given (if Turkey…considers to be off limits”), but by his parenthetical statement “in my great and unmatched wisdom”. No one – maybe not even his supporters – would question the fact that Trump has a huge ego (problem) but his self-declared prowess in wisdom does show lack of modesty to say the least.

      • What the new 16th Air Force means for information warfare

        What was not immediately clear, however, is how cyber will be integrated into the information warfare cells for air components across other combatant commands because other service Joint Force Headquarters-Cybers are responsible for conducting cyber operations at the other combatant commands.

        One of the ultimate goals for the new organization will be to better prepare the service, and by extension, the joint force, in the so-called “competition phase” below the threshold of armed conflict every day.

      • Conviction, 26-Year Prison Term for Stabbing of Americans at Amsterdam CS

        After his arrest, S. quickly confessed to the attack. He told the court that he came to the Netherlands to “kill unfair and cruel people” and that his only mistake was that he did not stab people who were from the Netherlands. In previous statements to the police, S. said that he was angry with PVV leader Geert Wilders for insulting Islam by arranging a prophet-Mohammed cartoon contest, and angry at the Netherlands for not stopping him.

      • Turkish-Backed Forces Are Freeing Islamic State Prisoners

        The claim pours cold water on U.S. President Donald Trump’s suggestion on Twitter that the Syrian Kurdish fighters tasked with guarding the prisons released the detainees to grab U.S. attention after the Defense Department ordered all U.S. troops to evacuate the region.

        Backed by Turkey, the Free Syrian Army (FSA), a decentralized band of Syrian rebels that has been linked to extremist groups, has launched a bloody assault on northeastern Syria, executing Kurdish prisoners and killing scores of unarmed civilians and Kurdish fighters with the Syrian Democratic Forces (SDF).

      • The Kurds
      • Trump is Selling Out America in Syria and Beyond

        This is shameful and criminal. At the very least, it is impeachable.

    • Transparency/Investigative Reporting
    • Environment
      • Green Party statement on the arrest of Ellie Chowns MEP

        The right to peaceful protest is a fundamental pillar of a liberal democracy. We stand in solidarity with Ellie Chowns MEP who was arrested late on Monday 14th October while peacefully attending the Extinction Rebellion gathering in Trafalgar Square.

        It is disturbing that the Metropolitan Police should impose a Section 14 across the whole of London, after 9pm on Monday 14th October. This is a disproportionate response to peaceful protest and to responsible expressions of democracy at this critical time for the planet.

      • NS Called to Create More Room for Bikes on Trains

        According to Fietsersbond, the number of travelers who want to take their bicycle on the train is growing by 10 to 20 percent per year. There is already a shortage of thousands of spaces to park bicycles in trains, director Saskia Kluit said to the newspaper. “On beautiful cycling days in particular, it is doom and gloom and often families or groups of cyclists have to stay behind on the platforms. We advocate for separate, single-story bicycle wagons on railway lines to popular recreational areas.”

      • Investment banks have plowed more than $700 billion into fossil fuels since the Paris climate agreement

        Using the data, the British paper found that JPMorgan was the biggest culprit when it came to providing “loans, equity issuances, and debt underwriting” to companies working within the various sectors that use fossil fuels, providing more than $75 billion between 2016 and mid-2019.

        Markets Insider reported last week that Goldman Sachs says climate change is “at the top of investors minds,” while JPMorgan said that the past two years have been a “watershed” moment for climate change awareness.

      • Can Extinction Rebellion Put Climate Change ‘Beyond Politics’?

        Extinction Rebellion began just under a year ago, when rebels occupied five bridges in London. Since then, the movement has taken off. In April it blocked four major intersections for over a week, which led to mass arrests, traffic jams, and lots of press. With press came money: XR is now one of the best-funded protest movements in the world. It has affiliate chapters in more than 60 countries. (Because its organizing structure is horizontal, each local XR group is autonomous.) October 7 marked the start of a “global rebellion”: two weeks of nonviolent civil disobedience in cities all over the world, from Melbourne (where rebels organized a “nudie run” and glued themselves to buildings) to New York (where they doused the Wall Street bull in fake blood).

        But the epicenter remains London, where tens of thousands of rebels from across the UK have converged on six sites around Westminster. [...]

      • The harm from worrying about climate change

        Back in 2014, my partner and I marked a date in our shared online calendar. Unusually, this was for 27 August 2015 – a year ahead. It was an arbitrary date.

        We’re indecisive when it comes to big life decisions, and this was the biggest: whether to have children. We were aware that, now in our 30s, we couldn’t wait indefinitely to decide. So we marked “baby-making conversation” in the calendar, as ever using irreverence in an attempt to make weighty matters seem less daunting, and happily pushed the question away for the time being.

        But 27 August 2015 came and went. We felt no more prepared. We moved the date back another year. Then 27 August 2016 passed too. Clearly our stratagem hadn’t worked. While plenty of factors affected our ambivalence, the personality-level issues were overshadowed by a global one: anxiety about a future planet made unliveable by climate change.

        Climate change harms mental wellbeing in a number of ways. From trauma and stress following disasters, to relationship damage caused by separation and displacement, the psychological effects of climate change can be enduring. Of course, these effects are heightened for certain vulnerable populations, such as elderly and low-income people, as well as those on the frontlines of climate change.

      • Global Climate Strike: From Protest To Power?

        Climate justice advocates enthusiastically report that the recent Global Climate Strike involved 7.6 million people in 6,500 events that took place in 185 countries, supported by 8,500 websites, 3,000 companies, and 73 trade unions. Behind the headlines is this fact: with the exception of Morocco, no country in the world is complying with its Paris Climate Accord commitment, and the U.S. has dropped out of the international agreement.

      • Extreme heatwaves pose spreading threat

        Rising temperatures mean that heatwaves will become hotter, more frequent, last longer and will cover much wider areas.

      • John Oliver’s Dire Forecast for Our National Weather Service (Video)
      • Energy
        • “The Grid” is the Problem, Not the Solution

          On October 9, Pacific Gas & Electric began shutting down power to about 750,000 customers (affecting as many as 2 million people) in California. The company claims the shutdowns are necessary to reduce the risk that its power lines and other infrastructure will cause wildfires like last year’s Camp Fire, which killed 85 people and and caused $16.5 billion in damage.

      • Wildlife/Nature
    • Finance
      • The Economics and Politics of Financial Transactions Taxes and Wealth Taxes

        Last month, the Washington Post reported that Joe Biden is considering including a financial transactions tax (FTT) as part of his campaign for the Democratic nomination. For those of us who have long advocated such a tax, this is very good news.

      • Class Struggle is Still the Issue

        The Manifesto of the Communist Party by Marx and Engels famously begins with: “The history of all hither existing societies is the history of class struggles.” The United States is no exception, although for many decades it was depicted as a classless society. Later they add: “The ruling ideas of each age have ever been the ideas of its ruling class.”

    • AstroTurf/Lobbying/Politics
      • Sanders Distinguishes Himself From Warren in No Uncertain Terms

        White House hopeful Sen. Bernie Sanders distinguished himself from Sen. Elizabeth Warren—another top competitor in the Democratic presidential primary—by highlighting their different beliefs on economic policy during an interview with ABC News chief White House correspondent Jonathan Karl that aired Sunday.

      • Ralph Nader: Trump’s High Crimes Go Way Beyond Ukraine

        It is time for the House of Representatives to announce comprehensive articles of impeachment against the chronic outlaw and violator of the public trust—President Donald J. Trump who won the Electoral College, but lost the popular vote.

      • Republicans Are Going to Remove Trump Soon

        It will not be long before Trump is out of the White House and off the 2020 presidential ballot.

      • The Sudden Martyrdom of the Government Whistleblower
      • Joe Biden Has Corporate Democrats in Panic Mode

        The Democratic Party’s most powerful donors are running out of options in the presidential race. Their warhorse Joe Biden is stumbling, while the other corporate-minded candidates lag far behind. For party elites, with less than four months to go before voting starts in caucuses and primaries, 2020 looks like Biden or bust.

      • Weep for Catalonia, Weep for Liberalism in Europe

        The vicious jail sentences handed down today by the fascists (I used the word with care and correctly) of the Spanish Supreme Court to the Catalan political prisoners represent a stark symbol of the nadir of liberalism within the EU. That an attempt to organise a democratic vote for the Catalan people in pursuit of the right of self determination guaranteed in the UN Charter, can lead to such lengthy imprisonment, is a plain abuse of the most basic of human rights.

      • Cory Booker On Impeachment: ‘I Swore An Oath To Protect And Defend The Constitution’

        “I swore an oath to protect and defend the Constitution,” Booker told NPR on Saturday. “I didn’t swear an oath to protect and defend the Constitution unless there’s an election coming up,” he said in the interview, recorded for the NPR series with Democratic presidential candidates Off Script.

      • NBA vs. China: The League Is Bravely Defending Free Speech—And That’s a Game Changer

        The incident also reignited an important discussion here in the United States about free speech and the role and power of leaders in sports to shape the discussion around important social issues in our country and around the world.

        After initially acknowledging the complexity of the situation and expressing regret to those who were offended, NBA Commissioner Adam Silver said in a statement that “the NBA will not put itself in a position of regulating what players, employees and team owners say or will not say on these issues.”

        Silver understands the potential financial implications of taking this position, but he added that “if that’s the consequence of us adhering to our values, we still feel it’s critically important to adhere to those values.”

      • New Zealand creates unit to target, ‘disrupt’ online extremism

        Ardern said the Internal Affairs department would hire 17 specialists in investigative, forensic and intelligence work to focus on violent extremist content online.

    • Censorship/Free Speech
    • Privacy/Surveillance
      • Starting December 1st, China’s new MLPS 2.0 cybersecurity laws will require submission of a facial scan to receive internet access

        China’s new MLPS (Multi-level Protection of Information Security) 2.0 cybersecurity laws goes into full effect on December 1st, 2019 and will see all internet service providers (ISPs) and mobile data providers requiring facial scans to sign up for new service.  This means every new mobile phone number assigned in China will be associated with a facial scan. On top of this, the new rules by the Chinese Ministry of Public Security mandate that all data on Chinese networks and systems be available for the Chinese government to sift through at will – and by default through the use of big data techniques. The government emphasized that the new law is meant to help the populace, not suppress it further. Guo Qiquan, one of the politicians responsible for the plan explained the width and breadth of the new cybersecurity surveillance system to SCMP…

      • South African court rules that mass surveillance by the government is illegal

        A South African court has ruled that mass surveillance, specifically bulk communication of communications, is illegal for the government to participate in.  A longstanding court case between the amaBhungane Centre for Investigative Journalism on behalf of journalist Sam Sole and South Africa’s State Security Agency lead to this ruling on September 16th, 2019.

      • The Old Man and His Smartphone, Episode III

        My wife was not all that impressed with the smartphone, which is not too surprising given that grade-school students commonly have them. She did note that if someone broke into it, they could be taking pictures of her without her knowledge.

      • [Older] Don’t hold your breath for that U.S. online privacy bill

        No new bill on online privacy expected expected to show up in Congress before the end of the year, Reuters reports, citing three unnamed sources on Capitol Hill.

    • Civil Rights/Policing
      • Truth, Justice and Life

        It’s wonderful how good things can come in small packages. Like Greta Thunberg out waking the world to the urgency of action in addressing the climate crises. Like Ellen DeGeneres out for a game with George Bush. Like a butterfly, flapping its wings in the forest. Like the sound of truth.

      • A Passion for Writing

        I have been writing for fifty years. I wrote my first scholarly article in 1969. I was then a  graduate student in history at the University of Wisconsin-Madison. That was a bold step. My English was still in its early stages of improvement. But more than spelling and vocabulary, I felt I had something to say that might add to our understanding of the past.

      • The Oil Despots

        The world’s burgeoning far-right movements are far-flung and diverse, but in government they share a few core tendencies: They attack minority populations. They criminalize dissent. And they’re horrible for the planet.

      • Lebanon, Dreamland

        In 1928 my father, César Assad Chelala, emigrated from Lebanon to Argentina and made there his permanent home. The love for his country remained unaltered, and for the rest of his life he dreamt of going back. Although he never fulfilled his wish, he transmitted to us, his children, the love for his new country. He came to live in Tucumán, a city in the North of Argentina, where he already had some relatives.

      • Mississippi Takes Steps to End Damning Delays in Evaluating Criminal Defendants

        Mississippi’s Department of Mental Health will spend nearly $20 million on a new unit for forensic beds, an investment the state hopes will relieve a long-standing embarrassment: the months, even years those accused of crimes must wait to undergo court-ordered psychiatric evaluations.

        The change came after a push from the MacArthur Justice Center and the Southern Poverty Law Center, and close to two years after ProPublica reported the story of a teenager kept four years in jail before being granted his evaluation.

      • Insecurity in Mozambique Leaves Thousands Unable to Vote

        Mozambique’s Electoral Commission announced this weekend that 10 voting stations in Macomia, Mocimboa da Praia and Muidumbe districts will not open for the country’s general election on October 15. This will leave 5,400 voters unable to cast their ballot. 

      • US Columbus Day Holiday Celebrates a Shameful Past

        In one holiday, Americans encounter our two most shameful and discomforting historical legacies: the genocide of the American Indian and slavery.

      • Fort Worth Officer Kills Woman In Her Bedroom In Response To ‘Open Structure Call’

        A white police officer fired through the window of a black woman’s home early Saturday and killed her after responding to a call that a neighbor placed about an open front door, authorities in Fort Worth, Texas, say.

      • How a Legal Loophole Lets Colleges Pay Students Less Than Minimum Wage

        In many states — including Massachusetts, Connecticut, New Jersey, Virginia, and New York — students who work for universities are legally eligible to receive less than the state minimum wage when working on campus. In fact, a provision under the Federal Fair Labor Standards Act (FLSA) allows nonprofit educational organizations to apply for a certificate from the Department of Labor in order to hire student workers for significantly less than minimum wage — a law that many universities employ to its fullest. This exemption, also known as “subminimum wage,” authorizes employers to pay full-time students a lower wage — at least 75% of federal minimum wage or a percentage of an applicable state minimum wage if it’s higher — for on-campus jobs. They also have a cap on the number of hours they can work, usually no more than 20 in one week. (Students employed through a financial aid work-study program called Free Application for Federal Student Aid [FAFSA] must earn at least the federal minimum wage and, as part of their benefits package, have additional stipulations regarding their hours that other students employed on campus do not.)

    • Monopolies
      • Facebook CEO Cozies up to Conservatives at Private Dinners

        For a company that’s come under congressional and public scrutiny from all sides of the political spectrum, including for influencing the 2016 presidential election, it’s unsurprising that Facebook CEO Mark Zuckerberg would dedicate time to damage control with leaders who might be involved in investigating and regulating the platform. A new report from Politico, however, suggests that Zuckerberg may be if not outright favoring conservatives, than at least giving them more attention and access.

      • Libra Association announces new board members after recent departures

        In Geneva on Monday, the remaining members of the Libra Association held their inaugural meeting, bringing together executives from more than 20 different companies across the world.

        Much of the meeting was devoted to establishing the basic governance of the new association, which before Monday had been more of a proposal than a functional institution. The group named five board members — including Xapo CEO Wences Casares, Andreessen Horowitz partner and blockchain lead Katie Haun, and Facebook executive David Marcus, who has been the primary face of the project up until now.

      • Libra Association Board Members Have Ties to Facebook, Marcus

        The Libra Association, which oversees a controversial cryptocurrency, was officially formed on Tuesday, and its five board members have one thing in common: close relationships with Facebook Inc. and its executives.

      • Patents and Software Patents
        • [Guest Post] Fighting for your IP rights in Denmark – it’s expensive, but now maybe less so?

          With a new decision issued on 29 August 2019 by the Danish Eastern High Court (Danish only), the tides may now be turning. A new precedent may just have been set for the recovery of a party’s costs incurred by the use of experts, including European Patent Attorneys, and not least for legal costs recovery in general in Danish patent disputes. European Patent Attorneys, in particular, are often brought as expert witnesses by the parties, and their statements and testimonies (although admitted as evidence of a party rather than as impartial expert statements) tend to be regarded as highly persuasive.

          The case concerned the companies Gilead and Sandoz who had been in a legal dispute over a potential infringement of Gilead’s patent for the products “Emtricitabin and Tenofovirdisoproxil (as fumerat)”. Gilead was granted a preliminary injunction, which Sandoz appealed. While the appeal was underway, Gilead’s patent was declared invalid in a separate case against a third party. Sandoz therefore brought a separate motion before the Maritime and Commercial High Court (MCHC) to lift the preliminary injunction.

          [...]

          The case is a step in the right direction for the recovery of European Patent Attorneys’ fees in Denmark. What’s more, the award of actual legal costs incurred was set at 49.5% of the documented legal costs. This is a high level of costs recovery compared to most cases – and potentially the beginning of a general trend towards higher costs awards. However – and more likely – it may also just underline the point that the level of costs awards granted by Danish courts is too low, and that this may have lead companies to turn their backs on the Danish court system. Indeed, the Danish recovery rate has long seemed to be much lower than in comparable jurisdictions such as Norway and Sweden. In these neighboring Nordic countries, the winning party is generally awarded full costs, unless it is apparent that a full award is not merited (e.g. where the winning party’s legal costs are exceedingly and unnecessarily high compared to the costs spent by the losing party).

      • Copyrights

…So This GNU/Linux User Goes to a Pub With Swapnil and Jim

Tuesday 15th of October 2019 04:12:33 PM

Linux.com Editor and Linux Foundation Chief

Summary: It’s hard to promote GNU/Linux when you don’t even use it

How to THRIVE, in Uncertain Times for Free Software

Tuesday 15th of October 2019 03:00:11 PM

By figosdev

Summary: “The guidelines are barely about conduct anyway, they are more about process guidelines for “what to do with your autonomy” in the context of a larger group where participation is completely voluntary and each individual consents to participate.”

First things first: apologies for the acronym.

To
Help
Realise
Ideal
Volunteer
Efforts

These guidelines were written in late July, before the FSF Titanic series or Stallman stepping down. The reaction I tend to expect to a list like this is: “Oh no, a Code of Conduct.”

“The guidelines are barely about conduct anyway, they are more about process guidelines for “what to do with your autonomy” in the context of a larger group where participation is completely voluntary and each individual consents to participate. In other words these are intended to assist, not be imposed. Maybe a better way to consider them is as a sort of informal RFC.”If that’s your concern, I can appreciate it. Which is why the thrive guidelines have their own Code-of-Conduct Escape clause:

“Wherever these guidelines are misused to threaten community and development, they should be regarded with scrutiny — whenever these guidelines help create a foundation for purposeful development and progress, they should be considered thoughtfully.”

This is despite the fact (and hopefully reinforces the idea) that the guidelines are intended to be non-binding.

The guidelines are barely about conduct anyway, they are more about process guidelines for “what to do with your autonomy” in the context of a larger group where participation is completely voluntary and each individual consents to participate. In other words these are intended to assist, not be imposed. Maybe a better way to consider them is as a sort of informal RFC.

I will quote each of the ten guidelines one a time, then comment on each in the hopes of further clarification.

1. “Integrity and checks and balances are more valuable than false compromise.”

I’m fond of pointing out that just enough compromise can be wonderful, but too much can be devastating. Having more than one group working to maintain and improve the ecosystem means that if one authority (or respected group) goes sour, then others can speak up and offer a backup plan. Fans of a single, centralised point of authority won’t like this. But, it is a recommendation. It is non-binding, so people who are against it simply won’t have anything to do with it.

As I said in my previous article, for example:

“Many have called for a certain large, corporation associated with a particular primary-coloured hue to apologise for their active role in the Holocaust. Yet one of their subsidiaries asks for an arguably more grassroots organisation to seize an opportunity for greater diversity.”“When we agree on something, we struggle together. When we can’t agree, we struggle apart. It’s very useful to find our commonalities, and understand our differences. For many of us, Stallman and freedom are two things we are not willing to compromise on.”

That isn’t a decision that a central authority needs to make. Many of us are not willing to bend on the Stallman issue (a reminder that this guideline predates the Stallman issue.) So we invite anybody who is willing to work with us despite not bending on that issue, do so. They don’t need to sign an oath of loyalty to Stallman, but if they ask us to do something unjust against him — that’s something we won’t do.

At that point, you have a schism — and you would actually have that schism anyway. The difference is that some of us are building something that is more schism-tolerant. Other points address this a little more directly.

2. “Ignoring your own standards, as well as taking rules too seriously, can compromise the integrity of your community. Many communities are already diminished along these lines.”

This is mostly a comment on the state of communities, and a recommendation to try to live up to your own community standards. Those who already oppose the imposition of a Code of Conduct can read this as: “If you have a Code of Conduct that expects certain behaviour of others, you are naturally expected to treat them just as well as you’re demanding of them.”

Nobody is perfect, and it’s obvious that people already hold some to a more unreasonable interpretation of their standards than others. While suggesting that people not do that isn’t likely to cancel out any hypocrisy directly, this point at least comments on it.

3. “The corporate monopolies that promise to help resolve these problems, have a history of fundamental selfishness and interference. Giving these corporations too great a say in matters has helped them to destroy communities and stifle their efforts.”

This point comments on past mistakes, and also predates one of the best examples. Many have called for a certain large, corporation associated with a particular primary-coloured hue to apologise for their active role in the Holocaust. Yet one of their subsidiaries asks for an arguably more grassroots organisation to seize an opportunity for greater diversity.

“One only need look to Stallman to demonstrate how intolerant we’ve become of opinions — but that intolerance is a standing threat to all of us if we wish to work together and not be ridiculous when we use the word “inclusion.” While these guidelines are not meant to be imposed, if more people had taken them to heart, it would have possibly been more difficult to let Stallman suffer as much as we already have.”You could argue this is the same point as the second one, addressed specifically to very large and powerful companies. While it is unlikely to change the course of those companies directly, it serves as a warning to those who would take their requests (and perhaps, their lip-service) too seriously.

4. “In practical terms, ‘working together’ means finding enough common ground for collaboration. It does not mean abandoning the principles or values of your own community.”

This could be considered a re-iteration of what was said in my previous article: “When we agree on something, we struggle together. When we can’t agree, we struggle apart. It’s very useful to find our commonalities, and understand our differences.” Except it is actually a pre-iteration.

Some differences are worth working past. Other differences are simply worth accepting. Another way of saying this is that along with diversity of people, we should make it possible (whenever we can bring ourselves to do so) to include people with a diversity of opinions. In my own opinion, this is a strength that we were doing impressively well with, before all this corporate help showed up.

One only need look to Stallman to demonstrate how intolerant we’ve become of opinions — but that intolerance is a standing threat to all of us if we wish to work together and not be ridiculous when we use the word “inclusion.” While these guidelines are not meant to be imposed, if more people had taken them to heart, it would have possibly been more difficult to let Stallman suffer as much as we already have.

“These really are anti-monopoly recommendations, for making communities hopefully more robust in the presence of well-organised social attacks.”Not that I want you to think this is all about one example. What I really want you to do is think about how it would be for an entire community to start stoning you because of something you yourself were misquoted as saying by Forbes or ZDNet. All of these guidelines predate that incident, but many of these would have helped mitigate it.

These really are anti-monopoly recommendations, for making communities hopefully more robust in the presence of well-organised social attacks. If you think you can create a better version, these guidelines are already in the public domain.

And people are going to argue for more centralisation, of course. Some people like centralisation and single-points-of-failure, because they think of control exclusively in terms of benefits, not costs. Decentralisation has costs as well.

Very few meaningful decisions are made without accumulating both costs and benefits. It’s really a question of what benefits are desirable and what costs are unacceptable. If you can accept a single-point-of-failure that guarantees a tragedy in the long run, there are some short-term benefits to say the very least.

5. “In dealing with both critics and allies, it is always more useful to look past the superficial — towards motivations, true nature and real effects. Society encourages the shallow evaluation of goods and services, as well as of people. Vital communities must do better in this regard than general society, if they wish to thrive. This is not intended to eliminate speculation, only to temper superficiality.”

“A lot of it comes down to accepting differences, having more than a single venue for progress to be worked on, and working together when it makes sense. This is more robust because if you get Amish-shunned out of one community that has gotten a bit weird or been taken over, there are other places nearby where you can contribute instead.”Superficiality is a theme addressed in my previous article on Techrights (already linked from point 1.)

Back when the “Free Software Federation” was more of a concept, these were guidelines on how people who want such a thing to work (this by no means assumes that everybody would want it to) could understand how to make it run smoothly enough.

A lot of it comes down to accepting differences, having more than a single venue for progress to be worked on, and working together when it makes sense. This is more robust because if you get Amish-shunned out of one community that has gotten a bit weird or been taken over, there are other places nearby where you can contribute instead.

“Another thing to think about the is the level of censorship and interference going on. In security terms, this should be part of our threat model…”It is also a strong suggestion that such schemes have gradually been proven necessary if we want Free software to continue to have the level of practical success it already had in the past. A lot of people already look around and realise that “something has gone terribly wrong.” You can be certain there will be people demanding that single-points-of-failure be reinforced by more monopolistic means.

As recent history has shown us, when that happens it can leave us generally out of the loop — just sort of waiting for “permission” or a “cue” to get back to business as usual, while we try to figure out how to respond or move forward, without much in the way of means to do so. A reasonable word for that effect is “devastation.” It’s good to ask if we would have that level of devastation right now, if we had found a way to make Free software (as a movement) “more robust” or as I keep saying, “more decentralised.”

In the past, we had collaboration schemes as loosely defined as something called a “web ring.” Today, a “mesh network” would be a resilient structure more worthy of consideration than a “ring” (which was often maintained by a single person, albeit one who was very open to all sorts of people joining and adding their website.)

So you could, if you wanted to maybe overhype the idea, call this an “early version of a social protocol for a voluntary organisational mesh network.” But just calling it the “THRIVE Guidelines” is probably a lot more reasonable.

Another thing to think about the is the level of censorship and interference going on. In security terms, this should be part of our threat model:

I’m referring to this sort of behaviour from large corporations.

I’m also referring to this sort of behaviour from our beloved non-profits.

And even in the example of the FSF and FSFE:

“In 2018, FSFE used these tactics to make it appear that nobody supported elections any more.”

“In 2019, rogue elements of the Free Software Foundation (FSF) staff used the same tactics to undermine their own founder, Richard Stallman.”

“I don’t even think the other FSF chapters are prepared to defend everything the FSFE is doing right now.”NOW, if we can’t even even trust the FSF to prevent this sort of thing, and if their own objectives are being compromised by the (completely unjustified — as in there is simply no good reason given) censoring of mailing-lists, what exactly do we do?

And THAT is why federation is actually key to the future of our movement. It’s certainly not that the FSF doesn’t have a completely vital role to play. I think as the original, pioneering organisation with the most experience to lend us (and traditionally the greatest authority — actively maintaining the definition of Free software itself) I think bolstering that organisation (what Stallman asks us to do, I would add) is a very good idea.

But when I wrote about the need to create lifeboats for the same organisation prior to a great tragedy — which happened not 30 days later, as things turn out — I wasn’t doing that because I thought it would make a great story. I was doing it for exactly the reason it said on the tin:

A. The FSF is vulnerable.
B. The FSF is vulnerable.
C. The FSF is vulnerable.

The most obvious way around this (mission-damaging) censorship (a topic Daniel Pocock knows more about than I do — I comment on the things he goes into great detail about — with actual facts and evidence that I had only expected to come out eventually) is to have more communication, interconnection and organisation between autonomous “nodes” of this movement.

As it happens, such nodes already existed. Right now it appears that (if Pocock’s claims are true, and I suspect they are) the FSF (Boston) is at least somewhat compromised, and FSFE is (as I already thought) more compromised. I don’t even think the other FSF chapters are prepared to defend everything the FSFE is doing right now.

“FSFE censors, Pocock un-censors, the Federation “boosts” the uncensorship.”In terms of Copyright and Patents and yes, censorship — the EU is a mess right now, and FSFE is just a snail’s distance from going along with it on far too much.

So who is going to hold the FSFE accountable on these matters? Their members? The FSFE is (according to what I gather from reading the things Pocock says, but not to put these words in his mouth) manipulating its members with an almost Facebook-like tactic. I’m surprised, but not shocked that it has come to that.

Please don’t get me wrong on this — I’m not saying the future is hopeless for the FSF, only that the present is obviously dire!

And that if we care, we will lend them a hand that they have no real choice to turn away. FSFE censors, Pocock un-censors, the Federation “boosts” the uncensorship.

“Now, where do we get future coders from?”A federation that cares about Free software has the potential to “route around” not only mailing-list censorship, but even the corruption that happens at the very top of these organisations. But it loses that flexibility if we try too hard to “unite.” It is the redundancy that creates the robust nature of what we are doing.

But if you’ve ever tried to write code that uses concurrency, you know that such things are a little less intuitive than traditional scripting. So to make that accessible to more people, we have these recommendations.

If you want to know more about working around mailing list censorship, I strongly recommend looking around Daniel Pocock’s blog for more: https://danielpocock.com

Now, where do we get future coders from? From time to time, some people express concern about the “aging” of their developer force. This means that people capable of contributing either aren’t allowed to join, aren’t aware of the opportunity to join, aren’t interested in joining — or don’t even exist.

One way to address all of those points is with education:

6. “Without some greater commitment to the needs and education of users, Free software will soon lose too much ground to corporations that falsely pander to them. This is not a call to make everything ‘user friendly.’ As a user, you are free to develop on your own terms. There are still areas in which progress could be made regarding development.”

Should we allow repos (such as F-Droid) to be balkanised over political differences? Maybe not:

7. “It is better to have communities divided over politics than to have software development and repos hijacked and repurposed by a single political faction.”

How can a federated community help prevent such hijacking of repos? With a (relatively) neutral 3rd (or 3rd, 4th and 5th) party:

8. When communities with valuable contributions become divided over political differences, umbrella communities and organisations are a positive way to invite long-term resolution. Haste and superficial resolution are less positive, though “first step” efforts will hopefully count for something.

But false compromise is once again warned against — due to the amount of it I think we’ve already witnessed. We always want to enable cooperation where we can, without introducing false compromises and bad compromises. Freedom of course, produces differences:

9. “Each community should be allowed to explore its own options to further the long-term benefits of its efforts towards software freedom — subject to informal approval and/or intellectually honest (fair) critique from from other communities.”

If you need permission to comment, we really have dramatically changed as a movement. Point 9 says more than that, but this is a point worth reiterating at this time.

But what about the users? What should we do for them? The user of today may one day become the ally of tomorrow. So maybe, let’s one way to set a good example for our future is:

10. Communities should avoid, as much as possible and practical, efforts to lock other users into their software or distributions. The more important and popular (and fundamental) the software is, the more modular and optional and flexible the software should ideally be. Even the distro itself should become more modular and universal — via thoughtful design conventions, rather than rigid and demanding standards. But when in doubt, refer to points 5 and 9.

If you’ve read the FSF Titanic series, there are many more comments on making this sort of thing possible.

As for this list of recommendations — you can think of it as being told what to do, no matter how much someone stresses that the idea is nothing of the sort. On the other hand, I would say that it’s unfair to ask people to do something complicated and revolutionary without providing some real suggestions as to how it could be possible.

These guidelines were one of the first steps (predating, and even helping to inspire the FSF Titanic series) towards providing those real suggestions. As a bonus, this many-paragraph article and contextual update can be swapped out to some reasonable degree with just the 10 points mentioned. Though now that there’s some commentary on them, it’s possible their value is a little more obvious.

Long Live Stallman, and Happy Hacking.

Licence: Creative Commons CC0 1.0 (public domain)

When They Run Out of Things to Patent They’ll Patent Nature Itself…

Tuesday 15th of October 2019 02:48:44 PM

No patents on life and nature? You must have missed the news!

Summary: The absolutely ridiculous patent bar (ridiculously low) at today’s EPO means that legal certainty associated with European Patents is at an all-time low; patents get granted for the sake of granting more patents each year

HAVING just covered software patents in Europe and UPC issues, we now look at the broader picture in the European Patent Office (EPO).

It’s so sad that in less than a decade the EPO managed to earn a reputation worse than that of the USPTO not just because of the scandals but also decline in patent quality. Those two things are of course closely linked. Examiners that Battistelli has not managed to drive away António Campinos either drives to ‘retirement’ or replaces with private companies. It’s as if it’s an actual goal to get rid of experienced examiners and turn their job into a business venture with the likes of Serco, which already do business for the USPTO.

“It’s so sad that in less than a decade the EPO managed to earn a reputation worse than that of the USPTO not just because of the scandals but also decline in patent quality.”When EPO founding documents were crafted and refined half a century ago architects of the system envisioned a system that would serve scientists, be inclusive (not in the nepotism sense), and not be run like a greedy corporation. The EPC was routinely violated in recent years and nobody was held accountable. This is why we end up in such a sordid mess. It’s utterly grotesque.

Check out who’s hammering the news wires this week [1, 2] with stuff like this, in effect self-promotional words for an event that berates quality control:

Many patent applications and patents are lost before the EPO, either before Opposition Divisions or before Appeal due to incorrect original drafting, and added subject matter is a recurrent problem. Learn advanced drafting techniques for successful EPO patent applications.

Many patent applications and patents are lost before the EPO Boards of Appeal due to incorrect original drafting. Added subject matter is a recurrent problem: Amendments made during grant procedure, to take account or new prior art, amount to added subject-matter, often fatal in opposition procedure before the EPO, and national courts.

Giving tips for getting patents from the EPO — even if fake patent monopolies — by employing tricks to exploit deliberate loopholes. Is this what we’ve come to? Also published yesterday was this piece behind the Agrow paywall:

Submissions urge EPO not to patent conventional plants

The European Patent Office (EPO) has been urged not to patent conventionally bred plants in separate submissions from the European Commission and a group of farming and environmentalist organisations.

Such patents should never have been granted in the first place; patents on nature don’t make sense, neither morally nor legally. Anyone who’s granting them does a disservice to common sense and the planet. Similar patents literally cause the death of a lot of people. Back in February we wrote about patents on cancer treatment — the latest of many articles on the subject. Here’s a new press release about another such European Patent:

Onxeo S.A. (Euronext Paris, NASDAQ Copenhagen: ONXEO), (“Onxeo” or “the Company”), a clinical-stage biotechnology company specializing in the development of innovative drugs targeting tumor DNA Damage Response (DDR) in oncology, in particular against rare or resistant cancers, today announced having received a communication from the European Patent Office (EPO) informing the Company of its intent to grant a new patent strengthening the European protection of compounds sourced from its platON™ platform.

[...]

This patent will provide a term of protection valid until mid-2031, which could be further extended until 2036 via the supplementary protection certificate (SPC) system. It completes the already robust set of 9 patent families securing the protection of AsiDNA™ and its related compounds.

Instead of tackling cancer, as it should, the EPO grants monopoly through patents so as to limit who can treat cancer!

Here’s another new statement, coming from esoteric sites like “Golden Casino News”:

Scandion Oncology A/S (“Scandion Oncology”) today announces that the European Patent Office (“EPO”) has granted the company’s patent application for SCO-101 when combined with chemotherapy. Patent is valid until May 2037.

The headline says “Scandion Oncology A/S receives EU-patent for SCO-101,” but that’s just wrong. EPO is not EU. Notice what’s being granted here; the EPO now treats cancer as “business opportunity” rather than something to be cured; the same goes for global warming. If only more people grasped the seriousness of it…

Rose Hughes (working for companies like the above) has meanwhile covered T 1003/19) — a case concerning intention to grant European Patents:

Recent Board of Appeal decision T 1003/19 poses a riddle: when is it not the intention of the EPO to grant the “text-intended for grant? Before the Examining Division (ED) grants a patent application, they send the applicant a copy of the text-intended for grant (“Druckexemplar”) (Rule 71(3) EPC). The text-intended for grant is normally considered to be, as the name suggests, the text that the ED plans on granting. In response to the Rule 71(3) communication, the applicant approves the text-intended for grant by filing translations of the claims and paying the appropriate fees. If the applicant approves the text-intended for grant, the patent is granted.

T 1003/19 related to an appeal from a decision of the ED to grant an application based on a text-intended for grant in which all but one of the drawings pages were missing. The applicant had approved the text-intended to grant. In most circumstances, it is difficult for a patentee to correct mistakes in a granted patent based on a text-intended for grant that they have approved. As stated in the Guidelines for Examination: “Since the final responsibility for the text of the patent lies with the applicant or patentee, it is his duty to properly check all the documents making up the communication under Rule 71(3)” (H-VI-3.1). It is difficult to argue, for example, that it was not the intention of the ED to grant a patent containing a mistake introduced and approved by the applicant themselves (G 1/10, IPKat post here).

[...]

The BA concluded that the applicant had not approved a text-intended for grant. The BA therefore set aside the decision to grant the patent.

There are serious autonomy problems at the EPO as the appeals process is lacking independence and suffering massive backlogs as well.

“Trips to Cambodia and Ethiopia don’t exactly present the EPO as a world leader.”Alex Frost, writing the first reply to this post, said: “We have tried to escalate this problem with the EPO as it is causing huge problems with disgruntled applicants who are being told that they cannot rectify a problem that is in no way of their making.”

Here’s the full comment from Alex:

A welcome decision given the exponential rise we are seeing in the number of errors being introduced by Examining Division at the moment. So far in 2019, just of my own cases, I have come across 5 with significant errors (description pages missing or duplicated; drawings missing etc), all of which were the fault of the EPO (either the Primary Examiner or his/her Formalities officer, presumably). Goodness only knows how many such cases there have been across the whole firm/profession.

This is against a backdrop of, I guess, a similar number (5 or 6 ) such cases of mine with this sort of ED introduced error over the whole previous 25 years of practice. No doubt a part of the problem is the unseemly haste to examine and grant applications at the moment. We have tried to escalate this problem with the EPO as it is causing huge problems with disgruntled applicants who are being told that they cannot rectify a problem that is in no way of their making.

It’s nice to see so lucidly expressed (and publicly recognised) issues aired in IP Kat again, even if only in the comments. The decline in patent quality will accompany a collapse in legal certainty. And then what? Who would then be willing to apply for European Patents or at what cost? What does EPO even know of patent quality? The EPO, in external communications, brags about spreading its lowered patent quality and invalid patents to other continents! “In order to avoid duplication of efforts and provide services on time and at a high level of quality, IP offices need to work together,” the EPO wrote yesterday. Judging by which patent offices today's EPO takes photos with, the future doesn’t seem promising. Does the EPO try to adapt to the standards of countries with not a single European Patent? Trips to Cambodia and Ethiopia don’t exactly present the EPO as a world leader.

EPO Boards of Appeal Need Courage and Structural Disruption to Halt Software Patents in Europe

Tuesday 15th of October 2019 01:56:31 PM

It takes courage — not just intelligence — to oppose misnomers such as "artificial intelligence" patents

Summary: Forces or lobbyists for software patents try to come up with tricks and lies by which to cheat the EPC and enshrine illegal software patents; sadly, moreover, EPO judges lack the necessary independence by which to shape caselaw against such practices

THE European Patent Office (EPO) has taken control of another EPO, the Organisation. Battistelli started it and António Campinos continues just that. He even rendered his 'boss' at the Council his 'butler'. Imagine that! How is that even legal/constitutional? Maybe it isn’t. But who’s to actually enforce the law/constitution (or EPC)? This is a circular issue.

Advocacy of software patents by the EPO isn’t news; we saw some forms of it way back in the Brimelow days, but it has been getting worse since and judges have since then totally lost any sense of autonomy and independence. They will probably ‘vote’ (decide) the “usual way” some time soon (patent on software simulation) because Campinos is already meddling towards that outcome! See what happened in G 2/19.

“They will probably ‘vote’ (decide) the “usual way” some time soon (patent on software simulation) because Campinos is already meddling towards that outcome!”Sometimes we still see examples of software patents being thrown out inside rather than outside the EPO. Sometimes even loud proponents of software patents (no, not software professionals) admit it. Such was the case the other day when Bardehle Pagenberg wrote: “Authenticating individuals based on liveness probability: non-technical EPO refused to grant a patent on a method of authenticating financial transactions based on biometric data.”

Bardehle Pagenberg is, in our experience, the most vocal and shameless proponent of these bogus patents. They focus on these. Bardehle Pagenberg’s Patrick Heckeler, having published this page, even promoted another case where:

The first instance examining division refused searching the claimed subject-matter because it allegedly lacks technical character…

Forget about all that “technical” (or “technical effect”) nonsense; it’s the wrong test or criterion/criteria. Same for “problem-solution”. The sole riddle ought to be, does this cover something physical (where that physical thing is strictly required)? If not, then it’s abstract. Throw out the application/patent.

Sadly, however, the EPO adopted clever little tricks and loopholes, such as misuse of words like “machines”; they associate the overused term “AI” with “machine learning” (what it means originally) as if there’s some machine or device somewhere. This week they also repeat the nonsense which is “machine translations” when they say: “What is the role of machine translations in proceedings before the EPO?”

“Sadly, however, the EPO adopted clever little tricks and loopholes, such as misuse of words like “machines”; they associate the overused term “AI” with “machine learning” (what it means originally) as if there’s some machine or device somewhere.”“Those are not “machine translations” but lousy algorithms that take something in and spew garbage out,” I told them, “an incoherent mess for most languages, with no legal validity whatsoever…”

It’s rather worrying to see how the EPO deals with obvious software patents that under 35 U.S.C. § 101 the U.S. Patent and Trademark Office (USPTO) would be pressured to throw out, either at first instance (examination) or Patent Trial and Appeal Board (PTAB) — or, failing that, district courts, the Federal Circuit and SCOTUS (no potent challenge to that in 5 years at that level).

Professor Dr. Maximilian Haedicke on Lack of Separation of Powers at the EPO (Which Dooms UPC)

Tuesday 15th of October 2019 12:25:30 PM

“Truth is treason in the empire of lies.”

Or: Truth is sunshine to the vampires of lies.

Summary: Team UPC (“empire of lies”) is catching up with reality; no matter how hard media has attempted to not cover EPO scandals (after the EPO paid and threatened many publishers that tried), it remains very much apparent that EPOnia is like a theocracy that cannot be trusted with anything

WE CAN quite safely assume that most examiners at the European Patent Office (EPO) aren’t happy with the direction the Office has taken. Staff surveys have repeatedly shown this (with large margins). António Campinos is just more of Battistelli and they carry on lowering patent quality, based on studies they attempt to suppress. They’re meanwhile creating new loopholes/routes to software patenting in Europe and striving to replace ‘naughty’ European courts (that ‘dare’ oppose such patents) with something more ‘obedient’ or complicit. EPO judges are casualties as they’re being terrorised to the point where it’s dangerous (to one’s career) to oppose patent maximalists. Only weeks ago we saw Campinos intervening in favour of software patents. He made remarks about an important upcoming case. Does he not have something better to do (than meddling in legal matters he lacks technical qualifications in)?

“Only weeks ago we saw Campinos intervening in favour of software patents. He made remarks about an important upcoming case.”Who’s in charge of the EPO? Certainly not the law or judges who enforce/review that law. A politician from France/Portugal calls all the shots. These aren’t scientists but politicians! Nontechnical autocrats, people who keep calling patents “property” yet again (they’re not property). “You mean patents,” I told them last night. They never respond. On they go with joint EUIPO lies (now 3 weeks of that disgraced “IP” ‘study’, tweeted and retweeted every single day). Pure pseudoscience and an insult to facts.

Should we be surprised that several nations — not just Germanyopenly oppose the handover of patent courts to EPOnia? Or that scholars issue strongly-worded criticisms when they’re not on the EPO’s payroll?

“Should we be surprised that several nations — not just Germany — openly oppose the handover of patent courts to EPOnia?”Team UPC hardcores (apparently a Brit in Munich) are tweeting (quoting) that “rule of law within the EPOrg are criticised. This question is further explosive against the background of the equally pending constitutional complaint against the Unified Patent System.”

Tweets aren't journalism, but this is a translation of a journal. This thread in full says: “Potential impact of G3/19 on DE constitutional complaints; UPC? Prof. Haedicke, GRURInt 2019, 885 on referral G3/19 (from orig German): “This conflict, however, is about much more than the question of the interpretation of A53(b) EPC. It makes it clear that the [EPO President] and the AC seem to have a different understanding of the relationship between the institutions of the EPOrg than the Boards of Appeal. The scope of the judicial control over legislative acts of the AC and the degree to which the AC is bound by the [...] interpretation of the EPC rules by the BoA are controversial. In question is the power of the judiciary to take binding decisions on the interpretation of the EPC which go beyond the individual case. Also affected is the role of the President of the EPO and the system of [...] checks and balances within the EPOrg resulting from the separation of powers.[…] The effects of this dispute thus extend far beyond the concrete question of fact. If the AC were able to change the case law of the Enlarged BoA in order to extend its binding force beyond the [...] individual case, this would enhance the position of the AC, significantly weaken the BoA & strengthen the position of the critics of the EPC to its detriment. The referral may also have consequences for several pending constitutional complaints in which shortcomings in the [...] rule of law within the EPOrg are criticised. This question is further explosive against the background of the equally pending constitutional complaint against the Unified Patent System. It is of great importance to ensure that the relationship between the AC and the BoA [...] complies with principles of the rule of law.”

“It doesn’t matter what some lawyers and politicians at the EPO (and around it) say; at the end of the day the issue is now in the hands of judges the EPO does not control (perhaps with the exception of Stephan Harbarth).”The litigation ‘industry’ refuses to let UPC/Unitary Patent die. Herbert Smith Freehills LLP still mentions it in relation to Brexit (and promoted its take on it earlier this week).

It doesn’t matter what some lawyers and politicians at the EPO (and around it) say; at the end of the day the issue is now in the hands of judges the EPO does not control (perhaps with the exception of Stephan Harbarth).

Widespread condemnation or popular uprise won’t be possible (as happened with the EU copyright directive) if media refuses to cover it.

As Expected, the Bill Gates Propaganda Machine is Trying to Throw/Put Everyone off the Scent of Jeffery Epstein’s ‘Incestuous’ Ties With Gates

Tuesday 15th of October 2019 10:10:01 AM

Quote from important article of the New York Times (published over the weekend):

Summary: Media ownership up on display; it’s amplifying false claims for a whole month, whereas truth/correct information gets buried before a weekend is over

ALMOST EXACTLY ONE MONTH after media funded by Bill Gates’ close friend (VICE) slandered Richard Stallman we’re seeing familiar patterns again. This was very much predictable and in recent days we did several articles and memes about it, e.g. this one.

It’s hardly a secret that the Gates Foundation controls a lot of publishers. Through his sham ‘charity’ Bill Gates has bribed a lot of the British media, repeatedly, including the largest publishers. The same is true for most other countries (where the spoken language is not English). Worry not, they’ll drown out with noise any signal about Gates pedophilia connections/acts…

“Keep an eye and bear in mind this is a symptom of media ownership. It’s putting false words in people’s mouths to defame them in order to distract from the written record of someone else…”Radio Active VCs has just noted: “Saturday, when no one is paying attention: Bill Gates had deep relationship with Jeffery Epstein that he’s been lying about. Monday, prime time news drops: Cutie pie billionaire Bill Gates loves to read!”

Citing an article/puff piece entitled Bill Gates Says Anti-Vaccine Autism Groups “Kill Children” (could help distract from real news), this new tweet says: “Don’t know anyone out there “killing children!” Spare us the histrionics!!Meanwhile Bill Gates working w/ child rapist #JeffreyEpstein #Hypocrite” (we’ve come across many similar tweets that assert with confidence Gates is a pedophile looking to hide something he did).

Keep an eye and bear in mind this is a symptom of media ownership. It’s putting false words in people’s mouths to defame them in order to distract from the written record of someone else (see image at the top).

As a side note, isn’t it rather ironic that patent zealots are, as early as this week, celebrating a mass murderer and rapist (also of young indigenous Americans, prepubescent according to historic records) with another ludicrous patent granted by the U.S. Patent and Trademark Office (USPTO)?

[ES] El Kernel de Linux está introduciendo Open Source Privative Software

Tuesday 15th of October 2019 05:08:57 AM

By Pedro Fco. (maslinux.es)

This is a Spanish translation of: Software Freedom Eroding in Linux and Nobody Seems to Care or Oppose This and mirrored over at El Kernel de Linux está introduciendo Open Source Privative Software (Artículo de opinión de Roy Schestowitz)

Summary: Linux, el kernel, continúa su trayectoria o el camino hacia convertirse en software propietario de código abierto (OSPS).

La importancia de la Libertad del Software será entendida más y más (o mejor) con el tiempo. He aquí un nuevo ejemplo de las noticias. Cuando la gente no controla el software, es el software el que los controla a ellos – un punto que Richard Stallman ha estado enfatizando durante décadas.

El jefe de la Fundación Linux y el único editor de Linux.com son usuarios de Mac (este último alardeó ayer de sus múltiples “Macs”), así que no esperes que se preocupen por la Libertad de Software. No lo hacen. No hemos estado hablando mucho (o con frecuencia) sobre ellos últimamente porque son una causa perdida. Nos rendimos. Se apoyan en historias antiestallmánicas. Linux.com se siente como un sitio de Openwashing y Microsoft (nuevos ejemplos a tal efecto).

Mientras tanto, se ha puesto de manifiesto, una vez más, que AMD sigue adelante con la DRM. Como dijo Michael Larabel:

“Soporte inicial de HDCP. Sí, protección de contenido digital de alto ancho de banda. Este soporte para HDCP Linux en el lado de Radeon viene para Raven Ridge y más nuevo. Como se explica en el artículo anterior, es probable que se deba a que los APUs de AMD están llegando a más Chromebooks y, por lo tanto, todo puede ser visto como algo bueno. Para aquellos que no desean soporte para HDCP, la implementación de AMDGPU DC permite desactivarlo como una opción de Kconfig“.

“Más cambios en la AMDGPU para Linux 5.5 seguirán en las próximas semanas“, añadió Larabel. “El ciclo Linux 5.5 comenzará formalmente a finales de noviembre y se estabilizará a principios de 2020. La lista de cambios para esta AMDGPU DRM-Next-5.5 pull inicial a través de esta lista de correo.”

Ese segundo DRM no es el mismo DRM (sólo el mismo acrónimo) y no es algo a lo que se opondría ni siquiera Stallman. Lo preocupante, sin embargo, es que se ha vuelto ‘normal’ lanzar DRM de restricción de usuarios a GNU/Linux (usando palabras/términos técnicos como “HDCP”), la pieza más famosa y conocida del software libre. A los responsables de la Fundación Linux no les importa (ni siquiera usan GNU/Linux) o no se atreven a decir nada – viendo lo que les pasa a los que sí lo hacen.

La gente habla mucho sobre la situación de Stallman en este momento (una segunda ola de llamadas para eliminarlo de GNU) aunque pocos conectan lo que se le está haciendo a Stallman con lo que le pasó a Torvalds hace un año. Se está incitando a la gente contra los que hacen lo correcto.

Linux Foundation Board Meeting

Monday 14th of October 2019 07:13:36 PM

Linux Foundation session in progress

Summary: More sponsored keynotes and tweets — like more sponsored articles (or “media partners”) — aren’t what the Linux Foundation really needs

Links 14/10/2019: Linux 5.4 RC3, POCL 1.4, Python 3.8.0

Monday 14th of October 2019 06:55:37 PM

Contents
  • GNU/Linux
    • My Linux story: I grew up on PC Magazine not candy

      In 1998, the movie Titanic was released, mobile phones were just a luxury, and pagers were still in use. This was also the year I got my first computer. I can remember the details as if it were yesterday: Pentium 133MHz and just 16MB of memory. Back in that time (while running nothing less than Windows 95), this was a good machine. I can still hear in my mind the old spinning hard drive noise when I powered that computer on, and see the Windows 95 flag. It never crossed my mind, though (especially as an 8-year-old kid), that I would dedicate every minute of my life to Linux and open source.

      Being just a kid, I always asked my mom to buy me every issue of PC Magazine instead of candies. I never skipped a single issue, and all of those dusty old magazines are still there in Costa Rica. It was in these magazines that I discovered the essential technology that changed my life. An issue in the year 2000 talked extensively about Linux and the advantages of free and open-source software. That issue also included a review of one of the most popular Linux distributions back then: Corel Linux. Unfortunately, the disc was not included. Without internet at home, I was out of luck, but that issue still lit a spark within me.

    • Tired of Windows and Mac OS? Switch to Elementary OS!

      Elementary OS is one of the most beautiful and clean-looking operating systems available for use in computers. It is fast, open and privacy-oriented. Elementary has its characteristic design philosophy and made aesthetic use of colours. Over the years, this free-to-use operating system has collected heavy praise by reviewers around the world – making it a strong replacement option for both Windows and Mac users.

      The initial development of ElementaryOS started with building themes and applications for Ubuntu, which later inspired the developers to transform it into a full-fledged Linux distribution. The first release of the operating system was on 31 March 2011, and so far, it has been through continuous bugfix and major feature updates.

      The Elementary OS took shape with the concept of making Linux easier for non-technical users. Instead of terminal-based codes, elementary provides a graphical user interface and settings menus to allow users to perform almost all day-to-day tasks without writing any code.

    • Desktop
      • Jussi Pakkanen: Apple of 2019 is the Linux of 2000

        Last week the laptop I use for macOS development said that there is an XCode update available. I tried to install it but it said that there is not enough free space available to run the installer. So I deleted a bunch of files and tried again. Still the same complaint. Then I deleted some unused VM images. Those would free a few dozen gigabytes, so it should make things work. I even emptied the trash can to make sure nothing lingered around. But even this did not help, I still got the same complaint.

        At this point it was time to get serious and launch the terminal. And, true enough, according to df the disk had only 8 gigabytes of free space even though I had just deleted over 40 gigabytes of files from it (using rm, not the GUI, so things really should have been gone). A lot of googling and poking later I discovered that all the deleted files had gone to “reserved space” on the file system. There was no way to access those files or delete them. According to documentation the operating system would delete those files “on demand as more space is needed”. This was not very comforting because the system most definitely was not doing that and you’d think that Apple’s own software would get this right.

        After a ton more googling I managed to find a chat buried somewhere deep in Reddit which listed the magical indentation that purges reserved space. It consisted of running tmutil from the command line and giving it a bunch of command line arguments that did not seem to make sense or have any correlation to the thing that I wanted to do. But it did work and eventually I got XCode updated.

        After my blood pressure dropped to healthier levels I got the strangest feeling of déjà vu. This felt exactly like using Linux in the early 2000s. Things break at random for reasons you can’t understand and the only way to fix it is to find terminal commands from discussion forums, type them in and hope for the best. Then it hit me.

      • Pinebook Pro Linux laptop launches from $199

        After opening preorders back in July 2019 for the new Pinebook Pro Linux laptop, creator and manufacturer PINE64 has this week started shipping out the new Lenox laptop to customers. Powered by a 64-Bit Dual-Core ARM 1.8GHz Cortex A72 and Quad-Core ARM 1.4GHz Cortex A53 supported by Quad-Core MALI T-860 graphics and 4 GB LPDDR4 Dual Channel System DRAM Memory the Linux laptop is available to purchase priced at $199. Check out the video below for a quick overview of what you can expect from the PINE64 Pinebook Pro Linux laptop.

    • Audiocasts/Shows
      • GNU World Order 13×42

        On the road during the **All Things Open** conference, Klaatu talks about how to make ebooks from various sources, with custom CSS, using the Pandoc command.

      • Open Source Security Podcast: Episode 165 – Grab Bag of Microsoft Security News

        Josh and Kurt about a number of Microsoft security news items. They’ve changed how they are handling encrypted disks and are now forcing cloud logins on Windows users.

      • Linux Action News 127

        Richard Stallman’s GNU leadership is challenged by an influential group of maintainers, SUSE drops OpenStack “for the customer,” and Google claims Stadia will be faster than a gaming PC.

        Plus OpenLibra aims to save us from Facebook but already has a miss, lousy news for Telegram, and enormous changes for AMP.

    • Kernel Space
      • Linux 5.4-rc3 Things continue to look fairly normal, with rc3 being larger than rc2, as people are starting to find more regressions, but 5.4 so far remains on the smaller side of recent releases. The diffstat looks fairly flat too, although we had a couple of staging drivers being removed here that show up as spikes. Drivers in general account for about two thirds of the diff, and it's not just those staging drivers, it's other small noise all over the place: usb, drm, iio, rdma.. Outside of drivers, filesystems pop up more than perhaps usual, but it's again mostly low-grade noise all over: btrfs, cifs, nfs, ocfs, xfs and some core vfs fixes. The rest is arch updates (mainly arm64, x86, mips), tooling (mostly perf tooling updates, but also some selftest fixlets), documentation, and misc core kernel and mm stuff. There really isn't anything huge that stands out. You can scan the appended shortlog for a flavor of the details, it's not too long to just scroll through. Linus
      • Linux 5.4-rc3 Released Ahead Of Official Kernel Debut In November
      • Get to know Oracle Linux Virtualization Manager

        Linux Virtualization Manager can manage multiple on-premises hosts running Oracle Linux KVM. Oracle enhanced Linux KVM in the Unbreakable Enterprise Kernel (UEK) Release 5, an OS kernel tested and optimized for Oracle Linux 7 Update 5.

        Because Linux KVM is the same hypervisor used for Oracle Cloud Infrastructure, admins have an easy migration path from the Linux Virtualization Manager environment to the Oracle Cloud platform. Linux Virtualization Manager also supports importing and exporting software appliances based on the Open Virtualization Format and Open Virtualization Archive standards.

        Oracle based Linux Virtualization Manager on the oVirt project, an open source virtualization platform developed by Red Hat. Linux Virtualization Manager relies on the oVirt engine for discovering KVM hosts and configuring storage and network resources. The platform supports KVM administration for multinode environments, offering a large-scale, centralized management platform for server and desktop virtualization.

      • Intel Firmware Binaries Land For AX200/AX201 Bluetooth Linux Support

        With devices beginning to hit store shelves using the new Intel WiFi 6 AX200 series chipsets, the firmware binaries have landed in linux-firmware.git for rounding out support for these latest WiFi/Bluetooth adapters.

        For a few kernel releases now since earlier this year these new Intel wireless chipsets have been supported by the mainline kernel but the firmware hasn’t been part of the de facto linux-firmware.git tree that houses the various firmware binaries for different hardware component support under Linux.

      • Graphics Stack
        • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

          SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

        • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

          Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension.

          Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

    • Applications
      • 4 Free and Open Source Alternatives to Adobe Photoshop

        Adobe Photoshop is a premium image editing and design tool available for Windows and macOS. Undoubtedly, almost everyone knows about it. It’s that popular. Well, you can use Photoshop on Linux using Windows in a virtual machine or by using Wine – but that is not an ideal experience.

        In general, we don’t have a lot of options available as a replacement for Adobe Photoshop. However, in this article, we shall mention some of the best open-source Photoshop alternatives available for Linux (with cross-platform support as well).

        Do note that Photoshop is not just a photo editor. It’s used by photographers, digital artists, professional editors for various usage. The alternative software here may not have all the features of Photoshop but you can use them for various task that you do in Photoshop.

      • starship – elegant cross-shell prompt at your fingertips

        The Command Line Interface (CLI) is a way of interacting with your computer. And if you ever want to harness all the power of Linux, it’s highly recommended to master it. It’s true the CLI is often perceived as a barrier for users migrating to Linux, particularly if they’re grown up using GUI software exclusively. While Linux rarely forces anyone to use the CLI, some tasks are better suited to this method of interaction, offering inducements like superior scripting opportunities, remote access, and being far more frugal with a computer’s resources.

        For anyone spending time at the CLI, they’ll rely on the shell prompt. I always seem to gravitate back to Bash even though I’ve used more than a dozen shells over the years. By default, the configuration for Bash on popular distributions identifies the user name, hostname, and the current working directory. I recently reviewed Liquid Prompt, an intelligent and non-intrusive prompt for Bash and zsh.

        starship is an alternative to Liquid Prompt. The software aims to show information you need while you’re working, yet being unobtrusive as possible.

    • Instructionals/Technical
    • Games
      • Odds and ends, the Linux and gaming Sunday Section

        Almost time to begin another week full of news, before we do let’s run over a few interesting happenings recently.

        Let’s start with two bits of recent news about Godot Engine, the free and open source game engine. The 3.2 release cycle is going strong, with a second alpha release now available. A massive list of new features and improvements coming to Godot 3.2 can be found here. What’s even more exciting though is the Vulkan work coming with Godot Engine 4.0, with another short progress report post up for it. The new visual frame profiler coming certainly looks useful to help developers squeeze out some more performance.

        More AMD news for you, as it has been reported by Wccftech that AMD now command around 30%+ market share of the CPU market. That’s some very impressive growth, pushed forward by the Zen microarchitecture from 2017. As seen in the graph below from cpubenchmark.net, this is the highest they’ve seen it since 2007.

      • SFB Games to bring Tangle Tower to Linux post-launch if there’s enough demand

        British indie studio SFB Games, developer of the highly rated Detective Grimoire are working on a new game called Tangle Tower and with a little push they could bring it to Linux.

        Tangle Tower is a fully voiced point and click murder mystery adventure, set in a strange and twisted mansion. You will need to interrogate suspects and solve unique puzzles as you progress. Looks and sounds like a great game. Sadly though it’s currently scheduled to release later this month only for Windows and macOS on October 22nd, so no Linux support at launch.

      • Turn-based political simulation game ‘Lawgivers’ adds Linux support with the latest update

        Today I came across Lawgivers, a turn-based political simulation game which recently added Linux support and it looks like it could be a lot of fun.

        Since it’s a political sim, you will be tasked with leading your party into elections. If you manage to get voted in, you will be responsible for approving laws and shaping your country’s destiny.

      • The completely silly fighting game Foreskin Fury is out in Early Access

        After a short delay, you can now jump into Foreskin Fury and have a cock fight. Yes this is a very real game.

        Made in Unreal Engine, the aptly named Stupid Industries said it started off as a joke and they ended up actually learning Blender and Unreal Engine to turn the joke into something a little more real. Here we are, Foreskin Fury was accepted onto Steam and it supports Linux.

      • The currently free indie RTS ‘The Fertile Crescent’ should now work better at different resolutions

        The Fertile Crescent is an upcoming in-development indie RTS that feels like a retro Age of Empires and it’s really quite good. A new update is out (and it’s still free) fixing up the UI for different resolutions.

        I think more of you need to try this one, it’s a wonderful little RTS game that I honestly can’t wait to see expand. Hopefully now more of you actually will be able to try it, as they’ve made it so the interface properly scales with your resolution. Previously, there were problems if you had anything other than 1080p. Not only that, most of the interface was actually redesigned and it gives you more information.

      • Chiaki, the open source and cross-platform PS4 Remote Play client now supports the PS4 7.0 update

        Sony recently upgraded the system software on the PlayStation 4 which broke compatibility with the open source Remote Play client Chiaki. The developer acted quickly and a new release is up.

        This is the software we tested out recently and came away pretty impressed with it. Allowing you to stream games from a PlayStation 4 to a Linux desktop, seriously handy stuff since Sony don’t support it on Linux officially.

      • Adventure simulation, Pine, is now available on PC, Mac, Linux

        Developer Twirlbound and publisher Kongregate have announced today that Pine is now available on PC, Mac, and Linux. In addition, a launch trailer has been released that shows off the beautiful and animated world of Albamare. The adventure simulation has players control Hue, a young explorer on a mission to find a new home for himself and his small tribe.

        The launch trailer features combat, trading, exploration, archery, horseback riding, and dangerous creatures. Check it out below.

    • Desktop Environments/WMs
      • K Desktop Environment/KDE SC/Qt
        • Interview with Fabian Mosakowski

          My name is Fabian Mosakowski and I’m an aspiring illustrator living in France. I’m currently working on my portfolio creating an illustrated fantasy tale called “If Only Blood Was Red”. It deals with what’s left of humans thriving to survive in a land that doesn’t welcome them.

          Currently as a hobby artist. I made a few comissions for close relatives but I’d like to make it professional once my portfolio will be done.

          Mainly fantasy as it’s the narrative thread of my project but I also mix it with dark art, another genre I really enjoy, to fit the story atmosphere. I also occasionnally work in vectorial or comic book style for lighter projects.

    • Distributions
      • Reviews
        • Archman GNU/Linux Xfce 2019-09

          Archman is an Arch Linux-based distribution developed in Turkey. The project’s website is available in both Turkish and English, which makes the distribution approachable to non-Turkish audiences. Archman has various releases with different desktop environments and release dates. In this review, I will be reviewing Archman’s Xfce 2019-09 release, which is codenamed Lake With Fish.

          To begin, I downloaded the 1.6GB ISO and copied it to a flash drive. I rebooted my computer, turned off Secure Boot, and started Archman from the flash drive. The boot process was quick, but I ended up at a graphical login screen instead of a working desktop environment. I pressed the Enter key and I logged in without needing a password.

          The live desktop looked very nice. It is an interesting blend of classic and modern. The live desktop has icons for the user’s home folder and Trash. There is also a shortcut for Hexchat and the Calamares Archman Installer. The panel at the bottom of the screen holds the application menu, shortcuts for showing the desktop/quickly minimizing all running applications, Firefox, the user’s home folder, sections for the currently running applications, switching desktops, a clock, Bluetooth and wireless controls, a battery meter, update notifications, volume control, and a log out/reboot/shutdown shortcut. The panel is 70% the width of the screen and set to automatically hide.

          I looked around the live desktop for a little while. I tested to make sure that everything was working okay with my hardware, and once I was certain that all my hardware worked, I moved on to installing Archman.

        • Xubuntu 19.10 overview | A operating system that combines elegance and ease of use.

          In this video, I am going to show an overview of Xubuntu 19.04 and some of the applications pre-installed.

        • Checking out Crunchbang++ 10 on my Thinkpad T480s
      • Screenshots/Screencasts
      • Gentoo Family
        • Improving distfile mirror structure

          The Gentoo distfile mirror network is essential in distributing sources to our users. It offloads upstream download locations, improves throughput and reliability, guarantees distfile persistency.

          The current structure of distfile mirrors dates back to 2002. It might have worked well back when we mirrored around 2500 files but it proved not to scale well. Today, mirrors hold almost 70 000 files, and this number has been causing problems for mirror admins.

      • SUSE/OpenSUSE
        • SUSE what, adoption’s still growing, shrugs OpenStack Foundation

          OpenStack chief operating officer Mark Collier told The Reg that while SUSE’s decision to abandon its OpenStack Cloud product is “obviously disappointing”, adoption is “strong and growing”.

          SUSE’s decision that it will “cease production of new versions of SUSE OpenStack Cloud” and “discontinue sales of SUSE OpenStack Cloud” is significant, given that it had a seat on the OpenStack board as a Platinum member – one of only eight companies which commits to provide major funding and full-time resources to the OpenStack Foundation, the others being AT&T, Ericsson, Huawei, Intel, Rackspace, Red Hat and Tencent. SUSE will now “carefully transition our board position and sponsorship level” according to a statement sent to The Reg, though it promises continued involvement at some level.

          It is tempting therefore to treat Collier’s remarks to The Reg as damage limitation, but in this case he has a point. OpenStack, which is a set of projects that enables users to run private clouds, has a huge customer base and its market is growing by about 20 per cent a year, according to recent figures and projections. There is not much competition if you want to run an open-source private cloud, and there can be good reasons to do so.

        • Highlights of openSUSE Asia Summit 2019

          The openSUSE.Asia Summit is one of the big events for the openSUSE community (i.e. both contributors and users) in Asia. Those who normally communicate online can meet from all over the world, talk in person and have fun. Members of the community share their current knowledge, experience and learn FLOSS technologies around openSUSE. The openSUSE.Asia Summit 2019 took place from October 5 to October 6, 2019 at the Information Technology Department, Faculty of Engineering, Udayana University, Bali.

        • Maintaining Enterprise Linux Kernels

          Forking the Linux kernel and using it as the basis of an Enterprise product is a challenging task. The pace of development in the upstream Linux kernel makes it hard to keep up with all the fixes that need to be backported. This article describes the process we use at SUSE to find and backport potentially required upstream fixes to our kernels.

          [...]

          Every fix that is reported will be evaluated by a developer and either backported to the kernel branches that need it or blacklisted, so that the fix is no longer considered. But who is the best person (or group) to report a fix to?
          The answer is easy if the fix is for a patch that was backported by someone within SUSE as part of a service pack development cycle. In that case the person who backported the patch is tasked with reviewing the associated fix. The same happens with upstream fixes that are authored or committed by a SUSE employee.
          Assigning fixes for patches that are part of the base-kernel is a bit more complicated. To that end we have introduced a maintainer model with an internal list of experts for most parts of the Linux kernel.
          The approach is similar to the MAINTAINERS file in the upstream Linux kernel, but the file at SUSE is simpler. It only contains a list of people and several path-specs per entry. Each potential fix for the base-kernel is matched against the path-specs in the maintainers list and assigned to the best matching entry. The fix is reported to the developers listed in the matching entry.
          But not all fixes could be assigned that way because the SUSE maintainers list does not cover the whole kernel source tree. For the remaining fixes a heuristic is used. It is based on which source code files in the kernel source tree are touched by the backports of each developer. This is matched against the file(s) a fix touches.

        • Suse: Equipped For The Hybrid Multicloud Age

          Linux as an operating system platform as well as other Open Source technologies as core elements are used in SAP infrastructures. This is applicable for Cloud as well as on-premises deployment. Thus, they are equipped for the Hybrid Multicloud age.
          Open Source arrived in the SAP world a long time ago. The Walldorf-based software company contributed to this development when it made the decision to only use the Linux operating system platform along with SAP Hana and Hana-based application solutions such as S/4.

          And the trend towards Linux with NetWeaver-based infrastructures with AnyDB has already provided the impetus for the deep penetration of Linux. The Hana figures quoted by SAP recently (during this year’s Sapphire conference) speak to this significance. The company now has 50,000 Hana licenses. In addition to Linux, other Open Source solutions are used in SAP environments in conjunction with Data Science and the use of Kubernetes. Kubernetes is used for the orchestration of containers as part of SAP Data Hub environments.

      • Slackware Family
        • LibreOffice 6.2.7 packages available for Slackware 14.2

          There was a recent update in my repository of LibreOffice packages, but that libreoffice-6.3.2 was just for slackware-current.

          There’s a recent release in the LibreOffice 6.2 stable series as well (ok… five weeks ago, not that recent…), and so I decided to use my build box’s free weekend to come up with packages for LibreOffice 6.2.7.
          This release has a security improvement over previous versions, in that it will popup a warning to the user if a document tries to run an embedded script (similar to existing warning mechanism for embedded macros).

      • Debian Family
        • Tails 4.0 RC out now with Linux 5.3, Tor Browser 9.0

          You can now download the latest Tails release candidate that not only comes with increased privacy but also Linux 5.3 and Tor Browser 9.

          Before delving into the news, let’s have a bit of an introduction to Tails, shall we? It sells itself as a live incognito system that focuses on user anonymity and privacy. With Tails, you will be able to browse the Internet without leaving traces, get access to censored content, and have all your messages, files, and emails encrypted.

        • Ritesh Raj Sarraf: Bpfcc New Release

          bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

        • Utkarsh Gupta: Joining Debian LTS!

          Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail.

          [...]

          I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates.
          And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former).
          Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them.
          With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads!

      • Canonical/Ubuntu Family
        • Ubucon Europe 2019 in local media

          News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air.

          The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software.

          For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to

          Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning.

          Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

    • Devices/Embedded
    • Free, Libre, and Open Source Software
      • SaaS/Back End/Databases
        • MongoDB vs. MySQL: How to choose

          During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database.

          Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

      • CMS
        • What’s New in Odoo 13?

          Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations.
          With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

        • Becoming Better Digital Citizens Through Open Source

          The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen.

          [...]

          Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us.

          All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations.

          Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

      • FSF/FSFE/GNU/SFLC
        • Use and throw culture based on lies can’t be coming from Free Software philosophy

          Similar thing happened to Stallman. Actually in an ironic way. This community is created by Stallman only. By 1980s beginning software sharing community was ceased to exist. Then 1983 Stallman himself gave birth to a new community with all legal protection. Because before there were no legal framework for sharing software. Stallman used copyleft idea and GPL to create such a community. There were no help and there were no support. Last 35 years he worked for that.

          Now some new bosses think that he dont look good. He is boring, repeating same thing all these 35 years. Lets get rid off him. You idiots, actually this is his house. You people piggybacked there.

          Still you can have a say if Stallman did anything wrong about free software. But there is nothing he did wrong. Still again I may support you if you with some guts initiate a trial against him on your own behalf. But you did nothing. Instead what you a shameless creature did? Hiding bind an upset woman reacting to smear campaign and lies. This is unacceptable and unethical.

      • Licensing/Legal
        • Contributor License Agreement and Developer Certificate of Origin references

          In the last few years I have come across the CLA topic several times. It is and will be a popular topic in automotive the coming years, like in any industry that moves from being an Open Source Producer towards becoming an Open Source Contributor.

          In my experience, many organizations take the CLA as a given by looking at the google, microsoft or intels of the world and replicate their model. But more and more organizations are learning about alternatives, even if they do not adopt them.

          What I find interesting about discussing the alternatives is that it brings to the discussion the contributor perspective and not just the company one. This enrichs the debate and, in some cases, leads to a more balanced framework between any organization behind a project and the contriibutor base, which benefits both.

          Throughout these years I have read a lot about it but I have never written anything. It is one of those topics I do not feel comfortable enough to write about in public probably because I know lots of people more qualified than I am to do so. What I can do is to provide some articles and links that I like or that have been recommended to me in the past.

      • Openness/Sharing/Collaboration
        • Open Hardware/Modding
          • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

            Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

          • Raspberry Pi 4 B+ – PCI Express

            Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn’t lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

            I’m sharing it to allow people to learn from this – and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

      • Programming/Development
        • How to Read SAS Files in Python with Pandas

          In this post, we are going to learn how to read SAS (.sas7dbat) files in Python.

          As previously described (in the read .sav files in Python post) Python is a general-purpose language that also can be used for doing data analysis and data visualization.

        • Daudin – a Python shell

          A few nights ago I wrote daudin, a command-line shell based on Python. It allows you to easily mix UNIX and Python on the command line.

        • How to Convert Python String to Int and Back to String

          This tutorial describes various ways to convert Python string to int and from an integer to string. You may often need to perform such operations in day to day programming. Hence, you should know them to write better programs.

          Also, an integer can be represented in different bases, so we’ll explain that too in this post. And there happen to be scenarios where conversion fails. Hence, you should consider such cases as well and can find a full reference given here with examples.

        • Thousands of Scientific Papers May be Invalid Due to Misunderstanding Python

          It was recently discovered that several thousand scientific articles could be invalid in their conclusions because scientists did not understand that Python’s glob.glob() does not return sorted results.

          This is being reported on by Vice, Slashdot and there’s an interesting discussion going on over on Reddit as well.

        • PyDev of the Week: Elana Hashman

          This week we welcome Elana Hashman (@ehashdn) as our PyDev of the Week! Elana is a director of the Open Source Initiative and a fellow of the Python Software Foundation. She is also the Clojure Packaging Team lead and a Java Packaging Team member. You can see some of her work over on Github. You can also learn more about Elana on her website. Let’s take a few moments to get to know her better!

        • Eclipse Che 7 and the .NET developer

          Eclipse Che 7, an open source in-the-browser development environment, allows you to define custom workspaces for your software development. Think of a workspace as you would think of a development PC: You have an operating system, programming language support, and all the tools necessary to write code. In this article, I’ll introduce the .NET developer to this new world and highlight ways you can use Eclipse Che to your advantage.

        • How to Convert String to Lowercase in Python

          Some times you may require to convert any string to lower case (all letters). This tutorial will help to convert a string (any case) to lower case as showing in the below image.

        • How to fuck up software releases

          I manage releases for a bunch of free & open-source software. Just about every time I ship a release, I find a novel way to fuck it up. Enough of these fuck-ups have accumulated now that I wanted to share some of my mistakes and how I (try to) prevent them from happening twice.

        • Django 3.0 beta 1 released

          Django 3.0 beta 1 is now available. It represents the second stage in the 3.0 release cycle and is an opportunity for you to try out the changes coming in Django 3.0.

          Django 3.0 has a raft of new features which you can read about in the in-development 3.0 release notes.

          Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 3.0 final (also, translations will be updated following the “string freeze” when the release candidate is issued). The current release schedule calls for a release candidate in a month from now with the final release to follow about two weeks after that around December 2. Early and often testing from the community will help minimize the number of bugs in the release. Updates on the release schedule schedule are available on the django-developers mailing list.

        • LLVM “Stack Clash” Compiler Protection Is Under Review

          Two years after the “Stack Clash” vulnerability came to light, the LLVM compiler is working on adding protection against it similar to the GCC compiler mitigation.

          The Stack Clash vulnerability pertains to clashing/smashing another program’s stack while circumventing existing stack protections at the time. Stack Clash opens up the door to memory corruption and arbitrary code execution. Linux x86/x86_64 wasn’t the only one affected but also the BSDs and Solaris. Those unfamiliar with it or wanting to refresh your memory of it can do so via this Qualys blog post with the firm having discovered this vulnerability.

        • pocl v1.4 released

          Please note that there’s an official pocl maintenance policy in place. This text describes the policy and how you can get your favourite project that uses OpenCL to remain regression free in the future pocl releases.

        • POCL 1.4 Released For Advancing OpenCL On CPUs – Now Supports LLVM 9.0

          Version 1.4 has been released of POCL, the “Portable Computing Language” implementation that allows for a portable OpenCL implementation to be executed on CPUs as well as optionally targeting other accelerators via HSA or even CUDA devices.

          POCL 1.4 brings support for LLVM Clang 9.0, with that open-source compiler stack doing a lot of POCL’s heavy lifting. Support meanwhile for pre-6.0 LLVM releases were removed. POCL 1.4 also adds support for building relocatable POCL binaries and improves SPIR/SPIR-V support for CPU devices.

        • Linux Fu: Python GUIs For Command Line Programs (Almost) Instantly

          Not every programmer likes creating GUI code. Most hacker types don’t mind a command line interface, but very few ordinary users appreciate them. However, if you write command line programs in Python, Gooey can help. By leveraging some Python features and a common Python idiom, you can convert a command line program into a GUI with very little effort.

          The idea is pretty simple. Nearly all command line Python programs use argparse to simplify picking options and arguments off the command line as well as providing some help. The Gooey decorator picks up all your options and arguments and creates a GUI for it. You can make it more complicated if you want to change specific things, but if you are happy with the defaults, there’s not much else to it.

          At first, this article might seem like a Python Fu and not a Linux Fu, since — at first — we are going to focus on Python. But just stand by and you’ll see how this can do a lot of things on many operating systems, including Linux.

        • Python 3.8.0

          Python 3.8.0 is the newest major release of the Python programming language, and it contains many new features and optimizations.

        • Cool New Features in Python 3.8

          The newest version of Python is released today! Python 3.8 has been available in beta versions since the summer, but on October 14th, 2019 the first official version is ready. Now, we can all start playing with the new features and benefit from the latest improvements.

          What does Python 3.8 bring to the table? The documentation gives a good overview of the new features. However, this article will go more in depth on some of the biggest changes, and show you how you can take advantage of Python 3.8.

      • Standards/Consortia
        • Making Movies Accessible for Everyone

          For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

  • Leftovers
    • Security (Confidentiality/Integrity/Availabilitiy)
      • Use sshuttle to build a poor man’s VPN

        Nowadays, business networks often use a VPN (virtual private network) for secure communications with workers. However, the protocols used can sometimes make performance slow. If you can reach reach a host on the remote network with SSH, you could set up port forwarding. But this can be painful, especially if you need to work with many hosts on that network. Enter sshuttle — which lets you set up a quick and dirty VPN with just SSH access. Read on for more information on how to use it.

        The sshuttle application was designed for exactly the kind of scenario described above. The only requirement on the remote side is that the host must have Python available. This is because sshuttle constructs and runs some Python source code to help transmit data.

        [...]

        Depending on the capabilities of your system and the remote system, you can use sshuttle for an IPv6 based VPN. You can also set up configuration files and integrate it with your system startup if desired. If you want to read even more about sshuttle and how it works, check out the official documentation.

      • Hardening Firefox against Injection Attacks

        Firefox not only renders web pages on the internet but also ships with a variety of built-in pages, commonly referred to as about:pages. Such about: pages provide an interface to reveal internal state of the browser. Most prominently, about:config, which exposes an API to inspect and update preferences and settings which allows Firefox users to tailor their Firefox instance to their specific needs.

        Since such about: pages are also implemented using HTML and JavaScript they are subject to the same security model as regular web pages and therefore not immune against code injection attacks. More figuratively, if an attacker manages to inject code into such an about: page, it potentially allows an attacker to execute the injected script code in the security context of the browser itself, hence allowing the attacker to perform arbitrary actions on the behalf of the user.

        To better protect our users and to add an additional layer of security to Firefox, we rewrote all inline event handlers and moved all inline JavaScript code to packaged files for all 45 about: pages. This allowed us to apply a strong Content Security Policy (CSP) such as ‘default-src chrome:’ which ensures that injected JavaScript code does not execute. Instead JavaScript code only executes when loaded from a packaged resource using the internal chrome: protocol. Not allowing any inline script in any of the about: pages limits the attack surface of arbitrary code execution and hence provides a strong first line of defense against code injection attacks.

      • IPFire on AWS: Update to IPFire 2.23 – Core Update 136

        Today, we have updated IPFire on AWS to IPFire 2.23 – Core Update 136 – the latest official release of IPFire.

        This update includes security fixes for OpenSSL and the Linux kernel, an updated Perl, and of course many other fixes throughout the whole system.

      • Pros and cons of event-driven security

        Great news, everyone! Forrester Research says that 95% of all recorded breaches in 2016 came from only three industries: government, technology, and retail. Everyone else is safe… ish, right?

        Hold on for a moment. Tech? Retail? What kind of industry diversification is this? We are, after all, living in 2019, where every business is a tech business. And all of us are continuously selling something, whether it’s an innovative product or an amazing service.

        So what the report should have said is that 95% of all recorded breaches came from attacks on 95% of all businesses both online and offline. And some of the attackers went for the .gov.

        More on the matter, 43% of attackers target small businesses—and that’s a lot considering that, on average, a hack attempt takes place every 39 seconds.

        To top things off, the average cost of a data breach in 2020 is expected to exceed $150 million. These stats sound a bit more terrifying out of context, but the threat is still very much real. Ouch.

      • XML External Entity (XXE) Example

        According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

        If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

      • Security updates for Monday

        Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).

    • Defence/Aggression
      • U.S. Begins Possible Full Withdrawal From Northern Syria

        The United States appears to be heading toward a full military withdrawal from Syria amid growing chaos, cries of betrayal and signs that Turkey’s invasion could fuel a broader war.

      • Retired Marine Gen. John Allen: ‘There is blood on Trump’s hands for abandoning our Kurdish allies’

        Gen. John Allen, the former commander of American forces in Afghanistan and former special presidential envoy for the Global Coalition to Counter ISIS under the Obama administration, told CNN the unfolding crisis in Syria was “completely foreseeable” and “the US greenlighted it.”

        “There was no chance (Turkish President Recep Tayyip Erdogan) Erdogan would keep his promise, and full blown ethnic cleansing is underway by Turkish supported militias,” he said. “This is what happens when Trump follows his instincts and because of his alignment with autocrats.”

      • Turkey-Syria offensive: Kurds reach deal with Syrian army

        The Turkish offensive and US withdrawal has drawn an international outcry, as the SDF were the main Western allies in the battle against IS in Syria.

        But Turkey views elements of the Kurdish groups within the force as terrorists and says it wants to drive them away from a “safe zone” reaching 30km into Syria.

        It also plans to resettle more than three million Syrian refugees currently in Turkey within the zone. Many of them are not Kurds. Critics have warned this could lead to ethnic cleansing of the local Kurdish population.

      • Barnaby Joyce joins calls to stop extradition of Assange to US

        Former deputy prime minister Barnaby Joyce has joined calls for the Morrison government to try to halt Julian Assange’s potential extradition from Britain to the United States on espionage charges, as the WikiLeaks founder’s supporters intensify their campaign to bring him to Australia.

        Mr Joyce joined former foreign minister Bob Carr in voicing concerns over US attempts to have the 48-year-old Australian stand trial in America, where he faces a sentence of 175 years if found guilty of computer fraud and obtaining and disclosing national defence information.

        [...]

        Mr Joyce, a former National Party leader and now a government backbencher, said his support for Assange should not be “taken as a character reference about him”.

        “I support the proper process of Australian law as applied to our citizens in our land in respect of our laws; it is the essence of sovereignty,” Mr Joyce told The Age and The Sydney Morning Herald.

    • Environment
      • Energy
        • California Blackouts Throw Spotlight on Disparity

          When the nation’s largest utility warned customers that it would cut power to nearly 2 million people across Northern California, many rushed out to buy portable generators, knowing the investment could help sustain them during blackouts.

    • AstroTurf/Lobbying/Politics
      • Warren Campaign Beats Facebook’s Shady Ad Policies at Their Own Game

        Presidential hopeful Sen. Elizabeth Warren this week targeted Facebook’s advertising policy—which allows politicians to circulate lies—with an ad of her own, which falsely claims that the company’s CEO Mark Zuckerberg endorsed President Donald Trump for re-election.

      • Hunter Biden to Resign From Chinese Board

        NEW YORK—Facing intense scrutiny from President Donald Trump and his Republican allies, Hunter Biden announced on Sunday that he will step down from the board of directors of a Chinese-backed private equity firm at the end of the month as part of a pledge not to work on behalf of any foreign-owned companies should his father win the presidency.

    • Censorship/Free Speech
    • Privacy/Surveillance
      • [Older] China’s New Cybersecurity Program: NO Place to Hide

        This system will apply to foreign owned companies in China on the same basis as to all Chinese persons, entities or individuals. No information contained on any server located within China will be exempted from this full coverage program. No communication from or to China will be exempted. There will be no secrets. No VPNs. No private or encrypted messages. No anonymous online accounts. No trade secrets. No confidential data. Any and all data will be available and open to the Chinese government. Since the Chinese government is the shareholder in all SOEs and is now exercising de facto control over China’s major private companies as well, all of this information will then be available to those SOEs and Chinese companies. See e.g. China to place government officials inside 100 private companies, including Alibaba. All this information will be available to the Chinese military and military research institutes. The Chinese are being very clear that this is their plan.

      • Apple Safari browser sends some user IP addresses to Chinese conglomerate Tencent by default

        Apple admits that it sends some user IP addresses to Tencent in the “About Safari & Privacy” section of its Safari settings which can be accessed on an iOS device by opening the Settings app and then selecting “Safari > About Privacy & Security.” Under the title “Fraudulent Website Warning,” Apple says: [...]

      • Why You Shouldn’t Use Facebook

        These are in chronological order, starting with the earliest. So the whole thing should read like a nice, long privacy vortex timeline.

    • Freedom of Information / Freedom of the Press
    • Civil Rights/Policing
      • #MeToo Movement’s Second Anniversary

        The global #MeToo movement has sparked significant social, cultural, and legal change, but many challenges remain, Human Rights Watch said, on the eve of the second anniversary of the #MeToo hashtag going viral on social media.

      • Lawyer for slain woman’s family says Fort Worth police should not be investigating themselves

        Atatiana Koquice Jefferson, 28, was killed around 2:30 a.m. Saturday after a neighbor called dispatchers to report the woman’s front door was open, police said.

        James Smith, Jefferson’s neighbor, told the Fort Worth Star-Telegram he called a non-emergency police number when he saw her doors open and lights on in the early morning hours. Officers arrived and parked near but not in front of the residence, police spokesman Lt. Brandon O’Neil said Sunday at a news conference.

        The officers were searching the perimeter of the woman’s home when they saw a person standing inside near a window and one of them opened fire, killing her, police said.

      • The False Balance Between Fascists and Antifascists

        Right-wing terror is a feature of daily life in present-day America. Ostensibly spontaneous violence incubates in the same ideological ecosystem as organized reactionary political associations.

    • Monopolies

More in Tux Machines

Devices Leftovers

  • Khadas VIM3L (Amlogic S905D3) Benchmarks, Settings & System Info

    Khadas VIM3L is the first Amlogic S905D3 SBC on the market and is sold as a lower-cost alternative to the company’s VIM3 board with a focus on the HTPC / media player market.

  • Semtech SX1302 LoRa Transceiver to Deliver Cheaper, More Efficient Gateways
  • In-vehicle computer supports new MaaS stack

    Axiomtek’s fanless, rugged “UST100-504-FL” automotive PC runs Ubuntu 18.04 or Windows on 6th or 7th Gen Intel chips, and offers SATA, HDMI, 2x GbE, 4x USB 3.0, 3x mini-PCIe, a slide-rail design, and the new AMS/AXView for MaaS discovery. Axiomtek announced a rugged in-vehicle PC that runs Ubuntu 18.04, Windows 10, or Windows 7 on Intel’s Skylake or Kaby Lake processors. The UST100-504-FL is aimed at “in-vehicle edge computing and video analytics applications,” and is especially suited for police and emergency vehicles, says Axiomtek. There’s also a new Agent MaaS Suite (AMS) IoT management suite available (see farther below).

  • Google Launches the Pixel 4 with Android 10, Astrophotography, and Motion Sense

    Google officially launched today the long rumored and leaked Pixel 4 smartphone, a much-needed upgrade to the Pixel 3 and 3a series with numerous enhancements and new features. The Pixel 4 smartphone is finally here, boasting upgraded camera with astrophotography capabilities so you can shoot the night sky and Milky Way without using a professional camera, a feature that will also be ported to the Pixel 3 and 3a devices with the latest camera app update, as well as Live HDR+ support for outstanding photo quality.

  • Repurposing A Toy Computer From The 1990s

    Our more youthful readers are fairly likely to have owned some incarnation of a VTech educational computer. From the mid-1980s and right up to the present day, VTech has been producing vaguely laptop shaped gadgets aimed at teaching everything from basic reading skills all the way up to world history. Hallmarks of these devices include a miserable monochrome LCD, and unpleasant membrane keyboard, and as [HotKey] found, occasionally a proper Z80 processor. [...] After more than a year of tinkering and talking to other hackers in the Z80 scene, [HotKey] has made some impressive headway. He’s not only created a custom cartridge that lets him load new code and connect to external devices, but he’s also added support for a few VTech machines to z88dk so that others can start writing their own C code for these machines. So far he’s created some very promising proof of concept programs such as a MIDI controller and serial terminal, but ultimately he hopes to create a DOS or CP/M like operating system that will elevate these vintage machines from simple toys to legitimate multi-purpose computers.

today's howtos

Audiocasts/Shows/Screencasts: FLOSS Weekly, Containers, Linux Headlines, Arch Linux Openbox Build and GhostBSD 19.09

  • FLOSS Weekly 551: Kamailio

    Kamailio is an Open Source SIP Server released under GPL, able to handle thousands of call setups per second. Kamailio can be used to build large platforms for VoIP and realtime communications – presence, WebRTC, Instant messaging and other applications.

  • What is a Container? | Jupiter Extras 23

    Containers changed the way the IT world deploys software. We give you our take on technologies such as docker (including docker-compose), Kubernetes and highlight a few of our favorite containers.

  • 2019-10-16 | Linux Headlines

    WireGuard is kicked out of the Play Store, a new Docker worm is discovered, and Mozilla unveils upcoming changes to Firefox.

  • Showing off my Custom Arch Linux Openbox Build
  • GhostBSD 19.09 - Based on FreeBSD 12.0-STABLE and Using MATE Desktop 1.22

    GhostBSD 19.09 is the latest release of GhostBSD. This release based on FreeBSD 12.0-STABLE while also pulling in TrueOS packages, GhostBSD 19.09 also has an updated OpenRC init system, a lot of unnecessary software was removed, AMDGPU and Radeon KMS is now valid xconfig options and a variety of other improvements and fixes.

MX-19 Release Candidate 1 now available

We are pleased to offer MX-19 RC 1 for testing purposes. As usual, this iso includes the latest updates from debian 10.1 (buster), antiX and MX repos. Read more