Language Selection

English French German Italian Portuguese Spanish

Techrights

Syndicate content
Free Software Sentry – watching and reporting maneuvers of those threatened by software freedom
Updated: 5 min 36 sec ago

No, Microsoft is Not an ‘Open Source Company’ But a Lying Company

7 hours 57 min ago

Even GitHub itself is proprietary software!

Summary: The world’s biggest proprietary software companies want to be seen as “open”; what else is new?

MICROSOFT IS A company full of lies. Lots and lots of lies. See this morning's article about Satya Nadella. “Microsoft through the years,” according to our associate, is this:

1970s programs
1980s systems
1990s marketing
2000s lobbying
2010s cult

Never mind if many of the above “programs” are ripoffs, licensed, or worse. Microsoft was never ever an honest company. This is why so many geeks never did and never will trust Microsoft. Last night we were alerted that Jason from Forbes (their best technology writer by the way), who had been manipulated by Microsoft (maybe the publisher participates in it!) again reprinted the ‘Microsoft ❤️ Linux’ and/or ‘Microsoft ❤️ Open Source’ lies. Jason knows these statements aren’t true, so his headline contained quotes: “Microsoft To Linux Community: ‘We Are An Open Source Company’” [sic]

What’s the point even printing this? The summary says: “17 years ago ex-Microsoft CEO Steve Ballmer called Linux a cancer. Is it finally time to let that comment go?”

They’re just hiding it better. They recently approached this blogger in an effort to change his mind, as we noted some weeks ago.

“To be most frank, Jason might be better off writing independently, not for Forbes, a publication that works for Bill Gates and spins for Bill Gates (he desperately needs spin right now).”Quite frankly, he should ignore them and focus on facts. Other Microsoft liars such as Bogdan Popa pushed (once again) the same lies/lines without even as much as scepticism. Jason doesn’t need to ‘help’ them. These people will spread whatever lies Microsoft thinks are essential to spread. Microsoft used to do lots of that through its pedophile, Microsoft Peter, who spread all these lies to the point where the Open Source section in Ars Technica was literally nothing but Microsoft lies. He did that even days before he was arrested and the publisher collapsed. Is Softpedia next? Popa is doing “Softpedia News” no favour every time he’s relaying Microsoft lies from Microsoft staff. This cannot possibly be good for the site in the long term…

To be most frank, Jason might be better off writing independently, not for Forbes, a publication that works for Bill Gates and spins for Bill Gates (he desperately needs spin right now).

Meme: Setting the Record Straight

Wednesday 16th of October 2019 05:52:52 AM

Did Stallman defend Epstein like the corporate media said?

Richard Stallman’s “Statements about Epstein” when it all began: “I want to respond to the misleading media coverage of messages I posted about Marvin Minsky’s association with Jeffrey Epstein. The coverage totally mischaracterised my statements.

“Headlines say that I defended Epstein. Nothing could be further from the truth. I’ve called him a “serial rapist”, and said he deserved to be imprisoned. But many people now believe I defended him — and other inaccurate claims — and feel a real hurt because of what they believe I said.

“I’m sorry for that hurt. I wish I could have prevented the misunderstanding.”

Summary: Stallman never defended Epstein. He had called him “Serial Rapist”. It’s Bill Gates who defended Epstein and possibly participated in the same acts.

EPO Staff Resolution Against Neoliberal Policies of António Campinos

Wednesday 16th of October 2019 04:56:16 AM

Last week: EPO Leak: António Campinos Announces Impending Cuts While Outsourcing to Private Firms Like Serco

Summary: “After Campinos announced 17 financial measures,” a source told us, “staff gathered at multiple sites last week for general assemblies. The meeting halls were crowded. The resolution was passed unanimously and without abstentions.”

Satya Nadella is a Distraction From Microsoft’s Real Leadership and Abuses

Wednesday 16th of October 2019 04:39:06 AM

By Mitchel Lewis (“Is Satya Real?”)

Summary: “I’m merely wondering if his image and accolades that we’re incessantly bombarded with by the press actually reflect his accomplishments or if they’re being aggrandized.”

Few executives have garnered more positive press than Satya Nadella since he took the reins at Microsoft. As shown with Elizabeth Holmes though, hype resulting from artificial press coverage is a commodity for major tech companies, hence why they all seem to have massive legal and PR teams to spin press favorably, too much of it can serve as correlate of the opposite being true; similar to a lifted truck with a pair of nuts hanging off the hitch.

With the influence of the media in mind, it’s easy to see why Nadella is credited with the lion’s share of Microsoft’s recent success while being revered as a mountaintop guru of sorts by many in the press. However, few, if any, tech companies are more notorious for manipulating the media than Microsoft. As such, when I ask if Satya Nadella is real, I’m not asking if he’s a real person. Instead, I’m merely wondering if his image and accolades that we’re incessantly bombarded with by the press actually reflect his accomplishments or if they’re being aggrandized.

So, is Satya real? Is he a genuine hyper-woke leader that hit refresh at Microsoft? Is he the champion of growth mindset and change? Or Is he just another manufactured figurehead doing what he’s told by a pasty white cabal of lawyers and PR people? Or is he somewhere in between?

If you were to ask Dina Bass of Bloomberg, she would maintain that Satya is the real deal and that Microsoft is going through a renaissance under his leadership. So would Jim Cramer and the list goes on and on. To their credit, Microsoft has made a boatload of money since Nadella took the reins. But correlation doesn’t always equal causation. Change occurs slowly on an enterprise scale and any manager at Microsoft will gladly affirm that it can be a big ship to steer. Resultantly, Microsoft has to plot its course so far in advance that the profits earned today are the byproduct of strategic planning and decisions made 5–10 years ago; none of which immediately goes out the door with leadership changes. As such, it can take 5–10 years for the merits of their new leadership to come into play and be realized as they slowly come out of the shadow of their predecessor.


Cut out for space? Or cut out because it contradicts the renaissance narrative?

As a result of this executive runoff, which Dina openly admits (omits?), it’s safe to say that Nadella’s influence is still gradually being realized, for better or for worse. Ironically, much of the success that Microsoft is seeing today can still be credited back to Steve Ballmer and his old guard which is still mostly intact to this day. From the present success of Office 365, Azure, Windows 10, Server, Surface, Visual Studio, Hololens, and Xbox to their GitHub and LinkedIn Acquisitions, virtually all of the major decisions bringing these products where they are today were put in motion before Satya’s ascent to the CEO position. It’s just not advantageous for Microsoft to hype up Satya’s predecessors or their old guard with any of their accomplishments.

Sure, he could be the harbinger of ethical change at Microsoft, but it’s not as if Satya was at odds with Ballmer or Gates while under their leadership. Nadella gladly worked under both of them at a company where being ethical was/is a career-limiting move and seemingly taking no issue with anything that Microsoft became notorious for. He didn’t take a stand against their blatant anticompetitive behavior. He is seemingly fine with their commitment to lock-in and is chill with patent trolling too. Bribery? HR and management systematically retaliating against dissenters, whistleblowers, and abuse victims? Pay inequality? No problem at all as far as Nadella is concerned.

Presently, Microsoft is supplying ICE and CBP with its entire suite of software and services despite their participation in genocide. Meanwhile, Microsoft is also catering to China’s facial recognition ambitions and remain complicit in their various human rights violations; they aren’t the only ones though. In response, Satya has tried to downplay Microsoft’s relationship with these government entities while trying to distance the complicity of their productivity software from their deplorable behavior. But his lip service ultimately seems to contradict itself when it doesn’t dance around the subject entirely while his actions are par for the course with his predecessors.

In a recent interview and rather than acknowledging their complicity, Nadella claims to maintain some ethical control over their software, from who gets to use it to how they get to use it. Yet, he’s mum when ICE and CBP are blatantly violating their code of conduct with regard to the welfare of children. Even worse, he also seems to prefer to leave ethical decisions to the various laws of the land that they’re operating within like a modern Protagoras in the same breath; legal does not equal ethical. All while ignoring protests of this sort of behavior on his doorstep, internally, and abroad.

“We do have control on who gets to use our technology…and we do have principles. Beyond how we build it, how people use it is something that we control through Terms of Use. And we are constantly evolving the terms of use.”

“We also recognize whether it’s in the United States, whether it’s in China, whether it’s in the United Kingdom, they will all have their own legislative processes on what they accept or don’t accept, and we will abide by them.”
-Satya Nadella

With the above in mind, it’s quite obvious that Satya is towing the company line and deferring ethical decisions to his legal and PR teams while parroting whatever said teams mandate that he say. But ethics deferred are ethics abandoned and this is especially true when one defers to the likes of corporate counsel, PR teams, or the bastardized logic of regimes. As is the case for a proper figurehead, you would be hard-pressed to find Satya going against the grain of anything that Microsoft has become notorious for. None of which is a hallmark of the leadership qualities and ethical stances that he is supposedly a champion of.

While he’s positioned as a techno demigod in the media, Nadella is not even allowed to check his email according to his legal team which is a solid indicator of who is truly wearing the pants at Microsoft. That said, how much sway corporate counsel has within an organization the size of Microsoft often goes overlooked. When you’re walking the line between legal and criminal as Microsoft has done historically, you tend to do whatever your lawyer tells you to do and this is no different for a corporation. And this is especially the case at a law firm with a software problem such as Microsoft which was founded by the affluenza’d son of a Halliburton attorney.

Given the undue amount of influence of Microsoft’s legal team has within its walls, it borders on the irrational to expect a significant amount of change from such a company so long as they retain the same lawyers regardless of who their CEO is. Just as you don’t need a criminal defense attorney when you’re not committing crimes, you also won’t need the king of anti-trust such as Brad Smith working at the top legal position of your company unless you’re maintaining a monopoly and violating the Sherman Act.

When I was a vendor at Microsoft, I was told that it was not my job to think, only to do as I was told. Much like a vendor, it’s not Satya’s job to think as a figurehead either. Instead, it’s Satya’s job to operate at the behest of Brad Smith and his legal/PR teams. This isn’t to say that this makes Nadella is a bad person though. He’s just not the person we’ve been sold. Ethically speaking, the real Satya Nadella is most likely no better or worse than anyone else doing their job at Microsoft or anywhere else that requires employees to shelve ethics for a paycheck. You’re welcome to believe the hype though.

Raw: EPO Comes Under Fire for Lowering Patent Quality Under the Orwellian Guise of “Collaborative Quality Improvements” (CQI)

Wednesday 16th of October 2019 04:10:24 AM

Summary: Stephen Rowan, the President’s (António Campinos) chosen VP who promotes the notorious “Collaborative Quality Improvements” (CQI) initiative/pilot, faces heat from the CSC, the Central Staff Committee of the EPO

Making The Most of The Fourth Age of Free Software

Wednesday 16th of October 2019 03:53:15 AM

By figosdev

Summary: “For better or for worse, we can be certain the Free Software Foundation will never be the same.”

Internet eras come and go in one lifetime. Other technological ages approach and wane with the same haste.

The First Age of Free software arrived in the 1950s, when source code was both available and unrestricted. Neither copyright nor patents were applicable to code, and the A-2 compiler gave customers the opportunity to study and improve the software.

The First Age continued through the 1970s, and gave birth to C, UNIX and BSD. In 1980, Software became copyrightable in the United States — as of the late 1990s, Microsoft had still not yet found a way to abuse the patent system to increase their level of control over the market.

“In 1980, Software became copyrightable in the United States — as of the late 1990s, Microsoft had still not yet found a way to abuse the patent system to increase their level of control over the market.”The Second, and first deliberate Age of Free software, began in the 1980s as Richard Stallman created the Free Software Foundation. Now that monopolies were exerting additional control over software, Stallman realised that this ultimately meant exerting unjust control over the users themselves. For an extreme example of this, one need only consider the level of control that Amazon has today over your ebook library.

You may “purchase” an ebook, but Amazon controls your digital reader and with that, your library. You have less of a say over your own books than the company you bought them from, which is an unprecedented level of control over libraries that circumvents First-sale doctrine.

First-sale doctrine dictates that even if you don’t have the right to publish a book, the physical copy you purchase is yours to change, resell, destroy — you don’t control the publishing rights but you do own your copy.

The Digital Millennium Copyright Act (where applicable) is at odds with First-sale doctrine, making it a crime to circumvent the encryption scheme on ebooks, music and films. But it’s Amazon’s control of the software that gives them their control of your library — and poses an existential threat to public libraries, which have nearly always existed in the (legally and constitutionally defended) defiance of publishers.

“But it’s Amazon’s control of the software that gives them their control of your library — and poses an existential threat to public libraries, which have nearly always existed in the (legally and constitutionally defended) defiance of publishers.”There are countless other examples of how non-free software creates a lack of freedom for the user, but the threat that companies who promote such software pose to libraries is as good an example as any. Similar modern injustices exist for users of automobiles, pacemakers and farm equipment.

In the late 90s, the Third Age of Free software began. This was an age where Free software worked to maintain awareness as a schism took place. As the GNU project moved forward from creating the rest of an operating system to creating a viable kernel, another free kernel emerged. We know this as the Linux kernel, which has included a Free software license since 1992.

It was not a problem that the Linux kernel was created outside of the GNU project per se, but it created a unique challenge. The authors of Linux were not interested in promoting Free software; they preferred to promote an offshoot or alternative concept called “Open Source.” And one of the primary goals of Open Source was to focus on goals that businesses liked, without having to talk about politics or freedom.

“The authors of Linux were not interested in promoting Free software; they preferred to promote an offshoot or alternative concept called “Open Source.” And one of the primary goals of Open Source was to focus on goals that businesses liked, without having to talk about politics or freedom.”The Third Age is an age of excessive compromise, as well as greater awareness of the products of Free software — through an often unsympathetic, pro-corporate and monopoly-sponsored tech press. This age created great misconceptions and frequently misrepresented history prior to “informing” the public about it. The Third Age helped to steal Free software from the poor and the general public, and give it to the rich and monopolistic.

The Third Age is largely successful, from the standpoint of people who are happy to find that Free software is now actually less free than before. If you ask someone sympathetic to Open Source, they may refer to the movement they co-opted as consisting of “neckbeards”, “whiners” and “zealots”. They mock people who spent years working hard to make software free for everyone as “cheapskates”. But for them, Open source is a triumph. It has entirely different standards of success, but by those standards things are going very well.

If an outside group co-opting Free software forms the Third Age, then the next great Schism in Free Software is the Fourth or present Age. This is a potentially dark age where Free Software itself splits apart — the cause could be considered as a combination of factors.

One factor is the damage to the Free software ecosystem caused by monopoly interference. This has been recognised for years by Free software supporters in various camps, closer to the outskirts (or frontiers) of the movement than the Free Software Foundation itself.

A second factor is the failure of the Free Software Foundation to respond to this category of interference. For many years, a debate has existed between these frontier supporters and the FSF on what the greatest threats to Free software are today. None of this negates or tries to negate the original or primary threats to freedom that have always existed and are still relevant — this a key difference between the current schism and Open Source.

“The First Age was an age of de facto software freedom, the Second Age was the first age of deliberate and intentional freedom, the Third Age was an age of challenged freedom — and in the Fourth Age, we find a dramatic change in leadership and organisation.”Finally, there are people working closely with the Free Software Foundation who have supported the complete political and social ousting of its leader. While voluntarily stepping down as president may have given the FSF the chance to find and transition in a leader suitable to the movement, this has now taken place under other, more disruptive circumstances (including leaving the board instead of just the position) and this dramatic change makes the Fourth Age of Free software that much more distinct.

The First Age was an age of de facto software freedom, the Second Age was the first age of deliberate and intentional freedom, the Third Age was an age of challenged freedom — and in the Fourth Age, we find a dramatic change in leadership and organisation.

You may choose to define this age as the one where its founder was ousted and rejected. Alternatively, you may choose to define this age as the one where the FSF lost credibility with the treatment of its founder. Stallman himself encourages us not to blame the FSF as an organisation, and I can still appreciate and try to support that request. How we go about supporting the FSF in the future is something we are all ultimately going to be discussing.

Speaking personally, I am not the only person that thinks we need the FSF just as much as ever before. I think this is mostly an attack by monopolies, enabled by damage done by Open Source, and that ceding too much control to those who never cared about freedom has weakened the FSF to the point of nearly falling apart.

I do think we should work to save the Free Software Foundation, and abandoning it will not likely save it.

“I do think we should work to save the Free Software Foundation, and abandoning it will not likely save it.”But it will only be saved on terms that no longer neglect the problems that led to this age in the first place. In other words, if we continue to support the FSF, it will be clear that Free software advocates have a greater input in the future and are not so easily waved aside.

It’s important that the FSF not compromise on its goals, but it is also important that it not shy away from addressing new problems. It can be argued that the FSF has fallen short on both. Since we cannot trust the FSF to get everything right, since it has proven unable to sustain its mission in a number of notable ways, it must be willing to accept help that it waved aside in the past.

This does not mean giving into the false compromise and false promise of Open Source. If anything, it has done too much of that already.

But since the FSF was founded, many organisations sympathetic to Software Freedom and (with varying degree) the FSF itself have formed. These are typically smaller organisations, often focusing on certain aspects of freedom that the FSF may neglect or even try to negate.

These organisations cannot and will not be ignored or hastily dismissed any longer. We have predicted several of the crises the FSF is bleeding out from, and if the FSF insists on continuing to bleed out this way, it will die. We can’t force them to listen, or to agree. But we can certainly point out the foolishness of some of the key mistakes that brought us to this point in time. We can also point out solutions that are within the FSF’s ability to implement.

“Regardless of what happens to a sole organisation, this is the second and new age where lines have appeared between those who would have Richard Stallman as captain, and those who would not.”The FSF remains very important to Free software. It holds documents, software, history and talent that can probably do far more good where it belongs — sheltered and maintained by the FSF, if they are willing to work with a broadening, ideologically diverse but sincere and devoted Free software community. By no means will we have a net benefit if the FSF falls.

But we also know that the FSF has failed us in ways we won’t put aside. Even if the organisation is vital, even if the majority of its volunteers are better described as “with us” than “against us,” those who are responsible for these failures will be noted and trusted less than in the past.

The FSF must choose — between becoming less trusted as an organisation, or understanding that certain individuals will become less trusted as a result of all this. We owe it to Stallman, as well as ourselves, not to be hasty or superficial in where we place or withdraw our trust. But the First and Second ages of Free software were ages of innocence and growing up. The Third and Fourth ages will prove to be ages of hard lessons and struggling to regain lost ground, as well as ages of new ideas and evolution.

“For better or for worse, we can be certain the Free Software Foundation will never be the same.”In many ways, it was our own decisions that led us here. In another sense, this is the direction we were swept into. The Free Software Foundation lacks a leader, and the Free software movement is searching for a new anchor. What once was a great ship, is very arguably now a fleet. Regardless of what happens to a sole organisation, this is the second and new age where lines have appeared between those who would have Richard Stallman as captain, and those who would not.

For some of us, this could be the age where Stallman is retired as captain and is promoted (by us) to Admiral, as several new captains appear. For better or for worse, we can be certain the Free Software Foundation will never be the same. Free software sails on, into uncharted waters. We venture forth in search of greater freedom — we do not abandon the quest for freedom for marketshare alone.

Long Live Stallman, and Happy Hacking.

Licence: Creative Commons CC0 1.0 (public domain)

FSF is Not for Free Speech Anymore

Wednesday 16th of October 2019 03:05:50 AM

Mr. Pocock was right

Summary: The FSF gave orders to silence people

Bradley M. Kuhn (largely responsible for the RMS resignation): “I have been silent the last month because, until two days ago, I was an at-large member of FSF’s Board of Directors, and a Voting Member of the FSF. As a member of FSF’s two leadership bodies, I was abiding by a reasonable request from the FSF management and my duty to the organization. Specifically, the FSF asked that all communication during the crisis come directly from FSF officers and not from at-large directors and/or Voting Members. Furthermore, the FSF management asked all Directors and Voting Members to remain silent on this entire matter — even on issues only tangentially related to the current situation, and even when speaking in our own capacity (e.g., on our own blogs like this one). The FSF is an important organization, and I take any request from the FSF seriously — so I abided fully with their request.” (no direct link, but it can be read here)

Links 16/10/2019: Plasma 5.17.0, Project Trident Moves to GNU/Linux, NuTyX 11.2

Wednesday 16th of October 2019 01:54:32 AM

Contents
  • GNU/Linux
    • [Project Trident] 2020 OS Migration

      After several months of examination and testing of the various operating systems that are available right now, we have reached a conclusion. Project Trident will rebasing with Void Linux.

    • Project Trident Switching From TrueOS/FreeBSD Distribution To Basing On Void Linux

      Project Trident has been one of the lesser known BSD distributions derived from TrueOS (formerly PC-BSD) and making use of the FreeBSD package set. But moving forward the distribution is looking to reinvent itself as a derivative of Void Linux.

      Project Trident had been looking at re-basing itself on a new operating system platform especially with TrueOS being less desktop focused these days and encountering “multiple long-standing issues with the underlying FreeBSD”. In the end, they announced on Monday they selected Void Linux as their new target.

    • Desktop
      • 16 Places To Buy A Linux Laptop With Linux Preloaded

        Are you looking for Linux laptops? Do you want a Linux system without having to pay a Microsoft tax? The hardest part of using Linux is to find out the correct hardware. Hardware compatibility and drivers can be a big issue. But where one can find Linux desktops or Laptop for sale? Here are sixteen places to buy a preinstalled Linux Desktop and Laptop.

    • Server
      • IBM
        • Top 10 highlights at Red Hat Summit 2019

          As we careen into Fall, we at Red Hat have had a few months to catch our breath after another fantastic Red Hat Summit. Which means… we’re busy planning for next year’s Red Hat Summit. As we get everything lined up for next year, let’s take a look back at some of the highlights from our time in Boston.

          [...]

          Every year the Red Hat Innovation Awards recognize the technological achievements of Red Hat customers around the world who demonstrate creative thinking, determined problem-solving and transformative uses of Red Hat technology.

          The 2019 winners were: BP, Deutsche Bank, Emirates NBD, HCA Healthcare and Kohl’s. In addition, HCA Healthcare was voted the 2019 Red Hat Innovator of the Year for its efforts to use data and technology to support modern healthcare. A cross-functional team of clinicians, data scientists and technology professionals at HCA Healthcare used Red Hat solutions to create a real-time predictive analytics product system to more accurately and rapidly detect sepsis, a potentially life-threatening condition.

        • Red Hat Sacks CFO Over Alleged Workplace Standards Violation

          Red Hat CFO has been shown the door in alleged workplace standards violation.

        • Red Hat Developers Eyeing CPU Thermal Management Improvements For Fedora 32

          Several Red Hat developers are looking at improving the CPU thermal management capabilities for Fedora Workstation 32 and in turn possibly helping Intel CPUs reach better performance.

          The change being sought for Fedora Workstation 32 would be shipping Intel’s thermal daemon (thermald) by default with Fedora 32 and with that carrying various hardware specific configuration data for helping CPUs reach their optimal thermal/power limits. Intel’s open-source thermal daemon can already be installed on most Linux distributions as a separate package but isn’t normally shipped by default. With Fedora Workstation 32 it could be shipped by default for its goal of trying to keep CPUs operating in the correct temperature envelop and to reach maximum performance.

        • What’s new in Red Hat Dependency Analytics

          We are excited to announce a new release of Red Hat Dependency Analytics, a solution that enables developers to create better applications by evaluating and adding high-quality open source components, directly from their IDE.

          Red Hat Dependency Analytics helps your development team avoid security and licensing issues when building your applications. It plugs into the developer’s IDE, automatically analyzes your software composition, and provides recommendations to address security holes and licensing problems that your team may be missing.

          Without further ado, let’s jump into the new capabilities offered in this release. This release includes a new version of the IDE plugin and the server-side analysis service hosted by Red Hat.

        • Awards roll call: Red Hat awards, July 2019 – October 2019

          As we head into the new season, we?d like to spread the excitement by sharing some of our latest awards and industry recognition. Since our last roundup, Red Hat has been honored with accolades highlighting our unique culture, our creative and design work and our expansive product portfolio.

    • Audiocasts/Shows
      • 2019-10-15 | Linux Headlines

        A double dose of Python, AWS credits for open source projects, a new kernel development course from the Linux Foundation, and an exciting release for KDE Plasma.

      • A Chat with Allan Jude | Jupiter Extras 22

        Brent sits down for an in-person chat with Allan Jude for a retrospective storytelling of his beginnings in BSD, his long history with podcasting, BSDNow and Jupiter Broadcasting, a beginner’s guide to the benefits of FreeBSD, with technical nuggets and nostalgic bits throughout.

        Allan Jude wears many hats including FreeBSD developer and member of the FreeBSD Core team, ZFS expert, co-founder and VP Engineering at Klara Inc., co-founder and VP Operations at ScaleEngine Inc., host of BSDNow, former host of TechSNAP among many others.

      • Podcast.__init__: Andrew’s Adventures In Coderland

        Software development is a unique profession in many ways, and it has given rise to its own subculture due to the unique sets of challenges that face developers. Andrew Smith is an author who is working on a book to share his experiences learning to program, and understand the impact that software is having on our world. In this episode he shares his thoughts on programmer culture, his experiences with Python and other language communities, and how learning to code has changed his views on the world. It was interesting getting an anthropological perspective from a relative newcomer to the world of software.

        [...]

        Software development is a unique profession in many ways, and it has given rise to its own subculture due to the unique sets of challenges that face developers. Andrew Smith is an author who is working on a book to share his experiences learning to program, and understand the impact that software is having on our world. In this episode he shares his thoughts on programmer culture, his experiences with Python and other language communities, and how learning to code has changed his views on the world. It was interesting getting an anthropological perspective from a relative newcomer to the world of software.

      • 2019-10-14 | Linux Headlines

        Perl 6 is renamed, AWS goes metal with ARM, OnionShare just got a big upgrade, and Google has a new security dongle.

      • Fedora Removes 32bit, System76 Coreboot, Flatpak, Valve, Atari VCS, Docker | This Week in Linux 84

        On this episode of This Week in Linux, we talk about Fedora Removing 32-bit, well sort of. System76’s announced two laptops using Coreboot firmware. There is some interesing news regarding Docker and its future. Then we’ll check out some Linux Gaming news with some really exciting news from Valve!

    • Kernel Space
      • Linux Kernel 5.2 Reached End of Life, Users Urged to Upgrade to Linux Kernel 5.3

        Released in early July 2019, the Linux 5.2 kernel series brought various new features and enhancements, among which we can mention an open-source firmware to support DSP audio devices, support for case-insensitive names in the EXT4 file system, a new file system mount API, better resource monitoring for Android devices, as well as new open-source GPU drivers for ARM Mali devices.

        Additionally, Linux kernel 5.2 introduced some performance improvements to the BFQ I/O scheduler, a new CPU bug infrastructure that better protects your computers against the recently disclosed Intel MDS (Microarchitectural Data Sampling) hardware vulnerabilities, and a new device mapper “dust” target for simulating devices with failing sectors and read failures.

      • Highly Threaded Linux Software Running Under CFS Quotas See Big Performance Fix

        Thanks to a Linux kernel fix that is likely to be back-ported to the various stable series, highly threaded software running under CFS quotas for enforcing CPU limits are about to be much faster. At least in a synthetic test case, the kernel fix yields a 30x improvement in performance.

        Spotted by the Kubernetes community but affecting others with highly threaded workloads and making use of a CFS quota to restricted shared CPU resources, it turns out that highly-threaded applications are routinely not getting “their fair share” of the CPU, leading to lower than expected performance and higher latency.

      • New “FUSE2″ Kernel Driver Being Experimented With For File-Systems In User-Space

        Longtime FUSE developer Miklos Szeredi of Red Hat has been working on a new “FUSE2″ FUSE kernel driver for implementing file-systems in user-space.

        FUSE2 is a completely new “File-System in User-Space” kernel driver being worked on and presented as a new FUSE2_FS Kconfig option that simply describes it as an “experimental new fuse driver” and with interface changes compared to the existing FUSE kernel driver is now exposed via /dev/fuse2.

      • Graphics Stack
        • Intel Linux Graphics Driver Adds Bits For Jasper Lake PCH

          Details are still light on Jasper Lake, but volleyed onto the public mailing list today was the initial support for the Jasper Lake PCH within the open-source Linux graphics driver side.

          The patch adds in the Jasper Lake PCH while acknowledging it’s similar to Icelake and Tigerlake behavior. The Jasper Lake PCI device ID is 0x4D80. The patch doesn’t reveal any other notable details but at least enough to note that the Jasper Lake support is on the way. Given the timing, the earliest we could see Intel Jasper Lake support out in the mainline kernel would be for Linux 5.5, which will be out as stable as the first kernel series of 2020 and in time for the likes of Ubuntu 20.04 LTS and Fedora 32.

        • Linux Graphics Drivers Could Have User-Space API Changes More Strictly Evaluated

          In response to both the AMD Radeon and Intel graphics drivers adding new user-space APIs for user-space code that just gets “[thrown] over the wall instead of being open source developed projects” and the increase of Android drivers introducing their own UAPI headaches, Airlie is looking at enforcing more review/oversight when DRM drivers want to make user-space API changes.

          The goal ultimately is to hopefully yield more cross-driver UAPI discussions and in turn avoiding duplicated efforts, ensuring good development implementations prior to upstreaming, and better quality with more developers reviewing said changes.

        • xf86-video-ati 19.1 Released With Crash & Hang Fixes

          For those making use of xf86-video-ati on X.Org-enabled Linux desktops, the version 19.1 release brings just a handful of new fixes. This release was announced today by Michel Dänzer who last month departed AMD to now work on Red Hat’s graphics team. Michel is sticking around the Mesa/X.Org world for Red Hat’s duties but is hoping someone else will be picking up maintenance of the xf86-video-ati/xf86-video-amdgpu DDX drivers going forward. Granted, not a lot of activity happens to these X.Org DDX drivers these days considering more Linux desktops slowly moving over to Wayland, many X11 desktops using the generic xf86-video-modesetting, and these AMD drivers being fairly basic now with all of the big changes in the AMDGPU DRM kernel driver.

    • Benchmarks
      • Windows 10 vs. Linux OpenGL/Vulkan Driver Performance With Intel Icelake Iris Plus Graphics

        With picking up the Dell XPS 7390 with Intel Core i7-1065G7 for being able to deliver timely benchmarks from Intel’s long-awaited 10nm+ Icelake generation, one of the first areas we have been testing is the Iris Plus “Gen 11″ graphics performance. In this article are our initial Windows 10 vs. Linux graphics performance numbers for Ice Lake.

        For this very first Intel Iris Plus Gen11 graphics testing are results from Windows 10 compared to Ubuntu 19.10. Ubuntu Linux was benchmarked with its stock driver stack comprised of Mesa 19.2.1 as well as opting for the “Iris” Gallium3D driver and also testing Mesa 19.3-devel both with the default i965 OpenGL driver and the Iris Gallium3D driver. Of course, for the Vulkan tests on Linux is their sole “ANV” Vulkan driver.

        The Dell XPS 7390 was equipped with the Intel Core i7-1065G7 Ice Lake processor and its Iris Plus Graphics, 2 x 8GB LPDDR4 3733MHz memory, 500GB Toshiba NVMe solid-state drive, and 1920×1200 panel.

    • Applications
      • Rudimentary KBibTeX client using Kirigami2

        KBibTeX is a bibliography editor (BibTeX and somewhat BibLaTex) used in conjunction with LaTeX and friends. Based on this code base, a SailfishOS client called ‘BibSearch’ exists which allows to search for bibliographic data in various online sources (IEEE Xplore, Google Scholar, ACM Digital Library, …). BibSearch’s code makes use of KBibTeX’s C++ code, has its user interface implemented in SailfishOS’s Silica QML, and provides just two C++ files on its own to glue together everything.

      • Unoon, a tool to monitor network connections from my system

        I always wanted to have a tool to monitor the network connections from my laptop/desktop. I wanted to have alerts for random processes making network connections, and a way to block those (if I want to).

        Such a tool can provide peace of mind in a few cases. A reverse shell is one the big one, just in case if I manage to open any random malware (read downloads) on my regular Linux system, I want to be notified about the connections it will make. The same goes for trying out any new application. I prefer to use Qubes OS based VMs testing random binaries and applications, and it is also my daily driver. But, the search for a proper tool continued for some time.

        [...]

        A few weeks back, on a Sunday late night, I was demoing the very initial version of the tool to Saptak. While we were talking about the tool, suddenly, an entry popped up in the UI /usr/bin/ssh, to a random host. A little bit of search showed that the IP belongs to an EC2 instance. For the next 40 minutes, we both were trying to debug to find out what happened and if the system was already compromised or not. Luckily I was talking about something else before, and to demo something (we totally forgot that topic), I was running Wireshark on the system. From there, we figured that the IP belongs to github.com. It took some more time to figure out that one of my VS Code extension was updating the git, and was using ssh. This is when I understood that I need to show the real domain names on the UI than random IP addresses.

      • NordPy: An Open-Source Linux Client for NordVPN

        NordVPN is a personal VPN software with the main focus on protecting user privacy and granting them access to regionally restricted content. It features a strong encryption protocol with a no-log policy and works with north of 5700 servers in at least 60 countries. It is available for Linux, Windows, macOS, AndroidTV, Android, iOS and NAS platforms. It can also be manually set up on WiFi routers.

        NordVPN is one of the most recommended VPN services and while it continues to receive positive reviews from customers, developers are beginning to dedicate some time to it and this is how NordPy has come to be.

        NordPy is an open-source GUI client for Linux users who like NordVPN and it inherits all the features in the official NordVPN applications. Its feature list includes connection to OpenVPN or NetworkManager-OpenVPN via TCP and UDP, no DNS leak when using OpenVPN,

      • 7 Linux Applications You Should Start Using Right Now

        Linux used to be the go-to operating system among the tech-savvy crowd. Because back in the day, it was a lot more demanding to use. Now Linux has modern, user-friendly distributions such as Ubuntu and Mint. The application repository they have in common has matured too. Customizing it to your heart’s desire is now easier than ever before. And this should be the end goal — to mold the OS into a tool that’s custom-tailored to your needs. So if you haven’t already, consider installing the following types of applications.

      • Proprietary
        • Compromised AWS API Key Allowed Access to Imperva Customer Data

          Imperva has shared more information on how [attackers] managed to obtain information on Cloud Web Application Firewall (WAF) customers, and revealed that the incident involved a compromised administrative API key.

        • Oil Refiner Reports Major IT Incident in Finland

          It’s not yet clear whether the cause is a malfunction or a cyber attack, according to spokeswoman Susanna Sieppi. The issue is under investigation, and it’s too early to estimate when the systems will be fixed, she said by phone.

    • Instructionals/Technical
    • Games
      • 2D using Godot

        This brings me to the GUI parts. I’m still not convinced that I understand how to properly layout stuff using Godot, but at least it looks ok now – at the cost of some fixed element sizes and such. I need to spend some more time to really understand how the anchoring and stretching really works. I guess I have a hard time wrapping my head around it as the approach is different from what I’m used to from Qt.

        Looking at the rest of the code, I’ve tried to make all the other scenes (in Godot, everything is a scene) like independent elements. For instance, the card scene has a face, and an is_flipped state. It can also signal when it is being flipped and clicked. Notice that the click results in a signal that goes to the table scene, which decides if the card needs to be flipped or not.

        The same goes for the GUI parts. They simple signal what was clicked and the table scene reacts. There are some variables too, e.g. the number of pairs setting in the main menu, and the points in the views where that is visible.

      • City building god sim ‘The Universim’ will now let you launch rockets with satellites into orbit

        The Universim is slowly turning into a city building god game truly worth playing, with the Sky High update now available expanding the game into planetary orbit.

        Being able to actually launch things into space is a stepping stone towards visiting other planets. Currently, the Cosmodrome will allow you to send up Defence Satellites that will enable ground to air defences for your Defence Towers. So now you have a reasonable chance to take down meteors and other threats from space.

      • POSTAL 4: No Regerts released into Early Access, Linux version likely in future

        Running With Scissors are back, with a surprise release of POSTAL 4: No Regerts on Steam and a Linux version is looking likely in future.

        Naturally, someone posted on Steam to ask about the possibility of Linux support. This is something that happens a lot but here it’s a bit different. RWS already supported Linux with multiple previous Postal releases.

      • PlayStation 3 emulator RPCS3 is coming along quickly with their August progress report up

        Delayed as usual due to the progress reports being done by contributors, the team working on the PlayStation 3 emulator RPCS3 have another post up to show off more incredible progress.

        To start with, they have again changed how they list what games are playable and not with the removal of games that won’t work due to servers being shut down. They said even if RPCS3 becomes 100% complete, they wouldn’t work unless someone accurately emulated and hosted servers for them. With that in mind, they also did a lot of testing of games that previously only went in-game to see how many are now properly playable. Thanks to all the testing, the Playable category has jumped up to 1,426 titles!

      • Feral Interactive Launches ‘Shadow Of The Tomb Raider’ Plus All DLC On Linux November 5

        Lara Croft’s latest sprawling adventure is finally landing on Linux next month, courtesy of the porting masters at Feral Interactive. Shadow of the Tomb Raider: Definitive Edition marks the conclusion of the rebooted Tomb Raider trilogy, and it will feel fantastic to see the entire series natively playable on our favorite OS.

      • Shadow of the Tomb Raider Arrives for Linux and macOS on November 5th

        UK-based video games publisher Feral Interactive announced today that the Shadow of the Tomb Raider video game will arrive for Linux and macOS platforms on November 5th, 2019.

        Developed by Crystal Dynamics and Eidos-Montréal, Shadow of the Tomb Raider was launched on September 14, 2018, as the last instalment in the spectacular and thrilling action-adventure puzzle game Tomb Raider origins trilogy. It’s also the twelfth title in the Tomb Raider series featuring the famous character Lara Croft. In this game, players will adventure into a Maya apocalypse world where they need shape Lara’s destiny to become the Tomb Raider.

      • Shadow of the Tomb Raider Coming To Linux On 5 November

        Feral Interactive revealed today that Shadow of the Tomb Raider will be released for Linux on 5 November.

        While Shadow of the Tomb Raider already works quite well under Steam Play, Feral Interactive has been porting Shadow of the Tomb Raider Definitive Edition over to macOS and Linux. They now revealed 5 November is the launch date for this AAA game.

        The Linux system requirements have yet to be revealed but it is another Vulkan exclusive Linux game port.

      • Shadow of the Tomb Raider Definitive Edition arrives on Linux on November 5th

        Feral Interactive have finally confirmed the Linux release date for Shadow of the Tomb Raider after announcing it for Linux back in November last year.

        They’ve said today it will officially release as “Shadow of the Tomb Raider Definitive Edition” on November 5th! Looking around at dates, technically this is the earliest we’ve seen any of the newer Tomb Raider series arrive on Linux. The first Tomb Raider came to Linux in 2016 after an original 2013 release, with Rise of the Tomb Raider arriving on Linux 2018 after an original 2016 release and we get the final game in the reboot trilogy next month!

      • The Internet Archive website has added another 2,500 MS-DOS games

        Another point scored for game preservation. The Internet Archive have added another 2,500 MS-DOS games you can play right in your browser.

        In their official announcement, they said that while they’ve added a few more to their collection here and there this is the biggest yet and it ranges from “tiny recent independent productions to long-forgotten big-name releases from decades ago”.

      • 2,500 More MS-DOS Games Playable at the Archive

        Another few thousand DOS Games are playable at the Internet Archive! Since our initial announcement in 2015, we’ve added occasional new games here and there to the collection, but this will be our biggest update yet, ranging from tiny recent independent productions to long-forgotten big-name releases from decades ago.

      • Vulkan support is not far away now for the flight sim X-Plane 11, physics & flight model updates coming

        X-Plane 11, the detailed flight simulator is finally closing in on an update that will bring in Vulkan support as detailed in a new developer blog post.

      • Google have confirmed the Stadia launch date is November 19

        Stadia, Google’s new fancy Linux-powered game streaming service is officially set to launch on November 19, that is if you forked out for the expensive Stadia Founder’s Edition.

        In the blog post over on Google, written by John Justice the “Vice President of Product, Stadia”, they mention that the Founder’s Edition should start arriving on doorsteps on November 19. From then, you will be able to buy and play games beginning at 4PM UTC and it will work across devices right away (so you don’t need to use that fancy Chromecast Ultra). As long as your Linux PC has a Chrome browser installed, it should work fine.

        However, there’s an important note included to say that they will be shipped out “in the same order that pre-orders were received”. So if your country still had them available yesterday and you ordered, you’re probably in for a wait. Justice said once your package ships, you will then get an email and sometime shortly after a code to activate it all.

      • Godlike village sim ‘Rise to Ruins’ has officially left Early Access with a huge upgrade

        Rise to Ruins (formerly Retro-Pixel Castles) is a great blend of genres, pulling in inspiration from the likes of Black and White, Rimworld, and Dwarf Fortress to make something entirely unique.

        After being in Early Access for nearly five years, this is a huge milestone for Raymond Doerr of SixtyGig Games. It’s another title I’ve followed along closely all these years, after personally purchasing it back in 2015 and it’s really delightful to play. The Linux support has been in good shape for a long time too, no noteworthy issues.

      • Stranger Things have entered Rocket League for the Haunted Hallows event

        As a big fan of both Stranger Things (the TV series) and Rocket League, I approve of the little crossover they’re currently doing for the new Halloween event the Haunted Hallows.

        Running from now until November 11 at 6PM UTC, the Farmstead Arena has been given a bit of a makeover to be a bit more spooky. Complete with a freaky creature called the Mind Flayer watching over the arena. During the event you can once again earn Candy Corn to redeem for new themed in-game items. I’m quite a big fan of the animated spider decal, looks awesome.

    • Desktop Environments/WMs
      • K Desktop Environment/KDE SC/Qt
        • Plasma 5.17.0

          Plasma 5.17 is the version where the desktop anticipates your needs. Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11. Your Plasma desktop also recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshow. If you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor.

          The best part? All these improvements do not tax your hardware! Plasma 5.17 is as lightweight and thrifty with resources as ever.

        • Plasma 5.17 is out!

          Plasma 5.17 is the version where the desktop anticipates your needs. Among many new features and improvements, your desktop now starts up faster; Night Color, the color-grading system that relaxes your eyes when the sun sets, has landed for X11; your Plasma desktop recognizes when you are giving a presentation, and stops messages popping up in the middle of your slideshows; and, if you are using Wayland, Plasma now comes with fractional scaling, which means that you can adjust the size of all your desktop elements, windows, fonts and panels perfectly to your HiDPI monitor.

        • KDE Plasma 5.17 Desktop Environment Officially Released, Here’s What’s New

          KDE Plasma 5.17 brings numerous new features and enhancements, such as Night Color support on X11, multi-screen and HiDPI improvements, fractional scaling on Wayland, support for managing and configuring Thunderbolt devices in System Settings, much-improved notifications with automatic detection of presentations, as well as Breeze GTK theme support for Google Chrome and Chromium web browsers.

        • KDE Plasma 5.17 Released With Wayland Improvements, Better HiDPI

          Plasma 5.17.0 is out as the newest desktop feature release from the KDE project.

          KDE Plasma 5.17 is another significant release with ongoing improvements for Wayland, ongoing work as well for better HiDPI handling, faster start-up performance, slight RGB hinting for font rendering is enabled by default, better Thunderbolt device integration, settings improvements, and many small feature additions.

          Notable on the Wayland front is that KWin now supports fractional scaling but there are also many fixes and other Wayland improvements too.

        • KDE Plasma 5.17 Arrives Packed Full of New Features

          Well, Plasma 5.17 boasts a native “night light” feature (dubbed ‘night color’) to help protect eye from blue light.

          This feature, which was previously available in Wayland but now supported in X11 sessions, is something all major desktop operating systems offer, including Ubuntu, macOS and Windows 10.

        • KDE Plasma 5.17 released

          The KDE project has announced the release of version 5.17 of the Plasma desktop environment.

        • [Qt Quick] Very Hot New Stuff

          K’, Hot off the presses, here’s some New Stuff for you, with the Quickness! …terribly sorry about that, i shall endeavour to do better. Let’s try that again.

          As of KDE Frameworks 5.63, released on 2019/10/12, we officially introduce the fruits of my labour over the last few months, the shiny, new Qt Quick components, which were created to bring the Qt Quick submodule of KNewStuff up to par with the old QWidget based UX. Not only that, they also bring with them some shiny, new abilities in KNewStuff, which previously did not have any concept of comments outside of the very basic information of how many a content item had (which, incidentally, was also incorrect, and had been since, well… since that code was written about a decade ago – guess nobody noticed, because the information is a bit useless on its own).

          [...]

          Also don’t hesitate to mention, when you discover it, the various holes in the documentation that undoubtedly are there, so that we might get those fixed. Even better yet, we are very happy to take patches over on Phabricator, both code and documentation ones. One thing that i know is missing is a porting guide, to help people transition from the old QWidgets based stuff to the Qt Quick components for people who have got applications they’re looking to port or are already porting.

      • GNOME Desktop/GTK
        • How GNOME uses Git

          “What’s your GitLab?” is one of the first questions I was asked on my first day working for the GNOME Foundation—the nonprofit that supports GNOME projects, including the desktop environment, GTK, and GStreamer. The person was referring to my username on GNOME’s GitLab instance. In my time with GNOME, I’ve been asked for my GitLab a lot.

          We use GitLab for basically everything. In a typical day, I get several issues and reference bug reports, and I occasionally need to modify a file. I don’t do this in the capacity of being a developer or a sysadmin. I’m involved with the Engagement and Inclusion & Diversity (I&D) teams. I write newsletters for Friends of GNOME and interview contributors to the project. I work on sponsorships for GNOME events. I don’t write code, and I use GitLab every day.

    • Distributions
      • New Releases
        • NuTyX 11.2 Available

          I’m very pleased to announce the new NuTyX 11.2 release.

          The 64-bit version contains more than 2800 packages upgraded.

          The 32-bit version of NuTyX, still actively supported contains more then 1800 packages upgraded.

          In the newest release, base NuTyX comes with the Long-Term Support (LTS) kernel 4.19.79 (4.9.196 for the 32-bit version).

          For 64-bit systems,the kernel release 5.3.6 is also available.

          The gnu compiler collection, gcc, is now gcc 9.2.0.

          The graphical server is xorg-server 1.20.5.

          The mesa lib is 19.2.1, gtk3 is 3.24.12, and qt has been updated to 5.13.1.

          Python interpreters 3.7.4 and 2.7.16 have been included in this release.

          The MATE Desktop Environment comes in 1.22.2, the latest version.

      • Screenshots/Screencasts
      • SUSE/OpenSUSE
        • The OpenStack Train keeps chugging on

          SUSE, formerly a Platinum member of the OpenStack Foundation, may have left the open-source, Infrastructure-as-a-Service (IaaS) OpenStack cloud, but the project is going to move forward with the forthcoming 20th release of OpenStack: Train.

          That’s because while SUSE may no longer find OpenStack profitable, others are finding it works well for them and for their customers. “OpenStack is the market’s leading choice of open-source infrastructure for containers, VMs and bare metal in private cloud,” said Mark Collier, COO of the OpenStack Foundation in a statement.

        • KDE neon 5.17

          KDE neon 5.17 is out. You can upgrade your existing KDE neon User Edition install or install fresh from an ISO image or run the Docker image. Featuring Plasma 5.17 it is packed full of new features according to OMG Ubuntu.

        • openSUSE OBS Can Now Build Windows WSL Images

          As Windows Subsystem for Linux (WSL) is becoming a critical piece of Microsoft’s cloud and data-center audience, openSUSE is working on technologies that help developers use distributions of their choice for WSL. Users can run the same WSL distribution that they run in the cloud or on their servers.

          The core piece of openSUSE’s WSL offering is the WSL appx files, which are basically zip files that contain a tarball of a Linux system (like a container) and a Windows exe file, the so called launcher.

      • Slackware Family
        • KDE Plasma 5 – Slackware October release

          I had already finished compiling KDE-5_19.10 and was waiting for the Plasma 5.17 public release announcement, when Pat upgraded libdvdread in slackware-current. That could mean trouble because of the dreaded ‘Shared library .so-version bump‘ message.
          But he added the older libdvdread.so.4 library to aaa_elflibs so that the k3b program in Plasma5 does not break, and hopefully it remains in there until after I recompile k3b (which ultimately happens for the Plasma5 November release).

          Unfortunately the earlier update of the ‘icu4c’ package broke some other stuff in Plasma5 as well. Be sure to install my ‘icu4c-compat‘ package, which contains the libraries from several older icu4c packages. Read my older article on ‘shared library .so version bumps‘ if you have not already done so, to understand the causes for this breakage.

          The packages for KDE-5_19.10 are available for download from my ‘ktown‘ repository. As always, these packages are meant to be installed on a full installation of Slackware-current which has had its KDE4 removed first. These packages will not work on Slackware 14.2.

      • Debian Family
        • State of Calibre in Debian

          To counter some recent FUD spread about Calibre in general and Calibre in Debian in particular, here a concise explanation of the current state.

          Many might have read my previous post on Calibre as a moratorium, but that was not my intention. Development of Calibre in Debian is continuing, despite the current stall.

          Since it seems to be unclear what the current blockers are, there are two orthogonal problems regarding recent Calibre in Debian: One is the update to version 4 and the switch to qtwebengine, one is the purge of Python 2 from Debian.

        • What to expect in Debian 11 Bullseye for nftables/iptables

          Debian 11 codename Bullseye is already in the works. Is interesting to make decision early in the development cycle to give people time to accommodate and integrate accordingly, and this post brings you the latest update on the plans for Netfilter software in Debian 11 Bullseye. Mind that Bullseye is expected to be released somewhere in 2021, so still plenty of time ahead.

          The situation with the release of Debian 10 Buster is that iptables was using by default the -nft backend and one must explicitly select -legacy in the alternatives system in case of any problem. That was intended to help people migrate from iptables to nftables. Now the question is what to do next.

        • Debian 11 To Further Deprecate IPTables In Favor Of Nftables Plus Promoting Firewalld

          With Debian 11 “Bullseye” the plan is to drop the “important” priority on the iptables package while promoting nftables to important. That change of priority effectively makes NFTables set to be installed by default for Debian 11 while dropping IPTables from the default package set. IPTables though is still expected to be found within the Debian 11 archive but not installed by default.

        • Debian XMPP Team: New Dino in Debian

          Dino (dino-im in Debian), the modern and beautiful chat client for the desktop, has some nice, new features.

          [...]

          Note, that users of Dino on Debian 10 (buster) should upgrade to version 0.0.git20181129-1+deb10u1, because of a number of security issues, that have been found (CVE-2019-16235, CVE-2019-16236, CVE-2019-16237).

        • Freexian’s report about Debian Long Term Support, September 2019

          Like each month, here comes a report about
          the work of paid contributors
          to Debian LTS.

      • Canonical/Ubuntu Family
        • Ubuntu 19.10 (Eoan Ermine) Enters Final Freeze Ahead of October 17th Release

          As of October 10th, the Ubuntu 19.10 release is officially in Final Freeze, the last step of its development stage, which means that only release critical bugs affecting the ISO images or the installers will be accepted in the archives. Release Candidate images are also now available for testing to ensure an uneventful and smooth release.

          “We will shut down cronjobs and spin some RC images late Friday or early Saturday once the archive and proposed-migration have settled a bit, and we expect everyone with a vested interest in a flavour (or two) and a few spare hours here and there to get to testing to make sure we have another uneventful release next week,” said Adam Conrad.

        • Design and Web team summary – 11 October 2019

          This was a fairly busy two weeks for the Web & design team at Canonical. This cycle we had two sprints. The first was a web performance workshop run by the amazing Harry Roberts. It was a whirlwind two days where we learned a lot about networking, browsers, font loading and more. We also spent a day working on implementing a lot of the changes. Hopefully our sites will feel a bit faster. More updates will be coming over the next few months. The second sprint was for the Brand and Web team, where we looked at where the Canonical and Ubuntu brands need to evolve. Here are some of the highlights of our completed work.

        • Ubuntu’s ZFS Trajectory Is Going From Exciting To Even More Exciting

          While it is already exciting to have the Ubuntu 19.10 desktop easily support installations to a root ZFS file-system, moving ahead with their original Zsys effort it should be even more exciting for Ubuntu storage possibilities on both the desktop and server.

          With Ubuntu 19.10 due for release on Thursday and the ZFS support now plumbed through Ubiquity and ready for the release, Canonical’s Didier Roche wrote about this Ubuntu 19.10 ZFS support.

        • Ubuntu ZFS support in 19.10: ZFS on root

          This is part 2 of our blog post series on our current and future work around ZFS on root support in ubuntu. If you didn’t yet read the introductory post, I strongly recommend you to do this first!

          Here we are going to discuss what landed by default ubuntu 19.10.

        • Ubuntu Weekly Newsletter Issue 600

          Welcome to the Ubuntu Weekly Newsletter, Issue 600 for the week of October 6 – 12, 2019.

    • Devices/Embedded
    • Free, Libre, and Open Source Software
      • Daniel Stenberg: Me, curl and Dagens Nyheter

        In the afternoon of October 1st 2019, I had the pleasure of welcoming Linus Larsson and Jonas Lindkvist into my home in Huddinge, south of Stockholm, Sweden. My home is also my office as I work full-time from home. These two fine gentlemen work for Sweden’s largest morning newspaper, Dagens Nyheter, which boasts 850,000 daily readers.

        Jonas took what felt like a hundred photos of me, most of them when I sit in my office chair at my regular desk where my primary development computers and environment are. As you can see in the two photos on this blog post. I will admit that I did minimize most of my regular Windows from the screens to that I would accidentally reveal something personal or sensitive, but the plus side is that if you pay close attention you can see my Simon Stålenhag desktop backgrounds better!

        Me and Linus then sat down and talked. We talked about my background, how curl was created and how it has “taken off” to an extent I of course could never even dream about. Today, I estimate that curl runs in perhaps ten billion installations. A truly mind boggling – and humbling – number.

      • Events
        • Akademy 2019 Talks Videos

          We now have the Akademy 2019 videos ready for you to enjoy, see the previous summary of talks on the dot for some inspiration on what to watch. The talk schedule has the full list

          We had keynotes on Developers Italia and the New Guidelines: Let the Open Source Revolution Start! by Leonardo Favario and Towards Qt 6 by Lars Knoll

          We also got updates on KDE Community’s goals

        • Gnome-shell Hackfest 2019 – Day 1

          There’s a decent number of attendants from multiple parties (Red Hat, Canonical, Endless, Purism, …). We all brought various items and future plans for discussion, and have a number of merge requests in various states to go through. Some exciting keywords are Graphene, YUV, mixed DPI, Xwayland-on-demand, …

          But that is not all! Our finest designers also got together here, and I overheard they are discussing usability of the lock screen between other topics.

          [...]

          This event wouldn’t have been possible without the Revspace hackerspace people and specially our host Hans de Goede. They kindly provided the venue and necessary material, I am deeply thankful for that.

        • LibreOffice Conference 2019: Meet the Engineering Steering Committee

          Who makes the big technical decisions in the LibreOffice project? In this video from our recent LibreOffice Conference in Spain, the Engineering Steering Committee (ESC) introduces itself and provides an update on the latest updates…

        • Hello from Nutanix .NEXT Copenhagen

          Nutanix is, of course, a fast growing software company that works with many of the same Independent Hardware Vendors (IHVs) as SUSE to deliver solutions in the Hyperconverged Infrastructure (HCI) space. Nutanix pioneered the HCI market and they position themselves as a key element to making it easier than ever before to design, build, and manage datacenter IT. They were originally a single source for turnkey HCI infrastructure, leveraging a close partnership with SuperMicro. They’ve since branched out become more hardware agnostic, supporting a variety of specialized HCI hardware from other vendors, including IBM, Lenovo, Dell, HPE, and Fujitsu.

        • GStreamer Conference 2019: Full Schedule, Talks Abstracts and Speakers Biographies now available

          The GStreamer Conference team is pleased to announce that the full conference schedule including talk abstracts and speaker biographies is now available for this year’s lineup of talks and speakers, covering again an exciting range of topics!

          The GStreamer Conference 2019 will take place on 31 October – 1 November 2019 in Lyon, France just after the Embedded Linux Conference Europe (ELCE).

        • openSUSE.Asia Summit 2019, Bali, Indonesia

          I was at openSUSE.Asia summit 5-6 Oct 2019 at Udayana University, Bali, Indonesia . It was a great experience to be there. I got the opportunity to meet Douglas DeMaio openSUSE project Manager, Dr. Gerald Pfeifer, Chairman openSUSE. It was really great to meet Neil McGovern and Rosanna Yuen, from GNOME Foundation. Rosanna shared GNOME stickers that I will share with my students back in India. I would like to congratulate openSUSE.Asia summit local organizing team. They had really done a great job. It was a nice combination of quality talks and keynotes. I also presented my proposal at the conference for openSUSE.Asia 2020 to happen in India next year. It is been more than six year that I am an open source practitioner and promoter. It has been memorable Journey till date..

        • Join Us at the Open Source Summit Europe

          The Open Source Summit Europe, a premier open source events hosted by The Linux Foundation, will take place October 28-30 in Lyon, France at the Lyon Convention Centre. It is the leading conference for developers, architects, and other technologists – as well as open source community and industry leaders – to collaborate, share information, learn about the latest technologies and gain a competitive advantage by using innovative open solutions. Over 2,000 attendees are expected to gather for Open Source Summit Europe this year.

        • Join SUSE, AWS, SAP and Lemongrass in Sydney for a half-day workshop
        • Grace Hopper Conference 2019

          We are so excited about what just happened that we felt we should tell everyone about it!

          A group of 24 of us at Canonical from various teams including sales, HR and engineering, attended the Grace Hopper Celebration in Orlando, Florida. This year, it was an epic gathering of more than 26,000 people from all over the globe interested in tech. Despite its start as women’s work, the tech industry has gained a reputation of being dominated by and mostly suited for men. In reality, this only made the Grace Hopper conference feel more impactful, especially knowing that in its very first edition in 1994, only 500 women were present at the event. The Grace Hopper Conference was an awesome celebration of women; diverse, multi-talented, and deeply skilled!

          Both women and men, mostly students, interested in everything from security to machine learning came by the Canonical booth to hear about Ubuntu. We brought along an Orange box so we could demo MaaS, Openstack, and other incredible technologies happening on Ubuntu at Canonical.

        • Ubucon Europe 2019 | Sintra edition [Ed: Not English, but lots of photos here]
      • Web Browsers
        • Mozilla
          • Karl Dubost: This is not a remote work

            I have started working in a distributed environment very early. In 1994, when I was studying for my DEA in Astrophysics and Spatial Techniques, I was also doing my national service (mandatory at the time) at Observatoir de Meudon in France. The work included working with people and data across the world. Probably my first experience of having to deal with alocalized, asynchronous tasks.

            But my skills of really working in a distributed environment was when I landed a job at W3C from 2000 to 2008. There is a specific culture at W3C which is first class in terms of working in a distributed fashion. This is essential. I worked both from offices and from home (or cafes or airports). Location didn’t matter that much. I had years where I worked only in offices, and years working exclusively not from an office. I insist on saying “not from an office” compared “from home”.

            Then I worked for Opera Software from 2010 to 2013, again not in an office. And the same for Mozilla from 2013.

            W3C is still the place which fares the best in terms of working in a distributed, alocalized fashion. At Mozilla, for example, too many people relies on slack discussions, closed google documents or private email threads for working. This should not happen.

          • Firefox’s New WebSocket Inspector

            The Firefox DevTools team and our contributors were hard at work over the summer, getting Firefox 70 jam-packed with improvements. We are especially excited about our new WebSocket inspection feature, because you told us in feedback how important it would be for your daily work.

            To use the inspector now, download Firefox Developer Edition, open DevTools’ Network panel to find the Messages tab. Then, keep reading to learn more about WebSockets and the tricks that the new panel has up its sleeve.

            But first, big thanks to Heng Yeow Tan, the Google Summer of Code (GSoC) student who’s responsible for the implementation.

          • has google won the browser wars? – should Mozilla build their own SmartPhones?

            on the desktop: one refuses to believe it.

            on mobile: should Mozilla start building their own SmartPhone and ship Firefox.apk per default?

          • Why you should review your credit report after a data breach

            When significant data breaches happen where high risk data is at stake, there’s often a lot of talk about credit reports. Some companies that have been hacked may even be required to provide credit monitoring to their customers as part of their breach notification requirements. Whether the breached company provides credit monitoring or not, security experts recommend you check your credit reports for suspicious activity. To protect your identity, they also recommend you freeze your credit. Here’s what that means and why it’s important.

          • Search Engine add-ons to be removed from addons.mozilla.org

            For the last eleven years, Firefox Search Engine add-ons have been powered by OpenSearch. With the recent implementation of the search overrides API, a WebExtensions API that offers users more controls for opting into changes, Mozilla intends to deprecate OpenSearch and eventually remove it from Firefox. Search Engine add-ons will be removed from AMO on December 5, 2019.

          • Improved Security and Privacy Indicators in Firefox 70

            The upcoming Firefox 70 release will update the security and privacy indicators in the URL bar.

            In recent years we have seen a great increase in the number of websites that are delivered securely via HTTPS. At the same time, privacy threats have become more prevalent on the web and Firefox has shipped new technologies to protect our users against tracking.

            To better reflect this new environment, the updated UI takes a step towards treating secure HTTPS as the default method of transport for websites, instead of a way to identify website security. It also puts greater emphasis on user privacy.

      • SaaS/Back End/Databases
        • Dodging derailment by SUSE, OpenStack Train is scheduled to arrive this week

          With its OpenInfrastructure summit mere weeks away, the OpenStack gang is emitting its next release in the form of “Train” with a focus on data protection and machine learning.

          The release comes after foundation platinum member SUSE threw in the towel over OpenStack Cloud in order to move on to a bright, Kubernetes-based future.

          Not that the “S” word was mentioned, even in a waveringly high-pitched tone, as OpenStack readied Train ahead of a release expected on 16 October.

          As is the norm, OpenStack was keen to shout about the more than 25,500 accepted code changes this time around, from 1,125 developers over 150 organisations. A glance at the content of the release shows that OpenStack is as bewilderingly vast as ever, although a number of tweaks merit closer attention.

        • PostgreSQL 12 boosts open source database performance

          Performance gains are among the key highlights of the latest update of the open source PostgreSQL 12 database.

          PostgreSQL 12 became generally available Oct. 3, providing users of the widely deployed database with multiple enhanced capabilities including SQL JSON query support and improved authentication and administration options. The PostgreSQL 12 update will potentially affect a wide range of use cases in which the database is deployed, according to Noel Yuhanna, an analyst at Forrester Research.

          “Organizations are using PostgreSQL to support all kinds of workloads and use cases, which is pushing the needs for better performance, improved security, easier access to unstructured data and simplified deployments,” Yuhanna said. “To address this, PostreSQL12 improves performance by improving its indexing that requires less space and has better optimization to deliver faster access.”

      • Productivity Software/LibreOffice/Calligra
        • Coming up on October 21: First Bug Hunting Session for LibreOffice 6.4!

          LibreOffice 6.4 is being developed by our worldwide community, and is due to be released in early February 2020 – see the release notes describing the new features here. Of course, we’re still early in the development cycle, so many more features are still to come!

          In order to find, report and triage bugs, the LibreOffice QA team is organizing the first Bug Hunting Session for LibreOffice 6.4 on Monday October 21, 2019. Tests will be performed on the first Alpha version, which will be available on the pre-releases server a few days before the event. Builds will be available for Linux (DEB and RPM), macOS and Windows, and can be installed and run in parallel along with the production version.

          Mentors will be available from 07:00 UTC to 19:00 UTC for questions or help in the IRC channel #libreoffice-qa and the Telegram QA Channel. Of course, hunting bugs will be possible also on other days, as the builds of this particular Alpha release (LibreOffice 6.4.0 Alpha 1) will be available until mid November. Check the Release Plan.

        • Microsoft Office for free? Try these great alternatives

          Libre Office has been around in its current form since 2010 when it split from Free Office and has never failed to impress. Stemming from The Document Foundation, Libre Office is free and open-source software meaning it is worked on by a global community of collaborating developers.

          With Libre Office, you’ll find comparable programs to Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and more. You’ll also be able to run Libre Office on Microsoft Windows devices as well as Apple devices running Mac OS. Libre Office works on Linux machines too. There is also a Libre Office app for viewing your PDF files on Android devices and a plethora of add-ons to play around with too.

      • CMS
        • Responsible Participation In Online Communities

          In our first article in this series, we highlighted the WordPress mission to democratize publishing. WordPress introduced a tool to independent and small publishers who did not have the resources of the larger publishing platforms. Access to a free content management system to create websites has empowered thousands of people to find their voice online. People have been able to share their enthusiasm for hobbies, causes, products and much more. Through these different voices, we can encourage understanding, spark creativity, and create environments where collaboration can happen. But as we build more digital communities, it’s easy to forget that online safety is a group effort.

        • WordPress 5.3 Release Candidate

          The first release candidate for WordPress 5.3 is now available!

          This is an important milestone as we progress toward the WordPress 5.3 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.3 is currently scheduled to be released on November 12, 2019, but we need your help to get there—if you haven’t tried 5.3 yet, now is the time!

        • Top 20 Best NodeJS CMS Platforms To Use in 2019

          NodeJs has been a popular web framework. It has been used to develop highly scalable web applications. A statistic shows that more than 1.5 Lakh websites are using NodeJs on a regular basis. And the number is increasing proportionally. When it comes to Content Management System (CMS), many NodeJs frameworks have been leading the way to a consistent digital content platform. For years now, NodeJs has been used to create some powerful CMS architectures. If you look closely, you will find some useful NodeJs CMS structures that you have been looking for your projects.

      • FSF/FSFE/GNU/SFLC
        • Meet the Villupuram group of engineers educating students about free and open software

          small group of software engineers are changing the face of computer education in Tamil Nadu’s Villupuram, empowering students from working class families by giving them a strong foundation in software programming. The Villupuram GNU/Linux Users Group (GLUG) is a not-for-profit initiative by a group of software professionals and students who believe in software freedom.

          Stared in 2013 by a group of six software engineers, the Villupuram chapter of GLUG was formed as part of a global social movement aimed at educating people about free software.

          Vijisulochana (Viji), the group’s current representative, tells TNM that the Villupuram GLUG is focused on training interested students so as to make them technically strong.

          “Students can always get trained in software training centres, but those centres may not be best equipped to teach them all the latest software developments. We also choose a handful of deserving students based out of Villupuram for whom travelling to Chennai or to other centres in town may not be financially viable. Here, we do it for free,” she says. Their weekly sessions are attended by hundreds of students.

        • Installing Gerrit and Keycloak for GDB

          Back in September, we had the GNU Tools Cauldron in the gorgeous city of Montréal (perhaps I should write a post specifically about it…). One of the sessions we had was the GDB BoF, where we discussed, among other things, how to improve our patch review system.

          I have my own personal opinions about the current review system we use (mailing list-based, in a nutshell), and I haven’t felt very confident to express it during the discussion. Anyway, the outcome was that at least 3 global maintainers have used or are currently using the Gerrit Code Review system for other projects, are happy with it, and that we should give it a try. Then, when it was time to decide who wanted to configure and set things up for the community, I volunteered. Hey, I’m already running the Buildbot master for GDB, what is the problem to manage yet another service? Oh, well.

          Before we dive into the details involved in configuring and running gerrit in a machine, let me first say that I don’t totally support the idea of migrating from mailing list to gerrit. I volunteered to set things up because I felt the community (or at least the its most active members) wanted to try it out. I don’t necessarily agree with the choice.

          Ah, and I’m writing this post mostly because I want to be able to close the 300+ tabs I had to open on my Firefox during these last weeks, when I was searching how to solve the myriad of problems I faced during the set up!

        • Bradley M. Kuhn: On Recent Controversial Events

          The last 33 days have been unprecedentedly difficult for the software freedom community and for me personally. Folks have been emailing, phoning, texting, tagging me on social media (— the last of which has been funny, because all my social media accounts are placeholder accounts). But, just about everyone has urged me to comment on the serious issues that the software freedom community now faces. Until now, I have stayed silent regarding all these current topics: from Richard M. Stallman (RMS)’s public statements, to his resignation from the Free Software Foundation (FSF), to the Epstein scandal and its connection to MIT. I’ve also avoided generally commenting on software freedom organization governance during this period. I did this for good reason, which is explained below. However, in this blog post, I now share my primary comments on the matters that seem to currently be of the utmost attention of the Open Source and Free Software communities.

          I have been silent the last month because, until two days ago, I was an at-large member of FSF’s Board of Directors, and a Voting Member of the FSF. As a member of FSF’s two leadership bodies, I was abiding by a reasonable request from the FSF management and my duty to the organization. Specifically, the FSF asked that all communication during the crisis come directly from FSF officers and not from at-large directors and/or Voting Members. Furthermore, the FSF management asked all Directors and Voting Members to remain silent on this entire matter — even on issues only tangentially related to the current situation, and even when speaking in our own capacity (e.g., on our own blogs like this one). The FSF is an important organization, and I take any request from the FSF seriously — so I abided fully with their request.

          The situation was further complicated because folks at my employer, Software Freedom Conservancy (where I also serve on the Board of Directors) had strong opinions about this matter as well. Fortunately, the FSF and Conservancy both had already created clear protocols for what I should do if ever there was a disagreement or divergence of views between Conservancy and FSF. I therefore was recused fully from the planning, drafting, and timing of Conservancy’s statement on this matter. I thank my colleagues at the Conservancy for working so carefully to keep me entirely outside the loop on their statement and to diligently assure that it was straight-forward for me to manage any potential organizational disagreements. I also thank those at the FSF who outlined clear protocols (ahead of time, back in March 2019) in case a situation like this ever came up. I also know my colleagues at Conservancy care deeply, as I do, about the health and welfare of the FSF and its mission of fighting for universal software freedom for all. None of us want, nor have, any substantive disagreement over software freedom issues.

          I take very seriously my duty to the various organizations where I have (or have had) affiliations. More generally, I champion non-profit organizational transparency. Unfortunately, the current crisis left me in a quandary between the overarching goal of community transparency and abiding by FSF management’s directives. Now that I’ve left the FSF Board of Directors, FSF’s Voting Membership, and all my FSF volunteer roles (which ends my 22-year uninterrupted affiliation with the FSF), I can now comment on the substantive issues that face not just the FSF, but the Free Software community as a whole, while continuing to adhere to my past duty of acting in FSF’s best interest. In other words, my affiliation with the FSF has come to an end for many good and useful reasons. The end to this affiliation allows me to speak directly about the core issues at the heart of the community’s current crisis.

        • Meet the FSF staff in Raleigh, NC on October 15

          On Tuesday, October 15th, the Free Software Foundation (FSF) staff would like to meet you at a social event at Raleigh’s Whiskey Kitchen!

          Executive director John Sullivan, licensing and compliance manager Donald R. Robertson, III, copyright and licensing associate Craig Topham, and program manager Zoë Kooyman, will all be in Raleigh, NC on October 15th, in anticipation of this year’s licensing seminar on GPL Enforcement and Legal Ethics.

          We look forward to hosting this informal meetup to show our appreciation for your support of the FSF’s work. We’ll share some bites and drinks while giving you the opportunity to meet other FSF associate members and supporters while learning about what the FSF is currently working on. We are curious to hear your thoughts, and would love to answer any questions you may have.

      • Openness/Sharing/Collaboration
      • Programming/Development
        • Python 3.7.5 is now available

          Note that the next feature release of Python 3, Python 3.8.0, is also now available. Python 3.8 contains many new features and optimizations. You should consider upgrading to it. We plan to continue regular bugfix releases of Python 3.7.x through mid-year 2020 and provide security fixes for it until mid-year 2023. More details are available in PEP 537, the Python 3.7 Release Schedule (https://www.python.org/dev/peps/pep-0537/).

        • PyPy v7.2 released

          As always, this release is 100% compatible with the previous one and fixed several issues and bugs raised by the growing community of PyPy users. We strongly recommend updating. Many of the fixes are the direct result of end-user bug reports, so please continue reporting issues as they crop up.

        • PyPy 7.2 released

          Version 7.2 of PyPy, an implementation of the Python language, is out.

        • PyPy 7.2 Released With Full 64-bit AArch64 Support, PyPy 3.6 Beyond Beta

          PyPy 7.2 is out today as a big update for this alternative Python implementation that currently provides interpreters for compatibility with Python 2.7 and Python 3.6.

          In cooperation with Arm and Crossbar.io, PyPy developers have been working on complete 64-bit ARM (AArch64) support and this summer they achieved getting the PyPy JIT running on 64-bit ARM. PyPy 7.2 is the first release with this 64-bit ARM support now in good standing.

        • Python 3.8.0 : New release of python development.

          Good news from the python development area with the new release of python development:
          Python 3.7.5 Oct. 15, 2019 and Python 3.8.0 Oct. 14, 2019

          Now you can use the new python version 3.8.0 from the official webpage.

        • Python 3.8.0 released

          Version 3.8.0 of the Python language has been released. New features include the controversial assignment expressions, positional-only arguments, the Vectorcall mechanism, and more; see the what’s new in Python 3.8 document for more information.

        • Python 3.8.0 is now available

          On behalf of the Python development community and the Python 3.8 release team, I’m pleased to announce the availability of Python 3.8.0.

          Python 3.8.0 is the newest feature release of the Python language, and it contains many new features and optimizations. You can find Python 3.8.0 here:

          https://www.python.org/downloads/release/python-380/

          Most third-party distributors of Python should be making 3.8.0 packages available soon.

        • Python 3.8 Released With Assignment Expressions, Runtime Audit Hooks

          Python 3.8 brings support to the Python syntax for assignment expressions, positional-only parameters, a parallel file-system cache for compiled bytecode files, runtime audit hooks, Pickle protocol 5 support and its ability to handle out-of-band buffers, many module improvements like a shared memory multi-processing module, Vectorcall as a fast calling protocol for CPython, and various performance improvements.

        • Announcing Rustup 1.20.0

          The rustup working group is happy to announce the release of rustup version 1.20.0. Rustup is the recommended tool to install Rust, a programming language that is empowering everyone to build reliable and efficient software.

        • Uploading Files to AWS S3 with Python and Django

          In the quest to build more interactive websites, we don’t only relay information to users but also allow them to upload data of their own. This opens up more opportunities and more ways that our websites can serve the end-users.

          By allowing users to upload files, we can allow them to share photographs, videos, or music with others or back them up for safekeeping. We can also provide the functionality to manage files and convert them into other formats through websites instead of installing native apps.

          The rise of social media globally can be attributed to the ability of users to upload their files, mostly in the form of images and videos for other users to see and also as a means of communication. By enabling users to upload files to websites and platforms, means of communication have been enhanced and information can now be spread in very many different formats.

          In this post, we will explore how Django handles file uploading and how we can tap into and extend this functionality with cloud storage to suit our needs.

        • PyCoder’s Weekly: Issue #390 (Oct. 15, 2019)
        • The Python range() Function

          Python’s built-in range function is handy when you need to perform an action a specific number of times. As an experienced Pythonista, you’ve most likely used it before. But what does it do?

        • Perl 6 renamed to Raku

          The pull request changing the name of Perl 6 to Raku has been merged. See the full text for more information. “This document describes the steps to be taken to effectuate a rename of ‘Perl 6′ to ‘Raku’, as described in issue #81. It does not pretend to be complete in scope or in time. To change a name of a project that has been running for 19+ years will take time, a lot of effort and a lot of cooperation. It will affect people in foreseen and unforeseen ways.”

        • Top three mistakes with K-Means Clustering during data analysis

          In this post, we will take a look at a few cases, where KMC algorithm does not perform well or may produce unintuitive results.

        • Agile project management: 10 mistakes to avoid

          Agile project management holds a lot of promise for leaders. Those who have successfully made the switch in their organizations sing agile’s praises, like the ability to rapidly course-correct, release software faster, and create happier teams and customers. But if you’ve been working at it for a while and you still aren’t seeing the promised benefits, you might start to think that agile is more hype than substance, or that it isn’t right for your organization.

      • Standards/Consortia
        • Heading levels

          the headings would be “Apples” (level 1), “Taste” (level 2), “Sweet” (level 3), “Color” (level 2). Determining the level of any given heading requires traversing through its previous siblings and their descendants, its parent and the previous siblings and descendants of that, et cetera. That is too much complexity and optimizing it with caches is evidently not deemed worth it for such a simple feature.

          However, throwing out the entire feature and requiring everyone to use h1 through h6 forever, adjusting them accordingly based on the document they end up in, is not very appealing to me. So I’ve been trying to come up with an alternative algorithm that would allow folks to use h1 with sectioning elements exclusively while giving assistive technology the right information (default styling of h1 is already adjusted based on nesting depth).

          The simpler algorithm only looks at ancestors for a given heading and effectively only does so for h1 (unless you use hgroup). This leaves the above example in the weird state it is in in today’s browsers, except that the h1 (“Color”) would become level 2. It does so to minimally impact existing documents which would usually use h1 only as a top-level element or per the somewhat-erroneous recommendation of the HTML Standard use it everywhere, but in that case it would dramatically improve the outcome.

  • Leftovers
    • Health/Nutrition
      • Mental health experts see Trump is dangerous, but our professional gatekeepers protect him

        Trump is psychologically unfit: President Donald Trump’s poor mental health is grounds for impeachment

        In response, the American Psychiatric Association (APA) has effectively gagged an entire profession, thus protecting a destructive government.

        The organization’s ethical guideline includes an affirmative obligation: to “contribut(e) to the improvement of the community and the betterment of public health.” In the midst of this political moment, the APA emphasized only one part of this guideline, the do-not-diagnose part, known as the so-called Goldwater Rule. Rather than take on a leadership role that acknowledges our profession’s societal responsibility at a critical time, the APA released statements that appear to suppress the educate-to-better-public-health part.

    • Security (Confidentiality/Integrity/Availabilitiy)
      • Debian and Ubuntu Patch Critical Sudo Security Vulnerability, Update Now

        Discovered by Joe Vennix, the security vulnerability (CVE-2019-14287) could be exploited by an attacker to execute arbitrary commands as the root user (system administrator) because sudo incorrectly handled certain user IDs when it was configured to allow users to run commands as an arbitrary user through the ALL keyword in a Runas specification.

        “Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID- -1 or 4294967295,” reads Debian’s security advisory.

      • Flaw In Sudo Enables Non-Privileged Users To Run Commands As Root

        A vulnerability has been discovered in Sudo — one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system. The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access. Sudo, stands for “superuser do,” is a system command that allows a user to run applications or commands with the privileges of a different user without switching environments — most often, for running commands as the root user.

      • Sudo Flaw Lets Linux Users Run Commands As Root Even When They’re Restricted

        A vulnerability has been discovered in Sudo—one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system.
        The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access.
        Sudo, stands for “superuser do,” is a system command that allows a user to run applications or commands with the privileges of a different user without switching environments—most often, for running commands as the root user.

      • Linux security hole: Much sudo about nothing

        There’s a lot of hubbub out there now about a security hole in the Unix/Linux family’s sudo command. Sudo is the command, which enables normal users to run commands as if they were the root user, aka the system administrator. While this sudo security vulnerability is a real problem and needs patching, it’s not nearly as bad as some people make it out to be.

        At first glance the problem looks like a bad one. With it, a user who is allowed to use sudo to run commands as any other user, except root, can still use it to run root commands. For this to happen, several things must be set up just wrong.

        First the sudo user group must give a user the right to use sudo but doesn’t give the privilege of using it to run root commands. That can happen when you want a user to have the right to run specific commands that they wouldn’t normally be able to use. Next, sudo must be configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification.

      • Linux Sudo bug opens root access to unauthorized users

        Sudo, the main command in Linux that allows users to run tasks, has been found to have a vulnerability that allows unauthorized users to execute commands as a root user.

        The vulnerability, known as CVE-2019-14287, does require a nonstandard configuration but nonetheless does open the door to unauthorized users.

        The vulnerability allows users to bypass the nonroot restriction by simply using -u#-1 in the command line. As The Hacker News described it Monday, the sudo security policy bypass issue allows “a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the ‘sudoers configuration’ explicitly disallows the root access.”

      • Potential bypass of Runas user restrictions

        When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.

        This can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification.

        Log entries for commands run this way will list the target user as 4294967295 instead of root. In addition, PAM session modules will not be run for the command.

      • WordPress 5.2.4 Security Release

        WordPress 5.2.4 is now available! This security release fixes 6 security issues.

        WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Updated versions of WordPress 5.1 and earlier are also available for any users who have not yet updated to 5.2.

      • Ubuntu Releases Patch for Major ‘sudo’ Security Exploit

        Canonical has issued an urgent security fix to the ‘sudo’ package in the Ubuntu archives following the discovery of a major security flaw.

        A critical fix has rolled out to all users of Ubuntu 16.04 LTS, 18.04 LTS, 19.04 and 19.10 (and one assumes Ubuntu 14.04 ESR too) — just run a sudo apt upgrade to install it.

        But what about the flaw inquisition? Well, if you’re yet to hear about it I appreciate meditative disconnect from social media. The oft toxic waste pools of chatter were with wet with alarm — some manufactured, the rest well weighted — over CVE-2019-14287 when it was announced yesterday, October 14.

      • Security updates for Tuesday

        Security updates have been issued by Debian (sudo and xtrlock), openSUSE (sudo), Red Hat (Single Sign-On), Slackware (sudo), SUSE (binutils, dhcp, ffmpeg, kernel, kubernetes-salt, sudo, and tcpdump), and Ubuntu (sudo).

    • Defence/Aggression
      • Trump’s Undeclared State of Emergency

        Trump’s public appeal to China last week to help with uncovering dirt on the Biden family was both a brazen flouting of the law and (it pains me to say) an astute political tactic.

      • Britain Isn’t the Only Empire Headed for the Dustbin of History

        Donald Trump may prove to be the ultimate Brexiteer. Back in August 2016, in the midst of his presidential campaign, he proudly tweeted, “They will soon be calling me MR. BREXIT!” On the subject of the British leaving the European Union (EU) he’s neither faltered nor wavered. That June, he was already cheering on British voters, 51.9% of whom had just opted for Brexit in a nationwide referendum. They had, he insisted, taken “their country back” and he predicted that other countries, including you-know-where, would act similarly. As it happened, Mr. “America First” was proven anything but wrong in November 2016.

      • Graphically Violent Parody Video Shown at Trump Resort

        A graphically violent parody video, shown at a meeting of President Donald Trump’s supporters at his Miami resort, depicted a likeness of the president shooting and stabbing his opponents and members of the news media in a church, The New York Times reported Sunday.

      • What Evil Empire?

        When did the Cold War begin? In 1917! When, if ever, did it end? Never! What is its most dramatic moment? The dropping of atomic bombs on Hiroshima and Nagasaki! Who if anyone won? No one!

      • As Turkey Prepares to Slice Through Syria, the US has Cleared a New Breeding Ground for Isis

        “Never get into a well with an American rope” goes the saying spreading across the Middle East, as the US abandons its Kurdish allies in Syria to a Turkish invasion force. People in the region are traditionally cynical about the loyalty of great powers to their local friends, but even they are shocked by the speed and ruthlessness with which Donald Trump greenlit the Turkish attack.

      • Trump Orders Turkey Sanctions as U.S. Scrambles for Syria Exit

        Targeting Turkey’s economy, President Donald Trump announced sanctions Monday aimed at restraining the Turks’ assault against Kurdish fighters and civilians in Syria — an assault Turkey began after Trump announced he was moving U.S. troops out of the way.

      • ‘No Friend But the Mountains’: A History of US Betrayal of the Kurds

        To be clear, what follows is not an endorsement of a continued US military presence in Syria. There is, however, a difference between President Donald Trump attempting to fulfill a campaign promise to end American involvement in wars that have cost so much in blood and treasure and giving the green light to what many fear will be the great death and destruction, even ethnic cleansing, that will accompany a Turkish invasion of Syrian Kurdistan. Trump’s announcement on Sunday that the United States would step aside and allow the Turks to launch their long-desired offensive against Syria’s Kurds is nothing less than the latest of many epic US betrayals of a steadfast ally, one which has stood and fought with America in conflicts for over half a century. The president’s crass dismissal of his country’s latest abandonment of the Kurds — “they didn’t help us at Normandy,” he said — pours salt in the wound of a proud, loyal people who have time and again laid down their lives in service of their own freedom — and US interests.

      • The Apotheosis of Emperors

        Sometimes it may be instructive to look beyond foreign policy and pay attention to the actors and their words. I was struck by one of Trump’s tweets of this week not because of the threatening reference to Turkey (“I will totally destroy and obliterate the Economy of Turkey”) or the reason given (if Turkey…considers to be off limits”), but by his parenthetical statement “in my great and unmatched wisdom”. No one – maybe not even his supporters – would question the fact that Trump has a huge ego (problem) but his self-declared prowess in wisdom does show lack of modesty to say the least.

      • What the new 16th Air Force means for information warfare

        What was not immediately clear, however, is how cyber will be integrated into the information warfare cells for air components across other combatant commands because other service Joint Force Headquarters-Cybers are responsible for conducting cyber operations at the other combatant commands.

        One of the ultimate goals for the new organization will be to better prepare the service, and by extension, the joint force, in the so-called “competition phase” below the threshold of armed conflict every day.

      • Conviction, 26-Year Prison Term for Stabbing of Americans at Amsterdam CS

        After his arrest, S. quickly confessed to the attack. He told the court that he came to the Netherlands to “kill unfair and cruel people” and that his only mistake was that he did not stab people who were from the Netherlands. In previous statements to the police, S. said that he was angry with PVV leader Geert Wilders for insulting Islam by arranging a prophet-Mohammed cartoon contest, and angry at the Netherlands for not stopping him.

      • Turkish-Backed Forces Are Freeing Islamic State Prisoners

        The claim pours cold water on U.S. President Donald Trump’s suggestion on Twitter that the Syrian Kurdish fighters tasked with guarding the prisons released the detainees to grab U.S. attention after the Defense Department ordered all U.S. troops to evacuate the region.

        Backed by Turkey, the Free Syrian Army (FSA), a decentralized band of Syrian rebels that has been linked to extremist groups, has launched a bloody assault on northeastern Syria, executing Kurdish prisoners and killing scores of unarmed civilians and Kurdish fighters with the Syrian Democratic Forces (SDF).

      • The Kurds
      • Trump is Selling Out America in Syria and Beyond

        This is shameful and criminal. At the very least, it is impeachable.

    • Transparency/Investigative Reporting
    • Environment
      • Green Party statement on the arrest of Ellie Chowns MEP

        The right to peaceful protest is a fundamental pillar of a liberal democracy. We stand in solidarity with Ellie Chowns MEP who was arrested late on Monday 14th October while peacefully attending the Extinction Rebellion gathering in Trafalgar Square.

        It is disturbing that the Metropolitan Police should impose a Section 14 across the whole of London, after 9pm on Monday 14th October. This is a disproportionate response to peaceful protest and to responsible expressions of democracy at this critical time for the planet.

      • NS Called to Create More Room for Bikes on Trains

        According to Fietsersbond, the number of travelers who want to take their bicycle on the train is growing by 10 to 20 percent per year. There is already a shortage of thousands of spaces to park bicycles in trains, director Saskia Kluit said to the newspaper. “On beautiful cycling days in particular, it is doom and gloom and often families or groups of cyclists have to stay behind on the platforms. We advocate for separate, single-story bicycle wagons on railway lines to popular recreational areas.”

      • Investment banks have plowed more than $700 billion into fossil fuels since the Paris climate agreement

        Using the data, the British paper found that JPMorgan was the biggest culprit when it came to providing “loans, equity issuances, and debt underwriting” to companies working within the various sectors that use fossil fuels, providing more than $75 billion between 2016 and mid-2019.

        Markets Insider reported last week that Goldman Sachs says climate change is “at the top of investors minds,” while JPMorgan said that the past two years have been a “watershed” moment for climate change awareness.

      • Can Extinction Rebellion Put Climate Change ‘Beyond Politics’?

        Extinction Rebellion began just under a year ago, when rebels occupied five bridges in London. Since then, the movement has taken off. In April it blocked four major intersections for over a week, which led to mass arrests, traffic jams, and lots of press. With press came money: XR is now one of the best-funded protest movements in the world. It has affiliate chapters in more than 60 countries. (Because its organizing structure is horizontal, each local XR group is autonomous.) October 7 marked the start of a “global rebellion”: two weeks of nonviolent civil disobedience in cities all over the world, from Melbourne (where rebels organized a “nudie run” and glued themselves to buildings) to New York (where they doused the Wall Street bull in fake blood).

        But the epicenter remains London, where tens of thousands of rebels from across the UK have converged on six sites around Westminster. [...]

      • The harm from worrying about climate change

        Back in 2014, my partner and I marked a date in our shared online calendar. Unusually, this was for 27 August 2015 – a year ahead. It was an arbitrary date.

        We’re indecisive when it comes to big life decisions, and this was the biggest: whether to have children. We were aware that, now in our 30s, we couldn’t wait indefinitely to decide. So we marked “baby-making conversation” in the calendar, as ever using irreverence in an attempt to make weighty matters seem less daunting, and happily pushed the question away for the time being.

        But 27 August 2015 came and went. We felt no more prepared. We moved the date back another year. Then 27 August 2016 passed too. Clearly our stratagem hadn’t worked. While plenty of factors affected our ambivalence, the personality-level issues were overshadowed by a global one: anxiety about a future planet made unliveable by climate change.

        Climate change harms mental wellbeing in a number of ways. From trauma and stress following disasters, to relationship damage caused by separation and displacement, the psychological effects of climate change can be enduring. Of course, these effects are heightened for certain vulnerable populations, such as elderly and low-income people, as well as those on the frontlines of climate change.

      • Global Climate Strike: From Protest To Power?

        Climate justice advocates enthusiastically report that the recent Global Climate Strike involved 7.6 million people in 6,500 events that took place in 185 countries, supported by 8,500 websites, 3,000 companies, and 73 trade unions. Behind the headlines is this fact: with the exception of Morocco, no country in the world is complying with its Paris Climate Accord commitment, and the U.S. has dropped out of the international agreement.

      • Extreme heatwaves pose spreading threat

        Rising temperatures mean that heatwaves will become hotter, more frequent, last longer and will cover much wider areas.

      • John Oliver’s Dire Forecast for Our National Weather Service (Video)
      • Energy
        • “The Grid” is the Problem, Not the Solution

          On October 9, Pacific Gas & Electric began shutting down power to about 750,000 customers (affecting as many as 2 million people) in California. The company claims the shutdowns are necessary to reduce the risk that its power lines and other infrastructure will cause wildfires like last year’s Camp Fire, which killed 85 people and and caused $16.5 billion in damage.

      • Wildlife/Nature
    • Finance
      • The Economics and Politics of Financial Transactions Taxes and Wealth Taxes

        Last month, the Washington Post reported that Joe Biden is considering including a financial transactions tax (FTT) as part of his campaign for the Democratic nomination. For those of us who have long advocated such a tax, this is very good news.

      • Class Struggle is Still the Issue

        The Manifesto of the Communist Party by Marx and Engels famously begins with: “The history of all hither existing societies is the history of class struggles.” The United States is no exception, although for many decades it was depicted as a classless society. Later they add: “The ruling ideas of each age have ever been the ideas of its ruling class.”

    • AstroTurf/Lobbying/Politics
      • Sanders Distinguishes Himself From Warren in No Uncertain Terms

        White House hopeful Sen. Bernie Sanders distinguished himself from Sen. Elizabeth Warren—another top competitor in the Democratic presidential primary—by highlighting their different beliefs on economic policy during an interview with ABC News chief White House correspondent Jonathan Karl that aired Sunday.

      • Ralph Nader: Trump’s High Crimes Go Way Beyond Ukraine

        It is time for the House of Representatives to announce comprehensive articles of impeachment against the chronic outlaw and violator of the public trust—President Donald J. Trump who won the Electoral College, but lost the popular vote.

      • Republicans Are Going to Remove Trump Soon

        It will not be long before Trump is out of the White House and off the 2020 presidential ballot.

      • The Sudden Martyrdom of the Government Whistleblower
      • Joe Biden Has Corporate Democrats in Panic Mode

        The Democratic Party’s most powerful donors are running out of options in the presidential race. Their warhorse Joe Biden is stumbling, while the other corporate-minded candidates lag far behind. For party elites, with less than four months to go before voting starts in caucuses and primaries, 2020 looks like Biden or bust.

      • Weep for Catalonia, Weep for Liberalism in Europe

        The vicious jail sentences handed down today by the fascists (I used the word with care and correctly) of the Spanish Supreme Court to the Catalan political prisoners represent a stark symbol of the nadir of liberalism within the EU. That an attempt to organise a democratic vote for the Catalan people in pursuit of the right of self determination guaranteed in the UN Charter, can lead to such lengthy imprisonment, is a plain abuse of the most basic of human rights.

      • Cory Booker On Impeachment: ‘I Swore An Oath To Protect And Defend The Constitution’

        “I swore an oath to protect and defend the Constitution,” Booker told NPR on Saturday. “I didn’t swear an oath to protect and defend the Constitution unless there’s an election coming up,” he said in the interview, recorded for the NPR series with Democratic presidential candidates Off Script.

      • NBA vs. China: The League Is Bravely Defending Free Speech—And That’s a Game Changer

        The incident also reignited an important discussion here in the United States about free speech and the role and power of leaders in sports to shape the discussion around important social issues in our country and around the world.

        After initially acknowledging the complexity of the situation and expressing regret to those who were offended, NBA Commissioner Adam Silver said in a statement that “the NBA will not put itself in a position of regulating what players, employees and team owners say or will not say on these issues.”

        Silver understands the potential financial implications of taking this position, but he added that “if that’s the consequence of us adhering to our values, we still feel it’s critically important to adhere to those values.”

      • New Zealand creates unit to target, ‘disrupt’ online extremism

        Ardern said the Internal Affairs department would hire 17 specialists in investigative, forensic and intelligence work to focus on violent extremist content online.

    • Censorship/Free Speech
    • Privacy/Surveillance
      • Starting December 1st, China’s new MLPS 2.0 cybersecurity laws will require submission of a facial scan to receive internet access

        China’s new MLPS (Multi-level Protection of Information Security) 2.0 cybersecurity laws goes into full effect on December 1st, 2019 and will see all internet service providers (ISPs) and mobile data providers requiring facial scans to sign up for new service.  This means every new mobile phone number assigned in China will be associated with a facial scan. On top of this, the new rules by the Chinese Ministry of Public Security mandate that all data on Chinese networks and systems be available for the Chinese government to sift through at will – and by default through the use of big data techniques. The government emphasized that the new law is meant to help the populace, not suppress it further. Guo Qiquan, one of the politicians responsible for the plan explained the width and breadth of the new cybersecurity surveillance system to SCMP…

      • South African court rules that mass surveillance by the government is illegal

        A South African court has ruled that mass surveillance, specifically bulk communication of communications, is illegal for the government to participate in.  A longstanding court case between the amaBhungane Centre for Investigative Journalism on behalf of journalist Sam Sole and South Africa’s State Security Agency lead to this ruling on September 16th, 2019.

      • The Old Man and His Smartphone, Episode III

        My wife was not all that impressed with the smartphone, which is not too surprising given that grade-school students commonly have them. She did note that if someone broke into it, they could be taking pictures of her without her knowledge.

      • [Older] Don’t hold your breath for that U.S. online privacy bill

        No new bill on online privacy expected expected to show up in Congress before the end of the year, Reuters reports, citing three unnamed sources on Capitol Hill.

    • Civil Rights/Policing
      • Truth, Justice and Life

        It’s wonderful how good things can come in small packages. Like Greta Thunberg out waking the world to the urgency of action in addressing the climate crises. Like Ellen DeGeneres out for a game with George Bush. Like a butterfly, flapping its wings in the forest. Like the sound of truth.

      • A Passion for Writing

        I have been writing for fifty years. I wrote my first scholarly article in 1969. I was then a  graduate student in history at the University of Wisconsin-Madison. That was a bold step. My English was still in its early stages of improvement. But more than spelling and vocabulary, I felt I had something to say that might add to our understanding of the past.

      • The Oil Despots

        The world’s burgeoning far-right movements are far-flung and diverse, but in government they share a few core tendencies: They attack minority populations. They criminalize dissent. And they’re horrible for the planet.

      • Lebanon, Dreamland

        In 1928 my father, César Assad Chelala, emigrated from Lebanon to Argentina and made there his permanent home. The love for his country remained unaltered, and for the rest of his life he dreamt of going back. Although he never fulfilled his wish, he transmitted to us, his children, the love for his new country. He came to live in Tucumán, a city in the North of Argentina, where he already had some relatives.

      • Mississippi Takes Steps to End Damning Delays in Evaluating Criminal Defendants

        Mississippi’s Department of Mental Health will spend nearly $20 million on a new unit for forensic beds, an investment the state hopes will relieve a long-standing embarrassment: the months, even years those accused of crimes must wait to undergo court-ordered psychiatric evaluations.

        The change came after a push from the MacArthur Justice Center and the Southern Poverty Law Center, and close to two years after ProPublica reported the story of a teenager kept four years in jail before being granted his evaluation.

      • Insecurity in Mozambique Leaves Thousands Unable to Vote

        Mozambique’s Electoral Commission announced this weekend that 10 voting stations in Macomia, Mocimboa da Praia and Muidumbe districts will not open for the country’s general election on October 15. This will leave 5,400 voters unable to cast their ballot. 

      • US Columbus Day Holiday Celebrates a Shameful Past

        In one holiday, Americans encounter our two most shameful and discomforting historical legacies: the genocide of the American Indian and slavery.

      • Fort Worth Officer Kills Woman In Her Bedroom In Response To ‘Open Structure Call’

        A white police officer fired through the window of a black woman’s home early Saturday and killed her after responding to a call that a neighbor placed about an open front door, authorities in Fort Worth, Texas, say.

      • How a Legal Loophole Lets Colleges Pay Students Less Than Minimum Wage

        In many states — including Massachusetts, Connecticut, New Jersey, Virginia, and New York — students who work for universities are legally eligible to receive less than the state minimum wage when working on campus. In fact, a provision under the Federal Fair Labor Standards Act (FLSA) allows nonprofit educational organizations to apply for a certificate from the Department of Labor in order to hire student workers for significantly less than minimum wage — a law that many universities employ to its fullest. This exemption, also known as “subminimum wage,” authorizes employers to pay full-time students a lower wage — at least 75% of federal minimum wage or a percentage of an applicable state minimum wage if it’s higher — for on-campus jobs. They also have a cap on the number of hours they can work, usually no more than 20 in one week. (Students employed through a financial aid work-study program called Free Application for Federal Student Aid [FAFSA] must earn at least the federal minimum wage and, as part of their benefits package, have additional stipulations regarding their hours that other students employed on campus do not.)

    • Monopolies
      • Facebook CEO Cozies up to Conservatives at Private Dinners

        For a company that’s come under congressional and public scrutiny from all sides of the political spectrum, including for influencing the 2016 presidential election, it’s unsurprising that Facebook CEO Mark Zuckerberg would dedicate time to damage control with leaders who might be involved in investigating and regulating the platform. A new report from Politico, however, suggests that Zuckerberg may be if not outright favoring conservatives, than at least giving them more attention and access.

      • Libra Association announces new board members after recent departures

        In Geneva on Monday, the remaining members of the Libra Association held their inaugural meeting, bringing together executives from more than 20 different companies across the world.

        Much of the meeting was devoted to establishing the basic governance of the new association, which before Monday had been more of a proposal than a functional institution. The group named five board members — including Xapo CEO Wences Casares, Andreessen Horowitz partner and blockchain lead Katie Haun, and Facebook executive David Marcus, who has been the primary face of the project up until now.

      • Libra Association Board Members Have Ties to Facebook, Marcus

        The Libra Association, which oversees a controversial cryptocurrency, was officially formed on Tuesday, and its five board members have one thing in common: close relationships with Facebook Inc. and its executives.

      • Patents and Software Patents
        • [Guest Post] Fighting for your IP rights in Denmark – it’s expensive, but now maybe less so?

          With a new decision issued on 29 August 2019 by the Danish Eastern High Court (Danish only), the tides may now be turning. A new precedent may just have been set for the recovery of a party’s costs incurred by the use of experts, including European Patent Attorneys, and not least for legal costs recovery in general in Danish patent disputes. European Patent Attorneys, in particular, are often brought as expert witnesses by the parties, and their statements and testimonies (although admitted as evidence of a party rather than as impartial expert statements) tend to be regarded as highly persuasive.

          The case concerned the companies Gilead and Sandoz who had been in a legal dispute over a potential infringement of Gilead’s patent for the products “Emtricitabin and Tenofovirdisoproxil (as fumerat)”. Gilead was granted a preliminary injunction, which Sandoz appealed. While the appeal was underway, Gilead’s patent was declared invalid in a separate case against a third party. Sandoz therefore brought a separate motion before the Maritime and Commercial High Court (MCHC) to lift the preliminary injunction.

          [...]

          The case is a step in the right direction for the recovery of European Patent Attorneys’ fees in Denmark. What’s more, the award of actual legal costs incurred was set at 49.5% of the documented legal costs. This is a high level of costs recovery compared to most cases – and potentially the beginning of a general trend towards higher costs awards. However – and more likely – it may also just underline the point that the level of costs awards granted by Danish courts is too low, and that this may have lead companies to turn their backs on the Danish court system. Indeed, the Danish recovery rate has long seemed to be much lower than in comparable jurisdictions such as Norway and Sweden. In these neighboring Nordic countries, the winning party is generally awarded full costs, unless it is apparent that a full award is not merited (e.g. where the winning party’s legal costs are exceedingly and unnecessarily high compared to the costs spent by the losing party).

      • Copyrights

…So This GNU/Linux User Goes to a Pub With Swapnil and Jim

Tuesday 15th of October 2019 04:12:33 PM

Linux.com Editor and Linux Foundation Chief

Summary: It’s hard to promote GNU/Linux when you don’t even use it

How to THRIVE, in Uncertain Times for Free Software

Tuesday 15th of October 2019 03:00:11 PM

By figosdev

Summary: “The guidelines are barely about conduct anyway, they are more about process guidelines for “what to do with your autonomy” in the context of a larger group where participation is completely voluntary and each individual consents to participate.”

First things first: apologies for the acronym.

To
Help
Realise
Ideal
Volunteer
Efforts

These guidelines were written in late July, before the FSF Titanic series or Stallman stepping down. The reaction I tend to expect to a list like this is: “Oh no, a Code of Conduct.”

“The guidelines are barely about conduct anyway, they are more about process guidelines for “what to do with your autonomy” in the context of a larger group where participation is completely voluntary and each individual consents to participate. In other words these are intended to assist, not be imposed. Maybe a better way to consider them is as a sort of informal RFC.”If that’s your concern, I can appreciate it. Which is why the thrive guidelines have their own Code-of-Conduct Escape clause:

“Wherever these guidelines are misused to threaten community and development, they should be regarded with scrutiny — whenever these guidelines help create a foundation for purposeful development and progress, they should be considered thoughtfully.”

This is despite the fact (and hopefully reinforces the idea) that the guidelines are intended to be non-binding.

The guidelines are barely about conduct anyway, they are more about process guidelines for “what to do with your autonomy” in the context of a larger group where participation is completely voluntary and each individual consents to participate. In other words these are intended to assist, not be imposed. Maybe a better way to consider them is as a sort of informal RFC.

I will quote each of the ten guidelines one a time, then comment on each in the hopes of further clarification.

1. “Integrity and checks and balances are more valuable than false compromise.”

I’m fond of pointing out that just enough compromise can be wonderful, but too much can be devastating. Having more than one group working to maintain and improve the ecosystem means that if one authority (or respected group) goes sour, then others can speak up and offer a backup plan. Fans of a single, centralised point of authority won’t like this. But, it is a recommendation. It is non-binding, so people who are against it simply won’t have anything to do with it.

As I said in my previous article, for example:

“Many have called for a certain large, corporation associated with a particular primary-coloured hue to apologise for their active role in the Holocaust. Yet one of their subsidiaries asks for an arguably more grassroots organisation to seize an opportunity for greater diversity.”“When we agree on something, we struggle together. When we can’t agree, we struggle apart. It’s very useful to find our commonalities, and understand our differences. For many of us, Stallman and freedom are two things we are not willing to compromise on.”

That isn’t a decision that a central authority needs to make. Many of us are not willing to bend on the Stallman issue (a reminder that this guideline predates the Stallman issue.) So we invite anybody who is willing to work with us despite not bending on that issue, do so. They don’t need to sign an oath of loyalty to Stallman, but if they ask us to do something unjust against him — that’s something we won’t do.

At that point, you have a schism — and you would actually have that schism anyway. The difference is that some of us are building something that is more schism-tolerant. Other points address this a little more directly.

2. “Ignoring your own standards, as well as taking rules too seriously, can compromise the integrity of your community. Many communities are already diminished along these lines.”

This is mostly a comment on the state of communities, and a recommendation to try to live up to your own community standards. Those who already oppose the imposition of a Code of Conduct can read this as: “If you have a Code of Conduct that expects certain behaviour of others, you are naturally expected to treat them just as well as you’re demanding of them.”

Nobody is perfect, and it’s obvious that people already hold some to a more unreasonable interpretation of their standards than others. While suggesting that people not do that isn’t likely to cancel out any hypocrisy directly, this point at least comments on it.

3. “The corporate monopolies that promise to help resolve these problems, have a history of fundamental selfishness and interference. Giving these corporations too great a say in matters has helped them to destroy communities and stifle their efforts.”

This point comments on past mistakes, and also predates one of the best examples. Many have called for a certain large, corporation associated with a particular primary-coloured hue to apologise for their active role in the Holocaust. Yet one of their subsidiaries asks for an arguably more grassroots organisation to seize an opportunity for greater diversity.

“One only need look to Stallman to demonstrate how intolerant we’ve become of opinions — but that intolerance is a standing threat to all of us if we wish to work together and not be ridiculous when we use the word “inclusion.” While these guidelines are not meant to be imposed, if more people had taken them to heart, it would have possibly been more difficult to let Stallman suffer as much as we already have.”You could argue this is the same point as the second one, addressed specifically to very large and powerful companies. While it is unlikely to change the course of those companies directly, it serves as a warning to those who would take their requests (and perhaps, their lip-service) too seriously.

4. “In practical terms, ‘working together’ means finding enough common ground for collaboration. It does not mean abandoning the principles or values of your own community.”

This could be considered a re-iteration of what was said in my previous article: “When we agree on something, we struggle together. When we can’t agree, we struggle apart. It’s very useful to find our commonalities, and understand our differences.” Except it is actually a pre-iteration.

Some differences are worth working past. Other differences are simply worth accepting. Another way of saying this is that along with diversity of people, we should make it possible (whenever we can bring ourselves to do so) to include people with a diversity of opinions. In my own opinion, this is a strength that we were doing impressively well with, before all this corporate help showed up.

One only need look to Stallman to demonstrate how intolerant we’ve become of opinions — but that intolerance is a standing threat to all of us if we wish to work together and not be ridiculous when we use the word “inclusion.” While these guidelines are not meant to be imposed, if more people had taken them to heart, it would have possibly been more difficult to let Stallman suffer as much as we already have.

“These really are anti-monopoly recommendations, for making communities hopefully more robust in the presence of well-organised social attacks.”Not that I want you to think this is all about one example. What I really want you to do is think about how it would be for an entire community to start stoning you because of something you yourself were misquoted as saying by Forbes or ZDNet. All of these guidelines predate that incident, but many of these would have helped mitigate it.

These really are anti-monopoly recommendations, for making communities hopefully more robust in the presence of well-organised social attacks. If you think you can create a better version, these guidelines are already in the public domain.

And people are going to argue for more centralisation, of course. Some people like centralisation and single-points-of-failure, because they think of control exclusively in terms of benefits, not costs. Decentralisation has costs as well.

Very few meaningful decisions are made without accumulating both costs and benefits. It’s really a question of what benefits are desirable and what costs are unacceptable. If you can accept a single-point-of-failure that guarantees a tragedy in the long run, there are some short-term benefits to say the very least.

5. “In dealing with both critics and allies, it is always more useful to look past the superficial — towards motivations, true nature and real effects. Society encourages the shallow evaluation of goods and services, as well as of people. Vital communities must do better in this regard than general society, if they wish to thrive. This is not intended to eliminate speculation, only to temper superficiality.”

“A lot of it comes down to accepting differences, having more than a single venue for progress to be worked on, and working together when it makes sense. This is more robust because if you get Amish-shunned out of one community that has gotten a bit weird or been taken over, there are other places nearby where you can contribute instead.”Superficiality is a theme addressed in my previous article on Techrights (already linked from point 1.)

Back when the “Free Software Federation” was more of a concept, these were guidelines on how people who want such a thing to work (this by no means assumes that everybody would want it to) could understand how to make it run smoothly enough.

A lot of it comes down to accepting differences, having more than a single venue for progress to be worked on, and working together when it makes sense. This is more robust because if you get Amish-shunned out of one community that has gotten a bit weird or been taken over, there are other places nearby where you can contribute instead.

“Another thing to think about the is the level of censorship and interference going on. In security terms, this should be part of our threat model…”It is also a strong suggestion that such schemes have gradually been proven necessary if we want Free software to continue to have the level of practical success it already had in the past. A lot of people already look around and realise that “something has gone terribly wrong.” You can be certain there will be people demanding that single-points-of-failure be reinforced by more monopolistic means.

As recent history has shown us, when that happens it can leave us generally out of the loop — just sort of waiting for “permission” or a “cue” to get back to business as usual, while we try to figure out how to respond or move forward, without much in the way of means to do so. A reasonable word for that effect is “devastation.” It’s good to ask if we would have that level of devastation right now, if we had found a way to make Free software (as a movement) “more robust” or as I keep saying, “more decentralised.”

In the past, we had collaboration schemes as loosely defined as something called a “web ring.” Today, a “mesh network” would be a resilient structure more worthy of consideration than a “ring” (which was often maintained by a single person, albeit one who was very open to all sorts of people joining and adding their website.)

So you could, if you wanted to maybe overhype the idea, call this an “early version of a social protocol for a voluntary organisational mesh network.” But just calling it the “THRIVE Guidelines” is probably a lot more reasonable.

Another thing to think about the is the level of censorship and interference going on. In security terms, this should be part of our threat model:

I’m referring to this sort of behaviour from large corporations.

I’m also referring to this sort of behaviour from our beloved non-profits.

And even in the example of the FSF and FSFE:

“In 2018, FSFE used these tactics to make it appear that nobody supported elections any more.”

“In 2019, rogue elements of the Free Software Foundation (FSF) staff used the same tactics to undermine their own founder, Richard Stallman.”

“I don’t even think the other FSF chapters are prepared to defend everything the FSFE is doing right now.”NOW, if we can’t even even trust the FSF to prevent this sort of thing, and if their own objectives are being compromised by the (completely unjustified — as in there is simply no good reason given) censoring of mailing-lists, what exactly do we do?

And THAT is why federation is actually key to the future of our movement. It’s certainly not that the FSF doesn’t have a completely vital role to play. I think as the original, pioneering organisation with the most experience to lend us (and traditionally the greatest authority — actively maintaining the definition of Free software itself) I think bolstering that organisation (what Stallman asks us to do, I would add) is a very good idea.

But when I wrote about the need to create lifeboats for the same organisation prior to a great tragedy — which happened not 30 days later, as things turn out — I wasn’t doing that because I thought it would make a great story. I was doing it for exactly the reason it said on the tin:

A. The FSF is vulnerable.
B. The FSF is vulnerable.
C. The FSF is vulnerable.

The most obvious way around this (mission-damaging) censorship (a topic Daniel Pocock knows more about than I do — I comment on the things he goes into great detail about — with actual facts and evidence that I had only expected to come out eventually) is to have more communication, interconnection and organisation between autonomous “nodes” of this movement.

As it happens, such nodes already existed. Right now it appears that (if Pocock’s claims are true, and I suspect they are) the FSF (Boston) is at least somewhat compromised, and FSFE is (as I already thought) more compromised. I don’t even think the other FSF chapters are prepared to defend everything the FSFE is doing right now.

“FSFE censors, Pocock un-censors, the Federation “boosts” the uncensorship.”In terms of Copyright and Patents and yes, censorship — the EU is a mess right now, and FSFE is just a snail’s distance from going along with it on far too much.

So who is going to hold the FSFE accountable on these matters? Their members? The FSFE is (according to what I gather from reading the things Pocock says, but not to put these words in his mouth) manipulating its members with an almost Facebook-like tactic. I’m surprised, but not shocked that it has come to that.

Please don’t get me wrong on this — I’m not saying the future is hopeless for the FSF, only that the present is obviously dire!

And that if we care, we will lend them a hand that they have no real choice to turn away. FSFE censors, Pocock un-censors, the Federation “boosts” the uncensorship.

“Now, where do we get future coders from?”A federation that cares about Free software has the potential to “route around” not only mailing-list censorship, but even the corruption that happens at the very top of these organisations. But it loses that flexibility if we try too hard to “unite.” It is the redundancy that creates the robust nature of what we are doing.

But if you’ve ever tried to write code that uses concurrency, you know that such things are a little less intuitive than traditional scripting. So to make that accessible to more people, we have these recommendations.

If you want to know more about working around mailing list censorship, I strongly recommend looking around Daniel Pocock’s blog for more: https://danielpocock.com

Now, where do we get future coders from? From time to time, some people express concern about the “aging” of their developer force. This means that people capable of contributing either aren’t allowed to join, aren’t aware of the opportunity to join, aren’t interested in joining — or don’t even exist.

One way to address all of those points is with education:

6. “Without some greater commitment to the needs and education of users, Free software will soon lose too much ground to corporations that falsely pander to them. This is not a call to make everything ‘user friendly.’ As a user, you are free to develop on your own terms. There are still areas in which progress could be made regarding development.”

Should we allow repos (such as F-Droid) to be balkanised over political differences? Maybe not:

7. “It is better to have communities divided over politics than to have software development and repos hijacked and repurposed by a single political faction.”

How can a federated community help prevent such hijacking of repos? With a (relatively) neutral 3rd (or 3rd, 4th and 5th) party:

8. When communities with valuable contributions become divided over political differences, umbrella communities and organisations are a positive way to invite long-term resolution. Haste and superficial resolution are less positive, though “first step” efforts will hopefully count for something.

But false compromise is once again warned against — due to the amount of it I think we’ve already witnessed. We always want to enable cooperation where we can, without introducing false compromises and bad compromises. Freedom of course, produces differences:

9. “Each community should be allowed to explore its own options to further the long-term benefits of its efforts towards software freedom — subject to informal approval and/or intellectually honest (fair) critique from from other communities.”

If you need permission to comment, we really have dramatically changed as a movement. Point 9 says more than that, but this is a point worth reiterating at this time.

But what about the users? What should we do for them? The user of today may one day become the ally of tomorrow. So maybe, let’s one way to set a good example for our future is:

10. Communities should avoid, as much as possible and practical, efforts to lock other users into their software or distributions. The more important and popular (and fundamental) the software is, the more modular and optional and flexible the software should ideally be. Even the distro itself should become more modular and universal — via thoughtful design conventions, rather than rigid and demanding standards. But when in doubt, refer to points 5 and 9.

If you’ve read the FSF Titanic series, there are many more comments on making this sort of thing possible.

As for this list of recommendations — you can think of it as being told what to do, no matter how much someone stresses that the idea is nothing of the sort. On the other hand, I would say that it’s unfair to ask people to do something complicated and revolutionary without providing some real suggestions as to how it could be possible.

These guidelines were one of the first steps (predating, and even helping to inspire the FSF Titanic series) towards providing those real suggestions. As a bonus, this many-paragraph article and contextual update can be swapped out to some reasonable degree with just the 10 points mentioned. Though now that there’s some commentary on them, it’s possible their value is a little more obvious.

Long Live Stallman, and Happy Hacking.

Licence: Creative Commons CC0 1.0 (public domain)

When They Run Out of Things to Patent They’ll Patent Nature Itself…

Tuesday 15th of October 2019 02:48:44 PM

No patents on life and nature? You must have missed the news!

Summary: The absolutely ridiculous patent bar (ridiculously low) at today’s EPO means that legal certainty associated with European Patents is at an all-time low; patents get granted for the sake of granting more patents each year

HAVING just covered software patents in Europe and UPC issues, we now look at the broader picture in the European Patent Office (EPO).

It’s so sad that in less than a decade the EPO managed to earn a reputation worse than that of the USPTO not just because of the scandals but also decline in patent quality. Those two things are of course closely linked. Examiners that Battistelli has not managed to drive away António Campinos either drives to ‘retirement’ or replaces with private companies. It’s as if it’s an actual goal to get rid of experienced examiners and turn their job into a business venture with the likes of Serco, which already do business for the USPTO.

“It’s so sad that in less than a decade the EPO managed to earn a reputation worse than that of the USPTO not just because of the scandals but also decline in patent quality.”When EPO founding documents were crafted and refined half a century ago architects of the system envisioned a system that would serve scientists, be inclusive (not in the nepotism sense), and not be run like a greedy corporation. The EPC was routinely violated in recent years and nobody was held accountable. This is why we end up in such a sordid mess. It’s utterly grotesque.

Check out who’s hammering the news wires this week [1, 2] with stuff like this, in effect self-promotional words for an event that berates quality control:

Many patent applications and patents are lost before the EPO, either before Opposition Divisions or before Appeal due to incorrect original drafting, and added subject matter is a recurrent problem. Learn advanced drafting techniques for successful EPO patent applications.

Many patent applications and patents are lost before the EPO Boards of Appeal due to incorrect original drafting. Added subject matter is a recurrent problem: Amendments made during grant procedure, to take account or new prior art, amount to added subject-matter, often fatal in opposition procedure before the EPO, and national courts.

Giving tips for getting patents from the EPO — even if fake patent monopolies — by employing tricks to exploit deliberate loopholes. Is this what we’ve come to? Also published yesterday was this piece behind the Agrow paywall:

Submissions urge EPO not to patent conventional plants

The European Patent Office (EPO) has been urged not to patent conventionally bred plants in separate submissions from the European Commission and a group of farming and environmentalist organisations.

Such patents should never have been granted in the first place; patents on nature don’t make sense, neither morally nor legally. Anyone who’s granting them does a disservice to common sense and the planet. Similar patents literally cause the death of a lot of people. Back in February we wrote about patents on cancer treatment — the latest of many articles on the subject. Here’s a new press release about another such European Patent:

Onxeo S.A. (Euronext Paris, NASDAQ Copenhagen: ONXEO), (“Onxeo” or “the Company”), a clinical-stage biotechnology company specializing in the development of innovative drugs targeting tumor DNA Damage Response (DDR) in oncology, in particular against rare or resistant cancers, today announced having received a communication from the European Patent Office (EPO) informing the Company of its intent to grant a new patent strengthening the European protection of compounds sourced from its platON™ platform.

[...]

This patent will provide a term of protection valid until mid-2031, which could be further extended until 2036 via the supplementary protection certificate (SPC) system. It completes the already robust set of 9 patent families securing the protection of AsiDNA™ and its related compounds.

Instead of tackling cancer, as it should, the EPO grants monopoly through patents so as to limit who can treat cancer!

Here’s another new statement, coming from esoteric sites like “Golden Casino News”:

Scandion Oncology A/S (“Scandion Oncology”) today announces that the European Patent Office (“EPO”) has granted the company’s patent application for SCO-101 when combined with chemotherapy. Patent is valid until May 2037.

The headline says “Scandion Oncology A/S receives EU-patent for SCO-101,” but that’s just wrong. EPO is not EU. Notice what’s being granted here; the EPO now treats cancer as “business opportunity” rather than something to be cured; the same goes for global warming. If only more people grasped the seriousness of it…

Rose Hughes (working for companies like the above) has meanwhile covered T 1003/19) — a case concerning intention to grant European Patents:

Recent Board of Appeal decision T 1003/19 poses a riddle: when is it not the intention of the EPO to grant the “text-intended for grant? Before the Examining Division (ED) grants a patent application, they send the applicant a copy of the text-intended for grant (“Druckexemplar”) (Rule 71(3) EPC). The text-intended for grant is normally considered to be, as the name suggests, the text that the ED plans on granting. In response to the Rule 71(3) communication, the applicant approves the text-intended for grant by filing translations of the claims and paying the appropriate fees. If the applicant approves the text-intended for grant, the patent is granted.

T 1003/19 related to an appeal from a decision of the ED to grant an application based on a text-intended for grant in which all but one of the drawings pages were missing. The applicant had approved the text-intended to grant. In most circumstances, it is difficult for a patentee to correct mistakes in a granted patent based on a text-intended for grant that they have approved. As stated in the Guidelines for Examination: “Since the final responsibility for the text of the patent lies with the applicant or patentee, it is his duty to properly check all the documents making up the communication under Rule 71(3)” (H-VI-3.1). It is difficult to argue, for example, that it was not the intention of the ED to grant a patent containing a mistake introduced and approved by the applicant themselves (G 1/10, IPKat post here).

[...]

The BA concluded that the applicant had not approved a text-intended for grant. The BA therefore set aside the decision to grant the patent.

There are serious autonomy problems at the EPO as the appeals process is lacking independence and suffering massive backlogs as well.

“Trips to Cambodia and Ethiopia don’t exactly present the EPO as a world leader.”Alex Frost, writing the first reply to this post, said: “We have tried to escalate this problem with the EPO as it is causing huge problems with disgruntled applicants who are being told that they cannot rectify a problem that is in no way of their making.”

Here’s the full comment from Alex:

A welcome decision given the exponential rise we are seeing in the number of errors being introduced by Examining Division at the moment. So far in 2019, just of my own cases, I have come across 5 with significant errors (description pages missing or duplicated; drawings missing etc), all of which were the fault of the EPO (either the Primary Examiner or his/her Formalities officer, presumably). Goodness only knows how many such cases there have been across the whole firm/profession.

This is against a backdrop of, I guess, a similar number (5 or 6 ) such cases of mine with this sort of ED introduced error over the whole previous 25 years of practice. No doubt a part of the problem is the unseemly haste to examine and grant applications at the moment. We have tried to escalate this problem with the EPO as it is causing huge problems with disgruntled applicants who are being told that they cannot rectify a problem that is in no way of their making.

It’s nice to see so lucidly expressed (and publicly recognised) issues aired in IP Kat again, even if only in the comments. The decline in patent quality will accompany a collapse in legal certainty. And then what? Who would then be willing to apply for European Patents or at what cost? What does EPO even know of patent quality? The EPO, in external communications, brags about spreading its lowered patent quality and invalid patents to other continents! “In order to avoid duplication of efforts and provide services on time and at a high level of quality, IP offices need to work together,” the EPO wrote yesterday. Judging by which patent offices today's EPO takes photos with, the future doesn’t seem promising. Does the EPO try to adapt to the standards of countries with not a single European Patent? Trips to Cambodia and Ethiopia don’t exactly present the EPO as a world leader.

EPO Boards of Appeal Need Courage and Structural Disruption to Halt Software Patents in Europe

Tuesday 15th of October 2019 01:56:31 PM

It takes courage — not just intelligence — to oppose misnomers such as "artificial intelligence" patents

Summary: Forces or lobbyists for software patents try to come up with tricks and lies by which to cheat the EPC and enshrine illegal software patents; sadly, moreover, EPO judges lack the necessary independence by which to shape caselaw against such practices

THE European Patent Office (EPO) has taken control of another EPO, the Organisation. Battistelli started it and António Campinos continues just that. He even rendered his 'boss' at the Council his 'butler'. Imagine that! How is that even legal/constitutional? Maybe it isn’t. But who’s to actually enforce the law/constitution (or EPC)? This is a circular issue.

Advocacy of software patents by the EPO isn’t news; we saw some forms of it way back in the Brimelow days, but it has been getting worse since and judges have since then totally lost any sense of autonomy and independence. They will probably ‘vote’ (decide) the “usual way” some time soon (patent on software simulation) because Campinos is already meddling towards that outcome! See what happened in G 2/19.

“They will probably ‘vote’ (decide) the “usual way” some time soon (patent on software simulation) because Campinos is already meddling towards that outcome!”Sometimes we still see examples of software patents being thrown out inside rather than outside the EPO. Sometimes even loud proponents of software patents (no, not software professionals) admit it. Such was the case the other day when Bardehle Pagenberg wrote: “Authenticating individuals based on liveness probability: non-technical EPO refused to grant a patent on a method of authenticating financial transactions based on biometric data.”

Bardehle Pagenberg is, in our experience, the most vocal and shameless proponent of these bogus patents. They focus on these. Bardehle Pagenberg’s Patrick Heckeler, having published this page, even promoted another case where:

The first instance examining division refused searching the claimed subject-matter because it allegedly lacks technical character…

Forget about all that “technical” (or “technical effect”) nonsense; it’s the wrong test or criterion/criteria. Same for “problem-solution”. The sole riddle ought to be, does this cover something physical (where that physical thing is strictly required)? If not, then it’s abstract. Throw out the application/patent.

Sadly, however, the EPO adopted clever little tricks and loopholes, such as misuse of words like “machines”; they associate the overused term “AI” with “machine learning” (what it means originally) as if there’s some machine or device somewhere. This week they also repeat the nonsense which is “machine translations” when they say: “What is the role of machine translations in proceedings before the EPO?”

“Sadly, however, the EPO adopted clever little tricks and loopholes, such as misuse of words like “machines”; they associate the overused term “AI” with “machine learning” (what it means originally) as if there’s some machine or device somewhere.”“Those are not “machine translations” but lousy algorithms that take something in and spew garbage out,” I told them, “an incoherent mess for most languages, with no legal validity whatsoever…”

It’s rather worrying to see how the EPO deals with obvious software patents that under 35 U.S.C. § 101 the U.S. Patent and Trademark Office (USPTO) would be pressured to throw out, either at first instance (examination) or Patent Trial and Appeal Board (PTAB) — or, failing that, district courts, the Federal Circuit and SCOTUS (no potent challenge to that in 5 years at that level).

Professor Dr. Maximilian Haedicke on Lack of Separation of Powers at the EPO (Which Dooms UPC)

Tuesday 15th of October 2019 12:25:30 PM

“Truth is treason in the empire of lies.”

Or: Truth is sunshine to the vampires of lies.

Summary: Team UPC (“empire of lies”) is catching up with reality; no matter how hard media has attempted to not cover EPO scandals (after the EPO paid and threatened many publishers that tried), it remains very much apparent that EPOnia is like a theocracy that cannot be trusted with anything

WE CAN quite safely assume that most examiners at the European Patent Office (EPO) aren’t happy with the direction the Office has taken. Staff surveys have repeatedly shown this (with large margins). António Campinos is just more of Battistelli and they carry on lowering patent quality, based on studies they attempt to suppress. They’re meanwhile creating new loopholes/routes to software patenting in Europe and striving to replace ‘naughty’ European courts (that ‘dare’ oppose such patents) with something more ‘obedient’ or complicit. EPO judges are casualties as they’re being terrorised to the point where it’s dangerous (to one’s career) to oppose patent maximalists. Only weeks ago we saw Campinos intervening in favour of software patents. He made remarks about an important upcoming case. Does he not have something better to do (than meddling in legal matters he lacks technical qualifications in)?

“Only weeks ago we saw Campinos intervening in favour of software patents. He made remarks about an important upcoming case.”Who’s in charge of the EPO? Certainly not the law or judges who enforce/review that law. A politician from France/Portugal calls all the shots. These aren’t scientists but politicians! Nontechnical autocrats, people who keep calling patents “property” yet again (they’re not property). “You mean patents,” I told them last night. They never respond. On they go with joint EUIPO lies (now 3 weeks of that disgraced “IP” ‘study’, tweeted and retweeted every single day). Pure pseudoscience and an insult to facts.

Should we be surprised that several nations — not just Germanyopenly oppose the handover of patent courts to EPOnia? Or that scholars issue strongly-worded criticisms when they’re not on the EPO’s payroll?

“Should we be surprised that several nations — not just Germany — openly oppose the handover of patent courts to EPOnia?”Team UPC hardcores (apparently a Brit in Munich) are tweeting (quoting) that “rule of law within the EPOrg are criticised. This question is further explosive against the background of the equally pending constitutional complaint against the Unified Patent System.”

Tweets aren't journalism, but this is a translation of a journal. This thread in full says: “Potential impact of G3/19 on DE constitutional complaints; UPC? Prof. Haedicke, GRURInt 2019, 885 on referral G3/19 (from orig German): “This conflict, however, is about much more than the question of the interpretation of A53(b) EPC. It makes it clear that the [EPO President] and the AC seem to have a different understanding of the relationship between the institutions of the EPOrg than the Boards of Appeal. The scope of the judicial control over legislative acts of the AC and the degree to which the AC is bound by the [...] interpretation of the EPC rules by the BoA are controversial. In question is the power of the judiciary to take binding decisions on the interpretation of the EPC which go beyond the individual case. Also affected is the role of the President of the EPO and the system of [...] checks and balances within the EPOrg resulting from the separation of powers.[…] The effects of this dispute thus extend far beyond the concrete question of fact. If the AC were able to change the case law of the Enlarged BoA in order to extend its binding force beyond the [...] individual case, this would enhance the position of the AC, significantly weaken the BoA & strengthen the position of the critics of the EPC to its detriment. The referral may also have consequences for several pending constitutional complaints in which shortcomings in the [...] rule of law within the EPOrg are criticised. This question is further explosive against the background of the equally pending constitutional complaint against the Unified Patent System. It is of great importance to ensure that the relationship between the AC and the BoA [...] complies with principles of the rule of law.”

“It doesn’t matter what some lawyers and politicians at the EPO (and around it) say; at the end of the day the issue is now in the hands of judges the EPO does not control (perhaps with the exception of Stephan Harbarth).”The litigation ‘industry’ refuses to let UPC/Unitary Patent die. Herbert Smith Freehills LLP still mentions it in relation to Brexit (and promoted its take on it earlier this week).

It doesn’t matter what some lawyers and politicians at the EPO (and around it) say; at the end of the day the issue is now in the hands of judges the EPO does not control (perhaps with the exception of Stephan Harbarth).

Widespread condemnation or popular uprise won’t be possible (as happened with the EU copyright directive) if media refuses to cover it.

As Expected, the Bill Gates Propaganda Machine is Trying to Throw/Put Everyone off the Scent of Jeffery Epstein’s ‘Incestuous’ Ties With Gates

Tuesday 15th of October 2019 10:10:01 AM

Quote from important article of the New York Times (published over the weekend):

Summary: Media ownership up on display; it’s amplifying false claims for a whole month, whereas truth/correct information gets buried before a weekend is over

ALMOST EXACTLY ONE MONTH after media funded by Bill Gates’ close friend (VICE) slandered Richard Stallman we’re seeing familiar patterns again. This was very much predictable and in recent days we did several articles and memes about it, e.g. this one.

It’s hardly a secret that the Gates Foundation controls a lot of publishers. Through his sham ‘charity’ Bill Gates has bribed a lot of the British media, repeatedly, including the largest publishers. The same is true for most other countries (where the spoken language is not English). Worry not, they’ll drown out with noise any signal about Gates pedophilia connections/acts…

“Keep an eye and bear in mind this is a symptom of media ownership. It’s putting false words in people’s mouths to defame them in order to distract from the written record of someone else…”Radio Active VCs has just noted: “Saturday, when no one is paying attention: Bill Gates had deep relationship with Jeffery Epstein that he’s been lying about. Monday, prime time news drops: Cutie pie billionaire Bill Gates loves to read!”

Citing an article/puff piece entitled Bill Gates Says Anti-Vaccine Autism Groups “Kill Children” (could help distract from real news), this new tweet says: “Don’t know anyone out there “killing children!” Spare us the histrionics!!Meanwhile Bill Gates working w/ child rapist #JeffreyEpstein #Hypocrite” (we’ve come across many similar tweets that assert with confidence Gates is a pedophile looking to hide something he did).

Keep an eye and bear in mind this is a symptom of media ownership. It’s putting false words in people’s mouths to defame them in order to distract from the written record of someone else (see image at the top).

As a side note, isn’t it rather ironic that patent zealots are, as early as this week, celebrating a mass murderer and rapist (also of young indigenous Americans, prepubescent according to historic records) with another ludicrous patent granted by the U.S. Patent and Trademark Office (USPTO)?

[ES] El Kernel de Linux está introduciendo Open Source Privative Software

Tuesday 15th of October 2019 05:08:57 AM

By Pedro Fco. (maslinux.es)

This is a Spanish translation of: Software Freedom Eroding in Linux and Nobody Seems to Care or Oppose This and mirrored over at El Kernel de Linux está introduciendo Open Source Privative Software (Artículo de opinión de Roy Schestowitz)

Summary: Linux, el kernel, continúa su trayectoria o el camino hacia convertirse en software propietario de código abierto (OSPS).

La importancia de la Libertad del Software será entendida más y más (o mejor) con el tiempo. He aquí un nuevo ejemplo de las noticias. Cuando la gente no controla el software, es el software el que los controla a ellos – un punto que Richard Stallman ha estado enfatizando durante décadas.

El jefe de la Fundación Linux y el único editor de Linux.com son usuarios de Mac (este último alardeó ayer de sus múltiples “Macs”), así que no esperes que se preocupen por la Libertad de Software. No lo hacen. No hemos estado hablando mucho (o con frecuencia) sobre ellos últimamente porque son una causa perdida. Nos rendimos. Se apoyan en historias antiestallmánicas. Linux.com se siente como un sitio de Openwashing y Microsoft (nuevos ejemplos a tal efecto).

Mientras tanto, se ha puesto de manifiesto, una vez más, que AMD sigue adelante con la DRM. Como dijo Michael Larabel:

“Soporte inicial de HDCP. Sí, protección de contenido digital de alto ancho de banda. Este soporte para HDCP Linux en el lado de Radeon viene para Raven Ridge y más nuevo. Como se explica en el artículo anterior, es probable que se deba a que los APUs de AMD están llegando a más Chromebooks y, por lo tanto, todo puede ser visto como algo bueno. Para aquellos que no desean soporte para HDCP, la implementación de AMDGPU DC permite desactivarlo como una opción de Kconfig“.

“Más cambios en la AMDGPU para Linux 5.5 seguirán en las próximas semanas“, añadió Larabel. “El ciclo Linux 5.5 comenzará formalmente a finales de noviembre y se estabilizará a principios de 2020. La lista de cambios para esta AMDGPU DRM-Next-5.5 pull inicial a través de esta lista de correo.”

Ese segundo DRM no es el mismo DRM (sólo el mismo acrónimo) y no es algo a lo que se opondría ni siquiera Stallman. Lo preocupante, sin embargo, es que se ha vuelto ‘normal’ lanzar DRM de restricción de usuarios a GNU/Linux (usando palabras/términos técnicos como “HDCP”), la pieza más famosa y conocida del software libre. A los responsables de la Fundación Linux no les importa (ni siquiera usan GNU/Linux) o no se atreven a decir nada – viendo lo que les pasa a los que sí lo hacen.

La gente habla mucho sobre la situación de Stallman en este momento (una segunda ola de llamadas para eliminarlo de GNU) aunque pocos conectan lo que se le está haciendo a Stallman con lo que le pasó a Torvalds hace un año. Se está incitando a la gente contra los que hacen lo correcto.

Linux Foundation Board Meeting

Monday 14th of October 2019 07:13:36 PM

Linux Foundation session in progress

Summary: More sponsored keynotes and tweets — like more sponsored articles (or “media partners”) — aren’t what the Linux Foundation really needs

Links 14/10/2019: Linux 5.4 RC3, POCL 1.4, Python 3.8.0

Monday 14th of October 2019 06:55:37 PM

Contents
  • GNU/Linux
    • My Linux story: I grew up on PC Magazine not candy

      In 1998, the movie Titanic was released, mobile phones were just a luxury, and pagers were still in use. This was also the year I got my first computer. I can remember the details as if it were yesterday: Pentium 133MHz and just 16MB of memory. Back in that time (while running nothing less than Windows 95), this was a good machine. I can still hear in my mind the old spinning hard drive noise when I powered that computer on, and see the Windows 95 flag. It never crossed my mind, though (especially as an 8-year-old kid), that I would dedicate every minute of my life to Linux and open source.

      Being just a kid, I always asked my mom to buy me every issue of PC Magazine instead of candies. I never skipped a single issue, and all of those dusty old magazines are still there in Costa Rica. It was in these magazines that I discovered the essential technology that changed my life. An issue in the year 2000 talked extensively about Linux and the advantages of free and open-source software. That issue also included a review of one of the most popular Linux distributions back then: Corel Linux. Unfortunately, the disc was not included. Without internet at home, I was out of luck, but that issue still lit a spark within me.

    • Tired of Windows and Mac OS? Switch to Elementary OS!

      Elementary OS is one of the most beautiful and clean-looking operating systems available for use in computers. It is fast, open and privacy-oriented. Elementary has its characteristic design philosophy and made aesthetic use of colours. Over the years, this free-to-use operating system has collected heavy praise by reviewers around the world – making it a strong replacement option for both Windows and Mac users.

      The initial development of ElementaryOS started with building themes and applications for Ubuntu, which later inspired the developers to transform it into a full-fledged Linux distribution. The first release of the operating system was on 31 March 2011, and so far, it has been through continuous bugfix and major feature updates.

      The Elementary OS took shape with the concept of making Linux easier for non-technical users. Instead of terminal-based codes, elementary provides a graphical user interface and settings menus to allow users to perform almost all day-to-day tasks without writing any code.

    • Desktop
      • Jussi Pakkanen: Apple of 2019 is the Linux of 2000

        Last week the laptop I use for macOS development said that there is an XCode update available. I tried to install it but it said that there is not enough free space available to run the installer. So I deleted a bunch of files and tried again. Still the same complaint. Then I deleted some unused VM images. Those would free a few dozen gigabytes, so it should make things work. I even emptied the trash can to make sure nothing lingered around. But even this did not help, I still got the same complaint.

        At this point it was time to get serious and launch the terminal. And, true enough, according to df the disk had only 8 gigabytes of free space even though I had just deleted over 40 gigabytes of files from it (using rm, not the GUI, so things really should have been gone). A lot of googling and poking later I discovered that all the deleted files had gone to “reserved space” on the file system. There was no way to access those files or delete them. According to documentation the operating system would delete those files “on demand as more space is needed”. This was not very comforting because the system most definitely was not doing that and you’d think that Apple’s own software would get this right.

        After a ton more googling I managed to find a chat buried somewhere deep in Reddit which listed the magical indentation that purges reserved space. It consisted of running tmutil from the command line and giving it a bunch of command line arguments that did not seem to make sense or have any correlation to the thing that I wanted to do. But it did work and eventually I got XCode updated.

        After my blood pressure dropped to healthier levels I got the strangest feeling of déjà vu. This felt exactly like using Linux in the early 2000s. Things break at random for reasons you can’t understand and the only way to fix it is to find terminal commands from discussion forums, type them in and hope for the best. Then it hit me.

      • Pinebook Pro Linux laptop launches from $199

        After opening preorders back in July 2019 for the new Pinebook Pro Linux laptop, creator and manufacturer PINE64 has this week started shipping out the new Lenox laptop to customers. Powered by a 64-Bit Dual-Core ARM 1.8GHz Cortex A72 and Quad-Core ARM 1.4GHz Cortex A53 supported by Quad-Core MALI T-860 graphics and 4 GB LPDDR4 Dual Channel System DRAM Memory the Linux laptop is available to purchase priced at $199. Check out the video below for a quick overview of what you can expect from the PINE64 Pinebook Pro Linux laptop.

    • Audiocasts/Shows
      • GNU World Order 13×42

        On the road during the **All Things Open** conference, Klaatu talks about how to make ebooks from various sources, with custom CSS, using the Pandoc command.

      • Open Source Security Podcast: Episode 165 – Grab Bag of Microsoft Security News

        Josh and Kurt about a number of Microsoft security news items. They’ve changed how they are handling encrypted disks and are now forcing cloud logins on Windows users.

      • Linux Action News 127

        Richard Stallman’s GNU leadership is challenged by an influential group of maintainers, SUSE drops OpenStack “for the customer,” and Google claims Stadia will be faster than a gaming PC.

        Plus OpenLibra aims to save us from Facebook but already has a miss, lousy news for Telegram, and enormous changes for AMP.

    • Kernel Space
      • Linux 5.4-rc3 Things continue to look fairly normal, with rc3 being larger than rc2, as people are starting to find more regressions, but 5.4 so far remains on the smaller side of recent releases. The diffstat looks fairly flat too, although we had a couple of staging drivers being removed here that show up as spikes. Drivers in general account for about two thirds of the diff, and it's not just those staging drivers, it's other small noise all over the place: usb, drm, iio, rdma.. Outside of drivers, filesystems pop up more than perhaps usual, but it's again mostly low-grade noise all over: btrfs, cifs, nfs, ocfs, xfs and some core vfs fixes. The rest is arch updates (mainly arm64, x86, mips), tooling (mostly perf tooling updates, but also some selftest fixlets), documentation, and misc core kernel and mm stuff. There really isn't anything huge that stands out. You can scan the appended shortlog for a flavor of the details, it's not too long to just scroll through. Linus
      • Linux 5.4-rc3 Released Ahead Of Official Kernel Debut In November
      • Get to know Oracle Linux Virtualization Manager

        Linux Virtualization Manager can manage multiple on-premises hosts running Oracle Linux KVM. Oracle enhanced Linux KVM in the Unbreakable Enterprise Kernel (UEK) Release 5, an OS kernel tested and optimized for Oracle Linux 7 Update 5.

        Because Linux KVM is the same hypervisor used for Oracle Cloud Infrastructure, admins have an easy migration path from the Linux Virtualization Manager environment to the Oracle Cloud platform. Linux Virtualization Manager also supports importing and exporting software appliances based on the Open Virtualization Format and Open Virtualization Archive standards.

        Oracle based Linux Virtualization Manager on the oVirt project, an open source virtualization platform developed by Red Hat. Linux Virtualization Manager relies on the oVirt engine for discovering KVM hosts and configuring storage and network resources. The platform supports KVM administration for multinode environments, offering a large-scale, centralized management platform for server and desktop virtualization.

      • Intel Firmware Binaries Land For AX200/AX201 Bluetooth Linux Support

        With devices beginning to hit store shelves using the new Intel WiFi 6 AX200 series chipsets, the firmware binaries have landed in linux-firmware.git for rounding out support for these latest WiFi/Bluetooth adapters.

        For a few kernel releases now since earlier this year these new Intel wireless chipsets have been supported by the mainline kernel but the firmware hasn’t been part of the de facto linux-firmware.git tree that houses the various firmware binaries for different hardware component support under Linux.

      • Graphics Stack
        • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

          SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

        • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

          Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension.

          Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

    • Applications
      • 4 Free and Open Source Alternatives to Adobe Photoshop

        Adobe Photoshop is a premium image editing and design tool available for Windows and macOS. Undoubtedly, almost everyone knows about it. It’s that popular. Well, you can use Photoshop on Linux using Windows in a virtual machine or by using Wine – but that is not an ideal experience.

        In general, we don’t have a lot of options available as a replacement for Adobe Photoshop. However, in this article, we shall mention some of the best open-source Photoshop alternatives available for Linux (with cross-platform support as well).

        Do note that Photoshop is not just a photo editor. It’s used by photographers, digital artists, professional editors for various usage. The alternative software here may not have all the features of Photoshop but you can use them for various task that you do in Photoshop.

      • starship – elegant cross-shell prompt at your fingertips

        The Command Line Interface (CLI) is a way of interacting with your computer. And if you ever want to harness all the power of Linux, it’s highly recommended to master it. It’s true the CLI is often perceived as a barrier for users migrating to Linux, particularly if they’re grown up using GUI software exclusively. While Linux rarely forces anyone to use the CLI, some tasks are better suited to this method of interaction, offering inducements like superior scripting opportunities, remote access, and being far more frugal with a computer’s resources.

        For anyone spending time at the CLI, they’ll rely on the shell prompt. I always seem to gravitate back to Bash even though I’ve used more than a dozen shells over the years. By default, the configuration for Bash on popular distributions identifies the user name, hostname, and the current working directory. I recently reviewed Liquid Prompt, an intelligent and non-intrusive prompt for Bash and zsh.

        starship is an alternative to Liquid Prompt. The software aims to show information you need while you’re working, yet being unobtrusive as possible.

    • Instructionals/Technical
    • Games
      • Odds and ends, the Linux and gaming Sunday Section

        Almost time to begin another week full of news, before we do let’s run over a few interesting happenings recently.

        Let’s start with two bits of recent news about Godot Engine, the free and open source game engine. The 3.2 release cycle is going strong, with a second alpha release now available. A massive list of new features and improvements coming to Godot 3.2 can be found here. What’s even more exciting though is the Vulkan work coming with Godot Engine 4.0, with another short progress report post up for it. The new visual frame profiler coming certainly looks useful to help developers squeeze out some more performance.

        More AMD news for you, as it has been reported by Wccftech that AMD now command around 30%+ market share of the CPU market. That’s some very impressive growth, pushed forward by the Zen microarchitecture from 2017. As seen in the graph below from cpubenchmark.net, this is the highest they’ve seen it since 2007.

      • SFB Games to bring Tangle Tower to Linux post-launch if there’s enough demand

        British indie studio SFB Games, developer of the highly rated Detective Grimoire are working on a new game called Tangle Tower and with a little push they could bring it to Linux.

        Tangle Tower is a fully voiced point and click murder mystery adventure, set in a strange and twisted mansion. You will need to interrogate suspects and solve unique puzzles as you progress. Looks and sounds like a great game. Sadly though it’s currently scheduled to release later this month only for Windows and macOS on October 22nd, so no Linux support at launch.

      • Turn-based political simulation game ‘Lawgivers’ adds Linux support with the latest update

        Today I came across Lawgivers, a turn-based political simulation game which recently added Linux support and it looks like it could be a lot of fun.

        Since it’s a political sim, you will be tasked with leading your party into elections. If you manage to get voted in, you will be responsible for approving laws and shaping your country’s destiny.

      • The completely silly fighting game Foreskin Fury is out in Early Access

        After a short delay, you can now jump into Foreskin Fury and have a cock fight. Yes this is a very real game.

        Made in Unreal Engine, the aptly named Stupid Industries said it started off as a joke and they ended up actually learning Blender and Unreal Engine to turn the joke into something a little more real. Here we are, Foreskin Fury was accepted onto Steam and it supports Linux.

      • The currently free indie RTS ‘The Fertile Crescent’ should now work better at different resolutions

        The Fertile Crescent is an upcoming in-development indie RTS that feels like a retro Age of Empires and it’s really quite good. A new update is out (and it’s still free) fixing up the UI for different resolutions.

        I think more of you need to try this one, it’s a wonderful little RTS game that I honestly can’t wait to see expand. Hopefully now more of you actually will be able to try it, as they’ve made it so the interface properly scales with your resolution. Previously, there were problems if you had anything other than 1080p. Not only that, most of the interface was actually redesigned and it gives you more information.

      • Chiaki, the open source and cross-platform PS4 Remote Play client now supports the PS4 7.0 update

        Sony recently upgraded the system software on the PlayStation 4 which broke compatibility with the open source Remote Play client Chiaki. The developer acted quickly and a new release is up.

        This is the software we tested out recently and came away pretty impressed with it. Allowing you to stream games from a PlayStation 4 to a Linux desktop, seriously handy stuff since Sony don’t support it on Linux officially.

      • Adventure simulation, Pine, is now available on PC, Mac, Linux

        Developer Twirlbound and publisher Kongregate have announced today that Pine is now available on PC, Mac, and Linux. In addition, a launch trailer has been released that shows off the beautiful and animated world of Albamare. The adventure simulation has players control Hue, a young explorer on a mission to find a new home for himself and his small tribe.

        The launch trailer features combat, trading, exploration, archery, horseback riding, and dangerous creatures. Check it out below.

    • Desktop Environments/WMs
      • K Desktop Environment/KDE SC/Qt
        • Interview with Fabian Mosakowski

          My name is Fabian Mosakowski and I’m an aspiring illustrator living in France. I’m currently working on my portfolio creating an illustrated fantasy tale called “If Only Blood Was Red”. It deals with what’s left of humans thriving to survive in a land that doesn’t welcome them.

          Currently as a hobby artist. I made a few comissions for close relatives but I’d like to make it professional once my portfolio will be done.

          Mainly fantasy as it’s the narrative thread of my project but I also mix it with dark art, another genre I really enjoy, to fit the story atmosphere. I also occasionnally work in vectorial or comic book style for lighter projects.

    • Distributions
      • Reviews
        • Archman GNU/Linux Xfce 2019-09

          Archman is an Arch Linux-based distribution developed in Turkey. The project’s website is available in both Turkish and English, which makes the distribution approachable to non-Turkish audiences. Archman has various releases with different desktop environments and release dates. In this review, I will be reviewing Archman’s Xfce 2019-09 release, which is codenamed Lake With Fish.

          To begin, I downloaded the 1.6GB ISO and copied it to a flash drive. I rebooted my computer, turned off Secure Boot, and started Archman from the flash drive. The boot process was quick, but I ended up at a graphical login screen instead of a working desktop environment. I pressed the Enter key and I logged in without needing a password.

          The live desktop looked very nice. It is an interesting blend of classic and modern. The live desktop has icons for the user’s home folder and Trash. There is also a shortcut for Hexchat and the Calamares Archman Installer. The panel at the bottom of the screen holds the application menu, shortcuts for showing the desktop/quickly minimizing all running applications, Firefox, the user’s home folder, sections for the currently running applications, switching desktops, a clock, Bluetooth and wireless controls, a battery meter, update notifications, volume control, and a log out/reboot/shutdown shortcut. The panel is 70% the width of the screen and set to automatically hide.

          I looked around the live desktop for a little while. I tested to make sure that everything was working okay with my hardware, and once I was certain that all my hardware worked, I moved on to installing Archman.

        • Xubuntu 19.10 overview | A operating system that combines elegance and ease of use.

          In this video, I am going to show an overview of Xubuntu 19.04 and some of the applications pre-installed.

        • Checking out Crunchbang++ 10 on my Thinkpad T480s
      • Screenshots/Screencasts
      • Gentoo Family
        • Improving distfile mirror structure

          The Gentoo distfile mirror network is essential in distributing sources to our users. It offloads upstream download locations, improves throughput and reliability, guarantees distfile persistency.

          The current structure of distfile mirrors dates back to 2002. It might have worked well back when we mirrored around 2500 files but it proved not to scale well. Today, mirrors hold almost 70 000 files, and this number has been causing problems for mirror admins.

      • SUSE/OpenSUSE
        • SUSE what, adoption’s still growing, shrugs OpenStack Foundation

          OpenStack chief operating officer Mark Collier told The Reg that while SUSE’s decision to abandon its OpenStack Cloud product is “obviously disappointing”, adoption is “strong and growing”.

          SUSE’s decision that it will “cease production of new versions of SUSE OpenStack Cloud” and “discontinue sales of SUSE OpenStack Cloud” is significant, given that it had a seat on the OpenStack board as a Platinum member – one of only eight companies which commits to provide major funding and full-time resources to the OpenStack Foundation, the others being AT&T, Ericsson, Huawei, Intel, Rackspace, Red Hat and Tencent. SUSE will now “carefully transition our board position and sponsorship level” according to a statement sent to The Reg, though it promises continued involvement at some level.

          It is tempting therefore to treat Collier’s remarks to The Reg as damage limitation, but in this case he has a point. OpenStack, which is a set of projects that enables users to run private clouds, has a huge customer base and its market is growing by about 20 per cent a year, according to recent figures and projections. There is not much competition if you want to run an open-source private cloud, and there can be good reasons to do so.

        • Highlights of openSUSE Asia Summit 2019

          The openSUSE.Asia Summit is one of the big events for the openSUSE community (i.e. both contributors and users) in Asia. Those who normally communicate online can meet from all over the world, talk in person and have fun. Members of the community share their current knowledge, experience and learn FLOSS technologies around openSUSE. The openSUSE.Asia Summit 2019 took place from October 5 to October 6, 2019 at the Information Technology Department, Faculty of Engineering, Udayana University, Bali.

        • Maintaining Enterprise Linux Kernels

          Forking the Linux kernel and using it as the basis of an Enterprise product is a challenging task. The pace of development in the upstream Linux kernel makes it hard to keep up with all the fixes that need to be backported. This article describes the process we use at SUSE to find and backport potentially required upstream fixes to our kernels.

          [...]

          Every fix that is reported will be evaluated by a developer and either backported to the kernel branches that need it or blacklisted, so that the fix is no longer considered. But who is the best person (or group) to report a fix to?
          The answer is easy if the fix is for a patch that was backported by someone within SUSE as part of a service pack development cycle. In that case the person who backported the patch is tasked with reviewing the associated fix. The same happens with upstream fixes that are authored or committed by a SUSE employee.
          Assigning fixes for patches that are part of the base-kernel is a bit more complicated. To that end we have introduced a maintainer model with an internal list of experts for most parts of the Linux kernel.
          The approach is similar to the MAINTAINERS file in the upstream Linux kernel, but the file at SUSE is simpler. It only contains a list of people and several path-specs per entry. Each potential fix for the base-kernel is matched against the path-specs in the maintainers list and assigned to the best matching entry. The fix is reported to the developers listed in the matching entry.
          But not all fixes could be assigned that way because the SUSE maintainers list does not cover the whole kernel source tree. For the remaining fixes a heuristic is used. It is based on which source code files in the kernel source tree are touched by the backports of each developer. This is matched against the file(s) a fix touches.

        • Suse: Equipped For The Hybrid Multicloud Age

          Linux as an operating system platform as well as other Open Source technologies as core elements are used in SAP infrastructures. This is applicable for Cloud as well as on-premises deployment. Thus, they are equipped for the Hybrid Multicloud age.
          Open Source arrived in the SAP world a long time ago. The Walldorf-based software company contributed to this development when it made the decision to only use the Linux operating system platform along with SAP Hana and Hana-based application solutions such as S/4.

          And the trend towards Linux with NetWeaver-based infrastructures with AnyDB has already provided the impetus for the deep penetration of Linux. The Hana figures quoted by SAP recently (during this year’s Sapphire conference) speak to this significance. The company now has 50,000 Hana licenses. In addition to Linux, other Open Source solutions are used in SAP environments in conjunction with Data Science and the use of Kubernetes. Kubernetes is used for the orchestration of containers as part of SAP Data Hub environments.

      • Slackware Family
        • LibreOffice 6.2.7 packages available for Slackware 14.2

          There was a recent update in my repository of LibreOffice packages, but that libreoffice-6.3.2 was just for slackware-current.

          There’s a recent release in the LibreOffice 6.2 stable series as well (ok… five weeks ago, not that recent…), and so I decided to use my build box’s free weekend to come up with packages for LibreOffice 6.2.7.
          This release has a security improvement over previous versions, in that it will popup a warning to the user if a document tries to run an embedded script (similar to existing warning mechanism for embedded macros).

      • Debian Family
        • Tails 4.0 RC out now with Linux 5.3, Tor Browser 9.0

          You can now download the latest Tails release candidate that not only comes with increased privacy but also Linux 5.3 and Tor Browser 9.

          Before delving into the news, let’s have a bit of an introduction to Tails, shall we? It sells itself as a live incognito system that focuses on user anonymity and privacy. With Tails, you will be able to browse the Internet without leaving traces, get access to censored content, and have all your messages, files, and emails encrypted.

        • Ritesh Raj Sarraf: Bpfcc New Release

          bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

        • Utkarsh Gupta: Joining Debian LTS!

          Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail.

          [...]

          I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates.
          And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former).
          Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them.
          With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads!

      • Canonical/Ubuntu Family
        • Ubucon Europe 2019 in local media

          News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air.

          The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software.

          For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to

          Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning.

          Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

    • Devices/Embedded
    • Free, Libre, and Open Source Software
      • SaaS/Back End/Databases
        • MongoDB vs. MySQL: How to choose

          During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database.

          Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

      • CMS
        • What’s New in Odoo 13?

          Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations.
          With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

        • Becoming Better Digital Citizens Through Open Source

          The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen.

          [...]

          Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us.

          All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations.

          Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

      • FSF/FSFE/GNU/SFLC
        • Use and throw culture based on lies can’t be coming from Free Software philosophy

          Similar thing happened to Stallman. Actually in an ironic way. This community is created by Stallman only. By 1980s beginning software sharing community was ceased to exist. Then 1983 Stallman himself gave birth to a new community with all legal protection. Because before there were no legal framework for sharing software. Stallman used copyleft idea and GPL to create such a community. There were no help and there were no support. Last 35 years he worked for that.

          Now some new bosses think that he dont look good. He is boring, repeating same thing all these 35 years. Lets get rid off him. You idiots, actually this is his house. You people piggybacked there.

          Still you can have a say if Stallman did anything wrong about free software. But there is nothing he did wrong. Still again I may support you if you with some guts initiate a trial against him on your own behalf. But you did nothing. Instead what you a shameless creature did? Hiding bind an upset woman reacting to smear campaign and lies. This is unacceptable and unethical.

      • Licensing/Legal
        • Contributor License Agreement and Developer Certificate of Origin references

          In the last few years I have come across the CLA topic several times. It is and will be a popular topic in automotive the coming years, like in any industry that moves from being an Open Source Producer towards becoming an Open Source Contributor.

          In my experience, many organizations take the CLA as a given by looking at the google, microsoft or intels of the world and replicate their model. But more and more organizations are learning about alternatives, even if they do not adopt them.

          What I find interesting about discussing the alternatives is that it brings to the discussion the contributor perspective and not just the company one. This enrichs the debate and, in some cases, leads to a more balanced framework between any organization behind a project and the contriibutor base, which benefits both.

          Throughout these years I have read a lot about it but I have never written anything. It is one of those topics I do not feel comfortable enough to write about in public probably because I know lots of people more qualified than I am to do so. What I can do is to provide some articles and links that I like or that have been recommended to me in the past.

      • Openness/Sharing/Collaboration
        • Open Hardware/Modding
          • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

            Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

          • Raspberry Pi 4 B+ – PCI Express

            Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn’t lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

            I’m sharing it to allow people to learn from this – and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

      • Programming/Development
        • How to Read SAS Files in Python with Pandas

          In this post, we are going to learn how to read SAS (.sas7dbat) files in Python.

          As previously described (in the read .sav files in Python post) Python is a general-purpose language that also can be used for doing data analysis and data visualization.

        • Daudin – a Python shell

          A few nights ago I wrote daudin, a command-line shell based on Python. It allows you to easily mix UNIX and Python on the command line.

        • How to Convert Python String to Int and Back to String

          This tutorial describes various ways to convert Python string to int and from an integer to string. You may often need to perform such operations in day to day programming. Hence, you should know them to write better programs.

          Also, an integer can be represented in different bases, so we’ll explain that too in this post. And there happen to be scenarios where conversion fails. Hence, you should consider such cases as well and can find a full reference given here with examples.

        • Thousands of Scientific Papers May be Invalid Due to Misunderstanding Python

          It was recently discovered that several thousand scientific articles could be invalid in their conclusions because scientists did not understand that Python’s glob.glob() does not return sorted results.

          This is being reported on by Vice, Slashdot and there’s an interesting discussion going on over on Reddit as well.

        • PyDev of the Week: Elana Hashman

          This week we welcome Elana Hashman (@ehashdn) as our PyDev of the Week! Elana is a director of the Open Source Initiative and a fellow of the Python Software Foundation. She is also the Clojure Packaging Team lead and a Java Packaging Team member. You can see some of her work over on Github. You can also learn more about Elana on her website. Let’s take a few moments to get to know her better!

        • Eclipse Che 7 and the .NET developer

          Eclipse Che 7, an open source in-the-browser development environment, allows you to define custom workspaces for your software development. Think of a workspace as you would think of a development PC: You have an operating system, programming language support, and all the tools necessary to write code. In this article, I’ll introduce the .NET developer to this new world and highlight ways you can use Eclipse Che to your advantage.

        • How to Convert String to Lowercase in Python

          Some times you may require to convert any string to lower case (all letters). This tutorial will help to convert a string (any case) to lower case as showing in the below image.

        • How to fuck up software releases

          I manage releases for a bunch of free & open-source software. Just about every time I ship a release, I find a novel way to fuck it up. Enough of these fuck-ups have accumulated now that I wanted to share some of my mistakes and how I (try to) prevent them from happening twice.

        • Django 3.0 beta 1 released

          Django 3.0 beta 1 is now available. It represents the second stage in the 3.0 release cycle and is an opportunity for you to try out the changes coming in Django 3.0.

          Django 3.0 has a raft of new features which you can read about in the in-development 3.0 release notes.

          Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 3.0 final (also, translations will be updated following the “string freeze” when the release candidate is issued). The current release schedule calls for a release candidate in a month from now with the final release to follow about two weeks after that around December 2. Early and often testing from the community will help minimize the number of bugs in the release. Updates on the release schedule schedule are available on the django-developers mailing list.

        • LLVM “Stack Clash” Compiler Protection Is Under Review

          Two years after the “Stack Clash” vulnerability came to light, the LLVM compiler is working on adding protection against it similar to the GCC compiler mitigation.

          The Stack Clash vulnerability pertains to clashing/smashing another program’s stack while circumventing existing stack protections at the time. Stack Clash opens up the door to memory corruption and arbitrary code execution. Linux x86/x86_64 wasn’t the only one affected but also the BSDs and Solaris. Those unfamiliar with it or wanting to refresh your memory of it can do so via this Qualys blog post with the firm having discovered this vulnerability.

        • pocl v1.4 released

          Please note that there’s an official pocl maintenance policy in place. This text describes the policy and how you can get your favourite project that uses OpenCL to remain regression free in the future pocl releases.

        • POCL 1.4 Released For Advancing OpenCL On CPUs – Now Supports LLVM 9.0

          Version 1.4 has been released of POCL, the “Portable Computing Language” implementation that allows for a portable OpenCL implementation to be executed on CPUs as well as optionally targeting other accelerators via HSA or even CUDA devices.

          POCL 1.4 brings support for LLVM Clang 9.0, with that open-source compiler stack doing a lot of POCL’s heavy lifting. Support meanwhile for pre-6.0 LLVM releases were removed. POCL 1.4 also adds support for building relocatable POCL binaries and improves SPIR/SPIR-V support for CPU devices.

        • Linux Fu: Python GUIs For Command Line Programs (Almost) Instantly

          Not every programmer likes creating GUI code. Most hacker types don’t mind a command line interface, but very few ordinary users appreciate them. However, if you write command line programs in Python, Gooey can help. By leveraging some Python features and a common Python idiom, you can convert a command line program into a GUI with very little effort.

          The idea is pretty simple. Nearly all command line Python programs use argparse to simplify picking options and arguments off the command line as well as providing some help. The Gooey decorator picks up all your options and arguments and creates a GUI for it. You can make it more complicated if you want to change specific things, but if you are happy with the defaults, there’s not much else to it.

          At first, this article might seem like a Python Fu and not a Linux Fu, since — at first — we are going to focus on Python. But just stand by and you’ll see how this can do a lot of things on many operating systems, including Linux.

        • Python 3.8.0

          Python 3.8.0 is the newest major release of the Python programming language, and it contains many new features and optimizations.

        • Cool New Features in Python 3.8

          The newest version of Python is released today! Python 3.8 has been available in beta versions since the summer, but on October 14th, 2019 the first official version is ready. Now, we can all start playing with the new features and benefit from the latest improvements.

          What does Python 3.8 bring to the table? The documentation gives a good overview of the new features. However, this article will go more in depth on some of the biggest changes, and show you how you can take advantage of Python 3.8.

      • Standards/Consortia
        • Making Movies Accessible for Everyone

          For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

  • Leftovers
    • Security (Confidentiality/Integrity/Availabilitiy)
      • Use sshuttle to build a poor man’s VPN

        Nowadays, business networks often use a VPN (virtual private network) for secure communications with workers. However, the protocols used can sometimes make performance slow. If you can reach reach a host on the remote network with SSH, you could set up port forwarding. But this can be painful, especially if you need to work with many hosts on that network. Enter sshuttle — which lets you set up a quick and dirty VPN with just SSH access. Read on for more information on how to use it.

        The sshuttle application was designed for exactly the kind of scenario described above. The only requirement on the remote side is that the host must have Python available. This is because sshuttle constructs and runs some Python source code to help transmit data.

        [...]

        Depending on the capabilities of your system and the remote system, you can use sshuttle for an IPv6 based VPN. You can also set up configuration files and integrate it with your system startup if desired. If you want to read even more about sshuttle and how it works, check out the official documentation.

      • Hardening Firefox against Injection Attacks

        Firefox not only renders web pages on the internet but also ships with a variety of built-in pages, commonly referred to as about:pages. Such about: pages provide an interface to reveal internal state of the browser. Most prominently, about:config, which exposes an API to inspect and update preferences and settings which allows Firefox users to tailor their Firefox instance to their specific needs.

        Since such about: pages are also implemented using HTML and JavaScript they are subject to the same security model as regular web pages and therefore not immune against code injection attacks. More figuratively, if an attacker manages to inject code into such an about: page, it potentially allows an attacker to execute the injected script code in the security context of the browser itself, hence allowing the attacker to perform arbitrary actions on the behalf of the user.

        To better protect our users and to add an additional layer of security to Firefox, we rewrote all inline event handlers and moved all inline JavaScript code to packaged files for all 45 about: pages. This allowed us to apply a strong Content Security Policy (CSP) such as ‘default-src chrome:’ which ensures that injected JavaScript code does not execute. Instead JavaScript code only executes when loaded from a packaged resource using the internal chrome: protocol. Not allowing any inline script in any of the about: pages limits the attack surface of arbitrary code execution and hence provides a strong first line of defense against code injection attacks.

      • IPFire on AWS: Update to IPFire 2.23 – Core Update 136

        Today, we have updated IPFire on AWS to IPFire 2.23 – Core Update 136 – the latest official release of IPFire.

        This update includes security fixes for OpenSSL and the Linux kernel, an updated Perl, and of course many other fixes throughout the whole system.

      • Pros and cons of event-driven security

        Great news, everyone! Forrester Research says that 95% of all recorded breaches in 2016 came from only three industries: government, technology, and retail. Everyone else is safe… ish, right?

        Hold on for a moment. Tech? Retail? What kind of industry diversification is this? We are, after all, living in 2019, where every business is a tech business. And all of us are continuously selling something, whether it’s an innovative product or an amazing service.

        So what the report should have said is that 95% of all recorded breaches came from attacks on 95% of all businesses both online and offline. And some of the attackers went for the .gov.

        More on the matter, 43% of attackers target small businesses—and that’s a lot considering that, on average, a hack attempt takes place every 39 seconds.

        To top things off, the average cost of a data breach in 2020 is expected to exceed $150 million. These stats sound a bit more terrifying out of context, but the threat is still very much real. Ouch.

      • XML External Entity (XXE) Example

        According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

        If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

      • Security updates for Monday

        Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).

    • Defence/Aggression
      • U.S. Begins Possible Full Withdrawal From Northern Syria

        The United States appears to be heading toward a full military withdrawal from Syria amid growing chaos, cries of betrayal and signs that Turkey’s invasion could fuel a broader war.

      • Retired Marine Gen. John Allen: ‘There is blood on Trump’s hands for abandoning our Kurdish allies’

        Gen. John Allen, the former commander of American forces in Afghanistan and former special presidential envoy for the Global Coalition to Counter ISIS under the Obama administration, told CNN the unfolding crisis in Syria was “completely foreseeable” and “the US greenlighted it.”

        “There was no chance (Turkish President Recep Tayyip Erdogan) Erdogan would keep his promise, and full blown ethnic cleansing is underway by Turkish supported militias,” he said. “This is what happens when Trump follows his instincts and because of his alignment with autocrats.”

      • Turkey-Syria offensive: Kurds reach deal with Syrian army

        The Turkish offensive and US withdrawal has drawn an international outcry, as the SDF were the main Western allies in the battle against IS in Syria.

        But Turkey views elements of the Kurdish groups within the force as terrorists and says it wants to drive them away from a “safe zone” reaching 30km into Syria.

        It also plans to resettle more than three million Syrian refugees currently in Turkey within the zone. Many of them are not Kurds. Critics have warned this could lead to ethnic cleansing of the local Kurdish population.

      • Barnaby Joyce joins calls to stop extradition of Assange to US

        Former deputy prime minister Barnaby Joyce has joined calls for the Morrison government to try to halt Julian Assange’s potential extradition from Britain to the United States on espionage charges, as the WikiLeaks founder’s supporters intensify their campaign to bring him to Australia.

        Mr Joyce joined former foreign minister Bob Carr in voicing concerns over US attempts to have the 48-year-old Australian stand trial in America, where he faces a sentence of 175 years if found guilty of computer fraud and obtaining and disclosing national defence information.

        [...]

        Mr Joyce, a former National Party leader and now a government backbencher, said his support for Assange should not be “taken as a character reference about him”.

        “I support the proper process of Australian law as applied to our citizens in our land in respect of our laws; it is the essence of sovereignty,” Mr Joyce told The Age and The Sydney Morning Herald.

    • Environment
      • Energy
        • California Blackouts Throw Spotlight on Disparity

          When the nation’s largest utility warned customers that it would cut power to nearly 2 million people across Northern California, many rushed out to buy portable generators, knowing the investment could help sustain them during blackouts.

    • AstroTurf/Lobbying/Politics
      • Warren Campaign Beats Facebook’s Shady Ad Policies at Their Own Game

        Presidential hopeful Sen. Elizabeth Warren this week targeted Facebook’s advertising policy—which allows politicians to circulate lies—with an ad of her own, which falsely claims that the company’s CEO Mark Zuckerberg endorsed President Donald Trump for re-election.

      • Hunter Biden to Resign From Chinese Board

        NEW YORK—Facing intense scrutiny from President Donald Trump and his Republican allies, Hunter Biden announced on Sunday that he will step down from the board of directors of a Chinese-backed private equity firm at the end of the month as part of a pledge not to work on behalf of any foreign-owned companies should his father win the presidency.

    • Censorship/Free Speech
    • Privacy/Surveillance
      • [Older] China’s New Cybersecurity Program: NO Place to Hide

        This system will apply to foreign owned companies in China on the same basis as to all Chinese persons, entities or individuals. No information contained on any server located within China will be exempted from this full coverage program. No communication from or to China will be exempted. There will be no secrets. No VPNs. No private or encrypted messages. No anonymous online accounts. No trade secrets. No confidential data. Any and all data will be available and open to the Chinese government. Since the Chinese government is the shareholder in all SOEs and is now exercising de facto control over China’s major private companies as well, all of this information will then be available to those SOEs and Chinese companies. See e.g. China to place government officials inside 100 private companies, including Alibaba. All this information will be available to the Chinese military and military research institutes. The Chinese are being very clear that this is their plan.

      • Apple Safari browser sends some user IP addresses to Chinese conglomerate Tencent by default

        Apple admits that it sends some user IP addresses to Tencent in the “About Safari & Privacy” section of its Safari settings which can be accessed on an iOS device by opening the Settings app and then selecting “Safari > About Privacy & Security.” Under the title “Fraudulent Website Warning,” Apple says: [...]

      • Why You Shouldn’t Use Facebook

        These are in chronological order, starting with the earliest. So the whole thing should read like a nice, long privacy vortex timeline.

    • Freedom of Information / Freedom of the Press
    • Civil Rights/Policing
      • #MeToo Movement’s Second Anniversary

        The global #MeToo movement has sparked significant social, cultural, and legal change, but many challenges remain, Human Rights Watch said, on the eve of the second anniversary of the #MeToo hashtag going viral on social media.

      • Lawyer for slain woman’s family says Fort Worth police should not be investigating themselves

        Atatiana Koquice Jefferson, 28, was killed around 2:30 a.m. Saturday after a neighbor called dispatchers to report the woman’s front door was open, police said.

        James Smith, Jefferson’s neighbor, told the Fort Worth Star-Telegram he called a non-emergency police number when he saw her doors open and lights on in the early morning hours. Officers arrived and parked near but not in front of the residence, police spokesman Lt. Brandon O’Neil said Sunday at a news conference.

        The officers were searching the perimeter of the woman’s home when they saw a person standing inside near a window and one of them opened fire, killing her, police said.

      • The False Balance Between Fascists and Antifascists

        Right-wing terror is a feature of daily life in present-day America. Ostensibly spontaneous violence incubates in the same ideological ecosystem as organized reactionary political associations.

    • Monopolies

This Week Techrights Crosses 26,000 Posts Milestone, 3 Weeks Before Turning 13 (2,000+ Posts/Year)

Monday 14th of October 2019 09:44:18 AM

Time for another meme

Summary: A self-congratulatory post about another year that’s passed (without breaks from publishing) and another milestone associated with posting volume

THANKS to some help maintaining and running the site we believe it should be possible to increase productivity and take pace of publication up another notch. We expected to reach the 26,000 threshold (or milestone) some time next month, but we’re about to cross it before this week’s end. This certainly means that we’ve accelerated somewhat in recent weeks/months.

26,000 isn’t a particularly pretty number and 13 isn’t a special number/age except in one religion, so we probably won’t be preparing a cake or anything like that. Instead all effort/resources will go into more research, fact-checking and publication.

More in Tux Machines

Google: Replacing Google Chrome, AMP and Titan Security Keys

  • The top 5 alternatives to Google Chrome

    Google Chrome is the most popular web browser on the market. It provides a user-friendly, easy-to-use interface, with a simple appearance featuring a combined address and search bar with a small space for extensions. Chrome also offers excellent interconnectivity on different devices and easy syncing that means that once a user installs the browser on different devices, all their settings, bookmarks and search history come along with it. Virtually all a user does on Google chrome is backed up to Google Cloud. Chrome also offers easy connectivity to other Google products, such as Docs, Drive, and YouTube via an “Apps” menu on the bookmarks bar, located just below the address/search bar. Google Translate, one of the best translation applications currently available on the internet, is also included.

  • Google unplugs AMP, hooks it into OpenJS Foundation after critics turn up the volume [Ed: Microsoft Tim on Google passing a bunch of EEE to a foundation headed by a Microsoft ‘mole’, 'open'JS ]

    AMP – which originally stood for Accelerated Mobile Pages though not any more – was launched in 2015, ostensibly to speed up page loading on smartphones. The technology includes AMP HTML, which is a set of performance-optimized web components, and the AMP Cache, which serves validated AMP pages. Most AMP pages are served by Google’s AMP Cache.

  • Google USB-C Titan Security Keys Begin Shipping Tomorrow

    Google announced their new USB-C Titan Security Key will begin shipping tomorrow for offering two-factor authentication support with not only Android devices but all the major operating systems as well. The USB-C Titan Security Key is being manufactured by well known 2FA key provider Yubico. This new security key is using the same chip and firmware currently used by Google's existing USB-A/NFC and Bluetooth/NFC/USB Titan Security Key models.

Manjaro | Review from an openSUSE User

There are many flavors of Linux, we call them distributions but in a way, I think “flavor” is a good word for it as some some are a sweet and delightful experience while with others a lingering, foul taste remains. Manjaro has not left a foul taste in any way. In full disclosure, I am not a fan of Arch based Linux distributions. I appreciate the idea of this one-step-removed Gentoo and for those that really like to get into the nitty-gritty bits Arch is good for that. My problem with Arch is the lack of quality assurance. The official repository on Arch Wiki describes the process of how core packages need to be signed off by developers before they are allowed to move from staging into the official repositories. With the rate at which packages come in, it is almost an impossibility that through manual testing software will continue to work well with other software as some dependencies may change. Admittedly, I don’t use it daily, outside of VMs for testing nor do I have a lot of software installed so this is not going to be a problem I am likely to experience. Manjaro, from my less than professional opinion, is a slightly slower rolling Arch that seems to do more testing and the process, from what I understand, is similar. Developers have to approve the packages before they are moved into the official repositories. I also understand that there isn’t any automated QA to perform any testing so this is all reliant on user or community testing, which, seemingly, Manjaro is doing a good job of it. My dance with Manjaro is as part of a BigDaddyLinuxLive Community challenge, to give it a fair shake and share your experience. This is my review of Manjaro with the Plasma Desktop. Bottom Line Up Front, this is quite possibly the safest and most stable route if you like the Arch model. In the time I ran it, I didn’t have any issues with it. The default Plasma Desktop is quite nice, and the default themes are also top notch. The graphical package manager works fantastically well and you do have Snap support right out of the gate. It’s truly a great experience. Was it good enough to push me from my precious openSUSE? No, but it has made for a contender and something about which to think. Read more

Android Leftovers

Open source interior design with Sweet Home 3D

Historically, I practiced the little-known fourth principle: don't have furniture. However, since I became a remote worker, I've found that a home office needs conveniences like a desk and a chair, a bookshelf for reference books and tech manuals, and so on. Therefore, I have been formulating a plan to populate my living and working space with actual furniture, made of actual wood rather than milk crates (or glue and sawdust, for that matter), with an emphasis on plan. The last thing I want is to bring home a great find from a garage sale to discover that it doesn't fit through the door or that it's oversized compared to another item of furniture. Read more