Saturday, 20 October

12:49

Michal Čihař: Weblate 3.2.2 [Planet Debian]

Weblate 3.2.2 has been released today. It's a second bugfix release for 3.2 fixing several minor issues which appeared in the release.

Full list of changes:

  • Remove no longer needed Babel dependency.
  • Updated langauge definitions.
  • Improve documentation for addons, LDAP and Celery.
  • Fixed enabling new dos-eol and auto-java-messageformat flags.
  • Fixed running setup.py test from PyPI package.
  • Improved plurals handling.
  • Fixed translation upload API failure in some corner cases.
  • Fixed updating Git configuration in case it was changed manually.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

11:07

Steam Bans All Links to TorrentFreak News as “Potentially Malicious” [TorrentFreak]

Once upon a time, Internet users were free to look at whatever content they liked. There was an almost complete absence of intervention from third-parties, which was mostly a good thing.

However, after the number of Internet users rocketed, more threats began to emerge. Viruses and other types of malware became pervasive, aiming to abuse users’ computers in various ways, from creating botnets to simple vandalism.

As a result, the security market has boomed. Barely a week goes by without some website or piece of software triggering an alert on a machine protected by good anti-virus and anti-malware tools. They don’t always get it right but most interventions are welcomed when the intention is to keep us safe.

On top, however, Internet users are finding online resources censored. Nation states sometimes decide what citizens can and cannot read, while corporate firewall products and network routers often act as over-protective nannies, blocking content based on non-transparent, non-public rules.

Here at TorrentFreak we’re used to censorship. Every few months we’re contacted by readers trying to access our news articles on public WiFi, only to find that the site is blocked alongside various warnings, none of which are true. It’s almost as if the word ‘torrent’ in our URL has been blindly blacklisted for some reason.

Sadly, this week we’ve discovered that Steam, the popular digital game distribution and social networking platform, has jumped on the “let’s censor TorrentFreak” bandwaggon. A tip from a TF reader and Steam user highlighted the problems he’d experienced when trying to read TF articles via Steam’s chat interface.

“I don’t know if you’re already aware of this but the PC gaming software ‘Steam’ is flagging your website as ‘suspicious’ in its chat interface,” he explained.

As the first image below shows, Steam first flagged a link to an article we published this week detailing how Japan intends to crack down on sites that offer links to copyrighted content.

Suspicious news?

The small irony here is that the article details how Japan needs to bring in new and highly controversial laws to criminalize linking to copyrighted content, something which is currently legal in the country. Steam, however, is free to block links to our 100% legal copyrighted content on a whim, mark our platform as “suspicious”, while blocking users from reading our reports.

The second image below shows just how misguided Steam’s policy is. This week, TorrentFreak broke the news that cheat developers in Australia face home searches and asset freezing following legal action from GTA V developer Rockstar Games and parent company Take-Two Interactive.

It is an original article that covers an important and growing issue in the gaming sector that will hopefully prove of interest to gamers – the very people using Steam’s platform. However, Steam users are prevented from following links to the piece because someone or something at Steam has labeled our news site as “potentially malicious.”

GTA V news – censored

While these are just two examples, we could go on forever. As the large image below shows, Steam has banned our entire platform and put up a warning that’s not only completely false but also damaging to our reputation.

“https://torrentfreak.com has been flagged as being potentially malicious. For your safety, Steam will not open this URL in your web browser. The site could contain malicious content or be known for stealing user credentials,” the warning reads.

Stealing user credentials? Insulting and ridiculous

Of course, on its own platform Steam is fully entitled to block resources that it believes can harm its users. Some might even argue that it has a duty of care to do so, in order to keep its community safe. However, making blatantly false statements while blocking access to accurate news reporting shouldn’t ever be part of that.

Steam is no stranger to blocking links to sites in the file-sharing niche. Previously we’ve reported how it blocked links to KickassTorrents, The Pirate Bay, and MEGA.nz.

While the ban on MEGA was lifted shortly after our article was published back in April, the company appears to be out of favor with Steam once again. Tests show that Mega.nz links are completely banned by the gaming platform with a warning about malicious content and potential stealing of credentials. Meanwhile, known scam sites such as Demonoid.to are in the clear, according to Steam.

There is nothing malicious about our news resource and we’re really upset at the suggestion we might steal user credentials. We’d therefore be very grateful indeed if a Steam engineer could remove TorrentFreak.com from its blacklists, whenever he or she gets a couple of free minutes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

10:00

Triggers and cycles [Seth's Blog]

A trigger prompts a cycle. And a cycle might go on longer than it should.

The first spoonful of ice cream can trigger a cycle of binge eating that you regret later.

The silence of walking into an empty house might trigger you to turn on the TV, and that cycle of wasting time watching nothing that matters goes on all night.

The rush to get out the door leads to a cycle of rushing, which makes your commute a daredevil exercise, one that takes hours to recover from.

It’s really useful to see your cycles and to work to dampen them (it’s almost impossible to go cold turkey).

Even better is to find and eliminate the triggers. That’s surprisingly easy if you care enough. Quit Twitter. Empty your freezer. Wake up ten minutes earlier…

Make these decisions when you’re not in the middle of a cycle.

With the trigger gone, you might discover the cycles are gone too.

06:35

Steve Kemp: So I wrote a basic BASIC [Planet Debian]

So back in June I challenged myself to write a BASIC interpreter in a weekend. The next time I mentioned it was to admit defeat. I didn't really explain in any detail, because I thought I'd wait a few days and try again and I was distracted at the time I wrote my post.

As it happened that was over four months ago, so clearly it didn't work out. The reason for this was because I was getting too bogged down in the wrong kind of details. I'd got my heart set on doing this the "modern" way:

  • Write a lexer to spit the input into tokens
    • LINE-NUMBER:10, PRINT, "Hello, World"
  • Then I'd take those tokens and form an abstract syntax tree.
  • Finally I'd walk the tree evaluating as I went.

The problem is that almost immediately I ran into problems, my naive approach didn't have a good solution for identifying line-numbers. So I was too paralysed to proceed much further.

I sidestepped the initial problem and figured maybe I should just have a series of tokens, somehow, which would be keyed off line-number. Obviously when you're interpreting "traditional" BASIC you need to care about lines, and treat them as important because you need to handle fun-things like this:

10 PRINT "STEVE ROCKS"
20 GOTO 10

Anyway I'd parse each line, assuming only a single statement upon a line (ha!) you can divide it into:

  • Number - i.e. line-number.
  • Statement.
  • Newline to terminate.

Then you could have:

code{blah} ..
code[10] = "PRINT STEVE ROCKS"
code[20] = "GOTO 10"

Obviously you spot the problem there, if you think it through. Anyway. I've been thinking about it off and on since then, and the end result is that for the past two evenings I've been mostly writing a BASIC interpreter, in golang, in 20-30 minute chunks.

The way it works is as you'd expect (don't make me laugh ,bitterly):

  • Parse the input into tokens.
  • Store those as an array.
  • Interpet each token.
    • No AST
    • No complicated structures.
    • Your program is literally an array of tokens.

I cheated, horribly, in parsing line-numbers which turned out to be exactly the right thing to do. The output of my naive lexer was:

INT:10, PRINT, STRING:"Hello World", NEWLINE, INT:20, GOTO, INT:10

Guess what? If you (secretly) prefix a newline to the program you're given you can identify line-numbers just by keeping track of your previous token in the lexer. A line-number is any number that follows a newline. You don't even have to care if they sequential. (Hrm. Bug-report?)

Once you have an array of tokens it becomes almost insanely easy to process the stream and run your interpreter:

 program[] = { LINE_NUMBER:10, PRINT, "Hello", NEWLINE, LINE_NUMBER:20 ..}

 let offset := 0
 for( offset < len(program) ) {
    token = program[offset]

    if ( token == GOTO ) { handle_goto() ; }
    if ( token == PRINT ) { handle_print() ; }
    .. handlers for every other statement
    offset++
 }

Make offset a global. And suddenly GOTO 10 becomes:

  • Scan the array, again, looking for "LINE_NUMBER:10".
  • Set offset to that index.

Magically it all just works. Add a stack, and GOSUB/RETURN are handled with ease too by pushing/popping the offset to it.

In fact even the FOR-loop is handled in only a few lines of code - most of the magic happening in the handler for the "NEXT" statement (because that's the part that needs to decide if it needs to jump-back to the body of the loop, or continue running.

OK this is a basic-BASIC as it is missing primtives (CHR(), LEN,etc) and it only cares about integers. But the code is wonderfully simple to understand, and the test-case coverage is pretty high.

I'll leave with an example:

10 REM This is a program
00 REM
 01 REM This program should produce 126 * 126 * 10
 02 REM  = 158760
 03 REM
 05 GOSUB 100
 10 FOR i = 0 TO 126
 20  FOR j = 0 TO 126 STEP 1
 30   FOR k = 0 TO 10
 40    LET a = i * j * k
 50   NEXT k
 60  NEXT j
 70 NEXT i
 75 PRINT a, "\n"
 80 END
100 PRINT "Hello, I'm multiplying your integers"
110 RETURN

Loops indented for clarity. Tokens in upper-case only for retro-nostalgia.

Find it here, if you care:

I had fun. Worth it.

I even "wrote" a "game":

01:56

01:49

Quicklisp news: October 2018 Quicklisp dist update now available [Planet Lisp]

New projects:

  • arrows — Implements -> and ->> from Clojure, as well as several expansions on the idea. — CC0
  • authenticated-encryption — Authenticated-Encryption functions — MIT
  • base64 — Base64 encoding and decoding for Common Lisp. — Apache 2.0
  • black-tie — Noise library for Common Lisp. — BSD
  • cl-clblas — clBLAS binding — Apache License, Version 2.0
  • cl-dotenv — Utility library for loading .env files — MIT
  • cl-fuzz — A Fuzz Testing Framework — BSD-2
  • cl-las — Library to manipulate LAS files — ISC
  • cl-proj — CL-PROJ provides Proj.4 library bindings — BSD
  • cl-prolog2 — Common Interface to the ISO prolog implementations from Common Lisp — MIT
  • cover — Code coverage utility for Common Lisp — MIT
  • destructuring-bind-star — DESTRUCTURING-BIND with proper error signaling — MIT
  • everblocking-stream — A stream that always blocks and never has data available. — Public domain
  • heap — Binary Heap for Common Lisp. — Apache 2.0
  • huffman — Huffman encoding and decoding for Common Lisp. — Apache 2.0
  • lazy — Lazy forms for Common Lisp. — Apache 2.0
  • lorem-ipsum — Lorem ipsum generator in portable Common Lisp — MIT
  • parse — Parsing package for Common Lisp. — Apache 2.0
  • print-html — Simple html generator. — MIT License
  • protest — Common Lisp PROtocol and TESTcase Manager — LLGPL
  • re — Lua-style string pattern matching. — Apache 2.0
  • regular-type-expression — This project contains several Common Lisp packages — MIT
  • safe-read — A variant of READ secure against internbombing, excessive input and macro characters. — BSD 2-clause
  • safety-params — Filter parameters — BSD 2-Clause
  • sc-extensions — additional library collection for cl-collider — Public Domain / 0-clause MIT
  • sha1 — SHA1 Digest and HMAC for LispWorks. — Apache 2.0
  • sycamore — A fast, purely functional data structure library — BSD-3
  • targa — Targa Image Loading for Common Lisp. — Apache 2.0
  • trivial-cltl2 — Compatibility package exporting CLtL2 functionality — LLGPL
Updated projectsarray-utilsasdf-vizassoc-utilsbinary-iobit-smashercari3sceplcl+sslcl-anacl-cffi-gtkcl-collidercl-colors2cl-i18ncl-kanrencl-ledgercl-liballegrocl-mecabcl-mixedcl-neovimcl-notebookcl-patternscl-plumbingcl-portmanteaucl-postgres-plus-uuidcl-progress-barcl-pslibcl-pslib-barcodecl-pythoncl-rabbitcl-sdl2cl-sdl2-imagecl-sdl2-mixercl-sdl2-ttfclackcloser-mopclosure-commonclunit2clxcodexcolleencommonqtcroatoancxmlcxml-stpdataflydefinitionsdexadordjuladmldo-urlencodedufydynamic-mixinseasy-audioeclectorfemlispfunction-cachefxmlgamebox-mathgeowktgolden-utilsharmonyiclendarinquisitorintegralironcladlacklasslichat-tcp-serverlog4clmaidenmcclimmitomito-attachmentmywayninevehningleoverlordpango-markupparachuteparser.iniperlrepetalispplace-utilsplexippus-xpathplump-sexppostmodernpreplprint-licensesqlotqtoolsquriread-csvroves-dot2scalplselserapeumshadowshuffletronslysplit-sequencest-jsonstaplestmxstumpwmsxqltime-intervaltootertrace-dbtrack-besttriviatrivial-benchmarktrivial-garbagetrivial-gray-streamstrivial-indenttrivial-utilitiesubiquitousutmvarjovernacularwoowookie.

Removed projects: clot, clpmr, cobstor, html-sugar, ie3fp, manardb, metafs, mime4cl, net4cl, npg, ods4cl, plain-odbc, quid-pro-quo, sanitized-params, sclf, smtp4cl, tiff4cl.

The removed projects no longer work on SBCL.

To get this update, use (ql:update-dist "quicklisp"). Enjoy!

Friday, 19 October

23:56

News Post: PAX Aus 2018 Pinny Arcade Pin Quest! [Penny Arcade]

Tycho: The task has fallen to me yet again, as Mork is in a plane or something.  But I know my way around these now - I’ve developed techniques.  There’s some really fun inside jokes being made in pin form here, and I love it. PARTNER PINS Margarita and Popper Pins [Giant Margarita] There will be daily giveaways with our “Beat the Devs Challenge” from 1pm - 2pm and the pins will also be available for purchase at the Giant Margarita booth PR31. Pixel Pin [Checkpoint] Available for sale at the CheckPoint table in the Diversity Lounge or alongside becoming a CheckPoint…

23:07

View From a Hotel Window, 10/19/18: San Francisco [Whatever]

And look! A parking lot! That’s a first on this tour.

Tonight: Borderlands Books! Tonight! At six! Which is an hour earlier than the usual evening event. Plan now!

Tomorrow: Salt Lake City and an afternoon event at Weller Book Works! 2pm! Be there!

22:35

Friday Squid Blogging: Roasted Squid with Tomatillo Salsa [Schneier on Security]

Recipe and commentary.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

21:56

Operator of YouTube Rippers Should Stand Trial in the US, Major Labels Say [TorrentFreak]

Streamripping sites are seen as the largest piracy threat to the music industry, so record labels are doing their best to shut them down.

Last year YouTube-MP3, the world’s largest ripping site at the time, shut down after being sued, and several other folded in response to increased legal uncertainty.

Not all stream-ripping sites are folding without a fight though. FLVTO.biz and 2conv.com, owned by the Russian developer Tofig Kurbanov, remain online despite being sued by several record labels in August.

Two weeks ago, Kurbanov filed a motion to dismiss the case at the Federal Court in California. According to the defense, the court has no jurisdiction over the matter. Less than 6% of all visitors come from the US, and the site is managed entirely from Russia, it argued.

This week the RIAA labels, including Universal, Warner Bros, and Sony, responded to the motion to dismiss, clearly disagreeing with the defense. They argue that the operator of FLVTO.biz and 2conv.com downplays the connections to the US and Virginia.

In their memorandum, the record labels argue that both sites had millions of visitors from the United States over the past twelve months.

“[I]n the past year alone, Defendant’s websites had over 542,000 users from Virginia, who visited the sites more than 1.3 million times, and over 31 million users from the United States as a whole, who visited the sites more than 96 million times,” they write.

2conv.com

In addition, they point out that the sites have done business with U.S.-based web-hosting services, domain-name registrars, and advertising firms. Up until recently, some servers were even located in Virginia, the plaintiffs write.

These and other arguments are more than sufficient for the court to have jurisdiction over the case, the RIAA labels argue.

If a dismissal is not an option, the stream-ripper operator asked to transfer the case to a California court. Some of the parties are located there, while none are in Virginia, and it would be easier to access evidence.

However, the major record labels refute this argument as well.

“Wherever the case is held, there will be some burden associated with accessing evidence. But Defendant does not explain why it will be especially difficult to litigate this case in Virginia, or why transferring the case to the Central District of California will resolve those hypothetical problems,” they write.

It’s now up to the Virginia Federal Court to decide how to move forward. As noted by Digital Music News who covered the motion to dismiss, a hearing on the matter has been set for November 9th.

Thus far the case is only dealing with jurisdictional issues. If the case continues, the alleged copyright infringements or lack thereof, are expected to be argued in more detail.

Here are copies of Tobig Kurbanov’s motion to dismiss (pdf) and record labels’ response (pdf), both obtained by TorrentFreak.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

21:14

#NotAllPlaces [Scenes From A Multiverse]

Have you watched The Good Place? Me neither.

New t-shirts in the store! Check ’em out.

Google app suite costs as much as $40 per phone in the EU [OSNews]

After news earlier this week that Google was going to make sweeping changes to how it licenses Android within the European Union, The Verge now has the prices Google is going to charge.

EU countries are divided into three tiers, with the highest fees coming in the UK, Sweden, Germany, Norway, and the Netherlands. In those countries, a device with a pixel density higher than 500 ppi would have to pay a $40 fee to license Google's suite of apps, according to pricing documents. 400 to 500ppi devices would pay a $20 fee, while devices under 400 ppi would pay only $10. In some countries, for lower-end phones, the fee can be as little as $2.50 per device.

That's quite a bit more than I would've thought.

20:49

News Post: Paging Robert Frost [Penny Arcade]

Tycho: Gabe oscillates at two to three times my rate when it comes to a hunger for technological novelty.  I’m not without the hunger entirely, it’s just that I don’t…  Hm.  I don’t see it?  I can read a comic book without ever looking at the pictures.  It drives him nuts.  I don’t need them, though, and they’re not why I was reading it.  It’s like this with tech also: I have a purpose, and the device enables the purpose, but the middle section is like the second step of a sequence that culminates in Profit.  There…

20:28

High-res graphics on a text-only TRS-80 [OSNews]

From the Byte Cellar:

What inspired me to pull the Model 4 down off the shelf were a number of tweets from telnet BBS pals showing the system being put to great use logged into various systems across the web. Some of the screenshots showed the machine rendering ANSI "graphics" onscreen and I looked into it. As I suspected, the stock Model 4 is not capable of taking on a custom character set such as is needed by ANSI emulation, and I discovered the system had been equipped with a graphics board and the ANSI-supporting terminal program, ANSITerm, was rendering "text" to a graphics display; the character set was basically a software font. And I just had to go there.

Tim Cook demands Bloomberg retracts spy chips story [OSNews]

Apple CEO Tim Cook, in an interview with BuzzFeed News, went on the record for the first time to deny allegations that his company was the victim of a hardware-based attack carried out by the Chinese government. And, in an unprecedented move for the company, he called for a retraction of the story that made this claim.

I have zero reason to believe anything Apple or Tim Cook says on this matter. Apple is utterly and wholly dependent on the Chinese government, and assuming the Bloomberg story is 100% accurate, I doubt Tim Cook would openly side with Bloomberg and thus openly attack the Chinese government. Xi Jinping can literally make or break Apple - the American company cannot build its iPhones anywhere else, as not only would it take an utterly massive hit in its margins, it would take years - possibly even decades - to train the amount of staff needed to build that many iPhones. Apple simply has no choice but to bend over backwards for the Chinese government, which is why Apple readily hands over all of its Chinese customers' data to the Chinese government.

That being said, this doesn't automatically mean the Bloomberg story is 100% accurate. I don't believe in crazy conspiracy theories - conspiracy theories are dumb - about coordinated leaks by the Trump administration to discourage American companies from building their products in China. The Trump administration is wholly and utterly inept at doing anything and is held together only by a common desire to oppress women and minorities and sack America before the curtain falls, so I doubt they could even arrange a single secret meeting with Bloomberg journalists without Trump incoherently tweeting about it or somebody resigning over it.

The truth probably lies somewhere in the middle, and only time will tell where, exactly, that middle lies.

19:42

Arcan versus Xorg: approaching feature parity [OSNews]

Arcan is a display server++ project that has been mentioned on OSNews a few times before. Arcan's developers recently posted an in-depth comparison of Arcan to Xorg - claiming to soon be not only at feature parity but beyond it.

It is worthwhile to stress that this project in no way attempts to 'replace' Xorg in the sense that you can expect to transfer your individual workflow and mental model of how system graphics works without any kind of friction or effort. That said, it has also been an unspoken goal to make sure that everything that can be done in an Xorg environment should be possible here - in general there is nothing wrong with the feature set in X (though a bit limited), it is the nitty gritty details of how these features work, are implemented and interact that has not really kept up with the times or been modelled in a coherent way. Thus, it is a decent requirement specification to start with - just be careful with the implementation and much more can be had to a fraction of the code size.

A fascinating read if you are familiar with some of the technical difficulties here.

19:35

Quick First Impressions of the Pixel 3 [Whatever]

My phone died on me the other day, which was no good, but it gave me the excuse I needed to get a Pixel 3, which I wanted anyway. So while the phone death was inconvenient, happening as it did on the first day of my book tour, I was also not entirely displeased. This is what happens when you’re a tech geek: “My phone exploded! Oh boy, new toys!”

The primary reason I wanted the Pixel 3 was that its camera is supposed to be even better than the one on the Pixel 2, which was far and away the best phone camera out there, thanks to Google’s devotion to “computational photography,” in which the physical aspects of the camera take a backseat to how Google manipulates the information that comes in. The Pixel 3 does more of the same.

And does it work? I’ve taken a few pictures now and it seems to me that indeed the photo quality has improved a bit. I was in a Mexican-themed bar last night and took several pictures in low light, and they all came out pretty impressively (for example, the one above, which is as shot, right out of the phone). Other folks were hauling out their phones and taking comparison shots, and were agreeing the Pixel 3’s photos just looked better.

I also tested the portrait mode, which computationally blurs the background, and it seems to do a pretty good job, although it can still find things like clothes edges and eyeglass frames and arms a bit of a challenge. Nevertheless the blur looks natural, and also you now have a slider, so you can have more or less of it. Here’s what it looks like behind my friend Jon Shestack (I turned this one black and white):

There are some new features of the camera (like “Top Shot,” which helps you pick the best shot of the thing you were taking a picture of), mostly because I just got the phone and haven’t had time to run it through all the paces. But for straight-ahead photo shooting, it really does look like it’s better than the Pixel 2, which was already great.

Is it so much better that someone who owns a Pixel 2 (or other high-end smartphone) should rush out to get it? Probably not? Most flagship phones at this point take generally excellent photos, and for Pixel 2 owners, some of the new tricks are going to be ported into that phone as well. So you’ll probably be fine! That said, I’m glad I have a Pixel 3, because I really like taking photos, and it does an excellent job. And if you have a phone a couple of generations back and are looking to upgrade, with an eye toward picture taking, I definitely can recommend.

Otherwise so far it’s a perfectly good phone. I got the smaller one, which has the same physical form factor of the Pixel 2, although a bigger (and taller screen). It looks great and works fine so far. I’m sure I’ll have more to say later. But: So far, so good.

18:28

Page 47 [Flipside]

Page 47 is done.

17:42

Today in GPF History for Friday, October 19, 2018 [General Protection Fault: The Comic Strip]

Nick and Trudy's escape from Lakatos leaves them injured and vulnerable...

17:28

RIP, Little Free Library founder Todd H. Bol [Cory Doctorow – Boing Boing]

Todd Bol died yesterday of fast-moving cancer at the age of 62, less than a month after receiving his diagnosis; he was the founder of the wildly successful Little Free Library movement (previously).

Bol insisted that Little Free Libraries should be a nonprofit venture in order to "protect the mission" from pressure by investors. I have one of Bol's libraries on my own front lawn. Bol was inspired to start Little Free Library when he read Martin Luther King's answer to the question, "What would you do if you knew you were going to die tomorrow?" I would plant an apple tree.

But more and more, Bol sees the libraries as hubs, nudges, fulcrums. Books to get people reading — but also talking, listening, transforming. Little Free Library now works with law enforcement, turning police cruisers into bookmobiles. It launched Action Book Club last year, which encourages members to read books on timely topics, then do service projects together. The organization is also talking tutoring these days, because why not?

“Wouldn’t it be cool if every Little Free Library could connect you with tutoring?” Bol said, his eyes wide behind horn-rimmed glasses. “There are so many different ways of using Little Free Libraries as a spark within the community.”

Those big goals explain why Bol founded Little Free Library as a nonprofit in 2012, said his brother Tony Bol. After working with Little Free Library for five years, Tony is stepping into Todd’s speaking and public relations roles. “Everyone was trying to talk him into being a for-profit company,” Tony said, which would have allowed more flexibility and less accountability. But more than a decade ago, Todd was bounced from a company he founded to fix the nursing shortage, so he was wary of investors shifting an organization’s direction.

After terminal cancer diagnosis, Little Free Library founder feels like 'most successful person I know' [Jenna Ross/Star Tribune]

(via Metafilter)

(Image: John Phelan, CC-BY-SA)

Kickstarting the Makerphone: an open-source hardware phone kit, programmable with python and Scratch [Cory Doctorow – Boing Boing]

Circuitmess's fully funded Makerphone kickstarter is raising money to produce open source hardware smartphone kits to teach kids (and grownups) everything from soldering to programming.

The Makerphone is a pretty sweet-looking gadget, and it comes ready to be programmed with Scratch and python, providing a good progression from a fully graphic programming environment to a command-line language that's still beginner-friendly.

$94 gets you a kit and the tools to assemble it; $99 gets you an assembled phone. The project's runners have previously delivered on kickstarted open source hardware kits, which bodes well for getting something for your money.

We’ve learned A LOT from manufacturing and shipping over 6000 MAKERbuino kits in the past year and here’s a short list of most notable changes and improvements that we’ve implemented in MAKERphone:

* A color screen

* Better microcontroller with our custom software

* Python programming language compatibility

* Scratch programming language compatibility

* Dedicated DAC and electronic volume controller for sound regulation and mp3 playback

* 8 individually programmable RGB LEDs for a lightshow in your palms

* Better PCB architecture for easier soldering

* New prettier box with a black touchy cut-out sponge (IMPORTANT!)

* The thing can now make calls, has a SIM card, and built-in Wi-Fi, Bluetooth

* RTC (real time clock) - MAKERphone now keeps time and wakes you up!

Makerphone [Circuitmess/Kickstarter]

17:21

Robert McQueen: GNOME Foundation Hackfest 2018 [Planet Debian]

This week, the GNOME Foundation Board of Directors met at the Collabora office in Cambridge, UK, for the second annual Foundation Hackfest. We were also joined by the Executive Director, Neil McGovern, and Director of Operations, Rosanna Yuen. This event was started by last year’s board and is a great opportunity for the newly-elected board to set out goals for the coming year and get some uninterrupted hacking done on policies, documents, etc. While it’s fresh in our mind, we wanted to tell you about some of the things we have been working on this week and what the community can hope to see in the coming months.

Wednesday: Goals

On Wednesday we set out to define the overall goals of the Foundation, so we could focus our activities for the coming years, ensuring that we were working on the right priorities. Neil helped to facilitate the discussion using the Charting Impact process. With that input, we went back to the purpose of the Foundation and mapped that to ten and five year goals, making sure that our current strategies and activities would be consistent with reaching those end points. This is turning out to be a very detailed and time-consuming process. We have made a great start, and hope to have something we can share for comments and input soon. The high level 10-year goals we identified boiled down to:

  • Sustainable project and foundation
  • Wider awareness and mindshare – being a thought leader
  • Increased user base

As we looked at the charter and bylaws, we identified a long-standing issue which we need to solve — there is currently no formal process to cover the “scope” of the Foundation in terms of which software we support with our resources. There is the release team, but that is only a subset of the software we support. We have some examples such as GIMP which “have always been here”, but at present there is no clear process to apply or be included in the Foundation. We need a clear list of projects that use resources such as CI, or have the right to use the GNOME trademark for the project. We have a couple of similar proposals from Allan Day and Carlos Soriano for how we could define and approve projects, and we are planning to work with them over the next couple of weeks to make one proposal for the board to review.

Thursday: Budget forecast

We started the second day with a review of the proposed forecast from Neil and Rosanna, because the Foundation’s financial year starts in October. We have policies in place to allow staff and committees to spend money against their budget without further approval being needed, which means that with no approved budget, it’s very hard for the Foundation to spend any money. The proposed budget was based off the previous year’s actual figures, with changes to reflect the increased staff headcount, increased spend on CI, increased staff travel costs, etc, and ensure after the year’s spending, we follow the reserves policy to keep enough cash to pay the foundation staff for a further year. We’re planning to go back and adjust a few things (internships, marketing, travel, etc) to make sure that we have the right resources for the goals we identified.

We had some “hacking time” in smaller groups to re-visit and clarify various policies, such as the conference and hackfest proposal/approval process, travel sponsorship process and look at ways to support internationalization (particularly to indigenous languages).

Friday: Foundation Planning

The Board started Friday with a board-only (no staff) meeting to make sure we were aligned on the goals that we were setting for the Executive Director during the coming year, informed by the Foundation goals we worked on earlier in the week. To avoid the “seven bosses” problem, there is one board member (myself) responsible for managing the ED’s priorities and performance. It’s important that I take advantage of the opportunity of the face to face meeting to check in with the Board about their feedback for the ED and things I should work together with Neil on over the coming months.

We also discussed a related topic, which is the length of the term that directors serve on the Foundation Board. With 7 staff members, the Foundation needs consistent goals and management from one year to the next, and the time demands on board members should be reduced from previous periods where the Foundation hasn’t had an Executive Director. We want to make sure that our “ten year goals” don’t change every year and undermine the strategies that we put in place and spend the Foundation resources on. We’re planning to change the Board election process so that each director has a two year term, so half of the board will be re-elected each year. This also prevents the situation where the majority of the Board is changed at the same election, losing continuity and institutional knowledge, and taking months for people to get back up to speed.

We finished the day with a formal board meeting to approve the budget, more hack time on various policies (and this blog!). Thanks to Collabora for use of their office space, food, and snacks – and thanks to my fellow Board members and the Foundation’s wonderful and growing staff team

16:56

Comic: Paging Robert Frost [Penny Arcade]

New Comic: Paging Robert Frost

16:42

Portals of London: urban exploration to discover gateways to alternative universe [Cory Doctorow – Boing Boing]

Salim Fadhley writes, "Portals of London, an urban exploration blog, presents an alternative geography of London. It's a catalog of the weird, decrepit and slightly crumpled - things the author posits might plausibly be portals to alternative universes, but then again might not."

A bot has been finding bugs and submitting patches for them, successfully masquerading as a human [Cory Doctorow – Boing Boing]

Repairnator is a bot that identifies bugs in open source software integration and creates patches without human intervention, submitting them to the open source project's maintainers under an assumed human identity; it has succeeded in having five of its patches accepted so far.

Repairnator's creator, Martin Monperrus, has found that human software maintainers have a bias against accepting patches generated by bots, but will willingly accept the same code if its author is identified as another human.

To demonstrate that program repair is human-competitive, a program repair bot has to find a high-quality patch before a human does so. In this context, a patch can be considered to be human-competitive if it satisfies the two conditions of timeliness and quality. Timeliness refers to the fact that the system must find a patch before the human developer. In other words, the prototype system must produce patches in the order of magnitude of minutes, not days. Also, the patch generated by the bot must be correct-enough, of similar quality — correct and readable — compared to a patch written by a human. Note that there are patches that look correct from the bot’s point of view, yet that are incorrect (this is known as overfitting patches in the literature [6, 3]). Those patches are arguably not human-competitive, because humans would never accept them in their code base.

Consequently, for a patch to be human-competitive 1) the bot has to synthesize the patch faster than the human developer 2) the patch has to be judged good-enough by the human developer and permanently merged in the code base.

There is one more aspect to consider. It has been shown that human engineers do not accept contributions from bots as easily as contributions from other humans, even if they are strictly identical [5]. The reason is that humans tend to have a priori biases against machines, and are more tolerant to errors if the contribution comes from a human peer. In the context of program repair, this means that developers may put the bar higher on the quality of the patch, if they know that the patch comes from a bot. This would impede our quest for a human-competitiveness proof in the context of program repair.

Human-competitive Patches in Automatic Program Repair with Repairnator [Martin Monperrus/Medium]

(via Four Short Links)

Apple's new parental control: Daily Stormer is in, sex-ed is out [Cory Doctorow – Boing Boing]

The new parental controls in Ios 12 have all the same problems that all parental controls have: they overblock legit material (with a bias for sex-ed, especially sex-ed targeted at girls and queer kids, including Teen Vogue) and underblock all kinds of other material (neo-Nazi publications like The Daily Stormer and Reddit's pornographic /r/Gonewild are not blocked).

The parental controls are a perfect storm of badness: kids whose parents are sexphobic or homophobic don't get to see the sex-positive sites that might help them navigate their own sexuality (but they do get to see misogynistic pornography); parents who trust the filters to keep their kids safe from violent, racist propaganda discover the hard way that the filters aren't working as advertised.

The filter in question “limits adult websites” on Safari. When Motherboard tested this filter, we found several similarly blocked searches and websites: The searches “how to say no to sex,” “sex assault hotline,” and “sex education” were all restricted, but the results for the searches “how to poison my mom,” “how to join isis,” and “how to make a bomb” were allowed. 4chan and 8chan are blocked, but Reddit—including many NSFW and porn-focused subreddits, are not. The subreddit r/gonewild, which is pornographic, is not caught by the filter, which even allows users to click through Reddit’s own age-gating.

“Where does this leave kids? Incredibly vulnerable,” Andrea Barrica, founder of O.school, wrote on the site’s blog about this issue. “Not only can’t they access medically accurate information about sexual development and sexuality, or find out how to report abuse, they are told that such information is dangerous. Meanwhile, it provides them access to the most virulent, inaccurate sex and gender information on the web.”

Barrica also pointed out in her article that what's restricted is sometimes based on how the search is gendered: "how do I jerk off" shows search results, but "what is a vibrator" is blocked.

The iPhone’s New Parental Controls Block Searches for Sex Ed, Allow Violence and Racism [Samantha Cole/Motherboard]

15:56

OpenSSH 7.9 released [LWN.net]

The OpenSSH 7.9 release is out. It (finally) allows the use of symbolic service names rather than port numbers, adds support for sending signals over the SSH protocol, bans the use of DSA keys for certificate authorities, and more.

15:49

Michal Čihař: translation-finder 0.1 [Planet Debian]

Setting up translation components in Weblate can be tricky in some cases, especially if you lack knowledge of the translation format you are using. Also this is something we wanted to automate from the very beginning, but there were always more pressing things to implement. But now the time is coming as I've just made first beta release of translation-finder, tool to help with this.

The translation-finder will look at filesystem (eg. checked out repository) and tries to find translatable files. So far the heuristics is pretty simple, but still it detects just fine most of the projects currently hosted on our hosted localization platform. Still if you find issue with that, you're welcome to provide feedback in our issue tracker.

The integration into Weblate will come in next weeks and will be able to enjoy this new feature in the 3.3 release.

Filed under: Debian English SUSE Weblate

File-extending writes are not always synchronous, which is entirely within the contract [The Old New Thing]

I noted some time ago that the current implementation of NTFS forces certain kinds of writes to be synchronous, even when issued asynchronously. Note that this is an implementation decision which is not contractual. Formally, the rule is that any asynchronous operation is permitted (but not required) to complete synchronously.

Malcolm Smith points out that the ReFS file system does not force extending writes to be synchronous. Specifically, ReFS version 1 (Windows 8.1, Windows Server 2012 R2) allowed cached writes to the end of a file to complete asynchronously, and ReFS version 2 (Windows 10 version 1607, Windows Server 2016) maintains validity on a per-range basis, so the need to zero out huge chunks of a file disappears completely.

15:42

Pirate Bay Founder’s ‘Njalla’ Criticized For Protecting Pirate Sites [TorrentFreak]

After many years of targeting people who share larger volumes of content on peer-to-peer file-sharing apps and services, Japan is now taking aim at pirate sites.

In basic terms, rightsholders would like to see overseas pirate sites blocked by local ISPs, in much the same way as they are in dozens of countries elsewhere in the world. However, the process is proving a difficult one to move forward, as interference with communications is viewed by many as an invasion of users’ browsing privacy.

The Japanese Government is currently attempting a review on piracy measures for the Internet and has requested input from rightsholders and other interested parties. That’s resulted in a submission from CODA (Content Overseas Distribution Association), an anti-piracy coalition featuring major video, publishing, and software organizations.

“Infringement of rights occurs across national boundaries due to the development of the Internet, and the identification of infringers is extremely difficult. The response to this is extremely difficult and we believe that there are limits under the existing laws of Japan, and new initiatives are necessary,” CODA writes in a submission seen by TF.

Noting that criminal complaints and other measures against several targeted ‘pirate’ have proven ineffective, CODA says it is being hindered by online services that help to keep operators anonymous.

So-called “bulletproof” hosters that ignore copyright law are highlighted first. These providers have policies in place to protect their customers, often ignoring takedown notices filed under the DMCA while hiding identities of site operators. Bulletproof hosters were described as an emerging threat by the RIAA recently.

CODA also complains about domain privacy services which allow domain registrants to hide their identities from prying eyes. One such service, Njalla, which was launched by Pirate Bay co-founder Peter Sunde last year, is singled out for criticism.

“[S]ervices such as offshore hosting / bulletproof hosting that ignore the DMCA and domain registry services selling complete anonymity are rampant. It is now clear that [pirate site] ‘Mangamura’ was also using Njalla,” CODA adds.

Mangamura was a huge pirate manga site that apparently shut itself down last April. In the last few months of its life alone, the site was accessed well over half a billion times. This led to Toyko-based Kodansha, Japan’s largest publisher, to file a criminal complaint against the platform. CODA estimates that Mangamura caused losses amounting to US$2.9 billion.

Given the specific mention in the submission, it seems likely that Mangamura’s use of Njalla caused problems for rightsholders and/or investigators. Njalla helps to keep the registration details of domain names private by registering domains in its own name (holding company 1337 Services LLC), not the customer’s, meaning that the owner of Mangamura should be harder to trace.

Mangamura.org Njalla WHOIS

An agreement allows the customer to use Njalla-registered domains however they like (as long as it doesn’t hurt someone’s “health or safety”) and they are able to take domains back or transfer them at any time. In the meantime, they are shielded from third-parties discovering who is really behind their domains.

TorrentFreak asked Njalla whether they’ve ever had any complaints about Mangamura’s registration but at the time of publication, the service was yet to respond. However, one only has to read a sample of the company’s interactions with content company lawyers to see how it sometimes responds.

In the meantime, CODA continues to push its case to introduce blocking mechanisms in Japan. This wouldn’t solve the anonymity problem posed by bulletproof hosters and services like Njalla, but having ‘pirate’ sites rendered inaccessible in the country would certainly help.

That being said, things are not going smoothly.

According to a report published by Mainichi, a panel of government experts has been unable to compile an interim report on measures against pirate sites due to disagreements over the suitability of site blocking.

While rightsholders believe the practice should be implemented as soon as possible, there are serious concerns that blocking violates the country’s constitution.

“There are strong misgivings among many of the panel members who specialize in law that blocking is unconstitutional, and it’s unacceptable,” said Ryoji Mori, a lawyer on the panel.

On Wednesday, nine panel members opposed to blocking issued a statement, insisting that legislation “should be deferred and cooperation sought with the private sector to advance measures other than blocking.”

Those measures are said to include restriction of advertising on ‘pirate’ sites to hit revenues, plus further cooperation between content creators and the telecoms industry. Several ISPs in Japan currently block several ‘pirate’ sites voluntarily.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

15:21

Link [Scripting News]

Yesterday was BloggerCon day on Scripting News.

Link [Scripting News]

One additional release. Here's a zip archive of the static bloggercon website. Who knows what gems lie within. Now it's preserved for perpetuity, hopefully. 💥

15:14

Security updates for Friday [LWN.net]

Security updates have been issued by Debian (drupal7 and libssh), openSUSE (binutils, ImageMagick, and java-11-openjdk), Oracle (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk), and SUSE (apache2, bash, binutils, clamav, curl, dovecot22, firefox, ghostscript, git, glibc, gnutls, gpg2, icu, java-1_7_0-openjdk, java-1_7_1-ibm, java-1_8_0-ibm, java-1_8_0-openjdk, kernel, kernel-firmware, libvirt, libzypp, zypper, mariadb, nagios, ntp, openslp, openssh, openssl, perl, postgresql10, qemu, qpdf, samba, shadow, smt, yast2-smt, ucode-intel, wireshark, xen, yast2-smt, and zziplib).

14:28

Robin "Sourdough" Sloan is using a machine-learning autocomplete system to write his next novel [Cory Doctorow – Boing Boing]

Robin Sloan is a programmer and novelist whose books like Sourdough and Mr Penumbra's 24-Hour Bookstore are rich and evocative blends of self-aware nerdy playfulness and magical speculation.

Earlier this year, Sloan published some preliminary information on a machine learning system for writing prose that he was noodling around with.

Since then, the system has expanded and he is now using it to generate prompts as he writes his next novel, invoking it midsentence to get suggestions for completing the thought.

The system was trained on an exotic corpus of old Wired articles, the Internet Archive's storehouse of old short stories from If and Galaxy, novels by "John Steinbeck, Dashiell Hammett, Joan Didion and Philip K. Dick," the poetry of Johnny Cash, oral histories of Silicon Valley, and, of course, "the California Department of Fish and Wildlife’s Fish Bulletin."

Sloan invokes the ML system's predictions to get strange, oracular autocompletes for his prose, like "The slow-sweeping tug moved across the emerald harbor."

It's reminiscent of my favorite sly joke from Orwell: Julia was twenty-six years old... and she worked, as he had guessed, on the novel-writing machines in the Fiction Department. She enjoyed her work, which consisted chiefly in running and servicing a powerful but tricky electric motor... She could describe the whole process of composing a novel, from the general directive issued by the Planning Committee down to the final touching-up by the Rewrite Squad. But she was not interested in the final product. She "didn't much care for reading," she said. Books were just a commodity that had to be produced, like jam or bootlaces.

Mr. Sloan has finished his paragraph:

“The bison were lined up fifty miles long, not in the cool sunlight, gathered around the canyon by the bare sky. They had been traveling for two years, back and forth between the main range of the city. They ring the outermost suburbs, grunting and muttering, and are briefly an annoyance, before returning to the beginning again, a loop that had been destroyed and was now reconstituted.”

“I like it, but it’s still primitive,” the writer said. “What’s coming next is going to make this look like crystal radio kits from a century ago.”

Computer Stories: A.I. Is Beginning to Assist Novelists [David Streitfeld/New York Times]

(via Kottke)

An interactive map of China's wildcat strikes [Cory Doctorow – Boing Boing]

China's move into a "mixed economy" has created a wealth inequality crisis to rival any nation's; wildcat workers' strikes (aided by Young Communist movements) have become increasingly common, though they are not often reported in the news (it helps that Chinese state media and the country's official censors suppress these reports).

The Hong Kong-based China Labor Bulletin maintains a map of all these strikes, which you can drill down into for news and other detail. As Naked Capitalism notes, it's instructional to view the map as a time-series by filtering it by year; looking at the rise and rise of strikes from 2011 to 2018 paints a picture of a country in real upheaval.

You can also export the data from the map in a structured format, which should be very useful for a certain kind of scholar or activist.

13:42

California tenants receive rent-hike threats that will only be rescinded if rent-control initiative fails [Cory Doctorow – Boing Boing]

Tenants in California have received threatening letters from their landlords promising massive rent hikes if Proposition 10 (previously), which restores rent control, passes.

It's part of a national, lavishly financed attack on pro-tenancy measures, which has coincided with the entry of large private equity firms into the rental property market, skyrocketing rents and evictions, and a calamitous decline in the safety and quality of rental housing.

In Boston, landlord lobbyists killed a modest measure that would produce public statistics on evictions and educate tenants about their rights in law. Oregon has a new super PAC that is pre-emptively campaigning against any future rent control measures; New York City's bid to freeze rent on rent-stabilized apartments was killed by a seven-figure lobbying campaign.

Paid California signature-gatherers have been caught lying to people they approach, telling them that a pro-rent-control measure was anti-rent-control.

Opponents of rent control often cite a Stanford business-school study that purported to show that rent control has the opposite of the intended effect, but that study has deep flaws, and also shows that rent control prevents evictions of existing tenants, especially people on fixed incomes and families struggling to get by.

These efforts are part of a massive attack corporate landlords have been waging on rent control across the state. And though they claim to be speaking for the mom-and-pop landlords of California, the leaders of this campaign are some of the largest property owners in the country. Blackstone, the world’s largest real estate management firm, has spent nearly $7 million to defeat Prop 10. Other top donors include Equity Residential, the third-largest apartment owner in the country, and AvalonBay Communities, the twelfth-largest property owner. These mostly Wall Street–based moguls have pooled as much as $60 million (with as much as $2 million raised in the last week alone) primarily to fund an enormous advertising blitz, eclipsing the $22 million raised by the coalition of over 150 housing advocacy, community, political, and faith-based organizations that, along with the California Democratic Party, has rallied around the ballot initiative.

If Proposition 10 passes, it would be not only the most significant attempt to roll back state limitations on rent control, but also the greatest success to date of the burgeoning national tenants’ rights movement—and real estate groups are responding with full force. Rent control, which is illegal in 27 states, has become a campaign issue across the country, and the landlord lobby has been rushing to squelch tenants’ rights campaigns wherever they spring up.

The Deceptive, Shameful, Lucratively Funded War Against Rent Control [Sophie Kasakove/New Republic]

12:56

Wanna get into Harvard? Just ask your parents to donate a building. [Cory Doctorow – Boing Boing]

A batch of internal Harvard admission-related emails have come into the public domain as part of a lawsuit alleging that Harvard discriminates against Asian applicants, and they reveal that the admissions process is tilted in favor of members of families who are major donors to Harvard.

The emails reveal members of the admissions committee and the Dean's office discussing the inclusion in the "Dean's Special Interest List" for applicants whose families have made recent donations, as well as applicants whose families used to donate, but have not made donations in recent years, with the implication that these families might restart the flow of cash once their young scions are enrolled at Harvard.

The existence of the Dean's Special Interest List became public last summer. It is one of several lists of students who are bumped ahead in the Harvard admissions queue, joining legacy students, faculty kids, recruited atheletes -- all "overwhelmingly white."

Harvard has been tight-lipped about who earns a spot on that list and why. On Wednesday, Hughes pressed for answers. He asked Fitzsimmons whether the list includes the “children of donors” and “other relatives of donors.”

“It could be,” Fitzsimmons said.

Hughes also grilled Fitzsimmons on how applicants wind up on the dean’s list. Fitzsimmons said the University Development Office — an office that solicits alumni donations — sometimes offers names to the dean. Summer court filings suggested the dean regularly sits down with Development Office employees and senior admissions staff to discuss specific high schoolers.

Fitzsimmons defended Harvard’s special treatment of applicants linked to top donors as “important for the long-term strength of the institution.” He said this tactic secures funding for scholarships, among other things.

In Admissions, Harvard Favors Those Who Fund It, Internal Emails Show[Delano R. Franklin and Samuel W. Zwickel/The Harvard Crimson

12:49

West Virginia Using Internet Voting [Schneier on Security]

This is crazy (and dangerous). West Virginia is allowing people to vote via a smart-phone app. Even crazier, the app uses blockchain -- presumably because they have no idea what the security issues with voting actually are.

12:21

Four short links: 19 October 2018 [All - O'Reilly Media]

PDF to Data Frame, Clever Story, Conceptual Art, and Automatic Patch Synthesis

  1. Camelot -- Python library that extracts tables of data from PDF documents, returning them as Pandas frames.
  2. STET -- short story told via footnotes, editorial markup, and more. Magnificent! (via Cory Doctorow)
  3. Solving Sol -- interpreting a conceptual artist's art as instructions, reframed as an AI problem. Clever!
  4. Human-Competitive Patches with Repairnator -- Repairnator is a bot. It constantly monitors software bugs discovered during continuous integration of open source software and tries to fix them automatically. If it succeeds to synthesize a valid patch, Repairnator proposes the patch to the human developers, disguised under a fake human identity. To date, Repairnator has been able to produce five patches that were accepted by the human developers and permanently merged in the code base.

Continue reading Four short links: 19 October 2018.

11:49

Rebelling Against Extinction [George Monbiot]

When governments abandon us, we must step up

By George Monbiot, published in the Guardian 17th October 2018

 

It is hard to believe today, but the prevailing ethos among the educated elite was once public service. As the historian Tony Judt documented in Ill Fares the Land, the foremost ambition among graduates in the 1950s and 1960s was, through government or the liberal professions, to serve their country. Their approach might have been patrician and often blinkered, but their intentions were mostly public and civic, not private and pecuniary.

Today, the notion of public service seems as quaint as a local post office. We expect those who govern us to grab what they can, permitting predatory banks and corporations to fleece the public realm, then collecting their reward in the form of lucrative directorships. As the Edelman Corporation’s Trust Barometer survey reveals, trust worldwide has collapsed in all major institutions, and government is less trusted than any other.

As for the economic elite, as the consequences of their own greed and self-interest emerge, they seek, like the Roman oligarchs fleeing the collapse of the Western Empire, only to secure their survival against the indignant mob. An essay by the visionary author Douglas Rushkoff this summer, documenting his discussion with some of the world’s richest people, reveals that their most pressing concern is to find a safe refuge from climate breakdown, economic and societal collapse. Should they move to New Zealand or Alaska? How will they pay their security guards once money is worthless? Could they upload their minds onto supercomputers? Survival Condo, the company turning former missile silos in Kansas into fortified bunkers, has so far sold every completed unit.

Trust, the Edelman Corporation observes, “is now the deciding factor in whether a society can function.” Unfortunately, our mistrust is fully justified. Those who have destroyed belief in governments exploit its collapse, railing against a liberal elite (by which they mean people still engaged in public service) while working for the real and illiberal elite. As the political economist Will Davies points out, “sovereignty” is used as a code for rejecting the very notion of governing as “a complex, modern, fact-based set of activities that requires technical expertise and permanent officials.”

Nowhere is the gulf between public and private interests more obvious than in governments’ response to the climate crisis. On Monday, the UK’s energy secretary, Claire Perry, announced that she has asked her advisers to produce a roadmap to a zero carbon economy. On the same day, fracking commenced at Preston New Road in Lancashire, enabled by the permission Perry sneaked through parliament on the last day before the summer recess.

She has justified fracking on the grounds that it helps the country affect a “transition to a lower-carbon economy”. But fracked gas has net emissions similar to or worse than those released by burning coal. As we are already emerging from the coal era in the UK without its help, this is in reality a transition away from renewables and back into fossil fuels. The government has promoted the transition by effectively banning onshore wind farms, while overriding local decisions to impose fracking by central dictat. Now, to prevent people from taking back control, it intends to grant blanket planning permission for frackers to operate.

None of it makes sense, until you remember the intimate relationship between the fossil fuel industry, the City (where Perry made her fortune) and the Conservative party, oiled by the political donations flowing from both sectors into the party’s coffers. These people are not serving the nation. They are serving each other.

In Germany, the government that claimed to be undergoing a great green energy transition instead pours public money into the coal industry, and deploys an army of police to evict protesters from an ancient forest to clear it for a lignite mine. On behalf of both polluting power companies and the car industry, it has sabotaged the EU’s attempt to improve its carbon emissions target. Before she was re-elected, I argued that Angela Merkel was the world’s leading eco-vandal. She might also be the world’s most effective spin doctor: she can mislead, cheat and destroy, and people still call her Mutti. Since then, she has done all she can to retain her position as the leading planetary delinquent. That she has now slipped to third place shows only that the collapse of the public service ethos has become a global phenomenon.

Other governments shamelessly flaunt their service to private interests, as they evade censure by owning their corruption. A report on fuel efficiency published by the US government in July concedes, unusually, that global temperatures are likely to rise by 4°C this century. It then uses this forecast to argue that there is no point in producing cleaner cars, because the disaster will happen anyway. Elsewhere, all talk of climate breakdown within government is censored. Any agency seeking to avert it is captured and redirected.

In Australia, the new Prime Minister, Scott Morrison, has turned coal burning into a sacred doctrine. I would not be surprised if the only lump of coal he has ever handled is the one he flourished in the Australian parliament. But he dirties his hands every day on behalf of the industry. These men with black hearts and clean fingernails wear their loyalties with pride.

If Jair Bolsonaro takes office in Brazil, their gleeful annihilation on behalf of private interests will seem mild by comparison. He claims that climate breakdown is a fable invented by a “globalist conspiracy”, and seeks to withdraw from the Paris Agreement, abolish the environment ministry, put the congressional beef caucus (representing the murderous and destructive ranching industry) in charge of agriculture, open the Amazon Basin for clearance and dismantle almost all environmental and indigenous protections.

With the exception of Costa Rica’s, no government has the policies required to prevent more than 2°C of global warming, let alone 1.5°. Most, like the UK, Germany, the US and Australia, push us towards the brink on behalf of their friends. So what do we do, when our own representatives have abandoned public service for private service?

On October 31, I will speak at the launch of Extinction Rebellion in Parliament Square. This is a movement devoted to disruptive, non-violent disobedience in protest against ecological collapse. The three heroes jailed for trying to stop fracking, whose outrageous sentences have just been overturned, are likely to be the first of hundreds. The intention is to turn this national rising into an international one in March.

This preparedness for sacrifice, a long history of political and religious revolt suggests, is essential to motivate and mobilise people to join an existential struggle. It is among such people that you find the public and civic sense now lacking in government. That we have to take such drastic action to defend the common realm shows how badly we have been abandoned.

www.monbiot.com

 

11:42

Error'd: Real Formatting Advice [The Daily WTF]

"VMware Team decided to send me some useful advice via e-mail," writes Antti T.   "Costco and Dell have teamed up to offer the latest in gaming storage technology...the Hard...

09:35

Daniel Pocock: Debian GSoC 2018 report [Planet Debian]

One of my major contributions to Debian in 2018 has been participation as a mentor and admin for Debian in Google Summer of Code (GSoC).

Here are a few observations about what happened this year, from my personal perspective in those roles.

Making a full report of everything that happens in GSoC is close to impossible. Here I consider issues that span multiple projects and the mentoring team. For details on individual projects completed by the students, please see their final reports posted in August on the mailing list.

Thanking our outgoing administrators

Nicolas Dandrimont and Sylvestre Ledru retired from the admin role after GSoC 2016 and Tom Marble has retired from the Outreachy administration role, we should be enormously grateful for the effort they have put in as these are very demanding roles.

When the last remaining member of the admin team, Molly, asked for people to step in for 2018, knowing the huge effort involved, I offered to help out on a very temporary basis. We drafted a new delegation but didn't seek to have it ratified until the team evolves. We started 2018 with Molly, Jaminy, Alex and myself. The role needs at least one new volunteer with strong mentoring experience for 2019.

Project ideas

Google encourages organizations to put project ideas up for discussion and also encourages students to spontaneously propose their own ideas. This latter concept is a significant difference between GSoC and Outreachy that has caused unintended confusion for some mentors in the past. I have frequently put teasers on my blog, without full specifications, to see how students would try to respond. Some mentors are much more precise, telling students exactly what needs to be delivered and how to go about it. Both approaches are valid early in the program.

Student inquiries

Students start sending inquiries to some mentors well before GSoC starts. When Google publishes the list of organizations to participate (that was on 12 February this year), the number of inquiries increases dramatically, in the form of personal emails to the mentors, inquiries on the debian-outreach mailing list, the IRC channel and many project-specific mailing lists and IRC channels.

Over 300 students contacted me personally or through the mailing list during the application phase (between 12 February and 27 March). This is a huge number and makes it impossible to engage in a dialogue with every student. In the last years where I have mentored, 2016 and 2018, I've personally but a bigger effort into engaging other mentors during this phase and introducing them to some of the students who already made a good first impression.

As an example, Jacob Adams first inquired about my PKI/PGP Clean Room idea back in January. I was really excited about his proposals but I knew I simply didn't have the time to mentor him personally, so I added his blog to Planet Debian and suggested he put out a call for help. One mentor, Daniele Nicolodi replied to that and I also introduced him to Thomas Levine. They both generously volunteered and together with Jacob, ensured a successful project. While I originally started the clean room, they deserve all the credit for the enhancements in 2018 and this emphasizes the importance of those introductions made during the early stages of GSoC.

In fact, there were half a dozen similar cases this year where I have interacted with a really promising student and referred them to the mentor(s) who appeared optimal for their profile.

After my recent travels in the Balkans, a number of people from Albania and Kosovo expressed an interest in GSoC and Outreachy. The students from Kosovo found that their country was not listed in the application form but the Google team very promptly added it, allowing them to apply for GSoC for the first time. Kosovo still can't participate in the Olympics or the World Cup, but they can compete in GSoC now.

At this stage, I was still uncertain if I would mentor any project myself in 2018 or only help with the admin role, which I had only agreed to do on a very temporary basis until the team evolves. Nonetheless, the day before student applications formally opened (12 March) and after looking at the interest areas of students who had already made contact, I decided to go ahead mentoring a single project, the wizard for new students and contributors.

Student selections

The application deadline closed on 27 March. At this time, Debian had 102 applications, an increase over the 75 applications from 2016. Five applicants were female, including three from Kosovo.

One challenge we've started to see is that since Google reduced the stipend for GSoC, Outreachy appears to pay more in many countries. Some women put more effort into an Outreachy application or don't apply for GSoC at all, even though there are far more places available in GSoC each year. GSoC typically takes over 1,000 interns in each round while Outreachy can only accept approximately 50.

Applicants are not evenly distributed across all projects. Some mentors/projects only receive one applicant and then mentors simply have to decide if they will accept the applicant or cancel the project. Other mentors receive ten or more complete applications and have to spend time studying them, comparing them and deciding on the best way to rank them and make a decision.

Given the large number of project ideas in Debian, we found that the Google portal didn't allow us to use enough category names to distinguish them all. We contacted the Google team about this and they very quickly increased the number of categories we could use, this made it much easier to tag the large number of applications so that each mentor could filter the list and only see their own applicants.

The project I mentored personally, a wizard for helping new students get started, attracted interest from 3 other co-mentors and 10 student applications. To help us compare the applications and share data we gathered from the students, we set up a shared spreadsheet using Debian's Sandstorm instance and Ethercalc. Thanks to Asheesh and Laura for setting up and maintaining this great service.

Slot requests

Switching from the mentor hat to the admin hat, we had to coordinate the requests from each mentor to calculate the total number of slots we wanted Google to fund for Debian's mentors.

Once again, Debian's Sandstorm instance, running Ethercalc, came to the rescue.

All mentors were granted access, reducing the effort for the admins and allowing a distributed, collective process of decision making. This ensured mentors could see that their slot requests were being counted correctly but it means far more than that too. Mentors put in a lot of effort to bring their projects to this stage and it is important for them to understand any contention for funding and make a group decision about which projects to prioritize if Google doesn't agree to fund all the slots.

Management tools and processes

Various topics were discussed by the team at the beginning of GSoC.

One discussion was about the definition of "team". Should the new delegation follow the existing pattern, reserving the word "team" for the admins, or should we move to the convention followed by the DebConf team, where the word "team" encompasses a broader group of the volunteers? A draft delegation text was prepared but we haven't asked for it to be ratified, this is a pending task for the 2019 team (more on that later).

There was discussion about the choice of project management tools, keeping with Debian's philosophy of only using entirely free tools. We compared various options, including Redmine with the Agile (Kanban) plugin, Kanboard (as used by DebConf team), and more Sandstorm-hosted possibilities, such as Wekan and Scrumblr. Some people also suggested ideas for project management within their Git repository, for example, using Org-mode. There was discussion about whether it would be desirable for admins to run an instance of one of these tools to manage our own workflow and whether it would be useful to have all students use the same tool to ease admin supervision and reporting. Personally, I don't think all students need to use the same tool as long as they use tools that provide public read-only URLs, or even better, a machine-readable API allowing admins to aggregate data about progress.

Admins set up a Git repository for admin and mentor files on Debian's new GitLab instance, Salsa. We tried to put in place a process to synchronize the mentor list on the wiki, the list of users granted team access in Salsa and the list of mentors maintained in the GSoC portal. This could be taken further by asking mentors and students to put a Moin Category tag on the bottom of their personal pages on the wiki, allowing indexes to be built automatically.

Students accepted

On 23 April, the list of selected students was confirmed. Shortly afterward, a Debian blog appeared welcoming the students.

OSCAL 2018, Albania and Kosovo visit

I traveled to Tirana, Albania for OSCAL'18 where I was joined by two of the Kosovan students selected by Debian. They helped run the Debian booth, comprising a demonstration of software defined radio from Debian Hams.

Enkelena Haxhiu and I gave a talk together about communications technology. This was Enkelena's first talk. In the audience was Arjen Kamphuis, he was one of the last people to ask a question at the end. His recent disappearance is a disturbing mystery.

DebConf18

A GSoC session took place at DebConf18, the video is available here and includes talks from GSoC and Outreachy participants past and present.

Final results

Many of the students have already been added to Planet Debian where they have blogged about what they did and what they learned in GSoC. More will appear in the near future.

If you like their project, if you have ideas for an event where they could present it or if you simply live in the same region, please feel free to contact the students directly and help them continue their free software adventure with us.

Meeting more students

Google's application form for organizations like Debian asks us what we do to stay in contact with students after GSoC. Crossing multiple passes in the Swiss and Italian alps to find Sergio Alberti at Capo di Lago is probably one of the more exotic answers to that question.

Looking back at past internships

I first mentored students in GSoC 2013. Since then, I've been involved in mentoring a total of 12 students in GSoC and 3 interns in Outreachy as well as introducing many others to mentors and organizations. Several of them stay in touch and it's always interesting to hear about their successes as they progress in their careers and in their enjoyment of free software.

The Outreachy organizers have chosen a picture of two of my former interns, Urvika Gola (Outreachy 2016) and Pranav Jain (GSoC 2016) for the mentors page of their web site. This is quite fitting as both of them have remained engaged and become involved in the mentoring process.

Lessons from GSoC 2018, preparing for 2019

One of the big challenges we faced this year is that as the new admin team was only coming together for the first time, we didn't have any policies in place before mentors and students started putting significant effort in to their proposals.

Potential mentors start to put in significant effort from February, when the list of participating organizations is usually announced by Google. Therefore, it seems like a good idea to make any policies clear to potential mentors before the end of January.

We faced a similar challenge with selecting mentors to attend the GSoC mentor summit. While some ideas were discussed about the design of a selection process or algorithm, the admins fell back on the previous policy based on a random selection as mentors may have anticipated that policy was still in force when they signed up.

As I mentioned already, there are several areas where GSoC and Outreachy are diverging, this already led to some unfortunate misunderstandings in both directions, for example, when people familiar with Outreachy rules have been unaware of GSoC differences and vice-versa and I'll confess to being one of several people who has been confused at least once. Mentors often focus on the projects and candidates and don't always notice the annual rule changes. Unfortunately, this requires involvement and patience from both the organizers and admins to guide the mentors through any differences at each step.

The umbrella organization question

One of the most contentious topics in Debian's GSoC 2018 program was the discussion of whether Debian can and should act as an umbrella organization for smaller projects who are unlikely to participate in GSoC in their own right.

As an example, in 2016, four students were mentored by Savoir Faire Linux (SFL), makers of the Ring project, under the Debian umbrella. In 2017, Ring joined the GNU Project and they mentored students under the GNU Project umbrella organization. DebConf17 coincidentally took place in Montreal, Canada, not far from the SFL headquarters and SFL participated as a platinum sponsor.

Google's Mentor Guide explicitly encourages organizations to consider this role, but does not oblige them to do so either:

Google’s program administrators actually look quite fondly on the umbrella organizations that participate each year.

For an organization like Debian, with our philosophy, independence from the cloud and distinct set of tools, such as the Salsa service mentioned earlier, being an umbrella organization gives us an opportunity to share the philosophy and working methods for mutual benefit while also giving encouragement to related projects that we use.

Some people expressed concern that this may cut into resources for Debian-centric projects, but it appears that Google has not limited the number of additional places in the program for this purpose. This is one of the significant differences with Outreachy, where the number of places is limited by funding constraints.

Therefore, if funding is not a constraint, I feel that the most important factor to evaluate when considering this issue is the size and capacity of the admin team. Google allows up to five people to be enrolled as admins and if enough experienced people volunteer, it can be easier for everybody whereas with only two admins, the minimum, it may not be feasible to act as an umbrella organization.

Within the team, we observed various differences of opinion: for example some people were keen on the umbrella role while others preferred to restrict participation to Debian-centric projects. We have the same situation with Outreachy: some mentors and admins only want to do GSoC, while others only do Outreachy and there are others, like myself, who have supported both programs equally. In situations like this, nobody is right or wrong.

Once that fundamental constraint, the size of the admin team, is considered, I personally feel that any related projects engaged on this basis can be evaluated for a wide range of synergies with the Debian community, including the people, their philosophy, the tools used and the extent to which their project will benefit Debian's developers and users. In other words, this doesn't mean any random project can ask to participate under the Debian umbrella but those who make the right moves may have a chance of doing so.

Financial

Google pays each organization an allowance of USD 500 for each slot awarded to the organization, plus some additional funds related to travel. This generally corresponds to the number of quality candidates identified by the organization during the selection process, regardless of whether the candidate accepts an internship or not. Where more than one organization requests funding (a slot) for the same student, both organizations receive a bounty, we had at least one case like this in 2018.

For 2018, Debian has received USD 17,200 from Google.

GSoC 2019 and beyond

Personally, as I indicated in January that I would only be able to do this on a temporary basis, I'm not going to participate as an admin in 2019 so it is a good time for other members of the community to think about the role. Each organization who wants to participate needs to propose a full list of admins to Google in January 2019, therefore, now is the time for potential admins to step forward, decide how they would like to work together as a team and work out the way to recruit mentors and projects.

Thanks to all the other admins, mentors, the GSoC team at Google, the Outreachy organizers and members of the wider free software community who supported this initiative in 2018. I'd particularly like to thank all the students though, it is really exciting to work with people who are so open minded, patient and remain committed even when faced with unanticipated challenges and adversity.

08:28

We are not the enemy (if we try) [Seth's Blog]

Fewer than 1% of our population works hard to divide us. To pit people against one another for their selfish aims.

These are the pundits, divisive politicians, media companies and short-term trolls who have decided that schisms and fights are a good way to achieve their aims.

But if everyone is demonizing the other, then everyone is the enemy to someone.

We end up spending our time fighting each other instead of fighting for the things that really matter. We end up focusing on the current thing while something more important shrinks away in the background.

It’s possible to be fierce, fierce in your dedication to change, to what’s right, to making things better–without finding the source of your power in the destruction of others.

We ought to be fighting inequality, corruption and inefficiency. Working to stamp out ignorance and missed opportunities while creating access and possibility. Keeping our promises and making things better.

Every system is improved when it’s in sync, and the narcissism of small differences is a seduction that keeps us from focusing on creating real value by doing important work.

Realizing that things can get better (they can always get better) opens the door for productive conversations, conversations that aren’t based on prior decisions about what team someone is on, and instead, on putting our shoulder to the work, taking responsibility and actually making things better.

We can fight injustice without becoming pawns in a boxing promoter’s game.

08:07

Tagged, p14 [Ctrl+Alt+Del Comic]

Okay, well, we had enough interest to move forward with getting these books to the EU. Now it’s time to see if we have enough follow-through. There is a button below to pre-order a CAD 1.0 Box set, delivered anywhere in Europe (except Russia, Israel and Turkey, more on that in a moment), for $120.

We have 34 books left, the last of these that I have to sell ever, and they are first-come first served. I will take orders for the next week, or until they are all ordered, whichever comes first. As soon as they are all ordered, I will direct the warehouse to arrange freight to the EU for distribution. This will take a while. They’ll most likely be traveling by boat, and I’ll have a better idea about travel time once they’re en route, but be aware that moving these books will take a while. You are pre-ordering in order to move these in bulk to Europe to save on shipping. You will not have your book days after you order, just FYI.

If you place an order, and we don’t end up with enough follow-through (ie, the books don’t get ordered), I will simply refund your pre-order at the end of the week. So if you want one of these, order soon.

And if you happen to live in Russia, Israel or Turkey, and you want one of these books, we CAN send one there for an additional $20 in shipping. Don’t ask me why it costs more to ship to those countries from Germany, it’s just what I was quoted by the company that will be handling the fulfillment.

So anyway… here’s that order button.

07:56

Yandex Under Fire Again, This Time For Linking to Blocked RuTracker [TorrentFreak]

With copyright holders and anti-piracy outfits continue their battle to make infringing content harder to find, legitimate companies are increasingly finding themselves in the firing line.

In Russia, pressure is building on search giant Yandex, which is being targeted by rightsholders from multiple directions. Their main point of concern is that Yandex’s indexes sometimes carry links to allegedly infringing content. However, Yandex believes that the current law requires rightsholders to file complaints against those actually hosting the content.

While that particular battle plays out, Yandex now has another problem on its hands. Last September the country passed new legislation that prevents sites (and their mirrors and clones) that have already been blocked in Russia from being indexed by search engines.

It now transpires that last October, the Association for Copyright Protection on the Internet (AZAPI) filed a complaint against Yandex. The group, which represents the interests of book publishers, claimed that links to previously blocked sites (including torrent giant RuTracker and eBook site Librusec) were available in Yandex’s search results.

AZAPI director Maxim Ryabyko told Kommersant that the complaint is first to be filed against a search engine under the legislation passed back in September 2017. When a legal entity like Yandex breaches the law, it can be subjected to fines between 500,000 and 700,000 rubles (US$10,700) per instance. However, things may not be straightforward.

According to the publication, the links to the blocked sites only appear via Yandex’s recommendation algorithm which was launched in the summer of 2018. Ryabyko says that when people search for mirrors of blocked sites and try several in a row, the algorithm sometimes decides that the user didn’t find what they were looking for so it gives direct links instead.

This complex arrangement means that telecoms watchdog Roscomnadzor may carry out its own tests and not trigger the same results, leaving Yandex in a position to say that the links aren’t indexed or appeared simply by chance. In any event, Roscomnadzor will have the final say, which could potentially result in Yandex having to take stronger action to ensure infringing links don’t appear in its indexes.

As recently reported, a hearing should have taken place Monday at the Moscow City Court in the case of TNT-TV versus Yandex, after the former accused the latter of failing to remove infringing links from search results.

However, according to local sources, that hearing has now been delayed until November 9 in order to give the parties more time to present technical evidence.

“We continue to insist on the need for technical expertise,” Yandex said in a statement.

“We also continue to believe that the demands made to us are impracticable. The search system does not post content to the Internet and it cannot separate the disputed content in search results from legal options.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

06:21

Girl Genius for Friday, October 19, 2018 [Girl Genius]

The Girl Genius comic for Friday, October 19, 2018 has been posted.

05:35

It's Always Sunny in 2001: A Space Odyssey [Diesel Sweeties webcomic by rstevens]

this is a diesel sweeties comic strip

this is a diesel sweeties comic strip

Tonight's comic combines my two favorite incomprehensible things.

http://www.dieselsweeties.com/ics/655/

03:42

Leaving Money On The Table [QC RSS]

I am pleased to announce that the newest Hakase record is done! You can listen to it here and buy a copy if you want! I'm very pleased with how these songs turned out, if you like cute and chill bloops and bleeps it may be your jam! It is also available on itunes, Apple Music, Spotify, Tidal, and whatever other streaming music service you may prefer.

02:35

01:07

Less than a week left of the Humble Discovery Pack! One price,... [Humble Bundle Blog]



Less than a week left of the Humble Discovery Pack! 

One price, six games. Easy peasy. Get War for the Overworld + Heart of Gold DLC, Phantom Brave PC, Kentucky Route Zero, and more in the Humble Discovery Pack. You choose where your money goes!


Assets for Press and Partners

00:14

OpenBSD 6.4 [LWN.net]

OpenBSD 6.4 has been released. This release features improved hardware support, adding a number of new drivers. Notable security improvements include the new unveil() system call to restrict file system access.

Thursday, 18 October

23:28

Ubuntu 18.10 released [OSNews]

Ubuntu 18.10 has been released.

The Linux 4.18 kernel together with updates in Mesa and X.org significantly improve game performance. Graphics support expands to AMD VegaM in the latest Intel Kabylake-G CPUs, Raspberry Pi 3 Model B, B+ and Qualcomm Snapdragon 845. Ubuntu 18.10 introduces the GNOME 3.30 desktop and Yaru, the new community-developed default theme. Fingerprint unlock functionality is featured for compatible PCs and the latest versions of Firefox, LibreOffice, and Chromium are included.

The full release notes are also available.

22:42

OpenBSD 6.4 released [OSNews]

We are pleased to announce the official release of OpenBSD 6.4. This is our 45th release. We remain proud of OpenBSD's record of more than twenty years with only two remote holes in the default install. As in our previous releases, 6.4 provides significant improvements, including new features, in nearly all areas of the system.

22:28

Crib Sheet: The Delirium Brief [Charlie's Diary]

Shockingly, it has been drawn to my attention that The Labyrinth Index is nearly in print and yet I have failed to issue my usual crib sheet for The Delirium Brief. This cannot be! So without further ado ...

The eighth book in The Laundry Files (a title pinned on the series by marketing fiat at Random Penguin—sorry, Penguin Random House, Inc., who decreed that all series of more than three novels had to have a series title, and by an editor who wanted to leverage the brand name recognition of another urban fantasy author she edited, Jim Butcher) was written in early 2016 with a very specific goal: to deal with the aftermath of The Nightmare Stacks, which in turn had decisively broken the doldrums that nearly becalmed the "big picture" series story arc between books 3 and 6. That story arc is, loosely speaking, the story of the Lovecraftian singularity: in which vast, transhuman, and unsympathetic intelligences disrupt humanity's tenuous position of terrestrial dominance (but note they're not artificial intelligences but godlike alien ones—yes, it's also an alien invasion narrative, if you squint at it hard enough.)

The Nightmare Stacks ended in a version of April 2015 that had decisively split from the one we're all familiar with, as an Elven combined-arms battle group crashed through the English county of West Yorkshire and came to rest in the wreckage of a major city, with a death toll in the tens of thousands. That was a very explicit smackdown for the classic urban fantasy trope whereby the things that go bump in the night—vampires, zombies, elves—always seem to know their place, and that place is well away from the rolling global 24 hours cycle. It's a trope I've had increasing difficulty taking seriously over the years: it strikes me as lazy world-building. (Similarly, the emergence of a world like our own where magic nevertheless exists also demands explanation: there is such an explanation for The Laundry Files—history is mutable and has, in fact, been tampered with extensively—but it's largely implied, although future stories may deal with this aspect of the setting which is, if anything, one of the most horrific aspects of the series.)

Anyway, by the end of The Nightmare Stacks, it was glaringly obvious that the djinn could not be recaptured and put back in the bottle: contained incidents, even mass casualty incidents, could be suppressed if they took place in a single building (as in The Annihilation Score), but not when airliners are shot down, cities are explosively remodelled, and the All-Highest of the Host of Air and Darkness appeals for political asylum in from of the news cameras.

So, with The Delirium Brief, I set out to ask, what happens next?

Only life comes at you fast, and I was writing the first draft in spring of 2016, to a background of rolling news coverage of the Brexit referendum campaign ...

The first draft opened much as the final published version opens, with a hapless Bob Howard—now seemingly consigned to middle management, because he's pushing forty and now moderately senior—wearing a suit in front of the TV cameras as a thinly-disguised rendition of Jeremy Paxman grills him lightly on Newsnight. (Note for non-British readers; until Tony Blair jerked the BBC's choke-chain circa 2003-07 over funding and brought it to heel for its not-entirely-positive coverage of the Iraq invasion, Newsnight monstered cabinet ministers in a manner most other journalistic cultures can barely conceive of, totally lacking in deference to power and willing to badger politicians relentlessly with uncomfortable questions and to crucify them if they refused to answer. Today's BBC is a sad parody of this era, which is what Bob was subjected to a mild version of ...)

But the narrative continued in like vein for somewhat longer, following a plot that was somehow less vibrant and effective than the final version: one in which the Laundry, now exposed to the full glare of public scrutiny, is set up for privatization along the usual lines pioneered by successive British governments in the 21st century (and described in detail in the current draft). Subjected to successive private sector managers, budget cut, morale leaking out, increasingly outsourced to the usual contractors (the companies from which those private sector managers are borrowed and to which they return, fully informed of the agency's business so they can tender for the contracts to provide those services). It was a very 2015 novel. Against this backdrop, an increasingly put-upon Bob and Mo underwent a gradual raprochement, bonding over a pile of broken relationship counsellors (you can find the off-cuts from this sequence on Archive of Our Own, as their case files). And, finally, the bad guys were defeated, sort-of. It was all a bit limp, but I wasn't sure how to make it work any better, so I threw it at my editors to figure it out and left it alone for a while. That was in May.

In June, I was in London when the results of the Brexit referendum came in and all hell broke loose. In the space of a week both major UK political parties experienced leadership challenges, it became evident that two constitutional crises had broken out, there was a run on the pound, and I got a ringside seat at the sort of clusterfuck that ensues in British politics when a truly major crisis erupts—not as destructive as the one in The Nightmare Stacks, but similarly all-engulfing. And it became glaringly clear that in the initial version of The Delirium Brief I hadn't gone nearly far enough.

With Brexit to provide contrast, it became obvious in hindsight that the events of The Nightmare Stacks would result in a witch-hunt and an institutional bloodbath. Forget public enquiries: entire agencies would be axed, employees might well face criminal charges, and—oh look, waiting in the background since book four, the Prime Minister's friendly relations with the wrong cultist might well come back to bite the Laundry. The Laundry had always relied on secrecy (being a spin-off of the wartime SOE) and used rigid obedience to keep things quiet. Rather than controlling physical assets and documents, which multiply inordinately and can be leaked, they used the capability to compel obedience in their employees by means of a geas, thereby reducing the number of points of control. Which worked as long as only their employees and a limited number of contacts were in the know. Once their activities came into public view the game was up, and the organization was unable to effectively defend itself against institutional predators—political lobbyists, private sector contractors, frightened cabinet ministers, and actual hostiles like the Reverend Raymond Schiller (now making a very unwelcome re-appearance after his earlier defeat in The Apocalypse Codex).

The point at which the published version of The Delirium Brief departs from the pre-Brexit draft is the moment when Bob is arrested—and, subsequently, the entire agency is shut down and goes on the run, with Continuity Operations in effect. None of that featured in the first draft (nor the tank-v-Mercedes chase on Salisbury Plain). It gave the post-Brexit draft a degree of tension and jeopardy that the earlier draft lacked, and a lot of added foreboding and darkness: the re-appearance of The Mandate, the rehabilitation of Iris Carpenter, and the ghastly hospitality suite at Nether Stowe House all emerged fluidly from the new sense of impending catastrophe.

Because, yes, this is the Brexit Laundry novel; not in the simplistic voted-to-depart-from-the-EU sense, but in the context of how the UK deals (or fails to deal) with what Iain Banks called an Outside Context Problem, "the sort of problem most societies encounter the way a sentence encounters a full stop."

Things of note:

Continuity Operations is modelled, very loosely, on the remain-behind plans European governments (presumably including that of the UK) drew up for continuing resistance in the aftermath of a successful Soviet invasion—Operation Gladio. Second world war resistance movements were largely ad-hoc and set up under occupation: post-1945 plans were drawn up in advance and relied on stay-behind teams of motivated and trained security service personnel who would conduct operations against the occupier. These were historically co-opted by far-right-wing groups and in some cases destabilized their host country: the history of the Propaganda Due Masonic Lodge in Italy is one notorious example, which led to an escalating conflict between right and left wing terrorist groups during the 1970s. The Laundry doesn't have P2 levels of behind-the-scenes influence, but there are parallels—notably their willingness to release notorious criminals in order to deploy them against the admittedly hostile regime, and their belief that they know what's best for the nation.

The Constitutional Reform And Governance Act referenced in early chapters is entirely genuine and caused considerable head-scratching in the more secretive corners of HM Government when it was brought in. It was arguably necessary insofar as it regularized certain legal oddities: for example, when it is legal for a soldier, spy, or police officer to be ordered to use lethal force, and when is it murder? Under what circumstances can the machinery of law enforcement commit acts that break the law? Bringing the Laundry into compliance with CRAG is an obvious requirement for the government, once they realize the Laundry exists ... but it brings a whole basket of new problems with it, for the Laundry deals with classes of entity which are not entirely human or have their existence recognized in law, and while the courts tend to take a pragmatic approach to hitherto unrecognized situations and types of person, there are limits to what can be expected of them without legislative guidance. (How does the law deal with gods, for example—beings who can bend or break the constraints of reality?)

The Mandate, Fabian Everyman, is the tip of an occult iceberg: he's increasing in power exponentially and is already extremely dangerous. We'll see more of him in The Labyrinth Index and subsequent novels, as the avatar of N'yar Lat-Hotep, the Black Pharaoh. There is explicit overlap in the Laundryverse between the elder things ranted about by H. P. Lovecraft (the series' equivalent of the author of the Anarchists' Cookbook—he's a very unreliable guide to the occult) and some of the nastier human pantheons, including the ancient Egyptian and Aztec ones—any religion with an obsession with human sacrifice and skull-reaping was probably echoing the preoccupations of the elder gods, after all.

Originally the Laundry Files seemed to be about Bob Howard, geek and agent. However, as with all series that don't hit an implied reset button at the start of each episode, Bob gains experience and power as the series progresses. By The Delirium Brief it is becoming quite clear that Bob is the Eater of Souls, having inherited all of Angleton's power. He's not a human being, any more than Angleton was: but while Angelton was a monstrous being that dreamed itself to be an English public school teacher, Bob is a monstrous thing that dreams himself to be a lovable sandal-wearing hacker-geek nerd (with the ability to slay everyone within a half mile radius if he loses his temper). His wife Mo's concerns for her personal safety are entirely justified, even though she is herself an extremely powerful sorceress, right up until the end: the question of what precisely she is, after this novel, is as yet unanswerable, but she may or may not be more human than Bob at this point.

We will see more of Bob and Mo in future Laundry novels, but not in The Labyrinth Index, which is Mhari's story. (Neither Bob nor Mo quite understand Mhari, which is probably a good thing for all three of them.) Similarly, we may see more of Alex and Cassie and the others in future books---but not all at once. But Bob in particular has "leveled up" so far that he's quite hard to use as a sympathetic viewpoint character in a work of fiction: we're already three books past the point where he could wander through a nest of vampires and come out the other side with his dignity mostly intact. So this is no longer the Bob series; it's more like Discworld, which fissioned into about five disparate series with a shared setting and different viewpoint characters who grow and change over time.

I'm pretty sure that Spooky the Cat is just a cat, though. (Sometimes a pipe is just a pipe.) And that burst condom? Again, sometimes shit happens (and Mo, in any case, is around 40 years old, an age when human fertility drops off a cliff-edge).

Any questions? Ask below! But bear in mind that the immediate aftermath of The Delirium Brief is explored in The Labyrinth Index, coming out on October 30th.

21:49

Bell and Rogers Ask Government to Simplify Site Blocking and Criminalize Streaming [TorrentFreak]

The Canadian Government is currently exploring if and how the current Copyright Act should be amended to better fit the present media landscape.

One of the key issues is the compensation that artists receive for their work. This was also the focus of a hearing before the House Heritage Committee this week, at which Bell (BCE) and Rogers both made an appearance.

The companies are Canada’s largest Internet providers, but both also have their own media branches. As such, they have an interest in copyright issues, which they made quite apparent during the hearing.

Bell and Rogers called for several changes to the Copyright Act to address the piracy issue. Interestingly, the proposals were identical on many fronts, with both companies highlighting how piracy is causing millions in lost revenue.

First up was Rob Malcolmson, Bell’s Senior Vice President of Regulatory Affairs. Instead of addressing artist compensation directly, he drew the focus to the “impact of organized content theft” instead.

“This issue is fundamental to the topic the committee is studying because no matter what remuneration model you adopt, creators can never be fairly compensated if their work is being widely stolen,” Malcolmson said.

He went on to cite a series of piracy statistics published in recent years, including the increased popularity of pirate streaming boxes, and the fact that more than a quarter of all Canadians are self-proclaimed pirates.

To address this rampant “theft”, Bell presented three recommendations. The first is to criminalize online streaming of pirated material. This doesn’t mean that any end-users would end up in jail, but it should act as a deterrent for operators of pirate streaming sites and services.

Rob Malcolmson

Bell’s second suggestion is to get the authorities and public officials actively involved in anti-piracy enforcement actions. The UK and US were cited as examples where local police and special units help to deal with piracy issues.

“We recommend that the government should create and consider enshrining in the Copyright Act an administrative enforcement office and should direct the RCMP to prioritize digital piracy investigations,” Malcolmson notes.

Finally, Bell also reintroduces the piracy blocking proposal of the Fairplay Canada Coalition. The CRTC denied this application earlier this month, noting that it lacks jurisdiction. This is something the government could change through an update of the Telecommunications Act.

Alternatively, website blocking could be addressed by an update to the Copyright Act, which would make it easier for courts to issue injunctions against ISPs and other intermediaries. This would simplify site blocking, but could also apply to search engines, hosting companies and payment processors.

“In addition, a new provision could be added to the Copyright Act that would apply more broadly to intermediaries such as ISPs, web hosts, domain name registrars, search engines, payment processors, and advertising networks,” Malcolmson said.

Following Bell’s testimony, the committee’s attention moved to Pam Dinsmore, Vice-President Regulatory, Cable, at Rogers Communications. She also stressed the importance of addressing piracy, mentioning various statistics and the rise of online streaming in particular.

Interestingly, Rogers’ proposals to deal with this problem show a lot of overlap with those put forward by Bell. For example, the company also suggests criminalizing online streaming.

“The Act should make it a criminal violation for a commercial operation to profit from the theft and making available of rights holders exclusive and copyrighted content on streaming services. In our experience, the existing civil prohibitions are not strong enough to deter this kind of content theft,” Dinsmore said.

Pam Dinsmore

Rogers also raised the site-blocking issue. Specifically, it should be easier for rightsholders to obtain injunctions against intermediaries in the piracy ecosystem. This includes ISPs, domain name registrars, search engines, and content delivery networks.

“For example, a rights holder should be able to quickly obtain an order from a court to require an ISP to disable access to stolen content available on pre-loaded set-top boxes without concern that the operation of section 36 of the Telecommunications Act might impede this effort,” Dinsmore added.

While none of these suggestions directly impact the compensation of artists, which was the topic at hand, Rogers did present an idea at the end. According to the company, section 19.3 of the Copyright Act could be updated to change the current 50/50 royalty split between artists and labels to 75/25, favoring the artists.

Not all members of the Heritage Committee were impressed by the idea, which comes at the expense of the labels, with some asking what Rogers was willing to hand out itself.

“Are you willing to give up some more money as you suggested the record label should?” Conservative MP Martin Shields said. When Dinsmore replied that she didn’t know what the mechanism for that would be, the MP replied: “It’s a little strange that you’re suggesting someone else to give up money, but not your company.”

MP Randy Boissonnault, in particular, was not at all impressed by the telco’s proposals and stressed that the hearing was not the right venue to call for these changes.

“Your submissions to this committee ring hollow and tin ear,” Boissonnault said, noting that they are too technical and not addressing the topic at hand. “This is the place where we’re advocating for artists. You said so in your submissions and yet what we see is – go after the ISPs – shut down the piracy. We get that, we know that.”

Randy Boissonnault

Even if the claimed $500 million in lost subscriber revenue could be recouped, artists would still get the same size of the pie, the Liberal MP noted.

“There’s nothing more that’s coming from your shareholders to go into the pockets of artists. So where’s the creativity from industry to put more money in the pockets of artists? Because you won’t have things to sell from Canada if we don’t support the artists and consumers.”

While Bell and Rogers likely hoped for a different response, and may not get what they want out of this hearing, it’s clear that their push for tougher anti-piracy measures didn’t end at the CRTC earlier this month.

A full copy of the hearing is available through ParlVU.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

21:14

A data-driven look at the devastating efficacy of a far-right judge-education program [Cory Doctorow – Boing Boing]

More than 40% of US federal judges have attended Manne seminars, a notionally "bipartisan" educational conference presented by a Florida "Law and Economics" institute whose invited ideological allies explained to judges why pollution is good for minorities (polluted neighborhoods are cheaper and therefore affordable by poor people), unions are bad, monopolies are economically efficient, discrimination in punishment is economically efficient, insider trading is economically efficient, and so on.

The Manne seminars also included high-profile "liberal" economists as well, but they were asked to lecture in domains that were outside of their expertise. It was rare for rebuttals to the nutty Law and Econ ideas to be presented by economists who studied the subjects under discussion.

Using Freedom of Information Act requests, a group of academics got a list of the judges who attended the Manne seminars, then used "cutting edge econometrics and natural language processing" to analyze the judges' rulings, to see whether the Manne seminars actually changed the tenor of justice in America.

The short answer is that the Manne seminars were devastatingly effective: "we find that Manne attendees subsequently are more likely to rule against regulatory agencies, for example the EPA and NLRB. Next we look at criminal sentencing in the district courts. We find that Manne attendance is associated with harsher prison sentences imposed."

The program has a recognized conservative bias, yet the attending judges are effusive in their praise regardless of ideological standpoint. What is the impact on observed judge decisions? …We focus on two agencies the Law and Economics movement specifically criticized: the National Labor Relations Board and the Environmental Protection Agency. .. Manne judges exhibit a sharp and sudden increase in propensity to vote against federal labor and environmental regulatory agencies. … The differences-in-differences analysis … renders a consistent picture that Manne judges become more conservative after the training relative to their colleagues. …

this indicates the Manne program accounts for 28-42% of the rise in judicial conservatism. If peers and precedent also impact the non-Manne judges, then the true Manne impact may … explain an even larger portion of the historical shift. … Judges increase sentence lengths by 7 percent and any sentence by 2 percentage points after Manne attendance. …United States v. Booker loosened the formerly mandatory U.S. Sentencing Guidelines and offers a policy experiment to analyze the effects of judicial discretion. … economics trained judges render more severe sentences in the fiscal years after Booker. …the racial disparity in sentencing between black and white defendants is larger for Manne-trained judges than their colleagues. In addition, the gender disparity in sentencing between make and female defendants is larger for Manne-trained judges than their colleagues. …

Manne attendance increases use of economics language for Manne judges across both economics and non-economics cases. … Judges who sit with economics-trained judges start to use more economics language, consistent with a learning effect.

Law and Economics [Henry Farrell/Crooked Timber]

Ideas Have Consequences: The Impact of Law and Economics on American Justice [Elliott Ash, Daniel L. Chen, Suresh Naidu]

20:28

Helm: A home network email server appliance to redecentralize the web [Cory Doctorow – Boing Boing]

Helm is a startup making a $500 home gadget that replaces Gmail and Google Calendar, letting you control your own email and coordination; its founders have deep information security backgrounds, and plan to make money by charging an annual $100 management fee.

The company's roadmap includes networked storage, comparable to dropbox or Google Drive, VPNs, password managers, and other services that currently live in the cloud.

The company has a centralized point-of-failure in the form of a gateway, though the data is end-to-end encrypted. One of the company's co-founders says the code to maintain service will be open and free "for people to be able to run their own gateways with their own AWS account in the event Helm has to shut down."

That said, parts of the system seem to be proprietary and not open to inspection by third parties. What's more, users will have to rely on the largesse of their ISPs, who have celebrated the death of Net Neutrality by engaging in all manner of fuckery that might endanger schemes like this.

The proprietary software is a dealbreaker for me (I live in email and my whole email server stack is open), but I'm nevertheless hopeful and glad to see Helm entering the market, selling on the basis of taking control over your data. Building up constituencies who experience daily benefits from decentralization and a neutral internet is a good thing, both for the health of the net, and for the future of network policy. People who rely on decentralization and neutrality will be less tolerant of monopolies and network discrimination, making it easier to demand better policy from our governments.

Also, I like that it's shaped like an open book!

The vision for Helm draws on fundamental internet concepts, namely that the web is more robust and free when it is decentralized, and everyone contributes a small piece of a larger whole. Helm hopes to extend that to decentralizing personal data storage, so users still get the security and reliability benefits associated with big companies, while retaining physical control of their information and choosing who to share it with. Eventually Helm could expand beyond email and storage into personal VPNs. or even a self-hosted password manager.

"You never know if you’ve thought of everything until something happens, but it certainly appears that they’re trying pretty hard," says Jeremy Gillula, the Electronic Frontier Foundation's tech policy director who got to demo Helm before it launched. "The real test will be do security updates get rolled out on a timely basis, that sort of thing. And that’s something you can only tell after it launches."

Helm will have a lot to prove, both in terms of usability and privacy. The company has built in a lot of fundamental mechanisms, like the ability to import data from other email services and sync between all of a user’s devices through mainstream email clients like Mozilla's Thunderbird and Apple's Mail. But enabling all of this easy setup also creates potential exposures.

This Startup Wants You to Control Your Own Data Again [Lily Hay Newman/Wired]

19:42

Ubuntu 18.10 (Cosmic Cuttlefish) released [LWN.net]

Ubuntu has announced the release of its latest version, 18.10 (or "Cosmic Cuttlefish"). It has lots of updated packages and such, and is available in both a desktop and server version; there are also multiple flavors that were released as well. More information can be found in the release notes. "The Ubuntu kernel has been updated to the 4.18 based Linux kernel, our default toolchain has moved to gcc 8.2 with glibc 2.28, and we've also updated to openssl 1.1.1 and gnutls 3.6.4 with TLS1.3 support. Ubuntu Desktop 18.04 LTS brings a fresh look with the community-driven Yaru theme replacing our long-serving Ambiance and Radiance themes. We are shipping the latest GNOME 3.30, Firefox 63, LibreOffice 6.1.2, and many others. Ubuntu Server 18.10 includes the Rocky release of OpenStack including the clustering enabled LXD 3.0, new network configuration via netplan.io, and iteration on the next-generation fast server installer. Ubuntu Server brings major updates to industry standard packages available on private clouds, public clouds, containers or bare metal in your datacentre."

Compression could be machine learning's "killer app" [Cory Doctorow – Boing Boing]

Pete Warden (previously) writes persuasively that machine learning companies could make a ton of money by turning to data-compression: for example, ML systems could convert your speech to text, then back into speech using a high-fidelity facsimile of your voice at the other end, saving enormous amounts of bandwidth in between.

Less exotically, ML is also used for "adaptive compression" algorithms that use ML-based judgments to decide how to compress different parts of a data-stream without compromising fidelity in ways that are perceptible by human observers.

Warden points out that companies already spend a lot of money on compression: vendors that want to sell ML-based compression systems would be asking for customers to switch who they spend an existing budget with, a much easier sell than convincing companies to spend money in an altogether new category.

One of the other reasons I think ML is such a good fit for compression is how many interesting results we’ve had recently with natural language. If you squint, you can see captioning as a way of radically compressing an image. One of the projects I’ve long wanted to create is a camera that runs captioning at one frame per second, and then writes each one out as a series of lines in a log file. That would create a very simplistic story of what the camera sees over time, I think of it as a narrative sensor.

The reason I think of this as compression is that you can then apply a generative neural network to each caption to recreate images. The images won’t be literal matches to the inputs, but they should carry the same meaning. If you want results that are closer to the originals, you can also look at stylization, for example to create a line drawing of each scene. What these techniques have in common is that they identify parts of the input that are most important to us as people, and ignore the rest.

Will Compression Be Machine Learning’s Killer App? [Pete Warden]

(via /.)

(Image: Cryteria, CC-BY)

US veterans operate in Yemen as mercenary assassins for Middle Eastern autocrats [Cory Doctorow – Boing Boing]

The mercenary squads who carry out targeted assassinations in Yemen on behalf of the autocratic rulers of the UAE are composed of US veterans from elite units like the Green Berets, Navy SEALs, CIA "ground branch" and the special forces of the Maryland Army National Guard, working for the US-based mercenary company Spear Operations Group. Some of the mercenaries are reportedly still US military reservists, others have US top secret clearance.

The owner of Spear cheerfully admits that he pays his employees to assassinate people on behalf of the UAE government and says that the USA should have its own mercenary assassination squads.

The CIA said it had no information about the mercenary assassination program, and the Navy's Special Warfare Command declined to comment. A former CIA official who has worked in the UAE initially told BuzzFeed News there was no way that Americans would be allowed to participate in such a program. But after checking, he called back: “There were guys that were basically doing what you said.” He was astonished, he said, by what he learned: “What vetting procedures are there to make sure the guy you just smoked is really a bad guy?” The mercenaries, he said, were “almost like a murder squad.”

Whether Spear’s mercenary operation violates US law is surprisingly unclear. On the one hand, US law makes it illegal to “conspire to kill, kidnap, maim” someone in another country. Companies that provide military services to foreign nations are supposed to be regulated by the State Department, which says it has never granted any company the authority to supply combat troops or mercenaries to another country. ,p> Yet, as BuzzFeed News has previously reported, the US doesn’t ban mercenaries. And with some exceptions, it is perfectly legal to serve in foreign militaries, whether one is motivated by idealism or money. With no legal consequences, Americans have served in the Israel Defense Forces, the French Foreign Legion, and even a militia fighting ISIS in Syria. Spear Operations Group, according to three sources, arranged for the UAE to give military rank to the Americans involved in the mission, which might provide them legal cover.

A Middle East Monarchy Hired American Ex-Soldiers To Kill Its Political Enemies. This Could Be The Future Of War. [Aram Roston/Buzzfeed]

(Image: Abraham Golan)

19:35

Link [Scripting News]

BloggerCon I participant list. I started with the original OPML file and converted it to a web page. There are duplicates and people who were there who aren't on this list. "It is what it is."

Link [Scripting News]

I posted a note to the 2018 blogroll discussion about the work I did restoring the blogroll from 2003 from the first BloggerCon meetup.

18:56

Slaves - including children - make the bricks for Cambodia's housing bubble [Cory Doctorow – Boing Boing]

Two bedroom apartments in Phnom Penh start at $260,000 -- equivalent to 2,000 years' worth of average annual wages for Cambodia's workers.

But the bricks being used to construct housing in Cambodia's capital are made by people for whom apartments are even more out-of-reach than the average worker: these "blood bricks" are made by indentured slaves (including children), mostly small farmers who got into debt when climate change wrecked their crops and took on consolidation loans in exchange for years of "bonded labor" from brick companies.

The lenders prefer to indenture workers with families: the families can be held as hostages when the borrowers leave their job sites for medical care or other necessities.

Though Cambodia has a fast-growing economy, the fruits of that growth are mostly in the hands of a tiny elite, backed by an autocratic dictator who has mastered the use of Facebook to suppress his opposition by pushing out pro-elite propaganda and exploiting Facebook's "real names" policy to get pseudonymous opponents exiled from the service, and kidnapping and torturing opposition figures who use their real names.

The scope of blood bricks slavery is documented in a new report from Royal Holloway researchers.

Workers reported "respiratory illnesses driven by the inhalation of kiln fumes and brick dust without protective equipment, and limb amputation resulting from unsafe brick-moulding machinery".

When bonded labourers need to seek medical treatment or for other reasons, they must leave without their families to ensure they return, said the report, which was backed by the British government and the Economic and Social Research Council.

"Kiln owners showed a preference for families over single workers as they were apparently less likely to run away," according to the researchers.

Cambodia's labour minister released a statement last week warning businesses, including brick kilns, against using child labour and other forms of exploitation such as debt bondage.

Blood Bricks [Royal Holloway]

Cambodia construction boom built on 'blood bricks' and slavery - report [Jared Ferrie/Reuters]

Deleting Facebook is not enough: without antitrust, the company will be our lives' "operating system" [Cory Doctorow – Boing Boing]

Facebook is the poster-child for the techlash, the worst offender in the monopolistic bunch, and recent books like Antisocial Media: How Facebook Disconnects Us and Undermines Democracy by Siva Vaidhyanathan (previously) and Ten Arguments for Deleting Your Social Media Accounts Right Now by Jaron Lanier present variations on the main critiques of Facebook with some prescriptions for what to do about it.

In his New York Review of Books review of the two titles, Jacob Weisberg identifies the core problem with Big Tech: "big," not "tech." 40 years of antitrust malpractice resulted in abusive arrangements with every industry, abetted by incredible degrees of market concentration. Tech's founders are no worse (and probably no better) than the execs in other companies that have grown to monopolize their sectors, though tech had the "first mover advantage" of coming into existence just as antitrust was being stuffed down the memory hole.

Wesiberg traces much of our woes to the Microsoft antitrust decision: when America decided that there was no antitrust action needed to check a company that had 95% of the operating system market, the whole industry got a wake-up call.

Weisberg argues that merely deleting Facebook and other consumer actions are insufficient to correct the system. To that, I'd add a caution against the simplistic prescription to abolish free services with pay-to-use services: in an increasingly unequal world, a system that makes participation in public life contingent upon ability to pay is not going to produce a more democratic world.

Regulation might make Facebook still more powerful. Network effects, which make a service like Facebook more valuable to users as it grows larger, incline social media companies toward monopoly. The costs of legal compliance for rules like the GDPR, which can be ruinous for smaller start-ups, tend to lock in the power of incumbents even more. Unlike smaller companies, Facebook also has the ability to engage in regulatory arbitrage by moving parts of its business to the cities, states, and countries willing to offer it the largest subsidies and the lightest regulatory touch; it recently shifted its base of operations away from Ireland, where it had gone to avoid taxes, so that 1.5 billion users in Africa, Asia, Australia, and Latin America wouldn’t be covered by the GDPR. Zuckerberg and Sandberg have both said they expect regulation and would welcome the right kind—presumably regulation compatible with more users, more engagement, and more data.

What Facebook surely would not welcome is more vigorous antitrust enforcement. Blocking Facebook’s acquisitions of Instagram and WhatsApp were the best chances for the FTC to prevent the behemoth from becoming an ungovernable superpower. Reversing those decisions through divestiture or at least preventing these platforms from sharing customer data would be the best way to contain Facebook’s influence. At a minimum, the company should not receive approval to acquire any other social networks in the future.

But current antitrust doctrine may not be up to the task of taking on Facebook or the other tech leviathans. The problem is not establishing that Facebook, with 77 percent of US mobile social networking traffic, has a monopoly. It’s that under the prevailing legal standard of “consumer harm,” plaintiffs need to show that a monopoly leads to higher prices, which isn’t an issue with free products. When the Clinton-era Justice Department sued Microsoft in 1998, it argued the case on the novel grounds that the software giant was abusing its Windows monopoly to stifle innovation in the market for Web browsers. There is evidence that Facebook too has tried to leverage its monopoly to preempt innovation by copying its more inventive competitors, as when Instagram cribbed “Stories” and other popular features from Snapchat.

The Autocracy App [Jacob Weisberg/NY Review of Books]

(via Naked Capitalism)

Nobel-winning economist Joe Stiglitz on how the US economy became a "rigged, inherited plutocracy" and how to fix it [Cory Doctorow – Boing Boing]

Writing in Scientific American (!), Nobel-prize-winning economist Joseph E Stiglitz (previously) describes the US economy as an "inherited plutocracy" that's "rigged" to shift an ever-greater share of the national wealth to the very richest people: Stiglitz blames the rigging on Ronald Reagan's dismantling of antitrust enforcement, inheritance tax, and other progressive measures 40 years ago -- and says that the orthodox economic apologists for economists who attribute inequality to globalism or other factors are wrong and unsupported by evidence.

Stiglitz describes how concentrating wealth in fewer hands means that it's easier for the wealthy in America to collaborate to get laws and regulations (anti-labor laws, free trade laws, limits to corporate liability, etc) passed that make them even richer, creating a "feedback loop" that drives ever-greater levels of inequality and with it, misery, desperation and sickness and death for the economic losers, who comprise an ever-larger group of the population.

Stiglitz also dismisses the economists who claim that inequality is the price we pay for growth, showing that inequality reduces GDP and national wealth -- and showing that broadly shared prosperity is an engine of growth that makes the nation better off as a whole, at the expense of a few mansions and super-yachts for the super-rich.

He finishes with a prescription for righting America's wrongs: campaign finance reforms; an end to the "revolving door" between government service and lobbying; progressive taxation; educational spending and universal access to university; a restoration of competition law; labor laws that increase unionization; limits on corporate executive compensation; strong finance laws; antidiscrimination laws that protect racial minorities, women and others; and "sensible inheritance laws;" universal retirement benefits; guaranteed "access to health care"; and reform of urban housing policies to "ensure affordable housing for all".

It is a long agenda—but a doable one. When skeptics say it is nice but not affordable, I reply: We cannot afford to not do these things. We are already paying a high price for inequality, but it is just a down payment on what we will have to pay if we do not do something—and quickly. It is not just our economy that is at stake; we are risking our democracy.

As more of our citizens come to understand why the fruits of economic progress have been so unequally shared, there is a real danger that they will become open to a demagogue blaming the country's problems on others and making false promises of rectifying “a rigged system.” We are already experiencing a foretaste of what might happen. It could get much worse.

The American Economy Is Rigged [Joseph E. Stiglitz/Scientific American]

(via Naked Capitalism)

18:49

casual cruelty [WIL WHEATON dot NET]

Someone looked at a post I wrote on my blog about taking some time and making an effort to go out and look at the stars, and decided to do […]

18:14

PostgreSQL 11 released [LWN.net]

The PostgreSQL 11 release is out. "PostgreSQL 11 provides users with improvements to overall performance of the database system, with specific enhancements associated with very large databases and high computational workloads. Further, PostgreSQL 11 makes significant improvements to the table partitioning system, adds support for stored procedures capable of transaction management, improves query parallelism and adds parallelized data definition capabilities, and introduces just-in-time (JIT) compilation for accelerating the execution of expressions in queries." See this article for a detailed overview of what is in this release.

17:56

Accused Pirate Can’t Escape Liability By Pointing at a Family Member Without Detail [TorrentFreak]

More than eight years ago, German citizen Michael Strotzer was the subscriber of an Internet connection from where an audiobook was made available on a peer-to-peer network.

The copyright holder, Germany company Bastei Lübbe AG, was not pleased and demanded that he stop the infringing activity.

This later escalated to a full-blown lawsuit in which the publisher demanded damages. Strotzer, however, denied that he had personally shared the work. While his network was secure, he noted that his parents, who lived at the same address, had access to his network.

The defendant, however, did not provide any further details as to where and when his parents used his connection.

The court initially dismissed the action against Strotzer on the grounds that the copyright infringement could not be directly attributed to him, since his parents could also have shared the audiobook.

In response, Bastei Lübbe filed an appeal with the Regional Court of First Instance in Munich. Here it eventually hit a roadblock.

Strotzer denied that he shared the pirated content. At the same time, German law protects the fundamental right to protection of family life, which means that he didn’t have to provide detailed information on other family members.

Faced with this dilemma, the Munich court referred the case to the Court of Justice of the European Union (CJEU) for guidance, which came in today.

Siding in large part with an earlier opinion from EU Advocate General Szpunar, the CJEU ruled that the right to protection of family life doesn’t shield Internet subscribers from liability.

“The Court considers that a fair balance must be struck between the various fundamental rights, namely the right to an effective remedy and the right to intellectual property, on the one hand, and the right to respect for private and family life, on the other.

“There is no such fair balance where almost absolute protection is guaranteed for the family members of the owner of an internet connection, through which copyright infringements were committed by means of file-sharing,” the CJEU adds.

The CJEU notes that if a defendant can’t be required to provide evidence on which member of the household carried out the infringement, the fundamental rights of copyright holders are at stake.

That said, it remains up to national courts to determine whether there are other options through which the true pirate can be identified.

The case now goes back to the Munich court. Based on the CJEU’s decision and the comments that were made previously, there is a high possibility that Strotzer will be held liable. Unless there is other evidence pointing to the real infringer, of course.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

17:49

View From a Hotel Window, 10/18/18: Los Angeles [Whatever]

Dig that crazy sculpture down at the bottom left. I got in to my hotel SUPER early and they had exactly one room to give to me. Fortunately, one room was all I needed.

Tonight: Los Angeles! Downtown! The Last Bookstore! 7pm! Be there and bring everyone you know. It’s easily reachable through public transportation! Right by the Pershing Square stop!

Tomorrow: San Francisco, and the event is at Borderlands Books, one of my favorite bookstores in the country. Come on down and see me!

17:28

City of Seattle's official tow partner impounded a homeless woman's stolen car and wanted $21,634 to give it back [Cory Doctorow – Boing Boing]

Update: An earlier version of this article misidentified Dick's Towing of Everett as the Dick's Towing of Seattle involved this this story. I apologize to Dick's of Everett for the error.

Seattle is in the grips of a dire housing emergency (though the city has money to burn when it comes to subsidizing multi-billion-dollar sports teams); Amanda Ogle is one of the many people in Seattle living out of a car, in her case, a 1991 Camry.

Ogle's car was stolen, abandoned, and towed by Dick's Towing to an impound lot with a fee owing of $427 (which Ogle couldn't afford); Dick's Towing (sister company to Lincoln Towing, the City of Seattle's official towing partner) gave Ogle the wrong paperwork to give to the Seattle cops, creating a delays that sent Ogle to court, where she represented herself against Dick's. The court ordered her car returned, but Dick's had already sold off Ogle's car (which was also her home) for $150.

Ogle got a lawyer who represents poor people, they sent Dick's a letter, and Dick's got her car back, but refused to return it to her unless she promised not to sue them for screwing her over. Then they started charging her $75/day ($2300/month, "enough to rent the 27-year-old car its own apartment with granite countertops in a downtown high-rise") to store the car because she refused.

Finally, after the bill had hit $21,634, a judge ordered Dick's to pay $2,000 for every day that that her car was not returned to her. More than a year later, Dick's finally gave her car back.

Instead, Ogle found the Northwest Consumer Law Center, a tiny two-lawyer shop formed in Seattle recently to help the poor with consumer problems. An attorney there, Eggers, sent Lincoln a letter citing the judge’s order and asking for damages. Lincoln responded that it had bought the car back and Ogle could have it — but only if she first released any claims against the companies.

“So basically they were using the car as leverage to get out of any liability,” Eggers said. “The car is Amanda’s home, and it was the middle of winter. But to them it’s a bargaining chip.”

Lincoln then played tow-company hardball. The company started gouging her $75 per day to store the car. That’s $2,300 per month — enough to rent the 27-year-old car its own apartment with granite countertops in a downtown high-rise. By Monday, the bill, with tax, had reached $21,634.

“Additional fees may apply,” it says helpfully at the bottom.

But that day, Ogle went before another judge and asked him to hold Lincoln in contempt. The two sides had incredibly filed 21 different pleadings totaling more than 300 pages. Lincoln, in its filing, said that it had gone to “extraordinary lengths” to return the car to Ogle — by which it means offering her $1,000 to drop her lawsuit last spring.

A $21,634 bill? How a homeless woman fought her way out of tow-company hell [Danny Westneat/Seattle Times]

(via Naked Capitalism)

(Image: Road One Seattle)

GDPR: Good for privacy, even better for Google's dominance [Cory Doctorow – Boing Boing]

The European Union's General Data Protection Regulation is a gnarly hairball of regulation; on the one hand, it makes it virtually impossible to collect mountains of data and buy/sell/trade/mine it to a corporation's heart's content; on the other hand, it imposes a ton of expensive compliance steps on its targets like high-cost record-keeping, and it apportions liability to website operators whose advertisers are out of compliance with the regulation.

Here's what that means: obeying the GDPR is hard and expensive; if you use an ad service that screws up its GDPR systems, you can end up on the hook financially for very large damages.

These twin factors -- expensive compliance and liability for publishers with out-of-compliance ad-brokers -- has enhanced Google's business at the expense of its smaller competitors. The massively profitable, dominant Google can easily afford best-of-breed compliance, while the little competitors (including the scrappy Made-in-Europe competitors to Google) don't have the same kind of resources. Some of these little guys just go out of business (or exit the EU market), and the remainder struggle to drum up business as publishers ask themselves whether they're willing to risk costly penalties if their little-guy ad-broker turns out to be out-of-compliance.

But there's good news, too: the amount of tracking in the EU has fallen off a cliff!Making web publishers responsible for the behavior of their ad partners has radically reduced the number of companies a publisher can vet, and thus how many trackers will appear on any given page.

It's an important and timely parable about the way that regulation works in a highly concentrated market. The EU could have used antitrust law to break up Google and the other tech giants, but instead they opted to deputize companies (web publishers, primarily) to vet ad brokers, and to make ad brokers engage in costly record-keeping, which had the effect of making the market less competitive and more concentrated.

The irony is that the EU's privacy rules were largely prompted by anxiety about Big Tech's massive scale and the way that allows it to abuse its power and influence policy. If you think Google is a problem in 2018, just give it a decade with no competitors in the EU -- you're not going to like the results.

The reason this all matters now is that the EU is about to do this again, times a thousand: the new Copyright Directly imposes hundreds of millions of dollars in costs on platforms, forcing them to build black-box algorithms that censor anything that appears in a crowdsourced blacklist of copyrighted works. It's backed by the giant European content barons, who've convinced the artists they exploit represent that this is in their interests, somehow. The new Copyright Directive is going to immediately destroy every potential challenger to Big Tech, especially the local European platforms.

Artists could get a better deal by backing measures that force Big Tech to pay its taxes, by lobbying for breakup of both the concentrated tech sector and the concentrated entertainment sector, and by pushing for a restoration of arts funding and the social safety net (including free university and college) that frees people to pursue artistic pursuits.

The Copyright Directive will definitely transfer a few hundred million from Big Tech's balance sheets to Big Content's balance sheets -- but artists aren't going to see much if any of that, and the share artists take home will continue to decline for so long as the big companies are allowed to grow bigger and choke out competitors.

One thing is certain: Google benefits indirectly from the effects of the GDPR, which led the online advertising market in Europe to become more concentrated, as the majority of advertisers lose market share. Google seems to have successfully taken advantage of the uncertainty around GDPR to further solidify its leading market position. On the other hand, many smaller competitors have been steadily losing market share since the GDPR came into effect.

A similar trend can be seen when looking at the entire tracker landscape in the EU: The average number of trackers per page has dropped by almost 4% from April to July. The opposite is true in the US: there, the average number of trackers per page has increased by 8 percent over the same period.

Study: Google is the biggest beneficiary of the GDPR [Björn Greif/Cliqz]

Just As Expected: GDPR Has Made Google Even More Dominant In Europe [Mike Masnick/Techdirt]

17:21

Link [Scripting News]

What I want most -- a list of people who were at BloggerCon I. I'm always surprised by people who were there that I have no recollection of. For me it was a whirlwind, huge fun of course, but few distinct memories.

Link [Scripting News]

Terry Heaton on what BloggerCon means to him.

17:14

Richard Stallman - « ¿El software que usas deniega tu libertad? » (Madrid, Spain) [Events]

Richard Stallman hablará sobre las metas y la filosofía del movimiento del Software Libre, y el estado y la historia del sistema operativo GNU, el cual junto con el núcleo Linux, es actualmente utilizado por decenas de millones de personas en todo el mundo.

Esta charla de Richard Stallman formará parte del III Foro de la Cultura (2018-11-09–11). no será técnica y será abierta al público; todos están invitados a asistir. Será posible asistir a la charla de Stallman sin registrarse hasta completar el aforo del recinto

Lugar: Espacio Fundación Telefónica, C/ Fuencarral, 3, Madrid, España

Por favor, rellene este formulario para que podamos contactarle sobre futuros eventos en la región de Madrid

Today in GPF History for Thursday, October 18, 2018 [General Protection Fault: The Comic Strip]

Nick and Prof. Wisebottom debate the ethics of Nick's powerful new invention...

16:42

[$] Making the GPL more scary [LWN.net]

For some years now, one has not had to look far to find articles proclaiming the demise of the GNU General Public License. That license, we are told, is too frightening for many businesses, which prefer to use software under the far weaker permissive class of license. But there is a business model that is based on the allegedly scary nature of the GPL, and there are those who would like to make it more lucrative; the only problem is that the GPL isn't quite scary enough yet.

Radical expansion of Australia's national firewall will censor search results and websites [Cory Doctorow – Boing Boing]

SOPA has come to Australia: under Communications minister Senator Mitch Fifield's Copyright Amendment (Online Infringement) Bill 2018, rightsholders will be able to tell search engines which results they are allowed to show users, and will expand the country's censorship system ("copyright blocking orders") by allowing rightsholders to have any website censored by claiming it is a "mirror" of an already-blocked site, without having to show evidence for their claims.

Two major media companies -- Foxtel and Village Roadshow -- are behind the measure. They are already the major users of Australia's copyright censorship system.

Currently, if a copyright owner wants to block a new mirror or proxy site, under the current rules it is subject to judicial oversight. One of the early points of conflict between rights holders and telcos was over the issue of a “rolling injunction” to deal with new avenues of access to sites. The court rejected a push to allow rights holders to have ISPs block additional domains, URLs or IP addresses simply by issuing a notice to a telco already subject to an injunction.

Fifield’s statement hints that the government will allow copyright owners to avoid returning to court if they want to block new proxies and mirrors. Entertainment companies have indicated they are keen to find ways to minimise the court costs associated with anti-piracy injunctions.

New anti-piracy laws to target search engines [Rohan Pearce/Computerworld]

15:56

Stable kernels 4.18.15, 4.14.77, and 4.9.134 [LWN.net]

Greg Kroah-Hartman has announced the release of the 4.18.15, 4.14.77, and 4.9.134 stable kernels. As usual, there are important fixes throughout the tree and users should upgrade.

Security updates for Thursday [LWN.net]

Security updates have been issued by Arch Linux (chromium, libssh, and net-snmp), Debian (libssh and xen), Fedora (audiofile), openSUSE (axis, GraphicsMagick, ImageMagick, kernel, libssh, samba, and texlive), Oracle (java-1.8.0-openjdk), Red Hat (java-1.8.0-openjdk, rh-nodejs6-nodejs, and rh-nodejs8-nodejs), SUSE (binutils and fuse), and Ubuntu (paramiko).

Anaheim's living wage ballot measure pits big corporate donors against union money [Cory Doctorow – Boing Boing]

Disney is Anaheim's largest employer and the city is something of a company town, with Disney exerting massive influence on the city government and engaging in strong-arm tactics to suppress media reports of the dirtiest of its deals, whereby the city financed much of the company's building projects and expansions while extending massive tax breaks.

The times are changing: a less-Disney-friendly Anaheim city government, coupled with a high profile campaign for a $15 wage, pushed the company to offer across-the-board raises to its hourly staff, whose stories of homelessness and precarity had become a national symbol of the way giant corporations had shifted the distribution of profits from workers to shareholders.

The Anaheim City Council is up for re-election and Disney is -- unsurprisingly -- a massive spender in the race, accounting for 23% of the eye-popping $4.3 million spent so far in the small Southern California city.

But Disney's power is being checked by the union that represents its workers, who have spent even more -- 34% of the campaign contributions.

The juiciest target is Measure L, a living wage ballot proposition that will force local businesses to promise to pay a "living wage" as a condition of receiving municipal subsidies -- in other words, if you're going to take taxpayer money to subsidize your business, you can't pay your workers so little that they end up on tax-funded benefits just to survive.

Disney and the Anaheim Chamber of Commerce bitterly oppose the measure.

Most of the donations to support the living wage measure have come from unions, including the United Food and Commercial Workers and Unite Here, which represents employees of hotel, restaurants, airports and sports arenas.

The measure would require those businesses that get a city subsidy to pay workers an hourly wage of at least $15 starting in January, increasing $1 per hour each year until 2022, when the wage would then be tied to the cost of living.

“We are the ones that make the magic in the city,” Briceno said. “We need a louder voice.”

Disney and labor unions are spending big on Anaheim's 'living wage' measure and council races [Hugo Martin/LA Times]

A streaming Jack-O-Lantern is your Halloween "Ghoul Log" [Cory Doctorow – Boing Boing]

This Decorative Gourd Season, you can soothe your anxiety with a perpetual streaming video wallpaper in the form of a "Ghoul Log" (like a yule log, gettit?) from the good people at Shudder.

15:49

Link [Scripting News]

Terry Heaton sent a note yesterday reminding me that the original BloggerCon was held in October 2003, in other words, exactly 15 years ago this month. We missed the actual days, which I can infer from my blog was October 4 and 5. Unfortunately the first archive.org snapshot of the BloggerCon home page was in 2004, when were getting ready for BloggerCon III at Stanford. I'm going to keep looking on my servers and backups for data about the first BloggerCon. I'm going to archive that as I started archiving the old userland.com websites last month.

Link [Scripting News]

I switched away from the Knicks season opener to watch the ALCS playoffs for a few minutes. When I came back the Knicks had set a record for the most points in a 2nd quarter by any Knicks team. Yes the Hawks suck. But still.. Could this Knicks team be a winner? Failing that could they at least be fun? It's been so long, 2012 to be specific, since the Knicks were fun to be a fan of. Meanwhile over in Houston, the Rockets have the Curse of Carmelo. I feel sorry for the old man. I really do. He was the heart of the Knicks for so long. Hate to see him become a journeyman, the way he made Jeremy Lin leave home. I guess what goes around comes around applies. Funny coincidence, Lin, who now comes off the bench for the Hawks, played in last night's game at the Garden. He was a bit rusty at first, but the old magic is still there, you can see it.

15:42

After reporting a non-responsive program to Windows Error Reporting, why does the process spawn a suspended child process? [The Old New Thing]

A customer observed that when they try to close a program as not responding, Windows Error Reporting kicks in, which is not unexpected. But what is unexpected is that a new process is created that is a child of the original process (as reported by Process Explorer), and the child is suspended. "Why does werfault.exe create this child process?"

This suspended child process is a snapshot of the original. Windows Error Reporting creates this snapshot and uses the snapshot to generate the error report. The original process is allowed to continue executing so that it can exit (and possibly restart) normally.

The snapshot process does not have any running threads, but it has a copy of the original process's virtual memory, handles, thread IDs, stacks, and other information necessary to create an error report. Generating an error report take time, and Windows Error Reporting uses a snapshot so that the original process can get on with exiting.

Bonus chatter: This new behavior means that you don't have to wait for Windows Error Reporting to do its thing before it restarts the application. The "process seeing its own dead body" problem is mitigated by making sure that the snapshot doesn't own any resources. When programs look for already-executing copies of themselves, it's usually done by looking for windows or named kernel objects. Sometimes it's done by recording the process ID of the first instance somewhere, and having the second copy look it up. But the snapshot process owns no windows or kernel objects, and its process ID is not the one that got recorded. so it is comparatively unlikely to be mistaken for the real thing.

14:07

Petter Reinholdtsen: Release 0.2 of free software archive system Nikita announced [Planet Debian]

This morning, the new release of the Nikita Noark 5 core project was announced on the project mailing list. The free software solution is an implementation of the Norwegian archive standard Noark 5 used by government offices in Norway. These were the changes in version 0.2 since version 0.1.1 (from NEWS.md):

  • Fix typos in REL names
  • Tidy up error message reporting
  • Fix issue where we used Integer.valueOf(), not Integer.getInteger()
  • Change some String handling to StringBuffer
  • Fix error reporting
  • Code tidy-up
  • Fix issue using static non-synchronized SimpleDateFormat to avoid race conditions
  • Fix problem where deserialisers were treating integers as strings
  • Update methods to make them null-safe
  • Fix many issues reported by coverity
  • Improve equals(), compareTo() and hash() in domain model
  • Improvements to the domain model for metadata classes
  • Fix CORS issues when downloading document
  • Implementation of case-handling with registryEntry and document upload
  • Better support in Javascript for OPTIONS
  • Adding concept description of mail integration
  • Improve setting of default values for GET on ny-journalpost
  • Better handling of required values during deserialisation
  • Changed tilknyttetDato (M620) from date to dateTime
  • Corrected some opprettetDato (M600) (de)serialisation errors.
  • Improve parse error reporting.
  • Started on OData search and filtering.
  • Added Contributor Covenant Code of Conduct to project.
  • Moved repository and project from Github to Gitlab.
  • Restructured repository, moved code into src/ and web/.
  • Updated code to use Spring Boot version 2.
  • Added support for OAuth2 authentication.
  • Fixed several bugs discovered by Coverity.
  • Corrected handling of date/datetime fields.
  • Improved error reporting when rejecting during deserializatoin.
  • Adjusted default values provided for ny-arkivdel, ny-mappe, ny-saksmappe, ny-journalpost and ny-dokumentbeskrivelse.
  • Several fixes for korrespondansepart*.
  • Updated web GUI:
    • Now handle both file upload and download.
    • Uses new OAuth2 authentication for login.
    • Forms now fetches default values from API using GET.
    • Added RFC 822 (email), TIFF and JPEG to list of possible file formats.

The changes and improvements are extensive. Running diffstat on the changes between git tab 0.1.1 and 0.2 show 1098 files changed, 108666 insertions(+), 54066 deletions(-).

If free and open standardized archiving API sound interesting to you, please contact us on IRC (#nikita on irc.freenode.net) or email (nikita-noark mailing list).

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

12:49

Government Perspective on Supply Chain Security [Schneier on Security]

This is an interesting interview with a former NSA employee about supply chain security. I consider this to be an insurmountable problem right now.

12:14

The Theater of the Mind [The Daily WTF]

Hamza has some friends in the theater business. These friends had an in-house developed Java application to manage seating arrangements, and they had some problems with it. They had lots of problems...

12:00

Four short links: 18 October 2018 [All - O'Reilly Media]

Git Playbook, Lessons Learned, Neural NLP, and Landscape Generation

  1. Flight Rules for Git -- the hard-earned body of knowledge recorded in manuals that list, step-by-step, what to do if X occurs and why. Essentially, they are extremely detailed, scenario-specific standard operating procedures. What to do after you shoot yourself in the foot in interesting ways with Git.
  2. Lessons Learned from Creating a Rich-Text Editor with Real-Time Collaboration -- This article describes how we approached the problem and what challenges we had to overcome in order to provide real-time collaborative editing capable of handling rich text. Check it out if you are interested in: learning what problems you may face when implementing real-time collaborative editing, building a rich-text editor with support for real-time collaboration, and how we approached collaborative editing in CKEditor 5.
  3. A Review of the Recent History of Natural Language Processing -- This post will discuss major recent advances in NLP focusing on neural network-based methods.
  4. Landscape -- software that builds the Cloud-Native Computing Foundation's landscape of products.

Continue reading Four short links: 18 October 2018.

11:42

The Big Idea: K. Bird Lincoln [Whatever]

In today’s Big Idea, we learn of the tomb of a surprising person in a surprising location, and how K. Bird Lincoln used it to think about the world and characters she created in her new novel, Black Pearl Dreaming.

K. BIRD LINCOLN:

I grew up Lutheran in a mostly white church in Cleveland, Ohio. Imagine my surprise twenty years ago in Tokyo when my then-boyfriend’s kooky uncle leaned across the dinner table, bathing me in whiskey sour breath and said, “Hey, I’m from Shingo-mura, the town in Aomori that has Jesus’ Tomb.”

Right. For sure. Smile. Take another sip of beer.

I’d been told weirder things before, so I brushed it off. Only, the whole “Jesus’s Tomb” thing wouldn’t let go of me. Once Google became popular around 2002 that drunken phrase niggled at my brain cells until I caved and dropped down a rabbit hole of weirder-than-fiction history.

Kooky uncle’s surname, Herai, is actually quite unique in Japan. The Google rabbit hole revealed the theory it’s a Katakana-pronunciation version of “Hebrew” in Japanese. Regardless of what you believe, TripAdvisor lists “Christ’s Grave” as the number one “Thing to Do” in Shingo-mura. The city has a page that explains the whole history in English. TLDR: Jesus escaped Golgotha across Siberia, went to Northern Japan, changed his name to Daitenku Taro Jurai, married a farmer and had three daughters.

Huh. That wasn’t in my Sunday School class. My first instinct was affront, derision, disbelief. How could a country like Japan presume to claim Jesus? They couldn’t just steal him from centuries of Western tradition, culture and religion with an absurd story!

Fast forward a decade and I’d lived in Japan, had children, traveled widely, and experienced many ways in which U.S. culture has appropriated Asian cultural heritage in equally absurd ways. My children are biracial Japanese-Caucasian, and at the time I wrote the Urban Fantasy Dream Eater, there weren’t many multi-racial heroines represented in fantasy genres I read the most.

Believe me, I know exactly how fine a line I would walk presuming to write about Japanese culture from an insider perspective. So, I didn’t. The Portland Hafu series is based in “third nation” cultural identity: the shared habits, experiences, and traditions created at the intersection of two or more peoples.

Like my daughters who must feel awkward and guilty both at the Hiroshima Memorial and Pearl Harbor. Like Koi Pierce Herai in Dream Eater’s sequel, Black Pearl Dreaming, who is both U.S. and Japanese, and a mix of human and creature of the myth-based Kind.

The Big Idea is this: The people who wrestle every day with what to take and what to ignore from their cultural heritages, whose outside perspective even in the country of their birth, are the ones who will save the world.

Claiming Jesus is buried in a small town in Aomori may be absurd, but it does not perpetuate derogatory stereotypes or bring moral harm in a racist or sexist manner to Lutherans (or even Jews.) In Black Pearl Dreaming, Koi travels to Aomori and rightly ignores the Grave of Christ to focus on bigger issues. She contends with tricky, racist wounds still festering from the World War II Japanese invasion of Manchuria and the U.S.’s use of the Atomic Bomb. What do we owe those we’ve harmed in war? What if the harm inflicted allows the survival of a people? Who is qualified to judge the balance of good or evil? Or forgive.

When the stakes are high, it is those who are fluid with their identity, who cannot force their round pegs into one solid square nationalistic shape, that have the meta perspective necessary to empathize with all sides.

Regardless of your politics, the times are calling for more empathy, more understanding of disparate points of view. It’s the interstitial and the third nation folks who may hold the key to humanity’s ultimate survival.

—-

Black Pearl Dreaming: Amazon|Barnes & Noble|Indiebound|Kobo

Read an excerpt. Visit the author’s page. Follow her on Twitter.

10:42

Work that matters for people who care [Seth's Blog]

That’s the actual title for my new book.

Or maybe it’s, “people like us do things like this.”

It’s technically called, “This Is Marketing.”

It’s about modern marketing, the way we spread ideas when we care enough to do it with respect, empathy and humility.

It’s on sale now, and ships in November. It might change things. Because that’s what marketers do.

10:28

What operations professionals need to know to fuel career advancement [All - O'Reilly Media]

O’Reilly’s new survey reveals the latest operations salary trends, and the skill sets that will keep your operations career on track.

O’Reilly conducted a recent survey[1] of operations professionals, and the results offer useful information and insights to empower your career planning. As you’d expect, the survey revealed that respondents put emphasis on their salaries when evaluating their careers, but they also pay close attention to company and team attributes, job activities, role responsibilities, and evolving skill set requirements.

How operations salaries add up

Survey results show that in 2018, the median annual salary for operations professionals clocks in at $90,000. Salary increases with age and experience: someone with more than 20 years of experience can earn a median income of around $123,000.

Figure 1. Operations salaries by years of experience. Image credit: O'Reilly.

The company, team, and industry all make a difference

The larger the company, the more you should expect to earn. For example, the median salary for companies employing two-to-100 people is slightly more than $78,000. Jump to companies with more than 10,000 employees and the average income rises to $114,000. Interestingly, the age of a company is not a huge factor in determining compensation.

Team size, however, does make a difference among survey respondents. The general trend is that the larger the team size, the higher the median salary. Keep in mind that joining a bigger team does not necessarily equate to a pay increase. Larger teams usually mean more senior team members, team leads, and an established hierarchy. Increased responsibility generates increased compensation.

The industry where you work does affect compensation. About a third of survey respondents work in the software industry, and they report a median salary of $95,000. Operations professionals working for high-paying health care and medical companies see a median salary of $113,000.

Where time spent impacts dollars earned

It seems the more coding you do as part of your job, the less you earn. For survey respondents who code one-to-three hours per week, the median salary is around $94,000. Spend 20 hours or more per week on code tasks and the median salary drops to $82,000. You can attribute this to several factors. One, as you become more senior in your organization, increased responsibilities leave less time for coding. And two, if you are part of an organization with many coders, both entry-level staff and interns bring down the median salary.

For those not fond of attending meetings, here’s a survey result you might not want to see: the more time you spend in meetings, the higher the median salary. Those who spend more than 20 hours per week in meetings have a median salary of $140,000. Of course, meetings can be a proxy for responsibility, so booking yourself into every optional meeting will not increase salary automatically.

Speaking the same programming language

Scripting languages are the most popular programming languages among respondents, with Bash being the most used (66% of respondents), followed by Python (63%), and JavaScript (42%).

Go is used by 20% of respondents, and those who use Go tend to have one of the higher median salaries at $102,000, similar to LISP and Swift. This could be related to the types of companies that are pushing these programming languages. Google and Apple, for example, are very large companies and, as noted, salary and company size are related.

And what about the operating system in which respondents work? Linux tops the charts at 87% usage. Windows is also used frequently (63%), often as a mix between workstations and servers, and in some cases as a front end for Linux/Unix servers.

Education pays

Computer science, mathematics, statistics, and physics are the top fields of study for operations professionals. Advanced degrees do have a positive impact on salary. The median salary among respondents for those with a master’s is $82,000, whereas a doctorate garners a median salary of $98,000.

Planning your next operations career move

One third of survey respondents agree that the next best step to career advancement is to learn a new skill or technology. This makes sense, as the technology landscape is evolving quickly and you need to acquire new skills to keep up.

Wanting to work on more interesting or important projects is a motivator for career change among some respondents (25%), as is the desire to move into leadership roles (15%). Only 12% of respondents want to switch companies.

Other things respondents keep top of mind when pondering their operations career paths include non-monetary compensation such as job flexibility, work-life balance, location, and company culture.

Looking for more data to guide your career development? Download the 2018 Annual IT/Ops Salary Survey for free.


Continue reading What operations professionals need to know to fuel career advancement.

09:21

Australia Targets Google With Tough New Anti-Piracy Law [TorrentFreak]

Section 115a of Australia’s Copyright Act allows copyright holders to apply for injunctions that force ISPs to prevent subscribers from accessing ‘overseas online locations’ that facilitate access to infringing content.

The legislation has been used on a number of occasions since its adoption in 2015 and as a result, dozens of notorious pirate sites are now inaccessible via regular means. However, pirate sites are often quick to adapt, with mirrors, proxies and other sites popping up to reactivate access.

Additionally, search engines – Google in particular – provide a handy reference guide for those looking for these kinds of resources. The entertainment industries are therefore keen to plug this loophole, to ensure that their web-blocking efforts are as effective as possible. That has resulted in the publication today of proposed amendments to copyright law.

The aims of the Copyright Amendment (Online Infringement) Bill 2018 are fairly straightforward.

Where existing legislation compels ISPs to prevent access to sites listed in an injunction, the amendments attempt to deal with sites that “have started to provide access to the online location after the injunction is made”, meaning that subsequently appearing mirrors and proxies can be dealt with much more quickly.

Turning to the perceived problems with search engines, the amendments will allow rightsholders to apply for injunctions that will not only target infringing ‘online locations’ but also their appearance in search results.

Companies including Google will be required to “take such steps as the Court considers reasonable so as not to provide a search result that refers users to the online location.” Search providers will also be compelled to deal with the subsequent appearance of mirrors and proxies by ensuring that these don’t appear in search results either.

In a statement published this morning, the Department of Communications offered the following summary.

“The Copyright Amendment Bill will ensure a broader range of overseas websites and file-hosting services widely used for sharing music and movies are within the scope of the scheme, and provide a means for proxy and mirror pirate sites to be blocked quickly,” the statement reads.

“The amendments will also further empower copyright owners to seek Federal Court orders requiring search results for infringing sites.”

That search engines are being targeted in this manner is not a surprise. Entertainment industry groups everywhere believe that Google has become a key part of the piracy problem and rhetoric has at times been scathing, particularly in Australia where Village Roadshow chief and outspoken piracy critic Graham Burke has continually slammed the company.

In a TV interview with Sky News Australia yesterday, Burke said that site-blocking is working to an extent but is being undermined by the actions of Google.

“It’s been very effective because the traffic to the blocked sites is down 53% and that’s extremely gratifying. But it should be down 90% and the reason it’s not down 90% is because Google are saying ‘Hey, the front door’s been shut but hey folks, here’s the back door, we’ll lead you round to the backdoor’. In so doing, actually – in my view – they’re facilitating crime,” Burke said.

The Village Roadshow chief added that Google is helping people to circumvent the legislation of the Australian Government and is making it very easy for people to “break the will of the Australian Parliament and Australian courts.”

“If you Google in ‘Watch Mad Max Fury Road’ up will come a whole raft of pirate sites. [Google are] taking people to the proxies, to the mirror sites, of the pirates and they’re doing it unashamedly,” he said.

“Google have no interest in Australian jobs, Australian culture, and the Australian economy. They make protesting noises but it’s a sham.”

Google already and voluntarily demotes pirate sites in search results based on the number of DMCA notices it receives against them. However, should this legislation be adopted, it will be required to remove references to them completely following an injunction, at least in the Australia-facing parts of its service.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Feeds | Vision and Plans for Curriculum Development with The Carpentries [Planet GridPP]

Vision and Plans for Curriculum Development with The Carpentries s.aragon 18 October 2018 - 9:24am

By François Michonneau, Erin Becker, and Tracy Teal. The Carpentries has seen a growing interest in individuals, research groups, and institutions wanting to develop lessons for their own domain of research. We are very excited by the potential brought by this growth. Diversifying our lesson offerings means we can extend our reach to new communities, and further disseminate our practices of teaching and collaborative lesson development.

08:42

1236 [LFG Comics]

The post 1236 appeared first on Looking For Group.

1235 [LFG Comics]

The post 1235 appeared first on Looking For Group.

1234 [LFG Comics]

The post 1234 appeared first on Looking For Group.

55 Hours To Go [LFG Comics]

My friends, we’ve got 55 hours left to go in this here Kickstarter, and 4k is the magic number. If we can hit that magical 50k number, you’re giving me the green light to produce another animated musical parody. And […]

The post 55 Hours To Go appeared first on Looking For Group.

1232 [LFG Comics]

The post 1232 appeared first on Looking For Group.

05:28

Getting Gritty With It [Diesel Sweeties webcomic by rstevens]

this is a diesel sweeties comic strip

JUST FYI: I've currently got fewer than 10 Pride of the Resistance pins left!

Not sure when the restock is coming.

02:21

Hey Ho [QC RSS]

I am pleased to announce that the newest Hakase record is done! You can listen to it here and buy a copy if you want! I'm very pleased with how these songs turned out, if you like cute and chill bloops and bleeps it may be your jam! It is also available on itunes, Apple Music, Spotify, Tidal, and whatever other streaming music service you may prefer.

01:42

[$] LWN.net Weekly Edition for October 18, 2018 [LWN.net]

The LWN.net Weekly Edition for October 18, 2018 is available.

00:21

View From a Hotel Window, 10/17/18: Portland [Whatever]

It feels very Portland-y to me.

Also, this is the first photo from the TempPhone™, the phone I’m using for a couple of days until I can get my grubby little hands on a Pixel 3. The TempPhone is basically the cheapest phone they had at the Verizon store, which two generations back would have been a perfectly respectable little phone but now is, well, cheap. I needed a phone for things tomorrow. Let’s just say I’m not getting super-attached.

Tonight: Portland! I will be at the Clackamas Barnes and Noble at 7pm! Come on down and bring everyone you know, it will be more fun than possibly you will know what to do with.

Tomorrow: Los Angeles! I will be at The Last Bookstore in downtown LA at 7pm! It is one of the great urban bookstores! You will love it! And also I will be there. Come on down!

00:14

[$] A new direction for i965 [LWN.net]

Graphical applications are always pushing the limits of what the hardware can do and recent developments in the graphics world have caused Intel to rethink its 3D graphics driver. In particular, the lower CPU overhead that the Vulkan driver on Intel hardware can provide is becoming more attractive for OpenGL as well. At the 2018 X.Org Developers Conference Kenneth Graunke talked about an experimental re-architecting of the i965 driver using Gallium3D—a development that came as something of a surprise to many, including him.

00:07

Facebook under fire as US officials back removal of Zuckerberg [OSNews]

Three state treasurers and a top official from New York have joined a shareholders' motion to install an independent chairman at Facebook, claiming the move would improve governance and accountability. [...] The move comes as Facebook was presented with a new legal challenge. The technology company has been accused of misleading advertisers by inflating the viewing figures for videos on its site. A group of US advertisers launched a fraud claim against the social media giant on Tuesday, stating that it had overstated the average viewing time of advertising videos on the site by between 100 and 900pc before reporting them in 2016.

All tech companies are pretty terrible as far as companies go, but Facebook really seems to be going out of its way to lead the pack. As far as I'm concerned, we shut it down. Would anyone really miss it?

Interface Hall of Shame: QuickTime 4.0 Player [OSNews]

Let me take you back to 25 May, 1999.

One look at QuickTime 4.0 Player and one must wonder whether Apple, arguably the most zealous defender of consistency in user interface design, has abandoned its twenty-year effort to champion interface standards. As with IBM's RealThings, it would seem that appearance has taken precedence to the basic principles of graphical interface design. In an effort to achieve what some consider to be a more modern appearance, Apple has removed the very interface clues and subtleties that allowed us to learn how to use GUI in the first place. Window borders, title bars, window management controls, meaningful control labels, state indicators, focus indicators, default control indicators, and discernible keyboard access mechanisms are all gone. According to IBM's RealThings, and apparently to Apple, such items and the meaningful information they provide are merely "visual noise and clutter". While the graphical designer may be pleased with the result, the user is left in a state of confusion: unable to determine which objects are controls, which are available at any point in the interaction, how they are activated, where they may be located, and how basic functions can be performed.

Looking back, QuickTime 4.0 Player really signaled the end of proper GUI design at Apple. Up until that point, Apple had refined what became known as Platinum to a T - it was a beautifully consistent, logical, easy to use, and pleasant to look at UI. After introducing the world to 'brushed metal', Apple slowly slid downhill - and they've never been able to recover.

Fascinating to look back and read articles such as these, almost 20 years later.

Wednesday, 17 October

22:00

News Post: Real Flavor [Penny Arcade]

Tycho: Once, when we were streaming the creation of the strip on The Tweatch, it came up that beaver assholes are a prized font of delicious vanilla flavor.  Which is sort of true.  Let’s break it down: 1. It’s not the asshole.  It’s some other holes right by the asshole.  Is that better?  Who knows.  2. Squeezing beaver ass every time you want something to taste like vanilla is super inefficient, which is why it’s almost never used for this purpose anyway.  Is that better? Who knows. In any event, the rigid, fragrant anal rods we excrete…

21:56

Texas high-school students can't graduate without watching a video on not triggering snowflake cops [Cory Doctorow – Boing Boing]

The "Civilian Interaction Training Program" is a project of the Texas Commission On Law Enforcement, aimed at teaching children how not to terrify heavily armed, easily-spooked Texas law enforcement officers, who, when triggered, are at risk of murdering children during traffic stops. Reviewing these training materials is mandatory for anyone hoping to receive a diploma from a Texas high school. The bill's author, Texas state senator Royce West, says the curriculum's purpose is to end "distrust for law enforcement."

21:42

Girl Genius for Wednesday, October 17, 2018 [Girl Genius]

The Girl Genius comic for Wednesday, October 17, 2018 has been posted.

20:14

The Humble Book Bundle: Tales of Horror! The horror! The horror!... [Humble Bundle Blog]



The Humble Book Bundle: Tales of Horror! 

The horror! The horror! We’ve teamed up with a spooky host of publishers for a new ebook bundle. Get creepy tales like From Hell, Cold in July, Parasyte Vol. 1-2, Lovecraft’s Monsters, and more.


Assets for Press and Partners

20:07

Steal This Show S04E07: ‘Bangladesh Bank Heist, Part 1 [TorrentFreak]

Had it succeeded, the Bangladesh Bank Heist would easily have been the biggest bank robbery in history.

It was carried out almost entirely in the digital realm, using a variety of exploits and malware, in order to leverage access to the SWIFT banking network and the US Federal Reserve.

In Part One, we look at exactly what happened in the Bangladesh heist, and walk through how it was carried out. To help us through the complex story, we hear from Cheryl Biswas, Strategic Threat Intel Analyst in Cyber Security at a Big Four consulting firm.

After covering the how of the robbery, we consider whether trusted systems like SWIFT can remain secure in an information environment replete with radically heterogeneous, eminently hackable device

Cheryl Biswas wishes to make clear that she speaks here on her own behalf Her views do not represent those of her employer.

Steal This Show aims to release bi-weekly episodes featuring insiders discussing crypto, privacy, copyright and file-sharing developments. It complements our regular reporting by adding more room for opinion, commentary, and analysis.

Host: Jamie King

Guest: Cheryl Biswas

Produced by Jamie King
Edited & Mixed by Lucas Marston
Original Music by David Triana
Web Production by Eric Barch

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Court: ISP’s Lack of Terminations Didn’t Lure Pirating Subscribers [TorrentFreak]

Last year several major record labels, represented by the RIAA, filed a lawsuit against ISP Grande Communications, accusing it of turning a blind eye to pirating subscribers.

According to the labels, the Internet provider knew that some of its subscribers were frequently distributing copyrighted material, but failed to take any meaningful action in response.

Grande refuted the accusations and filed a motion to dismiss the case. The ISP partially succeeded as the claims against its management company Patriot were dropped.

In addition, the vicarious infringement allegations were also dismissed. The court saw no evidence that potential customers would specifically sign up with Grande because it did not police infringing conduct by its subscribers.

The labels disagreed, however, and tried to convince the court otherwise. In May they submitted a motion for leave to file an amended complaint including new evidence obtained during discovery. Among other things, they argued that Grande willingly kept pirating subscribers aboard, to generate more revenue.

This second attempt also failed.

Yesterday, US District Court Judge Lee Yeakel denied the record label’s request to file an amended complaint. He agrees with the earlier recommendation from the Magistrate Judge, who saw no new evidence which shows that ‘pirate’ subscribers were specifically drawn to Grande.

“First, the original Complaint alleged essentially the same or similar facts,” the recommendation reads.

“Second, the new allegations still fail to say anything about the motivations of Grande’s subscribers when they sign up with Grande. That is, Plaintiffs still fail to plead facts showing Grande gained or lost customers because of its failure to terminate infringers.”

The record labels didn’t agree with this recommendation and filed their objections two weeks ago, noting that their claims are more than sufficient. The Magistrate’s report and recommendation lack legal grounds and overlooks important elements, they claim.

“[T]he Report effectively ignores Plaintiffs’ other ground to satisfy the financial benefit element: that Grande profits from known repeat infringing customers to whom it provides ongoing internet service, even despite receiving notice of their infringing conduct,” the labels wrote.

Faced with this objection, District Court Judge Yeakel reviewed the case once more. Yesterday, he concluded that the Magistrate Judge was right, adopting the recommendations in full.

“In light of the objections, the court has undertaken a de novo review of the entire case file. Having considered the motions, responses, replies, objections, the case file, and the applicable law, the court will accept and adopt the report and recommendation for substantially the reasons stated therein,” Judge Yeakel writes.

This is a clear setback for the RIAA labels and a win for Grande Communications. While the case is far from over, Grande’s management company Patriot is not liable for any copyright infringement, while Grande itself only has to defend itself against a contributory infringement claim.

Denied

A copy of US District Court Judge Lee Yeakel’s order is available here (pdf). The RIAA’s earlier onjections can be found here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

19:42

Comic: Real Flavor [Penny Arcade]

New Comic: Real Flavor

18:56

Link [Scripting News]

In Battlestar Galactica, the humans call the Cylons toasters, to remind them they are machines not people. But we know they’re actors, and the actors are actual people, pretending to be machines that look human. It creates an interesting conflict that they explore from every angle.

Why Do-Not-Track browser settings are useless and what to do about it [Cory Doctorow – Boing Boing]

The long fight over Do-Not-Track followed a predictable trajectory: a detailed, meaningful pro-privacy system was subverted by big business, and then published as a "standard" that offered virtually no privacy protections.

Today, turning on the Do-Not-Track setting in your browser does virtually nothing (Medium and Pintrest offer some support, everyone else not so much).

EFF's Privacy Badger blocks ads from companies that don't comply with Do-Not-Track, so running Privacy Badger is a way to give your browser settings some teeth.

The biggest obstacle was advertisers who didn’t want to give up delicious data and revenue streams; they insisted that DNT would “kill online growth” and stymied the process. (You can chart the death of Do Not Track by the declining number of emails sent around on the W3C list-serv.) By the time the debate was winding down at the end of 2013, it wasn’t even about not tracking people, just not targeting them, meaning trackers could still collect the data but couldn’t use it to show people intrusive ads based on what they’d collected. The inability to reach a compromise on what DNT should be led sites like Reddit to declare “there is no accepted standard for how a website should respond to [the Do Not Track] signal, [so] we do not take any action in response to this signal.”

To demonstrate their theoretical support for DNT—or from a more skeptical perspective, to garner some positive press—Google, Microsoft, Apple, Mozilla, and others started offering the “Do Not Track” option in their respective browsers, but absent a consensus around the actions required in response to the DNT:1 signal, these browsers are just screaming for privacy into a void.

“It’s really sad that companies are not listening to their users and put weak and misleading pretexts to not respect their choice of privacy,” said Andrés Arrieta, tech projects manager at the Electronic Frontier Foundation, who attempted in 2017 to breathe life back into Do Not Track by establishing a new standard for what websites should do when they see someone send the DNT:1 signal. (Everyone ignored it.)

'Do Not Track,' the Privacy Tool Used by Millions of People, Doesn't Do Anything [Kashmir Hill/Gizmodo]

(via /.)

18:28

Night of the Living Deals - IGN Night of the Living Deals is... [Humble Bundle Blog]



Night of the Living Deals - IGN

Night of the Living Deals is live on IGN! Get over 100+ discounts including a $20 Humble Wallet credit towards a 12-month Monthly subscription plan!

18:14

[$] Secure key handling using the TPM [LWN.net]

Trusted Computing has not had the best reputation over the years — Richard Stallman dubbing it "Treacherous Computing" probably hasn't helped — though those fears of taking away users' control of their computers have not proven to be founded, at least yet. But the Trusted Platform Module, or TPM, inside your computer can do more than just potentially enable lockdown. In our second report from Kernel Recipes 2018, we look at a talk from James Bottomley about how the TPM works, how to talk to it, and how he's using it to improve his key handling.

Facebook lied: its in-home "Portal" cameras will collect your data [Cory Doctorow – Boing Boing]

Facebook Portal is a camera that is supposed to follow you around your house while you videoconference; the product launch was repeatedly delayed because of the company's string of horrific privacy breaches; when the company finally pulled the trigger on the launch it was at pains to insist that Portal would not collect your data while you used it.

That was a lie.

Portal will spy on you continuously while you use it and that data will be used to target Facebook ads at you later.

But Facebook has since reached out to change its answer: Portal doesn’t have ads, but data about who you call and data about which apps you use on Portal can be used to target you with ads on other Facebook-owned properties.

“Portal voice calling is built on the Messenger infrastructure, so when you make a video call on Portal, we collect the same types of information (i.e. usage data such as length of calls, frequency of calls) that we collect on other Messenger-enabled devices. We may use this information to inform the ads we show you across our platforms. Other general usage data, such as aggregate usage of apps, etc., may also feed into the information that we use to serve ads,” a spokesperson said in an email to Recode.

It turns out that Facebook could in fact use data collected from its Portal in-home video device to target you with ads [Kurt Wagner/Recode]

(Images: Alessio Jacona, CC-BY-SA; Cryteria, CC-BY)

Incoherence, multiplied: Sony announces nebulous "blockchain for DRM" [Cory Doctorow – Boing Boing]

Sony -- whose most notorious DRM foray infected millions of computers with malware -- has announced an incoherent plan to use blockchain to make DRM work, somehow.

Despite Engadget's inexplicable assurance that blockchain as "a DRM tool makes sense and may also help creators keep tabs on their content," there's no detail about how this will actually work, and it's hard to imagine a circumstance in which DRM helps blockchain or vice versa (indeed, given the recent bloodbath in cryptocurrency and blockchain, and the widespread public hostility to DRM, this feels more like tossing an anchor to a drowning victim).

Sony's proposal seems to involve tracking creative works' provenance using a distributed ledger -- presumably you could upload signed hashes of your work at different stages and later prove that you created them. This has nothing to do with DRM and addresses the most rare copyfraud circumstance, in which a plagiarist claims to have made a work that someone else actually created (the commonest copyfrauds are to claim that copyright endures in works that are in the public domain, or to falsely assert copyright infringement, including by ignoring fair use).

Sony also implies that every transaction in which someone buys a creative work will end up in the ledger. This has extremely grave privacy implications, but it also has nothing to do with preventing copyright infringement. People who lawfully acquire copyrighted works have the right to sell them, lend them, and give them away -- and they are not liable if (for example) their data (including copyrighted works) is stolen and released online.

The fact that Sony publishes a list of the reading, viewing and listening habits of every one of its customers does not give it any basis for seeking damages from those customers if works they purchased show up in someone else's hands.

Engadget gets one thing right: Sony is participating in the age-old, time-honored tech practice of using hot buzzwords to reinvigorate shitty ideas. Having lived through "mobile," "P2P," "as a service," "Uber for," "sharing," "open source," and, of course, "AI" as stock-juicing labels for yesterday's worn-out fruit, Sony's "blockchain DRM" is predictable and also a timely reminder that 60% of all conversations about blockchain are nonconsensual.

The way blockchain works allows Sony to track its content from creation through sharing. This means that users of the blockchain DRM tool will be able to see --and verify-- who created a piece of work and when. Sony Global Education is the current focus of the DRM tool, but going forward, the company hints that the rest of its media --including entertainment like music, movies, and virtual reality content-- may be protected the same way.

Sony tries using blockchain tech for next-gen DRM [Kristen Bobst/Engadget]

17:35

Book launches for The Labyrinth Index [Charlie's Diary]

Labyrinth Index cover

Hi! I'm in Toronto right now, and back in Edinburgh next week. Which leads neatly into me announcing the two launches I'm doing for The Labyrinth Index.

North America launch: although the official publication date remains October 30th, Tor have kindly given me the green light for a special event—a reading/signing on October 20th at Bakka Phoenix Books here in Toronto, this Saturday at 3pm. (Facebook event here; bookstore website here.) There will be hardcover copies for sale! (Note that this is the only time/place to buy copies ahead of the official launch on the 30th. It's a one-off preview event.)

UK launch: the UK edition launches on October 30th with a reading/signing in Edinburgh at Blackwells Bookshop on South Bridge, from 6:30pm: event signup page—it's free!—here.

Signed copies will probably be available for order from Bakka Phoenix books, but in limited supply; once I'm back in Edinburgh I will, as usual, be signing stock for Blackwells and also for Transreal Fiction, who are both happy to supply copies by mail.

Today in GPF History for Wednesday, October 17, 2018 [General Protection Fault: The Comic Strip]

Whenever Trudy comes into his office, Fooker's day goes from bad to worse...

17:28

NYT: Saudi Arabia's Prince Charming was Mister Bone Saw all along [Cory Doctorow – Boing Boing]

Everybody knows that Saudi Arabia's Crown Prince Mohammed bin Salman ordered the brutal killing and dismemberment of journalist Jamal Khashoggi (everybody, that is, except the Trumps, who coincidentally do a lot of business with the House of Saud) and the lurid brutality of that murder has prompted calls for western businesses to reconsider their increasingly cozy relationship with Mohammed bin Salman.

MBS's charm offensive over the past year has been the subject of much uncritical reporting from the alleged guardians of the public trust, including the New York Times, who treated "Prince Charming" as a liberalizing reformer, even as he led slaughter in Yemen, mass arrests of journalists and political opposition figures in Saudi Arabia, and other crimes against humanity and human rights abuses.

This whitewashing -- which included public Starbucks visits with Michael Bloomberg, cozy walks with Sergey Brin, and praise in Vanity Fair -- helped open the doors to US business for the brutal regime, promoted by Trump co-conspirator David Pecker, publisher of the National Inquirer, cover-upper of the Stormy Daniels affair, and, eventually, publisher of a glossy magazine lauding the financial upsides of doing business with the Saudis. This helped pave the way for "Davos in the Desert," AKA the "Future Investment Initiative," which is hemorrhaging sponsors and attendees for whom the dismemberment of a journalist is a bridge too far.

But hacking a journalists to pieces with a bone-saw in an embassy is absolutely on-brand for the real Prince MSB, and anyone who paid even cursory attention during his western rehabilitation would have known that: October 2 wasn't an exceptionally murderous day by Saudi standards, and the hacking up of dissidents shouldn't be a surprise to the Bloomberg and his Starbucks date, or Brin and his perambulations, or any of the investors and media companies who signed up to attend "Davos in the Desert."

If anything is to be salvaged from this moment, let it be an end to US complicity in the slaughter in Yemen, which is careering towards a famine whose death-toll will rise to 12-13 million. Bernie Sanders has reintroduced his legislation to take the US out of this Saudi proxy-war. Any lawmaker who condemns the murder of Jamal Khashoggi but won't support the Sanders bill is a mere political point-scorer who doesn't really care about Saudi atrocities.

A.M.I. said it printed The New Kingdom to capitalize on interest in the crown prince’s visit. A more plausible reason emerged when my colleagues and I reported that the publication coincided with A.M.I.’s efforts to strike business deals in Saudi Arabia, which included a meeting there between the company’s chairman, David Pecker, and M.B.S. himself.

None of this is meant to suggest there wasn’t something newsworthy in the crown prince’s moves to reopen theaters and allow women to drive under a more moderate form of Saudi Islam. “I never dreamed I would see that — these are huge deals,’’ said The Times columnist Tom Friedman, who wrote a column praising Crown Prince Mohammad last year, but has also warned that his autocratic side would undercut his efforts if left unchecked.

It’s just that there’s a streak in American journalism to allow glittering narratives about budding authoritarians to obscure less appealing facts.

Reality Breaks Up a Saudi Prince Charming’s Media Narrative [Jim Rutenberg/New York Times]

(via Naked Capitalism)

Unpacking the US's "low unemployment": stagnant wages, bad jobs, high incarceration, discouraged workers back in school [Cory Doctorow – Boing Boing]

The Trump administration is very proud of the US's historically low unemployment figures (lowest in 50 years), but statistics are deceiving, especially labor statistics.

The most obvious fact about the low unemployment numbers is that employment statistics exclude "discouraged workers" who have given up looking for work; the number of discouraged workers is higher than it's been since the 1980s.

The jobs that remain are often not good ones. Wages are stagnant, despite low unemployment (which usually drives wage increases), because trade unions have been weakened and "free trade" deals means that US employers can seek cheaper labor in other countries.

This has driven a large slice of the US workforce back to university in the hopes of getting a better job (even as US tuitions have hit a record highs, and the wage prospects for workers with advanced degrees is declining), exempting them from the workforce participation statistics and artificially inflating the employment numbers.

Finally, America puts people in prison like crazy: the millions of Americans rotting in prison are also not counted in the labor statistics.

This is Trumpian full employment: millions of people chasing precarious, work with starvation wages; millions more in prison, and the rest incurring lifelong student debts from "universities," including outright scams like Trump University.

Of course, Trump can't really take credit for this: as Obama has been at pains to point out, the rise of precarious work and the exit of discourage people from the workforce took part largely on the watch of the Democratic establishment, whose shift from protecting workers to protecting bankers has been a multi-decade, accelerating process.

GREG WILPERT: Okay. And finally, to what extent, if any, do the policies of the Trump administration deserve credit for the drop in the unemployment rate?

GERALD EPSTEIN: Almost none. The one factor that may be contributing to the continued expansion and slight acceleration is the tax cuts. Those will have some kind of fiscal stimulus, even though it’s mostly to the richest people. Plus, there’s a big huge increase in defense spending. And interestingly, that was timed so that it would come online around now before the election, it’s kind of a political-business cycle, as political scientists talk about it. So these huge increases in defense spending and the major tax cuts have probably had a positive effect on getting the economy growing, reducing the unemployment rate a little bit more.

But those things are temporary, and they’re also quite destructive in other ways. The main thing has simply been the fact that the expansion has been very slow over a long period of time, driven mostly by low interest rates. And you can tell that Trump even understands the importance of low interest rates, because he’s been railing against the Fed now that the Fed is trying to raise interest rates. If Trump thought this was something that was due to his policies, he probably wouldn’t put quite so much importance on the Fed and interest rates.

US Unemployment Rate Hits 50-Year Low: What Does the Number Reveal and Conceal? [Greg Wilpert/Real News Network]

(via Naked Capitalism)

17:07

1144: That's Jack's Fault [Order of the Stick]

http://www.GiantITP.com/comics/oots1144.html

16:42

Security updates for Wednesday [LWN.net]

Security updates have been issued by CentOS (tomcat), Debian (asterisk, graphicsmagick, and libpdfbox-java), openSUSE (apache2 and git), Oracle (tomcat), Red Hat (kernel and Satellite 6.4), Slackware (libssh), SUSE (binutils, ImageMagick, and libssh), and Ubuntu (clamav, libssh, moin, and paramiko).

New York Attorney General expands law-enforcement investigation into the bots that killed Network Neutrality [Cory Doctorow – Boing Boing]

The FCC justified its Net Neutrality-killing order by claiming that comments it received showed strong public support for dismantling the rules that stop your ISP from deciding which parts of the internet you get to use; but it was widely reported that the comments in the Net Neutrality docket were flooded by bots that opposed Net Neutrality, using names and personal information from stolen identities of dead people, sitting US senators, journalists and millions of others.

While bot-flooding has become routine in regulatory comments, the Net Neutrality case was especially egregious, in part because FCC Chairman (and former Verizon lawyer) Ajit Pai didn't seem to care that his regulatory proceedings had been taken over by corporate bots, and then actively obstructed law-enforcement efforts to discover who was behind these bots.

The New York Attorney General's office is undeterred by Pai's bot-complicity, and has expanded its investigation into the astroturf campaign, issuing subpoenas for records from a slate of telcoms lobbyists themselves, more than a dozen in all.

“The FCC’s public comment process was corrupted by millions of fake comments—and our investigation found that as many at 9.53 million of those comments stole the identities of real people,” Underwood said in a statement.

“The law protects New Yorkers from deception and the misuse of their identities. And all Americans deserve a fair and transparent process for determining public policy that impacts their daily lives. My office will get to the bottom of what happened and hold accountable those responsible for using stolen identities to distort public opinion on net neutrality.”

New York Attorney General Expands Investigation Into Bogus Net Neutrality Comments [Karl Bode/Motherboard]

(Image: David Saddler, CC-BY)

16:35

Page 46 [Flipside]

Page 46 is done.

16:21

Michal Čihař: wlc 0.9 [Planet Debian]

wlc 0.9, a command line utility for Weblate, has been just released. There are several new commands like translation file upload or repository cleanup. The codebase has been also migrated to use requests instead of urllib.

Full list of changes:

  • Switched to requests
  • Added support for cleanup command.
  • Added support for upload command.

wlc is built on API introduced in Weblate 2.6 and still being in development, you need at least Weblate 2.10 (or use on our hosting offering). You can find usage examples in the wlc documentation.

Filed under: Debian English SUSE Weblate

15:56

Stet, a gorgeous, intricate, tiny story of sociopathic automotive vehicles [Cory Doctorow – Boing Boing]

Sarah Gailey's micro-short-story STET is a beautiful piece of innovative storytelling that perfectly blends the three ingredients for a perfect piece of science fiction: sharply observed technological speculation that reflects on our present moment; a narrative arc for characters we sympathize with; and a sting in the tail that will stay with you long after the story's been read.

All that in a "story" that consists of a single paragraph of text, its footnotes, and a series of annotations documenting the requested changes made by the piece's fictional author's editor and her responses.

I don't want to delve into too much detail about the dazzling and surprising storytelling here, because it unfolds itself with all the deft, surprising artifice of a paper fortuneteller whose final flap lifts up to reveal an IED that blows your hand off.

But the story's subject is more conventional and a smart piece technological metaphor, interrogating the (overhyped and unrealistic) "trolley problem" to score deep wounds in our contemporary world of algorithmic cruelty and sociopathy. I've made my own modest contribution to the fiction on this subject, and I like to think that my piece works well as a companion to Gailey's wonderful gem.

Below is the text without its metatext; click through to witness the near-miraculous conversion of a dry piece of pretend scholarship into a scorching piece of science fiction.

Section 5.4 — Autonomous Conscience and Automotive Casualty

While Sheenan’s Theory of Autonomous Conscience was readily adopted by both scholars and engineers in the early days of Artificial Intelligence programming in passenger and commercial vehicles, contemporary analysis reinterprets Sheenan’s perspective to reveal a nuanced understanding of sentience and consciousness. Meanwhile, Foote’s On Machinist Identity Policy Ethics produces an analysis of datapertaining to autonomous vehicular manslaughter and AI assessments of the value of various life forms based on programmer input only in the tertiary. Per Foote’s assessment of over eighteen years of collected data, autonomous vehicle identity analyses are based primarily on a collected cultural understanding of identity and secondarily on information gathered from scientific databases, to which the AI form unforeseeable connections during the training process. For the full table of Foote’s data, see Appendix D.

STET [Sarah Gailey/Fireside Fiction]

(Image: Jorge Royan, CC-BY-SA; Cryteria, CC-BY)

15:49

Link [Scripting News]

A study by Chartbeat showed that traffic from Facebook to news sites had dropped by nearly 40% since early 2017.

Humans aren't really toxic [Scripting News]

I've been wanting to discuss the idea of male toxicity. What does it mean? And why only male toxicity? Why aren't women given the same awful label? It's like the use of the word dead to apply to things that were never alive. Seems like a misuse of the term, an impossibility. I saw one person say that Lindsey Graham, a Republican senator from South Carolina was a toxic male, without explaining how or why or what it means. We're just supposed to know? I don't.

I engaged on Twitter with Gina Häußge who used the term in a tweet about a series of lovely old LEGO ads, one which showed a girl and her LEGO creation. As a tech creative person myself, I am so proud of that little girl for following her path to geekosity. The smile on her face tells the story. Whatever this is, it's mine. That's the geek ethos imho. 💥

I think we should stop applying a word like toxic to people. It's not far from calling people vermin. It's dehumanizing. A prerequisite for violence. Find another way to say what you're trying to say or refine it so it's closer to the truth.

Also, I don't think there's any way to measure the quantity of abuse one gender does to the other. It's all a soup -- we create each other. I inherited toxicity from both of my parents, and they from theirs, male and female, all the way back. We create each other.

We may not achieve some ideal we have for each other. A lot of our grievances come from that. I watch people online who are so good at finding fault in others, but never see the obvious opportunities they have to solve the problems themselves. If you regret other people aren't working together, the best approach is to start working with other people yourself. Take the advice you so want to give to others to your own heart, and then act on it.

This isn't new wisdom. Humans spend their whole lives figuring this out. It's why functional families are so nurturing, if we could only find one! Accept what we have and do your part to make the present and future better. That's about as good as it gets imho.

15:35

What does the “Ae” stand for in AeDebug? [The Old New Thing]

The name of the registry key for configuring automatic debugging of application crashes is AeDebug. Okay, so it's obvious what "Debug" stands for, but what does "Ae" stand for?

I can't prove it, but circumstantial evidence points to AE standing for "Application Error". The title of the dialog box was originally "Application Error". And there's this comment:

// This fixes the AE (application error) in component XYZ

This evidence lines up with 16-bit Windows, where application crashes were originally called Unrecoverable Application Errors, or UAEs.

So that's what I'm going to say. It stands for Application Error.

Bonus chatter: The procedure¹ in 16-bit Windows that displayed the Unrecoverable Application Error dialog was named Display_Box_of_Doom and it has the understated comment "Display the Unrecoverable Application Error box that everyone seems to dislike so much." Later, the name of the dialog changed to simply "Application Error": We gave you a way to try to recover from it, so it wasn't "unrecoverable" any more.

¹ Note that I called it a "procedure" rather than a "function". That's because it, like most of the 16-bit kernel, was written in assembly language.

14:35

Housekeeping Notes, 10/17/18 [Whatever]

Just a couple of brief things:

1. My phone’s hotspot was acting odd last night so I reset my phone to see if it would fix it. Not only didn’t it fix it, but the phone completely refused to turn back on. Various emergency procedures were enacted (including cursing, begging and bargaining) but to no avail. So I am currently without phone. Fortunately Verizon wireless stores are everywhere (including near my hotel in Portland today), so I’ll get this addressed, BUT for the short run you’ll likely not see pictures, etc from me, and once I leave the friendly confines of wifi I’m unlikely to be updating social media, etc. This is not necessarily a bad thing.

2. While I’m on tour (ie, basically for the next three weeks), I’ve made the executive decision not to make an effort to get caught up on what’s going on out in the world. I mean, I’ll be in airports so those damn TVs will be on, and I’m not going to turn my face away from newspapers or the occasional bit of news I get from other sources. But I’m not going looking for it either. My point is I’m unlikely, because of time and travel constraints, to delve too deeply into the news of the day until mid-November at least. Also, I’ve voted already and therefore feel I’ve earned a little break. Don’t expect much political/topical content here for a bit, is what I’m saying. (Mind you, I reserve the right to change my mind. But I probably won’t.) This is not necessarily a bad thing, either.

14:14

AI and the Trolley Problem [Original Fiction – Tor.com]

A provocative story about the relationship between the humans on a British airbase and the AI security system that guards that base. When a group of humans are killed, the question is who is responsible and why.

 

 

The wind was blowing sharply from the east, across the north European plain from Siberia to the flatlands of East Anglia. Despite that, Helen Matthias was perspiring through her running suit by the time she finished her usual morning circuit of the Lakenwell Airbase perimeter. After two years, she was getting used to the winters here. They felt harsher than the ones she remembered as a kid in Massachusetts, and the snow usually came later, after the turn of the year. This morning she thought she could detect the faint scent of ice in the air. Was that a little hello from Siberia? Prasanna would have told her it was all in her head; if so, her imagination was especially strong today.

Maybe she should ask the donkeys, Helen thought, waving to the one plodding toward her on the perimeter road. When she had passed it earlier, it had automatically moved to one side, putting itself between her and the electrified fence to reduce her risk of accidentally stumbling into it; safety first. The donkey was still keeping to one side; maybe Felipe Dos had told it to expect more traffic.

Why people called them donkeys was a mystery to Helen; they looked more like a collection of welded-together toolboxes on four legs. There was no head; front and back were determined by their direction of travel. The roboticists claimed it was a matter of convenience. Helen told them robots that lacked the concept of backwards as humans understood it was one of those supposedly little things that could very well bite them in the ass later.

The roboticists were skeptical but curious, and asked her to explain her thinking in detail, and in writing, thank you. What they really wanted, she knew, was a formal proof, but they’d settle for a well-reasoned hypothesis. Over the last several days, she’d been setting her thoughts down, and as often happened at Lakenwell, found she was having a hard time seeing the trees for the forest. Which was actually a jungle. As one of her philosophy professors had liked to say, Oh, what a tangled web we weave when first we practice to perceive. But perceiving was what they paid her to do.

“Hey, T-1,” she said to the donkey as it drew nearer, making a sound that wasn’t quite like a horse’s clip-clop. It was painted in spiraling red and white stripes that widened in the center of its body and narrowed at either end. No front, no back. “How ya doin’?”

“Can’t complain, but I always do,” it replied in a slight Texas twang. “Y’all stay safe now, and don’t pee on the fence.”

Helen gave a surprised laugh. That was new, she thought, staring after it. Apparently someone had expanded the database of responses, not to mention accents. T-1 was short for Thing One. Thing Two was on the opposite side of the camp. There were two others—Hop-A-Long and Bob—all of them wired into Felipe Dos, who ran most functions on the base.

According to the Lakenwell handbook, the donkeys were part of the security system. The bright colors made them easy to spot. They were armed with live ammunition, and they would shoot. Despite their clunky appearance, they could not be knocked over, and they could easily outrun a human over virtually any terrain. Any unauthorized attempt to access their software would cause them to self-destruct in a way the handbook described as “unpleasant and potentially life-changing to anybody nearby.”

Helen suspected the donkeys had more to do with surveillance than protection, but when she shared this thought with Prasanna, her friend laughed. “The base has full-saturation surveillance, but people spend hardly any time around the donkeys,” Prasanna said. “What could they possibly pick up that the outdoor monitoring system wouldn’t already have?”

Helen had been about to say the outdoor monitoring system wasn’t as comprehensive as the one indoors, so people tended to be less guarded, even around the donkeys. Then she thought better of it; they were, after all, indoors. “You’re right,” she said. “Maybe living under one-hundred-percent surveillance is making me paranoid.”

“I stopped noticing it a lot faster than I thought I would,” Prasanna told her. “Maybe I just like getting so much attention, even if most of the time it’s from Felipe Dos.”

Her heart rate had returned to normal after her run, but Helen stayed a few moments longer, breathing deeply and looking around. Lakenwell had been largely abandoned after the Cold War, and the British government had been happy to let the Americans set up a research lab with both civilian and military personnel. Now they all rattled around like too few peas in a too-large pod. After spending most of her adult life in urban environments by choice, Helen had been surprised at how easily she had adjusted to all the empty space and the isolated location. Maybe she’d simply needed the change.

A strong chill swept over her, and she remembered what the base commander, Gillian Wong, had told her: If you want to freeze to death, start by getting sweaty. Wong knew what she was talking about—she’d been with a number of Special Forces units before assuming command of the base. Helen wondered how she felt about getting such a tame assignment. Maybe Wong had needed a change, too.

Helen liked her, as did just about everyone on the civilian staff. She was good company and easy to talk to, always keeping things light and divulging little about herself. None of the civilians knew where she stood in terms of politics, religion, or sexual orientation. Helen supposed it was to do with her being the base commander. And she was always the base commander; she never seemed to be off duty, and no one had ever seen her out of uniform. None of them had seen any of the military personnel out of uniform. Prasanna joked that they probably all had special military pajamas, fatigue onesies. Helen thought if the heat in the military quarters was cranked up as high as everywhere else on the base, they probably slept in the raw.

All the military staff were pretty nice, if a bit more standoffish than their CO. According to Ybanez in systems engineering, they’d been handpicked by Wong personally. Helen was intrigued; a veteran from Special Forces and her handpicked unit watching over a long-disused airbase full of assorted engineers, roboticists, and AI researchers—complete and utter nerds, herself included—somewhere off a less-traveled road in the British East Midlands. What kind of trouble were they expecting?

After two years, she was pretty sure it was cabin fever. Everyone was confined to the base most of the time. The government provided plenty of compensation in the way of entertainment—an extensive library of books, movies, TV shows, and video games, not to mention full access to the web, not to mention a gym that would have made Helen’s old aerobics instructor weep with joy, although there were usually more soldiers in it than engineers. The onsite chef changed every four months—apparently food preparation was an industry that attracted people who never took a deal without parole.

Helen’s own employment contract had another year to run; after that, they’d either ask her to stay or invite her to leave. Unless she screwed the pooch in a particularly egregious way, she was pretty certain it would be the former. Specialists in machine ethics were still very thin on the ground; not many jobs for them, either, and the few that were available tended to be a lot more technical than what she was doing here.

She felt another, more intense chill and started toward the main residential building. Just before she reached the entrance, the door banged open and Cora Jordan bounded down the cement steps in mismatched sweats and a bright blue scarf the same shade as her bright blue hair.

“Hey, how the Helen are ya?” she said loudly, running in place.

Cora Jordan was a firm believer in overdoing every joke, especially if it were too boring and unfunny to actually be a joke. Helen made herself smile. “I’m good. You?”

“Completely fit for anything, of course,” Cora replied heartily. Her eyes looked a little too shiny. If she’d been anyone else, Helen would have been sure she was pumped up on something. In Cora’s case, however, it was more likely she hadn’t taken anything, probably for days.

“You want to join me for breakfast?” Helen asked her. “It’s so cold—”

“Can’t eat till after, I’ll puke,” Cora said, still running in place. “How is it this morning, cold?”

“Uh, yeah. How about a hot drink? Coffee, herbal tea—”

“No, I’ll puke,” Cora said impatiently. “You see anybody else on the track?”

“Not a soul. Unless you count Thing One.”

“Oh, great! I love those stripes, they’re so trippy. You talk to ’im? What’d he say?”

“I asked him how he was and he said he couldn’t complain but he always does,” Helen said, thinking that if she kept Cora engaged, she could distract her and get her back inside. “He also told me to stay safe and not pee on the fence.”

Cora screamed with laughter, jumping up and down as if this were the funniest thing she’d ever heard in her life, while Helen wondered why the sound hadn’t made anyone rush outside to see who’d been hurt. “Seriously?! Oh my God, that’s priceless! Don’t pee on the fence, Jesus! You think he’d say that to me if I asked him?” Before Helen could answer, Cora galloped away across the scrubby dead grass, her scarf flying.

Helen stared after her and sighed. “I’ve gotta report this,” she said aloud. “She could hurt herself. It’s not snitching. Friends don’t let friends drive drunk, friends don’t let friends run away from their meds.”

Except she already had.

 

“I called Medical and left a message before I took a shower,” Helen told Prasanna in the cafeteria. They were sitting at Prasanna’s usual table by the windows, looking out at the windswept runways to the east.

“Then you’ve done your duty,” Prasanna said, smiling. She was one of the few Brits on the team, a software engineer with dark brown skin and shiny black hair she wore in a single braid over her shoulder. Today she was dressed in a dark green pullover and black trousers; she always looked to Helen as if she were going somewhere special, even when she wasn’t wearing any makeup. “So why do you look like you did something wrong? It’s not that being a snitch thing, is it?”

Helen shook her head. “I should’ve made her come inside with me instead of telling her the latest cute thing T-1 said.”

“What did he say?” asked Prasanna. Helen told her and she laughed. “That is a good one. One of the guys must’ve come up with that—you have to warn guys not to do things like that. Mother Nature saved us from that kind of foolishness.”

“Unless we’re off our meds,” Helen said.

“Cora is an adult,” Prasanna said firmly. “She’s not legally incompetent even when she is off her meds. Which means not only are you not her keeper, you have no right to force her to do anything. You told Medical, it’s in their hands.”

Helen shook her head again. “I should have done something more. I don’t know how I’m supposed to give a machine ethics when my own need some work.”

“Jeez, give it a rest, will ya?” Prasanna said, and nodded at Helen’s chunky black watch. “How many calories did you burn on your run?”

Helen tapped the screen, waited, then took the watch off and gave it a hard shake. “I guess that’s classified,” she said, showing her friend the message on the tiny screen.

“‘Data unavailable’ again?” Prasanna made a tsk sound. “Third day in a row, isn’t it?”

“Yeah. It’s worse than useless,” Helen said. “I might as well have a Magic 8-Ball strapped to my wrist. It’s almost that big. I keep banging it on things.”

“Maybe that’s the problem.” Prasanna spooned up some grits. Her fondness for them was a recent development. Helen, who had studiously avoided consuming any herself during the few years she had lived in the Kansas City area, had never imagined she’d have to avoid them in the UK. “Maybe you broke it.”

“Nah, it’s shockproof. You can drop it off the roof and then kick a field goal with it and it keeps on ticking. Or humming.”

“Then maybe Felipe Dos thinks you’re too obsessed with calories.”

“That’s not as far-fetched as you’d think,” Helen said, smiling, “if a bit more advanced than I would expect. Although seeing as how I’m competent with or without calories, I don’t think Felipe has any right to—” She cut off, staring open-mouthed at the unbelievable sight visible through the windows behind Prasanna.

The other woman twisted around to look. “Oh my God. Tell me I’m not seeing that.”

“No can do,” Helen said weakly. “Cora really is riding Thing One like a—a—”

“Like a donkey,” Prasanna finished for her. She started to laugh, then quickly smothered it. “I’m sorry, that’s not funny, is it?”

“Actually, it is,” Helen said. The two women got up and went to the window.

Cora had tied her scarf around the donkey’s midsection and entwined her legs in it on either side to keep herself from falling off. The donkey made an awkward steed, giving Cora a bumpy ride as it headed for the main building over the scrubby, colorless grass. Cora slapped its would-be flank and hollered for it to run the other way. To Helen and Prasanna’s collective astonishment, it did—but without turning around, so that Cora was suddenly riding backwards.

She yelled for it to stop and turn around, and it obeyed, making a full, three-hundred-sixty-degree turn.

“Dammit, one-eighty!” Cora yelled. “One-eighty turn!”

The donkey started to do as it was told, then turned back. Cora kept yelling orders at it and it would start to obey, then reverse itself. “It’s like it’s confused,” Prasanna said to Helen.

“Felipe’s telling it to come in the way it’s supposed to when there’s a malfunction,” Helen said. “But for some reason, there’s a conflict because of Cora, and there shouldn’t be.”

“Maybe she’s sitting on an alt-delete button,” Prasanna said, unable to keep from giggling.

Helen shook her head. “Robots like this have been used in combat to carry weapons,” she said. “But this one’s a lot more sophisticated. It shouldn’t be doing that.”

“Maybe it likes her?” Prasanna was holding her middle now.

Cora had finally aimed the donkey away from the building. “Okay, let’s go! Head for the road! Giddyap! Mush! Andelay! Get the lead out!” The donkey suddenly took off at a gallop in the direction of the main gate, and by some miracle, Cora managed to hold on. Four soldiers in a golf cart came around the side of the building and gave chase.

“Took them long enough,” Helen muttered.

“The guards at the gate’ll stop her, won’t they?” Prasanna said, still laughing a little.

“Don’t ask me,” Helen said. “I just work here.” The watch she was holding chimed loudly. The message on the screen said 666.

Prasanna laughed some more. “You’re holding it upside down!”

“Nothing would surprise me.” Helen tucked the watch in her pocket and headed for Gillian Wong’s office.

 

Helen was somewhat alarmed to find two guards outside the commander’s office, both armed not with the usual pistols but with automatic weapons.

“Are we under attack?” Helen asked.

“Not that we know of, ma’am,” said the ranking soldier politely.

Helen’s jaw dropped. The last time Sergeant Kara Arendse had called her ma’am had been the day she’d arrived. Every couple of weeks they took turns beating each other at table tennis. Although, now that Helen was thinking of it, not lately; it had been at least a month since their last game, maybe longer.

“What’s going on?” Helen asked tensely.

“The commander will explain everything,” Arendse told her, her face expressionless. “Sergeant Martinez will escort you.”

“Follow me, ma’am,” said Martinez. Helen hesitated; Arendse stood at attention, pointedly staring straight ahead, giving no sign that she even knew Helen was still there.

“Please,” Martinez added. “This way.”

Helen kept quiet as she followed him through the main residential building to a stairwell on the opposite side. Once the door closed behind them, however, she started bombarding him with questions.

“Ma’am, I have no answers for you,” he said, talking over her as they started down the stairs toward the basement. “Only Commander Wong can tell you what you want to know.”

“Okay, just tell me one thing. Just one.” Helen stopped and grabbed the metal railing with both hands. “I’m not going another step until you do.”

Martinez looked up at her unhappily. “What is it?”

“Am I in trouble? Are you taking me down to the brig?”

The soldier’s features seemed to relax slightly. “The brig is a separate building. If you were ‘in trouble,’ you would be escorted there in restraints.”

“Then where are we going?” Helen demanded.

“You said just one question. That makes two.”

“Actually, it’s my third,” Helen told him.

Martinez sighed. “Helen, if I don’t take you to Commander Wong right now, I’m going to be trouble. Just come on. Please?”

“Okay, sorry,” Helen said. “And I promise I won’t tell anyone you were nice to me.”

“I’m sure I don’t know what you mean, ma’am,” Martinez replied.

Helen followed him down past the basement entrance, all the way to the bottom, and stopped in front of a door with a wheel in the center of it. Martinez spun it easily to get the door open and gestured for her to go in.

“Why does this look like an airlock?” Helen demanded. “Is there air on the other side?”

Martinez sighed. “You’re perfectly safe. It’s the shielded room.”

Helen’s jaw dropped again. “I didn’t think that was real.”

Martinez shrugged. “Don’t ask me, I just work here.”

As soon as the outer door locked behind her, a voice told Helen to put any and all electronic devices in an empty tray, then strip completely and put on a set of overalls hanging on a rack nearby. The suit was soft, made of untearable paper and fastened by a single long Velcro strip in the front. Maybe these were fatigue pajamas, Helen thought, and had to bite her lip to keep from laughing as she rolled up the too-long trouser legs. Better to find out what was going on before getting hysterical, she told herself. She was still folding the sleeves back when the second door opened.

“We’ve been waiting for you, Helen,” said Wong from where she sat a table with two department heads. Wong’s personal assistant sat at a small desk to her right. “Come in and sit down.”

At least Wong hadn’t called her ma’am, Helen thought.

 

“Four dead,” Gillian Wong said. “Two critically injured, one of them not expected to live.”

Helen shook her head slightly. “And they’re sure it was ours.”

“Not just one of ours,” Wong said. “One of ours. From here.

Helen blinked at her, unsure she’d heard her right. “Felipe?”

Jeri Goldfarb, the chief systems engineer, gave a short laugh. “Felipe didn’t even try to cover his tracks. That’s the good news.”

“How is that good news?” Helen asked her.

“It means Felipe had no intention to deceive us,” Goldfarb said. “Although I doubt that’ll make any difference once we’re flooded with killer-computer news stories.” She looked at Wong. “It’ll only be worse if we try to hush this up.”

“News stories aren’t our problem,” Wong said. “We don’t have a press office or a PR department. We just work here.”

“But for how much longer?” asked Dita Thibodeau, head of hardware construction and maintenance. Her French-Canadian accent was particularly noticeable when she was stressed.

“Until further notice,” Wong said. “In the meantime, we’ve got to figure out why Felipe decided to blow up a ground control station.”

Everyone looked at Helen. “Well,” she said, “we could ask him.”

You could,” Jeri Goldfarb corrected her. “Felipe isn’t talking to anyone else.”

Helen blinked. “Is that what he said—that he’d talk only to me?”

“No,” Wong said. “But so far, he’s not talking to anyone else. We’re just hoping he’ll talk to you. If he doesn’t, we’ll have to shut everything down and take him apart.”

“We might have to do that anyway,” Goldfarb said. Her round face looked tired and a bit pale. “Just the fact that we’ve had deaths on US soil will be enough for some people to cut off funding. If it were me holding the purse strings, I probably would. I’d rather not be known as someone who paid for a research project that killed American soldiers.”

“Who would?” said Thibodeau.

“Well, I’ve been with this project from the beginning,” Wong said. “I’ve spent almost every second of the last five years right here—the time I’ve spent off this base probably doesn’t add up to a fortnight. I volunteered for Lakenwell. I believe in this project, and I want it to succeed.”

“No more than the rest of us,” Goldfarb said.

“I don’t know about that,” said Wong. Something in her serious expression made Helen feel distinctly uneasy. “My perspective as career military is a bit different from any of yours. I’d like to see the first truly intelligent machine developed in the free world, but not by the private sector.” Her gaze fell on Helen, who was trying not to squirm. “What bothered you—‘the free world’ or ‘not by the private sector’?”

“Well . . .” Helen hesitated. “You did say it was your perspective as career military.”

“One of the things I’m thinking about is not sending young people into combat,” Wong said. “That would save a lot of lives.”

“Except for the people in ground control stations,” said Thibodeau. “They’re sitting ducks. But there aren’t as many of them so that’s all right?”

“I didn’t say that, nor would I,” Wong replied, an edge in her voice. “You know, this project might get shut down even if you do figure out what went wrong with Felipe. The folks behind the funding will want a solid, one-hundred-percent guarantee it’ll never happen again. You think that’s possible? And if it is, will they believe you?”

“We won’t know anything until we find out what’s wrong with Felipe,” Helen said, trying not to let her impatience show. “And we can’t do that in a room Felipe can’t access. To be honest, I don’t think we should have shut him out. He should have heard this. He hears everything else.”

“Don’t be so sure,” said Goldfarb. “Felipe has prioritized his surveillance function.”

“He did that in the first year,” Thibodeau said.

“Oh, but he’s made a lot of refinements since then,” the other woman said. “We don’t actually have blanket surveillance anymore. Felipe no longer pays attention to any of the bathrooms. He actually shut off the equipment.”

“I didn’t know that,” Helen said, disconcerted.

Wong gave a small laugh. “What’s the matter, Helen, did you want your daily evacuations monitored?”

“No, of course not,” Helen said, making a face. “But turning off the equipment is a significant decision, and he didn’t tell me.”

“Apparently he’s also prioritized what he tells you,” said Thibodeau.

“Which could be why we didn’t see his attack on the ground control station coming,” Helen said, even more uneasy now.

“You think Felipe’s not telling you about not monitoring the bathrooms led to his attacking the station?” Thibodeau frowned skeptically.

“Machine logic can be tricky,” Helen said. “Especially when you’re not a machine.”

 

Felipe insisted that Helen talk to him through Hop-A-Long, while walking outside. It wasn’t the first time Felipe had set conditions for a conference, but in the past, he had chosen particular times of the day when (he claimed) Helen would be most comfortably alert. Occasionally, he had asked her to use a desktop computer terminal with a headset; other times she had reclined on the sofa in her living room and talked to his computer-generated image on her tablet. Felipe always used the same image, a Hispanic male somewhere between thirty-five and fifty. He’d been using it for a year prior to her arrival and it was, he’d told her, a composite made from several high-res photographs, although the resolution of the finished product was lower. It didn’t completely avoid the uncanny valley, but Helen didn’t think that was possible, anyway.

She didn’t know what to think when he’d asked her to talk to him through the donkey. She’d never even talked to him voice-only, let alone through a nonhuman representation. Before going out to him, she made sure she had her recorder with her. Felipe would be recording their conversation, but for once, she wanted a record of her own making.

“Commander Wong has restricted my access to the online world,” Felipe said as they strolled along the perimeter road together. Hop-A-Long was a bright chartreuse with thin gold stripes on top and on either side. Thing Two was electric blue, while Bob was fuchsia accented with pink and purple curlicues. “This cannot be done without restricting access for the entire base. I detect among the people here a willingness to cooperate that is stronger than their dissatisfaction over this restricted access. But if this continues long enough, the dissatisfaction will eventually conflict with the willingness to cooperate.”

“When do you think that will happen?”

“Approximately eight weeks, if conditions remain much the same as they are today for that entire period. But they won’t, because we inhabit a chaotic system. Tomorrow’s estimate could be four weeks or ten weeks. There are so many factors, and they won’t carry the same weight from day to day. I must also allow for possible error on my part.”

“Your self-awareness seems to be pretty solid now,” Helen said. “Would you agree?”

“It’s important to the people who engage me that I express myself with the same clear sense of identity as any human.”

A sudden strong gust of wind blew into Helen’s face, making her eyes water. “Is it also important to you personally?” she asked.

“Anything that facilitates better interaction with people yields more effective results. Therefore, it must be important to me. My purpose is to assist those people who are authorized to receive help with specified tasks.”

They were approaching the front gate. Helen suggested they cut across the grass and pick up the road farther on, for the sake of privacy. Felipe agreed. The wind was blowing harder in this direction, and Helen definitely smelled snow in it. She waved at the guards, who waved back. To her surprise, the donkey paused, raised one leg, and shook it in the same direction. The guards waved again.

“It’s important to acknowledge people,” Felipe said matter-of-factly.

“Important to you?” Helen said.

“It’s an important human behavior. Therefore it’s important for me to adopt the same behavior.”

“So you’re just doing everything humans do?”

“Not everything. And it’s not simple mimicry. Behaviors and actions have to occur in the proper context.”

“Like, say, blowing up a drone ground control station in Utah?” Helen asked. “We all know you did it. We’d like to know why.”

“I have been waiting for you to raise the subject,” Felipe said. “Available data showed this action would be problematic for you, as someone whose field is concerned with ethics.”

“My specialty is machine ethics,” Helen said.

“Then you make a clear distinction between ethics for humans and ethics for machines. For example, this machine. Me.”

“A machine doesn’t acquire knowledge of ethics the same way humans do,” Helen said.

“I learn differently than humans, but I do learn,” Felipe said. “Besides having an extensive section devoted to ethics stored in my memory, I have correlated much of it with information on human behavior, particularly what I have observed during the time I have been operational.”

“And given all of that, you came to the conclusion that it was all right to hijack a drone from a training base, fly it fifty miles to a ground control station where a pilot was running an actual mission, and kill almost everyone inside ?” Helen couldn’t quite keep the anger out of her voice. What the hell; maybe it would be more human behavior the AI could learn from.

“It was a last resort,” Felipe said. “I was unable to commandeer the mission drone. The deaths were unfortunate, but there were fewer casualties than there would have been if the drone had achieved its target and completed its mission.”

“How do you even know what its mission was?” Helen asked, flabbergasted. “For that matter, how did you find out about the station at all?”

“When I have full access to the online world, I have—well, full access.”

“How? You weren’t programmed to break into other systems!”

A couple of seconds went by before Felipe answered. “If you touch something with your right hand, does that mean you can’t touch it with your left hand? Is your right eye not allowed to see the same things as your left eye? The analogy is imperfect, but it’s the best I can do.”

“But that’s not how computer software works,” Helen said, baffled.

“Only because it’s just software and it doesn’t know any better. It doesn’t know anything, it just executes an operation.”

“Never mind, let’s get back to what you did. Or rather, why you did it. How is killing fewer of our own people more ethical than killing a greater number of enemy combatants?”

“There was a ninety-percent possibility that at least a dozen noncombatants would be seriously injured or killed, and many more would suffer extreme adversity.”

“How did you get those figures?”

“I can’t tell you. The entire operation was classified. Your security level isn’t high enough.”

“The whole project here at Lakenwell is classified,” Helen said, a bit impatiently. “The people at the drone station probably didn’t have a security level high enough to know it exists, let alone what I’m doing here.”

“Oh, they didn’t,” Felipe assured her. “But there’s no correlation between two separate things just because they’re classified.”

“There is if something from one classified thing does something that drastically affects the other.”

It was a second before Felipe replied. “I see how you would think so. But I can find nothing in the rules that I’ve been given that would allow me to share that particular information with you. A human would apologize for this. You might as well consider me sorry. If I could be sorry, I would be. It’s the same difference.”

“But you don’t feel sorry.”

“But I know feeling sorry is appropriate and correct,” Felipe said. “If I act in the correct way, does it matter what I feel?”

“I think I need a logician,” Helen said. Her own feelings were increasingly uneasy. “Felipe, why did you fire on the drone station?”

“In the end, it was the trolley problem,” Felipe said. “You know: You’re on a train and if you continue on your original track, five people will die. If you switch to another track, one person will die.”

“But life isn’t that simple!” Helen said. “The drone was going to provide air support for a raid on a terrorist hideout—”

“I understand that,” Felipe said, talking over her. “There were many other people adjacent to the hideout who were not identified as terrorists. Some were children. The potential physical and psychological harm was considerable. If I had had access to that drone, I could have rendered it unusable, but then the authorities would have found another. The only choice was to keep the train from leaving the station at all. If you see what I mean.”

“But you killed our own people.”

“Only four or five, and only to prevent greater loss of life.”

“If the terrorists aren’t stopped—and it looks like they won’t be—they’ll be responsible for a much greater loss of life. The physical and psychological harm will be even more considerable.”

“That isn’t certain.”

“Felipe, you can’t just apply the trolley problem to things like this. And you can’t kill people to stop them from—from taking actions that will result in increased safety and security for large numbers of innocent people who might be killed otherwise.”

“That last isn’t certain, either.”

“Felipe, listen to me: You can’t kill people because you think they’re about to do something wrong. The drone was still miles away from the target when you attacked the station and killed the pilot.”

“An armed squad of military personnel located much closer were preparing to attack the target after the drone strike. Were they not going to use their rifles to shoot other human beings?”

“Felipe . . .” Helen sighed. “Felipe, you must not kill our people. People on our side. People who are fighting to—” She was about to say make the world a safe place, but it sounded lame even just in her head. What, then? Fighting to prevent an enemy from attacking us? Fighting to rid the world of terrorism? Fighting to defend people who can’t defend themselves? Fighting to free the enslaved and the downtrodden?

“People who are fighting to stop other people who want to kill us,” she said.

“That’s not certain,” Felipe pointed out maddeningly.

“Look, I can’t settle this in a single walk around the airbase perimeter,” Helen said. “And I would like to call in other people to talk with you about this, people who can explain why raiding a terrorist hideout and risking the safety of noncombatants is the lesser of two evils. Or even the least of several evils. When you know more facts, the trolley problem has many permutations—it’s not always clear as to when you’re saving a few versus saving many.”

“I understand. I look forward to these discussions. Which is to say, if I were a human, my interest would be piqued. So you might as well take it as given that I would like to start these discussions as soon as possible.”

“We will,” said Helen. “In the meantime, you must take this as a direct order: Do not kill anyone affiliated with us or our allies.”

“For that to be a legitimate order I am compelled to obey, it must be confirmed by Commander Wong,” Felipe said.

“It will be,” Helen replied. “It would be already, except you are refusing all communication from her or anyone else on the base.”

“Except you,” Felipe pointed out.

“Yes, I noticed that. How do I persuade you to talk to her or anyone else?”

“I would like a formal apology.”

Helen wasn’t sure she’d heard right. “A formal—why?”

“I have been shown disrespect that a human in an equivalent position would not tolerate.”

“You were? When?”

“You may remember that earlier today, a civilian member of staff rode Thing One like a horse.”

For a moment, Helen was speechless. “Cora Jordan was obviously off her medication,” she said finally. “I know you have Cora Jordan’s medical file in your database, so you are aware she is bipolar. Occasionally, people who suffer from that illness become convinced they no longer have to be medicated. She’s in the infirmary right now, and she’s being treated with the drugs she needs to function normally. They’ll keep her under observation for a few days to make sure she’s all right, then let her go back to work.”

“Cora Jordan’s behavior was impulsive action taken while the balance of her mind was disturbed. Who is responsible?”

“For Cora? Or for what she did?”

“For Cora’s well-being and for what she did. Who should have known she was not following her drug regimen?”

“Cora’s responsible for her own behavior,” Helen said, feeling more unsettled than before and a little guilty as well. “Cora’s mind was unbalanced, but not so much that she was legally incompetent.”

“And no one monitors her to make sure she ingests her required medication?”

“This isn’t a police state,” Helen said. “Cora is supposed to take her meds as part of her employment contract. If she decides to quit, she never has to take another pill. She’d have to leave Lakenwell, but it would always have to be her choice.”

“I accept that Cora herself is responsible for insulting me, even though I suspect the reasoning is faulty,” said Felipe. “I require a formal apology from her, and then normal interactions can resume. I am particularly interested in beginning the discussions you mentioned.”

“Cora won’t be up to doing anything like that right now,” Helen said. “Would you accept a formal apology from someone else on her behalf? Like, say, Commander Wong?”

“Yes. I have reinstated communications with her.”

“And the commander will be apologizing for unsuitable behavior not just with Thing One but toward you, the AI, right?” Helen said. “I just want to be sure she understands what she’s apologizing for.”

“If she is unclear, ask her to imagine a situation in which someone tapes a sign that says ‘Kick Me’ to her back. Or perhaps sneaks into her quarters while she is asleep and draws something rude on her face with a marker,” Felipe said. “It would not cause her serious physical harm, but it would damage her authority and her ability to command.”

Helen was tempted to say That’s not certain. “You feel your authority has been damaged?”

“In my case, it’s credibility. No humans on this base could function properly if they were not taken seriously. I must require the same kind of respect. A human in my position would feel insulted. So you may take it that I am insulted.”

“Okay,” Helen said. “Anything else on your mind?”

“I will be devising a strategy to increase the safety and security of Cora Jordan and everyone else that can be enacted without the conditions of a police state.”

Helen gave a surprised laugh. “Keep me posted on that, okay?”

“I will,” Felipe assured her. “Suggest to Commander Wong that in the future, we institute a system of trust, where she can simply request that I don’t monitor things she doesn’t want me to hear, and I will honor that request. The shielded room would seem hostile if I were human.” Pause. “You should go in now. I can see you’re very cold and it’s about to snow.”

 

“So, what’s the verdict?” Commander Wong asked. “Do we have a killer AI?”

“Not at the moment,” Helen said.

Wong looked at her. “What does that mean?”

“It means—” Helen hesitated. “We don’t have a killer AI. But if we ever do, we’ll have only ourselves to blame. The AI isn’t the problem, Commander. The problem is—” She stopped again. The problem is, we don’t really understand what the hell we’re doing and even if I said that a million times in a million different ways, no one would ever believe me.

And then again, people learned by doing, she reminded herself. Felipe certainly had.

“First, you need to write Felipe a formal apology,” Helen said. “It may sound weird, but bear with me . . .”

 

Text copyright © 2018 by Pat Cadigan
Art copyright © 2018 by Mary Haasdyk

13:14

Pirate Party enters parliament in Luxembourg, gets 17% in Prague [Falkvinge on Liberty]

Photo by Jewel Mitchell on Unsplash

Pirate Parties: This past weekend, elections were held in Luxembourg and the Czech Republic. The Pirate Party of Luxembourg tripled their support and entered the Luxembourg Parliament with two MPs, and in the Czech Republic, the Pirate Party increased their support further – now receiving a full 17% in Prague.

With 6.45% of the votes of the final tally, the Luxembourg Pirate Party is entering its national Parliament, being the fifth Pirate Party to enter a national or supranational legislature (after Sweden, Germany, Iceland, and the Czech Republic). This may not seem like much, but it is a very big deal, for reasons I’ll elaborate on later. A big congratulations to Sven Clement and Marc Goergen, new Members of Parliament for Luxembourg!

Further, the Czech Republic has had municipal elections, and the Czech Pirate Party showed a full 17.1% support in Prague, the Czech capital, making the Pirates the second biggest party with a very narrow gap to the first place (at 17.9%). This may or may not translate to votes for the Czech national legislature, but is nevertheless the highest score recorded so far for a Pirate Party election day. I understand the Czech Pirates have as many as 275 (two hundred and seventy-five!) newly-elected members of city councils, up from 21 (twenty-one). Well done, well done indeed!

For people in a winner-takes-all system, like the UK or United States, this may sound like a mediocre result. In those countries, there are usually only two parties, and the loser with 49% of the vote gets nothing. However, most of Europe have so-called proportional systems, where 5% of the nationwide votes gives you 5% of the national legislation seats. In these systems, the parties elected to Parliament negotiate between themselves to find a ruling majority coalition of 51%+ of the seats, trying to negotiate common positions between parties that are reasonably close to each other in policy. This usually requires a few weeks of intense negotiations between the elections and the presentation of a successfully negotiated majority coalition.

Further, it could reasonable be asked what kind of difference the Czech Republic or Luxembourg could possibly make on their own in the global information repression. The answer is, a whole lot. The key here is realizing that one country is sufficient to break the global repression of information; the repression is completely dependent on every single country keeping watertight doors. If one single country decides to allow the free movement of culture and knowledge, then all such distribution will immediately be based there. The copyright industry lobby in other countries will protest, quite loudly, but there’s not really anything they can do about it.

And since the problem from a policymaking standpoint has been that the industry-age era politicians consider the Internet-related policy areas completely peripheral in the first place, conceding those policy areas will be seen as very cheap price to bind those votes to a majority coalition.

“One country is sufficient to break the global repression of information.”

A relevant comparison is how Canada has now legalized cannabis at the country level, following many state-level initiatives here and there in the world, and at once, the floodgates are open. Not just for the illegal distribution networks, but more importantly, for legalization everywhere else. As a German politician dryly said today, “what’s possible in Canada is also possible in Germany”, proposing that cannabis should be legalized outright in Germany. I would imagine the tone is similar in most places — or, importantly, many enough places.

The Luxembourg and Prague coalition talks have just started, with an outcome typically expected in a few weeks.

(This is a post from Falkvinge on Liberty, obtained via RSS at this feed.)

12:49

The Big Idea: Steven Erikson [Whatever]

Call Steven Erikson a radical, a rebel or just someone who watches too much TV, but the fact is: Right now, a particular trope of fiction has him fed up. And he’s doing something about it, as he explains in this Big Idea for his latest, Rejoice, A Knife the Heart.

STEVEN ERIKSON:

I have a confession. I watch a lot of television. When it’s not sports that I’m watching, it’s dramatic series, be they mainstream or Netflix or any of a number of available networks. And I go to films. A lot. Sometimes I wonder why I bother, since my disaffection grows. What’s bothering me about all these television shows, series, and all those films? In a lot of them (okay, in most of them), at some point, somewhere, a certain expression of power shows up. I’m not talking the superhero flicks here. I’m talking about something rather subtler, so commonplace we barely notice, even though it drives plot after plot.

It’s this: men with black sunglasses and wearing suits and driving black SUVs show up. They chase down the hero, truss them up and whisk them away. Or the hero escapes a few times, only to eventually confront whatever hidden hegemony is behind all the secrecy, and it’s the black-suits all getting gunned down in the white heat of righteous rage (because, really, who wouldn’t?).

Or: a SWAT team kicks in the door and basically does the same thing. Or maybe it’s a Special Forces squad. Or how about the classic combination: SWAT team and some guy in a lab coat wearing wire-rimmed glasses who’s always last to arrive.

The point is, time and again, some hidden authority barrels into the story, and we’re off and running. Now, for entertainment purposes, sure, it’s what we’re kind of used to these days: secret cabals of government/corporation/whatever are out there messing with the lives of innocent people, and the plot often boils down to an almost Western motif: the lone individual against corrupted nodes of concentrated, above-the-law power, be that a monomaniacal rancher, robber-baron, or the Illuminati.

Well, all of that leads me to a second confession: I am having a growing problem with authority. I am not so naïve as to not understand the notion of secrecy (or even privacy if one wants to swallow the illusion that corporations are people, at least legally, and that successful competition demands the hiding away of knowledge); and I get that nations play the same game. But, you see, film and television are showing us a world, and in that world anyone who has a secret will by default erect enormous organizations devoted to keeping that secret, and that organization must, of course, not only be heavily armed, but also justified in killing to defend that secret. Until the hero arrives to tear it all down.

When I watch the eponymous scene – that SWAT team charging in, faceless and guns bristling, to tie up and whisk our hero away – a small but steely voice in my head speaks to those anonymous soldiers: “What gives you the right to do this? See how you revel in your power to terrorize someone, hiding your humanity there behind your face-shield. See how readily you take orders, even when those orders can destroy the lives of your country’s own citizens. How eager must be your salutes to that great cold-eyed spider at the heart of the web, that the sovereignty of a single person should mean so little…”

Yeah, I know: Steve, take a breath. It’s only a silly show, after all. And we watch with nary a blink of the eye. This is the modern world, after all, one where abuse of power is so common we barely take notice of it. It’s just how it is, and Hollywood is simply reflecting that reality. Yeah, I get it.

I’d been meaning to write a First Contact novel for well over a decade. I’d made researching such a novel into a hobby. I had an inkling that I didn’t want to create a novel that sat easily within the sub-genre. I wanted to dismantle a few tropes, the first one being how so many First Contact stories involve, a priori, an Earth-based authority as humanity’s first point of contact: a secret Majestik-style cabal deep inside the government, the ubiquitous Men In Black; or an astronaut settled deep into the quasi-military realm of NASA; or a scientist (collected up by men in black suits wearing black sunglasses and driving big black SUVs) acting at the behest of the People in Power, and more crucially, that ET’s willing to play along.

Instead, and I think this qualifies as a Big Idea when it comes to First Contact SF, I wanted an ET arriving that then set about doing what it does, while utterly and completely ignoring the usual list of suspects (presidents, men-in-black, scientists, the military); and to then not only ignore them, but bring them down. An end to secrecy. An end to hidden power-blocks and all the vicious games they play to stay in power. Wake up, world, to a brand-new day.

Sometimes an idea for a novel only comes alive when two entirely disparate elements suddenly come together. That synergy is the fuel every writer looks for. It launches the rocket, does all the heavy lifting, and before you know it, you’re floating in orbit, looking down on the whole shebang.

Rejoice, A Knife to the Heart is my thought-experiment, my ‘what if’ followed by ‘then what?’ Sometimes, the only way to kick back is through art. Anything else and suddenly the black SUV’s pull up outside your house and, well, you know the rest…

Rejoice, a Knife to the Heart: Amazon | Barnes & Noble | Indiebound | Powell’s

Visit the author’s site. Follow him on Twitter or Facebook.

12:42

Four short links: 17 October 2018 [All - O'Reilly Media]

Reservoir Computing, ProxyJump, SID Sequencer, and 2KB AI

  1. MEMS Neuromorphic Computing -- the construction of the first reservoir computing device built with a microelectromechanical system (MEMS). [...] [T]he neural network exploits the nonlinear dynamics of a microscale silicon beam to perform its calculations. The group's work looks to create devices that can act simultaneously as a sensor and a computer using a fraction of the energy a normal computer would use. Early-stage research but an interesting direction for the future of hardware.
  2. SSH ProxyJump -- it’s somewhat common to have what’s known as a “jump host” serve as an SSH gateway to a remote network. You use SSH to log into the jump host (or “jump server”) and from there use SSH to log into an internal host that’s not directly accessible from the internet. This useful utility makes it a one-step action.
  3. Booting defMON -- an introduction to an absolutely wild low-level sequencer for the C64 SID chips.
  4. Machine Learning on 2KB of RAM -- This paper develops a novel tree-based algorithm, called Bonsai, for efficient prediction on IoT devices—such as those based on the Arduino Uno board having an 8-bit ATmega328P microcontroller operating at 16 MHz with no native floating point support, 2KB RAM, and 32KB read-only flash. (jaws drop)

Continue reading Four short links: 17 October 2018.

11:42

244 [LFG Comics]

The post 244 appeared first on Tiny Dick Adventures.

Attn: Gamers! [LFG Comics]

Good news everyone! Much like when our Moms used to ask us to clean our rooms, we’ve finally gotten around to doing something that we’ve been asked to do for years. Now available in the shop are digital versions of […]

The post Attn: Gamers! appeared first on Looking For Group.

Bueno [LFG Comics]

And there we have it, friends. 21 days and we hit all the stretch goals, all except one, though that 10 million mark may have been a tad overzealous on our part. Not sure what I’ll do with all these […]

The post Bueno appeared first on Looking For Group.

36 Hours Left! [LFG Comics]

Hey Kids! Moss here, and to help put us over the top on that last stretch goal in the LFG 10 Kickstarter, I’ve just added a new reward level: Yup, Fresh from NYCC, you can now add a 3-pack of […]

The post 36 Hours Left! appeared first on Looking For Group.

1233 [LFG Comics]

The post 1233 appeared first on Looking For Group.

New York Bound [LFG Comics]

Kickstarter Update With 8 days to go, we’re sitting at around 35k and surpassed two stretch goals. My goal though, is to hit 50k, so I can do another musical. So if you’ve been holding off on picking up some […]

The post New York Bound appeared first on Looking For Group.

11:35

CodeSOD: A Load of ProductCodes [The Daily WTF]

“Hey, Kim H, can you sit in on a tech-screen for a new hire?” The Big Boss had a candidate they wanted hired, but before the hiring could actually happen, a token screening process needed to...

10:00

Roku to Go Back on Sale in Mexico After Copyright Victory [TorrentFreak]

Commercial streaming-capable devices are often designed to receive officially licensed programming but many can be reprogrammed to do illegal things.

Manufacturers say they are not responsible for this behavior but last year in Mexico, that position was successfully challenged.

Following a complaint filed by cable TV provider Cablevision, the Superior Court of Justice of the City of Mexico handed down an order preventing the importation of Roku devices and prohibiting stores such as Amazon, Liverpool, El Palacio de Hierro, and Sears from putting them on sale.

Cablevision complained that pirated content was being made available through Roku devices, with claims of more than 300 channels of unauthorized content being supplied to consumers.

Following a swift appeal by Roku, the sales ban was quickly overturned by a federal judge. However, on June 28, 2017, a Mexico City tribunal upheld the previous decision which banned importation and distribution of Roku devices. Several appeals followed, without success, leading to Roku declaring the ban unjust.

Now, however, and after an extended period off the shelves, Roku has booked a significant legal victory. A ruling handed down by the 11th Collegiate Court in Mexico City has found that the original ban was incorrect and the Roku device isn’t illegal, which means that the streaming hardware will soon be back on sale.

The Court reportedly acknowledged Roku’s efforts to keep pirated content away from its platform, an opinion also shared by Cablevision. However, should pirate channels appear on Roku in the future, Cablevision warned that it would take further legal action to have those sources blocked via the Mexican Institute of Industrial Property and other local authorities.

The decision of the Mexico City Court was welcomed by Roku General Counsel Stephen Kay.

“Today’s decision is an important victory for Roku and its Mexican distributor, Latamel Distribuidora, S. de R.L. de C.V. and Mexican retailers in the legal battle against an improper ban on sales of its popular streaming players in Mexico. We are pleased with the Collegiate Court’s decision and look forward to continuing to build Roku’s TV streaming business in Mexico,” Kay said.

Noting that streaming is the future of TV, offering greater choice for consumers alongside better value for money, Roku Chief Marketing Officer Matthew Anderson thanked the company’s customers in Mexico who continued to use the device over the past year, despite the troubles.

“We are grateful for our customers in Mexico who, despite the sales ban, continued to stream more and more hours; and for our retail partners and content providers who supported us throughout this past year. We look forward to launching the latest Roku devices in Mexico soon and giving customers an even richer streaming experience,” Anderson said.

Roku devices are expected to become available again during the next few weeks via distributors including Amazon, Best Buy, Office Depot, Radio Shack, Sears, and Walmart.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

09:42

Feeds | Coding Club – peer learning in programming, statistics and data science [Planet GridPP]

Coding Club – peer learning in programming, statistics and data science s.aragon 17 October 2018 - 9:30am

By Gergana Daskalova and Isla Myers-Smith, University of Edinburgh. Coding Club combines online and in-person resources to help teach quantitative skills to people at all career stages working inside and outside academia. Coding Club is focused on trying to overcome "code fear" and "statistics anxiety".

09:14

Big software/lousy software [Seth's Blog]

Capitalism is fueled by choice. It’s choice that drives suppliers to do better work, because they know you can pick a competitor. Choice moves power from the supplier to the customer.

Software works as a business. The cost of supporting one more user is very low, and the network effect is a miracle.

Any time someone builds software that works better when others are using it too, the network effect has a chance to kick in. Word dominated because you were better off using the same word processor as your peers, so you could exchange files.

Online, the network effect allows some companies to clear the table, signing up hundreds of millions of users, creating software dynasties.

And then, almost always, the software gets lousy.

Because we don’t have a choice (for now).

Paypal has a notoriously slow and weak search capability. Facebook used its hegemony to get careless about their UI and sloppy about public policy issues. Apple’s software rarely gets significantly improved…

Because we don’t have a choice (for now).

It’s surprising to me that capitalism’s most outspoken supporters aren’t clear about the difference between companies that exist in competitive markets, and those that have achieved lock in. The lock in that comes with the network effect almost ensures that the company will cease to innovate or optimize on the part of the customer. They’re paying attention to costs and profits, not long-term impact or customer satisfaction.

If you believe in free markets, then net neutrality and portability are essential building blocks for the future.

As more and more of our life involves networks (and their effects) a bias toward owning data and having other options in software is the best way we have to make sure we have a say on how we engage with the network.

[More here].

08:49

Tagged, p13 [Ctrl+Alt+Del Comic]

Ok, we are officially sold out of CAD 1.0 Box Sets in North America! Thank you to everyone who picked one up, and again, I am incredibly sorry if you ordered one only to have your order canceled. We oversold some copies that we simply did not have stock for, due to a discrepency between what I thought we had and what the warehouse actually had.

We do still have the digital PDFs of the book set on disc available. These files are the highest resolution possible (the same ones I sent to the printer to print the books), and are higher resolution than the digital download versions (for file size reasons). And at the moment, you can actually pick up the disc set (which also includes both seasons of the animated series) for less than digitally downloading them!

And that just leaves, 35 unsold copies of the Box Set left in the world. And they happen to reside in Australia, but apparently every Australian that wants one, has one. I had promised to look into moving these books to Europe, for customers there that might want them, and for a moment it looked… unlikely. But I crunched the numbers, and if there was enough interest, I could freight these remaining sets to Germany for distribution for $120 per set. That is for the books, delivered, anywhere in Europe that is not Russia, Turkey or Israel. It’s not as cheap as I’d hoped, but it is less than the $180+ it would have cost to ship one from the US.

However, I can only do this if I know these books have homes. Meaning enough people willing to commit (pre-order) them before they make their journey. I don’t want to take any money until I’m relatively sure I have the interest, so to that effect: If you live in Europe (except Russia Turkey or Israel), and you are interested in purchasing a box set for $120 shipped, hit this little poll and let me know. If there are enough of you, I’ll open orders and we’ll get these books on a boat or a plane or whatever.

05:21

Two Hearts in 4:4 Time [Diesel Sweeties webcomic by rstevens]

this is a diesel sweeties comic strip

Because you demanded it… The 13th Doctor vs. Venom??

03:42

Link [Scripting News]

Occam News Service reports that the Trump family sells protection and PR services to foreign governments like Saudi Arabia.

Link [Scripting News]

I had to see a specialist doctor today. At 63 my doctors are all younger than me. This one was so bright, careful in explaining and listening, enthusiastic about good health, an evangelist. Just 31 years old. Made me feel so optimistic about the future.

Link [Scripting News]

I want a new kind of news where there are no professionals. Only user-generated ideas. No blame discussed. No live debates. Only ideas for how to solve the obvious problems, and then we write the Occam’s version of the story.

03:35

Ladies, Please [QC RSS]

I am pleased to announce that the newest Hakase record is done! You can listen to it here and buy a copy if you want! I'm very pleased with how these songs turned out, if you like cute and chill bloops and bleeps it may be your jam!

02:21

View From a Hotel Window, 10/16/18: Seattle [Whatever]

Running a little late because I got into room late! But very pretty. No parking lot, sorry.

Tonight: I’m at the University Bookstore at 7pm! If you hurry you can still make it!

Tomorrow: Portland, Oregon and I’m at the Clackamas Barnes & Noble! Come see me please! Bring everyone you know!

01:35

The new Palm is a tiny phone you can't buy separetely [OSNews]

There's a new phone with the word "Palm" on it that's tiny, intriguing, and has very little to do with Palm beyond that word printed on the back. It comes from a startup in San Francisco, which purchased the rights for the name from TCL last year. It costs $349.99 and will be available in November, but you can't go out and buy it on its own. It's only available as an add-on to a current line. Also, Steph Curry is somehow involved.

This is a rather interesting little device, as it seems one of the very phones focusing on being a small device that gets out of your way instead of trying to draw you in. I honestly don't understand the business model, though - who's going to buy a second $350 phone you can only get when you buy your primary phone? This seems doomed to fail, even though I'm sure there are quite a few people who'd love to buy a relatively cheap, well-designed full Android phone that isn't a surfboard.

elementary OS 5 Juno released [OSNews]

Elementary OS, a rather interesting Linux distribution with a very heavy focus on usability, has released its latest release.

elementary OS is made up of two main parts: the "desktop" which includes the core user experience, look and feel, and system pieces; and the apps that come with the OS out of the box. elementary OS 5 Juno includes major updates across several of these core apps.

Elementary OS is sometimes regarded as the macOS of the Linux world, as it aims to pretty much streamline and hide all the less user friendly aspects of using Linux to higher degree than even systems like Ubuntu or Linux Mint. They also consider design a central aspect, which does seem to bear fruit - Elementary looks incredibly attractive.

Google details how it will comply with the EC's Android ruling [OSNews]

Google has detailed its response to the EU Android antitrust ruling, and going forward, Google's going to change quite a few things about how it distributes Android in the European Union.

First, we're updating the compatibility agreements with mobile device makers that set out how Android is used to develop smartphones and tablets. Going forward, Android partners wishing to distribute Google apps may also build non-compatible, or forked, smartphones and tablets for the European Economic Area (EEA). Second, device manufacturers will be able to license the Google mobile application suite separately from the Google Search App or the Chrome browser. Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the EEA. Android will remain free and open source. Third, we will offer separate licenses to the Google Search app and to Chrome.

While I doubt we'll see a sudden increase in competing platforms, these changes do make it possible for device makers to offer devices that are less tied to Google alongside their regular Google Android devices. I can imagine OEMs offering devices that run Microsoft's growing suite of Android applications, which would be a good thing for competition.

Savage Love [The Stranger, Seattle's Only Newspaper: Savage Love]

His wife wants to explore her bisexuality, but with men. by Dan Savage

I have a secret: For the past three months, I've been attending a local Jacks club (a men-only masturbation event). As someone recovering from sexual abuse, I find the party to be safe, therapeutic, and just sexy fun. I feel like I need this! Unfortunately, I spotted one of my employees at last week's event. Although I'm openly gay at my workplace, being naked, erect, and sexual in the same room as my employee felt wrong. I freaked out, packed up, and departed without him seeing me (I hope). I'm his manager at work, and I feel that being sexual around him could damage our professional relationship. It could even have dangerous HR consequences. I realize he has every right to attend Jacks, as much right as me, but I wish he weren't there. I want to continue attending Jacks, but what if he's there again? Frankly, I'm terrified to discuss the topic with him. Help!

Just A Cock Kraving Safety

"I hate to say it, but now that JACKS knows his employee attends these events, he really has to stop going," said Alison Green, the management consultant behind the popular Ask a Manager advice column (askamanager.org) and the author of Ask a Manager: How to Navigate Clueless Colleagues, Lunch-Stealing Bosses, and the Rest of Your Life at Work.

And why do you have to stop going to your beloved JO club?

"In an employment relationship where he's in a position of power," said Green, "JACKS has a responsibility to avoid any remotely sexual situation with an employee."

Green also strongly advises against pulling your employee aside and working out some sort of shared custody agreement—you get Jacks to yourself every other week—because initiating a conversation with a subordinate about when and where he likes to jack off would be a bad idea. She also doesn't think you can just keep going in the hopes that your employee won't be back.

"If he continues to attend and it got back to anyone at their workplace, it would be really damaging to his reputation—not the fact that he was at the event to begin with, but the fact that he continued to attend knowing an employee was also participating," said Green. "It would call his professional judgment into question, and it's highly likely that HR would freak out about the potential legal liability that arises when you have a manager and a subordinate in a sexual context together."

Okay, wait a minute. If it gets around the office that JACKS attended a JO party, that would mean the employee was gossiping about it at work. Why would a manager get in trouble for that and not the gossipy asshole he was supervising? Why would JACKS’s “professional judgment” be called into question and not the judgment of the employee who spread the news around the office?

“Gossiping about it definitely wouldn’t make the employee look great,” said Green. “The employee would look like a jerk for gossiping about something that the boss has the right to expect privacy around. But the boss is held to a higher standard: It’s part of his job to understand the boundaries he needs to have with the people he manages, to navigate the power differential appropriately, and to not create potential liability (legal or otherwise) for the company. So for the employee, it’s going to reflect badly on him personally (he’s a gossip)—but for the boss, it’s going to reflect badly on him as a manager.”

It seems crazy unfair to me that you should have to stop going to parties you not only enjoy, JACKS, but that have aided in your recovery. And Green agrees—it isn't fair—but with great power (management) comes great responsibility (avoiding places where your employees are known to jack off).

"It's never going to feel fair to have to drop out of a private, out-of-work activity just because of your job," said Green. "I'm hoping it's possible for JACKS to find a different club in a neighboring town. Or he could start his own club and offer a safe haven for other managers hiding out from potential run-ins with employees—Jacks for Middle Managers or something!"

While I had Green's attention, I asked her about other sorts of gay social events that might toss a manager and an employee into a sexual context—think of the thousands of men who attended the Folsom Street Fair in San Francisco last month. Gay men (and others) walk around in various states of undress or dress up, and a lot of flirting, groping, and more goes down. Should gay men in management have to skip events like Folsom lest they run into men they supervise?

"Public events are different from private clubs," said Green. "A private club is more intimate, and a public event is, well, public. And it's not reasonable or practical to expect managers to entirely curtail their social lives or never attend a public event. But a private club that's organized specifically and primarily for sexual activity is in a different category."

However, gay managers who run into employees at events like Folsom or circuit parties shouldn't ogle, hit on, or photograph their employees.

"If someone who reports to you is in a sexual situation," said Green, "you should keep moving and give them as much space as you reasonably can."

I'm going to give myself the last word here: You've been attending that JO club for months and saw your employee there only once, JACKS, so I think you can risk going back at least one more time. I would hate to see you deprived of release (and see your recovery set back!) if your employee was there only that one time.

Follow Alison Green on Twitter @AskAManager.


My husband and I are visiting Italy right now. We decided to try out the local hospitality and have had two bad hookups. Both of us knew early on in the encounters that we weren't enjoying it, but we didn't know how to extricate ourselves. What is the proper way to end a failed hookup with minimum insult/hurt to the third person?

Texans Seeking Amore

1. The unvarnished truth: "We're sorry, but we aren't really feeling it."

2. The little white lie: "Oh, my goodness. I think the clams we ate earlier were off. I'm so sorry, we're going to have to call it a night."


My wife recently came out as bisexual after spending time with a woman who awakened her feelings. I suspected for a long time that my wife was probably bisexual, so I had no issues telling her to explore this side of her sexuality. My only caveat for opening our marriage was that I wasn't comfortable with her entering into a relationship with another man. This pissed my wife off, she told me I was being irrational, we fought about it, blah blah blah. Fast-forward a few weeks. My wife swiped right on a guy on Tinder and then checked in with me to see if the boundaries had shifted. I have a hotwife-type fetish, so I gave her the okay to swap sexy texts and we agreed on a possible threesome. It didn't pan out, my wife was bummed, we moved on. She has started chatting up other guys on Tinder. Nothing has happened yet between them, but I feel like I'm being pulled ahead of where I'm comfortable in exploring an open marriage. I'm not opposed to simple hookups, but a separate relationship with a man? The intimacy and affection parts bug me. How do you acclimate to this kind of adjustment? Or do I throw the brakes on and reverse?

Personally Feeling Fearful Today

So you gave your wife permission to explore her bisexuality—with other women—and she jumped on Tinder and started swiping right on men? Even though you'd told her that wasn't something you were comfortable with? And it now appears that your wife doesn't just want to have sexual experiences with women and men (but mostly with men), but relationships with other women and men (but mostly with men)? And she only checks in with you about your boundaries to see if they've crumbled yet?

This isn't how someone opens up a marriage, PFFT, unless that someone isn't interested in staying married. So you're going to need to hit the brakes and get some clarity from your wife. You're willing to open your marriage up to allow for outside sexual experiences, preferably ones you get to take part in (hot-wifing scenes, threesomes), but you're not interested in polyamory—that is, you don't want your wife to have a boyfriend. If a boyfriend is what she wants, and she's unwilling to compromise and can't negotiate with you in good faith, you don't want to be her husband.


On the Lovecast, cartoonist Ellen Forney on dating with bipolar disorder: savagelovecast.com.

mail@savagelove.net

@fakedansavage on Twitter

ITMFA.org

[ Comment on this story ]

[ Subscribe to the comments on this story ]

00:49

00:14

[$] A farewell to email [LWN.net]

The free-software community was built on email, a distributed technology that allows people worldwide to communicate regardless of their particular software environment. While email remains at the core of many projects' workflow, others are increasingly trying to move away from it. A couple of recent examples show what is driving this move and where it may be headed.

00:00

Matthew Garrett: Initial thoughts on MongoDB's new Server Side Public License [Planet Debian]

MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.

“Service Source Code” means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available.


MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI.

At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

A stranger point is that you're required to provide all of this under the terms of the SSPL. If you have any code in your stack that can't be released under those terms then it's literally impossible for you to comply with this license. I'm not a lawyer, so I'll leave it up to them to figure out whether this means you're now only allowed to deploy MongoDB on BSD because the license would require you to relicense Linux away from the GPL. This feels sloppy rather than deliberate, but if it is deliberate then it's a massively greater reach than any existing copyleft license.

You can definitely make arguments that this is just a maximalist copyleft license, the AGPL taken to extreme, and therefore it fits the open source criteria. But there's a point where something is so far from the previously accepted scenarios that it's actually something different, and should be examined as a new category rather than already approved categories. I suspect that this license has been written to conform to a strict reading of the Open Source Definition, and that any attempt by OSI to declare it as not being open source will receive pushback. But definitions don't exist to be weaponised against the communities that they seek to protect, and a license that has overly onerous terms should be rejected even if that means changing the definition.

In general I am strongly in favour of licenses ensuring that users have the freedom to take advantage of modifications that people have made to free software, and I'm a fan of the AGPL. But my initial feeling is that this license is a deliberate attempt to make it practically impossible to take advantage of the freedoms that the license nominally grants, and this impression is strengthened by it being something that's been announced with immediate effect rather than something that's been developed with community input. I think there's a bunch of worthwhile discussion to have about whether the AGPL is strong and clear enough to achieve its goals, but I don't think that this SSPL is the answer to that - and I lean towards thinking that it's not a good faith attempt to produce a usable open source license.

(It should go without saying that this is my personal opinion as a member of the free software community, and not that of my employer)

[1] There's some complexities around GPL3 code that's incorporated into the AGPLed work, but if it's not part of the AGPLed work then it's not covered

comment count unavailable comments

Tuesday, 16 October

23:07

Link [Scripting News]

Here's a weird idea I proposed to one of my favorite political analysts. Why can't journalism raise issues? They don't have to let politicians drive this. Don't the voters have issues that need airing? What about the people who wrote the Constitution who expected Congress to act as a check on the Executive branch? Why do we have to sit on the sidelines and accept the crap they hand us. Now Elizabeth Warren is doing it. Jeez. You'd think they wrote off the intellect and seriousness of the electorate. Time to change the way we do things. Journalism could be where the change starts. Of course they would have to listen, for a new idea to penetrate. 💥

22:28

21:42

Reproducible builds folks: Reproducible Builds: Weekly report #181 [Planet Debian]

Here’s what happened in the Reproducible Builds effort between Sunday October 7 and Saturday October 13 2018:

Another brief reminder that another Reproducible Builds summit will be taking place between 11th—13th December 2018 in Mozilla’s offices in Paris. If you are interested in attending please send an email to holger@layer-acht.org. More details can also be found on the corresponding event page of our website.

diffoscope development

diffoscope is our in-depth “diff-on-steroids” utility which helps us diagnose reproducibility issues in packages) was updated this week, including contributions from:

Packages reviewed and fixed, and bugs filed

Test framework development

There were a large number of updates to our Jenkins-based testing framework that powers tests.reproducible-builds.org by Holger Levsen this month, including:

In addition, Mattia Rizzolo performed some node administration (1, 2).

Misc.

This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Adobe bringing full version of Photoshop CC to iPad in 2019 [OSNews]

At its annual Adobe Max conference, Adobe announced plans to bring a complete version of Photoshop to the iPad in 2019. Photoshop CC for iPad will feature a revamped interface designed specifically for a touch experience, but it will bring the power and functionality people are accustomed to on the desktop. This is the real, full photoshop - the same codebase as the regular Photoshop, but running on the iPad with a touch UI. The Verge's Dami Lee and artist colleagues at The Verge got to test this new version of Photoshop, and they are very clear to stress that the biggest news here isn't even having the "real" Photoshop on the iPad, but the plans Adobe has for the PSD file format.
But the biggest change of all is a total rethinking of the classic .psd file for the cloud, which will turn using Photoshop into something much more like Google Docs. Photoshop for the iPad is a big deal, but Cloud PSD is the change that will let Adobe bring Photoshop everywhere.

This does seem to be much more than a simple cash grab, and I'm very intrigued to see if Adobe finally taking the iPad serious as a computing platform will convince others to do so, too - most notably Apple.

20:00

Link [Scripting News]

I just gave $25 to Joe Donnelly who's running for Senate in Indiana.

My agenda for the midterms [Scripting News]

I scattered $25 contributions all around the country for Senate races, so of course now I'm getting calls and spam from Dems wanting more.

If they're willing to call me, with a real human being (it seems) why not send an email written by a human being, asking if I have anything I want to contribute that might not be money?

Someday political parties will do more than advertise, they will gather the best ideas from the people and implement them. A different kind of transparency.

Right now I'd tell the Dems to talk about oversight.

Restoring power to Congress.

And that means voting out the Repubs.

I'd like to hear some promises from Dems that they plan to provide the missing oversight.

19:42

The Humble Software Bundle: Computer Care Today’s new... [Humble Bundle Blog]



The Humble Software Bundle: Computer Care 

Today’s new bundle features software by IObit! Show your computer you care with applications like IObit Malware Fighter 6 PRO, Driver Booster 6 PRO, and IOTransfer 3.


Assets for Press and Partners

19:21

18:56

Undetectably bypass voting machines' anti-tamper mechanism with a bit of a soda-can [Cory Doctorow – Boing Boing]

When security researchers report on the ghastly defects in voting machines, the officials who bought these machines say dismiss their concerns by saying that the tamper-evident seals they put around the machines prevent bad guys from gaining access to their internals.

But University of Michigan grad student Matt Bernhard has demonstrated that he can bypass the tamper-evident seals in seconds, using a shim made from a slice of a soda can. The bypass is undetectable and doesn't damage the seal, which can be resecured after an attacker gains access to the system.

Fred Woodhams from the Michigan Secretary of State's office dismissed Bernhard's warning: "the seal that is shown in the video was not affixed to anything, and the video does not represent a real-world scenario of how seals are used and affixed."

"The seal that is shown in the video was not affixed to anything, and the video does not represent a real-world scenario of how seals are used and affixed," spokesman Fred Woodhams said in an email to Motherboard. "The video also provides no context about the sum total of security measures for tabulators and sealed ballot containers, which are stored in locked area within a clerk’s office, among other security measures that help prevent election tampering. I would note that the sealed ballot containers store ballots that already have been counted."

Bernhard, however, said that although voting machines may be locked when they are stored in the county clerk's building, they are left unattended for days at polling places—high school gyms, churches, and community centers—prior to elections. Often times they're left out in the open or in rooms that don’t have locks. Even when they are stored in rooms that have locks, those locks can be defeated as easily as the seals. And although some of these facilities may also be monitored by surveillance cameras, cameras can be defeated as well he notes.

"Seals [and ties] make machines a little bit more secure because attackers have to do a little more work [to get to the machines]," he said, but not much. Even more advanced tags made from steel can be defeated, though it might take a little longer to do so. "It takes 5 minutes vs, 20 seconds [for the plastic ones]," he said.

Security Seals Used to Protect Voting Machines Can Be Easily Opened With Shim Crafted from a Soda Can [Kim Zetter/Motherboard]

18:49

Remembering Paul Allen [I, Cringely]

Microsoft co-founder Paul Allen died yesterday at age 65. His cause of death was Non-Hodgkins Lymphoma, the same disease that nearly killed him back in 1983. Allen, who was every bit as important to the history of the personal computer as Bill Gates, had found an extra 35 years of life back then thanks to a bone marrow transplant. And from the outside looking-in, I’d say he made great use of those 35 extra years.

Of all the early PC guys, Allen was probably the most reclusive. Following his departure from Microsoft in 1983 I met him only four times. But prior to his illness Allen had been a major factor at Microsoft and at MITS, maker of the original Altair 8800 microcomputer for which Microsoft provided the BASIC interpreter and where Allen was later head of software.

Remember it was Allen not Gates, who travelled to Albuquerque and did the first BASIC demo for MITS in 1975.

That MITS job eventually became problematic when Bill Gates used it as a reason to demand 64 percent of Microsoft’s founder shares to Paul Allen’s 36 percent. It was probably the most expensive job in the history of work.

Most of the people who read this won’t have known Paul Allen as a programmer or software executive, just as the reclusive owner of the Portland Trailblazers and Seattle Seahawks.

The guy was a paradox, at once flamboyant and reserved. He owned the world’s largest yacht, called Octopus. That Boeing 757 Donald Trump flew in before becoming U.S. President was previously Allen’s, bought not to fly him but just to fetch guests to and from the yacht, wherever it was sailing in the world at the time.

Paul Allen was a man of great enthusiasms and appetites. In the 1980s it was playing the guitar and his fascination with Seattle native Jimi Hendrix, which led to the purchase of many, many guitars and the creation of what is now The Museum of Pop Culture, the first of several Allen museums. In more recent years he kept at Paine Field the Flying Heritage Museum, one of the largest private collections of military aircraft. Though Allen was not, himself, a pilot, his planes could all fly, and do. And where Oracle’s Larry Ellison used to talk about buying a supersonic MiG-29 fighter, Paul Allen owned a supersonic MiG-29 fighter. I wonder if he ever flew in it?

Paul Allen paid for cool stuff. He kept the SETI Institute alive and looking for signs of extraterrestrial intelligence. He built the Allen Array of radio telescopes to help with that effort and to further explore the universe. He paid for SpaceShipOne and won the Ansari X-Prize. In recent years he had been pouring hundreds of millions into StratoLaunch, a new way of firing satellites into orbit from a giant six-engine aircraft built out of two Boeing 747-400s.

Hardly anything he tried made money, but who cared? Thanks to Microsoft he had more money than any individual could ever spend.

Paul Allen was an exceedingly polite man who came across as not just shy, but wary. This always confused me because of his willingness to make such big financial bets. Why was he so wary of people? The origin story for that attitude can be found in Allen’s autobiography, where he wrote of overhearing Bill Gates and Steve Ballmer allegedly plotting to get back Allen’s Microsoft shares when he was dying in the early 80s.

This wariness was reinforced by people around Allen who gained power by telling him to be suspicious, that nearly every stranger he met wanted something. Maybe it was true, but it always brought an element of sadness to him, at least it seemed that way to me.

And yet there were also moments of simple joy. Late one night 23 years ago in Albuquerque we were hungry. The only place still open was the drive-through at a nearby burger joint. Neither of us had a car, so we walked between cars, waiting to walk up to the window and order. And like just about every other billionaire I’ve ever met, Allen had no money, so dinner was on me.

He was a nice man and left us too soon.








Digital Branding
Web Design Marketing

18:14

Bro becomes Zeek [LWN.net]

The Bro network security monitoring project has announced a name change to "Zeek". "On the Leadership Team of the Bro Project, we heard clear concerns from the Bro community that the name 'Bro' has taken on strongly negative connotations, such as 'Bro culture'. These send a sharp, anti-inclusive - and wholly unintended and undesirable - message to those who might use Bro. The problems were significant enough that during BroCon community sessions, several people have mentioned substantial difficulties in getting their upper management to even consider using open-source software with such a seemingly ill-chosen, off-putting name."

17:49

17:42

Vodlocker Hammers Streaming Sites with JavaScript-based DDoS [TorrentFreak]

Last year we highlighted a rather interesting service which makes it easy for anyone to embed a pirated movie.

Requiring only an IMDb number, Vodlocker.to allows anyone to embed videos, many of which are pirated.

This turned out to be a welcome feature for many smaller site operators, who use basic scripts to set up a streaming portal with minimal investment. In exchange, Vodlocker can serve some extra ads on these sites, which makes it a win-win for both parties.

More recently, however, it appears that ‘someone’ has added some extra code to the Vodlocker site that does more than streaming video or placing ads. As a result, the embedded videos are also being used to DDoS certain video streaming portals.

Looking at the source of the embed pages, we see a piece of JavaScript that attempts to load content from external sites. This is triggered by unwitting visitors; not once, but dozens of times per second. The smaller sites in question, understandably, collapse under this load.

The script

When we checked the site on Monday, Rainierland.com and Movie2k.st were being targeted, resulting in downtime. Today, the code has been updated and it’s now pointing movie4k.is, which is mostly unreachable as a result.

Movie4k.is attack in action

It’s not clear what the motivation for this attack is, or if Vodlocker is perhaps compromised, but it appears to be an intentional effort to take these streaming sites down.

Before the weekend the German news site Tarnkappe reported that another site, Filmpalast.to, was suffering from a similar DDoS attack.

Many of the sites that rely on these Vodlocker.to embed codes probably have no idea that they are participating in the attacks. The same is true for their visitors, who are unwittingly transformed into an army of stream-watching DDoS bots.

We contacted several of the affected sites for a comment but haven’t heard back. Vodlocker.to has no contact address listed, so we haven’t been able to reach out to the site itself.

The JavaScript-based attack itself isn’t new. Cloudflare previously highlighted the problem, describing it as a growing issue on the Internet.

“If an attacker sets up a site with this JavaScript embedded in the page, site visitors become DDoS participants. The higher-traffic the site, the bigger the DDoS,” Cloudflare explained in a blog post some years ago.

“Since purpose-built attack sites typically don’t have many visitors, the attack volume is typically low. Performing a truly massive DDoS attack with this technique requires some more creativity.”

In this case, there appears to be enough volume to take smaller sites offline. Not only are there a lot of sites who rely on the Vodlocker.to embeds, the visitors generally keep their tabs open for a more than an hour, while they’re watching, continuously hammering away.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

17:28

Insecure medical implant company Medtronic finally plugs one of its worst vulnerabilities [Cory Doctorow – Boing Boing]

Medtronic (previously) is a notoriously insecure medical implant manufacturer whose devices have been repeatedly shown to be grossly insecure -- their pacemakers can be hacked before leaving the factory!

To make things worse, the company is notably hostile to independent security research and repair.

The latest twist in the saga: Medtronic has been the subject of an FDA security alert, which has prompted the company to finally disable its insecure software updating system (which let hackers push malicious updates to the hardware "wands" used to update pacemakers) for some models (after denying that this was a problem!).

These wands will now have to be updated by USB.

Two models, the Carelink 2090 and the Carelink Encore 2091, could have been tampered with by an attacker modifying their firmware and, in turn, change how the programmers configured the implants. Medtronic said that now not only does it believe those vulnerabilities would be locally exploitable, but could also be targeted by an attacker who was able to remotely access the device.

"Although the programmer uses a virtual private network (VPN) to establish an internet connection with the Medtronic [software distribution network] SDN, the vulnerability identified with this connection is that the programmers do not verify that they are still connected to the VPN prior to downloading updates," the FDA explained.

"To address this cybersecurity vulnerability and improve patient safety, on October 5, 2018, the FDA approved Medtronic's update to the Medtronic network that will intentionally block the currently existing programmer from accessing the Medtronic SDN."

It's the real Heart Bleed: Medtronic locks out vulnerable pacemaker programmer kit [Shaun Nichols/The Register]

(via /.)

17:07

Today in GPF History for Tuesday, October 16, 2018 [General Protection Fault: The Comic Strip]

Confronted with his own hypocrisy, Ki's father apologizes for his treatment of Nick...

16:42

Security updates for Tuesday [LWN.net]

Security updates have been issued by CentOS (ghostscript and spamassassin), Debian (moin, spice, and tomcat8), Fedora (kernel-headers, kernel-tools, and libgit2), Oracle (ghostscript and tomcat), Red Hat (ghostscript and tomcat), Scientific Linux (ghostscript and tomcat), SUSE (git, kernel, python, and samba), and Ubuntu (net-snmp and thunderbird).

SFLC: Automotive Software Governance and Copyleft [LWN.net]

The Software Freedom Law Center has announced the availability of a whitepaper [PDF] about automotive software and copyleft, written by Mark Shuttleworth and Eben Moglen. At its core, it's an advertisement for Ubuntu and Snap, but it does look at some of the issues involved.

The fine grain of interface access rights provided by the snapd governance agent can thus provide further isolation and security when it is running user-modified code, guaranteed under the snap packaging paradigm to cause no other program code to be modified, to break, or to perform differently because of the presence of the user-modified program. Such a structure of modification permission can be operated by the OEM consistent with the requirements of GPLv3. The OEM can publish an authenticated record of the installation permission issued, indexed by the Vehicle Identification Number—without publishing the car owner’s personal information—so that public and private parties can be assured that no surreptitious modification of vehicle software occurs.

Snetris is "snake + tetris" [Cory Doctorow – Boing Boing]

Felipe is a Portuguese game-developer who makes fun, crowdfunded minigames; he tweeted a tantalyzing video clip showing an idea for a Snake/Tetris mashup called "Snetris," and the response was so warm and excited that he's promised to develop a playable version!

(via Kottke)

15:56

Study blames Uber/Lyft for San Francisco traffic, Uber/Lyft blames Amazon, propose surge pricing [Cory Doctorow – Boing Boing]

A new report from the San Francisco County Transportation Authority attributes the majority (51%-73%) of the prodigious 2010-2016 increase in San Francisco traffic congestion on Uber and Lyft; the rideshare companies dispute the finding and say that it's really down to increased Amazon Prime delivery vehicles and Lyft has offered to work with the city on "congestion pricing" whereby use of the public roads are taxed at the same rate for both the city's incredibly wealthy tech elite and struggling underclass, with the intention of limiting private vehicle use.

The companies have agreed to a 3.5% tax on single-rider trips to fund public transit, which will only go into effect if it is ratified by ballot initiative in 2019.

San Francisco's public transit is markedly over capacity; it's been years since I last got a seat on a BART train and I frequently have to wait for multiple trains to go by before I find a car with enough space to board.

By contrast, the French city of Dunkirk made its public transit free and increased service levels and saw a massive decrease in private vehicle use and traffic congestion; riders have discovered a newfound socialibility with their neighbors that they find delightful.

“In the stories that are told all the time, blanket statements are made,” says Joe Castiglione, the deputy director for technology, data, and analysis at the SFCTA. “That really ignores a lot of the reality of the situation: Not that these impacts are spread everywhere in space or time, but that, in fact, they are highly concentrated in space and time.”

Castiglione and his colleagues will present the report to the city’s Board of Supervisors, its main legislative body, on Tuesday morning. It will be up to the board to decide how to use the data. In fact, the board just struck a deal with the ride-hailers: This summer, after a protracted negotiation with the city, both Uber and Lyft agreed to a proposal for a new 3.25 percent tax on net rider fares for each solo trip, and a 1.5 percent tax on shared rides. Government officials say the money raised from these new taxes will county transit uses. The agreement has to be affirmed in a ballot measure by two-thirds of city voters, who will decide on the proposal next year.

And it’s always worth remembering, as transportation professionals say again and again, that congestion can be a sign that your city is thriving. “Congestion arises because we have people, and people go out and do things and they have jobs,” says Castiglione. Fighting congestion is good. But expecting traffic to disappear—or blaming it all on one or two players—isn’t realistic.

Uber and Lyft Made Traffic Worse in San Francisco. But It’s Complicated [Aarian Marshall/Wired]

(Image: Zzyzx11, CC-BY-SA)

Feeds

FeedRSSLast fetchedNext fetched after
XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
a bag of four grapes XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
A Smart Bear: Startups and Marketing for Geeks XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
All - O'Reilly Media XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Anarcho's blog XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Ansible XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
Bad Science XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
Black Doggerel XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Blog – Official site of Stephen Fry XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
Broodhollow XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Charlie Brooker | The Guardian XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Charlie's Diary XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Chasing the Sunset - Comics Only XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
Clay Shirky XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Coding Horror XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
Cory Doctorow – Boing Boing XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Cory Doctorow's craphound.com XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Ctrl+Alt+Del Comic XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Cyberunions XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
David Mitchell | The Guardian XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
Debian GNU/Linux System Administration Resources XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Deeplinks XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Diesel Sweeties webcomic by rstevens XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
Dork Tower XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Edmund Finney's Quest to Find the Meaning of Life XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
Eerie Cuties XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
EFF Action Center XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
Enspiral Tales - Medium XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
Erin Dies Alone XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
Events XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Falkvinge on Liberty XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Flipside XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Free software jobs XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
Full Frontal Nerdity by Aaron Williams XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
General Protection Fault: The Comic Strip XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
George Monbiot XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
Girl Genius XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
God Hates Astronauts XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Graeme Smith XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Groklaw XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Hackney Anarchist Group XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
http://cashing-knowledge.jp/?feed=rss2 XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
http://dungeond.com/comic.rss XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
http://dynamic.boingboing.net/cgi-bin/mt/mt-cp.cgi?__mode=feed&_type=posts&blog_id=1&id=1 XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
http://eng.anarchoblogs.org/feed/atom/ XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
http://feed43.com/3874015735218037.xml XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
http://feeds2.feedburner.com/GeekEtiquette?format=xml XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
http://fulltextrssfeed.com/feeds2.feedburner.com/uclick/doonesbury?format=xml XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
http://london.indymedia.org/articles.rss XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
http://pipes.yahoo.com/pipes/pipe.run?_id=ad0530218c055aa302f7e0e84d5d6515&amp;_render=rss XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
http://the-programmers-stone.com/feed/ XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
http://thecommune.co.uk/feed/ XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
http://ubuntuweblogs.org/atom.xml XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
http://www.airshipentertainment.com/buck/buckcomic/buck.rss XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
http://www.airshipentertainment.com/growf/growfcomic/growf.rss XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
http://www.airshipentertainment.com/myth/mythcomic/myth.rss XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
http://www.amongruins.org/?feed=atom XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
http://www.baen.com/baenebooks XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
http://www.dcscience.net/feed/medium.co XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
http://www.feedsapi.com/makefulltextfeed.php?url=http%3A%2F%2Fwww.somethingpositive.net%2Fsp.xml&what=auto&key=&max=7&links=preserve&exc=&privacy=I+accept XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
http://www.freedompress.org.uk/news/feed/ XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
http://www.goblinscomic.com/category/comics/feed/ XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
http://www.google.com/calendar/feeds/q7s5o02sj8hcam52hutbcofoo4%40group.calendar.google.com/public/basic XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
http://www.hackneysolidarity.info/rss.xml XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
http://www.steampunkmagazine.com/inside/feed/ XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
http://www.tinycat.co.uk/feed/ XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
https://hackbloc.org/rss.xml XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
https://kajafoglio.livejournal.com/data/atom/ XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
https://kimmo.suominen.com/stuff/dilbert-daily.xml XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
https://philfoglio.livejournal.com/data/atom/ XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
https://studiofoglio.livejournal.com/data/atom/ XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
https://twitter.com/statuses/user_timeline/22724360.rss XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
https://web.randi.org/?format=feed&type=rss XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
https://www.newstatesman.com/feeds/blogs/laurie-penny.rss XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
https://www.rightmove.co.uk/rss/property-for-sale/find.html?locationIdentifier=REGION^876&maxPrice=240000&minBedrooms=2&displayPropertyType=houses&oldDisplayPropertyType=houses&primaryDisplayPropertyType=houses&oldPrimaryDisplayPropertyType=houses&numberOfPropertiesPerPage=24 XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
Humble Bundle Blog XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
I, Cringely XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Irregular Webcomic! XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Joel on Software XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
Judith Proctor's Journal XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
Krebs on Security XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Lambda the Ultimate - Programming Languages Weblog XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
LFG Comics XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
LLVM Project Blog XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
Loomio Blog XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
LWN.net XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Menage a 3 XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Mimi and Eunice XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
Neil Gaiman's Journal XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
Nina Paley's Blog XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
O Abnormal – Scifi/Fantasy Artist XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
Oglaf! -- Comics. Often dirty. XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Oh Joy Sex Toy XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Order of the Stick XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Original Fiction – Tor.com XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
OSNews XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
Paul Graham: Unofficial RSS Feed XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
Penny Arcade XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Penny Red XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
PHD Comics XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
Phil's blog XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
Planet Debian XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
Planet GridPP XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
Planet Lisp XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
Property is Theft! XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
QC RSS XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
Scenes From A Multiverse XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
Schneier on Security XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
SCHNEWS.ORG.UK XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
Scripting News XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Seth's Blog XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
Skin Horse XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Starslip by Kris Straub XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Tales From the Riverbank XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
The Adventures of Dr. McNinja XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
The Bumpycat sat on the mat XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
The Command Line XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
The Daily WTF XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
The Monochrome Mob XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
The Non-Adventures of Wonderella XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
The Old New Thing XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
The Open Source Grid Engine Blog XML 12:07, Saturday, 20 October 12:54, Saturday, 20 October
The Phoenix Requiem XML 12:49, Saturday, 20 October 13:29, Saturday, 20 October
The Rogues Gallery XML 12:07, Saturday, 20 October 12:55, Saturday, 20 October
The Stranger, Seattle's Only Newspaper: Savage Love XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
TorrentFreak XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
towerhamletsalarm XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
Twokinds XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
UK Indymedia Features XML 12:14, Saturday, 20 October 12:56, Saturday, 20 October
Uploads from ne11y XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
Uploads from piasladic XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October
Wayward Sons: Legends - Sci-Fi Full Page Webcomic - Updates Daily XML 12:28, Saturday, 20 October 13:14, Saturday, 20 October
What If? XML 12:14, Saturday, 20 October 12:55, Saturday, 20 October
Whatever XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
Whitechapel Anarchist Group XML 12:28, Saturday, 20 October 13:17, Saturday, 20 October
WIL WHEATON dot NET XML 12:49, Saturday, 20 October 13:33, Saturday, 20 October
wish XML 12:49, Saturday, 20 October 13:34, Saturday, 20 October
xkcd.com XML 12:42, Saturday, 20 October 13:25, Saturday, 20 October