EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

02.20.15

Lenovo’s Superfish Scandal is Spyware on Top of Spyware (Microsoft Windows), the Problem is Inherently Proprietary Software

Posted in Microsoft, Security at 8:55 pm by Dr. Roy Schestowitz

Summary: Shifting focus to the root problem, which is neither Lenovo nor its laptops but the non-free programs installed on hardware

WHEN it was revealed that governments had constructed Stuxnet to sabotage computers almost all reporters refused to call out Windows, despite Stuxnet being exclusive to Windows. The same is happening right now in relation to Superfish. We posted links to a lot of articles about it (see our daily links for about a dozen) and none of them bothered reporting the fact that only clients of Microsoft (the NSA’s ally) were affected. Having watched dozens of articles about it we can say that almost not a single article emphasised that it only affects Windows. Lenovo says it didn’t know about it and given the shadowy background of Superfish (its CEO came from the surveillance complex) it’s possible that Lenovo was tricked or bribed into installing this back door.

“Lenovo’s ThinkPads, which originally came from IBM, are famously GNU/Linux-friendly.”The CBS-owned ZDNet has Microsoft booster Mary Branscombe spinning that Superfish scandal to even imply that people should “love Windows”. Well, at least she points out that it’s a Windows issue, albeit that’s not her intention (she is just a Microsoft mouthpiece seeking to divert blame).

Robert Pogson responded to Branscombe by stating:

I recommend everyone switch to GNU/Linux. It’s easy. Demand your local retailers sell them. Shop online for a GNU/Linux PC. Heck, install it yourself. Heck, you can even get that other OS to start the process. I recommend Debian GNU/Linux, software that works for you, not some corporation with the morality of a snake. The beauty of it is that the licence you get with the downloads includes the right to examine, modify and distribute the software, so you can cut out all that third-party crapware, if there were any. Debian doesn’t bother attaching crapware to PCs it doesn’t sell…

It’s not just that. Windows, with or without crapware, has back doors. GNU/Linux hasn’t. Free software is essential for those who pursue real computer security, as opposed to so-called ‘national security’.

Here is the statement that the FSF has just made about it (hours ago):

Security experts have discovered a highly threatening vulnerability in software preinstalled on some Windows computers manufactured by Lenovo through January 2015. Extreme negligence on the part of Lenovo and unscrupulous programming by its adware partner Superfish seem to have caused the vulnerability.

The FSF does point out that it’s a “Windows computers” issue. Well, there is no such thing as “Windows computers”, as such computers can have Windows wiped and GNU/Linux installed instead. Lenovo’s ThinkPads, which originally came from IBM, are famously GNU/Linux-friendly.

Benoît Battistelli Once Again Threatens EPO Staff That ‘Dares’ to Protest, Battistelli Exploits Terror Attacks to Pretend to Respect Free Speech

Posted in Europe, Patents at 8:43 pm by Dr. Roy Schestowitz

Terrorising his own staff

Benoit Battistelli

Summary: The European Patent Office (EPO) President, Benoît Battistelli, reportedly started threatening — as before — staff that decides to exercise the right to assemble and protest against abuses, including the abuses of President Battistelli himself

AS just about everyone in the EPO ought know by now, the British Consulate is about to find itself besieged by EPO staff (potentially thousands of staff) who will be there to protest an attack by non-scientists on the great scientists who work as examiners for the most part [1, 2]. These people are highly skilled (many have doctorate degrees and a long track record in their field), so they shouldn’t be taken for fools or radicals. Au contraire — these people can very easily recognise tyranny and injustice. They are eager to react to that even at personal cost or high risk. Greed does not motivate them to the degree that it motivates empty suits like Battistelli, who now surrounds himself in a crowd of bodyguards and other 'protection'/thugs (this so-called ‘security’ is costing taxpayers a lot of money and speaks volumes about paranoia or megalomania). Battistelli acts like a politician, not a manager. He leads by wielding fear and censorship, not charisma. It’s no wonder given his right-hand man. No wonder top staff is leaving over time. It is a long charade of embarrassments that only gets worse as time goes by, whilst managers get labeled “Putin” because they show arrogance and run a witch-hunt against staff, not vice versa.

“It is a long charade of embarrassments that only gets worse as time goes by, whilst managers get labeled “Putin” because they show arrogance and run a witch-hunt against staff, not vice versa.”According to some of these latest comments, Battistelli “had just issued a letter/threat to staff, directed at SUEPO Munich committee, that if there is a march to the British consulate next week, the organisers will be disciplined. So much for free speech. Is this his response to the Dutch court?”

This is a reference to the Dutch court's decision that we covered a couple of days ago. Quote from the message: “Those who take an active role in its organisation must know they ate infringing the standards of conduct expected from international civil servants. Should the planned demo actually take place, this would constitute a breach of the applicable legal framework and those concerned will be held liable for the beach of their obligations under the EPC and the Service Regulations.”

Actually, the rights of workers include the right to protest. In the face of tyranny, as in this case, protest is very much necessary. The rules imposed by Battistelli are seen as illegitimate at this stage. They’re designed to sustain his power, nothing else. It’s essential to demonstrate for justice and democracy — of which Battistelli is a sworn opponents, based on both actions and vain words.

“Well,” said one anonymous person, “I had been pondering whether or not to participate in the demonstration on 25 February, midday. BB [Benoît Battistelli] has just made up my mind for me: I’ll definitely be there to exercise my democratic rights (even in the unlikely event that I should be the only one there!)”

Another quote-worthy comment: “BB announces that any employee involved in organising a demonstration outside the UK Consulate in Munich will be “disciplined”. Do I see it right, that it is the act of organising that requires discipline (rather than the act of demonstrating)?

“I recall another regime that began its reign of discipline by going after union organisers. I wonder, how long is the AC going to continue to sit on its hands.”

Benoît Battistelli is digging himself deeper in the thin ice, to reuse a metaphor which was used the other day.

Battistelli has become a horrible pretender because only days ago, following the protest against an outpost of Denmark in Munich (targeting the AC, headed by Battistelli's mate) [1, 2, 3, 4], Battistelli published this in the EPO Web site:

Last week-end was marked by yet another tragic event in Europe as Denmark has been the victim of terrorist attacks in the centre of Copenhagen.

I am joined by the staff of the European Patent Office in expressing full solidarity with the Danish people. Europe is based on values among which freedom of expression and liberty are the most essential.

We must not be afraid, assume our responsibilities and stay united to reject these attempts against the basis of our plural society.

Benoît Battistelli

Well, what an unbelievable hypocrite, attacking free speech while claiming to defend it and squeezing terror attacks for his own spin.

“If 1000 staff members show up for that demonstration,” writes one person, “it will be very difficult to apply diciplinary [sic] actions. This situation is not sustainable, Examiners get on the baricades [sic] and walk for a more democratic organisation.”

Another person writes: “There must be a huge turnout at the GB consulate. As many staff, and Munich based attorneys, as possible. Strength in numbers. Enough with this authoritarian rubbish.”

Finally, said another person several hours ago: “I don’t live in Munich but this attempt to stop a fully democratic demonstration is so mind-bogglingly unacceptable that I think I shall take the day off and travel to Munich to be at the demo. Time for a strong signal, methinks.”

The more people attend to protest, the more trouble the tyrant will be in, not the staff. It’s collective strength.

“Staff at the European Patent Office went on strike accusing the organization of corruption: specifically, stretching the standards for patents in order to make more money.

“One of the ways that the EPO has done this is by issuing software patents in defiance of the treaty that set it up.”

Richard Stallman amid 2008 EPO protests

Links 20/2/2015: Android Studio v1.1, GDB 7.9

Posted in News Roundup at 8:23 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Linux-based desktops work despite Windows app prevalence

    With so many devices already based on Linux — Android devices and Chromebooks, to name a few — it makes sense for some companies to consider virtual and cloud-hosted Linux desktops. Windows applications are a hurdle, however.

  • Desktop

    • Desktop */Linux Trends In Canada

      Now that we’ve pretty well figured out that the huge “Unkown” thing in StatCounter‘s “desktop” OS category is closely related to Android/Linux, this graph makes sense. Some people in Canada are hooking up Android/Linux systems to big screens. GNU/Linux is growing pretty well, not explosively, but definitely breaking out of the ~1% doldrums. ChromeOS is on a plateau, probably because schools just buy once or twice per annum. It’s all good. The grand total? 2.6%. It’s not wonderful but a far sight better than a year ago and this time GNU/Linux seems to be going places steadily. We have product/salesmen/promoters doing the job, finally. The growth in share is small, but this is a measure of a considerable rate of change of shipments/units/migrations on top of a huge installed base of PCs.

    • Why you should consider cloud-hosted Linux desktops

      With all the licensing troubles that can come with hosting Windows desktops in the cloud, some companies — and vendors — are looking to Linux operating systems instead.

      VMware plans to offer a Horizon View client for Linux, and Horizon DaaS, formerly Desktone, has had a hosted Linux option for years. Citrix is planning a similar strategy for XenDesktop and XenApp with Linux Virtual Apps and Desktops. These two big-name virtualization vendors putting attention on Linux shines a spotlight on the OS.

  • Server

  • Kernel Space

    • Demand for Linux developers on the rise

      The demand for Linux developers has jumped seven percent in comparison to last year, a study has shown.

      The 2014 Linux Jobs Report shows that hiring managers at tech-powered companies are focusing more attention on Linux talent, and that’s reverberating in the market, with stronger than average salary increases to those working with the OS.

      Dice and The Linux Foundation surveyed both hiring managers and Linux talent to gain a 360-degree view of the thriving jobs landscape, and here’s what they found.

    • Intel Quark SoC x86 Platform Support For Linux 3.20/4.0?

      Ingo Molnar has asked Linus Torvalds to pull the x86 platform support for Intel Quark SoC systems for the Linux 3.20/4.0 kernel.

    • Code Merged This Week For Linux 3.20/4.0 Is Just As Exciting As Last Week

      Last weekend I covered the changes so far for the next kernel release, which will be called either Linux 3.20 or Linux 4.0 depending upon Linus Torvalds’ end decision. This week more exciting code has landed.

    • Why All Linux (Security) Bugs Aren’t Shallow

      Zemlin quoted the oft-repeated Linus’ law, which states that given enough eyes all bugs are shallow. That “law” essentially promises that many eyes provide a measure of quality and control and security to open source code. So if Linus’ law is true, Zemlin asked, why are damaging security issues being found now in open source code?

    • Linux clockpocalypse in 2038 is looming and there’s no ‘serious plan’

      The year 2038 is still more than two decades away, but LWN.net editor and longtime Linux kernel chronicler Jon Corbet believes software developers should be thinking about that date now, particularly in the Linux world.

      Corbet raised the issue at his annual “Kernel Report” talk at the Linux Foundation Collaboration Summit in Santa Rosa, California this week. “Time to start worrying,” he said.

      The issue is similar to the dreaded Y2K bug, in that a longstanding deficiency in the way some computers record time values is due to wreak havoc in all manner of software, this time in 2038.

    • Graphics Stack

      • It Could Be A While Before Seeing The Tamil GPU Driver Code

        While the Tamil driver is moving along for open-source ARM Mali T-Series graphics support, it could be a while before seeing the actual source code.

        Luc Verhaegen presented at FOSDEM a few weeks back about his work on Tamil, the Lima driver project’s work on supporting the newer ARM Mali T-Series GPUs found on various SoCs. While Luc showed off some demos and is working towards a Tamil Mesa driver, the code hasn’t yet been opened up.

  • Applications

  • Desktop Environments/WMs

    • Xfce 4.12 Should Be Released in One Week, at the End of February

      After several emails between Xfce developers and numerous delays, it appears that the highly anticipated Xfce 4.12 desktop environment will finally be released at the end of February 2015, in the last weekend, most probably on March 1, if nothing goes wrong.

    • Xfce 4.12 Is Still Planned For Release In One Week

      Earlier this week we wrote about plans for Xfce 4.12 to finally be released and that it was being targeted for the end of February. Unlike failed Xfce 4.12 plans of the past few years, it looks like this release will actually pan out in one week’s time.

    • GNOME Desktop/GTK

      • Using play/pause buttons in Chrome with GNOME 3

        I wrote a post last summer about preventing Chrome from stealing the media buttons (like play, pause, previous track and next track) from OS X. Now that I’m using Linux regularly and I fell in love with Google Play Music All Access, I found that GNOME was stealing the media keys from Chrome.

        The fix is quite simple. Press the SUPER key (Windows key or Mac Command key), type settings, and press enter. Click on Keyboard and then on the Shortcuts tab. You should now see something like this.

  • Distributions

    • Reviews

      • Bodhi Linux 3.0.0 Released – Detailed Review and Installation Instructions

        Bodhi GNU/Linux is a Ubuntu-based distribution designed especially for Desktop computing and is best known for its elegant and lightweight nature. The Distribution philosophy is to provide a minimal base system that can be populated with the applications as per user’s choice. The base System only include those applications which are essentially required viz., ‘Etecad‘ File Manager, ‘Midori‘ web browser, ‘Terminology‘ terminal emulator, ePhoto and ePad. Apt or AppCenter can be used to download and install lightweight applications in one go.

    • New Releases

      • LinHES 8.3 Finally Makes the Switch to Kodi, Includes MythTV 0.27.4

        Cecil Watson, the developer of the LinHES (formerly KnoppMyth) GNU/Linux Live operating system designed especially to be used as a home entertainment system, proudly announced the immediate availability for download of LinHES 8.3 (Lorne Malvo), a release that introduces a new Linux kernel, as well as updated Nvidia drivers and core components.

    • Red Hat Family

      • Red Hat: Open Source ARM Platform Gets Closer to Prime Time

        Red Hat’s (RHT) investment in ARM hardware is heating up. This week, the company announced that more than 35 hardware and software companies have joined its ARM Partner Early Access Program, and that it expects its partners to begin delivering ARM software and drivers to the open source community starting now.

      • Fedora

        • New features in Fedora 22 Workstation.

          Matthias Clasen recently posted some updates on the Fedora development list about new features in Fedora 22 Workstation. As you may know, we’re getting ready to issue an Alpha, so it’s a great time to try out these changes.

    • Debian Family

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu 14.04.2 LTS Arrives with Linux Kernel 3.16

            Canonical announced that Ubuntu 14.04.2 LTS (Trusty Tahr), the second point release for the latest LTS branch, has been released and is now available for download.

          • Locally Integrated Menus (LIM) Set As Default In Ubuntu 15.04 Vivid Vervet

            After getting an option to always show the menus as well as global menu (Appmenu) support for Java Swing applications, yet another menu-related change has landed in Ubuntu 15.04 Vivid Vervet: locally integrated menu (LIM) is now the default menu.

          • Wayland/Weston 1.7.0 Make It For Ubuntu 15.04

            While Canonical remains committed to Mir as the future display server technology for Ubuntu Linux both on the desktop and for mobile devices, the upcoming Ubuntu 15.04 release does have the latest Wayland/Weston 1.7 support too.

          • Flavours and Variants

            • Kubuntu 14.04 LTS Update Out

              The second update to our LTS release 14.04 is out now. This contains all the bug fixes added to 14.04 since its first release in April. Users of 14.04 can run the normal update procedure to get these bug fixes.

            • Kubuntu 14.04.2 LTS Officially Released, Users Can No Longer Upgrade to Plasma 5

              Kubuntu 14.04.2 LTS (Trusty Tahr), a Linux distribution based on Ubuntu that uses the KDE desktop environment, has been released and is now available for download.

            • Edubuntu 14.04.2 LTS Has Been Officially Released

              Along with the release of Ubuntu 14.04.2 LTS (Trusty Tahr) GNU/Linux computer operating system, as announced by Adam Conrad on behalf of Canonical, the Edubuntu team was also proud to announce earlier today, February 20, the immediate availability for download of Edubuntu 14.04.2 LTS, a release that includes new kernel and graphics stacks.

            • Elementary OS 0.3 Freya Beta 2 : Video Overview and Screenshot Tours

              Elementary OS 0.3 Freya Beta 2 has been released by Elementary OS Team, based on Ubuntu 14.04 LTS and featuring with pantheon desktop environment, it comes with various User Interface improvements, UEFI/SecureBoot support, better and more discoverable multitasking, updated 3rd party apps (including Geary, Simple Scan, Document Viewer & more), Updated development libraries (including Gtk 3.14), Security and Stability improvements, tons of stylesheet and icon changes and fixes along with other interesting changes as well as almost 600 bug fixes.

  • Devices/Embedded

    • Raspberry Pi, oh my: From classrooms to the space station

      Well, this is starting to look sort of like “Jamie’s Mostly Raspberry Pi Stuff”, but that’s not intentional. There are just a lot of interesting things going on with the RPi at the moment, so that’s where I seem to be spending a lot of my time right now.

      The big news, of course, was the announcement and immediate availability of the Raspberry Pi 2 hardware two weeks ago. The new hardware needs updated software to really make the most of its capabilities, so there was also a new Raspbian and NOOBS release (1.3.12) made at the same time.

    • GDB 7.9 released

      Release 7.9 of GDB, the GNU Debugger, is now available via anonymous FTP. GDB is a source-level debugger for Ada, C, C++, Objective-C, Pascal and many other languages. GDB can target (i.e., debug programs running on) more than a dozen different processor architectures, and GDB itself can run on most popular GNU/Linux, Unix and Microsoft Windows variants.

    • Phones

Free Software/Open Source

  • Facebook benefits from formalising management of open source

    Facebook is now contributing more to external open source projects and keeping closer tabs on its own open source efforts

  • Facebook Picking Up the Pace on Its Open-Source Code Journey
  • Bind Exploit Closed in Ubuntu 14.10

    Canonical has announced that a Bind vulnerability has been found and fixed for Ubuntu 14.10, Ubuntu 14.04 LTS, Ubuntu 12.04 LTS operating systems.

  • Pivotal pivots to open source and Hortonworks

    A few days ago Pivotal made three major announcements: the creation of a Big Data Product Suite, a partnership with Hortonworks and the launch of an ‘Open Data Platform’.

  • INTERVIEW: TIM O’REILLY

    There are many memorable quotes attributed to Tim O’Reilly. Which isn’t surprising. He’s been talking for decades about open data, the internet and the direction technology is taking us. Like Arthur C Clarke, much of what he’s predicted, talked about and written has proven incredibly judicious. He popularised the ideas behind ‘Web 2.0’, as well as the incoming wave and impact of social media. He believes in an open government and that the internet will become a global brain of networks and things.

  • Enterprise Software Giants Live In An Open Source World

    A decade ago now, I was recruited by ZDNet to launch a blog about open source software.

    At the time, the concept was controversial. Proprietary giants like Microsoft (NASDAQ:MSFT) and IBM (NYSE:IBM) argued that open source was insecure, that the business model would not work, that it would destroy the enterprise software space, that they couldn’t make money with it.

    One decade on and it’s clear what has happened. Google’s (NASDAQ:GOOG) (NASDAQ:GOOGL) Android dominates the consumer space, and those who advocate proprietary models would claim it proves their point. Android OEMs don’t make money, while Apple (NASDAQ:AAPL), with its proprietary model, is making a fortune.

  • Pivotal Open Sources Their Big Data Suite
  • Untangling the intense politics behind Node.js

    The news that broke at the Node Summit last week — that Joyent and others are proposing to create a Node.js Foundation — came as no surprise to anyone who has been watching the controversy around everyone’s favorite server-side JavaScript platform. It’s been clear for a while that Node.js has outgrown its roots and become an important structural tool for the software industry.

    Node.js’s hosts at Joyent didn’t plan for this — the code had been an employee project rather than a strategic investment. While Node.js is an important part of Joyent’s operations, it’s not a key product for the company, which has certainly spent far more to host it than it has received in business value as a pioneer of container-based cloud deployment. Joyent deserves credit for acting responsibly and maintaining its commitment as steward, despite the intense interest — and fierce political intrigue — in which it found itself.

  • Node.js fork JXcore goes open source, aims for mobile developers

    With all the noise surrounding the Io.js variant of Node.js, it’s easy to forget about another Node fork that’s been quietly percolating: JXcore. Last year it added multithreading (sort of) and the ability to turn Node apps into stand-alone executables — but at the cost of JXcore being a closed source project.

  • ONF launches open source community to bolster SDN software development

    The Open Networking Foundation (ONF) has announced the launch of an open source software community and code repository aimed at consolidating and accelerating development efforts around software and solutions that take advantage of software defined networking.

  • Web Browsers

    • Mozilla

      • Mozilla Firefox 36 Will Bring Support for HTTP/2

        This just got in: Mozilla Firefox 36.0 will bring support for the brand-new HTTP/2 protocol, according to the official release notes from the last Beta version of the web browser. HTTP/2 will enable a faster, more responsive, and more scalable Web.

  • SaaS/Big Data

    • PLUMGrid Offers Virtual SDN Sandbox for Testing OpenStack Concepts

      There are lots of IT adminstrators out there wrestling with sticky issues as they pursue OpenStack deployments, and many of them say that they simply need to experiment with security and stabiity before rolling out mission-critical applications. Enterprises simply don’t want to trust a cloud platform and move apps and data to the cloud without having full platform confidence.

    • Q&A: MapR Technologies’ Tomer Shiran on Hadoop, Myriad, Apache Drill, and Data Analytics

      Recently, MapR Technologies, focused on Hadoop and Big Data analytics, has been out with some interesting announcements that we covered. We wrote about Myriad, an open source project focused on consolidating big data with other workloads in the datacenter, in this post. And we covered the latest release of the MapR Distribution including Hadoop in this post.

  • Oracle/Java/LibreOffice

    • LibreOffice 4.3.6 “Still” Is Out with 110 Fixes

      The Document Foundation announced the release of LibreOffice 4.3.6, which is a new maintenance version in this branch of the famous office suite.

    • Creating Forms for Easy LibreOffice Database Entry on Linux

      The LibreOffice suite of tools includes a very powerful database application ─ one that happens to be incredibly user-friendly. These databases can be managed/edited by any user and data can be entered by anyone using a LibreOffice-generated form. These forms are very simple to create and can be attached to existing databases or you can create both a database and a form in one fell swoop.

  • Business

    • Pentaho’s Open Source Background Keeps It Flexible in a Changing Marketplace

      Enabling customers to ride the waves of tech trends is a big part of Pentaho Corporation’s business approach, said the tech company’s Vice President of Product and Solutions Marketing, Donna Prlich, during a live interview on theCUBE. With a new technology emerging every day, Prlich explained, it’s essential for customers to be flexible without sacrificing their ability to “get value from Big Data.”

  • FSF/FSFE/GNU/SFLC

    • GDB 7.9 Brings Improvements To The Python Scripting API

      Today’s release of GDB 7.9 brings many improvements to the Python scripting API, compilation and injection of source code into the inferior with GCC 5.0+, resume improvements, hardware watchpoint support on GNU Hurd x86, MIPS SDE target, and a number of new commands.

    • Tell Lenovo: respect user freedom and prevent future Superfishes

      Security experts have discovered a highly threatening vulnerability in software preinstalled on some Windows computers manufactured by Lenovo through January 2015. Extreme negligence on the part of Lenovo and unscrupulous programming by its adware partner Superfish seem to have caused the vulnerability.

  • Public Services/Government

    • Visegrad countries and Bulgaria compare eGovernment practices

      Best practices in the implementation of eGovernment services by public administrations in Bulgaria will be compared with those in the Visegrad countries – the Czech Republic, Hungary, Poland and Slovakia, at a workshop in Sofia on 26 February. According to a press announcement, Bulgaria’s coalition government is making the modernisation and increase of eGovernment services one of its priorities.

  • Openness/Sharing

    • This electrical engineer built an open-source headlamp for doctors in developing countries

      That’s what Amanda DelCore learned through the work of Dr. Laura Stachel, who designed a portable light kit when she saw that doctors and nurses in developing countries had to postpone treatment when their lights would go out. The doctors and nurses were especially excited about the headlamps included in Stachel’s kit because they were hands-free.

    • What do off-patent GM soybeans say about possibilities of open source biotech?

      March of 2015 marks the beginning of a new era in genetically modified foods. It’s the first year farmers can plant a generic version of glyphosate-resistant soybeans—the first GMO to be patented by Monsanto in 1996. There are some caveats to this, but it’s also a case that no longer fits the anti-GMO meme denouncing large agribusiness for holding intellectual property rights over seeds.

    • Open Data

  • Programming

Leftovers

  • Sources: Marissa Mayer is firing people at Yahoo (YHOO)
  • Adobe Photoshop: changing your perception of reality for 25 years

    On the 25th anniversary of the launch of Adobe Photoshop, Sophie Curtis examines why the software program has become a cultural phenomenon

  • Metrolink delays after ANOTHER driver ends up on tram tracks on new Manchester Aiport line

    Since November 25, at least 12 drivers have ended up on the tram tracks – half of those on the new Manchester Airport line.

  • Security

  • Defence/Police/Secrecy/Aggression

    • Top 10 Bogus ISIS Stories

      ISIS’s violent bona fides are not in doubt to anyone paying attention. They’ve targeted religious minorities, beheaded aid workers, sold women into sex slavery and have been all-around devastating for those under their rule. But as America debates the possibility of a full-scale ground invasion of ISIS-controlled territory, it’s important to note that much of the ISIS threat — namely that which targets the West — has been habitually overstated by an uncritical media.

    • Veteran War Reporters: O’Reilly’s Falklands Fibs Violate “Journalism 101″

      Revelations that Bill O’Reilly may have misled viewers about his reporting from the Falklands War back in 1982 are drawing fire from veteran war correspondents who contend apparent embellishments like O’Reilly’s hurt the credibility of all combat journalists.

    • How Fox News Responded To Bill O’Reilly’s Falklands Fibs

      Fox News has gone to war with Mother Jones after the liberal magazine published a story raising questions about the credibility of host Bill O’Reilly’s past statements about his experience as a war correspondent.

    • Who Killed the Argentine Prosecutor? More Than 400,000 March for Justice in Buenos Aires as Controversy Grows

      As many as 400,000 people marched through the pouring rain in the Argentine capital of Buenos Aires on Wednesday demanding an independent judiciary. The march came one month after the mysterious death of special prosecutor Alberto Nisman, who had accused Argentina’s president, Cristina Fernández de Kirchner, of helping to cover up Iran’s role in the deadly 1994 bombing of a Jewish community center that killed 85 people and injured hundreds in Buenos Aires. On January 18, Nisman was found dead in his apartment of a gunshot wound to the head. His body was discovered just a day before he was due to testify before lawmakers on his findings on the 1994 attack. Just four days before his death, Nisman appeared on television and outlined his allegations against the president and Foreign Minister Héctor Timerman. Investigators initially said Nisman’s death appeared to be a suicide, but no gunpowder residue was found on his hands. If it was not a suicide, who killed him? That question has gripped Argentina for the past month. We make sense of this unfolding story with Sebastian Rotella, senior reporter for the investigative news website ProPublica. He first covered the investigation into the 1994 bombing as a reporter for the Los Angeles Times based in Buenos Aires.

  • Environment/Energy/Wildlife

    • CNRL’s Steve Laut Says Oilsands Face ‘Death Spiral’ If They Don’t Cut Costs

      As the world’s oil glut continues to build, wiping out hopes of a price recovery, the head of one of Canada’s largest oilsands operators is warning the industry faces a “death spiral” if it doesn’t figure out how to cut costs.

      Speaking before the Chamber of Commerce in Fort McMurray, Steve Laut, president of Canadian Natural Resources Ltd. (CNRL), said oilsands companies can still return to health, but only if they aggressively begin to cut costs.

      Costs have risen so far, so fast that oil producers were making three times as much profit in 2004, when oil was at $40 a barrel, than they were a few years ago when oil was at $100 a barrel, Laut said, as quoted at the Globe and Mail.

  • Privacy

    • UK Surveillance: The Fightback Begins – Please Join

      It’s one of the longest, most-detailed stories that The Intercept has published so far, and is well-worth reading in its entirety. What it shows is that GCHQ and the NSA really do want access to everything, and that they are prepared to do more or less anything to get that. Put together with all the other Snowden revelations, plus the news from earlier this week about infected hard drive firmware – almost certainly another NSA project – and things might seem utterly desperate.

      And yet there are some glimmers of hope. A couple of weeks ago, the Investigatory Powers Tribunal (IPT), which reviews complaints about surveillance in the UK, decided that British intelligence services acted unlawfully in accessing millions of people’s personal communications collected by the NSA – the first time it has ever ruled against the intelligence and security services in its 15-year history. It’s true that the ruling was unsatisfactory in many ways, but it still sets an important precedent. And then just this week, the UK government was forced to make a humiliating admission that it was unlawful for intelligence agencies to have monitored privileged conversations between lawyers and their clients for the past five years.

    • NSA’s Stealing Keys To Mobile Phone Encryption Shows Why Mandatory Backdoors To Encryption Is A Horrible Idea

      Over the last few months, ever since both Apple and Google announced plans to encrypt data on iOS and Android devices by default, there’s been a ridiculous amount of hand-wringing from the law enforcement community about requiring backdoors, golden keys and magic fairy dust that will allow law enforcement to decrypt the information on your phone… or children will die, even though they actually won’t.

      [...]

      It would be nice to see that the revelation of the NSA undermining one use of encryption led people to realize the stupidity of undermining other forms of encryption, but somehow, it seems likely that our law enforcement community won’t quite comprehend that message.

Links 20/2/2015: Bloomberg Joins Linux Foundation, ClearOS Community 6.6.0

Posted in News Roundup at 12:22 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • 5 ethical open source hacking tools for business

    Many businesses routinely employ “ethical” hackers as a means of testing whether their systems are secure, paying the tech-savvy to break into their computers in what is known as penetration testing, or pen testing.

  • ONF launches open source community to bolster SDN software development
  • Graylog 1.0 Eliminates Cost Barriers to Unlocking Big Data

    HOUSTON — Graylog, Inc., the company behind the popular Graylog open source log analysis platform, today announced that it has released v1.0 of its Open Source Graylog product. This enterprise-grade platform enables organizations to store, search and analyze machine data collected from their IT infrastructures to quickly pinpoint and address the root cause of operational problems. Graylog is providing paid services/support to make it even easier for enterprises to deploy this affordable alternative to expensive log analysis tools such as Splunk.

  • Events

    • SCALE 13x Day 0: Exceeding expectations

      It was a first for the Southern California Linux Expo — a midweek start on Thursday for SCALE 13x, and those of us on the SCALE Team did not know what to expect. The day was composed of a variety of sessions — an all-day Intro to Chef, Puppet Labs held its separate-registration Puppet Camp LA, openSUSE held its mini-summit, PostgreSQL held the first of its two-day PostgreSQL days, Fedora held its Fedora Activity Day, and an all-day Apache session.

    • Collaboration Summit 2015 Keynote Speakers

      The Linux Foundation Collaboration Summit 2015 took place Feb. 18-20 in Santa Rosa, Calif.

  • CMS

    • 4 tips for how to migrate to Drupal

      Well, to jump from your current CMS (or lack thereof) and make the transition to Drupal, you want to know much it costs and exacting what that migration entails. First, there are several factors that have to be taken into an account before any Drupal development company can give you a quote. But, while there isn’t an exact price range for migrating to Drupal, you can do some in-house work to keep your migration costs down and prepare your team for the migration, keeping headaches down too.

  • Openness/Sharing

  • Programming

    • Facebook Announces The Hack Specification

      Last year Facebook launched Hack, a new programming language derived from PHP and powered by their HHVM software. The Hack specification serves as official documentation for those wanting to come out with their own Hack implementation rather than relying upon HHVM. The Hack specification complements the existing Hack programming documentation.

  • Standards/Consortia

Leftovers

  • I gave up social media for Lent

    Could getting off Twitter be a religious experience?

  • Defence/Police/Secrecy/Aggression

    • U.S. officials, in blunt language, say Israel is distorting reality of Iran talks

      The Obama administration on Wednesday accused the Israeli government of misleading the public over the Iran nuclear negotiations, using unusually blunt and terse language that once again highlighted the rift between the two sides.

      In briefings with reporters, State Department spokeswoman Jen Psaki and White House spokesman Josh Earnest suggested Israeli officials were not being truthful about how the United States is handling the secretive talks.

  • Transparency Reporting

    • How a Snowdenista Kept the NSA Leaker Hidden in a Moscow Airport

      Since spiriting NSA leaker Edward Snowden to safety in Russia two years ago, activist and WikiLeaks editor Sarah Harrison has lived quietly in Berlin. Sara Corbett meets the woman some regard as a political heroine—others as an accomplice to treason.

      Moscow’s Sheremetyevo Airport is, like so many international airports, a sprawling and bland place. It has six terminals, four Burger Kings, a sweep of shops selling duty-free caviar, and a rivering flow of anonymous travelers—all of them headed out or headed in or, in any event, never planning to stay long. But for nearly six weeks in the summer of 2013, the airport also housed two fugitives: Edward Snowden, the NSA contractor who had just off-loaded an explosive trove of top-secret U.S. government documents to journalists, and a 31-year-old British woman named Sarah Harrison, described as a legal researcher who worked for the online organization WikiLeaks.

    • A Stronger Freedom of Information Act

      Congress came tantalizingly close last year to passing a bill to strengthen the Freedom of Information Act, which allows journalists and the public to access federal government records. The legislation, which would have brought more transparency, was blocked in December when the House speaker, John Boehner, refused to hold a vote on the Senate bill with no explanation. Two months later, lawmakers have a second chance.

  • Finance

    • NYT Hopes India Can Avoid China’s Plight: a High-Paid, Well-Educated Workforce

      There aren’t a lot of numbers in the Times piece, so it’s useful to pause here and note that according to the IMF database, China’s per capita GDP (measured in terms of purchasing power) grew by 8.6 percent last year, vs. 6.0 percent for India. So any stumbling, slowing or faltering seen in China’s economy is based on forecasts of future growth–which are notoriously unreliable, though often given great credence in articles like these.

  • PR/AstroTurf/Lobbying

    • Op-Ed on Venezuela Slips Past NYT Factcheckers

      Krauze begins by claiming that the Venezuelan government, first under President Hugo Chávez and then his successor Nicolás Maduro, has taken control over the media. Chávez “accumulated control over the organs of government and over much of the information media: radio, television and the press,” we are told, and then Maduro “took over the rest of Venezuelan television.”

      A simple factcheck shows this to be false. The majority of media outlets in Venezuela–including television–continue to be privately owned; further, the private TV audience dwarfs the number of viewers watching state TV.

  • Censorship

  • Privacy

    • Lenovo caught installing adware on new computers

      It looks like Lenovo has been installing adware onto new consumer computers from the company that activates when taken out of the box for the first time.

    • Law enforcement divided over releasing StingRay docs

      State and local law enforcement agencies that use StingRays must weigh their obligations under public records statutes against nondisclosure agreements with the FBI and the device’s manufacturer. While some police departments have ruled that they cannot share any documents whatsoever, a handful of key disclosures in recent weeks — including the cleanest version of the NDA released to date — together shed new light on the FBI’s involvement in cell-site simulator deployments nationwide.

    • How to Remove Superfish Adware From Your Lenovo Computer

      We recently learned that PC manufacturer Lenovo is selling computers preinstalled with a dangerous piece of software, called Superfish, that uses a man-in-the-middle attack to break Windows’ encrypted Web connections for the sake of advertising. (Here’s a list of affected products.) Research from EFF’s Decentralized SSL Observatory has seen many thousands of Superfish certificates that have all been signed with the same root certificate, showing that HTTPS security for at least Internet Explorer, Chrome, and Safari for Windows, on all of these Lenovo laptops, is now broken. Firefox users also have the problem, because Superfish also inserts its certificate into the Firefox root store.

    • Lenovo In Denial: Insists There’s No Security Problem With Superfish — Which Is Very, Very Wrong.

      Late last night, people started buzzing on Twitter about the fact that Lenovo, makers of the famous Thinkpad laptops, had been installing a really nasty form of adware on those machines called Superfish. Many news stories started popping up about this, again, focusing on the adware. But putting adware on a computer, while ethically questionable and a general pain in the ass, is not the real problem here. The problem is that the adware in question, Superfish, has an astoundingly stupid way of working that effectively allows for a very easy man in the middle attack on any computer with the software installed, making it a massive security hole that is insanely dangerous.

    • Lenovo accused of compromising user security by installing adware on new PCs

      The information extracted by Graham can now be used to break the security on every compromised Lenovo computer. This leaves infected users essentially open to any eavesdropping if they are using the net on a public Wi-Fi account, and also enables future malware authors to convince Lenovo owners that their software is produced by a trusted vendor, such as Microsoft.

    • Russian Researchers Uncover Sophisticated NSA Malware

      Over the weekend Russian IT security vendor Kaspersky Lab released a report about a new family of malware dubbed “The Equation Family”. The software appears, from Kaspersky’s description, to be some of the most advanced malware ever seen. It is composed of several different pieces of software, which Kaspersky Lab reports work together and have been infecting computer users around the world for over a decade. It appears that specific techniques and exploits developed by the Equation Group were later used by the authors of Stuxnet, Flame, and Regin. The report alleges that the malware has significant commonalities with other programs that have been attributed to Western intelligence agencies; Reuters subsequently released an article about the report in which an anonymous former NSA employee claims that the malware was directly developed by the NSA.

    • US and UK accused of hacking Sim card firm to steal codes

      US and British intelligence agencies illegally hacked into a major manufacturer of Sim cards to steal codes and facilitate eavesdropping on mobiles, a US news website says.

    • Snowden’s Revenge: New Mega-Spying Project Revealed

      A giant cellphone surveillance program is just one of the dark NSA secrets being dragged out into the light, thanks to a certain whistleblower and a Russian cybersecurity firm.

    • NSA, British spies hack Gemalto to tap mobile calls – Intercept

      Digital security company Gemalto NV was hacked by American and British spies to steal encryption keys used to protect the privacy of cellphone communications, news website Intercept reported, citing documents provided by whistleblower Edward Snowden.

    • Sim card database hack gave US and UK spies access to billions of cellphones

      International row likely after revelations of breach that could have given NSA and GCHQ the power to monitor a large portion of world’s cellular communications

    • Edward Snowden reveals that NSA and GCHQ hacked SIM card manufacturer Gemalto: reports

      British and American spies stole the encryption keys from the largest SIM card manufacturer in the world, according to a government document handed to The Intercept by National Security Agency whistleblower Edward Snowden.

    • How to paint yourself into a corner (Lenovo edition)
    • Superfish: A History Of Malware Complaints And International Surveillance

      Superfish, a little-known “visual search” and ad tech provider from Palo Alto whose CEO was once part of the surveillance industrial complex, is about to learn what it feels like to face the unwavering wrath of the privacy and security industries. Lenovo will take much of the blame for potentially placing users at risk by contracting Superfish to effectively carry out man-in-the-middle attacks on users to intercept their traffic just to get the firm’s “visual” ads up during customers’ web searches.

    • Your Mobile Privacy is Under Threat Because of US and UK Spies

      One of the “biggest Snowden stories yet” has arrived today, according to journalist Glenn Greenwald.

      Spies from the United States’ National Security Agency (NSA) and the United Kingdom’s Government Communication Headquarters (GCHQ) “hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe.” The information was obtained from top-secret documents leaked by Edward Snowden.

  • Civil Rights

    • Proposed Florida Body Camera Law Riddled With Exceptions At Behest Of Police Union

      Florida’s legislators are pushing through bills mandating body camera use by the state’s law enforcement officers. So far, so good, except for the fact that law enforcement officers aren’t really looking for greater transparency or accountability, at least not according to Florida Police Benevolent Association chief Gary Bradford.

    • Why a Reporter’s ‘Epic Rant’ on Twitter Gets No Argument Here

      Mr. Risen, an investigative reporter for The Times, was writing in response to Mr. Holder’s statements in a National Press Club speech Tuesday defending the Obama administration’s record on press rights. Mr. Risen, who narrowly escaped jail time as he insisted on protecting a confidential source, begged to differ – in no uncertain terms.

      Referring to the Obama administration as “the greatest enemy of press freedom in a generation,” Mr. Risen called the attorney general “the nation’s top censorship officer.”

      Although the wording of the Risen tweets was outside the tacitly accepted norm for Times reporters on social media, The Times declined to criticize them and issued a statement in his support.

      I followed up in a conversation with the standards editor, Philip Corbett, and some email correspondence with Mr. Risen.

    • Did the US Prison Boom Lead to the Crime Drop? New Study Says No

      Louisiana — a state whose motto is Union, Justice and Confidence — is known for many things. The Bayou State is the birthplace of jazz, Creole, and Cajun food, and New Orleans is the site of the country’s largest annual Mardi Gras Carnival. But as the Times-Picayune found in a major series years ago, Louisiana is also “the world’s prison capital,” with an incarceration rate that is “nearly five times Iran’s, 13 times China’s and 20 times Germany’s.”

    • FBI Flouts Obama Directive to Limit Gag Orders on National Security Letters

      Despite the post-Snowden spotlight on mass surveillance, the intelligence community’s easiest end-run around the Fourth Amendment since 2001 has been something called a National Security Letter.

    • Yes, Eric Holder Does Do the Intelligence Community’s Bidding in Leak Prosecutions

      The second-to-last witness in the government’s case against Jeffrey Sterling, FBI Special Agent Ashley Hunt, introduced a number of things she had collected over the course of her 7.5 year investigation into James Risen’s chapter on Operation Merlin. That included a few things — most notably two lines from Risen’s credit card records from 2004 — that in no conceivable way incriminated Sterling.

    • Hacker Claims Feds Hit Him With 44 Felonies When He Refused to Be an FBI Spy

      A year ago, the Department of Justice threatened to put Fidel Salinas in prison for the rest of his life for hacking crimes. But before the federal government brought those charges against him, Salinas now says, it tried a different tactic: recruiting him.

  • Internet/Net Neutrality

    • Net neutrality: UK Lords call for internet to be reclassified as a utility

      THE HOUSE OF LORDS IS BACKING the idea of a free and gloriously open internet that is available to all, and is – rather less exciting sounding – reclassified as a utility.

      The plans come on the heels of similar noises from the US where Title II reclassification is a hot and contentious topic.

      Here we have the Lords releasing a report advocating that the government takes the internet and makes it a ;utility service’ much like it is in Estonia where it is considered a human right, and much as people like Tim Berners-Lee would appreciate.

    • Former FCC Boss Turned Top Cable Lobbyist Michael Powell Blames Everyone But Himself For Current Net Neutrality Mess

      You might recall that top cable industry lobbyist Michael Powell, formerly head of the FCC, got much of the current Title II debate rolling back in 2002 when he reclassified cable broadband as an “information service.” This effectively opened the door to a massive era of broadband deregulation Powell and friends at the time insisted would usher forth an immense new wave of broadband competition. If you’ve checked your broadband bill or oh, stepped outside lately, you may have noticed that this utopian broadband landscape never materialized.

  • Intellectual Monopolies

    • Cerf Warns Of A ‘Lost Century’ Caused By Bit Rot; Patents And Copyright Largely To Blame

      The main obstacles to creating software that can run old programs, read old file formats, or preserve old webpages, are patents and copyright. Patents stop people creating emulators, because clean-room implementations that avoid legal problems are just too difficult and expensive to carry out for academic archives to contemplate. At least patents expire relatively quickly, freeing up obsolete technology for reimplementation. Copyright, by contrast, keeps getting extended around the world, which means that libraries would probably be unwilling to make backup copies of digital artefacts unless the law was quite clear that they could — and in many countries, it isn’t.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts