EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

05.20.17

Links 21/5/2017: Linux 3.18.53, Tizen 4.0

Posted in News Roundup at 6:51 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • Sprint NFV/SDN Research Leads to Open Source Project for Network Efficiency

    Mobile carrier Sprint has culminated four years of research into Network Functions Virtualization (NFV) and software-defined networking (SDN) with a new open source offering designed to make core networks more efficient through new-age virtualization techniques.

  • TensorFlow: Providing Support to a Successful Open-Source Project

    Building a community around an open-source project requires a number of practices regarding support, pull requests handling, licensing, and more, writes Pete Warden, TensorFlow Mobile lead at Google.

    A great challenge in the early life of a new project, explains Warden, is providing support to those who are using it. At first, the only available experts are the developers themselves, who have to find a way to integrate their day-to-day tasks with other support duties. This is not entirely straightforward, since it may take developers outside of their comfort zone and potentially distract them from their main tasks. The TensorFlow team dealt with this challenge by establishing a rotation among all engineers, so each engineer took responsibility for a particular area for one full week approximately once every couple of months.

  • AT&T’s Donovan defends operator’s embrace of open source software

    “It really doesn’t have a downside,” Donovan said of the proliferation of open source software in the telecom industry. He explained that operators can either choose to simply obtain open source solutions for free through open source groups, or they can opt to participate in open source communities by designing and building solutions.

  • AT&T’s Donovan: Open Source is Necessary to Win the War

    AT&T’s transformation from traditional telco to an open source champion was largely driven by John Donovan, the company’s chief strategy officer and group president. Donovan took the stage at Light Reading’s Big Communications Event today to tell those questioning the necessity of open source projects that they are “dead wrong.”

    Donovan said that competition from over-the-top players, cable companies, and others are making it critical for AT&T to move to open source. “Our open source projects have doubled in the past year,” Donovan said, adding that sitting around and operating in a traditional telecom mode is no longer effective.

  • 3D Hardware Acceleration in Haiku

    The Mesa renderer in Haiku presently ventures into software rendering. Haiku uses software for rendering frame buffers and then writes them to the graphics hardware. The goal of my project is to port Direct Rendering Manager (DRM) Driver for i915, from the Linux kernel to Haiku with the help of DragonflyBSD’s Linux Compatibility layer, so that those drivers can be later extended to add OpenGL support (Mesa3D) for hardware accelerated 3D rendering.

  • Intertwining Artificial Intelligence With Blockchain

    Except for those folks living under rocks (sounds uncomfortable), everyone knows about or at least has heard of bitcoin. However, not everyone understands the technology of bitcoin, which extends well beyond Internet-based currency.

  • Sprint exec: Chaos in open source indicative of startup culture, and that’s just fine

    Mobile operators are embracing open source like never before, and there’s a lot of confusion around the myriad projects and efforts that are underway, but that doesn’t worry Sprint’s vice president of technology Ron Marquardt.

  • Events

    • Announcing QtCon Brasil 2017

      It’s been almost a year since I, Filipe and Aracele were having a beer at Alexander Platz after the very last day of QtCon Berlin, when Aracele astutely came up with a very crazy idea of organizing QtCon in Brazil. Since then, we have been maturing such an idea and after a lot of work we are very glad to announce: QtCon Brasil 2017 happens from 18th to 20th August in São Paulo.

    • Join us at Akademy 2017 in Almería!

      This talk will illustrate the application areas for Input Methods by example, presenting short introductions to several international writing systems as well as emoji input. It will explain why solid Input Methods support is vital to KDE’s goal of inclusivity and how Input Methods can make the act of writing easier for all of us.

    • Training in Foss Compliance

      The first training “Free and Open Source Software Compliance” is on June 23rd at KDAB’s Berlin training center. It will be held in German. Trainings in English at this and our other locations will follow later in the year. If you would like to learn how to navigate Open Source licensing with confidence, read more and sign up here.

    • Linux Kernel Memory Model Workshop Accepted into Linux Plumbers Conference

      A good understanding of the Linux kernel memory model is essential for a great many kernel-hacking and code-review tasks. Unfortunately, the current documentation (memory-barriers.txt) has been said to frighten small children, so this workshop’s goal is to demystify this memory model, including hands-on demos of the tools, help installing/running the tools, and help constructing appropriate litmus tests. These tools should go a long way toward the ultimate goal of automating the process of using memory models to frighten small children.

    • IBM’s OpenWhisk Stirs up Serverless IoT with Watson

      With the Internet of Things, the realms of embedded Linux and enterprise computing are increasingly intertwined, and serverless computing is the latest enterprise development paradigm that device developers should tune into. This event-driven variation on Platforms-as-a-Service (PaaS) can ease application development using ephemeral Docker containers, auto-scaling, and pay-per execution in the cloud. Serverless is seeing growing traction in enterprise applications that need fast deployment and don’t require extremely high performance or low latency, including many cloud-connected IoT applications.

  • Databases

    • PostgreSQL 10 Beta 1 Released

      The PostgreSQL Global Development Group announces today that the first beta release of PostgreSQL 10 is available for download. This release contains previews of all of the features which will be available in the final release of version 10, although some details will change before then. Users are encouraged to begin testing their applications against this latest release.

    • PostgreSQL 10 Enters Beta

      More details on the changes to find with PostgreSQL 10 Beta 1 can be found via the informative release announcement posted this morning to PostgreSQL.org.

  • Oracle/Java/LibreOffice

    • LibreOffice can open XLSX files Excel cannot

      Just a quick heads up. I just created and saved an Excel file using Excel 2016, which cannot be opened again with it. Glad our swiss army knife LibreOffice can 😉

      It’s funny to see Excel can open the ODS I created using LibreOffice (as source I used the XLSX file) better than it’s “native” format….

  • Pseudo-Open Source (Openwashing)

  • FSF/FSFE/GNU/SFLC

    • Free software, free services but what about your data?

      I care a lot about free software, not only as a Debian Developer. The use of software as a service matters as well because my principle free software development is on just such a project, licensed under the GNU Affero General Public License version 3. The AGPL helps by allowing anyone who is suitably skilled to install their own copy of the software and run their own service on their own hardware. As a project, we are seeing increasing numbers of groups doing exactly this and these groups are actively contributing back to the project.

  • Openness/Sharing/Collaboration

    • Children’s Perspectives on Critical Data Literacies

      Last week, we presented a new paper that describes how children are thinking through some of the implications of new forms of data collection and analysis. The presentation was given at the ACM CHI conference in Denver last week and the paper is open access and online.

  • Programming/Development

    • Coding is not ‘fun’, it’s technically and ethically complex

      Unfortunately, this rosy portrait bears no relation to reality. For starters, the profile of a programmer’s mind is pretty uncommon. As well as being highly analytical and creative, software developers need almost superhuman focus to manage the complexity of their tasks. Manic attention to detail is a must; slovenliness is verboten. Attaining this level of concentration requires a state of mind called being ‘in the flow’, a quasi-symbiotic relationship between human and machine that improves performance and motivation.

Leftovers

  • Gordon Ramsay on Going From Michelin Stars to a Mobile Game
  • documentation is thoroughly hard
  • Science

    • AI can doctor videos to put words in the mouths of speakers

      Artificial intelligence can put words right into your mouth. A new system takes a still image of a person and an audio clip, and uses them to create a doctored video of the person speaking the audio. The results are still a little rough around the edges, but the software could soon make realistically fake videos only a single click away.

  • Health/Nutrition

  • Security

    • A Step Forward for Security [iophk: "end point compromise negates many theoretical advantages"]

      While we are all mesmerized by the presidential crises, a small, but quite significant change occurred in Congress: the Senate Sergeant at Arms approved the use of Signal by Senate staff. Signal, a product of Open Whisper Systems, provides end-to-end encryption for Apple and Android phones.

    • Why Europe’s dependency on Microsoft is a huge security risk [iophk: "warning for javascript"]

      On May 12, hackers hit more than a hundred countries, exploiting a stolen N.S.A. tool that targeted vulnerabilities of Microsoft software. The attacks infected only machines running on Windows operative system. Among the victims are public administrative bodies such as NHS hospitals in the UK. Investigate Europe spent months to investigate the dire dependency of European countries on Microsoft – and the security risks this entails

    • NSA told Microsoft about stolen exploits: officials

      Current and former NSA officials say the agency informed Microsoft about the theft of the exploit named EternalBlue after learning of it, making it possible for the Redmond software giant to issue a patch for it in March. The exploit was used in the WannaCry ransomware attacks over last weekend.

    • Shadow Brokers claims Microsoft hand-in-glove with NSA

      The group that released NSA exploits for Windows, which were used in massive ransomware attacks last weekend, has accused Microsoft of being hand-in-glove with The Equation Group, a group that is believed to be a front for the NSA.

    • NSA officials worried about the day its potent hacking tool would get loose. Then it did.

      But for more than five years, the NSA kept using it — through a time period that has seen several serious security breaches — and now the officials’ worst fears have been realized. The malicious code at the heart of the WannaCry virus that hit computer systems globally late last week was apparently stolen from the NSA, repackaged by cybercriminals and unleashed on the world for a cyberattack that now ranks as among the most disruptive in history.

    • Shadow Brokers threaten to unleash more hacking tools

      The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft’s Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

    • Microsoft held back free patch that could have slowed WannaCry
    • WannaCrypt makes an easy case for Linux

      Ransomware is on the rise. On a single day, WannaCrypt held hostage over 57,000 users worldwide, demanding anywhere between $300-$600 in Bitcoin. Don’t pay up and you’ll not be seeing your data again. Before I get into the thrust of this piece, if anything, let WannaCrypt be a siren call to everyone to backup your data. Period. End of story. With a solid data backup, should you fall prey to ransomware, you are just an OS reinstall and a data restore away from getting back to work.

    • Best way to avoid ransomware? Stop using Windows

      There are many Microsoft apologists, astro-turfers, and so-called journalists on the make who, at times like this, keep a low profile and furiously try to spread the message in Web forums that "computers users" are at risk.

      Alas, the harsh truth must at last be faced: if you do not use Windows, then the chances of a ransomware attack are close to zero.

    • Massive cryptocurrency botnet used leaked NSA exploits weeks before WCry

      On Monday, researchers said the same weapons-grade attack kit was used in a much-earlier and possibly larger-scale hack that made infected computers part of a botnet that mined cryptocurrency.

    • No threat of WannaCry attack as GSTN operates on Linux: CEO

      GSTN, set up to provide IT infrastructure for GST rollout, will not be impacted by the WannaCry ransomware attack, as its systems do not run on Microsoft software, the network’s CEO Prakash Kumar said today.

      The Goods and Services Tax Network (GSTN) is gearing up to handle about 3 billion invoices every month under the new indirect tax regime and will complete the beta testing of its software tomorrow.

      “Our software is not based on Microsoft windows operating system and hence we are immune. We operate on Linux software which is not affected by the ransomware attack,” Kumar told PTI.

      More than 60 lakh excise, service tax and VAT assessees have enrolled on the GSTN portal between November 8, 2016 and April 30, 2017. Currently, there are 80 lakh such assessees.

    • Almost all WannaCry victims were running Windows 7

      According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections.

    • NHS cyber-attack causing disruption one week after [Windows] breach

      Operations and clinic appointments were cancelled and patients were still being diverted from accident and emergency departments on Thursday.

  • Defence/Aggression

    • Narendra Modi must begin talks in Kashmir before it is too late

      Things in the Valley have not been this bad in two decades. I don’t measure this by violence, terrorism and fatalities – we have seen much worse years on that count. I say this because battling Pakistan’s armed proxies is much more straightforward than taking on your own people on the street. And cloaking militancy with a protective sheet of civilian agitations, women and teenagers among them, means many of the old conflict zone formulas won’t work.

    • What Trump’s intellligence-sharing with Russia may have cost the US

      That’s because counterterrorism work depends on a high level of trust among partner nations, international security experts say. The partners rely on each other to use the highly sensitive information, which sources may have risked their lives to gather, judiciously and to mutual benefit.

      Violate that trust by loosely sharing intelligence from at-risk sources, the experts add, and information critical to stopping one attack – or prevent a new means of carrying out deadly attacks – can dry up.

    • Donald Trump’s loose lips with Russia may have cost America the trust of European allies

      An unnamed European official has told the Associated Press that his country may stop trusting America with secrets

  • Transparency/Investigative Reporting

    • The Assange case – now what?

      First of all, the case in itself was remarkably thin. Second, Assange has never been charged with any crime. The European Arrest Warrant (EAW) was issued to question him. Such an interview was conducted last November. So, reasonably, the EAW have lost its function.

      So, now… what?

    • Julian Assange Rape Inquiry Is Dropped but His Legal Problems Remain Daunting

      When Julian Assange, the WikiLeaks founder, jumped bail and sought asylum in Ecuador’s embassy five years ago to avoid a Swedish rape investigation, he was considered by many a hero of transparency, internet freedom and resistance to the secret state.

      So when Sweden’s prosecutors announced on Friday that they were abandoning their attempt to extradite him, invalidating the warrant for his arrest, Mr. Assange proclaimed it a happy moment of vindication. “Today was an important victory,” he said.

    • Australia govt needs to help Assange: lawyer

      A legal advisor to Julian Assange says the Australian Government needs to do more to help grant him a safe passage to Ecuador.

      Swedish prosecutors announced on Friday that they would discontinue an investigation into allegations of rape against the Wikileaks founder, which Mr Assange labelled an ‘important victory’.

    • Assange case always had disturbing political background – Ecuadorian FM to RT

      WikiLeaks co-founder Julian Assange has always been under political persecution without any real charges, the Ecuadorian foreign minister told RT, calling for a prompt decision by the UK to grant him safe passage.

    • Julian Assange’s mother calls on Australian Prime Minister to help secure his release

      Julian Assange’s mother has called on the Australian Prime Minister to help her son seek political asylum abroad,

      Christine Assange said she was “very pleased” after Swedish authorities announced they were dropping a rape allegation against him.

      But she told ABC Radio Brisbane: “I’m officially calling on Malcolm Turnbull to step in, act like a Prime Minister, and protect a citizen.”

      “I’d like him to take to task Sweden for what they’ve done breaching his human rights and lying to the media, and I would like him to pressure the UK Government to allow him safe passage to Ecuador.”

    • Sweden drops investigation into WikiLeaks’ Julian Assange

      Whether or not he’ll walk free depends on the UK.

    • Sweden Is Dropping Its Rape Investigation Into Julian Assange

      Swedish prosecutors announced today that they were dropping their investigation of WikiLeaks founder Julian Assange into allegations of rape.

      Director of Public Prosecutions Marianne Ny and Chief Prosecutor Ingrid Isgren held a press conference in Stockholm today to discuss the decision, saying it was made not because they believe Assange to be innocent necessarily, but because they were unable to formally serve him the allegations during an interview at the Ecuadorian embassy in London, UK in November 2016, where Assange has been in exile since 2012.

    • Julian Assange: Sweden drops rape investigation

      Sweden’s director of public prosecutions has decided to drop the rape investigation into Wikileaks founder Julian Assange.

      The move comes ahead of a Stockholm court’s examination of a demand by Mr Assange’s lawyers that Sweden drop his European arrest warrant.

      Mr Assange has lived in the Ecuadoran embassy in London since 2012, trying to avoid extradition to Sweden.

    • Athena

      Today, May 19th 2017, WikiLeaks publishes documents from the “Athena” project of the CIA. “Athena” – like the related “Hera” system – provides remote beacon and loader capabilities on target computers running the Microsoft Windows operating system (from Windows XP to Windows 10). Once installed, the malware provides a beaconing capability (including configuration and task handling), the memory loading/unloading of malicious payloads for specific tasks and the delivery and retrieval of files to/from a specified directory on the target system. It allows the operator to configure settings during runtime (while the implant is on target) to customize it to an operation.

      According to the documentation (see Athena Technology Overview), the malware was developed by the CIA in cooperation with Siege Technologies, a self-proclaimed cyber security company based in New Hampshire, US. On their website, Siege Technologies states that the company “… focuses on leveraging offensive cyberwar technologies and methodologies to develop predictive cyber security solutions for insurance, government and other targeted markets.”. On November 15th, 2016 Nehemiah Security announced the acquisition of Siege Technologies.

    • WikiLeaks Reveals ‘Athena’ CIA Spying Program Targeting All Versions of Windows

      WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which “provides remote beacon and loader capabilities on target computers” – allegedly being used by the CIA that works against every version of Microsoft’s Windows operating systems, from Windows XP to Windows 10.

      Dubbed Athena/Hera, the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server.

    • How a Pakistani journalist exposed the CIA’s most secretive operation

      Masood Anwar’s story triggered a global search for the plane that blew the lid off the notorious “extraordinary rendition” programme. It all started with the registration number of a private jet that had whisked away a terrorism suspect from Karachi.

    • ‘WikiLeaks Will Always Be the Bad Boy’

      Has WikiLeaks become a tool of Russian propaganda? Platform founder Julian Assange, 45, responds to the accusations, addresses the effects of hackers on Western elections and talks about the “WannaCry” attack.

    • Sweden Withdraws Arrest Warrant for Julian Assange, but He Still Faces Serious Legal Jeopardy

      Swedish prosecutors announced this morning that they were terminating their 7-year-old sex crimes investigation into Julian Assange and withdrawing their August 20, 2010, arrest warrant for him. The chief prosecutor, Marianne Ny, said at a news conference this morning (pictured below) that investigators had reached no conclusion about his guilt or innocence, but instead were withdrawing the warrant because “all prospects of pursuing the investigation under present circumstances are exhausted” and it is therefore “no longer proportionate to maintain the arrest of Julian Assange in his absence.”

      [...]

      But that celebration obscures several ironies. The most glaring of which is that the legal jeopardy Assange now faces is likely greater than ever.

      Almost immediately after the decision by Swedish prosecutors, British police announced that they would nonetheless arrest Assange if he tried to leave the embassy. Police said Assange was still wanted for the crime of “failing to surrender” — meaning that instead of turning himself in upon issuance of his 2012 arrest warrant, he obtained refuge in the Ecuadorian embassy. The British police also, however, noted that this alleged crime is “a much less serious offence” than the one that served as the basis for the original warrant, and that the police would therefore only “provide a level of resourcing which is proportionate to that offence.”

      That could perhaps imply that with a seriously reduced police presence, Assange could manage to leave the embassy without detection and apprehension. All relevant evidence, however, negates that assumption.

      Just weeks ago, Donald Trump’s CIA director, Mike Pompeo, delivered an angry, threatening speech about WikiLeaks in which he argued, “We have to recognize that we can no longer allow Assange and his colleagues the latitude to use free speech values against us.” The CIA director vowed to make good on this threat: “To give them the space to crush us with misappropriated secrets is a perversion of what our great Constitution stands for. It ends now.”

      Days later, Attorney General Jeff Sessions strongly suggested that the Trump DOJ would seek to prosecute Assange and WikiLeaks on espionage charges in connection with the group’s publication of classified documents. Trump officials then began leaking to news outlets such as CNN that “U.S. authorities have prepared charges to seek the arrest of WikiLeaks founder Julian Assange.”

    • Assange case proves ‘UK an American vassal state’ that can’t stop extraditions

      There has possibly been some back room deal that led to the Swedish authorities dropping rape charges against Julian Assange, said former MI5 officer Annie Machon. Other activists and analysts provide their views.

      Swedish prosecutors dropped the rape investigation against WikiLeaks co-founder Julian Assange ending a seven-year standoff and will revoke its arrest warrant, according to the Swedish Prosecution Authority.

      Assange has been in the Ecuadorian embassy in London to avoid extradition to Sweden, and with the threat of extradition to the US for leaking classified national security documents hanging over him.

  • Environment/Energy/Wildlife/Nature

    • ‘Doomsday’ seed vault meant to survive global disasters breached by climate change

      Fortunately, the water hasn’t flooded the vault itself. It only got to the entrance of the tunnel, where it froze. (The seeds are stored at minus 0.4 degrees Fahrenheit.) But the incident has raised questions over the durability of a seed bank that was supposed to operate without people’s intervention.

    • One fourth of armed conflicts in ethnically divided countries coincide with climatic problems: Study

      A research conducted by Potsdam Institute for Climate Impact Research found almost one fourth of armed conflicts in ethnically divided countries happen at the same time as climatic problems. The researchers studied armed conflicts and climate-related natural disasters between 1980 and 2010 using event coincidence analysis.

    • Volvo says no more diesel engines, the future is electric

      Samuelsson said that Volvo’s first purely electric vehicle will arrive in 2019. He also paid a mighty compliment to Elon Musk’s EV outfit. "It must be acknowledged that Tesla has managed to offer such a car for which the people are queuing. In the area, we should also have space, with high quality and attractive design," he told Frankfurter Allgemeine Zeitung.

  • Finance

  • AstroTurf/Lobbying/Politics

    • Facebook ‘dark ads’ will win this election for the Tories – unless you do something about it

      Personal information – from your age, location to whether you own a home and what music you like – held by Facebook allows political parties to target specific voters with tailored messages when they purchase advertising space from the social media platform.

    • Recep Tayyip Erdogan caught on video watching his guards beat up Kurdish protesters in Washington DC
    • The World’s Worst Negotiation

      In a single brief meeting with Russian officials, President Trump not only divulged classified information, he also handed them a damaging account of his decision to fire James Comey

    • Something about Trump cybersecurity executive order seems awfully familiar

      Trump’s cybersecurity order cribs from his predecessor, despite campaign bluster.

    • Any Half-Decent Hacker {sic} Could Break Into Mar-a-Lago. We Tested It.

      "Those networks all have to be crawling with foreign intruders, not just [Gizmodo and] ProPublica," said Dave Aitel, chief executive officer of Immunity, Inc., a digital security company, when we told him what we found.

    • Trump’s Mar-a-Lago can be hacked in minutes: investigators

      Experts told ProPublica and Gizmodo that they wouldn’t be surprised if foreign intruders have already managed to breach those networks.

      "[It's] bad, very bad," said Jeremiah Grossman, chief of security strategy for cybersecurity firm SentinelOne. "I’d assume the data is already stolen and systems compromised."

    • Donald Trump’s Mar-a-Lago wifi wide open to ‘any half-decent hacker’ {sic}
    • The abysmal information security at Trump properties has probably already compromised US secrets

      The team found multiple unsecured wireless networks, unsecured and open wireless printers, misconfigured routers, an unsecured website from which they could "download a database that appears to include sensitive information on the club’s members and their families" and more.

    • After Promising a ‘Fair Hearing’ on Monuments, Secretary Zinke Shuts Out the Public

      As the Interior Department considers unprecedented changes to protected lands, avenues for public input have been curtailed.

    • President Trump’s exit a matter of time
    • Video shows Turkey’s Erdogan watched from limo as his guards bashed protesters in Washington, D.C.

      New video hit the internet today showing the President of Turkey, Recep Tayyip Erdogan, looking on as armed security guards from his entourage violently attacked protesters demonstrating outside the Turkish ambassador’s residence in Washington.

    • In Video, Erdogan Watches as His Guards Clash With Protesters

      Nine people were hospitalized after the skirmish, and the State Department issued a stern statement condemning the attack.

    • The 25th Amendment Solution for Removing Trump

      One does not need to be a Marvel superhero or Nietzschean Übermensch to rise to this responsibility. But one needs some basic attributes: a reasonable level of intellectual curiosity, a certain seriousness of purpose, a basic level of managerial competence, a decent attention span, a functional moral compass, a measure of restraint and self-control. And if a president is deficient in one or more of them, you can be sure it will be exposed.

      Trump is seemingly deficient in them all. Some he perhaps never had, others have presumably atrophied with age.

    • A Citizen’s Guide to Impeachment

      Despite his astonishing incompetence, the overwhelming majority of Republicans stand with him. And in a recent poll of Trump voters, only 2% would change their vote to be against him.

      Most on my side literally cannot understand how these polls could be true. But I believe that we must accept them, and then, as citizens, we need to reckon this radical disconnect between us.

    • Elizabeth Warren Tests the Waters for 2020

      Elizabeth Warren on Tuesday waded into the flamewar for the soul of the Democratic Party that Bernie Sanders started in 2016, with an impassioned speech decrying the increasing concentration of money and power in the highest, most rarefied echelons of American society.

    • Saudi Arabia to serve Donald Trump steak and ketchup to keep him happy

      When President Donald Trump sits down for dinner in Saudi Arabia, caterers have ensured that his favourite meal — steak with ketchup on the side — will be offered alongside traditional local cuisine.

      At Nato and the G7 summits, foreign delegations have had word the new US president prefers short presentations and lots of visual aids.

    • Trump Is a Cornered Megalomaniac—and That’s a Grave Danger to the Country

      With a cascade of leaks, a war with the FBI, and the announcement of the appointment of a special counsel to investigate allegations of wrongdoing, Donald Trump’s grotesque presidency now hangs by a thread. By the hour, it seems, the possibility of impeachment, of him being declared incompetent to govern—or, at the very least, of his own party bringing irresistible pressure on him to resign—grows.

      And as that pressure grows, so balloons the peril of our moment. For the 18 months that Trump has been center-stage politically, he has shown an extraordinary commitment to demagoguery, to flirtations with mob violence, to peddling conspiracy theories, to military grandstanding to distract attention from his problems, and to race-and-religion-baiting whenever the mood suits. He has demonstrated utter contempt for the separation of powers, extraordinary hostility to the free press, and a disconcerting fondness for dictators the world over. He has also shown himself to be brittle and thin-skinned, relishing the ability to use his vast platform to attack those he deems to be his personal “enemies,” but unable to tolerate disagreement or dissent when it is directed at him.

      Why do I rehash all these known traits now? Because—cornered, humiliated, and increasingly in legal peril—Trump will likely resort to all of the tricks of the demagogue as he fights for his survival. This is a man who has never played fair in his life, who takes pleasure in inflicting hurt on those weaker than himself, and who believes that ideals, or simply basic decency, are mere annoyances in the one game that matters: the game of power.

    • The Real Aim of Trump’s Trip to Saudi Arabia

      Donald Trump sets off on Friday to create the fantasy of an Arab Nato. There will be dictators aplenty to greet him in Riyadh, corrupt autocrats and thugs and torturers and head choppers. There will be at least one zombie president – the comatose, undead Abdelaziz Bouteflika of Algeria who neither speaks nor, apparently, hears any more – and, of course, one totally insane president, Donald Trump. The aim, however, is simple: to prepare the Sunni Muslims of the Middle East for war against the Shia Muslims. With help from Israel, of course.

      Even for those used to the insanity of Arab leadership – not to mention those Westerners who have still to grasp that the US President is himself completely off his rocker – the Arab-Muslim (Sunni) summit in Saudi Arabia is almost beyond comprehension. From Pakistan and Jordan and Turkey and Egypt and Morocco and 42 other minareted capitals, they are to come so that the effete and ambitious Saudis can lead their Islamic crusade against “terrorism” and Shiism. The fact that most of the Middle East’s “terrorism” – Isis and al-Qaeda, aka the Nusrah Front – have their fountainhead in the very nation to which Trump is travelling, must and will be ignored. Never before in Middle Eastern history has such a “kumidia alakhta” – quite literally “comedy of errors” in Arabic – been staged.

  • Censorship/Free Speech

    • Facebook blocks Pulitzer-winning reporter over Malta government exposé

      Temporary censorship of Matthew Caruana Galizia – who worked on the Panama Papers – raises concern over Facebook’s power to shape the news

    • Theresa May promises a British version of Iran’s Halal Internet

      UK Prime Minister and noted authoritarian Theresa May has promised that if she wins the upcoming general election, her party will abolish internet access in the UK, replacing it with a government-monitored internet where privacy tools are banned and online services will be required to vet all user-supplied content for compliance with rules about pornography, political speech, copyright compliance and so on — and search engines will have to emply special British rules to exclude banned material from their search results.

    • Theresa May to create new internet that would be controlled and regulated by government
    • Theresa May outlines Tory plan to create new, censored Internet controlled by UK government

      Yesterday, during her speech describing the current Tory Manifesto, Theresa May revealed that she plans to build a "new Internet," over which the government has complete control. The goal in the Tory internet plan is to become "the global leader in the regulation of the use of personal data and the internet." The manifesto states: [...]

    • Abolish geoblocking in the EU, civil society organisations demand

      This must be the first of multiple steps towards abolishing digital borders in Europe, not the last, several interest groups today demand in an open letter to the EU institutions.

    • What do you do when you realize your government has blocked you for Wrongthink?

      Something remarkable happened in Sweden this week: a list of 15,000 people with the wrong political opinions was used to block those people from the @Sweden account, and thereby preventing these people from communicating over Twitter with that part of the Ministry of Foreign Affairs. The government tried defending the block as only concerning neo-nazi right-wing extremists, which was a narrative that held water in legacy media until somebody pointed out that the Ambassador of Israel (!) was among the blocked.

      [...]

      The Ministry of Foreign Affairs unblocked everybody and destroyed the blocklist – but only after getting Freedom-of-Information requests to have it handed out. This is an extremely illegal act in Sweden, as all governmental documents are transparent by default and must be handed out on request, with no counterdemands allowed. Destroying records is illegal in the first place. Destroying records after they are against-all-efforts-to-cover-up embarrassing, and after they have been requested, goes directly against the Swedish Constitution since 1766.

    • Anti-protest laws are stifling free speech in Australia

      The line between legitimate protest and unlawful obstruction needs to be carefully drawn. But these excessive laws make it impossible to make that determination. No government should have the right to stifle protest in this way. Australia, and the rest of the world, should be very wary of the outcome of this case.

    • Open letter urging further action to end geoblocking in the EU [Warning for PDF]

      The EU must take decisive action against digital borders that today divide the people of Europe, discriminate against minority language speakers, inconvenience millions and cause substantial losses to the EU economy.

    • Killing parody, killing memes, killing the internet?

      We love the internet because it creates fantastic opportunities to express ourselves and to innovate.

      But do we love it enough to pass it on to future generations?

    • Theresa May to create new internet that would be controlled and regulated by government

      Theresa May is planning to introduce huge regulations on the way the internet works, allowing the government to decide what is said online.

      Particular focus has been drawn to the end of the manifesto, which makes clear that the Tories want to introduce huge changes to the way the internet works.

    • MIT student sues CIA for information about its social media jokes

      A lawsuit against the Central Intelligence Agency — and no, it’s not a joke.

      Amy Johnson, a PhD student and researcher at the Massachusetts Institute of Technology, is suing the CIA for failing to turn over documents, as part of a public records request, about the agency’s social media policies and how it manages its official Twitter account.

  • Privacy/Surveillance

    • Killing C.I.A. Informants, China Crippled U.S. Spying Operations

      The Chinese government systematically dismantled C.I.A. spying operations in the country starting in 2010, killing or imprisoning more than a dozen sources over two years and crippling intelligence gathering there for years afterward.

      Current and former American officials described the intelligence breach as one of the worst in decades. It set off a scramble in Washington’s intelligence and law enforcement agencies to contain the fallout, but investigators were bitterly divided over the cause. Some were convinced that a mole within the C.I.A. had betrayed the United States. Others believed that the Chinese had hacked the covert system the C.I.A. used to communicate with its foreign sources. Years later, that debate remains unresolved.

      But there was no disagreement about the damage. From the final weeks of 2010 through the end of 2012, according to former American officials, the Chinese killed at least a dozen of the C.I.A.’s sources. According to three of the officials, one was shot in front of his colleagues in the courtyard of a government building — a message to others who might have been working for the C.I.A.

    • Feds use anti-terror tool to hunt the undocumented

      An unsealed federal search warrant affidavit obtained by The News is the first public acknowledgment that agents are using secret devices that masquerade as a cell tower to find people who entered the U.S. illegally, privacy and civil liberty experts said.

    • Undocumented Immigrant Hunt Expands Use of Controversial Stingray Tech

      The Electronic Frontier Foundation’s Shahid Buttar concurred. "Once you start giving agencies fancy toys, and somebody is making money off of it, they are going to use them for more things, and ultimately oppress your rights," Buttar told the Free Press.

    • Facebook hit with fines and investigations in six EU countries over privacy law breaches

      Three EU countries – Belgium, France, and the Netherlands – have determined that Facebook is breaking their privacy laws, while Germany and Spain are still investigating the US company. The news was announced in a joint statement from the Contact Group of the data protection authorities (DPAs) of the Belgium, France, the Netherlands, Spain, and the German city of Hamburg. As a result, the French authorities have imposed a fine of €150,000 (about $166,000) on Facebook. The move comes hard on the heels of a €3 million fine (around $3.3 million) imposed by Italy on Facebook’s subsidiary WhatsApp last week over its handling of customer data.

    • 4 Items That Can Take On Anything The Internet Throws At You

      Well you should still look at privacy software because …

    • Tor Browser 7.0a4 is released

      This will probably be the last alpha before the first stable release in the 7.0 series.

    • ALTwitter – profiling with metadata

      EDRi’s Ford-Mozilla Open Web Fellow Sid Rao created a platform called ALTwitter, which combines the metadata collected from public Twitter accounts of the Members of the European Parliament (MEPs) and presents them graphically. Without going through all their tweets, one can learn a lot about their work areas, the devices they use, the types of websites they refer to, when they are the most active, and so on. What we can learn about the person only based on these metadata is indeed much more than we would first expect!

    • Twitter rolls out new privacy tools as it ditches Do Not Track and expands data sharing

      Twitter is dumping its support for Do Not Track (DNT), changing how it shares user data with third parties, and holding any web browsing data it collects for a longer duration—all to better aid in ad targeting, of course.

    • Facebook Fined $122 Million Over WhatsApp Deal for Misleading EU

      Facebook Inc. was fined 110 million euros ($122 million) by the European Union for misleading regulators during a 2014 review of the WhatsApp messaging service takeover on the same day the EU threatened to heavily penalize Patrick Drahi’s Altice NV for implementing for a second time a deal before getting regulatory clearance.

    • In Europe political attitudes are changing to Facebook

      Facebook counts a quarter of the world’s population – 1.94bn accounts – as monthly active users, with 354m in Europe. WhatsApp has 1.2 billion users, while Facebook-owned Instagram has 700m monthly active accounts. This vast scale has given it an air of an unstoppable behemoth trampling over rivals and across borders.

      However, politicians across Europe have started to question the role of tech giants in EU member states. Where once there was a feeling that the capitalism and tech ideas coming from the US were good for Europe, attitudes are changing.

    • Why open source AI voice assistants pose little threat to Amazon Alexa and Apple’s Siri

      The AI voice assistant in question is Mycroft, and the so-called "challenging" of market heavyweights is beyond silly. Mycroft has 36 contributors, with minimal outside interest. A total of 104 developers have bothered to follow it on Github, and it has garnered fewer than 1,000 stars (a way for developers to register interest). Another project associated with data infrastructure, Kubernetes, meanwhile, has 1,191 contributors, 23,205 stars, 1,733 people watching it, and 8,163 forks. That is what "challenging X for market superiority" looks like.

    • The machine is learning
    • It’s coming: another call for everyone’s DNA to be collected and stored permanently

      The head of the Hamburg Institute for Legal Medicine, Klaus Püschel, has called for the DNA of everybody in Germany – including tourists – to be collected and stored. As a story in the German news magazine Der Spiegel (Google Translate version) reported, Püschel wants this because [...]

    • UK government watchdog examining political use of data analytics

      The use of data analytics by political parties has piqued the interest of the Information Commissioner’s Office, a UK public body that protects data rights. On Wednesday it launched a formal investigation into the targeting of voters through social media by political parties, warning that any messages sent to people based on identifying data could be breaking the law.

    • PornHub’s Owner is About to Card Everybody in the UK

      Privacy advocates are fearful that MindGeek, which has over 100 million daily visitors to its sites that include PornHub and Brazzers, could create a database of adult viewing habits on a scale never seen before. MindGeek is "the largest adult entertainment operator globally," according to the porn industry press.

    • Boy, 11, hacks {sic} cyber-security audience to give lesson on ‘weaponisation’ of toys

      "Most internet-connected things have a Bluetooth functionality … I basically showed how I could connect to it, and send commands to it, by recording audio and playing the light," he told AFP later.

  • Civil Rights/Policing

    • Security chiefs agree there’s no point extending laptop flight ban to Europe

      A four-hour meeting in Brussels ended in agreement not to enforce the ban which is already in place between a number of ‘mostly Muslim’ countries, however, reports claim that other measures were still being considered.

    • Laptop ban will create ‘economic tsunami’ in travel industry if electronic devices banished to hold

      Simply put, the ripple effects of this could create an economic tsunami the likes of which terrorists are dreaming of, but instead it will be at the hand of government directive.

    • Don’t Profit From Abuses by Bahrain

      Yemen has entered its third year of war, and war crimes are being committed at an escalating rate. For Yemen’s children, facing a man-made famine, this conflict between Houthi rebels and a coalition led by Saudi Arabia has begun a new phase of horrors.

    • British Human Rights Activist Faces Prison For Refusing To Hand Over Passwords At UK Border

      As Techdirt readers will recall, in 2013 David Miranda was held by the UK authorities when he flew into Heathrow airport, and all of his electronic equipment was seized, in an act of blatant intimidation. His detention was under Schedule 7 of the UK’s Terrorism Act, which, as its name implies, is supposed to be used only if someone is involved in committing, preparing or instigating “acts of terrorism.”

      That was clearly ridiculous in Miranda’s case, and it’s just as outrageous in the latest example of UK border bullying, this time against Muhammad Rabbani. He’s a British citizen, and the international director of Cage, which describes itself as “an independent advocacy organisation working to empower communities impacted by the War on Terror.”

    • The strange death, and even stranger life of “Cocaine Cowboy” Andrew Carter Thornton II

      Andrew Carter Thornton II (ACT II) is a name unknown to most except as a piece of historical trivia – the man who fell from the sky in 1985 with millions of dollars of cocaine strapped to his body. To a few others, he’s one of the men tied to a drug operation that was fueling and fueled by government corruption, whose roots were traced as far as the Kentucky Governor’s mansion. But reality, revealed through his FBI file, is even stranger, tracing the corruption surrounding ACT II back to the CIA.

  • Internet Policy/Net Neutrality

    • FCC votes to dismantle net neutrality as critics cry ‘war on open internet’

      The Obama-era ruling came after a massive campaign by online activists who successfully saw off the lobbying might of the US’s largest cable companies. A similar battle will now ensue as the month’s long process of reviewing the rules begins. At the end of the review a final FCC vote will decide the future of internet regulation; court challenges are inevitable whatever the result.

    • Journalist allegedly "manhandled by FCC guards" for asking questions

      "When Donnelly strolled in an unthreatening way toward FCC Commissioner Michael O’Rielly to pose a question, two guards pinned Donnelly against the wall with the backs of their bodies until O’Rielly had passed," the report said. "O’Rielly witnessed this and continued walking."

    • OnPolitics Today: Your Internet is about to get less open

      Republicans succeeded in a party-line vote to start replacing the rules, which keep Internet providers from blocking or slowing down your Internet at will. The rules also keep corporations from getting paid to prioritize certain content’s delivery to users over others.

    • Net neutrality goes down in flames as FCC votes to kill Title II rules

      The Federal Communications Commission voted 2-1 today to start the process of eliminating net neutrality rules and the classification of home and mobile Internet service providers as common carriers under Title II of the Communications Act.

      [...]

      The FCC plans to take comments on its plan until August 16 (the docket is available here), and then make a final decision sometime after that.

    • Internet Providers Insist They Love Net Neutrality. Seriously?

      The rules won’t disappear overnight. In a party-line vote today, the FCC formally agreed to start the process of gathering feedback before drafting a more specific plan, which could take months (#bureaucracy). But FCC chair Ajit Pai has made it clear that, barring a successful legal challenge, the agency will give up its authority to actually enforce net neutrality regulations.

    • The FCC just voted to begin "Destroying Internet Freedom" and overturn net neutrality

      Today, the Federal Communications Commission (FCC) voted to kill net neutrality under the guise of "Restoring Internet Freedom." The lone FCC commissioner in favor of the Open Internet Order and the net neutrality rules we had enjoyed over the last few years, Mignon Clyburn, said the change would be better named "Destroying Internet Freedom" instead of "Restoring Internet Freedom."

    • [Older] The Republican push to repeal net neutrality will get underway this week

      The vote on Thursday, led by Federal Communications Commission Chairman Ajit Pai, will kick off consideration of a proposal to relax regulations on companies such as Comcast and AT&T.

    • Ajit Pai accidentally supports utility rules and open-access networks

      But returning to 1990s-era Internet regulation would require more of the Title II utility-style regulation that Pai abhors, not less. If we had 1990s and early 2000s regulatory policy, Internet providers would be forced to open their networks to companies that want to resell Internet access, potentially unleashing a wave of competition in a market where today’s consumers often have no choice of high-speed broadband providers.

  • DRM

  • Intellectual Monopolies

    • Copyrights

      • EU Votes Today On Content Portability to Reduce Piracy (Updated)

        Members of the European Parliament will vote today on draft rules that would allow citizens to enjoy legally purchased music and movie streaming subscriptions when they travel to another EU country. It’s hoped that improved access to content will help to dampen frustrations and reduce Internet piracy.

      • Elsevier Wants $15 Million Piracy Damages From Sci-Hub and Libgen

        ‘Pirate’ sites Sci-Hub and LibGen face millions of dollars in damages in a lawsuit filed by Elsevier, one of the largest academic publishers. Elsevier has requested a default judgment of $15 million against the defendants for their "truly egregious conduct" and "staggering" infringement.

      • [Older] A brief visual history of MARC cataloging at the Library of Congress.

        The Library of Congress has released MARC records that I’ll be doing more with over the next several months to understand the books and their classifications. As a first stab, though, I wanted to simply look at the history of how the Library digitized card catalogs to begin with.

05.18.17

Links 18/5/2017: Catching Up With the Past Three Days

Posted in News Roundup at 5:00 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • 5 Tips To Master Linux

      ​So here we are fans of Linux! But are we up to the bar? To get our hands a little dirty and maybe do what a surgeon do Tongue Well if that disgust you then I didn’t mean cutting up your favorite distro and operating on it. I meant a minor thing like stitches and tending to some easy commands.

    • The Alpha Litebook

      elementary OS Despite desktop Linux becoming more popular over the years and the GNU/Linux family of operating systems gaining more mainstream support from software and hardware creators, there still are not a lot of big name hardware companies selling Linux computers. Even those which do, such as Dell, tend to tuck their Linux options into a back corner, shinning the spotlight on their computers that ship with Windows pre-installed.

      This has left the Linux hardware market relatively open for smaller players. Many smaller shops have appeared over the years, specializing in selling computers with Linux pre-installed. One of the most recent arrivals in the Linux market is the Alpha Litebook. The Litebook, which was launched in early 2017, is a $249-$269 USD notebook computer which ships with elementary OS. elementary is based on Ubuntu and the distribution uses the Pantheon desktop environment by default.

      Happy with the price-to-specifications ratio featured by the Litebook and curious to see how the device would perform, I ordered one of the laptops at the start of March. This review of the Alpha Litebook will consist of four sections: acquiring the Litebook and dealing with Alpha’s customer support; the hardware of the Litebook; my thoughts on elementary OS as a default distribution; and the process of installing another Linux distribution on the Litebook.

  • Kernel Space

    • A pile of stable kernel updates
    • Linus Torvalds stops personally signing Linux rc tarballs

      Linus Torvalds might just be a big softie after all. The Linux Lord, infamous for his occasional foul-mouthed criticism of those who don’t meet his standards, has just popped out release candidate one for Linux 4.12 a day early so he could give his undivided attention to Mother’s Day.

      “So I’m doing this one day early, because I don’t like last-minute pull requests during the merge window anyway, and tomorrow is mother’s day, so I may end up being roped into various happenings,” Torvalds wrote on the Linux Kernel Mailing List on Saturday. Torvalds’ release announcements are usually made on Sundays.

    • Linux Kernels 4.10.16, 4.9.28 LTS and 4.4.68 LTS Are Out Now with Many Changes

      Immediately after announcing earlier today the availability of the first point release of the Linux 4.11 kernel series, Greg Kroah-Hartman is informing the community about the launch of new maintenance updates to the Linux 4.10, 4.9 and 4.4 kernels.

    • Linus Torvalds Kicks Off Development of Linux 4.12 with First Release Candidate

      Linus Torvalds kicked off the development of the Linux 4.12 kernel series by announcing the availability of the first Release Candidate (RC) a day early than expected due to the Mother’s Day celebration and last-minute pull requests.

      According to Linus Torvalds, Linux kernel 4.12 RC1 is a pretty large patch that contains numerous additions, including support for AMD’s next-generation Radeon RX Vega GPUs, along with a new driver for Intel Atom IPUs (Image Processing Units).

    • Graphics Stack

      • Dying Light & Dead Island Definitive Edition might soon work on Mesa

        There’s some activity on the Mesa-dev mailing list with patches that will enable both Dying Light & Dead Island Definitive Edition (and it seems Dead Island Riptide Definite Edition too) to work on Mesa.

      • Mesa 17.0.6 released with AMD Polaris 12 support in the ‘radv’ Vulkan driver

        Mesa 17.0.6 is the latest bug-fix release for the 17.0 series, but it also comes with AMD Polaris 12 support for the ‘radv’ Vulkan driver that has been back-ported.

      • Mesa 17.0.6 Released with AMD Polaris 12 GPU Support for Radeon Vulkan Driver

        As expected, the sixth point release to the Mesa 17.0 stable graphics stack was officially unveiled by Andres Gomez, and will soon be available from the software repositories of your favorite GNU/Linux distribution.

        Containing a total of 55 changes, which include both new functionality and fixes for recently discovered bugs, we can say that Mesa 17.0.6 is a hefty maintenance update that all users of the Mesa 17.0 3D Graphics Library series should install, that, of course, if they didn’t already upgrade to the newer Mesa 17.1 stable branch.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Linux Kernel 4.11 Coming Soon to openSUSE Tumbleweed, Users Get KDE Plasma 5.9.5

        Dominique Leuenberger reports this weekend on the latest updates that landed in the software repositories of the openSUSE Tumbleweed operating system, which were brought by a total of six snapshots released in the last two weeks.

        These new Tumbleweed snapshots contained a lot of the latest GNU/Linux technologies and software updates, including the KDE Plasma 5.9.5 and GNOME 3.24.1 desktop environment, KDE Applications 17.04.0 software suite, KDE Frameworks 5.33.0 collection of add-ons for Qt 5, and GRUB 2.02 bootloader.

      • KDE Frameworks 5.34.0 Released for KDE Plasma 5 Desktop Users with 83 Changes
      • It’s Now Possible to Access Your Google Drive Account on KDE Plasma 5 Desktops

        KDE developer Elvis Angelaccio is happy to report on the general availability of a new package that makes it possible for fans of the KDE Plasma 5 desktop environment to access their Google Drive accounts without any weird tricks.

      • Introduction for GSoC 2017 with Krita

        I’m here again and I will talk about my accepted GSoC proposal, but how every history, I have to start from the start, so sit down, drink a coffee or a hot chocolate(I like) and have fun.

        I’m from Brazil, to be more specific from Salvador, Bahia. I’m an undergraduate student in Analysis and System Development. I’m not like so many other people that code since their 9 years old or something like that. I just wrote my first line of code with 20 years old and now I have 23, but like my mother says, “It’s never late to do something, no matter what” (Yeah, my mother is amazing. By the way, Happy Mother’s Day).

        In first years in the college, I had the opportunity to work in a software house, that works with proprietary software. I didn’t like that experience for so many reasons, but I was holding myself for money (I’m poor). Someday a teacher from my college invite to a course about Qt and C++ and told to us that we can choose what we want to do and presented KDE and Open Source. I quit my job and started to go to the college in my free time. In this time I studied python and read some books about that and I loved it.

      • Plasma 5.10 Beta, Slicker Desktop

        Monday, 15 May 2017. Today KDE has made a testing release of our desktop Plasma 5.10 with new features across the suite to give users an experience which lives up to our tagline: simple by default, powerful when needed.

  • Distributions

    • Reviews

      • NixOS 17.03 “Gorilla”

        NixOS is a viable daily distro for average users who are willing to put a small amount of work into it. Since it is a little strange, knowledge about NixOS may not translate well to other distros. NixOS is very lightweight and usable. I think that it is probably a very good distro for a more advanced user. Like I said, I was able to do everything I wanted on NixOS (except get my NVIDIA drivers working, but I think that’s my fault). The Nix package manager is also available for most other distros, so if you want to use the Nix package manager and all the Nix glory associated with it (like isolation of packages) you can. I probably won’t keep NixOS on my machine, but I think I will start using the Nix package manager on whatever distro I settle on for this week.

    • New Releases

      • New Neptune Linux Plasma 5 ISO Snapshot Lands with KDE Applications 17.04, More

        Neptune Linux developer Leszek Lesner proudly announced this weekend the availability of a new ISO snapshot for the Neptune Plasma 5 edition of the Debian-based GNU/Linux distribution.

        The new Neptune Plasma 5 ISO is shipping with the latest KDE Applications 17.04 software suite, which includes numerous improvements and new features for the Dolphin file manager, Kdenlive video editor, Kate text editor, Ark archive manager, Konsole terminal emulator, Okular PDF viewer, and Gwenview image viewer.

    • Red Hat Family

      • Finance

      • Fedora

        • What I discovered in Tirana, Albania

          The past few months have brought many changes for me. I traveled throughout Europe to experience some of the open source conferences and communities across the continent. Along the way, I met incredible people with powerful stories about their own communities. However, there is one community that I knew about before I came to Europe. The Open Labs Hackerspace in Tirana, Albania is a special community that I was fortunate enough to discover and meet. Together, they have helped set in motion the open source way in their own city.

          [...]

          I am privileged and honored to be an official member of this community. However, I am mostly an observer in my role. The passion and interest are at the heart of the hackerspace. The members from Tirana have invested so much of themselves into this community, its mission, and its values. From reading, visiting, and talking with the people involved with Open Labs, you see many of their hearts dedicated to what they’re doing. And when you see someone else who invests their heart into something, it’s challenging to not lend some of your own too.

    • Debian Family

      • New Debian Developers and Maintainers (March and April 2017)

        The following contributors got their Debian Developer accounts in the last two months:

        Guilhem Moulin (guilhem)
        Lisa Baron (jeffity)
        Punit Agrawal (punit)

        The following contributors were added as Debian Maintainers in the last two months:

        Sebastien Jodogne
        Félix Lechner
        Uli Scholler
        Aurélien Couderc
        Ondřej Kobližek
        Patricio Paez

        Congratulations!

      • Derivatives

  • Devices/Embedded

    • Building Linux-powered devices, part 1: Making my Linux-only world a reality – Network World

      Sometimes, if you want something badly enough, you need to get off your lazy tuchus and make it happen yourself.

      For years now, I’ve been hoping and pining (and often complaining and whining) about how much I want Linux-powered… everything. Not Android. Not ChromeOS. Real Linux. The kind of Linux you have full control over—the sort you’d install on your desktop PC.

    • Artila Launches the Linux-Ready IoT Gateway Matrix-710 for M2M Applications

      Artila Electronics, which specializes in the development and manufacture of Linux-ready ARM embedded industrial computers, launches the highly integrated compact Box Computer , Matrix-710, based on ARM Cortex-A5, especially for industrial control, automation gateway, mobile gateway, smart energy application. Matrix-710 adapts the innovated technology of ARM processor coupled with the open Linux operating system, which provides the backbone for innovative smart IoT solutions. To achieve the need for M2M application, it equips the WiFi, cellular modems which allow Internet connectivity and GPS for location information transition, considering the practical needs, Matrix-710 also offers a miniPCIe slot for users to deploy these modules easily.

    • Phones

Free Software/Open Source

  • Elastic twangs in snappy machine learning

    Elastic is of course the company behind the open source Elasticsearch and the Elastic Stack products.

    Into the Elastic 5.4 release then… (as a result of the recent acquisition of data anomaly detection business Prelert) Elastic’s machine learning features will work on any time series data set to automatically apply machine brain intelligence.

  • Open Source On IBM i: Let It Grow

    The evaluation of open source software is nowhere near conclusive when it comes to enterprise grade application development. Decisions remain in the exploratory phases. Roadmaps are incomplete. Most are without clear routes to a destination. Some are without destinations. However, it would be wrong to assume roads are not being built.

    There is no way that the future of application development – on IBM i or anywhere else – can handle everything that is coming down the pike without open source. That’s not a mandate to jump on a band wagon. It’s an awareness wake-up call. The IBM i community should not be napping.

  • Open Source an ‘Overrated Necessity,’ Says PCCW [Ed: No, insisting you don't need Free software is like insisting you can put back doors in software, like Microsoft, and be OK]

    If open source has swiftly become the latest religious practise in the telecom industry, it is still attracting its share of skeptics and unbelievers.

    Some were on display at this week’s annual TM Forum Live conference in Nice, where Shahar Steiff, an assistant vice president at Hong Kong’s PCCW, described open source as an “overrated necessity” in front of conference attendees.

  • Events

    • LFNW 2017!

      LinuxFest NorthWest was a fantastic time for me, our Ubuntu booth had Valorie (Kubuntu), Simon (Kubuntu/Lubuntu) and over at the Jupiter Broadcasting we had the awesome Martin Wimpress (Ubuntu Mate). One top question was “what about that Unity news” which we gave a clear answer about Unity development ending and the move to GNOME. Since we were also burning DVD’s and dding usb drives we would recommend that users try out GNOME Shell if GNOME was there preferred Desktop.

    • Bringing together the best minds in open source geospatial technology

      FOSS4G Boston 2017 is shaping up to be a very diverse conference. We have a diverse set of keynote speakers including Holly St. Clair, Chief Digital Officer of the Commonwealth of Massachusetts, Richard Stallman of the Free Software Foundation, and other open source and geospatial leaders. There are also a variety of workshops and presentations this year. Topics will include R, 3D, analytics, artificial intelligence, routing, big data, drones, GeoNode, GeoServer, image processing, QGIS, PostGIS, projections, and much more! To see the full lineup, visit the full list of accepted presentations and workshops.

    • LaKademy 2017

      I’ve aways been an introspective person and when I was approved to Analysis and Systems Development Course, I thought that I don’t would need to talk with people anymore (while working at least) and I was happy with this xD. Things were going well, until the day that I met the open source concepts and KDE, through my professor, Sandro Andrade (yes, it’s your fault :p). It was love at first sight, I liked the idea to share knowledge and help another people or I was just thinking that I could work with my shorts, I hate pants. I will never know the truth xD.

  • CMS

  • BSD

  • Licensing/Legal

Leftovers

  • IT {sic} pros are becoming desensitised to security alerts and it’s all our fault

    Code42 reckons that 58 per cent of decision makers "have become desensitised to potential cyber security threats due to over-exaggeration and exposure by the media." Furthermore, three-quarters of the ingrates said that they have heard more about cyber threats in the last 18 months than they have ever heard in their lives before.

  • Microsoft to pledge $5 mn to U.N. Human Rights Office

    [...] could prod other big private-sector donors to follow suit.

  • Microsoft commits $5 million to ‘landmark’ United Nations technology partnership
  • Science

    • Thieves in online games can be caught by watching how they play

      Thieves then tend to siphon off virtual items to a network of other accounts they control, often also stolen. The items are in effect shared out between an in-game criminal gang of characters, which usually makes them hard to trace.

    • New American study confirms: Physically separated bike lanes are crucial for safety

      A new study by John Pucher and Ralph Bueler (PDF here) confirms what every cyclist already knows: physically separated bike lanes are by far the best way to reduce injuries and deaths. The two researchers had already shown that more bike lanes mean more cyclists and that bikes keep you skinny, but now demonstrate that cycle tracks keep you alive.

  • Health/Nutrition

  • Security

    • Ransomware Attack Has Spread To Police Department, Institutions: Maharashtra Police

      Globally active ransomware virus has partially affected the computer systems in some institutions in Maharashtra, including that of its police department, a police official said here.

      The exact data about the systems hit by the ransomware, however, will be known once the offices open today, the official said.

      A cyber ransomware is a type of malicious software that blocks access to a computer system until a sum of money is paid through the online medium. As per reports, the ransomware has hit as many as 200,000 victims in over 150 countries.

    • Open Source Security Podcast: Episode 47 – WannaCry: Everything is basically broken
    • People are trolling GCHQ after they boasted about keeping Britain safe

      While the effects were felt all over the world in almost 100 countries, the NHS was the most terrifyingly significant target for us in Britain – literally, the lifeline of the UK.

    • Out-of-Control CIA Continues to be Exposed in WikiLeaks’ Vault 7

      After installing a small file, the operators would then be able to instruct the computer to kill any use of a web browser on a set schedule. For instance, the software could be instructed to shut down Firefox every 25-35 seconds. Similarly, the example included a measure to “lock up” PowerPoint files 10 minutes after they were loaded. It would also allow operators to create a delay when PowerPoint files were attempting to load.

      While the examples they used are simple and relatively harmless, the software could perform virtually any assigned task. Because the data is encrypted with a key stored outside of the machine, the code would be extremely difficult to detect and/or decipher.

      After installing the software, the documentation instructs users to “kick back” and “Relax – After Midnight will take care of the rest.”

      The second piece of software detailed is similar to “AfterMidnight” and is called “Assassin.” That piece of software is a relatively simple way of collecting data remotely and then delivering results to a listening post on a schedule.

      Through screenshots in the documents, it can be seen that the author is named “Justin,” is working from a Dell computer, and desktop shortcuts to an encrypted chat program called ‘Pidgin,’ as well as a folder entitled “drone.”

    • Global ‘Wana’ Ransomware Outbreak Earned Perpetrators $26,000 So Far

      However, I find it depressing to think of the massive financial damage likely wrought by this ransom campaign in exchange for such a comparatively small reward. It’s particularly galling because this attack potentially endangered the lives of many.

    • Ransomware: Microsoft can no longer claim to be ‘proactive’

      Microsoft’s reaction to the Windows ransomware crisis that occurred on Friday and Saturday has shown one thing: no longer can the company continue to use the business buzzword “proactive” when it talks about itself. It was caught unawares and left looking very old and tired in the way it responded to the situation.

    • Cyber attack: Hackers {sic} in China try to seize control of WannaCry ransomware’s ‘kill switch’

      “What you can follow is the money,” Mr Raiu said. “You can follow the Bitcoins [although] following the Bitcoins is kind of an art in itself.”

    • [Old] The Software Industry IS the Problem

      The question is how to introduce product liability, because just imposing it would instantly shut down any and all software houses with just a hint of a risk management function on their organizational charts.

    • [Old] Why Not Use Port Knocking?

      The robots currently at work knocking around for your guessable password could easily be repurposed to guess your Unicode password currently known as your port knocking sequence, and quite likely have been already.

    • Ransom Attacks Should Make Xi WannaSmile

      The timing couldn’t be better. Just as President Xi Jinping steps on stage to outline his vision for a Chinese century, the world becomes hostage to malicious software.

      This weekend’s ransomware offensive hit hundreds of thousands of computers in at least 150 countries. The financial toll is still being calculated; the psychological toll could be infinite.

      Developed by the security agency of China’s biggest rival and exploiting a ubiquitous product developed by that country’s globally dominant software company, the attacks offer Xi the perfect opportunity to make the case for an alternative to Microsoft Corp. and its Windows operating system. That the techniques used in the attacks were stolen from the National Security Agency also makes this the perfect chance to argue that global technology can’t be trusted in the hands of a single nation.

    • While Microsoft griped about NSA exploit stockpiles, it stockpiled patches: Friday’s WinXP fix was built in February
    • WannaCry attacks are only the beginning, experts warn

      After all, security vendors are still seeing successful exploitation attempts today for MS08-067, the Windows vulnerability that allowed the Conficker computer worm to spread nine years ago.

    • Is Microsoft to blame for the largest ransomware attacks in internet history?
    • Ransomware attack hits 200,000 [Windows] computers across the globe

      Friday’s attack seems to have run its course but it may not take much to develop other strains of the virus {sic} that are not affected by the kill switch. For now, the best you can do is make sure your computers are running the latest software updates – and don’t click on any funny-looking emails.

    • Doxing the hero who stopped WannaCry was irresponsible and dumb

      At the very least, we should respect his privacy. MalwareTech doesn’t give out his name on his Twitter page or blog. There are no headshots. It’s obvious that he just wants to be left alone to get on with what he enjoys – hacking shit, and figuring out how stuff works.

    • Possible Protections To Take Against WannaCry Ransomware Attack
    • Ubuntu Login Screen Security Flaw Could Allow Anyone To Access Your Files [Ed: No, not true. But then again, Fossbytes is better at plagiarism than at grasping what it ‘writes’ about. Expect corporate media, funded by Bill Gates and Microsoft, to run “Linux not secure” stories amid WannaCry fiasco.)
    • NHS mulling Ubuntu switch after Windows XP fail?

      The NHS could be considering switching its software infrastructure from Windows to Ubuntu, after Windows XP vulnerabilities were exploited in the recent cyber attack that crippled the National Health Service. Or is it just an elaborate gag?

      The NHSbuntu platform came to our attention via Dr Dean Jenkins, a Fellow of the Royal College of Physicians and editor-at-large of BMJ Case Reports, who writes about it on Differential Diagnosis, his blog.

    • How WannaCrypt attacks
  • Defence/Aggression

  • Transparency/Investigative Reporting

    • Ecuador worried over Assange case progress

      It repeated Ecuador’s request for guarantees of non-extradition to any third country.

    • Ecuador concerned by ‘serious lack of progress’ in Assange case

      The letter by Ecuador’s Foreign Ministry voices concern over a "serious lack of progress" by Swedish prosecutors investigating the sexual misconduct case against Assange, the Australian Associated Press (AAP) reported.

    • Julian Assange: Ecuador ‘concerned’ over lack of progress

      Ecuador has voiced concern over the “serious lack of progress” by the Swedish government in dealing with Wikileaks founder Julian Assange.

      It said there had been a “serious failure” by Sweden’s prosecutor to complete an inquiry into sexual assault allegations dating back to 2010.

      Mr Assange has been confined to the Ecuadorean embassy, where he has asylum, for nearly five years.

      He fears he will be extradited to the US if he leaves the building.

      The Australian national is concerned the US may seek his arrest over Wikileaks’ release of 500,000 secret military files on the Afghanistan and Iraq wars.

    • Ecuador concerned by Sweden’s “lack of progress” in Assange case

      Ecuador has written to the Swedish government complaining of a “serious lack of progress” in the investigation involving a rape allegation against WikiLeaks founder Julian Assange.

      According to the BBC, the letter criticises Sweden’s prosecutor for a “serious failure” to complete an investigation into rape allegations dating back to 2010. Ecuadorian authorities accuse the prosecutor of a “lack of iniative”.

      Julian Assange has been confined at the Ecuadorean embassy in London, where he has asylum, for nearly five years. British police say he will be arrested if he leaves the embassy.

    • Edward Snowden and others urge Trump to drop case against Assange

      Edward Snowden and Noam Chomsky are among those calling on Donald Trump to drop the US government’s investigation into Julian Assange and WikiLeaks.

      The pair – along with more than 100 other activists, journalists and government workers – have signed an open letter to the president that calls prosecuting WikiLeaks “a threat to all free journalism”. The letter asks the Department of Justice to drop plans to charge Assange and other WikiLeaks staff members.

    • Wikileaks Attorneys Blast Citizenfour Maker Poitras

      We are lawyers for WikiLeaks. We are speaking out because we believe that Laura Poitras’s film Risk, released in U.S. theaters on May 5 this year, places our clients in legal jeopardy.

      The film serves to undermine WikiLeaks just as the Trump administration has announced that it intends to prosecute its journalists, editors and associates.

  • Environment/Energy/Wildlife/Nature

  • Finance

    • Cities hurting, not promoting economic growth in Finland [iophk: "duh. distributed populations are more productive for countries"]

      The regions have also witnessed lower-than-average gross domestic product growth in the 2010s, despite continuing to make up 61 per cent of the national output. Uusimaa alone accounts for a third of the national output but has failed to contribute to economic growth in 2010–2015, according to Hetemäki.

  • AstroTurf/Lobbying/Politics

    • The Donald Trump Impeachment Clock Is Ticking

      Citizens of the United States cannot address all the threats posed by all the errant leaders of all the countries on a planet that has plenty of problems. But they do have a duty to be on alert to threats posed by elected and appointed officials who fail to recognize their responsibilities, who act irrationally, or who disregard the rule of law.

    • [Older] Online Voting Won’t Save Democracy

      We have already declared out election system to be critical national infrastructure. This is largely symbolic, but it demonstrates a commitment to secure elections and makes funding and other resources available to states. We can do much more. We owe it to democracy to do it.

    • Trump ‘shared classified information with Russia’

      Then there is the question of whether US allies will be more reluctant to share sensitive intelligence information with the US, lest the president put sources at risk.

    • The ‘Chilling Effect’ of Trump’s Loose Talk With Russia

      This loose treatment of highly secretive "code word" intelligence raises broader questions, too, about how the cavalier disclosure of such secrets might impact the international relationships so essential to ensuring national security at home.

  • Censorship/Free Speech

  • Privacy/Surveillance

  • Civil Rights/Policing

    • Privatized for-profit immigrant detention centers are a "living nightmare," investigation shows

      Moreover, to make money to afford extra food or phone calls, many detainees have no option but to work for $1 per day. They are ruthlessly exploited by corporations looking to make a profit.

    • Jeff Sessions Reboots the Drug War

      In a two-page memo to federal prosecutors across the country, Sessions overturned former attorney general Eric H. Holder’s sweeping criminal charging policy that instructed his prosecutors to avoid charging certain defendants with offenses that would trigger long mandatory minimum sentences. In its place, Sessions told his more than 5,000 assistant U.S. attorneys to charge defendants with the most serious crimes, carrying the toughest penalties.

    • Indonesian Islamist leader says ethnic Chinese wealth is next target

      His group organised protests by hundreds of thousands of Muslims in Jakarta late last year over a comment about the Koran made by the capital’s governor, Basuki Tjahaja Purnama, an ethnic-Chinese Christian.

    • Louisiana’s public defender’s office is largely nonexistent so poor people just plead guilty

      If you’re poor and arrested in Louisiana, you will rot in jail for months or even years waiting for a trial which will be indifferently argued by a grossly overworked public defender. As a result, the majority of poor arrestees plead guilty, and 85% of those accused of crimes are poor. Black people in Louisiana are jailed at four times the rate of white people.

  • Internet Policy/Net Neutrality

    • Flooded with thoughtful net neutrality comments, FCC highlights "mean tweets"

      Facing extensive net neutrality support, FCC is ready to gut open Internet rules.

    • [Older] 4 Misleading Things ISPs And The FCC Need To Stop Claiming About Net Neutrality

      Net neutrality is a handy name for a pretty simple principle: the idea that the company providing your internet access should deliver you the online content of your choosing, when you choose it, without interfering. And since 2015, it’s been the law of the land. Now we stand to lose it once again — but the arguments that industry and some regulators are making against it are disingenuous at best, and a pack of lies at worst.

    • Big Cable push-polled America on Net Neutrality, still found the majority in favor of it

      As a way of hastening along the neutracidal moment, the Internet & Television Association (AKA National Cable Television Association) conducted a push-poll asking Americans if they wanted Net Neutrality killed right now, or straightaway (more or less).

      But even within the shitty, stilted choices the poll offered, Americans still spoke overwhelmingly in favor of Net Neutrality, leaving Big Cable to desperately spin the outcomes to claim that Americans really wanted to have their internet connections slowed down unless they were accessing their ISPs’ preferred services.

  • DRM

    • Anti-DRM artists march on the World Wide Web Consortium today

      The controversial project to standardize DRM for streaming video on the web started in 2013 and culminated last month with a poll by W3C members whose results are confidential (though the W3C has chosen to publish the outcomes of previous polls and may yet do so for this one).

    • New Netflix DRM Blocks Rooted Phone Owners From Downloading The Netflix App

      As this site has long documented, DRM more often than not provides a false sense of security to those terrified of piracy, yet just as frequently annoys paying customers — ironically driving those customers to the piracy alternatives the DRM was supposed to prevent in the first place.

      The latest example of this phenomenon: with the latest version 5.0 of the Netflix app, Netflix is now leaning entirely on Google’s Widevine digital rights management system. With Netflix recently introducing downloadable shows (assuming the license for that specific program allows it), Netflix’s programming partners likely wanted Netflix to utilize Widevine to ensure that Netflix’s app “only works with devices that are certified by Google and meet all Android requirements.”

    • Netflix Use of Google DRM Means Rooted Android Devices Are Banned

      Netflix customers who previously viewed the service using a ‘rooted’ Android device are no longer able to do so, at least officially. The development has been confirmed by Netflix, who say that the company’s reliance on Google’s Widevine DRM standards means that modified and/or non-certified devices will be excluded from the service.

    • Netflix confirms it is blocking rooted/unlocked devices, app itself is still working (for now)

      However, Netflix has now confirmed to us that blocking modified devices from downloading the app was intentional.

      This is the full statement:

      With our latest 5.0 release, we now fully rely on the Widevine DRM provided by Google; therefore, many devices that are not Google-certified or have been altered will no longer work with our latest app and those users will no longer see the Netflix app in the Play Store.

  • Intellectual Monopolies

    • "MP3 is dead" missed the real, much better story

      MP3 is no less alive now than it was last month or will be next year — the last known MP3 patents have simply expired.

    • Copyrights

      • Law Professor Shows How to Fight Copyright Trolls

        Copyright trolls are known for their dubious tactics, but how should they be fought in court? Motivated by false accusations against alleged BitTorrent pirates. Matthew Sag and Jake Haskell have written an in-depth overview that could help defense lawyers to make their case.

      • Streaming Site Operator Jailed For Three Years After Landmark Trial

        Following a landmark trial, the key player at streaming site Swefilmer has been jailed for an unprecedented three years, longer than any defendant in the earlier Pirate Bay case. An administrator of the site received a relatively lenient sentence of probation and community service.

05.14.17

Links 14/5/2017: Linux 4.12 RC1 and KDE Frameworks 5.34.0

Posted in News Roundup at 1:11 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • Insomnia Is Now Open Source

    Today, I’m happy to announce that the Insomnia desktop app is now open source software under the GPLv3 license! The source code is hosted on GitHub for your viewing pleasure.

  • Bookmarks for Nextcloud 0.10.0 released

    I am happy to announce the availability of Bookmarks for Nextcloud 0.10.0! Bookmarks is a simple way to manage the remarkable websites and pages you come across on the Internet. Bookmarks 0.10.0 provides API methods to create, read, update and delete your bookmarks as well as compatibility with upcoming Nextcloud 12, next to smaller improvements and fixes.

  • Coreboot Ported To Another Core 2 Era Motherboard: G41C-GS

    If you happen to have an ASRock G41C-GS still in use or tucked away in your closet, this older motherboard for Intel Core 2 CPUs now has support for Coreboot to free the proprietary BIOS of the motherboard. Or if you don’t but still have other parts available, this motherboard is still available from a few online shops.

  • Events

  • Web Browsers

    • Mozilla

      • Firefox 57: new Photon design screenshots

        The following article gives you a glimpse of the upcoming Photon design of the Firefox web browser which will come out later this year.

        Mozilla plans to make Firefox 57 a milestone release. It is the version of Firefox in which the cut is made that leaves legacy add-ons behind, and also the Firefox version that will feature a design update.

        This design update is called Photon, and we talked about this previously already here on Ghacks Technology News.

      • Firefox vs Chrome & Other Browsers

        Not too many years ago, Firefox was king of the jungle. Sadly, this is no longer the case. Is Chrome the browser to beat in 2017 on the Linux desktop? Can Firefox or other alternatives possibly make a dent in Chrome’s reign? I examine this matter closely.

      • Firefox vs Chrome & Other Browsers | Feedback Hangouts Video
  • Databases

  • OnlyOffice/LibreOffice

  • BSD

    • pfSense 2.5 and AES-NI

      We’re starting the process toward pfSense software release 2.3.4. pfSense software release 2.4 is close as well, and will bring a number of improvements: UEFI, translations to at least five lanuguages, ZFS, FreeBSD 11 base, new login page, OpenVPN 2.4 and more. pfSense version 2.4 requires a 64-bit Intel or AMD CPU, and nanobsd images are no longer a part of pfSense as of version 2.4.

  • FSF/FSFE/GNU/SFLC

  • Licensing/Legal

    • Machine learning for lawyers

      Machine learning is a technique that has taken the computing world by storm over the last few years. As Luis Villa discussed in his 2017 Free Software Legal and Licensing Workshop (LLW) talk, there are legal implications that need to be considered, especially with regard to the data sets that are used by machine-learning systems. The talk, which was not under the Chatham House Rule default for the workshop, also provided a simplified introduction to machine learning geared toward a legal audience.

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • Hackaday Prize Entry: Open Source Electrospinning

        Electrospinning is the process of dispensing a polymer solution from a nozzle, then applying a very high voltage potential between the nozzle and a collector screen. The result is a very, very fine fiber that is stretched and elongated down to nanometers. Why would anyone want this? These fibers make great filters because of their large surface area. Electrospinning has been cited as an enabling technology for the future of textiles. The reality, though, is that no one really knows how electrospinning is going to become a standard industrial process because it’s so rare. Not many labs are researching electrospinning, to say nothing of industry.

  • Programming/Development

    • Oracle crushed in defeat as Java world votes ‘No’ to modular overhaul

      The database goliath has lost a Java Community public-review ballot by 13 to 10 that was to have approved its Java Platform Module System (JPMS) specification as a final draft. Executive Committee members ignored dire warnings from Oracle spec lead Mark Reinhold in an open letter where he claimed that a “no” vote would not only delay Java 9 but also be a “vote against the Java Community Process itself”.

      The JSR, number 376, needed a two-thirds majority to pass.

      In that bluntly worded letter, Oracle’s Java platform chief also chastised IBM and Red Hat for suggesting that they might vote against JPMS.

Leftovers

  • Science

    • Toddlers’ screen time linked to speech delays and lost sleep, but questions remain

      It turns out that about 1 in 5 of the toddlers used handheld screens, and those kids had an average daily usage of about a half hour. Handheld screen time was associated with potential delays in expressive language, the team found. For every half hour of mobile media use, a child’s risk of language delay increased by about 50 percent.

  • Health/Nutrition

  • Security

    • Major cyber attack hits companies, hospitals, schools worldwide

      Private security firms identified the ransomware as a new variant of “WannaCry” that had the ability to automatically spread across large networks by exploiting a known bug in Microsoft’s Windows operating system.

    • Massive cyberattack hits several hospitals across England
    • Rejection Letter

      We start with a shadowy US government agency, the NSA, systematically analyzing the software of the biggest American computer companies in search of vulnerabilities. So far, so plausible: this is one of the jobs of an intelligence and counter-espionage agency focussed on information technology. However, instead of helping Microsoft fix them, we are supposed to believe that the NSA hoard their knowledge of weaknesses in Microsoft Windows, a vitally important piece of their own nation’s infrastructure, in case they’ll come in handy againt some hypothetical future enemy. (I’m sorry, but this just won’t wash; surely the good guys would prioritize protecting their own corporate infrastructure? But this is just the first of the many logical inconsistencies which riddle the back story and plot of “Zero Day”.)

    • SambaXP 2017: John Hixson’s Reflection

      The next talk was given by Jeremy Allison on the recent symlink CVE. Jeremy explained how it was discovered and the measures that were taken to fix it.

    • Microsoft issues ‘highly unusual’ Windows XP patch to prevent massive ransomware attack
    • Is it prudent to ask if Britain’s nuke subs, which also run Windows XP, have also been hit by ransomware?

      Let’s reword this to drive the point home. How likely is it that the United States NSA, through its persistent interest in keeping us unsafe, has managed to hand control of Britain’s nuclear weapons platforms to unknown ransomware authors, perhaps in Russia or Uzbekistan?

    • Current wave of ransomware not written by ordinary criminals, but by the NSA

      The lesson here is that the NSA’s mission, keeping a country safe, is in direct conflict with its methods of collecting a catalog of vulnerabilities in critical systems and constructing weapons to use against those systems, weapons that will always leak, instead of fixing the discovered weaknesses and vulnerabilities that make us unsafe.

    • Wana Decrypt0r Ransomware Outbreak Temporarily Stopped By “Accidental Hero”

      A security researcher that goes online by the nickname of MalwareTech is the hero of the day, albeit an accidental one, after having saved countless of computers worldwide from a virulent form of ransomware called Wana Decrypt0r (also referenced as WCry, WannaCry, WannaCrypt, and WanaCrypt0r).

    • DDOS attacks in Q1 2017

      In Q1 2017, the geography of DDoS attacks narrowed to 72 countries, with China accounting for 55.11% (21.9 p.p. less than the previous quarter). South Korea (22.41% vs. 7.04% in Q4 2016) and the US (11.37% vs. 7.30%) were second and third respectively.

      The Top 10 most targeted countries accounted for 95.5% of all attacks. The UK (0.8%) appeared in the ranking, replacing Japan. Vietnam (0.8%, + 0.2 p.p.) moved up from seventh to sixth, while Canada (0.7%) dropped to eighth.

    • Applied Physical Attacks and Hardware Pentesting

      This week, I had the opportunity to take Joe Fitzpatrick’s class “Applied Physical Attacks and Hardware Pentesting”. This was a preview of the course he’s offering at Black Hat this summer, and so it was in a bit of an unpolished state, but I actually enjoyed the fact that it was that way. I’ve taken a class with Joe before, back when he and Stephen Ridley of Xipiter taught “Software Exploitation via Hardware Exploitation”, and I’ve watched a number of his talks at various conferences, so I had high expectations of the course, and he didn’t disappoint.

    • Intel’s zero-day problem
    • Reverse-engineering the Intel Management Engine’s ROMP module

      Last month, while I was waiting for hardware to arrive and undergo troubleshooting, I had some spare time to begin some Intel ME reverse engineering work.

      First, I need to give some shout out to Igor Skochinsky, a Hex-Rays developer, who had been working on reverse engineering the Intel ME for a while, and who has been very generous in sharing his notes and research on the ME with us, which is going to be a huge help and cut down months of reverse engineering and guesswork. Igor was very helpful in getting me to understand the bits that didn’t make sense to me.

    • Intel AMT on wireless networks

      More details about Intel’s AMT vulnerablity have been released – it’s about the worst case scenario, in that it’s a total authentication bypass that appears to exist independent of whether the AMT is being used in Small Business or Enterprise modes (more background in my previous post here). One thing I claimed was that even though this was pretty bad it probably wasn’t super bad, since Shodan indicated that there were only a small number of thousand machines on the public internet and accessible via AMT. Most deployments were probably behind corporate firewalls, which meant that it was plausibly a vector for spreading within a company but probably wasn’t a likely initial vector.

      [...]

      Case 2 is the scary one. If you have a laptop that supports AMT, and if AMT has been provisioned, and if AMT has had wireless support turned on, and if you’re running Windows, then connecting your laptop to a public wireless network means that AMT is accessible to anyone else on that network[1]. If it hasn’t received a firmware update, they’ll be able to do so without needing any valid credentials.

    • Intel declared war on general purpose computing and lost, so now all our computers are broken

      It’s been a year since we warned that Intel’s Management Engine — a separate computer within your own computer, intended to verify and supervise the main system — presented a terrifying, unauditable security risk that could lead to devastating, unstoppable attacks. Guess what happened next?

      For the past week, the IT press has been full of news about the AMT module in the Management Engine making millions of systems vulnerable to local and remote attacks, with a firmware update to disable the module as the only really comprehensive solution. But AMT is only one of the many components of ME, and every one of them could have a vulnerability as grave as this one — and Intel is not offering any way to turn off ME altogether, meaning that there’s a lot of this in our future.

      ME is a brilliant example of why declaring war on general-purpose computing is a terrible idea. There are lots of reasons to want a computer that can only run some programs (instead of every program): preventing poisoned operating systems and other malware, preventing game cheating, enforcing copyright restrictions (DRM), etc… Every one of them is presented as a use-case for ME.

    • OSS-Fuzz: Five months later, and rewarding projects
    • USN-3285-1: LightDM vulnerability
    • generic kde LPE
    • QSB #30: Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214)
    • Europe is living under Microsoft’s digital killswitch

      All across Europe, from Finland to Portugal, Ireland to Greece, governments rely on Microsoft software. As their digital systems grow in size and importance, countries are becoming increasingly dependent on this single American corporation. But what consequences does this “lock-in” have? What risks does it pose for the security of European data? And what can governments do to counter it?

      It’s estimated that Microsoft makes around two billion euros in Europe every year, just from its business with the public sector. In 2012 the European Commission released a report that stated that 1.1 billion euros were unnecessarily lost by the European public sector due to being locked-in in business with IT system providers.

  • Defence/Aggression

  • Finance

    • Kevin McKenna: Giving huge IT deal to foreign firm is a betrayal of Scotland [Ed: Microsoft...]

      CGI was at the centre of the massive IT catastrophe which left around 20,000 farmers without their farm subsidy payments, driving many to the edge of ruin. Audit Scotland, which produced a report into the shambles, warned that the incomplete £178m system, designed to process common agricultural policy payments of £688m a year, was at risk of running out of money before it had met the European Commission deadline.

    • The Windows Store is looking a lot like the future of Windows

      Oh, and there are some big benefits for Microsoft if it can pull this off, too, given that the company gets a nice 30 percent cut of app purchases.

  • AstroTurf/Lobbying/Politics

  • Censorship/Free Speech

  • Privacy/Surveillance

    • This Is the Secret Court Order That Forced the NSA to Delete the Data It Collected About You

      A newly released court opinion from the secretive Foreign Intelligence Surveillance Court (FISC) shows that for years the NSA improperly and perhaps illegally surveilled Americans. The court order triggered the surprise announcement two weeks ago that the agency would be severely scaling back its domestic surveillance and destroying previously collected data on Americans.

    • Their View: NSA stops one abuse, but many remain

      The National Security Agency has decided to halt a controversial surveillance program, but this was just the tip of an iceberg of government abuses of privacy and due process.

    • Report: NSA Analysts Frequently Broke Rules on Intelligence Collection

      When searching intelligence data, analysts from the National Security Agency failed to follow the rules “with much greater frequency” than was previously disclosed, documents published by the Office of the Director of National Intelligence show.

      The secretive Foreign Intelligence Surveillance Court accused the NSA of a “lack of candor” when reporting those failures, which are a serious concern for the Fourth Amendment.

      During a preliminary review of just a few months in 2015, analysts running searches on emails and other digital communications vacuumed up from undersea internet cables frequently violated Americans’ privacy—albeit unintentionally.

    • Met Police use of Indian hackers probed by watchdog

      Undercover counter-extremism officers used hackers in India to access the emails of journalists and environmental activists, it has been claimed.

    • How to escape the online spies [iophk: "block Facebook at the firewall"]

      And that’s just the start of it. Experts warn that, in the future, your online activity could be taken into consideration when you apply for a loan – or for a job.

    • Young children unconcerned about digital tracking by strangers [iophk: "*cough*facebook*cough*"]

      In contrast, the children did not express such negativity, overall. The youngest children (4-7 years) were positive about someone tracking others’ possessions. In fact, children were more negative about someone merely placing a mobile GPS device on an object and not tracking it than about someone placing the device in order to track the object, Gelman said.

    • NHS cyber attack: Edward Snowden says NSA should have prevented cyber attack

      Edward Snowden has blamed the National Security Council for not preventing a cyber attack which infiltrated the computer systems of organisations in 74 countries around the world.

      In a tweet, the National Security Council (NSA) whistleblower said: “Despite warnings, @NSAGov built dangerous attack tools that could target Western software. Today we see the cost.”

  • Civil Rights/Policing

    • [Old] Raif Badawi

      First detained on apostasy charges in 2008, Mr. Badawi was released after a day of questioning. He was arrested on June 17, 2012, on a charge of insulting Islam through electronic channels and brought to court on several charges including apostasy, a conviction which carries an automatic death sentence. Human Rights Watch stated that Badawi’s website had hosted material criticizing “senior religious figures.” Mr. Badawi had also suggested that Imam Muhammad ibn Saud Islamic University had become “a den for terrorists.”

    • ‘We’ll not be safe with Indonesia,’ says West Papua’s Benny Wenda

      In its rush to claim former Dutch colonies in the Asia-Pacific region following West Papua’s self-declared independence from the Netherlands in late 1961, Indonesia has subjected West Papua to continued human rights violations.

      [...]

      With foreign media all but denied access to West Papua – despite apparent lifting of restrictions by President Joko Widodo in 2015 – much of Indonesia’s atrocities remain secret, hidden.

    • How one obscure court case could decide the future of internet business

      In August, the U.S. Court of Appeals for the 9th Circuit dealt the Federal Trade Commission a major blow by calling into question one of the consumer protection agency’s most important powers. The court said the FTC should be banned from regulating a company if even a small part of that firm’s business is regulated by the Federal Communications Commission as a telecom service, otherwise known as a “common carrier.”

  • DRM

    • Anti-DRM artists march on the World Wide Web Consortium today

      Today, activists will gather in Cambridge, Mass to march to the offices of W3C Director Tim Berners-Lee to urge him to keep DRM out of the standards for the open web.

      The controversial project to standardize DRM for streaming video on the web started in 2013 and culminated last month with a poll by W3C members whose results are confidential (though the W3C has chosen to publish the outcomes of previous polls and may yet do so for this one).

      Many of the members who voted in that poll endorsed a compromise advanced by the EFF: to go ahead with DRM, but only if members sign an amendment to the current membership agreement, promising not to use DRM laws to attack people engaged in legitimate activity like adapting the standard for people with disabilities, investigating security and privacy defects, and adding lawful features to video tools.

  • Intellectual Monopolies

    • Copyrights

      • The rise of copyright trolls

        At the 2017 Free Software Legal and Licensing Workshop (LLW), which was held April 26-28 in Barcelona, Spain, more information about the GPL enforcement efforts by Patrick McHardy emerged. The workshop is organized by the Free Software Foundation Europe (FSFE) and its legal network. A panel discussion on the final day of the workshop discussed McHardy’s methodology and outlined why those efforts are actually far from the worst-case scenario of a copyright troll. While the Q&A portion of the discussion was under Chatham House Rule (which was the default for the workshop), the discussion between the three participants was not—it provided much more detail about McHardy’s efforts, and copyright trolling in general, than has been previously available publicly.

      • ISP Bombarded With 82,000+ Demands to Reveal Alleged Pirates

        Scandinavian telecoms operator Telia has revealed how rightsholders are bombarding the company with demands to identify alleged pirates. During the past year alone, Telia has been ordered to hand over personal details relating to more than 82,000 IP addresses, a large proportion of which will go to known copyright trolls.

      • How Amanda Palmer gave the music industry the finger with crowdfunding

        “I’ve had to continually re-educate myself that this isn’t about selling music. It’s about making music.”

      • Anglophiles: Hang up your VPN; iPlayer isn’t for you anymore

        BBC collects IP address, location, e-mail address in fight against online cheats.

      • Texas Court Orders Temporary ‘Pre-Piracy’ Shutdown of Sports Streaming Sites

        A Federal Court in Texas has issued a broad preliminary injunction ordering several Internet services to disconnect a list of pirate sports streaming domains. While domain name seizures are not an entirely new phenomenon in the US, this order targets “anticipated” infringements and only applies temporarily. It ends after the Indian Premier League cricket tournament.

05.13.17

Links 13/5/2017: Neptune Plasma 5 ISO, a Shift to Free (FOSS) Databases

Posted in News Roundup at 2:59 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

Leftovers

  • Fonts and presentations

    When you’re giving a presentation, the choice of font can matter a lot. Not just in terms of how pretty your slides look, but also in terms of whether the data you’re presenting is actually properly legible. Unfortunately, far too many fonts are appallingly bad if you’re trying to tell certain characters apart. Imagine if you’re at the back of a room, trying to read information on a slide that’s (typically) too small and (if you’re unlucky) the presenter’s speech is also unclear to you (noisy room, bad audio, different language). A good clear font is really important here.

  • Science

    • Trump’s Expected Pick for Top USDA Scientist Is Not a Scientist

      The USDA’s research section studies everything from climate change to nutrition. Under the 2008 Farm Bill, its leader is supposed to serve as the agency’s “chief scientist” and be chosen “from among distinguished scientists with specialized or significant experience in agricultural research, education, and economics.”

      But Sam Clovis — who, according to sources with knowledge of the appointment and members of the agriculture trade press, is President Trump’s pick to oversee the section — appears to have no such credentials.

  • Health/Nutrition

    • New Report on U.S. Ocean and Great Lakes Economy Shows Growth

      The ocean economy includes businesses dependent on ocean and Great Lakes natural resources. This essential segment of the U.S. economy also employed more than 3 million people—more than crop production, telecommunication and building construction combined—with over two thirds of those employees in the tourism and recreation sector.

    • Action Alert: NYT Misleads on Children’s Pre-Existing Conditions

      But when you read the HHS report that Pelosi was referencing, the Times‘ “factcheck” is even more deceptive. The 4 million and 17 million figures are not the low and high estimates of the government about the same phenomenon; they’re counting two separate things, and the first figure intentionally leaves out massive numbers of kids with pre-existing conditions.

    • Understanding Sea Level Rise in the Nation’s Largest Estuary

      Chesapeake Bay Sentinel Site Cooperative researchers are working towards a better understanding of how the nation’s largest estuary is changing over time due to rising sea levels. Scientists are collecting data with tide stations and other tools at sentinel sites around the Bay. Through intensive studies and long-term observations at these stations, Cooperative partners are helping to create a clearer picture of sea level and ecological changes in this region to better inform coastal decision-makers about the health of the Bay now and into the future.

    • Taking Data Further with Standards

      Imagine reading a book, written by many different authors, each working apart from the others, without guidelines, and published without edits. That book is a difficult read — it’s in 23 different languages, there’s no consistency in character names, and the story gets lost. As a reader, you have an uphill battle to get the information to tell you one cohesive story. Data is a lot like that, and that’s why data standards matter. By establishing common standards for the collection, storage, and control of data and information, data can go farther, be integrated with other data, and make “big data” research and development possible.

      For example, NOAA collects around 20 terabytes of data every day.Through the National Ocean Service, instruments are at work daily gathering physical data in the ocean, from current speed to the movement of schools of fish and much more. Hundreds of government agencies and programs generate this information to fulfill their missions and mandates, but without consistency from agency to agency, the benefits of that data are limited. In addition to federal agencies, there are hundreds more non-federal and academic researchers gathering data every day. Having open, available, comprehensive data standards that are widely implemented facilitates data sharing, and when data is shared, it maximizes the benefits of “big data”— integrated, multi-source data that yields a whole greater than its parts.

    • Sullied seasoning: Sea salts come with a dash of microplastics

      When plastic garbage makes its way to the sea, it eventually breaks down into tiny fragments that return to us in salty seasonings, Malaysian researchers report in Scientific Reports.

      In a survey of 16 sea salts from eight countries, researchers found microplastic particles lurking in all but one. In total, the researchers collected 72 particles from the salts and used micro-Raman spectroscopy to identify their components, which were mainly plastic polymers and pigments.

    • Dakota Access pipeline has first leak before it’s fully operational

      “It doesn’t give us any pleasure to say, ‘I told you so.’ But we have said from the beginning that it’s not a matter of if, but when,” the Earthjustice attorney told the Guardian on Wednesday. “Pipelines leak and they spill. It’s just what happens.”

      [...]

      The company has fought in court to keep information about the status of the project confidential.

    • [Old] 220 ‘Significant’ Pipeline Spills Already This Year Exposes Troubling Safety Record

      Three major U.S. pipeline spills within the last month are just a small part of the 220 significant incidents reported so far this year—and 3,032 since 2006—that provide a stark reminder of the environmental hazards of an aging pipeline infrastructure carrying fossil fuels. The costs of these leaks since 2006 has amounted to $4.7 billion.

  • Security

    • ‘CIA malware plants Gremlins’ on Microsoft machines – WikiLeaks

      WikiLeaks has released the latest instalment in the #Vault7 series, detailing two apparent CIA malware frameworks dubbed ‘AfterMidnight’ and ‘Assassin’ which it says target the Microsoft Windows platform.

    • WannaCry ransomware used in widespread attacks all over the world

      Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames.

      Our analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This exploit (codenamed “EternalBlue”) has been made available on the internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14.

    • NHS left reeling by cyber-attack: ‘We are literally unable to do any x-rays’

      Thousands of patients across England and Scotland have been in limbo after an international cyber-attack hit the NHS, with many having operations cancelled at the last minute.

      Senior medics sought to reassure patients that they could be seen in the normal way in emergencies, but others were asked to stay away if possible.

      According to one junior doctor who works in a London hospital, the attack left hospitals struggling to care for people. “However much they pretend patient safety is unaffected, it’s not true. At my hospital we are literally unable to do any x-rays, which are an essential component of emergency medicine,” the doctor told the Guardian.

    • “Worst-Ever Recorded” Ransomware Attack Strikes Over 57,000 Users Worldwide, Using NSA-Leaked Tools

      Update 4: According to experts tracking and analyzing the worm and its spread, this could be one of the worst-ever recorded attacks of its kind. The security researcher who tweets and blogs as MalwareTech told The Intercept “I’ve never seen anything like this with ransomware,” and “the last worm of this degree I can remember is Conficker.” Conficker was a notorious Windows worm first spotted in 2008; it went on to infect over nine million computers in nearly 200 countries.

    • Ransomware mess: high time for Microsoft to act [iophk: "close, it's high time to ditch Windows across the board"]

      Lets’ remember one thing: the ransomware and exploits are just the effects. The vulnerabilities in Windows are the cause.

    • NHS hospitals across the UK hit by large-scale ransomware attack

      Malware said to be spreading via Windows SMB exploit first outed in February

    • Tories cut security support for outdated NHS computers a year ago despite warnings of vulnerability to hackers

      The Government Digital Service, set up by David Cameron, decided not to extend a £5.5million one-year support deal with Microsoft for Windows XP.

    • We Wuz Warned

      The tools that are infecting computers worldwide were indeed developed by, and then leaked from, the NSA. (Thanks for nothing, spooks.) The bitcoin.com article contains tips about how to protect yourself, and links to Windows patches, if you haven’t yet been hit. Fortunately for us, the attacks seem to be focused on Windows systems; our Linux desktops are so far unscathed.

    • NSA-created cyber tool spawns global attacks — and victims include Russia

      Leaked alleged NSA hacking tools appear to be behind a massive cyberattack disrupting hospitals and companies across Europe, Asia, with Russia among the hardest-hit countries.

      But the Department of Homeland Security told POLITICO it had not confirmed any attacks in the U.S. on government targets or vital industries, such as hospitals and banks.

    • GCHQ tweeted about keeping Britain cyber-safe and it majorly backfired
    • Leaked NSA Hacking Tool On Global Ransomware Rampage [Ed: No, the problem isn't "patching" or "upgrade", the problem is Windows itself, irrespective of which version (back doors)]

      Thus, there’s some debate online about whether the “problem” here is organizations who don’t upgrade/patch or the NSA. Of course, these things are not mutually exclusive: you can reasonably blame both. Failing to update and patch your computers is a bad idea these days — especially for large organizations with IT staff who should know better.

    • An NSA-derived ransomware worm is shutting down computers worldwide
    • WCry is so mean Microsoft issues patch for 3 unsupported Windows versions [Ed: Back doors in old versions of Windows belatedly closed because Microsoft risks losing millions of useds [sic] for good]
    • Six things you need to know about IoT security
    • OpenStack Cloud Security Moves Forward

      When it comes to understanding security in the cloud and specifically security in OpenStack clouds, there are many factors to consider. In a panel session moderated by eWEEK at the OpenStack Summit in Boston, leaders from across different elements of the OpenStack security spectrum provided insight and recommendations on cloud security.

      Security is a broad term in the OpenStack context and isn’t just one single item. There is the OpenStack Security Project, which has a mission to help build tools and processes that help to secure OpenStack and its various projects. There is also the Vulnerability Management Team (VMT) that handles vulnerabilities for OpenStack project. Security in OpenStack is also reflected in various OpenStack projects, including notably Project Barbican for security key management. Finally there is just general security for cloud deployment by operators, which includes secure configuration and monitoring.

    • Intel’s Management Engine is a security hazard, and users need a way to disable it

      Since 2008, most of Intel’s CPUs have contained a tiny homunculus computer called the “Management Engine” (ME). The ME is a largely undocumented master controller for your CPU: it works with system firmware during boot and has direct access to system memory, the screen, keyboard, and network. All of the code inside the ME is secret, signed, and tightly controlled by Intel. Last week, vulnerabilities in the Active Management (AMT) module in some Management Engines have caused lots of machines with Intel CPUs to be disastrously vulnerable to remote and local attackers. While AMT can be disabled, there is presently no way to disable or limit the Management Engine in general. Intel urgently needs to provide one.

      This post will describe the nature of the vulnerabilities (thanks to Matthew Garrett for documenting them well), and the potential for similar bugs in the future. EFF believes that Intel needs to provide a minimum level of transparency and user control of the Management Engines inside our CPUs, in order to prevent this cybersecurity disaster from recurring. Unless that happens, we are concerned that it may not be appropriate to use Intel CPUs in many kinds of critical infrastructure systems.

    • ‘Accidental hero’ halts ransomware attack and warns: this is not over

      Ransomware is a type of malware that encrypts a user’s data, then demands payment in exchange for unlocking the data. This attack used a piece of malicious software called “WanaCrypt0r 2.0” or WannaCry, that exploits a vulnerability in Windows. Microsoft released a patch (a software update that fixes the problem) for the flaw in March, but computers that have not installed the security update remain vulnerable.

    • Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability

      Popular open source forum software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbitrary code.

    • Vanilla Forums has a plain-flavoured zero-day

      The popular Vanilla Forums software needs patching against a remote code execution zero-day first reported to the developers in December 2016.

      Published by ExploitBox, the zero-day “can be exploited by unauthenticated remote attackers to execute arbitrary code and fully compromise the target application when combined with Host Header injection vulnerability CVE-2016-10073.”

      The problem arises because Vanilla Forums inherits a bug in PHPMailer. The mailer uses PHP’s mail() function as its default transport, as discussed by Legal Hackers here.

    • Google Fuzzing Service Uncovers 1K Bugs in Open-Source Projects

      Today’s topics include Google’s fuzzing service uncovering more than 1,000 bugs in open-source projects in five months, VMware helping Google make Chromebooks better for business; Edward Snowden advocating the need for open source and OpenStack; and Dell EMC aiming servers at data center modernization efforts.

  • Defence/Aggression

    • The universal lesson of the courage of East Timor

      On May 5, John Pilger was presented with the Order of Timor-Leste by East Timor’s Ambassador to Australia, Abel Gutteras, in recognition of his reporting on East Timor under Indonesia’s brutal occupation, especially his landmark documentary film, Death of a Nation: the Timor Conspiracy. The following was Pilger’s response…

      Filming undercover in East Timor in 1993 I followed a landscape of crosses: great black crosses etched against the sky, crosses on peaks, crosses marching down the hillsides, crosses beside the road. They littered the earth and crowded the eye.

      The inscriptions on the crosses revealed the extinction of whole families, wiped out in the space of a year, a month, a day. Village after village stood as memorials.

      Kraras is one such village. Known as the “village of the widows”, the population of 287 people was murdered by Indonesian troops.

      Using a typewriter with a faded ribbon, a local priest had recorded the name, age, cause of death and date of the killing of every victim. In the last column, he identified the Indonesian battalion responsible for each murder. It was evidence of genocide.

    • Lockheed Martin-Funded Experts Agree: South Korea Needs More Lockheed Martin Missiles

      As tensions between the United States and North Korea continue to rise, one think tank, the Center for Strategic and International Studies (CSIS), has become a ubiquitous voice on the topic of missile defense, providing Official-Sounding Quotes to dozens of reporters in Western media outlets. All of these quotes speak to the urgent threat of North Korea and how important the United States’s deployment of the Terminal High Altitude Area Defense (THAAD) missile system is to South Korea…

    • NPR Can’t Help Hyping North Korean Threat

      North Korea’s dictatorial government uses the threat of war as a propaganda tool against its own population—fostering loyalty to itself and its military establishment. As NPR’s own reporting (3/23/16) put it, North Korea’s Kim Jong Un “needs to establish his own legitimacy, and that means standing up to enemies.” According to Brookings’ Sheena Greitens, interviewed in that piece: “North Korea might use a range of strategies…but we should remember that they’re all aimed at the same underlying, fundamental objective: ensuring Kim’s political survival.”

      If North Korea’s warlike propaganda is so transparent, what should we think of the US media? Of course, professional journalists claim to pursue the truth, and report it in nobody’s interest but the public’s. But what if even a “serious” outlet like National Public Radio launches a flurry of fear-mongering at a word from the Pentagon? A survey of its coverage since March 8 suggests that NPR has promoted the perspective of the US government at the expense of public understanding of US/North Korean relations. The construction of foreign “threats” benefits both a national government hungry for legitimacy—and news organizations hungry for an audience.

  • Finance

    • Donald Trump Is Waging a War on Workers
    • Behind Many ‘Mom and Pop’ Bail Bonds Shops Is a Huge Insurance Corporation Out to Profit From Misery

      Every year, money bail boosts bail insurance corporations’ profits at the expense of millions of low-income people of color.

      Eleven years ago, San Diego, California, resident Melodie Henderson was arrested for assault after a minor altercation with a former coworker. Her bail was set at $50,000. This was before a judge ever laid eyes on her.

      Although she was employed, there was just no way Melodie would ever have been able to come up with the $50,000 she needed to post bail to be released while she fought her case in court. Her other option was to pay a bail bonds company a 10% nonrefundable fee, but with a $50,000 bail amount, it would be hard for her to come up with the $5,000 on her own. Of course there was third option: to sit in jail while her case moved forward, but that wasn’t an option at all. She was in her early 20s, working and going to school part time, while also taking care of her 6-year-old sister and her grandmother, who was undergoing chemotherapy. Her bail felt like punishment before she even went to trial.

    • Globalism, Neoliberalism and the Big Questions of Our Time

      Annoyingly for the neo-liberals, many of the most regulated economies in the world continue to be the most productive countries in the world. This stubborn fact is extremely frustrating for the neo-liberals, and leads them to make fools of themselves coming up with the daftest possible explanations (see Ryan Bourne above). It is also why they are desperate to destroy the French model (see Macron above).

  • AstroTurf/Lobbying/Politics

    • WikiLeaks offers $100K for tapes of President Trump-James Comey conversations

      WikiLeaks has offered $100,000 to anyone who can send them any tapes of conversations between President Trump and former FBI director James Comey.

      The offer from the antisecrecy organization — which infamously published emails from Clinton campaign chairman John Podesta last year — was made Friday via Twitter: “WikiLeaks offers US$100k for the Trump-Comey tapes. To increase the reward send Bitcoin to reward address.”

    • Media Are Literally Copy-and-Pasting ICE Press Releases

      Without going through every DHS and ICE press release and cross-checking them against local media reports, it’s impossible to document the scope of the problem. But with a half-dozen glaring examples in just the past few weeks alone, it appears rampant in local media. Rewriting press releases to mindlessly advance a government narrative is bad enough; literally plagiarizing government press releases in the service of the same ends is a whole new low in corporate media stenography.

    • Action Alert: Asking Questions of Government Figures Is Not a Crime

      West Virginia state police arrested Dan Heyman, a veteran reporter with Public News Service, for repeatedly asking Health and Human Services Secretary Tom Price whether being a target of domestic violence would be considered a “pre-existing condition,” allowing health insurance to be denied, under the new Republican healthcare bill.

      The charge: “willful disruption of governmental processes.”

      Capitol police “decided I was just too persistent in asking this question and trying to do my job and so they arrested me,” Heyman told reporters (The Hill, 5/9/17). “First time I’ve ever been arrested for asking a question. First time I’ve ever heard of someone getting arrested for asking a question.”

    • Journalists as State Functionaries

      The media know perfectly well that the reason May needs protection from difficult questions – and even advance notice of soft ones – is that she is hopeless. Her refusal to debate Corbyn and her car crash interview with Marr illustrate that. But our servile media cover up for her by colluding in entirely fake events.

      I learn from a BBC source that in the special Question Time the BBC have organised for May in lieu of a debate, questioners will be selected in advance and May will see the questions in time to prepare.

      My observation that the Conservative platform is in its essentials identical to the BNP manifesto of 2005 has received widespread social media coverage. I simply cannot conceive that the UK can have become so right wing. Now add to that, it has become so authoritarian there is no reaction to advance vetting of journalists questions – something Vladimir Putin does not do. And very few people seem to care.

    • How a Tory Mayor spent nearly £1m on his election by bypassing spending limits

      Some rights reservedA Conservative candidate is reported to have spent nearly £1m to become the new Mayor of West Midlands. And yet campaign spending limits imposed by the Electoral Commission fall far short of that.

      Andy Street narrowly beat Labour’s Sion Simon in the hotly fought election and won despite expectations in the local elections held last week. The former businessman was managing director of John Lewis from 2007 to 2016

      This is how Street justified his spending to the BBC’s Today programme: “I haven’t spent quite a million, but I have spent a substantial amount more than my opponents and actually I think that’s OK, and I’ll tell you why. This is a very important election; a new start in democracy for this region. It is 2.5 million people and so it is absolutely appropriate. We have worked within the rules, which are that if you raise money you can spend it.”

      The rules are that candidates have a limit of around £130,000 for the final five weeks leading up to the Mayoral election.

    • Crown Prosecution Service Colludes in Tory Election Fraud

      So the Conservative Party broke electoral law, that is not in question and they have been fined for it by the Electoral Commission. But no individual may be prosecuted because Conservative Party HQ told them to do it? Their defence was that they are collectively all crooks, and this was accepted by the “independent” Crown Prosecution Service?

      On top of which, the Crown Prosecution Service also colludes with the Tory Party by repeating the lie the Tories have assiduously spread that the allegations only related to the “Battlebus”. Of course for generations every Party Leader has campaigned from a “Battlebus”, singular, and the public are familiar with it. The Tory meme then goes everyone does that, why is it illegal?

    • Kris Kobach, the ‘King of Voter Suppression,’ Will Lead Trump’s Sham Voter Fraud Commission. Be Afraid, Very Afraid.

      The ACLU’s Voting Rights Project director tells us what to watch out for from a “voting fraud commission” led by a fraud.

      President Trump signed an executive order yesterday forming a commission to investigate voter fraud and voter suppression after repeatedly claiming, without evidence, that the United States has a “major problem” with illegal voting.

      In response to the executive order, the ACLU’s Voting Rights Project immediately filed a Freedom of Information Act request demanding that the government release any “evidence” it has to support President Trump’s claims of voter fraud. Too often in our country’s history, accusations of voter fraud have been used to justify unnecessary and unconstitutional restrictions on the right to vote.

    • S.O.S. — America Needs Our Help, Time to Get to Work

      We are tearing ourselves apart. If we do not stop we will destroy our nation. You wanted a crisis? You got one.

    • Moving Forward to 2018? The Danger of Undead Hillary

      Media regularly now run stories “telling” Trump voters how bad their decision was. Many outlets unlikely to be read by Trump voters produce elaborate charts and expert commentary about how whatever Trump is doing with taxes or the economy will negatively affect voters in Red states the most. The implication is hah, hah, suckers, you voted for more jobs and you’ll get nothing! Tag-on articles also include dubious surveys showing vast numbers of Trump voters agree with statements like “Even though Trump policies will definitely kill my mother in front of my eyes, I’d still vote for him.” That’s a two-fer: you were dumb to vote for him once, Cletus, and you still won’t admit how freaking dumb you are.

  • Censorship/Free Speech

    • FOI request reveals a porno site suggesting a blanket ban on porno sites for the Digital Economy Bill
    • Facebook shuts down atheist and ex-Muslim groups amid claims they are being targeted by ‘fundamentalists’

      Facebook has been accused of shutting down ex-Muslim and atheist groups amid claims they were targeted by ‘fundamentalists’ who wanted them closed.

      This week the social media company temporarily closed the pages of Atheist Republic, which has more than 1.6million followers, and the Ex-Muslims of North America, liked almost 25,000 times.

      It is believed Facebook closed the groups after a flurry of complaints from people taking advantage of the company’s ‘flagging’ tools to falsely report the pages.

    • Now Canceled Crowdfunding Project Sent DMCA Notice Following Skeptical Review

      A few months back, I saw some news about a crowdfunding project on IndieGogo, called Titan Note. It was a little a cylindrical device that acted as a microphone, and the guys behind the project insisted that it could transcribe notes with fairly incredible levels of accuracy. The device got some press coverage — including a quite reasonably skeptical piece at The Verge, entitled “No way this transcription gizmo is as good as it claims to be.” There was a lot more skepticism around the project in the comments to the project as well. On top of that, the project’s marketing pitch seemed… wrong. That is, it positioned the device as a thing that you could use to “stop taking notes” in classes and meetings in order to pay better attention and learn more. But… that’s just wrong. Because the process of taking notes yourself actually helps you commit things to memory. That is, taking notes helps you pay better attention, and thus if you actually used the device the way it was advertised, you might get less out of lectures and meetings.

    • Public Access Channel Tries To Shut Down Use Of Council Meeting Video Clips; Claims They Aren’t Fair Use
  • Privacy/Surveillance

    • Oakland City Council Committee Advances Measure to Require Transparency and Public Process for Surveillance Tech

      On May 9, the Public Safety Committee of the Oakland City Council voted unanimously to approve a proposed “Surveillance and Community Safety Ordinance.” The measure, passed on to the Council by the city’s Privacy Advisory Commission, is modeled on a law enacted in spring 2016 by Santa Clara County and could set a new standard for municipal reforms seeking transparency, oversight, and accountability to restrain otherwise unrestrained surveillance.

      Once approved by the full Council, the ordinance will require the Oakland Police Department to seek City Council approval before adopting or deploying new surveillance technologies. The measure will also provide community members with an opportunity to comment on such proposals, and the use policies for these technologies, before the City Council makes its decisions.

    • California Senate Committee Votes Against Privacy for Our Travel Patterns

      The Electronic Frontier Foundation and the ACLU of California joined forces with California State Sen. Joel Anderson (R-Alpine) on Tuesday to testify in favor of S.B. 712 (text), a bill that would have allowed drivers to cover their license plates when parked in order to protect their travel patterns from private companies operating automated license plate readers (ALPRs).

      The Senate Transportation and Housing Committee heard testimony on how private ALPR companies are collecting massive amounts of data on innocent people’s driving patterns and selling it for profit. Despite learning how this data may be misused to target vulnerable communities by the federal government, a Democratic majority voted to kill the bill 5-6.

    • The Fight Against General Warrants to Hack Rages On

      The federal government thinks it should be able to use one warrant to hack into an untold number of computers located anywhere in the world. But EFF and others continue to make the case that the Fourth Amendment prohibits this type of blanket warrant. And courts are starting to listen.

      Last week, EFF pressed its case against these broad and unconstitutional warrants in arguments before a federal court of appeals in Boston, Massachusetts. As we spelled out in a brief filed earlier this year, these warrants fail to satisfy the Fourth Amendment’s basic safeguards.

    • The FCC Pretends to Support Net Neutrality and Privacy While Moving to Gut Both

      FCC Chairman Ajit Pai has proposed a plan to eliminate net neutrality and privacy for broadband subscribers. Of course, those protections are tremendously popular, so Chairman Pai and his allies have been forced to pay lip service to preserving them in “some form.” How do we know it’s just lip service? Because the plan Pai is pushing will destroy the legal foundation for net neutrality. That’s right: if Pai succeeds, the FCC won’t have the legal authority to preserve NN in just about any form. And if he’s read the case law, he knows it.

      Let’s break it down.

    • Danger Ahead: The Government’s Plan for Vehicle-to-Vehicle Communication Threatens Privacy, Security, and Common Sense

      Imagine if your car could send messages about its speed and movements to other cars on the road around it. That’s the dream of the National Highway Traffic Safety Administration (NHTSA), which thinks of Vehicle-to-Vehicle (V2V) communication technology as the leading solution for reducing accident rates in the United States. But there’s a huge problem: it’s extremely difficult to have cars “talk” to each other in a way that protects the privacy and security of the people inside them, and NHTSA’s proposal doesn’t come close to successfully addressing those issues. EFF filed public comments with both NHTSA and the FTC explaining why it needs to go back to the drawing board—and spend some serious time there—before moving forward with any V2V proposal.

    • China Is on Track to Fully Phase Out Cash [Ed: Using technology as an excuse/pretext to take away rights we once had, including anonymous payments]

      “People basically run their lives through smartphones in China,” said Ben Cavender, senior analyst at Shanghai-based China Market Research Group. “If you compare the US to China in terms of how people access the internet, China is much more heavily slanted toward smartphones. People are already spending so much time on their smartphones; it’s logical for them to have the tools they need in one place.”

    • Certain HP laptops are found recording users’ keystrokes [Ed: but only if you use Microsoft Windows]
  • Civil Rights/Policing

    • 6 Things I Learned When The Cops Raided My House By Mistake
    • No Dogs, No Indians

      Lean’s Passage to India was part of the Raj revival of the early 1980s in the UK—Salman Rushdie wrote witheringly about it in ‘Outside the Whale’. Three decades later, plus ça change. Intriguingly, in these films and TV shows, there is little on how Indians responded to this shaming provocation. The sign itself was part of colonial policy to keep Indians in their place, to remind them of their subhuman status in the machinery of empire, despite the collaborators, the clerks, the judges, the teachers, the district officers, the maharajas, as well as all the soldiers who laid down their lives in the thousands for Europe’s battles.

    • Tip of the Day: The Unfair and Imbalanced Culture of Sexual Harassment at Fox News

      Bill O’Reilly’s abrupt dismissal from Fox News in April serves as a long, hard fought victory for those who have called him out for his sexist, racist, xenophobic, homophobic, and classist rhetoric. Over the past two decades, viewers of Fox News have been subjected to O’Reilly’s histrionic tirades against women, people of color, and members of the LGBTQ community, among others. For some, O’Reilly’s rants tapped into the their own sexist attitudes toward minorities, while cultivating a culture of domination and discrimination in the workplace. But for many others, O’Reilly’s patriarchal, racist, and elitist denigrations of women and minorities emboldened a countercultural resistance to the “Mad Men” view of the office.

    • Big Media Need to Fight for the Right to Protest

      West Virginia state police arrested Dan Heyman, a veteran reporter with Public News Service, for repeatedly asking Health and Human Services Secretary Tom Price whether being a target of domestic violence would be considered a “pre-existing condition,” allowing health insurance to be denied, under the new Republican healthcare bill (FAIR Action Alert, 5/10/17).

  • Internet Policy/Net Neutrality

    • FCC Temporarily Stops Taking Net Neutrality Comments So FCC Can ‘Reflect’

      Okay, let’s be quite clear here: this is not some crazy new thing that the FCC is doing, but it’s important for members of the public to understand what’s happening. As lots of people have been commenting (some of which are fake) on the FCC’s proposed plan to rollback net neutrality, the FCC will be temporarily be shutting down the ability to comment. This is not in response to the fake comments. Nor is it in response to the site being overwhelmed — whether by John Oliver or [snort!] random DDoS attacks that no one else can see.

    • Even The Cable Lobby’s Questionable Survey Shows Most Americans Want Net Neutrality

      Meanwhile, when the survey starts asking about general principles, it actually finds strong support. One question defined net neutrality and laid out terms, saying, “Net neutrality is a set of rules which say Internet Service Providers (ISPs) such as Comcast, Time Warner, AT&T, and Verizon cannot block, throttle, or prioritize certain content on the Internet.” Knowing that, it asked, “do you support or oppose net neutrality?”

      A total of 61% of respondents indicated their support to that question; another 21% registered as unsure. A total of 18% opposed or strongly opposed neutrality when the terms were made clear. That’s a pretty clear 40-point majority supporting net neutrality.

    • The anti-net neutrality bot spamming the FCC is pulling names from leaked databases

      The Verge examined a dozen names and addresses used in the FCC spam comments that were also tied to emails in that dump. Those email addresses, when searched for in the data leak database Have I Been Pwned, all come up as matches for the RCM list, suggesting the RCM list, or a variation of the Special K list, may have been the source for many of the identities used in the comments.

  • Intellectual Monopolies

    • Trademarks

      • Tough Mudder Threatens Local Rotary Club Over ‘Significant Use Of The Color Orange’

        While most minds will naturally recoil at the idea of a single company getting a trademark on an entire color for use in a certain marketplace, it’s a thing that exists. And it exists widely enough that even smallish entities are getting in on this game. Far from the game T-Mobile likes to play in pretending it owns all uses of the color magenta in every market, it’s becoming more common to see lesser known companies trademark base colors such as purple and yellow for their markets. If the idea that these basic colors can be locked up commercially in this way strikes you as laughable, your antennae are tuned correctly.

    • Copyrights

      • European Publishing Lobby Forces Compromise on Marrakesh Treaty

        The Marrakesh Treaty to Facilitate Access to Published Works for Persons Who Are Blind, Visually Impaired or Otherwise Print Disabled was one of the most fiercely contested treaty negotiations at the World Intellectual Property Organization (WIPO). Representatives of publishers and other copyright holder groups spent years unashamedly lobbying against an instrument that would provide access to the written word to blind and other print disabled users. Despite their efforts to derail the negotiations, the treaty was finally agreed in 2013, and came into force last year.

        But that wasn’t the end of it. An important step towards the realization of the treaty’s benefits is the implementation of the treaty by the countries where the books for adaptation into accessible formats are published. It happens that a large proportion of those books, especially those in French (which is spoken in many parts of Africa) and in Spanish (spoken throughout Latin America), originate from Europe. Therefore many blind and print disabled users have eagerly awaited Europe’s implementation of the Marrakesh Treaty to unlock its many promised benefits.

      • Hold ISPs Responsible For Piracy After Brexit, Music Biz Says

        The powerful UK Music coalition, which includes the BPI and PRS, has published its 2017 manifesto. It takes a keen interest in IP issues, particularly post-Brexit. UK Music says that the UK’s departure from the EU will provide a good opportunity to clarify issues with hyperlinking and also to hold ISPs accountable for piracy.

05.12.17

Links 12/5/2017: Wine 2.8, Kdenlive 17.04.1, NHS Windows Syndrome

Posted in News Roundup at 5:15 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • CNCF Snares Four New Members for Open Source Container Orchestration

    The Cloud Native Computing Foundation (CNCF) added four new members to its efforts to develop an open source-based container orchestration platform.

    The new members include Tencent Cloud, which joined as a “Gold” member; Mashape, which signed on as a “Silver” member; and Vevo and Zalando Technology, which both joined the organization as “End-User Supporters.”

  • Kubernetes: The smart person’s guide

    As containers have become more important to businesses across the globe, it was necessary to create a system that would allow containers to scale out to meet the needs of enterprise-level deployments. That’s where Kubernetes comes into play.

    Unlike Docker, Kubernetes is a very robust ecosystem. Instead of deploying a single container, Kubernetes enables you to deploy multiple containers to multiple hosts, making it ideal for larger deployments and load balancing.

  • How to do time series prediction using RNNs, TensorFlow and Cloud ML Engine

    The Estimators API in tf.contrib.learn (See tutorial here) is a very convenient way to get started using TensorFlow. The really cool thing from my perspective about the Estimators API is that using it is a very easy way to create distributed TensorFlow models. Many of the TensorFlow samples that you see floating around on the internets are not distributed — they assume that you will be running the code on a single machine. People start with such code and then are immeasurably saddened to learn that the low-level TensorFlow code doesn’t actually work on their complete dataset. They then have to do lots of work to add distributed training code around the original sample, and who wants to edit somebody else’s code?

  • TensorFlow: I want to like you, but you’re tricksy

    Occasionally a technology comes along that changes the way that people work. Docker has had a profound effect on how applications are deployed in the cloud, Hadoop changed how analysis of big data was done and the R language has disrupted the statistics market.

    And so to TensorFlow, which emerged from the Machine Learning team at the Google Brain project. Building on their experience of a system called DistBelief, TensorFlow is a second-generation framework for the implementation of machine learning at scale.

    Users described their ML models as dataflow graphs, combining a number of machine learning techniques into a single model. TensorFlow itself does nothing to reduce the learning curve found in ML (in fact it might make it steeper), but Google’s framework does enormously simplify the deployment of ML models. If you think of ML model construction as a data science then TensorFlow is a Data Engineering tool for deployment.

  • Events

    • X.Org Is Looking For An XDC2018 Host

      The X.Org Foundation is looking for interested individuals to offer bids for organizing the 2018 X.Org Developers’ Conference.

      The XDC2017 conference happening this September is taking place at the Googleplex in Mountain View and thus in the usual rotation, for the 2018 conference will ideally be trying to find a host in Europe.

    • New Continuous Development Course Now Available From The Linux Foundation
    • Webinar: Delivering the value of IoT in the retail industry

      IoT is being embraced by an increasingly diverse set of sectors and one which is reaping the benefits is the retail sector, specifically supermarkets and how they are using data in cold-chain (refrigeration) solutions. For this webinar, join Paul Edrich, CTO of IMS Evolve, who is helping major supermarket chains to manage billions of data points in real time to inform operational processes, reduce energy consumption and increase product quality.

    • Kamailio World and FSFE team visit, Tirana arrival

      This week I’ve been thrilled to be in Berlin for Kamailio World 2017, one of the highlights of the SIP, VoIP and telephony enthusiast’s calendar. It is an event that reaches far beyond Kamailio and is well attended by leaders of many of the well known free software projects in this space.

    • The Open Source Day 2017 conference coming on May 17th in Warsaw

      Nearly 1,000 attendees and several thousand viewers online participates in the annual Open Source Day conference. This Europe’s largest event dedicated to open technology has become a highlight among tech events in the country. The 10th anniversary edition will take place on May 17th at Marriott Hotel in Warsaw.

    • 6 days to SunCamp

      It will be a small event (about 20-25 people), with a more intimate atmosphere than DebConf. There will be people fixing RC bugs, preparing stuff for after the release, or just discussing with other Debian folks.

  • Web Browsers

  • SaaS/Back End

    • Why Quotas are Hard

      Lets say we allow the explicit allocation of quota from higher to lower. Does this mean that the parent project is reducing its own quota while creating an explicit quota for the lower project? Or does it mean that both quotas need to be enforced? If the quota for sales is set to 10, and the quota for the three node projects are all set to 10, is this legal or an error?

  • EEE

  • BSD

  • FSF/FSFE/GNU/SFLC

    • GIMP 2.8.22 Open-Source Image Editor Fixes Ancient CVE Bug from 10 Years Ago

      GIMP, the open-source, free and multi-platform image editor software, was updated today to version 2.8.22, which appears to be a bugfix release in the stable 2.8 series of the project.

    • GNU OrgaDoc Aims To Make It Easy To Copy/Sync Documents Between Computers

      But will OrgaDoc serve much of a use in 2017 when for years most multi-computer individuals have probably been using Nextcloud/ownCloud, their own web/FTP servers, or proprietary services like Google Docs and Dropbox to manage files across computers? Do you plan to use OrgaDoc or how do you keep files synced across computers? What about using the Eiffel programming language today? Let us know your thoughts in the forums. Should you want to learn more about GNU OrgaDoc, see the project site.

  • Licensing/Legal

    • A federal court has ruled that an open-source license is an enforceable contract

      When the South Korean developer of a suite of productivity apps called Hancom Office incorporated an open-source PDF interpreter called Ghostscript into its word-processing software, it was supposed to do one of two things.

      To use Ghostscript for free, Hancom would have to adhere to its open-source license, the GNU General Public License (GPL). The GNU GPL requires that when you use GPL-licensed software to make some other software, the resulting software also has to be open-sourced with the same license if it’s released to the public. That means Hancom would have to open-source its entire suite of apps.

  • Openness/Sharing/Collaboration

    • Why we need an open source approach to data management

      Open source communities that form around common challenges allow large groups of individuals to gain knowledge on really complicated aspects of their business and industry, expanding communal learning and continually advancing a topic along the way. Open sourcing a framework that enables data management and is supported by a community of information security professionals provides them with the tools and capabilities necessary in today’s cybersecurity environment, including:

  • Programming/Development

    • The curl user survey 2017

      If you use curl or libcurl, in any way, shape or form, please consider spending a few minutes of your precious time on this. Your input helps us understand where we are and in which direction we should go next.

Leftovers

  • You really should know what the Andrew File System is

    When I saw that the creators of the Andrew File System (AFS) had been named recipients of the $35K ACM Software System Award, I said to myself “That’s cool, I remember AFS from the days of companies like Sun Microsystems… just please don’t ask me to explain what the heck it is.”

    Don’t ask my colleagues either. A quick walking-around-the-office survey of a half dozen of them turned up mostly blank stares at the mention of the Andrew File System, a technology developed in the early 1980s and named after Andrew Carnegie and Andrew Mellon. But as the Association for Computing Machinery’s award would indicate, AFS is indeed worth knowing about as a foundational technology that paved the way for widely used cloud computing techniques and applications.

  • Science

  • Health/Nutrition

    • Dakota Access pipeline leaks 84 gallons of crude oil before becoming fully operational
    • WHO, Stakeholders Take ‘First Step’ On Fair Pricing For Medicines

      The World Health Organization has concluded a major one-day forum on fair pricing of medicines, bringing a wide range of stakeholders together in Amsterdam and coming up with several possible actions for the way ahead. Key points of discussion included a definition of fair pricing, moving away from value-based pricing, delinkage of price from research and development costs, and greater transparency, according to participants.

    • WHO Touts Its Past Work On Improving Access To Medicines

      The World Health Organization today published an item entitled, Access to medicines: making market forces serve the poor, a chapter from its report ‘Ten years in public health 2007-2017’ of outgoing WHO Director General Margaret Chan.

      The chapter reveals that almost two billion people worldwide have no access to essential medicines, and says this lack of access to medicines is a complex problem that prevents better health. The chapter investigates the role of WHO in addressing the problem of access to safe, effective and quality-assured medicines.

    • Longest, Biggest World Health Assembly Ever Set To Open With Election, Budget Topping Agenda

      Timothy Armstrong, director of the WHO Department of Governing Bodies, gave an introduction to the WHA during a press briefing today, which ended up being largely focused on the election process and why Taiwan has not been invited this year, a first since 2009.

      [...]

      Also on the agenda are: the Global Vaccine Action Plan; the preparation for the third High-Level Meeting of the General Assembly on the Prevention and Control of Non-Communicable Diseases to be held in 2018; WHO engagement with non-state actors; and a potential agreement on a resolution on cancer drug, in particular prices.

  • Security

  • Defence/Aggression

    • The Weapons For Everybody Racket

      ​Yesterday, the topic of The Ron Paul Liberty Report program was “Arming The Kurds – A Dangerous Idea”. On the one hand, we have our NATO ally, Turkey, who we’re supposed to come to the defense of (unconstitutionally, of course). And on the other hand, there’s the Kurds, who have long been seeking autonomy from Turkey.

      President Trump has authorized the Pentagon to begin providing heavy weapons to the Kurds in Syria. But what if the Kurds turn those weapons on our ally Turkey?

      Unfortunately, this web of insanity is not new. The U.S. federal government has been arming and supporting both sides of conflicts for many decades.

  • Transparency/Investigative Reporting

    • AfterMidnight

      Today, May 12th 2017, WikiLeaks publishes “AfterMidnight” and “Assassin”, two CIA malware frameworks for the Microsoft Windows platform.

      “AfterMidnight” allows operators to dynamically load and execute malware payloads on a target machine. The main controller disguises as a self-persisting Windows Service DLL and provides secure execution of “Gremlins” via a HTTPS based Listening Post (LP) system called “Octopus”. Once installed on a target machine AM will call back to a configured LP on a configurable schedule, checking to see if there is a new plan for it to execute. If there is, it downloads and stores all needed components before loading all new gremlins in memory. “Gremlins” are small AM payloads that are meant to run hidden on the target and either subvert the functionality of targeted software, survey the target (including data exfiltration) or provide internal services for other gremlins. The special payload “AlphaGremlin” even has a custom script language which allows operators to schedule custom tasks to be executed on the target machine.

      “Assassin” is a similar kind of malware; it is an automated implant that provides a simple collection platform on remote computers running the Microsoft Windows operating system. Once the tool is installed on the target, the implant is run within a Windows service process. “Assassin” (just like “AfterMidnight”) will then periodically beacon to its configured listening post(s) to request tasking and deliver results. Communication occurs over one or more transport protocols as configured before or during deployment. The “Assassin” C2 (Command and Control) and LP (Listening Post) subsystems are referred to collectively as” The Gibson” and allow operators to perform specific tasks on an infected target..

    • House Committee Head Tells Federal Agencies To Stop Handing Out Communications With Congress To FOIA Requesters

      Barack Obama promised the “most transparent administration ever,” then spent years undermining his own promise. The Trump Administration has made no such promises (other than “if you don’t like your Forever Wars, you can keep them…”) but it’s working overtime to make the faux transparency of the Obama years look like a high water mark in government accountability.

      Multiple federal agencies are no longer allowed to communicate directly with the public through social media accounts. Anything posted must be approved by administration staff. Open.gov is shut down and Trump has decided against following in his predecessor’s footsteps, refusing to release White House visitors’ logs.

  • Environment/Energy/Wildlife/Nature

    • These people want you to know climate change isn’t just for liberals

      He doesn’t start with an apocalyptic description of future impacts when he talks to people about climate change, but, for some audiences, University of Wisconsin-Madison Professor of Environmental Studies Calvin DeWitt does turn to the book of Revelation. “I’ll have a white-out pen in my pocket, and I’ll have them read Revelation chapter 11, verse 18. It’s a description of the sounding of the last trumpet, as you hear in Handel’s ‘Messiah,’ and the end verse says, ‘The time has come for destroying those who destroy the Earth,’” DeWitt told me. “And so, I say, ‘I have a white-out pen here for anyone who would like to correct their Bible.’”

      DeWitt sees his faith as fundamental to, rather than in conflict with, his concern about climate change. He often finds common ground with fellow evangelicals by talking about stewardship of the wonderful natural world they have been given as a home. Put in these familiar terms, climate change seems more like an issue worthy of careful consideration.

    • In the Arctic, carbon dioxide goes down where methane comes up

      Reports of methane bubbling up from the bottom of the East Siberian Sea may have induced some climate change anxiety. In recent years, plumes of methane bubbles rising up from what was once dry permafrost have been observed off the Siberian coast. But their context was unclear. Were they a brand-new greenhouse gas release driven by climate change or were the bubbles long-time fixtures?

      Work off the coast of Svalbard provided a welcome bit of relief. Examination of similar bubble plumes off Svalbard showed that they had been present (at some rate of bubbling) for thousands of years. While estimates of the amount of methane coming out of the East Siberian Sea were surprisingly large, measurements near Svalbard showed that the methane from deeper seafloor seeps gets trapped in the water column and consumed by bacteria before it can reach the atmosphere. That helped put the Siberian activity in some global context.

  • Finance

  • Censorship/Free Speech

    • Ending geoblocking in the EU: One step forward, two steps back

      I consider it unacceptable for the Parliament to further limit an already unambitious Commission proposal and I remain committed to pushing for an end to the discriminatory and outdated practice of geoblocking.

    • Lawsuit Claiming Fyre Festival Sent Cease & Desist Letters To Online Critics Doesn’t Show Any Actual Evidence

      If, somehow, you’ve avoided all the news about the Fyre Festival from the past few weeks… well… you’ve been missing out. There’s a ton of coverage basically everywhere, but what was promoted as an upscale music festival on a private island in the Bahamas, complete with private flights, luxury lodging, and fine dining… turned out to be… nothing. Despite having lots of rich and famous folks (especially Instagram stars) promoting the festival for months, it eventually appears that promoting and hyping was about all that was done for the festival, rather than actually organizing stuff. The festival was “canceled” but not before a bunch of people made their way to a not-so-private island in the Bahamas (Great Exumas) and discovered… that there was effectively nothing there. There was no music festival. The “lodging” was emergency relief structures. The “fine dining” was slices of bread and cheese with some lettuce. It’s been quite a story.

    • Story About Ex-Sony Pictures Boss Magically Disappears From Gawker; His Lawyer Tells Reporters Not To Talk About It

      Can people use a bankruptcy proceeding to create a “right to be forgotten”? We already know that Europe has implemented a form of a right to be forgotten that it’s now looking to expand. However, in the US, the First Amendment has protected us against such things — even if some politicians don’t realize it.

    • MySpace Tries To Play Dead To Avoid Lawsuits

      Yes, let’s get this out of the way already, so you don’t need to make this joke in the comments: as a social network, MySpace is considered pretty damn dead already. It lost its cool many, many years ago. And I do still love to point out this 2007 article suggesting that MySpace’s dominant position in the social networking market was almost impossible to crack (that didn’t age well). But that’s not what this post is about. You see, MySpace, still does exist — you can even visit it and double their traffic for the day. Even as the punchline in bad jokes, MySpace exists and (believe it or not) Time Inc. actually owns it, having bought the company, Viant, that owned it previously.

  • Privacy/Surveillance

    • UK government’s draft spying powers get leaked online

      The UK government has drawn up details of its surveillance powers and put them out for a secretive consultation without letting the public know.

      The government wants to give itself the ability to monitor British people’s communications and force UK firms to include encryption backdoors in their products. Under the proposed Investigatory Powers (Technical Capability) Regulations 2017, telecoms providers must allow the government to simultaneously spy on one in 10,000 of their customers at any time.

      Telcos would also have to provide any information the government requests within one working day, and must notify Home Secretary Amber Rudd if there will be any changes to their service, including the development of new services – these will have to be built with the obligations and requirements of the technical capability notice in mind.

  • Civil Rights/Policing

    • US will reportedly ban carry-on laptops on all flights from Europe

      The Department of Homeland Security (DHS) is said to be preparing to announce a ban on laptops in the cabins of all flights from Europe to the US.

    • An AI Will Decide Which Criminals in the UK Get Bail

      HART was trained on five years of data, including suspects’ offending history, gender, and postcode. It was let loose on actual cases in 2013, and researchers found HART’s predictions that a suspect was a low risk were accurate 98 percent of the time, while forecasts that they were high risk were accurate 88 percent of the time. However, there is no baseline data on the accuracy of human officers’ decisions to compare against.

    • Ruslan Sokolovsky Gets 3 Years In The Russian Clink For Playing Pokemon In A Church

      The better part of a year ago we discussed the story of atheist activist Ruslan Sokolovsky. Sokolovsky became something of the sequel story to the now infamous Pussy Riot debacle. Russian police detained Sokolovsky and put him on house arrest for the crime of playing Pokemon Go in a Russian church and uploading a mildly snarky video about it to YouTube. The Russian Orthodox Church was fully on board with his being detained, stating in true Christ-like fashion that the real crime was his not respecting the Church and being an atheist blogger.

    • Copenhagen imam accused of calling for killing of Jews

      Mundhir Abdallah was reported to police after being filmed citing in Arabic a hadith – a teaching of the Prophet Muhammad – considered anti-Semitic.

  • Internet Policy/Net Neutrality

    • Cable lobby conducts survey, finds that Americans want net neutrality

      As US cable companies push to eliminate or change net neutrality rules, the industry’s primary lobby group today released the results of a survey that it says shows “strong bipartisan consensus that the government should let the Internet flourish without imposing burdensome regulations.”

      But proponents of keeping the current rules can find plenty to like in the survey conducted by NCTA—The Internet & Television Association. A strong majority of the 2,194 registered American voters in the survey support the current net neutrality rules that prohibit ISPs from blocking, throttling, or prioritizing online content in exchange for payment. While most opposed price regulation, a majority supported an approach in which regulators take action against ISPs on a case-by-case basis when consumers are harmed—the exact same approach the Federal Communications Commission uses under its existing net neutrality regime.

    • Sprint sues government over elimination of broadband price caps

      Sprint and Windstream sued the Federal Communications Commission this week over a decision that will help AT&T, Verizon, and CenturyLink charge higher prices for certain business Internet services.

      The FCC last month voted to eliminate price caps for the so-called Business Data Services (BDS) that are offered by incumbent phone companies throughout the country. The FCC decision to which Sprint and Windstream object only eliminated price caps in “competitive” markets, but it uses a standard that deems many local markets competitive even when there’s only one broadband provider.

  • Intellectual Monopolies

    • Brussels Conference On Innovation, Research and Competition In EU

      An academic conference this month will explore issues related to innovation, research and competition in the European Union, addressing topics such as 5G, big data, patents and standards.

      On 29-30 May, the conference ‘Innovation, Research and Competition in the EU: The Future of Open and Collaborative Standard Setting’ will take place in Brussels, in the building of the Federation of Enterprises in Belgium. The conference is organised by the Liege Competition and Innovation Institute (LCII) and Tilburg Law and Economics Centre (TILEC).

    • Trademarks

      • Bethesda’s Pete Hines Shrugs His Shoulders About Trademark Dispute With No Matter Studios

        If any single aspect of common trademark disputes has become the thing that annoys me the most about them, it’s how often the canard from trademark bullies that they have to be bullies by order of trademark law is trotted out for public consumption. You can almost set your watch to it: trademark bully does trademark bullying, public backlash ensues, trademark bully falsely explains that if it doesn’t bully it loses its trademark rights, the public usually backs off. While it would be unreasonable to expect the general public to be up on the nuances of trademark law to the degree of someone who is paid to write about it, it’s not unreasonable to smack down attempts by those who know better but who actively attempt to misinform that same general public.

    • Copyrights

-

05.11.17

Links 11/5/2017: New OpenShot, GIMP, and GNOME (3.24.2)

Posted in News Roundup at 7:43 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • WHY WINDOWS POWER USERS BREAK LINUX

    Finally, I think it’s worth pointing out that Linux is not a product, it’s a community. Windows and Mac people have a hard time wrapping their heads around that. They’re used to venting frustration at Microsoft and Apple. If they do that in a Linux forum, they will most likely get flamed. It’s important to understand that attacking Linux is like attacking the entire community. Is Linux perfect? Hell no! Is there much room for improvement? Absolutely! How you present your critiques and/or ask for help makes all the difference in the world. I have found that a positive and constructive attitude goes a long, long way. I have had developers bend over backward to help me with a problem or point me to an alternative solution just because I came to them with respect and didn’t point fingers.

  • Desktop

    • Tips for picking a GNU/Linux Distribution

      Distrohopping is a term some like to use for switching from one GNU/Linux distribution to another frequently, rather than sticking to one system. I’m no stranger to this, I’ve installed nearly every major and popularly known system you’ll come across – twice.

      However, through my time trying all of these various distributions, I’ve learned a great deal and finally settled (I think) upon where I plan to stay, so I thought I’d share some tips for picking your long-term system, as well as some ideas depending on what you enjoy.

    • [Older] How To Protect Your Privacy On Linux
    • Linux: How to protect your privacy

      Privacy is an issue on many people’s minds these days, including those that run Linux on their computers. Linux has long had a strong reputation as a secure operating system, but there are still things that you can do to help protect your privacy while running Linux.

  • Server

    • ​HPE hasn’t abandoned OpenStack, releases Helion OpenStack 5.0

      If you thought HPE was getting out of the cloud business, I couldn’t blame you. In late 2015, HPE gave up on its public OpenStack-based Helion cloud. Then, early this year, all of HPE’s OpenStack developers moved over to SUSE. So, was HPE bidding the cloud, and OpenStack in particular, goodbye? Nope.

      In Boston this week at OpenStack Summit, HPE released HPE Helion OpenStack 5.0. This release Infrastructure as a Service (IaaS) based cloud is built on the OpenStack Newton codebase and adheres tightly to application programming interface (API) standards and services. Since OpenStack’s open APIs are an important part of why it’s popular with so many companies, that’s no small matter.

    • Cisco Advancing Cloud Strategy With OpenStack

      The cloud is a central pillar of Cisco’s overall business efforts, and one of the leading voices for the cloud at Cisco is Lew Tucker, vice president and CTO of cloud computing. Tucker also serves as the vice chairman of the OpenStack Foundation, helping to guide the open-source cloud platform forward.

  • Kernel Space

  • Applications

  • Desktop Environments/WMs

    • Optimizing Apps for Wearables With Enlightenment Foundation Libraries

      Developers looking to add GUIs to their embedded devices have a variety of open source and commercial options, with Qt generally leading the list. If you’re operating in severely constrained environments, however, especially for battery powered devices like wearables, the open source Enlightenment Foundation Libraries (EFL) should be given close consideration.

      At the recent Embedded Linux Conference, Cedric Bail, a long-time contributor to the Enlightenment project who works on EFL integration with Tizen at Samsung Open Source Group, discussed some of the lessons learned in optimizing wearable apps for low battery, memory, and CPU usage. Bail summarized EFL and revealed an ongoing project to improve EFL’s scene graph. However, most of the lessons are relevant to anyone optimizing for wearables on any platform (see the ELC video below).

    • K Desktop Environment/KDE SC/Qt

      • GSoC: How can I improve next year?

        This year, KDE had great student engagement and a good level of commitment for all students so even if you followed all of these points, you may still have gotten a rejection email. We realize that this can be discouraging. However, we did our best to pick the students whom we think can fulfill the project’s needs, and continue along in the future as KDE developers.

    • GNOME Desktop/GTK

      • GNOME 3.24.2 Released With A Variety Of Fixes

        GNOME 3.24.2 is now available as the second and last planned point release to the GNOME 3.24 desktop series until the GNOME 3.26 debut in September.

        As usual for GNOME point releases, GNOME 3.24.2 just includes bug/regression fixes and translation updates.

      • GNOME 3.24.2 is released

        GNOME 3.24.2 has been released. The second stable update to GNOME 3.24 brings many bug fixes and translation updates. All distributions shipping GNOME 3.24 should upgrade.

      • Install GNOME Themes – Own 26 GTK Themes with One Command

        Every now and then we let you in on some of the finest theme and icon sets because, like many other Linux users, we like to personalize our workstations. An appealing icon set, a well-thought out wallpaper, and an overall artillery of UI components go a long way to defining how well you enjoy using your computer.

        If you’re like me but are discouraged by the stress of having to download all those themes you shouldn’t be any longer because I have come across a script that will fetch you over 10 beautiful GTK themes and all you have to do is query Git to get the script and then run it.

      • Maps news

        3.24.2 was just released and right before the release a nasty crash-on-exit bug appeared. Actually, the bug has been in there ever since Maps gained the ability to show your contact´s addresses from GNOME Calendar/Evolution, but it was brought into daylight by the new version of GJS (our JavaScript engine, based on SpiderMonkey). The problem actually is that in the dispose vfunc of the ContactStore object (this is in our glue C code) we had forgotten to NULL out some pointer memebers when freeing the objects (with g_list_free and g_free) and dispose can be called multiple times and we probably got away before because GJS leaked these objects in the earlier versions. We got this bug report from Ubuntu by the way, in 17.04 the new version of GJS is already used. Thanks to Emmanuele Bassi for spotting this use-after-free bug, this is now fixed in the new version (and in master of course).

  • Distributions

    • Solus Project Gets New Website, Migrates to New Development Tracker and More

      The fast moving Solus Project that is making some waves in the Linux distribution world has some new shiny things going on. Joshua Strobl, Solus Project Communications Manager has announced them in the latest This Week In Solus.

    • OpenSUSE/SUSE

      • SUSE Academic Program Opens Door to Open Source for Students Globally
      • Release of new Image Templates Page

        What’s that? – You might ask. Just have a look yourself. Click on the newly added ‘New image’ link on the OBS front page.

      • Announcing openSUSE’s status page – status.opensuse.org

        Worried about downtimes and maintenance windows of openSUSE services that you missed because there was no information provided? ;-)

        Now is your chance to get informed about any (un-)expected downtime of any openSUSE service!

        The openSUSE Heroes team is pleased to announce that status.opensuse.org is up and running as public status page, providing you with the latest updates about our infrastructure. We tried our best to get the page mobile friendly and easy to understand. Even RSS and Atom feeds are available. A big “thank you” to the team from Cachet, the open source status page system, for developing that great tool.

    • Red Hat Family

    • Debian Family

      • Derivatives

        • Canonical/Ubuntu

          • Corebird Twitter Client Is Now Available as a Snap App

            Corebird, a popular GTK Twitter client for Linux, is now available to install as a Snap app. At the time of writing this is not the latest Corebird 1.5, released last week, but the older Corebird 1.4.x release.

          • Ubuntu’s Default GTK Theme Now Looks Better with GNOME Shell

            Ubuntu is working to improve the appearance of the Ubuntu Ambiance theme on GNOME Shell, adding window shadows, round corners and more.

          • Cinnamon 3.4 Released, Here’s How To Install it on Ubuntu

            Linux Mint’s Clement Lefebvre has announced the release of Cinnamon 3.4, the latest stable update to the rather popular Linux desktop environment. Better yet you can already upgrade to or install Cinnamon 3.4 on Ubuntu using a PPA — no waiting required!

          • Why language choices can be irrelevant when choosing the right IoT OS

            A couple of months ago we posted a blog inviting developers to contribute to the 3rd Eclipse Foundation IoT Developer Survey. The 2017 results are now published with a total of 713 respondents, from all over the world. The survey gives an insight into the current state of play in the making of the internet of things in 2017. As well as bigger trends about IoT adoption across various industries, the survey also provides a developer perspective on the methods they use today to build the IoT devices and solutions around us.

          • Official Ubuntu T-Shirt for ‘Zesty Zapus’ Is Now Available to Buy

            The official Ubuntu 17.04 ‘Zesty Zapus’ t-shirt is now available to buy from the Canonical store. Canonical release a new mascot tee twice a year. Each shirt bears the animal motif of the latest release on the front, and the name of the release and Ubuntu logotype on the rear.

          • Ubuntu 17.04 review: Don’t call it abandonware, per se

            Last month, it finally happened. Six years after its tumultuous switch from GNOME 2 to the homegrown Unity desktop, Canonical announced it was abandoning work on Unity. Going forward, the company will switch the default Ubuntu desktop back to GNOME beginning with next year’s 18.04 LTS release. This means Canonical is also abandoning the development of the Mir display server and its unified interface of Ubuntu for phones and tablets. The company’s vision of “convergence,” as Canonical founder Mark Shuttleworth termed it, has officially died.

          • What happened at Canonical

            We ask the person sitting across the table from us what it’s like to work at Canonical and they stare at their drink for a while contemplating the question: “Most companies purely want to make money,” says the Canonical employee, who we’ll call ‘DeepC’ as they want to remain anonymous. “Whereas I feel, in Canonical it’s been almost like… ‘play thing’ is the wrong word, but it’s kind of like a sandbox of ideas.”

            The exciting and sometimes frustrating Canonical sandbox has lost a lot of its buckets and spades in the last month. The company that financially backs the Ubuntu distribution, which is used by tens of millions of Linux users, is in the process of a massive transformation.

            [...]

            To get to IPO, the company has decided to seek outside investment, as revealed by the Register, so within two days of the blog post, Canonical managed to run town halls explaining its IPO ambitions to staff scattered across the globe (the company has many remote workers living in over 80 countries), and announcing the departure of popular CEO, Jane Silber, and the return of Shuttleworth as chief executive officer.

          • Canonical and Qualcomm: Delivering Unprecedented Scaling

            Canonical has been one of the earliest visionary stalwarts igniting and driving early market enablement for 64-bit ARM server compute. With the commercial availability and support for Ubuntu Openstack on 64-bit ARM v8-A architecture, Canonical further accelerated the industry’s imagination for innovative platform architectures enabling the next generation of scale and automation.

          • 10 snaps written in April

            If you haven’t heard of snaps yet, they are a new way for developers to package their apps, bringing with it many advantages over the more traditional package formats such as .deb, .rpm, and others. They are secure, isolated and allow apps to be rolled back should an issue occur. Also they aim to work on any distribution or device, from IoT devices to servers, desktops to mobile devices. Snaps really are the future of Linux application packaging!

          • PCCW Global Chooses Ubuntu OpenStack and Juju

            PCCW Global, the international operating division of HKT, Hong Kong’s premier telecommunications service provider, is collaborating with Canonical, the company behind Ubuntu and CPLANE NETWORKS, the leader in multi-site OpenStack cloud orchestration, to create new cloud services for its customers.

  • Devices/Embedded

Free Software/Open Source

Leftovers

  • Record fine for firm behind nearly 100 million nuisance calls

    A company behind 99.5 million nuisance calls has been fined a record £400,000 by the Information Commissioner’s Office (ICO).

    Keurboom Communications Ltd has been issued the ICO’s highest ever nuisance calls fine after more than 1,000 people complained about recorded – also known as automated – calls.

  • Science

    • [Old] Spontaneous Hedonic Reactions to Social Media Cues

      In conclusion, this research showed that exposure to social media cues triggers spontaneous hedonic reactions in frequent social media users. These spontaneous hedonic reactions to social media cues, in turn, appear to trigger social media cravings. Together, this might contribute to people’s difficulties in resisting desires to use social media.

  • Hardware

    • Valve Puts The Steam Controller & Steam Link Back On Sale

      For those that didn’t pick up a Steam Controller or Steam Link back during Valve’s holiday sales, they are running a Steam Hardware sale the next few days.

    • Mechanical keyboards for programmers and gamers

      Why bother making keyboards open source?

      This is a question we hear often. People all over the world use keyboards every day, for a variety of purposes. At the core of all our keyboards is the ability to easily reconfigure any key to do any action. While normal typists make do with simple macros like Ctrl+C and Ctrl+V, programmers and gamers have much more advanced needs. People that use Adobe Photoshop or Premier often have special key bindings for most of their keyboard.

  • Health/Nutrition

    • Life Expectancy Can Vary By 20 Years Depending On Where You Live

      In counties with the longest life spans, people tended to live about 87 years, while people in places with the shortest life spans typically made it to only about 67, the researchers found.

      The discrepancy is equivalent to the difference between the low-income parts of the developing world and countries with high incomes, Murray notes

  • Security

    • How to protect your Google and Facebook accounts with a security key

      Google supports a format called FIDO Universal 2nd Factor (U2F), which it helped develop. Keys are available that work over USB, Bluetooth, and NFC, so they can be used with a smartphone or tablet in addition to a PC.

    • Cisco Patches WikiLeaks Security Vulnerability Affecting Hundreds Of Devices

      Cisco has patched a critical flaw in its IOS software that affected more than 300 models of routers and switches that was discovered after WikiLeaks exposed CIA documents.

      “We’ve spoken to a few customers about it, a few enterprise clients, and thankfully it didn’t any disrupt business for us,” said one top executive from a solution provider and Cisco Gold partner who did not wished to be named. “I’m glad to know they fixed the issue. … Their devices will always be a big target for attackers because Cisco is everywhere.”

    • Microsoft makes emergency security fix

      Microsoft has released an urgent update to stop hackers taking control of computers with a single email.

      The unusual bug, in Microsoft anti-malware software such as Windows Defender, could be exploited without the recipient even opening the message.

      Researchers working for Google’s Project Zero cyber-security outfit discovered the flaw at the weekend.

      The fix has been specially pushed out hours before the software giant’s monthly Tuesday security update.

    • Google’s OSS-Fuzz Finds 1,000 Open Source Bugs

      The numbers are in, and judging by them, OSS-Fuzz, the program Google unveiled last December to continuously fuzz open source software, has been a success.

      In five months the effort has unearthed more than 1,000 bugs, a quarter of them potential security vulnerabilities, Google says.

    • Open source vulnerabilities hit VMware [Ed: Ridiculous! WMware is secret software with back doors (RSA/EMC), so why focus only on holes in a FOSS component?]

      Apache Struts 2 is an open source web application framework for developing Java applications that has been in use since 2007. The recent Apache Struts 2 vulnerability affected vCenter Server 6.0 and 6.5, vRealize Operations Manager 6.x, vRealize Hyperic Server 5.x, and versions 6.x and 7.x of the Horizon Desktop-as-a-Service Platform.

    • Samsung partners with McAfee, brings security software to the Galaxy S8, Smart TVs, and PCs [Ed: But Samsung should know adding proprietary software to Tizen and/or Android won't necessarily make these more secure]
    • To mitigate major Edge printing bug, use a Xerox copier, baffled user advises

      Beyond being breathtakingly bizarre, the bug could potentially have serious consequences for architects, engineers, lawyers, and other professionals who rely on Edge to print drawings, blueprints, legal briefs, and similarly sensitive documents. Edge is the default application for viewing PDFs on Windows 10 computers. While the errors demonstrated above happened using the “Microsoft Print to PDF” option, multiple users report similar alterations when using regular printing settings. (And besides, the print-to-PDF option is the default printing method for the Microsoft browser.) The alterations depend on several variables, including the printer selected, the settings used, and computer being used. It’s not clear how long this flaw has been active or whether it has already affected legal cases or other sensitive proceedings that use documents printed from the Internet.

    • Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems
    • A Vicious Microsoft Bug Left a Billion PCs Exposed [iophk: “people are gullible: Windows was never secure in the 22 years since it added TCP/IP; for those that remember, it was not secure even before that and was plagued with malware spread by disk and NAS (then called file servers).”
    • Microsoft finally bans SHA-1 certificates in Internet Explorer, Edge [Ed: Quit pretending that Microsoft cares about security in browsers that have a baked-in back door]

      The Tuesday updates for Internet Explorer and Microsoft Edge force those browsers to flag SSL/TLS certificates signed with the aging SHA-1 hashing function as insecure. The move follows similar actions by Google Chrome and Mozilla Firefox earlier this year.

      Browser vendors and certificate authorities have been engaged in a coordinated effort to phase out the use of SHA-1 certificates on the web for the past few years, because the hashing function no longer provides sufficient security against spoofing.

    • Keylogger Found in Audio Driver of HP Laptops
    • Keylogger Discovered in HP Audio Driver
    • [EN] Keylogger in Hewlett-Packard Audio Driver

      Security reviews of modern Windows Active Domain infrastructures are – from our point of view – quite sobering. Therefore, we often look left and right, when, for example, examining the hardening of protection mechanisms of a workstation. Here, we often find all sorts of dangerous and ill-conceived stuff. We want to present one of these casually identified cases now, as it’s quite an interesting one: We have discovered a keylogger in an audio driver package by Hewlett-Packard.

      A keylogger is a piece of software for which the case of dual-use can rarely be claimed. This means there are very few situations where you would describe a keylogger that records all keystrokes as ‘well-intended’. A keylogger records when a key is pressed, when it is released, and whether any shift or special keys have been pressed. It is also recorded if, for example, a password is entered even if it is not displayed on the screen.

    • Microsoft rushes emergency fix for critical antivirus bug

      The critical security vulnerability in the Microsoft Malware Protection Engine affects a number of Microsoft products, including Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection. These tools are enabled by default in Windows 8, 8.1, 10, and Windows Server 2012.

    • Google Offers $20000 Rewards to Drive OSS-Fuzz Initiative
    • Call the fuzz, says Google, get the reward
    • How Google’s OSS-Fuzz is securing open-source software

      Google released OSS-Fuzz five months ago with a mission to make open-source projects stable, secure and reliable. Since then, the continuous fuzzing solution has found more than 1,000 bugs with 264 of them flagged as potential security bugs.

    • Google Fuzzing Service for OS Finds 1K Bugs in Five Months

      A Google-led initiative to find security vulnerabilities in popular open source projects has unearthed more than 1,000 bugs in various open source software in the five months since the effort was launched.

    • The IoT’s Scramble to Combat Botnets

      With shadowy botnet armies lurking around the globe and vigilante gray-hat actors inoculating susceptible devices, the appetite for Internet of Things security is stronger than ever.

    • Exploiting the Linux kernel via packet sockets

      Lately I’ve been spending some time fuzzing network-related Linux kernel interfaces with syzkaller. Besides the recently discovered vulnerability in DCCP sockets, I also found another one, this time in packet sockets. This post describes how the bug was discovered and how we can exploit it to escalate privileges.

  • Transparency/Investigative Reporting

    • The Constitutional Rubicon of an Assange Prosecution

      If you were tuning in and out of FBI Director James Comey’s hearing before the House Intelligence Committee last Wednesday, you probably got an earful about Comey’s public statements on Clinton’s use of a private e-mail server, and you may have heard his staunch defense of Section 702 of FISA. But you might have missed the moment in which Comey and Senator Ben Sasse (R-NE) threatened to topple one of the longstanding pillars of journalistic freedom.

    • WikiLeaks founder Julian Assange threatens to sue Mike Rogers on ‘day one’ if he’s picked to lead FBI

      WikiLeaks founder Julian Assange on Thursday threatened to sue former Rep. Mike Rogers, R-Mich., on “day one” if he is chosen to replace James Comey as director of the FBI.

      There were multiple reports Thursday saying Rogers, a former FBI official and former head of the House Intelligence Committee, is in consideration to be chosen as the Trump administration’s nominee to head the FBI.

  • Environment/Energy/Wildlife/Nature

    • All the Trees Will Die, and Then So Will You
    • Tunnel collapses at Hanford nuclear waste site in Washington state

      Hundreds of workers at the Department of Energy’s Hanford nuclear site in Washington state had to “take cover” Tuesday morning after the collapse of 20-foot-long portion of a tunnel used to store contaminated radioactive materials.

      The Energy Department said it activated its emergency operations protocol after reports of a “cave-in” at the 200 East Area in Hanford, a sprawling complex about 200 miles from Seattle where the government has been working to clean up radioactive materials left over from the country’s nuclear weapons program.

    • Vacant tunnel at nuclear site collapses in Washington state

      A vacant tunnel leading to a 60-year-old plutonium uranium extraction plant (called PUREX) on southeastern Washington’s Hanford Site has collapsed, according to reports. Hanford issued a warning to employees and ordered those in the vicinity to shelter in place while crews investigated the 20×20-foot cave-in above the tunnel.

    • N.C. said it still needs $929 million in aid for Hurricane Matthew. It got $6.1 million.

      The rain is done, and the flood is long over. The rest of the country moved on months ago, but North Carolina is still feeling the effects of Hurricane Matthew. Hundreds of families remain displaced, and critical infrastructure sits damaged. Its unmet need is enormous, the governor says, and they aren’t getting the money.

  • Finance

    • Manchester University job cuts ‘due to Brexit’, union claims

      The University of Manchester’s decision to cut 171 posts is due to “new government legislation and Brexit”, a union has claimed.

      The university says the job losses have to happen for it to be a world-leading institution and will offer voluntary severance wherever possible.

      But the University and College Union (UCU) said the university was in “a strong financial position”.

    • University of Manchester to axe 171 staff amid Brexit concerns

      Britain’s largest university has set out plans to axe 171 jobs, mostly academic positions in the faculties of arts, languages, biology, medicine and business.

      The University of Manchester blamed new government legislation and the prospect of Brexit as major factors threatening its future income and said it needed to “invest in our strategic priorities”.

      But the University and College Union (UCU), which represents lecturers and researchers, said Manchester’s finances were in good health and that the university was making excuses in order to implement cuts.

    • The Brexit trap that’s closing on Britons who live in Europe

      Brexit negotiations will leave UK citizens in Europe in a far worse position than EU citizens in the UK, a group of British professionals living in Germany has warned.

      There are about 100,000 Britons living in Germany. On Monday, discussions held by a group of about 50 of them in Munich focused on concerns that neither European nor British governments have fully understood the severity of the consequences of Brexit for people in their position.

      Briton David Hole, who has lived and practised law in Germany since 1993, pointed out that the fact that EU citizens in the UK will still be part of the union will put them in a significantly stronger position than their British counterparts in Europe.

    • Snapchat is losing twice as much money as it did last year

      Investors should have seen this coming. The company’s financial disclosures before its IPO revealed large and growing losses. Snap warned investors that it was unsure when, if ever, it would reach profitability. And while its user base was highly engaged, its user growth slowed to its lowest level ever in the fourth quarter of last year.

    • Aw Snap: Snapchat parent company’s value plummets after earnings report

      Snapchat’s parent company Snap Inc lost nearly a quarter of its value on Wednesday when its newly listed shares went into a nosedive after the company reported a $2.2bn loss and slowing growth.

    • Uber will likely need to follow same rules as taxi companies in Europe

      Uber isn’t a benign platform offering to ferry people from A to B via a simple app—it’s a transportation service and as such must comply with the relevant rules, a law adviser at Europe’s top court has said.

      In a nonbinding opinion, advocate general Maciej Szpunar concluded that “the service offered by Uber cannot be classified as an ‘information society service’.” If the Court of Justice of the European Union (CJEU) agrees with Szpunar, Uber will face a major regulatory setback that could hobble its expansion plans.

  • AstroTurf/Lobbying/Politics

    • How To Know if The Trump-Russia Story Has Momentum

      So far, however, Trump-Russia stories have gotten a huge amount of attention for two or three days at a time before the news cycle moves on to other topics. You may catch yourself thinking that surely the story is escalating to a breaking point … only to see Trump skate his way out of the mess. I really don’t have a prediction for how this particular development will unfold, but that history is worth bearing in mind.

    • Americans are witnessing a slow-motion coup

      Despite Trump’s desperation and the mistakes he seems to make every single day, it will take enormous outrage by the citizenry, and an act of enormous political will by their representatives, to bring a halt to this this authoritarian madness. Our government belongs to us — not to him. Unless we teach him this lesson, we deserve everything he does to us with the power he has so nakedly and corruptly seized in this slow-motion coup.

    • Big business interventions leave the EU Digital Single Market with more holes than Swiss cheese

      Former Digital Commissioner Oettinger let big business interests sabotage the project of tearing down of digital borders in key areas, leaving the Digital Single Market project with more holes than Swiss cheese.

    • After Trump fired Comey, White House staff scrambled to explain why

      White House press secretary Sean Spicer wrapped up his brief interview with Fox Business from the White House grounds late Tuesday night and then disappeared into the shadows, huddling with his staff near a clump of bushes and then behind a tall hedge. To get back to his office, Spicer would have to pass a swarm of reporters wanting to know why President Trump suddenly decided to fire the FBI director.

      For more than three hours, Spicer and his staff had been scrambling to answer that question. Spicer had wanted to drop the bombshell news in an emailed statement, but it was not transmitting quickly enough, so he ended up standing in the doorway of the press office around 5:40 p.m. and shouting a statement to reporters who happened to be nearby. He then vanished, with his staff locking the door leading to his office. The press staff said that Spicer might do a briefing, then announced that he definitely wouldn’t say anything more that night. But as Democrats and Republicans began to criticize and question the firing with increasing levels of alarm, Spicer and two prominent spokeswomen were suddenly speed-walking up the White House drive to defend the president on CNN, Fox News and Fox Business.

    • Prosecutors to reveal if they’ll charge up to 30 Tory MPs with election fraud THIS WEEK

      Up to 30 Tory MPs are set to learn if they will be charged with electoral fraud this week, the Mirror has learned.

      Prosecutors are due to make an announcement on files they have received from 15 police forces before Thursday’s deadline for candidates to declare whether they will stand in the upcoming election

      A Mirror investigation revealed last March that two dozen Conservative MPs received help from battlebuses packed with party activists during the 2015 general election but failed to declare the cost.

      In a follow-up report a six weeks later, Channel 4 News identified a further handful of Tory candidates accused of similar failings.

    • Jefferson Davis: The Confederacy’s first, worst and only president

      When the city of New Orleans had a century-old memorial to Jefferson Davis torn down before daybreak Thursday, a crowd of the Confederate leader’s sympathizers stood by, chanting: “President Davis! President Davis!”

      A man adorned with rebel flags buried his face in his hand as the statue of Davis, the man who stands for the South’s lost cause, was hauled away by crane and truck.

  • Censorship/Free Speech

    • The UK government wants to embarrass you into not watching porn

      If you’re unfortunate enough to live in Tory Britain, you might soon have to visit a Post Office to ID yourself if you want to get down-and-dirty online.

      As you might have heard, the UK is about to have an election. One of the quirks of British democracy is that in the weeks leading up to the polls, parliament is dissolved.

    • NOW UN TOO DECIDES MEDIA IS THE ENEMY: WIPO, FAO, in unprecedented move, waive immunity to sue journalists for defamation

      On World Press Freedom Day on May 3, the United Nations Secretary-General Antonio Guterres called on world leaders to ‘defend a free media’ and to put an end to ‘all crackdowns against journalists because a free press advances peace and justice for all.’ Yet the UN’s own senior officials are engaged in an ugly war against the media that has made a mockery of the Secretary-General’s message and the UN’s commitment to uphold Article 19 of the UN Charter that protects everyone’s right to freedom of opinion and expression.

      The heads of both the Geneva-based World Intellectual Property Organisation (WIPO) and the Rome-based Food and Agricultural Organisation (FAO) have taken the unprecedented step of suing journalists for defamation – a highly unusual act because the UN and its employees enjoy immunity from prosecution, which means that in order to bring a case before a national court they have to surrender this immunity – which rarely happens.

    • First Hearing In The Lawsuit Against Us, Along With Even More Filings

      As you hopefully know by now, we’re currently facing a major lawsuit, brought against us in Boston, that we consider to be an attack on our First Amendment right to report on matters of public concern. If you support journalism and support the First Amendment, please consider donating to our survival fund, which is helping us to continue reporting on a variety of important matters, including new battles over net neutrality and encryption, not to mention many other battles over freedom of expression.

      As we’ve noted, repeatedly, this case has been a huge distraction and has made it difficult for us to do the kind of work we’ve done for almost twenty years. If you wish to catch up, you can read about our initial filings in the case, including our motion to dismiss and our motion to strike under California’s anti-SLAPP law. We also made additional filings concerning Section 230 problems with some of the claims against us. In addition, in early April we filed a reply to the opposition to our filings.

    • UK Parliament Takes First Step Towards Making Google & Facebook Censor Everything

      Look, let’s just start with the basics: there are some bad people out there. Even if the majority of people are nice and well-meaning, there are always going to be some people who are not. And sometimes, those people are going to use the internet. Given that as a starting point, at the very least, you’d think we could deal with that calmly and rationally, and recognize that maybe we shouldn’t blame the tools for the fact that some not very nice people happen to use them. Unfortunately, it appears to be asking a lot these days to expect our politicians to do this. Instead, they (and many others) rush out immediately to point the fingers of blame for the fact that these “not nice” people exist, and rather than point the finger of blame at the not nice people, they point at… the internet services they use.

  • Privacy/Surveillance

    • Culprit behind 2014 CIA hack turned out to be … the CIA

      Declassified CIA emails released to Michael Morisy show that the Agency believed that their online FOIA Reading Room had been taken down by a vicious cyberattack. Later emails admitted, however, that the attacks against the Agency’s website had been unsuccessful – and that the damage had been entirely self-inflicted.

    • BREAKING: AG Szpunar says that Uber is a transport activity, not an information society service

      Is Uber a transport activity or an information society service? Why does the answer to this matter? Why does all this matter?

      To the first question, this morning Advocate General (AG) Szpunar has provided a response in his Opinion in Asociación Profesional Élite Taxi v Uber Systems Spain, C-434/15, a reference for a preliminary ruling from Spain (Juzgado Mercantil No 3 de Barcelona).

  • Civil Rights/Policing

    • [Older] Will Justin Trudeau Speak Out for Raif Badawi?
    • Portrait of Government Policy in Tanah Papua for the Last 46 Years

      According to the Coordinator of Information and Documentation of ELSAM, Ari Yurino, the transmigration program in Papua has evidently brought negative impact to the social life of Papuan natives. Due to the uneven transmigration and development program, it has caused the increase of number of migrants in Papua and the rise of horizontal conflict between the newcomers and the natives. Therefore, he said, the transmigration program must be terminated and its policy must be evaluated.

    • Jakarta’s Christian governor jailed for blasphemy against Islam

      Rights groups fear Islamist hardliners are in the ascendancy in a country where most Muslims practise a moderate form of Islam and which is home to sizeable communities of Hindus, Christians, Buddhists, and people who adhere to traditional beliefs.

    • Christian Governor in Indonesia Found Guilty of Blasphemy Against Islam

      Mr. Basuki’s 16-point defeat last month was seen as a sign of the increasing power of Islamic conservatives, who have pressed for the adoption of Islamic law, or Shariah, throughout Indonesia.

      [...]

      He had been leading in the polls last year, but in September his campaign faltered when he tried to address attacks from Muslim hard-liners who argued that the Quran prohibited Muslims from voting for a non-Muslim. Mr. Basuki said those who made that argument were misleading Muslims, a statement that was interpreted by some as insulting the Quran.

    • Indonesia Islam: Governor’s blasphemy conviction divides a nation

      Mr Purnama was accused of blasphemy for comments he made during a pre-election speech in September 2016. He implied that Islamic leaders were trying to trick voters by using a verse in the Koran to argue that Muslims should not vote for a non-Muslim leader.

    • Report: Ban on laptops in planes may expand to Europe

      The Department of Homeland Security is considering expanding its ban on electronic devices on US-bound flights from certain airports, according to a report by CBS News.

      In March, the DHS banned on all devices bigger than a cell phone on US-bound flights from 10 airports located in Turkey, Saudi Arabia, Morocco, Kuwait, Qatar, and the United Arab Emirates. Terrorist groups were targeting commercial planes with “innovative methods” including “smuggling explosive devices in various consumer items,” the DHS said at the time.

    • US may extend airline laptop ban to UK, Europe

      The US is reportedly looking at extending a ban on allowing laptops into the cabins of airlines to European countries and the UK.

    • This Makes No Sense: US To Ban Laptops On All Flights From Europe

      Earlier this year we wrote about the nonsensical move by the Department of Homeland Security to ban laptops and tablets in the cabin on flights from a bunch of cities in the Middle East. The rumored reason was discoveries that terrorists had learned how to make bombs out of laptops. As we noted, this made almost no sense at all when you challenged any of the assumptions. But, never let logic and reason get in the way of a bit of inane security theater. Because now Homeland Security is about to announce that it’s now banning laptops in the cabins on all flights from Europe (it’s unclear if this will also apply on flights from the US to Europe, but it seems likely that European airports will reciprocate).

      While this does answer one of the questions raised by the original ban (“why won’t potential terrorists just fly out of other countries?”) it still raises a host of other questions. Again: why won’t this apply to flights from other countries? Or domestic flights? Or all flights? But, really, that just raises an even larger issue, which is that if you want to protect 100% of all flights 100% of the time from ever having a problem in which people might die, the answer is ground all flights and never let anyone fly anywhere ever. Problem solved. Of course, the cost of such a solution would be horrendous — which is why we don’t do it. But that’s the key issue: all of these things involve tradeoffs. All too frequently, it appears that government officials — especially those on the national security side of things — don’t care at all about the tradeoffs. They just care about blocking any possible attack no matter how unlikely or how remote the chance of such an attack might be, and without any consideration of the costs and inconveniences to everyone else. And, yes, it’s reasonable to point out that a single attack would be very, very costly as well. And there’s clearly a reason to protect heavily against attacks. But there’s still a balance.

    • U.S. to Ban Laptops in All Cabins of Flights From Europe, Officials Say

      The Department of Homeland Security plans to ban laptops in the cabins of all flights from Europe to the United States, European security officials told The Daily Beast. The announcement is expected Thursday.

      Initially a ban on laptops and tablets was applied only to U.S.-bound flights from 10 airports in North Africa and the Middle East. The ban was based on U.S. fears that terrorists have found a way to convert laptops into bombs capable of bringing down an airplane. It is unclear if the European ban will also apply to tablets.

      DHS said in a statement to The Daily Beast: “No final decisions have been made on expanding the restriction on large electronic devices in aircraft cabins; however, it is under consideration. DHS continues to evaluate the threat environment and will make changes when necessary to keep air travelers safe.”

    • Latest Attack On A Free Press: Reporter Arrested For Asking Questions To Trump Administration Officials

      Well, that’s only partially true. Obviously, the local law enforcement gets to make that decision, but there’s nothing stopping a competent public official from telling law enforcement to knock it off and to answer a few basic questions from a reporter.

      In an era where we’re hearing more and more about both attacks on a free press, as well as the need for a stronger press, these kinds of shenanigans should not be allowed. In the past, when we’ve covered police arresting reporters, the courts have come out repeatedly in favor of the reporters (that whole First Amendment thing still matters). But that’s of little use in the moment when police are dragging reporters off to jail for shouting questions outside a press conference.

    • Dan Heyman: US reporter arrested for shouting questions on healthcare

      A reporter was arrested on Tuesday night at the West Virginia Capitol for allegedly causing a disturbance by shouting questions to two Trump aides.

      Dan Heyman had asked Health Secretary Tom Price and White House adviser Kellyanne Conway about coverage under the Republican healthcare plan.

      The veteran health reporter wanted to know if domestic violence would be covered as a pre-existing condition.

      He later said he “was trying to do my job”. He nows faces a prison sentence.

      Mr Heyman, who works for the Public News Service, spoke to reporters after being released by police.

      He said that he had been following the Trump team’s entourage through the capitol building while wearing his press badge and a shirt identifying his media outlet.

    • Reporter arrested after repeatedly questioning Health secretary

      “First time I’ve ever been arrested for asking a question. First time I’ve ever heard of someone getting arrested for asking a question,” he said.

    • West Virginia journalist arrested after asking HHS Secretary Tom Price a question

      As Health and Human Services Secretary Tom Price walked through a hallway Tuesday in the West Virginia state capitol, veteran reporter Dan Heyman followed alongside him, holding up his phone to Price while attempting to ask him a question.

      Heyman, a journalist with Public News Service, repeatedly asked the secretary whether domestic violence would be considered a preexisting condition under the Republican bill to overhaul the nation’s health care system, he said.

    • Women trafficked to Glasgow for sham marriages
    • Uber should lose its licence if it doesn’t improve workers’ rights, say drivers
    • Massachusetts State Police Promise Higher Standard For No-Knock Warrants; Immediately Break It

      No-knock warrants may have served a purpose when they first became a thing. It’s not as though law enforcement’s fear of evidence disappearing or a violent reaction to warrant service is completely unjustified. But no-knock warrants are being deployed extremely frequently, becoming the preferred method of warrant service any time drug sales are involved. The warrant requests are supposed to be subjected to a higher standard of review, but it’s devolved to the point where officers are requesting no-knock warrants simply because the residence they’re searching has locking doors and working toilets.

      Now, cops and citizens are being killed or injured unnecessarily, simply because the SWAT team’s armored personnel carrier seems like a waste of money if it’s not deployed every six weeks or so. The higher standard is practically nonexistent, replaced by “upon information and belief” statements that work backwards from the desired form of warrant service.

    • Ridiculous Lawsuit Looks To Hold Social Media Companies Responsible For The San Bernandino Shooting

      This hasn’t worked yet, but that’s not going to keep anyone from giving it another try. Excolo Law, representing victims of the San Bernardino attacks (and others in similar lawsuits), is suing Twitter, Facebook, and Google for [sigh] “knowingly and recklessly” supporting terrorism.

      The lawsuit, like others before it, claims the social media platforms aren’t doing enough to prevent terrorists from using them for communication, not taking down reported posts fast enough, and otherwise making the world a more dangerous place simply by offering their services.

    • FBI Releases ‘Study’ Of Law Enforcement’s Persecution Complex

      In what may be an attempt to bolster now ex-FBI director James Comey’s oft-derided “Ferguson Effect” claims, the FBI has released a “study” that gathers facts feelings from law enforcement officers around the US and attempts to build a narrative somewhere between “life is unfair” and “there’s a War on Cops.” It’s not a study. It’s an opinion poll with the word “study” appended to it.

    • CIA captive under Guantanamo’s ‘enhanced interrogation techniques’ chooses to testify about conditions

      The first CIA captive subjected to what the U.S. government called “enhanced interrogation techniques” after the Sept. 11 attacks is choosing to testify about conditions inside the Guantanamo Bay detention center even if it could create legal problems for him later.

    • Judge says his Facebook post about lynching black suspect was a joke

      A Texas judge was reprimanded Monday for a Facebook comment left on a police department’s Facebook page about the arrest of a black man accused of killing a white San Antonio Police Department officer.

      “Time for a tree and a rope….”

  • Internet Policy/Net Neutrality

    • AT&T could be punished for unlimited data throttling after all

      AT&T has been dealt a blow in its attempt to avoid all regulatory oversight from the Federal Trade Commission, and the court decision could also play an important role in the debates over net neutrality and broadband privacy rules. Federal Communications Commission Chairman Ajit Pai yesterday welcomed the court decision and said it strengthens his argument that net neutrality rules should be overturned.

    • After net neutrality comment system fails, senators demand answers

      The FCC’s public comments site struggled for hours Sunday night and Monday after comedian John Oliver called on HBO viewers to write in protest of Chairman Ajit Pai’s proposal to eliminate the current net neutrality rules. The FCC issued a statement yesterday attributing the downtime to DDoS attacks, without mentioning the influx of comments caused by Oliver’s show.

    • FCC says it was victim of cyberattack after John Oliver show

      An FCC spokesman did not immediately respond when asked by The Hill how the agency determined it had suffered a DDoS attack.

    • A Bot Is Flooding The FCC Website With Fake Anti-Net Neutrality Comments… In Alphabetical Order

      As previously noted, the FCC has begun fielding comments on its plan to dismantle net neutrality protections. As of the writing of this post, nearly 556,000 users have left comments on the FCC’s plan to roll back the rules, which will begin in earnest with a likely 2-1 partisan vote on May 18. The lion’s share of that comment total were driven by John Oliver’s recent rant on HBO. Many others are the result of what I affectionately call “outrage-o-matic” e-mail campaigns by either net neutrality activists or think tanks that let people comment without having to expend calories on original thought.

    • The FCC Claims A DDoS Attack — Not John Oliver — Crashed Its Website. But Nobody Seems To Believe Them

      We just got done noting that the FCC’s commenting system crashed after comedian John Oliver’s latest bit on net neutrality last weekend. Given that Oliver’s first bit on net neutrality did the exact same thing, it didn’t take long before the media wires were filled with stories about how a flood of outraged net neutrality supporters had crippled FCC systems. Again.

    • Net neutrality: why the next 10 days are so important in the fight for fair internet

      US campaigners rejoiced in 2015 when ‘net neutrality’ enshrined the internet as a free and level playing field. A vote on 18 May could take it all back

    • Comcast, Charter Join Forces In Wireless, Agree Not To Compete

      For several years now, cable giants Comcast and Charter have had their eye on jumping into the wireless business. Both companies gobbled up a large amount of spectrum at the FCC’s 2008 700 MHz auction, but a few years later got cold feet after realizing that going solo in wireless would not only be incredibly expensive, but would require something called competition (gross). So in 2011, they struck a deal with Verizon Wireless, which bought the cable sector’s spectrum for $3.6 billion, in exchange for a cozy cross-promotional relationship. As an unspoken part of that relationship, Verizon Wireless has been happily driving its unwanted DSL customers to cable, where they’re often then sold Verizon Wireless service.

    • The FCC ‘Investigation’ Into Stephen Colbert Is A Complete Non-Story

      Last week comedian and “The Late Show” host Stephen Colbert found himself in a little hot water after he made an oral sex joke about Donald Trump and Vladimir Putin at the tail end of his opening monologue. If you missed it, here’s the relevant bit (the easily-offended can skip down the page).

    • The FCC has received 128,000 identical anti-net neutrality comments

      The FCC this week has received hundreds of thousands of new comments on its proposal to dismantle net neutrality rules, and more than 128,000 of them are identical comments calling for the reversal of the Obama administration’s “power grab.” It seems likely that the influx of anti-net neutrality identical comments is coming from a bot, but the FCC hasn’t addressed the matter publicly yet.

    • Cisco And Oracle Applaud The Looming Death Of Net Neutrality

      Both Oracle and Cisco (not coincidentally major ISP vendors) have come out in full-throated support of the FCC’s plan to kill net neutrality. FCC boss Ajit Pai has been making the rounds the last few weeks in Silicon Valley and elsewhere, trying to drum up support of his attack on broadband consumer protections. Pai met with Cisco, Oracle, Facebook and Apple in a number of recent meetings, but so far only Oracle and Cisco have been willing to enthusiastically and publicly throw their corporate fealty behind Pai’s extremely-unpopular policies.

    • The FCC Is Using Garbage Lobbyist Data To Defend Its Assault On Net Neutrality

      By now it should be clear to most Techdirt readers that new FCC Boss Ajit Pai envisions a future where there’s little to no oversight of giant telecom duo/monopolies like Comcast. Pai has wasted no time making that dream a reality since taking office, having killed plans for more cable box competition, undermined FCC attempts to stop prison phone monopolies from ripping off inmate families, and paved the way for killing net neutrality. He’s made no mystery of his overarching goal: replacing functional FCC oversight of broadband providers with the policy equivalent of wet tissue paper.

  • Intellectual Monopolies

    • Trademarks

      • Bethesda Trademark Bullying Results In Indie Game Adding A Whole Letter To Its Name, But Not Its Logo

        One of the most infuriating aspects of typical trademark disputes is how often the dire nature of the supposed infringement is ratcheted up in the threat rhetoric, while the eventual settlement reached seems laughably inconsequential. Bethesda, which has built a reputation for itself in terms of trademark bullying over its video game franchises, has been an example of this sort of thing in the past. When it decided that it owned the term “scrolls” generally after trademarking its Elder Scrolls franchise, it launched a dispute with developer Mojang over its game which was titled Scrolls. Much was made about the potential for customer confusion, except the eventual settlement allowed Mojang to keep the name for its game. One wonders why such a settlement would be agreed to by Bethesda were its original assertions remotely accurate.

    • Copyrights

      • Access Treaty for Visually Impaired Readers (Finally) Steps Forward On EU Ratification

        After prevaricating for about three years, the European Union now seems to be about to ratify a treaty lifting copyright across borders for books in special format for visually impaired people. The European Blind Union saluted the agreement as great news for millions of people with visual disabilities but warned that a provision allowing EU members to impose economic compensation on organisations representing blind persons and libraries could run counter to the benefit of the treaty.

      • Megaupload users still can’t get data back

        Megaupload, an online cyberlocker service run by Kim Dotcom, was shut down in early 2012 when Dotcom was charged with criminal copyright infringement. Dotcom’s house in New Zealand was raided, and he was arrested. But his prosecution is on hold while New Zealand continues with years of extradition hearings.

      • CJEU to rule on enforceability of German press publishers’ right

        The newly created sections 87f, 87g and 87h of the German Copyright Act provide for the exclusive right of press publishers to exploit their contents commercially for one year, thus preventing search engines and news aggregators from displaying excerpts from newspaper articles without paying a fee.

      • Landmark Usenet Piracy Verdict Stands, Despite RIAA and MPAA Protests

        The Ninth Circuit Court of Appeals has refused to rehear the case Usenet provider Giganews won against Perfect 10. The decision not only comes as a disappointment to the bankrupt magazine publisher but also to the MPAA and RIAA, who warned the court that the decision is a disaster for copyright holders.

05.10.17

Links 10/5/2017: Mesa 17.1, Git 2.13, Qt Creator 4.3 RC1, MINIX 3.4 RC6

Posted in News Roundup at 11:28 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Will Anything Make Linux Obsolete?

      Remember blogging? Hell, remember magazine publishing? Shouldn’t be hard. You’re reading some now.

      Both are still around, but they’re obsolete—at least relatively. Two cases in point: my blog and Linux Journal.

      Back when blogging was a thing, in the early 2000s, about 20,000 people subscribed to RSS feeds of my original blog (1999–2007, still mothballed here). At its peak, I posted many times per day and had a strong sense of connection with my readership.

      Same went, by the way, for my postings in Linux Journal, on our website and on one of our own blogs, called IT Garage—lots of readers, lots of engagement.

      Most early bloggers were journalists by profession or avocation—good writers, basically. Some blogs turned into online pubs. BoingBoing, TechCrunch and TPM all started as blogs.

      But blogging began to wane after Twitter and Facebook showed up in 2006. After that journalism also waned, as “content generation” became the way to fill online publications. Participating in “social media” also became a requisite function for journalists still hoping to stay active online (if not also employed)

  • Server/OpenStack

    • OpenStack Summit Highlights Cloud Use Cases

      OpenStack started off as a cloud technology project and has evolved steadily over the last few years. In a marathon two and a half hour set of keynotes on the first day of the OpenStack Summit here, the OpenStack Foundation and the vendors and companies that use it talked about how they are using the cloud.

    • How the U.S. Army Is Using OpenStack to Train Cyber-Warriors

      The open-source OpenStack cloud platform is now being used to help train the next generation of cyber-warriors. At the OpenStack Summit here May 8, officers from the U.S. Army Cyber School explained how they are using OpenStack to train soldiers to fight in the cyber-domain.

      Major Julianna Rodriguez, director, and Chris Apsey, deputy director of the Cyber Technical College at the U.S. Army Cyber School, detailed their activities in a keynote as well as a late-day deep-dive technical session titled “Saving Millions and Achieving Education Freedom Through OpenStack. “

    • Why Edward Snowden loves open source

      Infamous government hacker Edward Snowden believes open source is a fundamentally better way to use technology compared to proprietary technology that he believes disempowers users.

      Snowden was interviewed at the open source cloud computing project OpenStack Summit in Boston via video from a non-descript location and spoke about his personal use of open source technology. In 2013 Snowden, then a government contractor, leaked classified information about government surveillance programs run by the National Security Agency, which brought him worldwide fame.

    • Snowden Advocates the Need for Open Source and OpenStack

      Using public cloud and proprietary software represents a “silent vulnerability” to millions of users around the world, according to National Security Agency whistleblower Edward Snowden.

      Snowden appeared remotely via a video link at the OpenStack Summit here May 9 in a question-and-answer keynote with OpenStack Foundation Chief Operating Officer Mark Collier. Snowden said the average user is unaware of how the internet works.

      “For most people, the internet is magic,” he said.

      According to Snowden, it’s not good enough to let people mindlessly build internet and cloud services, which is where OpenStack plays an important role. He noted that while there are for-profit alternatives in the cloud space like Amazon that do a decent job, they are fundamentally disempowering.

    • ​Snowden praises open source for protecting privacy

      Edward Snowden, the fugitive whistleblower and former NSA contractor who revealed the organization’s global hacking powers in 2013, may seem like an unlikely guest at OpenStack Summit in Boston, but his message was on target. Snowden spoke about how the public cloud and proprietary software disempower people and pry open their privacy.

    • OpenStack Aims to Enable a Composable and Cloud Native World

      OpenStack has long billed itself as an integration engine enabling organizations to plug into different technologies. At the OpenStack Summit here, Mark Collier, Executive Director of the OpenStack Foundation, explained and demonstrated in a keynote address why it’s important to embrace composable and cloud native infrastructure.

    • Why OpenStack is living on the edge

      In the early days of OpenStack, much of the media coverage seemed fixated on whether or not the project would be able to “win” the cloud computing marketplace, and which company would “win” OpenStack, as if the future of technology is a zero-sum game. The keynotes at this week’s OpenStack Summit highlight just how narrow view this is.

      What has emerged isn’t a need for a one-size-fits-all generic cloud, but instead, many competing needs across nearly every industry you can think of, for which cloud helps provide part of the answer.

  • Kernel Space

    • Btrfs Gets RAID 5/6 Fixes With Linux 4.12

      There are a number of Btrfs fixes/clean-ups for the Linux 4.12 kernel.

      Btrfs on 4.12 doesn’t have any big new features or major performance boosts, but it does notably have RAID5 and RAID6 fixes that are needed as outlined in that earlier article. So those wanting to run Btrfs on a RAID 5/6 array will definitely want to be using Linux 4.12+ once stable.

    • TEE Proposed For Merging In Linux 4.12: “Trusted” Execution Environment

      The ARM folks have requested that the TEE subsystem and OP-TEE drivers be included in Linux 4.12, the Trusted Execution Environment.

      The Trusted Execution Environment is is about communicating with a trusted OS running in a secure environment, separate from the Linux kernel itself. Of course, any time “trusted” computing is brought up in Linux/open-source there are a fair number of concerned individuals, especially in light of the recent major vulnerability in Intel AMT.

    • More Power Management Updates Head To The Linux 4.12 Kernel

      Last week was the main ACPI / power management updates for Linux 4.12 while Intel’s Rafael Wysocki has now submitted a second set of feature updates for this next version of the Linux kernel.

    • IOMMU Updates, Optimizations For Linux 4.12

      There are a number of IOMMU optimizations queued for Linux 4.12.

      Joerg Roedel submitted the IOMMU kernel updates today for Linux 4.12. Among the changes for this important component to modern systems include code optimizations to the Intel VT-d driver, IOMMU core header optimizations, Samsung Exynos IOMMU optimizations, and ARM/SMMU optimizations.

    • Linux Kernel 3.12.74 Looks to Be the Last in the Series, Move to a Newer Branch

      Linux kernel developer and maintainer Jiri Slaby announced today the release and immediate availability of what it would appear to be the last maintenance update to the Linux 3.12 kernel series.

      Linux kernel 3.12.74 is out and it looks to be the last in the series, according to its maintainer, who urges all those using the Linux 3.12 kernel branch on their GNU/Linux distributions to start considering moving to a newer LTS (Long Term Support) Linux kernel, such as Linux 3.16, Linux 4.1, Linux 4.4, or Linux4.9.

      However, if you choose to remain on this branch at least update to Linux kernel 3.12.74, which changes a total of 78 files, with 834 insertions and 524 deletions, according to the appended shortlog. Improvements are all over the places, for various architectures, drivers, filesystems, security, and the networking stack.

    • Linux 3.12.74
    • SNAS.io, Formerly OpenBMP Project, Joins The Linux Foundation’s Open Source Networking Umbrella

      We are excited to announce that SNAS.io, a project that provides network routing topologies for software-defined applications, is joining The Linux Foundation’s Networking and Orchestration umbrella. SNAS.io tackles the challenging problem of tracking and analyzing network routing topology data in real time for those who are using BGP as a control protocol, internet service providers, large enterprises, and enterprise data center networks using EVPN.

    • Graphics Stack

      • NVIDIA Tegra186/Parker/TX2 Support For Linux 4.12

        Olof Johansson has sent in his large set of pull requests for the ARM SoC/platform updates slated for the in-development Linux 4.12 kernel.

      • NVIDIA 381.22 Linux Driver Released With Updated Vulkan

        NVIDIA has released a new short-lived Linux binary driver update that jumps it ahead to the 381 release series.

        Available today is the NVIDIA 381.22 Linux driver as the newest GeForce/Quadro/Tesla proprietary Linux graphics driver. This first 381 Linux driver update mostly consists of bug-fixes but also has new Vulkan extensions that previously were just part of their “Vulkan beta” driver.

      • Nvidia 381.22 Video Driver Supports Newer Linux Kernels, More Vulkan Extensions

        Nvidia released today a new short-lived graphics driver for GNU/Linux, FreeBSD, and Solaris operating systems on all supported architectures, bringing various bug fixes, better Vulkan support, and some other improvements.

        Probably the most fundamental change of the Nvidia 381.22 graphics driver is support for a bunch of new Vulkan extensions, thus adding an extra layer of support for Vulkan, which in these days is more and more used in popular games. However, this was only implemented for the Linux driver.

      • NVIDIA 381.22 driver released with lots of bug fixes and newer Vulkan support

        NVIDIA have released their 381.22 driver which comes with plenty of fixes, newer Vulkan support and more.

      • GeForce Experience Picks Up OpenGL/Vulkan Support, Linux Up Next?

        NVIDIA’s gaming software, GeForce Experience, now has support for OpenGL and Vulkan.

        GeForce Experience is NVIDIA’s software often paired with their Windows driver for managing game updates, analyzing GPU/CPU metrics, game setting optimizations, and recently the focus on being able to record your video game sessions as well as take screenshots with NVIDIA Ansel. Experience also allows game streaming to SHIELD devices with NVIDIA GameStream.

      • Mesa 17.1 Released, Adds RADV Vulkan Conforming Patches

        Mesa 17.1.0 is now officially available as the Q2’2017 update to this important piece to the open-source 3D Linux graphics driver stack.

        Mesa 17.1 ships with many ANV and RADV Vulkan driver fixes, the OpenGL shader cache is in place and enabled by default for RadeonSI, some work on OpenGL AZDO extensions, Ivy Bridge OpenGL 4.2 support up from GL 3.3, initial Radeon RX Vega support, some performance optimizations, and a wealth of other changes.

      • Better Driver Matching For X.Org Server 1.20

        A two-year-old patch for the X.Org Server from a NVIDIA developer has finally landed.

        The xfree86: Improved autoconfig drivers matching is now in xorg-server Git. This 100+ line patch implements a new auto configuration driver matching algorithm. The benefit is the driver matching code is made easier and also doesn’t end up adding duplicate drivers on the case of multiple GPUs.

      • GPUOpen’s CodeXL 2.3 Brings Ryzen Support, AMDGPU-PRO Compatibility

        AMD’s CodeXL utility that’s open-source under the GPUOpen umbrella for graphics profiling/debugging is up to version 2.3.

        CodeXL 2.3 adds support on Linux systems for operating with the AMDGPU-PRO hybrid driver. Other prominent features include Radeon Polaris GPU support as well as support for AMD Ryzen processors with the addition of supporting its performance counters, etc.

      • CodeAurora Continues Contributions To Freedreno’s MSM DRM Driver

        While there are still a few days left until the Linux 4.12 merge window closes and the 4.12 release candidates for the next two months, the Qualcomm-backed CodeAurora already has lined up some new code for the reverse-engineered, community-driven Freedreno MSM DRM driver for Adreno hardware.

  • Applications

  • Desktop Environments/WMs

    • Cinnamon 3.4 Desktop Officially Released, It’s Coming Soon to a Distro Near You

      Linux Mint project leader Clement Lefebvre was happy to announce today the official availability of the Cinnamon 3.4 desktop environment for GNU/Linux distributions.

    • K Desktop Environment/KDE SC/Qt

      • Qt Creator 4.3 RC1 released

        We are happy to announce the release of Qt Creator 4.3 RC1.

        Since the Beta release we have kept ourselves busy fixing bugs, so please take this last opportunity to test and give us feedback. Take a look at the Beta release blog post or the more detailed change log for an overview of what has changed in 4.3.

      • Qt Creator 4.3 RC1 Now Available For Developers
      • Qt 5.9 To Be An LTS Release, Qt 6 Planning On Radar
      • KDE Plasma 5.9.5, Krita 3.1.3 and digiKam 5.5 Coming Soon to Kubuntu 17.04 Users

        KDE’s José Manuel Santamaría Lema is informing the Kubuntu Linux community today about the upcoming availability of a multitude of updates for various KDE technologies in the Kubuntu Backports PPA.

        It’s a known fact that Kubuntu developers are always working hard to bring you all the latest goodies as soon as they are released upstream, and it looks like Kubuntu 17.04 (Zesty Zapus) users will be treated with the KDE Plasma 5.9.5 desktop environment, which is the last in the series as KDE Plasma 5.10 is coming at the end of May.

    • GNOME Desktop/GTK

      • GTK+ 3.22.13 Introduces More Wayland Improvements, Fixes for Some Memory Leaks

        While work on the major GTK+ 4 series advances at a slow pace, the GTK+ 3.22 stable branch is still being updated, and today we see the launch of yet another bugfix release, the thirteenth in the series.

        GTK+ 3.22.13 is a maintenance release that adds a month’s worth of fixes and updated translations from various contributors. The bug fixes are typically small but significant and include a memory leak fix for the Wayland display server when exporting handle, a memory leak fix for linkbutton, and a quartz backend segfault fix, which was a regression from last month’s point release, GTK+ 3.22.12.

      • WebKitGTK+ 2.16.2 Updates User Agent Quirks for New Google Login Page, YouTube

        WebKitGTK+, the open-source and full-featured port of the WebKit rendering engine to the GTK+ GUI toolkit used to build modern applications for the GNOME desktop environment was updated today to version 2.16.2.

        WebKitGTK+ 2.16.2 is just a small bugfix release that only resolves some of the issues users reported since the first maintenance update of the WebKitGTK+ 2.16 stable series. The most prominent change being improved user agent quirks to add compatibility for Google’s new login page and YouTube.

  • Distributions

    • Reviews

      • Solus – how far will it go?

        The Live run of Solus was stable, fast and smooth. I especially liked the crispness of the fonts, windows and of all the elements.

        At the same time, if you want to use Solus Budgie as a production OS, I’d recommend you to think twice. The main show-stopper for me would be the unknown format for supported packages. It locks down the number of available applications to whatever is available in official repositories, and there are already some gaps. Of course, there are some doubtful decisions on default set of applications and default desktop items, but that’s easy to fix.

        I hope that Solus will develop further and this is not my last visit to that part of the Linux world. I hope the team will not run out of patience and resources.

    • New Releases

      • Solus Receives Better Bluetooth A2DP Audio and Scanning Support, Other Goodies

        Solus Project’s Joshua Strobl is reporting today in a new installation of the This Week In Solus (TWiS) newsletter on the latest work done by him and project leader Ikey Doherty for their beloved and very popular Solus operating system.

        Last week – like many others before it – was extremely busy for the development team behind Solus, an independently-developed GNU/Linux distribution. The team finally managed to migrate the project’s Git repositories and patch management system to the Diffusion and Differential apps of their Phabricator dev tracker tool.

        This move has many implications for the ever-growing community and package maintainers, and you can read all about it in This Week In Solus Install #44, which brings many other good news for the regular Solus user as scanning and Bluetooth A2DP audio support has been greatly improved thanks to donators and patrons.

    • Arch Family

    • OpenSUSE/SUSE

      • SUSE Unveils OpenStack Cloud Monitoring & Supports TrilioVault

        Today at the OpenStack Summit 2017 in Boston, MA, SUSE, aside from celebrating its 25th anniversary, announced its new open source software solution that makes it simple to monitor and manage the health and performance of enterprise OpenStack cloud environments and workloads, SUSE OpenStack Cloud Monitoring. In other SUSE related news, Trilio Data, announced that its TrilioVault is Ready Certified for SUSE OpenStack Cloud.

      • Students to Enhance Multiple Open Source Projects

        Five students will spend this summer putting their coding skills into practice for openSUSE and other projects during this year’s Google Summer of Code.

        The international program that matches mentors and students funded 1,315 student projects this year for 201 open source organizations, who will benefit from the active involvement from these new developers.

        “We are excited to be selected as a mentoring organization and to mentor these talented, young GSoC students,” said Christian Bruckmayer, one of the openSUSE mentors. “This year’s projects focus on enhancing the capabilities of our open source tools, so that the benefits are shared amongst the open-source ecosystem.”

    • Red Hat Family

    • Debian Family

      • Derivatives

        • Grml 2017.05 “Freedatensuppe” Distro Enters Development Based on Debian Stretch

          The Debian-based Grml GNU/Linux distribution designed for system administrators is once again in development after taking a long break of approximately two and a half years.

          Dubbed “Freedatensuppe,” the next major release of the operating system is versioned Grml 2017.05, and a first Release Candidate (RC) build is now available for public testing. Development of Grml 2017.05 is currently based on the Debian Testing branch, which will soon become Debian GNU/Linux 9 “Stretch.”

        • Canonical/Ubuntu

          • Cockpit is now just an apt install away
          • Cockpit Comes To Ubuntu, Easier Linux Server Administration

            Cockpit, the open-source project providing a pleasant web-based administrative interface to Linux systems and developed significantly by Red Hat / Fedora developers, is now officially available in Ubuntu and Debian.

            Cockpit is now available in Debian unstable as well as Ubuntu 17.04 and 17.10 repositories. Details on Cockpit coming to Ubuntu/Debian were shared today on Martin Pitt’s blog, a prominent Debian/Ubuntu developer. There is also work on getting the Cockpit packages added to Ubuntu 16.04 LTS backports, but as of writing that has yet to be completed.

          • Flavours and Variants

            • Volunteers tailor Ubuntu Linux to UK’s health service

              A group of Britisch IT health care specialists have tailored the Ubuntu Linux distribution for use by the UK’s national health service (NHS) on its workstations. The alpha version of NHSbuntu was unveiled at the South West CIO Forum on 27 April.

  • Devices/Embedded

Free Software/Open Source

  • What is Docker’s Moby Project?

    Being an Austinite, I enjoyed having DockerCon local, and I co-authored a guide to visiting Austin in the hopes that attendees would enjoy having DockerCon in Austin as well.

    During DockerCon 2017, a few major announcements were made, including the Moby Project.

  • Verizon taps into open source, white box fervor with new CPE offering

    Verizon this week said it would begin offering x86-based servers with OpenStack software aimed at customers looking to support all manner of advanced cloud, software defined networking and network functions virtualization-based enterprises.

  • Web-based open-source program determines protein structures

    ContaMiner is a web-based, open-source program developed by a unique interdisciplinary team in King Abdullah University of Science and Technology (KAUST), Saudi Arabia. This program is already saving time for international researchers.

    “How much can you understand and repair a car if you don’t have a detailed picture of what is going on under the hood?” said KAUST Associate Professor Stefan Arold. “Proteins are life’s workhorses: their function and dysfunction both create life and end it. Each protein’s amino acid sequence folds into a particular 3-D structure that is required to support its function. If you want to understand, affect or engineer a protein’s function, you need to know its 3-D structure,” he explained.

  • MINIX 3.4 RC6 Released

    The release of MINIX 3.4 is inching closer with the availability now of its sixth release candidate.

    MINIX 3.4 will be the first update since MINIX 3.3 in 2014. We’ve been seeing release candidates now of MINIX 3.4 for the past year but it appears the final release is getting closer. MINIX for the uninitiated is a Unix-like microkernel-based OS started by Andrew Tanenbaum.

  • MapD tech open sources their Core Database

    MapD Technologies, a GPU-powered analytics company, has released their Core database to the open source community under the Apache 2 license, seeding a new generation of data applications. By open sourcing the MapD Core database and associated visualization libraries, they are making their analytics platform available to everyone.

  • MapD Open Sources GPU-Powered Database

    Since starting work on MapD more than five years ago while taking a database course at MIT, I had always dreamed of making the project open source. It is thus with great pleasure to announce that today our company is open sourcing the MapD Core database and associated visualization libraries, effective immediately.

  • Enterprise Open Source Programs: From Concept to Reality

    How pervasive is open source in today’s businesses? According to the 2016 Future of Open Source Survey from Black Duck and North Bridge, a mere three percent of respondents say they don’t use any open source tools or platforms.

    Leveraging open source has also become a key avenue for fostering new ideas and technologies. Gartner’s Hype Cycle for Open Source Software (2016) notes that organizations are using open source today not just for cost savings, but increasingly for innovation. With this in mind, major companies and industries are quickly building out their open source programs, and the open source community is responding.

  • Events

    • Redefining the Tech that Powers Travel

      We all know that the technology industry has been going through a period of incredible change. Rashesh Jethi, Head of Research & Development at Amadeus, began his keynote at the Open Networking Summit (ONS) with a story about how when his grandfather went to university in India, the 760-mile journey took three days and involved a camel, a ship, and a train. Contrast this to Jethi’s 2700 mile journey to ONS in 6 hours where he checked into the flight from his watch. The rapid evolution of technology is continuing to redefine the travel industry and how we approach travel.

    • DevConf Comes to India May 11-12, 2017
    • IBM Cloud Developer to Keynote Open Source Convention (OSCON) in Austin, Texas
    • LinuxFest Northwest report

      This weekend was LinuxFest Northwest 2017, and as usual I was down in Bellingham to attend it. Had a good time, again as usual. Luckily I got to do my talk first thing and get it out of the way. I’d post a link to the recording, but there doesn’t seem to be one – I’ll check with the organizers if it got lost or sometihng. In the mean time, here’s the slide deck. It was a general talk on Fedora’s past, present and future.

  • Web Browsers

    • Mozilla

      • Thunderbird’s Future Home

        The investigations on Thunderbird’s future home have concluded. The Mozilla Foundation has agreed to serve as the legal and fiscal home for the Thunderbird project, but Thunderbird will migrate off Mozilla Corporation infrastructure, separating the operational aspects of the project.

  • Databases

    • EIB provides EUR 25 million funding for MariaDB open-source database system

      The European Investment Bank (EIB), the non-profit lending institution of the European Union, will provide EUR 25 million in funding to the eponymous Finnish company behind the MariaDB open-source database system. MariaDB will use the money to expand its customer base in Europe, America and Asia, and to hire more developers in Helsinki.

  • Oracle/Java/LibreOffice

  • FSF/FSFE/GNU/SFLC

  • Openness/Sharing/Collaboration

  • Programming/Development

    • Java modularity specification opposed by Red Hat, IBM is voted down

      A Java modularity specification failed to pass in a vote by Java executive committee members, leaving the future of the technology in question. The issue could hold up the planned July 27 release of Java 9, which is slated to include modularity.

      Balloting on Java Specification Request 376 was completed on Monday. The modular plan for Java, intended to make it easier to scale the platform, has been opposed by companies, including Red Hat and IBM. Red Hat, in particular, questioned many parts of the plan, including raising issues about potential application compatibility problems.

    • Java 9 faces another delay, Oracle fires back at IBM and Red Hat

      Oracle’s chief Java architect has criticised Red Hat and IBM for the companies opposition to make Java 9 modular.

      The Java Platform Module System (JPMS) a core component of Project Jigsaw, the most likely candidate for modularity in Java 9, has received opposition from both IBM and Red Hat.

      IBM have hinted that they may vote against the changes whilst Red Hat initially agreed to the coming changes. Since then Oracle Chief Java Architect Mike Reinhold has come out and said that Red Hat worked consistently to undermine any coming changes.

    • 4 Python libraries for building great command-line user interfaces

      This is the second installment in my two-part series on terminal applications with great command-line UIs. In the first article, I discussed features that make a command-line application a pure joy to use. In part two, I’ll look at how to implement those features in Python with the help of a few libraries. By the end of this article, readers should have a good understanding of how to use Prompt Toolkit, Click (Command Line Interface Creation Kit), Pygments, and Fuzzy Finder to implement an easy-to-use REPL.

    • What does SVG have to do with teaching kids to code?

      Jay Nick is a retired electrical engineer who volunteers at local schools in his community by using art as a creative way to introduce students to mathematics and coding. Reflecting on the frustrations that his own children experienced in college programming classes, he decided to use his own experience with Scalable Vector Graphics (SVG) to create an approach to coding that combines principles of mathematics and art.

    • Microsoft’s .NET-mare for developers: ASP.NET Core 2.0 won’t work on Windows-only .NET

      Microsoft has made a change to its forthcoming ASP.NET Core 2.0 web framework so that it is now incompatible with the Windows-only .NET Framework, causing confusion and annoyance for some .NET developers.

Leftovers

  • Much ado about communication

    One of the first challenges an open source project faces is how to communicate among contributors. There are a plethora of options: forums, chat channels, issues, mailing lists, pull requests, and more. How do we choose which is the right medium to use and how do we do it right?

    Sadly and all too often, projects shy away from making a disciplined decision and instead opt for “all of the above.” This results in a fragmented community: Some people sit in Slack/Mattermost/IRC, some use the forum, some use mailing lists, some live in issues, and few read all of them.

  • Hardware

    • Making Chips Smarter

      It is no secret that artificial intelligence (AI) and machine learning have advanced radically over the last decade, yet somewhere between better algorithms and faster processors lies the increasingly important task of engineering systems for maximum performance—and producing better results.

      The problem for now, says Nidhi Chappell, director of machine learning in the Datacenter Group at Intel, is that “AI experts spend far too much time preprocessing code and data, iterating on models and parameters, waiting for training to converge, and experimenting with deployment models. Each step along the way is either too labor-and/or compute-intensive.”

  • Health/Nutrition

    • US, EU Diverge On Medical Diagnostic Patents

      Amos and Miller argue that the disjunction between the US and European requirements for diagnostic patent eligibility hinder global patent harmonisation. While the EU does place limits on diagnostic patents, it does not prohibit them outright. Amos and Miller explain that a rejection on the same grounds of Mayo in the EU would amount to a rejection based upon lack of ‘industrial applicability’. While 30 of the patents studied had objections in the EU based upon questions of novelty, inventiveness or clarity, none had objections which corresponded to a US Mayo rejection.

      The authors acknowledge that it is not possible to completely attribute the abandonment of a patent to the receipt of a Mayo objection, but argue that the case does appear to have special importance in the fate of US diagnostic patents. They point out that prior to the decision, the US permitted more diagnostic patents than the European Patent Office in a sampling of 20 applications.

    • MSF Warns Of Threats To Public Health In Asian Trade Agreement IP Proposals

      The 18th round of the Regional Comprehensive Economic Partnership (RCEP) trade agreement negotiations is taking place this week in Manila, Philippines. Health activists warn that Japan and South Korea are pushing for measures that go beyond international trade rules on intellectual property, including extending patent terms and data exclusivity in countries such as India, a primary source of cheaper generic medicines.

      Médecins Sans Frontières (MSF – Doctors Without Borders) in its response is urging Japan and South Korea to withdraw their proposals as it considers them as being harmful. The proposed measures would lead to a delay in generic competition and strongly increase the prices of medicines for patients all over the world, MSF said.

  • Security

    • 4 Best Practices for Web Browser Security on Your Linux Workstation

      There is no question that the web browser will be the piece of software with the largest and the most exposed attack surface on your Linux workstation. It is a tool written specifically to download and execute untrusted, frequently hostile code.

      It attempts to shield you from this danger by employing multiple mechanisms such as sandboxes and code sanitization, but they have all been previously defeated on multiple occasions. System administrators should learn to approach browsing websites as the most insecure activity you’ll engage in on any given day.

    • ‘Crazy bad’ bug in Microsoft’s Windows malware scanner can be used to install malware

      Miscreants can turn the tables on Microsoft and use its own antivirus engine against Windows users – by abusing it to install malware on vulnerable machines.

      A particularly nasty security flaw exists in Redmond’s anti-malware software, which is packaged and marketed in various forms: Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection. All are, at this moment, at risk. It is switched on by default in Windows 8, 8.1, 10, and Windows Server 2012.

      It is possible for hackers to craft files that are booby-trapped with malicious code, and this nasty payload is executed inadvertently and automatically by the scanner while inspecting the data. The injected code runs with administrative privileges, allowing it to gain full control of the system, install spyware, steal files, and so on.

      In other words, while Microsoft’s scanner is searching a downloaded file for malware, it can be tricked into running and installing the very sort of software nasty it’s supposed to catch and kill.

    • [Microsoft Employee:] Why your security appliance will be hacked

      I’m no world-class hacker/penetration tester, but I’ve been able to break into any organization I’ve been (legally) hired to do so in an hour or less, except for one place that took me three hours. That was on my second engagement with the customer after it had implemented many of the protections I had recommended during my first visit.

    • How the Macron campaign slowed cyberattackers
    • Cisco kills leaked CIA 0-day that let attackers commandeer 318 switch models

      As previously reported, the zero-day exploit allowed attackers to issue commands that remotely execute malicious code on 318 models of Cisco switches. The attack code was published in early March by WikiLeaks as part of its Vault7 series of leaks, which the site is billing as the largest publication of intelligence documents ever.

      The bug resides in the Cisco Cluster Management Protocol (CMP), which uses the telnet protocol to deliver signals and commands on internal networks. It stems from a failure to restrict telnet options to local communications and the incorrect processing of malformed CMP-only telnet options.

    • Open source password strength meter could help boost account security

      It’s no secret that most people are rubbish at choosing passwords — it’s something that’s proved time and time again when the annual list of common passwords is released. To help overcome the problem, and hopefully increase the security of people’s accounts, a team of researchers from the Carnegie Mellon University and the University of Chicago have created an open source password meter that provides advice about how to strengthen a password.

    • Apache OpenOffice: Not dead yet, you’ll just have to wait until mid-May for mystery security fixes
    • NIST to security admins: You’ve made passwords too hard

      Despite the fact that cybercriminals stole more than 3 billion user credentials in 2016, users don’t seem to be getting savvier about their password usage. The good news is that how we think about password security is changing as other authentication methods become more popular.

    • Google Docs Phishing Scam a Game Changer
    • What Internet-Connected War Might Look Like

      A technician hurriedly slings his backpack over his shoulders, straps on his M9 pistol, and bolts out of the transport with his squad of commandos in a hail of gunfire. As soon as his team reaches the compound, he whips out a laptop and starts deploying a rootkit to the target server, bullets whizzing overhead all the while.

  • Transparency/Investigative Reporting

    • Watch the video that sparked a CIA debate over psychic phenomenon

      A video produced by Stanford as part of its government funded research into psychic phenomena alleged to show Uri Geller performing various psychic and extrasensory feats. While some in the Agency were “humbled” by the film, others were quick to declare it ordinary trickery from a con artist using techniques from stage magic and mentalism. Eventually, James Randi joined the discussion with his book about Uri Geller, only to find one of the scientists involved pushing back.

    • Is WikiLeaks intelligence porn, or legitimate news?

      Much ink has been spilled on President Trump’s “bigly” disdain for the media, including his Stalinist moniker for the press: “enemy of the people.”

      Not enough, however, has been written about smaller efforts afoot at the Department of Justice and FBI that would, in a much more direct sense, imperil basic press freedoms in the United States.

      These efforts came up last week in testimony by FBI Director James Comey. Though much of the coverage focused on comments about the Clinton investigation, he touched on two other discrete issues that deserve scrutiny.

      The first is WikiLeaks — specifically reports that the DOJ is considering filing charges under the Espionage Act against the radical transparency site for releasing classified information.

    • WikiLeaks Offers to Hire James Comey After Trump Fired Him

      James Comey may have just been fired by President Donald Trump from his position as FBI Director, but he already has a new job offer from a surprising source: WikiLeaks. Shortly after he was fired, Julian Assange tweeted that he would be happy to offer Comey a new job if he wanted to continue to properly investigate the U.S. government from WikiLeaks’ D.C. office.

  • Environment/Energy/Wildlife/Nature

    • Spain loses first arbitration claim over cuts to renewable energy subsidies

      Spain has lost its first international arbitration process over cuts to renewable energy subsidies. The International Centre for the Settlement of Investment Disputes (ICSID) has rendered an award in favor of the British-based Eiser Infrastructure Limited and its affiliate Energia Solar Luxembourg, stating that the Spanish government violated Article 10 of the Energy Charter Treaty, thus depriving the company – a fund with ties to ABN Amro – of fair and equitable treatment.

    • Two-thirds of electricity in Canada now comes from renewable energy

      Two-thirds of Canada’s electricity supply now comes from renewable sources such as hydro and wind power, the National Energy Board said in a report released Tuesday.

      Renewable energy production jumped 17 per cent between 2005 and 2015. The portion of all electricity in Canada generated by renewables is now 66 per cent, up from 60 per cent a decade earlier.

      “I think people don’t understand just how much of our generation is the renewables,” said NEB chief economist Shelley Milutinovic. “Probably very few people would know Canada produces the second most hydro in the world.”

  • AstroTurf/Lobbying/Politics

    • Preet Bharara, Sally Yates and James Comey: Fired while investigating Donald Trump

      After President Donald Trump fired FBI Director James Comey, questions immediately arose about the President’s motivations for his dismissal — and for the recent firings of two other then-President Barack Obama-appointees who were in the middle of conducting investigations linked to Trump.

      Senate Minority Leader Chuck Schumer said Comey’s firing was part of a “deeply troubling pattern from the Trump administration,” that appears to be linked to two other high-profile dismissals.

    • USAian Political Power Modelled After Animal Farm

      Certainly Trump has committed high crimes and misdemeanours. That started before the campaign of 2016. Now, he’s doing it from the Oval Office. On the list so far: sexual harassment, bullying, racial discrimination, multiple breaches of the Constitution, and treason, facilitating Putin’s influence to affect the USAian government. The only higher power is Congress. I would bet every Democrat would support impeachment.

    • The Triumph of James Comey

      Since FBI Director James Comey has become a kind of arbiter of the political discourse – to say his pronouncements have been decisive would not, I think, be an overstatement – his appearance before the Senate Intelligence Committee was much anticipated. As Hillary Clinton and her supporters continue to re-litigate the presidential election, blaming him for her defeat, how he would defend his decision to reveal that the FBI was investigating her private email server, and the possible unauthorized release of classified information, was the focus of much interest. And yet the really interesting aspects of his testimony had to do with two questions that, in a free society, would not normally be the domain of law enforcement: 1) What should be the nature of our relations with a foreign country, i.e. Russia? And 2) what is a legitimate journalistic enterprise?

    • Trump Fires FBI Director Comey

      So… not quite sure what to make of this yet, but according to the NY Times, just a little while ago, Donald Trump fired FBI Director James Comey (of course, just after our podcast came out talking about how Comey seemed to be hopeful the Trump administration would approve his encryption backdoor plans).

    • President Trump fires FBI Director James Comey over Clinton e-mail probe

      FBI Director James Comey was fired Tuesday by President Donald Trump over his handling of the Hillary Clinton e-mail scandal. A search has begun to replace Comey, who was appointed to the position by President Barack Obama in 2013.

      “The FBI is one of our nation’s most cherished and respected institutions, and today will mark a new beginning for our crown jewel of law enforcement,” President Trump said in a statement. Comey’s removal was recommended by Attorney General Jeff Sessions and Deputy Attorney General Rod Rosenstein.

  • Censorship/Free Speech

  • Intellectual Monopolies

    • Copyrights

      • Introducing Paperstorm: Drop Airborne Leaflets to Fix EU Copyright

        In the EU, outdated copyright law is threatening the health of the Internet.

        The EU’s current copyright framework — developed for a time before the Internet — can stymie innovation, preventing entrepreneurs from building on existing data or code. It can stifle creativity, making it technically illegal to create, share and remix memes and other online culture and content. And it can limit the materials that educators and nonprofits like Wikipedia depend on for teaching and learning.

05.09.17

Links 9/5/2017: Mesa 17.1 RC4, Coreboot 4.6, and OpenStack Summit

Posted in News Roundup at 7:44 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Chuwi LapBook 12.3 is a 2K Ubuntu Laptop for $329

      Chinese computer company Chuwi plan to release an Ubuntu powered laptop.

      The Chuwi LapBook 12.3 is a thin, all-metal clamshell notebook with a 12.3-inch 2K display.

      Never heard of Chuwi? Me either.

      Though the company is far from a household name it carving out a name for its self making a slate of well-received Windows 10 tablets, and 2-in-1’s — one of which even dual-boots with Android.

      And now they’re apparently turning their attention to Ubuntu.

    • Today’s bonkers bug report: Microsoft Edge can’t print numbers

      Microsoft’s Edge browser is the subject of an amusing new bug report, alleging it somehow manages to screw up printing strings of numbers.

      The report on Microsoft’s developer portal describes the issue where PDF files printed through Edge will display numbers and text incorrectly when exported.

      “Edge displays PDF correctly but printed content differs notably,” the bug notice reads. “Printed content depends on selected printer, on printer settings, and on used computer (please try a different setup if first result looks correct).”

      The report includes a pair of examples in a numbered table. The first table is sequentially numbered from 1-140. The second table, which is said to have been printed in Edge through the “print-to-PDF” function, has the boxes numbered out of sequence with the first six as “1,1,4,4,4,7″.

  • Server

    • What is Docker and why is it so darn popular?

      If you’re in data center or cloud IT circles, you’ve been hearing about containers in general and Docker in particular non-stop for a few years now. With the release of Docker 1.0 in June 2014, the buzz became a roar.

      All the noise is happening because companies are adopting Docker at a remarkable rate. At OSCon in July 2014, I ran into numerous businesses that were already moving their server applications from virtual machines (VM) to containers. Indeed, James Turnbull, Docker’s VP of services and support, told me at the conference that three of the largest banks that had been using Docker in beta were moving it into production. That’s a heck of a confident move for any 1.0 technology, but it’s almost unheard of in the safety-first financial world.

  • Kernel Space

    • Linux 4.12 I/O Scheduler Benchmarks: BFQ, Kyber, Etc

      Among the many new features for Linux 4.12 are two new I/O schedulers in mainline: the long-standing BFQ (Budget Fair Queueing) and Kyber, a new I/O scheduler developed at Facebook. Here are some initial benchmarks of these I/O schedulers on the Linux Git code as of this past week.

    • Linux Kernels 4.10.15, 4.9.27 LTS & 4.4.67 LTS Bring CIFS and Ceph Improvements

      Greg Kroah-Hartman announced a few moments ago the release and general availability of a new set of maintenance updates for the Linux 4.10, as well as the long-term supported Linux 4.9 and 4.4 kernels.

    • Linux 4.10.15
    • Linux 4.9.27
    • Linux 4.4.67
    • A Variety Of KVM Changes For Linux 4.12, Supports MIPS Hardware Virtualization

      The Kernel-based Virtual Machine changes have been submitted for the Linux 4.12 kernel merge window.

      There are plenty of KVM changes as usual for this next kernel cycle. Some of the work for KVM on ARM includes improved PMU support and virtual interrupt controller improvements. MIPS meanwhile has picked up basic support for hardware virtualization when using Imagination P5600/P6600/I6400 or Cavium Octeon III hardware.

    • Linux 3.18.52

      I’m announcing the release of the 3.18.52 kernel.

      All users of the 3.18 kernel series must upgrade.

      The updated 3.18.y git tree can be found at:
      git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y
      and can be browsed at the normal kernel.org git web browser:

      http://git.kernel.org/?p=linux/kernel/git/stable/linux-st…

    • Linux Kernel 3.18.52 Released with CIFS & F2FS Changes, Lots of Updated Drivers

      After announcing earlier today the release of the Linux 4.10.15, 4.9.27 LTS and 4.4.67 LTS kernels, Greg Kroah-Hartman also released yet another maintenance update for the Linux 3.18 kernel series.

      The Linux 3.18 branch continues to be marked as [EOL] – End of Life – on the kernel.org website, but it also continues to receive large patches that contain numerous improvements and miscellaneous bug fixes. Linux kernel 3.18.52 being the latest in the series, it changes a total of 97 files, with 741 insertions and 346 deletions, according to the appended shortlog.

    • Is Linux kernel design outdated?

      Linux has made great strides over the years, advancing far beyond where it was when it started. But one redditor recently wondered if Linux was suffering from outdated kernel design. He asked his question in the Linux subreddit and got some interesting answers.

    • f2fs for 4.12-rc1
    • F2FS Is Ready With Various Enhancements For Linux 4.12

      The latest Linux 4.12 merge window pull request worth talking about is that of the Flash-Friendly File-System (F2FS) updates.

    • Linux Foundation to develop tool for building blockchain business networks

      The Linux Foundation announced a new software project under its Hyperledger open consortium aimed at creating a collaboration tool for building blockchain business networks — or smart contracts — and their deployment across a distributed ledger.

      The new project, called Hyperleder Composer, is a modeling language based on JavaScript and with REST API support, that allows non-developers and developers to model their business network. The language also supports modeling of relationships and data validation rules.

    • Graphics Stack

  • Applications

  • Desktop Environments/WMs

    • Cinnamon 3.4 released!

      You probably saw the tags on github already. I’m happy to make it official and to announce the release of Cinnamon 3.4.

      I’d like to thank all the developers and designers who worked not only on Cinnamon 3.4, but in the redesign of the Spices website and the maintenance of the Cinnamon Spices themselves.

    • K Desktop Environment/KDE SC/Qt

      • KStars 2.7.7 Released for Linux, Mac, and Windows!

        I’m glad to announce the release of KStars 2.7.7 for Linux, Mac, and Windows!

        In this release, Robert Lancaster dedicated a lot of time to improving KStars What’s Interesting Tool (WIT). It is now significantly improved and offers a rich educational experience to explore the heavens! Users can now explore many naked eye and deep sky objects, in addition to addon catalogs offered by KStars such as the Sharpless Catalog.

        Users wishing to have more fine control on what objects to observe and/or image should be using the Observation Planner that enable filtering of objects with custom constraints and limits. For casual users looking to find out what’s interesting tonight, then this tool is the optimal choice.

    • GNOME Desktop/GTK

      • Evolution 3.24.2 Open-Source Email and Groupware Client Brings Many Improvements

        The GNOME Project is preparing these days to release the second and last scheduled point release for the latest GNOME 3.24 desktop environment, and some of the core components and apps are already receiving new versions.

        That’s right, we’re talking about GNOME 3.24.2, which should be out in the coming days, around the date of May 10, 2017, bringing various small enhancements and bug fixes to some of the components distributed as part of the GNOME 3.24 Stack. The Evolution email and groupware client is, again, among the first to be updated.

      • System76 Preps Consistent GNOME Experience for Their PCs Powered by Ubuntu 17.10

        System76′s CEO Carl Richell is reporting today on some of the upcoming changes the Linux hardware company plans to make in regards to the look and feel of the GNOME desktop environment shipping with the next major Ubuntu release.

        As you are very much aware by now, Canonical is moving away from their unique and gorgeous Unity user interface to the GNOME 3 desktop environment for the Ubuntu 17.10 (Artful Aardvark) operating system, due for release later this year on October 19, 2017.

  • Distributions

    • Reviews

      • LinuxAndUbuntu Distro Review Of The Week Bodhi Linux

        ​Bodhi Linux is essentially one of those distributions which try to bring your old PC back to life but at the same time, tries to make it look like it is still keeping up with the latest trends in Design and Interface. And with every new release, its community is growing larger and larger. We will look at the latest release which comes with a new theme and more bug fixes (more on this later).

      • 4MLinux 21.0

        4MLinux provides a lot of software in a small package. For system maintenance it is good choice to have on hand. For multimedia, miniserver, and mystery it provides a useful selection of software, but there are other distributions that focus on only one of those tasks and do it better by being more focused. That is not to say that 4MLinux is bad, but it tries to do too many different things at once. To be completely honest, I think 4MLinux would be a stronger offering if it were 3MLinux and dropped the mystery aspect entirely. Maybe including just solitaire or some other light game to have as a diversion while maintenance tasks run and use the space freed up by removing the games to include some of the optional extension applications by default.

      • Xubuntu 17.04 Zesty Zorro – Vigorous

        Xubuntu 17.04 Zesty Zapus is a pretty good release. It comes with a fully functional live session, and even the installed system offers a foxy, fair and balanced experience. You have your codecs, media support, printing, great performance, stability, and whatnot.

        On the down low, the Bluetooth stack is one big disappointment, and the default looks can be improved. There were a few small issues throughout, but nothing major. What makes Xubuntu less glamorous than it should be is its brother, Kubuntu. I was so impressed with the Plasma release that I just don’t have sufficient fanboyase – that’s the enzyme that makes nerds go wild – in my noob glands to feel all giddy. It’s a case of not being able to fall in love on the account of already being taken, so to speak.

        Well, if you ignore me and my mood swings, as a standalone product, Xubuntu Zesty is a nice free offering. It’s mature, robust and fast. Battery life can be better, it sure can shine more on its own without extra pimping, and Bluetooth, we go back to Bluetooth. Anyway, as far as Ubuntu and its kin go, the spring season is a pretty good one. This one gets a very juicy 9/10. And that would be all. Off you go. Play play, test test.

    • New Releases

      • Black Lab Enterprise Linux 11 Launches with Flatpak Support, GNOME 3.18 Desktop

        PC/OpenSystems LLC and Black Lab Software are proud to announce today the release and immediate availability for download of the Black Lab Enterprise Linux 11 operating system.

        Now that netOS become Black Lab Enterprise Linux, and that the OS is free for download again, the team prepared the latest release with dozens of exciting new features and several flavors. Black Lab Enterprise Linux 11 appears to be the first stable series to ship with Black Lab Studio Linux, Black Lab Enterprise Linux for Education, and Black Lab Enterprise Linux for IoT editions.

      • ExTiX 17.5 Looks to Be the First GNU/Linux OS Shipping with Linux Kernel 4.11

        GNU/Linux developer Arne Exton is once again the first to built a Linux-based operating system powered by the latest stable kernel, and today he announced the availability of ExTiX 17.5 Build 170508 using the Linux 4.11 kernel.

        To our knowledge, ExTiX 17.5 Build 170508 looks to be the first stable, production-ready GNU/Linux distribution to ship with Linux kernel 4.11. The operating system is dubbed by the developer “The Ultimate Linux System” for a reason, and today’s release is based on packages from Debian GNU/Linux 8.7 “Jessie,” Debian GNU/Linux 9 “Stretch” and Ubuntu 17.04 (Zesty Zapus).

      • Debian-Based OSMC Linux Media Center Updated with Better Raspberry Pi Support

        While we were waiting for the final Mesa 17.1.0 3D Graphics Library to hit the streets this past weekend, Collabora’s Emil Velikov is today announcing the availability of the fourth and last Release Candidate (RC) milestone.

      • Black Lab Enterprise Linux Goes Free Again as Income Comes from Hardware Sales
    • Arch Family

    • OpenSUSE/SUSE

      • Highlights of the OBS frontend development sprint

        This is the first in a series of posts in which the frontend hackers want to report to the OBS community about the progress they have made developing the web user interface and the API of the OBS. You can expect these posts to come in roughly every 2 weeks, and we very much hope you enjoy them!

    • Red Hat Family

    • Debian Family

      • Debian GNU/ Linux 8.8 Released
      • Derivatives

        • Release Notes for Grml 2017.05-rc1 – codename Freedatensuppe

          Grml is a Debian based live system focusing on the needs of system administrators. This Grml release provides fresh software packages from Debian testing (AKA stretch) and is the first Grml release using systemd as its init system. As usual it also incorporates up to date hardware support and fixes known bugs from the previous Grml release.

        • Canonical/Ubuntu

          • Mark Shuttleworth: Ubuntu on the Desktop Will Remain Important to Canonical

            The OpenStack Summit 2017 event kicked off today in Boston, MA, and Canonical’s CEO Mark Shuttleworth was there to discuss the upcoming plans for Ubuntu on the desktop, cloud computing, and IoT (Internet of Things).

            The Canonical and Ubuntu founder was interviewed there by theCUBE, who were very curious to know what is the state of Ubuntu Linux these days, now that Mark Shuttleworth shocked the Open Source community when he announced last month that development of the Unity interface is shut down, along with the convergence vision.

          • Mark Shuttleworth Says Ubuntu Desktop “Remains Really Important”

            Mark Shuttleworth has reiterated that the Ubuntu desktop “remains really important” to Canonical.

            He made the comments in an interview with The Cube at the OpenStack Summit 2017 taking place in the USA this week.

            Asked to describe the current state of Ubuntu following last month’s announcement that Canonical is to end investment in Ubuntu Phone, Unity 8, convergence, the Ubuntu founder admitted that Ubuntu ‘failed’ to take Ubuntu mainstream in personal computing.

          • My Current Ubuntu Desktop (And How You Can Recreate It)

            As you may have heard me mention in the latest episode of the Ubuntu Podcast, I’ve been ankle deep in GNOME extensions these past few weeks. Why? Well, like many of you I have made a preëmptive switch to GNOME Shell now that Unity is being left to the cobwebs.

          • Canonical starts IPO path

            At OpenStack Summit, Canonical and Ubuntu founder Mark Shuttleworth revealed in an interview that the recent changes in the Linux and cloud power were to ready Canonical for an IPO.

            In early April, Shuttleworth announced Ubuntu Linux was ending its ” investment in Unity8, the phone and convergence shell.” Ubuntu had long been a cloud power, and it’s been building its Internet of Things (IoT) reputation. Soon thereafter, Canonical CEO Jane Silber announced she was stepping down and that Shuttleworth would return as CEO.

  • Devices/Embedded

Free Software/Open Source

  • Financial services organisations are “waking up” to finding talent through open source

    Symphony, the Google-backed chat tool touted as the “Bloomberg Killer” has the backing of the vast majority of investment banks – Bank of America Merrill Lynch, Citi, Credit Suisse, Deutsche Bank, Goldman Sachs, HSBC, Jefferies, JPMorgan, Morgan Stanley, Nomura and Wells Fargo have all invested – and it now has big asset managers like BlackRock and Citadel.

    While the secure cloud-based chat tool gets most of the headlines, there’s a sister, non-profit organisation called the Symphony Software Foundation, which promotes open-source software collaboration and is quietly capturing the attention of financial services organisations by uncovering coding talent. Gabriele Columbro, an executive director at the firm, says that open source development creates opportunities for developers that just wouldn’t be there otherwise.

  • Open source drives ‘composable infrastructure’

    Today’s software world is growing ever more cloudy and every more fragmented. We have myriad programming languages, numerous application platforms and services-oriented architectures (yes, but not the dusty ones of yesteryear!)

    [...]

    Composable infrastructure is right for this because, for instance, not every data store is right for every customer, he pointed out. And open-source is the source of many of these parts, he said. “Google uses open source to build critical parts of our infrastructure. Google Cloud is an extension of that. Developers will build their own tools using Python or Go… programming languages we invented that are the foundation for cloud computing around containers.”

  • Open source can protect your virtualised network. Here’s how.

    Virtualisation has been a hot topic in telecommunications for nearly half a decade, and security concerns have remained an ever-present feature. This is not surprising given the extent to which NFV/SDN is transforming the industry and the many ‘known unknowns’ this entails.

    As networks migrate from hardware to software, and ‘walled gardens’ turn into much more open cloud-like architectures, so security risks increase.

    Throwing open source software development into the mix adds a further layer of complexity.

  • 3000 Reviews on the ODRS

    The Open Desktop Ratings service is a simple Flask web service that various software centers use to retrieve and submit application reviews. Today it processed the 3000th review, and I thought I should mark this occasion here. I wanted to give a huge thanks to all the people who have submitted reviews; you have made life easier for people unfamiliar with installing software much easier. There are reviews in over a hundred different languages and over 600 different applications have been reviewed.

  • MapD Open Sources High-Speed GPU-Powered Database
  • MapD Technologies Open Sources Lightning-Fast GPU-Powered Database
  • MapD’s GPU-powered database is now open source

    As announced in a press release and blog post, the core database and its “associated visualization libraries” are available under the Apache 2.0 license. But enterprise-level features like the high availability, LDAP, ODBC, and horizontal scaling functionality—many of which debuted in the 3.0 version released earlier this month—will be kept close to the chest.

  • Sprint, Intel Join Forces on C3PO 5G User Plane Open Source Project

    SAN JOSE, California —Although it’s not May 4, the annual day of celebration to honor the iconic “Star Wars” movie, it still seems fitting to talk about Sprint’s new open source project, called C3PO. Last week at the 2017 NFV World Congress, Sprint revealed it’s working with Intel on the open source project the companies believe will result in a more flexible and scalable 5G control plane. C3PO stands for CUPS [control and user plane separation] for packet optimization.

  • Dell EMC’s newest switches will come with its open network OS

    Dell’s drive into open networking accelerated on Monday with the announcement of the first switches to ship with OS10, the company’s network operating system that’s based on open source.

    At Dell EMC World in Las Vegas, the company introduced two data-center switches running OS10 Enterprise Edition, an enhanced version of the open-source OS that Dell announced early last year.

    The software is based on technologies from the Linux Foundation and the Open Compute Project and is already available through an extended beta to customers who already have hardware. The Enterprise Edition is a complete software platform, including Dell’s networking stack, but its open-source foundation means it can be extended with third-party software, said Jeff Baher, Dell EMC’s executive director, networking.

  • Events

    • 3 Developers Explain Why They Attend ApacheCon

      ApacheCon North America is right around the corner. Everyone is looking forward to this year’s event May 16-18 in Miami. There’s plenty new to see, hear, and do this year but that’s not the only attraction for developers.

      The annual conference of The Apache Software Foundation is where users and contributors meet face-to-face to collaborate on the next generation of cloud, Internet, and Big Data tech. The Apache community is huge and has upwards of 4500 committers. There is ample opportunity to meet MVPs and project heroes plus swap war stories with fellow developers in the trenches.

    • Excited about oSC17? Volunteer to experience another aspect of it!

      oSC17 is just around the corner, and if you want to be part of making it awesome you can now sign up to become a volunteer!

      Volunteers are invaluable to conferences, and they play a major role in creating a pleasant conference atmosphere for attendees.

    • Visiting Kamailio World (Sold Out) and OSCAL’17

      Kamailio World features a range of talks about developing and using SIP and telephony applications and offers many opportunities for SIP developers, WebRTC developers, network operators and users to interact. Wednesday, at midday, there is a Dangerous Demos session where cutting edge innovations will make their first (and potentially last) appearance.

      [...]

      On Saturday I’ll be giving a workshop about the Debian Hams project and Software Defined Radio. On Sunday I’ll give a talk about Free Real-time Communications (RTC) and the alternatives to systems like Skype, Whatsapp, Viber and Facebook.

    • OpenStack Summit: The Golden (Channel) Age Of Open Source

      Some of us remember when running any production workload on Linux was considered living dangerously. My, have times changed. Last week, I spent some time at the largest-yet Red Hat Summit, along with about 6,000 other attendees. All three big public cloud vendors had booths on the expo floor — in fact, Microsoft was a platinum sponsor. Cisco, HPE, IBM, Juniper, Oracle and other household names jockeyed for attention with the likes of Big Switch, Black Duck and NuoDB.

    • OPNFV Membership Grows as Community Hosts OPNFV Open Source Day at OpenStack Summit

      OpenStack Summit — The OPNFV Project, an open source project that facilitates the development and evolution of Network Functions Virtualization (NFV) components across various open source ecosystems through integration, deployment, and testing, today announced China SDN/NFV Industry Alliance, a 50+-member alliance focused on increasing the readiness of SDN/NFV, and Netscout, a leading provider of business assurance, have joined the project.

    • Bursary applications for DebConf17 are closing in 48 hours!

      This is a final reminder: if you intend to apply for a DebConf17 bursary and have not yet done so, please proceed as soon as possible.

      Bursary applications for DebConf17 will be accepted until May 10th at 23:59 UTC. Applications submitted after this deadline will not be considered.

    • OpenStack Summit Emphasizes Emerging Deployment Models

      The OpenStack Summit kicked off here today with multiple announcements and an emphasis on the evolution of the cloud deployment model.

      Jonathan Bryce, executive director of the OpenStack Foundation, said during his keynote that there has been a 44 percent year-over-year increase in the volume of OpenStack deployments, with OpenStack now running on more than 5 million compute cores around the world.

    • OpenStack Foundation slams claims open source cloud platform’s days are numbered

      The OpenStack Foundation is on a mission to clear up a number of misconceptions about the open source cloud platform, particularly those pertaining to its often predicted demise.

    • OpenStack Summit: All the biggest news from Red Hat to Rackspace & Dell EMC
    • Submission deadline for LPC refereed track proposals extended

      The deadline for submitting refereed track proposals for the 2017 Linux Plumbers Conference (LPC) has been extended until May 13. “The refereed track will have 50-minute presentations on a specific aspect of Linux “plumbing” (e.g. core libraries, media creation/playback, display managers, init systems, kernel APIs/ABIs, etc.) that are chosen by the LPC committee to be given during all three days of the conference.” LPC will be held September 13-15 in Los Angeles, CA.

  • Databases

    • MariaDB raises $27.3 mln

      The European Investment Bank (EIB) announced a EUR 25m funding of MariaDB, the company behind the fastest growing Open Source database, to support the company’s next stage of growth and database innovation. This EIB operation is guaranteed under the European Fund for Strategic Investments (EFSI), a key element of the European Commission’s Investment Plan for Europe, aiming at reviving investment in strategic projects around Europe.

    • MariaDB Raises €25m in Funding

      MariaDB, a Menlo Park, California-based provider of the MariaDB open source database, raised €25m in funding.

      The European Investment Bank (EIB) provided the funding, which is guaranteed under the European Fund for Strategic Investments (EFSI).

    • EIB backs open source database MariaDB with €25m

      The European Investment Bank (EIB) has given €25 million in funding to open source database provider, MariaDB.

      This investment has been offered in order for MariaDB to increase its global client base as part of the European Fund for Strategic Investments (EFSI), a long term plan drafted by the European Commission.

    • Open Source database developer MariaDB picks up $27M from the EIB

      As open source database architecture continues to grow in popularity, one of the bigger developers in the area has picked up some funding to target the opportunity.

    • Open source database MariaDB secures €25m EIB funding

      The European Investment Bank likes what it sees in MariaDB, putting €25m into the open source database for expected growth in the coming years.

      The European Investment Bank’s (EIB) activities throughout the EU have proved quite interesting in recent years.

  • Oracle/Java/LibreOffice

    • Announcement of LibreOffice 5.2.7

      The Document Foundation (TDF) announces LibreOffice 5.2.7, the seventh minor release of the LibreOffice 5.2 family, targeted to enterprises and individual users in production environments.

  • Pseudo-Open Source (Openwashing)

    • Microsoft contributing Open-Source OPC UA stack [Ed: Microsoft openwashing of .NET, which is NOT "Open Source" but at best Open Core]
    • Nuanced Déjà Vu in Microsoft’s Desktop Monopoly

      When I was in late high school, which was in the early days of this blog, I had recently switched to Linux and was essentially an evangelist, singing its praises and loudly cursing the misdeeds of Microsoft with respect to the desktop market; many of my blog posts at that time were in that vein. In the nearly 8 years since then, I, my blog, Linux, Microsoft, and the consumer device market have all evolved and matured: I’ve become less evangelistic and more realistic about many things (or so I’d like to think), my blog has correspondingly shifted focus in various ways, Linux distributions have become less of a “wild west” than they were 8 years ago and have gained more support for popular things like proprietary video drivers and game platforms like Steam, Microsoft has been more open about supporting free and open-source software initiatives, and the consumer device market has shifted much more toward mobile devices, including smartphones and tablets which are very different from the desktops, laptops, and netbooks of 8 years ago (the latter of which doesn’t really exist anymore as it once did). That said, I recently read a post on Slashdot (original article by Brian Fagioli of Betanews) about how Microsoft is locking the configuration settings for changing the default browser (Microsoft Edge) and search engine (Bing) choices in Windows 10 S, which is its version of Microsoft Windows 10 designed for lower-end hardware used in schools. For the sake of old times, I thought it might be nice to post about it, but hopefully with a bit more nuance than what I was capable of 8 years ago (and with the benefit of having seen the last 8 years of intervening technological development).

      [...]

      Overall, I don’t think Microsoft really has the leverage to ensure total dominance of its own web browser that it did 16 years ago. Too many ordinary consumers have moved onto other browsers and other platforms entirely. The default browser issue will only affect the rare cases of opening specific locally-hosted HTML and similar files, so for all other cases, users can put their preferred browser shortcut on the main screen or menu of Microsoft Windows 10. While it certainly pays to be vigilant about anticompetitive behavior and trends toward proprietary software, I don’t see a need to hyperventilate like I might have 8 years ago.

    • Verizon unlocks the power of open source and virtualization with the addition of new whitebox options to its universal CPE offer
    • Dell EMC must adapt or die in open-source and cloud-dominated world, say analysts
  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • 8 ways to get started with open source hardware

        Alan Kay, famed computer scientist, once said, “People who are really serious about software should make their own hardware.” I’d argue that’s as true today as it was in 1982 when he said it. However, what’s changed between then and now is that hardware has gotten faster, smaller, and most importantly: cheaper. it’s now possible to buy a full computer for $5.

        With big companies driving down prices for their own products, it’s grown a manufacturing ecosystem capable of producing production-grade hardware that’s cheap enough and accessible enough that it is now within reach of normal individuals. This accessibility and affordability are helping drive things like crowdfunding and the maker movement, but they’re also giving way to more individuals being able to participate in open source through open source hardware.

  • Programming/Development

    • Oracle fires Java warning at IBM and Red Hat

      Oracle has hit out at IBM and Red Hat Middleware for their continued opposition to its proposed plan to make Java modular.

      Mark Reinhold, Oracle’s Java Platform chief, has called IBM’s position on the Java 9 Module System (JPMS) “disappointing”, “surprising” and a threat to Java.

      IBM has suggested it will vote against the JPMS JSR that Reinhold leads – JSR 376. The result for the Community vote on JPMS is due to be announced on June 8.

    • Falcon: A New, Faster JIT Compiler For Java/JVM

      Last week Azul Systems released a new version of its Zing runtime for Java. With the new version of Zing comes a new JIT compiler dubbed “Falcon” for offering faster Java performance.

    • The IDAR Graph

      UML (Unified Modeling Language)6 is the de facto standard for representing object-oriented designs. It does a fine job of recording designs, but it has a severe problem: its diagrams don’t convey what humans need to know, making them hard to understand. This is why most software developers use UML only when forced to.1

      For example, the UML diagrams in figures 1 and 2 portray the embedded software in a fax machine. While these diagrams are attractive, they don’t even tell you which objects control which others. Which object is the topmost controller over this fax machine? You don’t know. Which object(s) control the Modem object? You don’t know.

Leftovers

  • Health/Nutrition

  • Security

    • [Old] Intel ME: The Way of Static Analysis
    • CloudLinux 7 and CloudLinux 6 Users Get New Kernel That Patches CVE-2017-7895

      CloudLinux’s Mykola Naugolnyi announced today the availability of new stable kernels for the CloudLinux 7, CloudLinux 6, and CloudLinux 6 Hybrid operating systems.

      The updated kernel is available for download right now from the production repository of the CloudLinux 7, CloudLinux 6 Hybrid, and CloudLinux 6 operating systems, versioned 3.10.0-427.36.1.lve1.4.47. It replaces kernel 3.10.0-427.36.1.lve1.4.44 on CloudLinux 7 and Hybrid, as well as kernel 2.6.32-673.26.1.lve1.4.25 on CloudLinux 6.

    • Mac users installing popular DVD ripper get nasty backdoor instead

      Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims’ password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday.

    • Google’s Fuzz bot exposes over 1,000 open-source bugs

      Google’s OSS-Fuzz bug-hunting robot has been hard at work, and in recent months, over 1,000 bugs have been exposed.

      According to Chrome Security engineers Oliver Chang and Abhishek Arya, software engineer Kostya Serebryany and Google Security program manager Josh Armour, the OSS-Fuzz bot has been scouring the web over the past five months in the pursuit of security vulnerabilities which can be exploited.

  • Transparency/Investigative Reporting

    • Tunisian Media Activist Interrogated Over Sources of Leaked Documents

      Tunisian media and human rights activist Sami Ben Gharbia was interrogated for six hours on May 3 by Tunisian authorities who asked him about his role in the release of the presidency’s action plan on a controversial economic reconciliation draft law.

      Upon his arrival at the Central Investigation Brigade of the National Guard in L’Aouina, Ben Gharbia was primarily questioned about the source of the Presidency of the Republic’s leaked action plan lobbying in the law’s favor. He was also questioned extensively about the inner workings of Nawaat, the Tunisian independent media and transparency NGO that he co-founded in 2004.

  • Environment/Energy/Wildlife/Nature

  • AstroTurf/Lobbying/Politics

    • Facebook employs ex-political aides to help campaigns target voters

      On Monday, the company confirmed it employed staff, “whose role it is to help politicians and governments make good use of Facebook”.`

    • NPR Attempts To Undermine WikiLeaks’ Credibility With Deliberate, Brazen Lie

      As if we needed another reason to want the legacy media to die screaming all alone in an ill-reputed nursing home, National Public Radio has just added one more to the planet-sized pile. NPR, which just Wednesday released an anti-WikiLeaks attack editorial disguised as a movie review, has made a deliberate attempt to tarnish WikiLeaks’ 100% perfect record of authentic and accurately-vetted releases by going out of its way to report that the publishing organization had posted nine gigabytes of partially inauthentic documents.

  • Censorship/Free Speech

    • Austrian court rules Facebook must delete ‘hate postings’

      The case – brought by Austria’s Green party over insults to its leader – has international ramifications as the court ruled the postings must be deleted across the platform and not just in Austria, a point that had been left open in an initial ruling.

    • Dear Europe: Please Don’t Kill Free Speech In The Name Of ‘Privacy Protection’

      About a year and a half ago, we wrote about how the new European “General Data Protection Regulation” (GDPR) was potentially very problematic for free speech. That is, well-meaning “data protection” folks wrote up the GDPR, but it appears they did so with little thought towards what the impact might be on free speech. So, specifcally, when they include something like a right to “erasure” for certain information, you can understand, from a privacy standpoint why people may want certain data and information to be deleted from certain databases. But bring that over to the open web, rather than private databases, and you’re talking about a censorship tool around a “right to be forgotten” system.

      To deal with this kind of potential problem, rather than doing the smart thing and fixing and clarifying the GDPR, Europe has left things up to each member country to try to sort things out on their own, and to explore how to set their own data protection rules in a manner that will obey the GDPR but also avoid stomping out free expression. Unfortunately, it’s unclear that many of the states are taking that balancing act very seriously. The UK quietly put up a comments request with all answers due by this Wednesday (and, of course, by the time this all gets sorted out, who’s to say if the UK will even still be in the EU… but…).

    • The UK has now entered a draconian era of porn prohibition

      Helen Lovejoy’s signature Simpsons line can now be used to accurately summarise the latest developments to the government’s Digital Economy Bill. The proposed legislation, which was first introduced to Parliament in July, has always aimed to enforce age verification on pornographic websites so that they cannot be accessed by children under the age of 18. On Sunday, however, new measures were announced; all websites that do not implement age verification will be banned in the UK.

      “The government is committed to keeping children safe from harmful pornographic content online and that is exactly what we are doing,” said Karen Bradley, Secretary of State for Culture, Media and Sport. “Only adults should be allowed to view such content.” The British Board of Film Classification (BBFC) has been appointed to enforce these measures.

    • Cloudflare changes abuse policy but refuses to “censor the Internet”

      Network operator Cloudflare came under fire last week from ProPublica, which wrote a lengthy article arguing that the Internet company “helps serve up hate on the Web.” According to ProPublica, Cloudflare does this by providing service to any website operator and failing to provide anonymity to people who complain about racist or otherwise abusive online content.

      In response, Cloudflare has changed its abuse-reporting system to allow for anonymous complaints. But the company says it still has no intention of taking steps that it says would effectively censor the Internet.

    • China’s New Online Encyclopedia Aims To Surpass Wikipedia, And To ‘Guide And Lead’ The Public

      China certainly has the resources to complete this huge project by 2018, its planned launch date. And once those 300,000 entries are available to “guide and lead the public,” it’s hard not to think that accessing the rival Wikipedia will be made so hard that most people will give up trying, and stick with the new Chinese Encyclopedia. At that point, the Chinese authorities will indeed have created a “Great Wall of culture” to complement that Great Firewall of China, both designed to keep out all those inconvenient ideas.

    • Facebook takes to newspapers to teach UK users how to spot “fake news”
  • Privacy/Surveillance

    • Why Did the Government Search an Artist’s iPhone at the Border?
    • How I Learned to (Mostly) Love Private Internet Access

      I’ve renewed my subscription to Private Internet Access, and intend to continue using the service indefinitely.

    • DHS Boss Drums Up Fear Using The FBI’s Useless Terrorism Investigation Stats

      The problem with swearing on a stack of FBI statements is these assertions are completely meaningless. The FBI’s a well-oiled terrorist-crafting machine at this point, so it can come up with whatever number of ISIS-linked plots is needed to further the agenda of multiple government agencies.

      As for “open terrorism investigations,” it would be much more helpful if the FBI didn’t term nearly everything it does an “investigation,” even when there’s nothing worth investigating. As we’ve covered here before, there are a few different types of investigations the FBI engages in, starting with something that looks a whole lot like an investigation (in terms of information the FBI can obtain), but really isn’t. These “investigations” are called assessments, and it takes almost nothing at all to get one of these underway. Emily Hockett and Michael German of Just Security explain how the guidelines for assessments changed radically after the passage of the FISA Amendments Act in 2008.

    • How to prevent your data from being searched at the US border

      During the past two years, U.S. Customs and Border Patrol has targeted ever larger numbers of travelers’ smartphones and laptops for searches as they cross the border into the country.

      U.S. courts have generally upheld a so-called border search exception to the Constitution’s Fourth Amendment, allowing CBP to search electronic devices without a court-ordered warrant. In April, a group of lawmakers introduced legislation to require warrants to search devices owned by U.S. citizens and other legal residents, but for now, the law allows for warrantless device searches.

    • Supreme Court asked to rule if cops need warrant for cell-site data

      On Thursday, the Supreme Court will meet privately to discuss the controversial privacy question of whether the authorities need a court warrant to force mobile phone companies to divulge their customers’ cell site data. This data shows where you were (according to a cell tower) and when you made a call. This information can paint a canvas of one’s whereabouts, yet it’s not constitutionally protected material because it’s viewed as an ordinary business record held by the telcos. Courts have largely interpreted this to mean that the authorities can get the data without probable-cause court warrants.

    • Facebook is abusive. It’s time to divorce it

      Every relationship has its rough edges, places where actions scrape, and through constant repetition, rub raw. Those tender spots can heal if left alone and if the parties are wiling to listen. But where the irritation continues, this raw spot becomes a wound that never closes, forcing a choice between continuing pain and a painful separation.

      It all began so promisingly with Facebook. Back in 2007 it presented itself as the social calendar of America’s elite universities. That Ivy League allure made it irresistible to the students at America’s second-and-third-tier colleges, so as Facebook lowered its velvet rope, millions, then tens of millions crowded in.

      [...]

      Yet Netscape (and Microsoft, which eventually triumphed against the upstart) never provided the server infrastructure to host those pages – a skill far beyond the average Web surfer. So the promise of a Web built by everyone for everyone got lost in the rush to a commercial Web favouring browsing and buying over creating and sharing.

      When Facebook came along, offering a free and easy-to-use outlet for a decade’s pent-up demand to share, of course we leapt at it, signing on the dotted line without bothering to read the fine print. The devil’s in those details.

      [...]

      People have to be convinced of the need to change before they’ll move on. But if what we know now is insufficient to inspire a transition away from Facebook, what will it take?

      Someone I know recently packed all of his earthly belongings into his sedan, then shared the photo. Sixteen years of marriage had ended, and he had to begin again. Although he felt sad and lonely, things could not go on as they had, and he took this for a new beginning, a time to heal old wounds. We can change, he seemed to be saying. We just have to be willing to try.

    • Using your personal data is now second nature for politicians

      Politicians and electioneers are betting big that at this general election, your data is going to be more important than ever when it comes to swaying your vote in their favour.

      We are undoubtedly well into the “big data” age. The amount of information we create and make available about our daily lives is growing exponentially. Businesses, governments and other organisations are becoming increasingly adept at analysing it to learn about us, predict our behaviour and sell us things.

    • Actually, Congress Did Undermine Our Internet Privacy Rights

      Don’t listen to the telecom lobby. Congress’ vote to repeal the Federal Communications Commission’s (FCC) broadband privacy rules has a profound impact on your online privacy rights.

      According to those who supported the repeal, the rules never took effect (they were scheduled to do so throughout 2017), so the repeal doesn’t change anything. You hear it from the likes of AT&T as well as lawmakers like Senator Jeff Flake (R-AZ), the author of the legislation who was asked about it at a recent town hall. You are hearing it now in state legislatures that are working diligently to fix the gap Congress created.

      But that argument is meant to distract you from the real issue – you had a legal right to privacy from your broadband provider, and when Congress repealed the broadband privacy rules using the Congressional Review Act (CRA), Congress diminished that right and may have hamstrung the FCC from enforcing it in the future.

    • EFF, Sen. Anderson Sponsor California License Plate Privacy Legislation

      The Electronic Frontier Foundation (EFF) and Sen. Joel Anderson (R-Alpine) have introduced a California bill to protect drivers’ privacy by allowing them to cover their license plates while parked to avoid being photographed by automated license plate readers (ALPRs).

      The legislation will be considered by the California Senate Transportation and Housing Committee on Tuesday, May 9, 2017. EFF Investigative Researcher Dave Maass will testify as a witness in support of the bill.

    • California: Let’s End Unchecked Police Surveillance

      Police should not have unilateral power to decide which privacy invasions are in the public interest.

    • California cop union opposes new bill that would thwart license plate readers

      If the Electronic Frontier Foundation and a San Diego-based Republican state senator have their way, it will soon become legal for Californians to cover their license plates while parked, as a way to thwart automated license plate readers.

      Those devices, now commonly in use by law enforcement nationwide, can capture license plates at a very high rate of speed, as well as record the GPS location, date, and time that a particular plate is seen. Those plates are then run against a “hot list” of stolen or wanted cars, and a cop is then alerted to the presence of any vehicle with match on that list.

    • Community Control of Police Spy Tech in Oakland

      Oakland could become the next community in California to adopt an open and rigorous vetting process for police surveillance technology.

      All too often, government executives unilaterally decide to adopt powerful new surveillance technologies that invade our privacy, chill our free speech, and unfairly burden communities of color. These intrusive and proliferating tools of street-level surveillance include drones, cell-site simulators, surveillance cameras, and automated license plate readers.

    • Analyzing a counter intelligence cyber operation: How Macron just changed cyber security forever

      Remember: We don’t know much at this stage, so this post has a lot of assumptions.

    • Egypt could start ‘charging people to use Facebook’ as part of restrictive anti-terror bill

      Two separate bills submitted to parliament last month include measures such as linking accounts to users’ national identification numbers to create a user database, charging registration fees when signing up for accounts, and establishing an Egypt-only Facebook-style platform.

    • Using Ultrasonic Beacons to Track Users
    • [Older] US to seek social media details from certain visa applicants

      The department, in a notice published Thursday in the Federal Register, said it was seeking public comment on the requirement. But it also said it is requesting a temporary go-ahead from the White House budget office so the plan can take effect for 180 days, beginning May 18, regardless of those comments.

      [...]

      Affected applicants would have to provide their social media handles and platforms used during the previous five years, and divulge all phone numbers and email addresses used during that period. U.S. consular officials would not seek social media passwords, and would not try to breach any privacy controls on applicants’ accounts, according to the department’s notice.

  • Civil Rights/Policing

    • US device searches at borders ignite resistance
    • Christian governor of Jakarta found guilty of blasphemy for saying Muslims should vote for him

      Governor ‘Ahok’ Purnama had said people were being deceived if they believed the Quran forbids Muslims from voting for non-Muslims

    • [Older] Nigeria, Italy partner on human trafficking – Envoy

      The Italian Ambassador to Nigeria, Fulvio Rustico, says his country is ready to partner with Nigeria to combat the menace of human trafficking.

    • Trudeau must help Saudi blogger Raif Badawi: Amnesty

      In an open letter released on Wednesday, the human rights group said Ottawa must “renew and intensify efforts” to push Riyadh to free Badawi, who was arrested almost five years ago, on 17 June 2012.

    • Iran minister warns Saudi Arabia after ‘battle’ comments: Tasnim
    • Prosecutor says defendants in genital mutilation case also committed sex crime

      The trio is charged with multiple crimes stemming from violation of that law, as well as claims they made false statement and attempted to tamper with witnesses during the investigation.

    • Rave hospitality, but Indonesia fails West Papua with media freedom hypocrisy

      As director of the Pacific Media Centre taking part in the Southeast Asian Consultative Roundtable on a Special Mechanism for the Protection of Safety of Journalists, I raised a plenary question about the “silence” over West Papua violations and got an informative answer from Atnike Sigiro of Forum Asia.

      But then back to the silence.

    • Public Defenders Continue To Fight Back Against California’s Broken Case Management Software

      In California, the future of criminal case management is now. But the future appears to be broken, and “now” is looking much worse than the recent past. Odyssey is the state’s buggy new case management software — one that’s been keeping people from being released, putting people with dismissed charges in jail, and otherwise making the criminal justice system even more horrible than usual. Tyler Technologies, the creator of the software, has called this transition “challenging.” (It’s also called this rolling cockup a “transition,” so…)

      [...]

      At this point, being booked in Alameda County is to be forcibly subjected to a malfunctioning criminal justice slot machine. Maybe it will pay off for a few people, but the odds are still on the house. A system that’s already largely broken doesn’t need assistance from outside vendors’ buggy software.

    • The Incarceration of Japanese-Americans 75 Years Ago Reminds Us That Our Freedoms Are Fragile

      Seventy-five years ago, President Franklin Roosevelt issued Executive Order 9066. While the order avoided naming any particular ethnic group, the president and his advisers intended it to target Japanese-Americans. Military officials “evacuated” Americans of Japanese ancestry to “relocation centers.” One hundred and twenty thousand men, women, and children had just days to divest themselves of all they owned — their homes, farms, and businesses — and take only what they could carry to far-flung prison camps from Arkansas to California. For years afterward, people like my grandmother Bette Takei (née Sato), were forced to live behind barbed wire, under the gaze of armed guards.

    • ‘Throw her in!’ Shocking moment an elderly woman is body slammed to the ground and hurled into a swimming pool along with her dog after she asked rowdy teens to turn down the noise

      A shocking video shows a man body slamming an elderly woman to the ground before hurling her into a swimming pool.

      The unidentified woman, who was walking her two dogs, appeared to be asking a group of pool party-goers to turn down their music.

      As she approaches the group of people, who are believed to be in their late teens or early 20s, a woman is heard in the background yelling: ‘Throw her in!’

    • Taser/Axon Separating Defense Lawyers From Body Camera Footage With License Agreements

      Taser Inc.’s quiet takeover of evidence generation and storage — through extensive body camera offerings — was put on public display when the company rebranded as Axon. The company was willing to give away cameras in exchange for something far more lucrative: software licensing and footage access fees in perpetuity.

      Axon even nailed down a choice URL: Evidence.com. This is the portal to law enforcement body camera footage stored in Axon’s cloud — the real moneymaker for Axon. The cameras are just the gateway drug.

      [...]

      The EULA may be boilerplate, but the situation is anything but normal. Horowitz doesn’t care much for the fact that Axon’s storage of court records and discovery documents is controlled solely by Axon by forcing users to waive a great deal of their rights in exchange for access.

    • House Subcommittee Passes Police-Protecting ‘Thin Blue Line’ Bill

      There’s no shortage of existing laws protecting law enforcement officers. So, of course, there’s no shortage of new legislation being introduced to further protect a well-protected subset of government employees. Using a nonexistent “War on Cops” as impetus, legislators all over the nation are submitting bills designed to make harming a cop more of a crime than harming anyone else.

      This isn’t just happening at the state level. Last year, Colorado representative Ken Buck introduced a federal “Blue Lives Matter” law, which would have turned attacks on cops into “hate crimes.” The bill is a ridiculous extension of protection to officers who aren’t in any more danger than they were a decade ago, histrionic statements by various federal officials notwithstanding.

  • Internet Policy/Net Neutrality

    • John Oliver tackles net neutrality again, crashes FCC comments site—again

      Comedian John Oliver has once again asked his viewers to fight on behalf of net neutrality, and the Federal Communications Commission website wasn’t able to handle the immediate influx of angry comments.

      On HBO’s Last Week Tonight, Oliver yesterday announced a new URL, gofccyourself.com, that redirects to the FCC proposal to eliminate net neutrality rules. (Clicking “Express” is the easiest way to submit a comment.) The comments website promptly crashed, making it difficult or impossible to file comments last night and this morning. The comments site has started working, but only intermittently.

    • A John Oliver Net Neutrality Rant Has Crippled The FCC Website A Second Time

      Back in 2014, you might recall that John Oliver’s HBO show “Last Week tonight” aired an outstanding piece on net neutrality. In it, Oliver compared then FCC boss Tom Wheeler to a dingo, explained why a neutral internet was important, and trashed much of the flimsy logic giant ISPs like Comcast use to consistently justify anti-competitive behavior. The piece was so immensely successful at explaining an incredibly complicated and relatively wonky subject, it drove a record number of annoyed consumers to the FCC commenting website — where they demanded the FCC step up and defend the open internet.

    • Net neutrality protestors leave messages on doors in FCC chairman’s neighborhood

      On Sunday, protesters from the Protect Our Internet campaign went around Pai’s neighborhood in Arlington, Virginia, and distributed door hangers at nearby homes, prompting people to be aware of their neighbor’s efforts to limit internet freedom. The flyers feature a black-and-white photo of Pai, along with a short description of the chairman’s background and how his proposal would roll back open internet rules.

    • John Oliver pleads with viewers to revive net neutrality fight

      The net neutrality fight is unfortunately back, and just as he did three years ago, comedian John Oliver has devoted a segment of his show Last Week Tonight to call out the importance of the open internet and encourage viewers to comment on the new proposed rules.

    • Ajit Pai on whether your comments on net neutrality could change the FCC’s mind about repealing Title II: “We have an open mind”
    • Comcast and Charter agree not to compete against each other in wireless

      It’s no secret that big cable companies don’t like to compete against each other, as it’s more profitable to be the only company in town than to build networks in places already dominated by another cable provider.

    • Oracle backs FCC’s net neutrality rollback

      Oracle voiced support on Friday for Federal Communications Commission (FCC) Chairman Ajit Pai’s controversial plan to roll back the agency’s net neutrality rules.

    • Why the Next 10 Days Are Critical to the Internet’s Future

      The February 2015 milestone was a major victory for those who believe the Internet is a global public resource that belongs to all users, not select corporations. The order meant individuals were free to say, watch and make what they want online, without meddling or interference from Internet service providers. It was good news for business owners, web developers, entrepreneurs and anyone who streams, clicks and creates content online.

  • Intellectual Monopolies

    • Copyrights

      • NO, Kodi Users Are Not Risking Ten Years in Prison

        UK tabloids including The Mirror, Daily Mail, The Sun and The Express are reporting that people watching Kodi streams risk ten years in jail. Despite that being a false claim spawned from a click-bait agenda, dozens of other publications sadly followed up by reporting the same ‘news’. Today, the Sunday Express upped the stakes by reporting that TorrentFreak readers could be going to prison too.

      • The WIPO Broadcasting Treaty Would be a Body Blow for Online Video

        This week EFF is in Geneva, at the Thirty-Fourth session of the Standing Committee on Copyright and Related Rights (SCCR) of the World Intellectual Property Organization (WIPO), to oppose a Broadcasting Treaty that could limit the use of video online. Ahead of this meeting, word was that delegations would be pushing hard to have a diplomatic conference to finalize the treaty scheduled at WIPO’s October Assembly. In combination with initial uncertainty about whether the new United States administration would be maintaining its opposition to a diplomatic conference, we knew that it was important for EFF to be there to speak up for users.

        The Broadcasting Treaty proposal simply doesn’t make sense. It proposes to create a new layer of rights over material that has been broadcast over the air or over cable, in addition to any underlying copyrights over such material. Such rights would increase the cost and complexity of licensing broadcast content for use online, and create new and artificial barriers to the reuse of material that isn’t protected by copyright at all, such as governmental and public domain works.

      • Trump administration to Supreme Court: Don’t hear EFF “Dancing Baby” case

        The Electronic Frontier Foundation’s “Dancing Baby” copyright case has been going on for nearly a decade now in one way or another, and its last stop will be the US Supreme Court.

        On Thursday, though, the US solicitor general and the US Copyright Office recommended against the court taking the case. That increases the chances the 9th Circuit ruling from last year, which was a mixed bag from EFF’s point of view, will stand and remain law.

        “The court of appeals correctly held that liability under the DMCA requires actual knowledge or willful blindness,” state the government lawyers in their brief (PDF).

      • Appeals Court Won’t Help Megaupload User to Get His Files Back

        The Appeals Court has denied a request from former Megaupload user Kyle Goodwin to intervene on his behalf. The sports videographer has been trying to get his files back for years and hoped to force a decision from the District Court, but this has proven unsuccessful. As a result, his files will remain under lock and key.

      • US Court Orders Registries to Seize Control of ‘Pirate’ Domains

        One of the tactics employed by ABS-CBN is targeting the domains of ‘pirate’ sites. On several occasions, the TV outfit has found courts willing to step in with ex parte orders, based on allegations of copyright and trademark infringement.

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts