Long-time Slashdot reader tdailey spotted a new version of Pale Moon, a customised version of Firefox optimized for speed and efficiency. Beta News reports it's the first major update since November of 2016:

There are virtually no visual or obvious changes in this new major build, but the under-the-hood changes are both extensive and necessary.... Despite all the updates, Moonchild is keen to stress certain things haven't changed -- unlike Firefox, for example, Pale Moon continues to support NPAPI plugins, complete themes and a fully customizable user interface. There is also no DRM built into the browser, although third-party plugins such as Silverlight are supported. It will also continue to work with certain "legacy" plugins of the type abandoned by Firefox.
Pale Moon strips out what one reviewer calls "little-used components" of Firefox, including parental controls and accessbility features, as well as crash reports and support for Internet Explorer's ActiveX and ActiveX scripting technology.

"Proving that open source leads to great development, Pale Moon takes the already decent Firefox web browser and makes it even better and a faster."

fstack writes: Linus Torvalds has released Linux 4.18 as the newest kernel bringing a Steam Controller kernel driver, Spectre updates for ARM64, power management updates, a "Restartable Services" system call, AMD Radeon graphics driver improvements, V3D DRM as Broadcom's new graphics driver, DM writecache support, USB 3.2 support, and many other updates. Linus Torvalds wrote of the 4.18 final release: "It was a very calm week, and arguably I could just have released on schedule last week, but we did have some minor updates. Mostly networking, but some vfs race fixes (mentioned in the rc8 announcement as 'pending') and a couple of driver fixes (scsi, networking, i2c). Some other minor random things (arm crypto fix, parisc memory ordering fix)." In a separate article, Phoronix details all the changes and new features available in this release.

David Gerard has concerns about the Joint Photographic Experts Group (the ISO working group handling the JPEG standard for image compression). "They seem to think they can advance the cause of DRM for JPEG images...with a bit of applied blockchain." He bases that charge on the fact that the JPEG committee organized a special session on blockchain, and then created an ad hoc group to define use cases. After six months' collaboration, the group has produced a white paper -- "Towards a Standardized Framework for Media Blockchain" -- as announced in the press release following the 80th meeting in July. The Executive Summary declares, "Fake news, copyright violation, media forensics, privacy and security are emerging challenges for digital media. JPEG has determined that blockchain technology has great potential as a technology component to address these challenges in transparent and trustable media transactions... [T]he standardization committee continues to work on improving various components of the standard. This includes incorporation of new technologies addressing current challenges related to transparent and trustable media transactions such as JPEG Privacy and Security."

"JPEG Privacy and Security" is described later in the paper. "JPEG Privacy & Security aims at developing a standard for realizing secure image information sharing, capable of ensuring privacy, maintaining data integrity, and protecting intellectual property rights."

That is, "Privacy and Security" is a euphemism for Digital Rights Management (DRM) in JPEG.... Chair of the group Dr, Frederik Temmermans stressed to me that "JPEG is not working on DRM in particular but on a more generic framework that supports privacy and security features." But DRM is very much a significant part of this.

Jeff Grubb, reporting for VentureBeat: Over the weekend, some thrifty gamers spotted a deal on Amazon. A downloadable version of the tough strategy survival sim Frostpunk was available on the Amazon Marketplace from a third-party seller for $3, which is a 90 percent discount from the standard $30 price. But after looking into the game, some customers who dropped the three bucks had some questions. For example, why does the metadata for this version of Frostpunk refer to the DRM-free version that people can buy from GOG. [...] So I reached out to Amazon, and it provided the following statement from a company spokesperson: "Our customers trust that when they make a purchase through Amazon's store --either directly from Amazon or from its third-party sellers -- they will receive authentic products, and we take any claims that endanger that trust seriously. We strictly prohibit the sale of counterfeit products, and these games have been removed." That's all it would say on this.

An anonymous reader shares a report: After several big feature pull requests of new "i915" Intel DRM driver features landing in DRM-Next for Linux 4.19, the Intel open-source developers have sent in what they believe to be their last batch of feature changes for queuing this next kernel cycle. Feature activity has dwindled compared to the earlier pull requests, but this latest gathering of patches does include Intel GVT vGPU huge-page support for guests, continued Panel Self Refresh (PSR) fixes/clean-ups, GMBUS improvements for HDCP v2.2 compliance, GEM memory management improvements, and other display code improvements.

Google has introduced a small change to Play Store apps that could significantly protect several Android users. From a report: Earlier this week, Google quietly rolled out a feature that adds a string of metadata to all APK files (that's the file type for Android apps) when they are signed by the developer. You can't install an application that hasn't been signed during its final build, so that means that all apps built using the latest APK Signature Scheme will have a nice little chunk of DRM built into them. And eventually, your phone will run a version of Android that won't be able to install apps without it.

An anonymous reader writes: Linux 4.18 development is going strong with recent 4.18-rc1 release. This kernel cycle has dropped 107,210 lines of code so far but Linux 4.18 is adding many new features. The kernel is coming in lighter as a result of the LustreFS code being removed and other code cleanups. On the feature front, Phoronix reports, "ew AMDGPU support improvements, mainlining of the V3D DRM driver, initial open-source work on NVIDIA Volta GV100 hardware, merging of the Valve Steam Controller kernel driver, merging of the BPFILTER framework, ARM Spectre mitigation work, Speck file-system encryption support, removal of the Lustre file-system, the exciting restartable sequences system call was merged, the new DM writecache target, and much more."

EqualCitizens.US reports on growing opposition to the CLASSICS Act proposed by the U.S. Congress, which grants blanket copyright protection to all audio works created before 1972, leaving some of them copyrighted until 2067. Importantly, the Act doesn't require artists or the rights holder to register for the copyright. Rather, any and all pre-1972 sound recordings would be copyrighted, greatly limiting the public's access to these works. Various organizations and scholars have responded. Equal Citizens along with a coalition of internet freedom and democracy reform organizations, is sending this letter to the Senate Judiciary Committee to urge its members to reject this Act in its entirety, or at a minimum, at least require registration of pre-1972 works. Otherwise, if the Act passes as is, famous artists and wealthy corporations will benefit greatly while the public will get absolutely nothing in return, as Professor Lawrence Lessig notes in Wired....

This act will limit access to past works and stifle creativity for new works. It would effectively remove many existing works, including some popular documentaries, podcasts, etc., from the public arena. The Coalition recommends adding a registration requirement to secure the extended copyright term, such that works that nobody claimed could be allowed to enter the public domain. As this TechCrunch report on the coalition letter explains:

By having artists and rights owners register, it solves the problem for everyone. Anyone who wants to have their pre-1972 works brought into the new scheme can easily achieve that, but orphan works will enter the public domain as they ought to.
"Either way," Lessig writes, "it is finally clear that the Supreme Court's prediction that the copyright owners would be satisfied with the copyright protection provided by the Sonny Bono Act turns out not to be true."

An anonymous reader quotes a report from Ars Technica: Today's controversy begins with a Reddit thread that noted FlightSimLabs' A320 add-on installing "cmdhost.exe" files in the "system32" and "SysWOW64" folders inside the Windows directory. The strange filename and location -- which seems designed to closely match those of actual Windows system files -- made some Reddit users suspicious, especially given FlightSimLabs history of undisclosed installations. FlightSimLabs responded on Facebook last Thursday by saying that the files came from third-party e-commerce service eSellerate and were designed to "reduce the number of product activation issues people were having." This system has been acknowledged in the FlightSimLabs forums in the past, and it apparently passes all major antivirus checks.

The "controversy" over these files might well have died down after that response. But then FlightSimLabs' Simon Kelsey sent a message to the moderators of the flightsim subreddit, gently reminding them of "Reddit's obligation as a publisher... to ensure that any libelous content is taken down as soon as you become aware of it." While ostensibly welcoming "robust fair comment and opinion," the message also warns that "ANY suggestion that our current or future products pose any threat to users is absolutely false and libelous." That warning extends to the company's previous password-extractor controversy, with Kelsey writing, "ANY suggestion that any user's data was compromised during the events of February is entirely false and therefore libelous." "I would hate for lawyers to have to get involved in this, and I trust that you will take appropriate steps to ensure that no such libel is posted," Kelsey concludes. A follow-up message from Kelsey reiterated the same points and noted that FlightSimLabs has reported specific comments and demanded they be removed as libelous.

Electronics companies Dyson, LG, and Wahl are fighting right-to-repair legislation, Motherboard reported Wednesday, citing letters it has obtained. From a report: The manufacturers of your appliances do not want you to be able to fix them yourself. Last week, at least three major appliance manufacturers -- Dyson, LG, and Wahl -- sent letters to Illinois lawmakers opposing "fair repair" legislation in that state. The letters were written with the help of a trade group called the Association of Home Appliance Manufacturers (AHAM). All three letters are similar but include slightly different wording and examples in parts. The letters ask lawmakers to "withdraw" a bill that would protect and expand the ability for consumers and independent repair professionals to repair everything from iPhones to robot vacuums, electric shavers, toasters, and tractors. Here are links to the Wahl, Dyson, and LG letters.

goombah99 writes: Hacking and Hackers get a bum rap. Headline scream "Every Nitendo switch can be hacked." But that's good right? Just like farmers hacking their tractors or someone re-purposing a talking teddy bear. On the other hand, remote hacking a Intel processor backdoor or looting medical data base, that are also described as hacking, are ill-motivated. It seems like we need words with different connotations for hacking. One for things you should definitely do, like program an Arduino or teddy bear. One for things that are pernicious. And finally one for things that are disputably good/bad such as hacking DRM protected appliances you own. What viral sounds terms and their nuances would you suggest? Editor's note: We suggest reading this New Yorker piece "A Short History of 'Hack'", and watching this Defcon talk by veteran journalist Steven Levy on the creativeness and chutzpah of the early hackers.

dryriver writes: The whole Digital Rights Management (DRM) train started with music and films, spread horribly to computer and console games (Steam, Origin), turned a lot of computer software you could once buy-and-use into DRM-locked Software As A Service or Cloud Computing products (Adobe, Autodesk, MS Office 365 for example) that are impossible to use without an active Internet connection and account registration on a cloud service somewhere. Recently the World Wide Web Consortium (W3C) appears to have paved the way for DRM to find its way into the world of Internet content in various forms as well. Here's the question: What would happen to the Internet as we know it if just about everything on a website -- text, images, audio, video, scripts, games, PDF documents, downloadable files and data, you name it -- had DRM protection and DRM usage-limitations hooked into it by default?

Imagine trying to save a JPEG image you see on a website to your harddisk, and not only does every single one of your web browsers refuse the request, but your OS's screen-capture function won't let you take a snapshot of that JPEG image either. Imagine trying to copy-and-paste some text from a news article somewhere into a Slashdot submission box, and having browser DRM tell you 'Sorry! The author, copyright holder or publisher of this text does not allow it to be quoted or re-published anywhere other than where it was originally published!'. And then there is the (micro-)payments aspect of DRM. What if the DRM-fest that the future Internet may become 5 to 10 years from now requires you to make payments to a copyright holder for quoting, excerpting or re-publishing anything of theirs on your own webpage? Lets say for example that you found some cool behind-the-scenes-video of how Spiderman 8 was filmed, and you want to put that on your Internet blog. Except that this video is DRM'd, and requires you to pay 0.1 Cent each time someone watches the video on your blog. Or you want to use a short excerpt from a new scifi book on your blog, and the same thing happens -- you need to pay to re-publish even 4 paragraphs of the book. What then?

Slashdot reader mfilion writes: Over the past couple of years, Linux's low-level graphics infrastructure has undergone a quiet revolution. Since experimental core support for the atomic modesetting framework landed a couple of years ago, the DRM subsystem in the kernel has seen roughly 300,000 lines of code changed and 300,000 new lines added, when the new AMD driver (~2.5m lines) is excluded. Lately Weston has undergone the same revolution, albeit on a much smaller scale. Here, Daniel Stone, Graphics Lead at Collabora, puts the spotlight on the latest enhancements to Linux's low-level graphics infrastructure, including Atomic modesetting, Weston 4.0, and buffer modifiers.

Slashdot reader David Rothman writes: The oldest public domain publisher in the world, Project Gutenberg, has blocked German users after an outrageous legal ruling saying this American nonprofit must obey German copyright law... Imagine the technical issues for fragile, cash-strapped public domain organizations -- worrying not only about updated databases covering all the world's countries, but also applying the results to distribution. TeleRead carries two views on the German case involving a Holtzbrinck subsidiary...

Significantly, older books provide just a tiny fraction of the revenue of megaconglomerates like Holtzbrinck but are essential to students of literature and indeed to students in general. What's more, as illustrated by the Sonny Bono Copyright Term Extension Act in the U.S., copyright law in most countries tends to reflect the wishes and power of lobbyists more than it does the commonweal. Ideally the travails of Project Gutenberg will encourage tech companies, students, teachers, librarians and others to step up their efforts against oppressive copyright laws. While writers and publishers deserve fair compensation, let's focus more on the needs of living creators and less on the estates of authors dead for many decades. The three authors involved in the German case are Heinrich Mann (died in 1950), Thomas Mann (1955) and Alfred Döblin (1957).

One solution in the U.S. and elsewhere for modern creators would be national library endowments... Meanwhile, it would be very fitting for Google and other deep-pocketed corporations with an interest in a global Internet and more balanced copyright to help Gutenberg finance its battle. Law schools, other academics, educators and librarians should also offer assistance.

A piracy scene group has managed to get past the five layers of DRM in Microsoft's Unified Windows Platform UWP -- which enables software developers to create applications that can run across many devices. From a report: This week it became clear that the UWP system, previously believed to be uncrackable, had fallen to pirates. After being released on October 31, 2017, the somewhat underwhelming Zoo Tycoon Ultimate Animal Collection became the first victim at the hands of popular scene group, CODEX. "This is the first scene release of a UWP (Universal Windows Platform) game. Therefore we would like to point out that it will of course only work on Windows 10. This particular game requires Windows 10 version 1607 or newer," the group said in its release notes. CODEX says it's important that the game isn't allowed to communicate with the Internet so the group advises users to block the game's executable in their firewall.

An anonymous reader calls it "the never-ending stupidity of copyright wars." TorrentFreak reports: Blizzard Entertainment is taking a stand against a popular World of Warcraft legacy server. The fan-operated project allows gamers to experience how the game was played over a decade ago and to revive old battles... In recent years the project has captured the hearts of tens of thousands of die-hard WoW fans. At the time of writing, the most popular realm has more than 6,000 people playing from all over the world... Blizzard, however, sees this as copyright infringement and has asked GitHub to pull the site's code offline.
The article notes the DMCA notice came "just weeks after several organizations and gaming fans asked the US Copyright Office to make a DMCA circumvention exemption for 'abandoned' games."

An anonymous reader writes: The "Open Library" project of the nonprofit Internet Archive has been scanning books and offering "loans" of DRM-protected versions for e-readers (which expire after the loan period expires). This week the Legal Affairs Committe of the Science Fiction Writers of America issued a new "Infringement Alert" on the practice, complaining that "an unreadable copy of the book is saved on users' devices...and can be made readable by stripping DRM protection."

The objection, argues SFWA President Cat Rambo, is that "writers' work is being scanned in and put up for access without notifying them... it is up to the individual writer whether or not their work should be made available in this way." But the infringement alert takes the criticism even further. "We suspect that this is the world's largest ongoing project of unremunerated digital distribution of entire in-copyright books."
The Digital Reader blog points out one great irony. "The program initially launched in 2007. It has been running for ten years, and the SFWA only just now noticed." They add that SFWA's tardiness "leaves critical legal issues unresolved."

"Remember, Google won the Google Books case, and had its scanning activities legalized as fair use ex post facto... [I]n fact the Internet Archive has a stronger case than Google did; the latter had a commercial interest in its scans, while the Internet Archive is a non-profit out to serve the public good."

An anonymous reader shares a report: Breaking DRM or ripping Blu-Rays discs is a crime In the United States. While there are fair use exemptions, these don't apply to the public at large. Interestingly, filmmakers themselves are now urging the Copyright Office to lift some of the current restrictions, so that they can make the films they want. [...] Technically speaking it's not hard to rip a DVD or Blu-Ray disc nowadays, and the same is true for ripping content from Netflix or YouTube. However, people who do this are breaking the law. The DMCA's anti-circumvention provisions specifically forbid it. There are some exemptions, for educational use for example, and to allow for other types of fair use, but the line between legal and illegal is not always clear. Interestingly, filmmakers are not happy with the current law either. They often want to use small pieces of other videos in their films, but under the current exemptions, this is only permitted for documentaries. The International Documentary Association, Kartemquin Films, Independent Filmmaker Project, University of Film and Video Association and several other organizations hope this will change. In a comment to the Copyright Office, which is currently considering updates to the exemptions, they argue that all filmmakers should be allowed by break DRM and rip Blu-Rays. According to the filmmakers, the documentary genre is vaguely defined. This leads to a lot of confusion whether or not the exemptions apply. They, therefore, suggest to apply it to all filmmakers, instead of criminalizing those who don't identify themselves as documentarians.

An anonymous reader quotes TechSpot: Every three years the US Copyright Office reviews and renews the DMCA's anti-circumvention provisions at which time it considers exemptions to the law. It is currently looking at a proposal for allowing museums, libraries and archives to circumvent the DRM on abandoned online games such as FIFA World Cup, Nascar and The Sims.

The proposal was initiated by The Museum of Art and Digital Entertainment (The MADE). The Made is a 501c3 non-profit organization with a physical museum located in Oakland, California. The gallery "is the only all-playable video game museum in the world, [and] houses over 5,300 playable games." The Made is concerned that certain multiplayer and single-player games that require a server to run will be lost if exemptions are not made to the DMCA. It is not looking to circumvent current games but instead is looking to preserve titles that have already been shut down by the producer -- City of Heroes (and Villains) would be a good example.

"Although the Current Exemption does not cover it, preservation of online video games is now critical," a Made representative wrote to the Copyright Office. "Online games have become ubiquitous and are only growing in popularity. For example, an estimated fifty-three percent of gamers play multiplayer games at least once a week, and spend, on average, six hours a week playing with others online." The number of abandoned games is not insignificant, either. According to the Electronic Arts "Online Services Shutdown" list, more than 300 titles and servers dropped out of service just in the last four years. These games are not played anymore because they require an active server.

"There is no reason for the open-source community to worry..." writes Daniel Stone, who heads the graphics team at open-source consultancy Collabora. mfilion quotes Collabora.com: Recently, Sean Paul from Google's ChromeOS team, submitted a patch series to enable HDCP support for the Intel display driver. HDCP is used to encrypt content over HDMI and DisplayPort links, which can only be decoded by trusted devices... However, if you already run your own code on a free device, HDCP is an irrelevance and does not reduce freedom in any way....

HDCP support is implemented almost entirely in the hardware. Rather than adding a mandatory encryption layer for content, the HDCP kernel support is dormant unless userspace explicitly requests an encrypted link. It then attempts to enable encryption in the hardware and informs userspace of the result. So there's the first out: if you don't want to use HDCP, then don't enable it! The kernel doesn't force anything on an unwilling userspace.... HDCP is only downstream facing: it allows your computer to trust that the device it has been plugged into is trusted by the HDCP certification authority, and nothing more. It does not reduce user freedom, or impose any additional limitations on device usage.