Today, we're happy to announce the publication of our Contributor's Frequently Asked Questions (FAQ) guide. The guide is meant to help contributors to Free Software Foundation (FSF) copyrighted packages better understand our copyright assignment program. Copyleft licenses like the GNU General Public License rely on copyright law in order to ensure that free software remains free. The tools that copyright law provides enable the copyright holder on a work to make sure that the work is always distributed in a way that enables users to run, edit, share, and contribute to their modifications of the work. When a license violator fails to live up to these standards, only the copyright holder is able to use the powers granted by copyright law in order to enforce the terms of the license on the code. For over thirty-five years, the FSF has handled license enforcement for many important GNU Project packages. In order to put us in the best position to do that enforcement work, we require contributors on FSF-copyrighted packages to assign their copyright to the FSF. Thousands of contributors have happily made such assignments over the years, but often have questions about the process or what assignment means. The FSF's Licensing & Compliance Lab created this FAQ so we could collect the answers to the most common questions in order to help contributors better understand the system and keep the program running smoothly.

Here's your weekly Fedora report. Read what happened this week and what's coming up. Your contributions are welcome (see the end of the post)! The Nest With Fedora CfP closes next Friday! Registration is open now.

I finally got my old computer out of the bedroom, since the new computer had to go back to Lenovo for an undetermined length of time due to a malfunctioning USB hub. Even at 5 years old, the Late 2016 Yoga 900 still going strong with Fedora 34, which I upgraded to last week. The upgrade process went off without any hitch, using the DNF system upgrade plug-in. This isn’t an official way to upgrade Fedora, but then again, what is? GNOME Software probably works, but I like to know what’s going on in the background so if something does glitch I know what went wrong. In Fedora 33, the default file system was changed to BtrFS. While I was skeptical initially, it turned out to be the right decision. While it did not use compress by default, it was a simple matter of editing /etc/fstab to tack on the ,compress=zstd switch on the / and /home mount options and then to compress both my / volume and /home subvolume. Just as easily as tacking on a sudo to the command I found at the Arch Linux wiki btrfs filesystem defragment -r -v -czstd / and then following up with btrfs filesystem defragment -r -v -czstd /home and waiting a few moments.

In the spring of 2018, MIT launched the Work of the Future Task Force to understand the impact of our increasingly intelligent machines on the future of work, and how to best harness these technological innovations for social benefit. The MIT-wide task force released its findings and recommendations in a November, 2020 report, - Building Better Jobs in an Age of Intelligent Machines. In addition to the task force report, the Work of the Future initiative has published a number of working papers and research briefs on related topics. I’d like to now discuss one of those briefs, The Future of Work in Logistics by Arshia Mehta and Frank Levy, which explored the transformation of the retail industry since the advent of e-commerce in the 1990s. The brief is a very interesting case study of the evolution of the retail industry over the past few decades. “Twenty years ago, U.S. distribution networks were built to deliver products in bulk to retail stores,” wrote the authors. “Today, large parts of distribution networks are built to deliver individual items to home residences. The shift has been driven by technology, working through e-commerce, and recently reinforced by the COVID-19 pandemic.” e-commerce was one of the earliest applications on the Internet. Amazon and eBay started handling e-commerce transactions in the mid-1990s. Online sales grew slowly at first. In 2001 online shopping comprised 1% of all US retails sales, partly because the vast majority of users accessed the Internet over dial-up phones, and only 4% did so using the much more convenient broadband access. In those early days, online shopping was considered a novel application for leading edge Internet users.

But then ransomware exploded again. One of the most prolific ransomware gangs, REvil, conducted its boldest attacks yet over the Fourth of July weekend, on Kaseya, which services customers who in turn contract with thousands of businesses. Though the dust has yet to settle, researchers say the hack allowed REvil to infect more than 1,500 different organizations. The gang seems to have bitten off more than it can chew and has asked for a $70 million lump sum to unlock all infected computers.

Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime — known variously as “ATM smash-and-grab” or “chain gang” attacks — is rapidly increasing in other states.

Dear Tumbleweed users and hackers, From the feeling, I probably have to say, the Summer holiday is upon us. Tumbleweed is still rolling of course: it’s not warm enough to have melted our rubber tires to make them sticky glue. During the last week, we have released 5 snapshots (0702, 0703, 0704, 0706, and 0707)

Announcing Arti, a pure-Rust Tor implementation (Tor blog) The Tor project, which provides tools for internet privacy and anonymity, has announced a rewrite of the Tor protocols in Rust, called Arti. It is not ready for prime time, yet, but based on a grant from Zcash Open Major Grants (ZOMG), significant work is ongoing; the plan is "to try bring Arti to a production-quality client implementation over the next year and a half". The C implementation is not going away anytime soon, but the idea is that Arti will eventually supplant it.

Dirk Eddelbuettel: drat 0.2.1: Small Tweak A new minor release of drat arrived on CRAN overnight. This is a minor update relative to the 0.2.0 release in April. This release will now create an empty file index.html in the top-level (when initRepo() is called), and check for presence of such a file when adding files to a repo (via insertPackage()). This helps to avoid getting ‘404’ results when (perfectly valid) drat repos are checking by accessing the top-level URL, as for example CRAN does when testing if an Additional_repositoiries is reachable. The ‘step-by-step’ vignette had already suggested creating one by hand, this is now done programmatically (and one is present in the repo suggsted to fork from too). drat stands for drat R Archive Template, and helps with easy-to-create and easy-to-use repositories for R packages. Since its inception in early 2015 it has found reasonably widespread adoption among R users because repositories with marked releases is the better way to distribute code. See below for a few custom reference examples.

Timezones of Countries and Country Subdivisions While this ultimately is just a small table with a few hundred entries, it’s actually rather complicated to get to. The official IANA zonetab has at least some data on countries, but for the country subdivisions we need more. The most detailed data in this regard is the IANA timezone boundaries dataset, which contains high resolution geographic areas for each timezone, generated from OSM. Inspired by that I built a similar dataset for countries and country subdivisions boundaries some time ago. What we are looking for now is the intersection of those two. Not something one would want to implement manually, but fortunately QGIS provides the right tools for this already. We use that in form of a Python script that can run inside QGIS, download and unpack the needed data files, preprocess them for our use, compute the data we need from then and then generate C++ code from that. [...] Feedback for this is very welcome, on the implementation but also regarding use-cases and requirements you have in your application. Check the corresponding Phabricator task and the Gitlab branch for this, or find me in the #kde-devel channel on Matrix, the weekly KF6 meetings or the kde-frameworks-devel mailing list.

Why are app developers porting to Apple Silicon and not to Linux? [Ed: Stuff they port is likely worthless proprietary software that GNU/Linux users won't run anyway] Today we're going to address something that is regularly pointed out to me in the comments: why would third party application developers go through all the trouble of porting their apps to Apple Silicon, which is a whole new architecture, and not do a port for Linux, which runs mostly on x86 CPUs, same as what Macs and Windows computers generally run up to that point

If you've mastered Python 101, you're probably better at programming than OpenAI's prototype Codex [Ed: "Hey hi" hype is still mostly garbage and marketing (paid-for media to sell proprietary software and keyloggers for IDEs)] The artificial intelligence lab revealed the shortcomings and limitations of non-production builds of its Codex model in a pre-print paper this week. It should be noted a distinct production variant of the system powers GitHub Copilot; the preliminary models discussed in the paper are smaller and are only trained on Python whereas Copilot was trained on more data and supports code-completion for a range of programming languages. Still, GitHub Copilot suffers from similar problems as the prototypes of Codex. Namely, the code generated is unlikely to be correct and useful for developers in its first attempt, and it tends to come up with responses that at first glance appear sensible but may be wrong. Programmers should carefully check the auto-written code for any mistakes.