First a breakthrough, then a setback as Qatar and Saudi Arabia make first contact to end the rift.

Friday the makers of an open source media player Kodi called out trademark trolls who they say have "attempted to register the Kodi name in various countries outside the United States with the goal of earning money off the Kodi name without doing any work beyond sending threatening letters." BrianFagioli shares an article in which BetaNews quotes Kodi community and project manager Nathan Betzen: "At least one trademark troll has so far not agreed to voluntarily release their grasp on their registration of our trademark and is actively blackmailing hardware vendors in an entire country, trying to become as rich as possible off of our backs and the backs of Kodi volunteers everywhere. His name is Geoff Gavora. He had written several letters to the Foundation over the years, expressing how important XBMC and Kodi were to him and his sales. And then, one day, for whatever reason, he decided to register the Kodi trademark in his home country of Canada. We had hoped, given the positive nature of his past emails, that perhaps he was doing this for the benefit of the Foundation. We learned, unfortunately, that this was not the case," says Nathan Betzen, Kodi Project Manager. "Instead, companies like Mygica and our sponsor Minix have been delisted by Gavora on Amazon, so that only Gavora's hardware can be sold, unless those companies pay him a fee to stay on the store. Now, if you do a search for Kodi on Amazon.ca, there's a very real chance that every box you see is giving Gavora money to advertise that they can run what should be the entirely free and open Kodi. Gavora and his company are behaving in true trademark troll fashion."

Read more of this story at Slashdot.

Rebel group calls on army to also lay down arms allowing humanitarian groups to provide much-needed aid in Rakhine.

turkeydance quotes Business Insider: A Spanish company has designed a speed bump that won't hinder slow drivers but will still stop motorists driving too fast. The speed bump is filled with a non-Newtonian liquid which changes viscosity when pressure is applied at high velocity. They've been installed in Villanueva de Tapia, Spain and there has also been interest from Israel and Germany. There's a video on the site showing the speed bump in action.

Read more of this story at Slashdot.

Perl interface to POSIX.1-2008

Perl interface for libcurl

An interesting conversation unfolded on my diary entry '"Malware analysis: searching for dots".

Back in the old days, on DOS, typing untrusted output to the console could result in escape sequences changing your environment. Catting binary data to your Linux terminal can also have unwanted effects.

Since Python can be used in many environments, there must be environments out there where escape sequences (or something similar) could still wreak havoc.

I decided to take on this (potential) problem by providing sanitization functions in my translate.py tool: Sani1 and Sani2 functions both take a byte as input and return a byte as output. If the input is a control character, Sani1 and Sani2 will sanitize it and return a space character (0x20), except for tabs (HT), linefeeds (LF) and carriage returns (CR). Sani2 goes further than Sani1: it also replaces all bytes equal to 0x80 or higher with a space character.

Hence if you would do malware analysis and output untrusted data in raw format to your screen, you could pipe it through translate.py to sanitize it, like this:

oledump.py -s 8 -v 0075733924IEMJ.doc.vir.zip | translate.py "Sani2(byte)"

Didier Stevens
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

"It soon will become easier to charge a Chevy Bolt or Tesla in China," reports 24/7 Wall Street, citing reports from China's official newspaper that they've built the highest number of electric-car charging facilities in the world, offering "the broadest coverage, and the most advanced technology." AmiMoJo quotes their announcement: A total of 167,000 charging piles have now been connected to the telematics platform of the State Grid Corporation of China, making it the world's largest electric vehicle (EV) charging network. By cooperating with 17 charging station operators, the SGCC now offers more than 1 million kilowatt-hours of power each day. 24/7 Wall Street says the ambitious (and government-subsidized) plan "is bound to help electronic car adoption since most vehicles in the category have ranges well under 300 miles."

Read more of this story at Slashdot.

Hamas leader heads to Cairo to discuss 'mechanisms to ease Gaza's siege', in first such visit since his election in May.

Regional government 'more determined than ever' to hold plebiscite, Catalan leader says, despite Madrid's opposition.

Turkish citizens should 'be careful' in Germany ahead of elections later in September, Turkey's foreign ministry says.

troublemaker_23 shares an article from ITWire: The Germany-based SUSE Linux marked a milestone last week: on Friday, September 2, the company turned 25, a remarkable achievement in an industry where the remains of software companies litter the landscape around the world... SUSE was formed in 1992 by three university students -- Hubert Mantel, Roland Dyroff, and Burchard Steinbild. The fourth man in the equation was software engineer Thomas Fehr. They had a simple objective: to build software and deliver UNIX support. Linux had been around for a little more than a year at that point and they decided to use it... The name S.u.S.E is a German acronym and means "Software und System-Entwicklung", or "Software and systems development". The name was later changed to SuSE and some years on became SUSE... Like other open source outfits, SUSE has widened its services and now not only provides an enterprise Linux distribution but has a well developed software-defined storage product and one for a container-as-a-service option. It also caters to those seeking cloud options and does more than its fair share in contributing to upstream FOSS projects. Along the way, it has spawned a top-notch community distribution, openSUSE, which is run by an autonomous board led by the ebullient British developer Richard Brown. S.u.S.E Linux was one of the first distros, arriving in 1994 after Soft Landing Systems Linux (in mid-1992) and Slackware.

Read more of this story at Slashdot.

A SPARQL Protocol Endpoint implementation

Read/write Brotli buffers/streams

The security breach at Equifax is much more than a security breach. You could say it's 1/2 of a meltdown of the economic system in the US.

I haven't heard anyone say exactly what information has escaped, let's assume it's the worst, it's all the info needed to identify a person. Maybe their credit history, although with this information you could access anyone's history. So why would you bother locking your account so lenders know not to give you any loans? Is anyone going to trust that info in the future? I can't see why they would.

I haven't seen anyone suggest you change your password this time. It's usually pointless advice, but this time it would be especially idiotic. You can't change your birthdate, social security number or mother's maiden name.

I say this is only 1/2 because the other half would be a meltdown of the money system. Suppose you went to the ATM to get some cash and found you didn't have an account. Or your brokerage account was cleaned out. Or you learn that your mortgage payments have been going to Russia and you no longer have a place to live.

When that happens, and I can't imagine it won't, it will be a civilization-level meltdown. If you think the US govt is doing anything to prevent it, well I'm not very confident about that.