The most useful meanings outlive the words, people and media that carry them. On a Linux Journal Geek Cruise in 2005, I asked Andrew Morton, the Linux kernel maintainer, if he thought Linux would be around a hundred years in the future. He said yes, and that most work on the kernel in 2105 would still be "stamping out bugs".
A decade into that century, with Linux more meaningful than ever to our whole networked civilization, I find myself wondering how long the world it maintains will last, and if the world would be lucky to still have Linux, doing what it has always done, and much more—or if the world has come to depend on other ways of computing. No way to know, and few if any of us reading this will be around to find out.
More and more of our life is going to be spent on smaller devices such as phones and so developers would be far better spending their time creating decent web applications and mobile phone applications.
If you are going to develop for the desktop operating system then you are better focusing on applications that people really need for the desktop.
Kudos to the Ubuntu developers. The convergence looks really good.
Schools in Estonia’s capital Tallinn are piloting a new program, gradually moving to PC workstations running on free and open source software. Students, teachers, school administration and kindergartens’ staff members are using LibreOffice, Ubuntu-Linux and other open source tools, saving millions of dollars on software fees.
The first thing users will notice about Shippable v4.0 is its increased flexibility. Developers can use the tools and platforms they’re working with currently to automate their build and deployment pipelines.
“When you want to change tools or languages, move to a new technology like microservices or containers, or expand your deployment environment, you don’t have to start over again rebuilding your app delivery pipeline,” said Shippable CEO Avi Cavale.
Recreating one’s system from the ground up can be a headache, one which Shippable hopes to curb with its improvements made to version 4.0 of the platform.
The PC maker is building driver support for Thunderbolt 3 and USB Type-C into the XPS 13 Developer Edition, wrote a Dell employee in a company forum.
Thunderbolt 3 is a connector technology that can hook up PCs to external peripherals like storage and monitors. It’s like USB, but four times faster. A 4K movie could be transferred from an external storage device to a PC in 30 seconds.
Linux PCs will be a lot more capable with Thunderbolt 3. Users will be able to connect two 4K monitors simultaneously, connect to external graphics cards and establish a peer-to-peer network with other Linux PCs.
Last fall, Apprenda -- an enterprise platform as a service (PaaS) provider -- joined the Linux Foundation and the Open Container Initiative. And, just this week, the company announced it has joined Kubernetes, a container management system developed by Google.
According to the blog post, Apprenda plans to incorporate Kubernetes into its current architecture, stating “over the course of the next few product releases, we’ll be merging Kubernetes, the open-source container orchestration system from Google, into our architecture and joining the Kubernetes community.”
As part of our series on companies that support Linux, we talked with Chris Gaun, Director of Strategy at Apprenda, to learn more about the company’s new direction and open source commitment.
The Dell XPS 13 is one of our favorite laptops, but that’s only if Windows is your operating system of choice. Mac users have a whole brand just for their computers, but Linux aficionados are typically left out in the cold. There’s good news today though, as the XPS Developer Edition, which runs a custom Ubuntu image, will bring support for Thunderbolt 3 to the platform with the Skylake update, according to chatter on the Dell forums, as pointed out by PCWorld.
Intel's OpenSWR high-performance software rasterizer that's an alternative to LLVMpipe has landed in mainline Mesa.
OpenSWR is a performant software rasterizer developed by Intel that in their workloads is much faster than using LLVMpipe for rendering OpenGL on x86 CPUs. If this is your first time hearing about OpenSWR, read our earlier articles on the matter: Intel Is Making A High-Performance Software Rasterizer For Mesa and OpenSWR High-Performance Software Rasterizer Revised For Mesa.
AMD's Marek Olšák sent out a set of 26 patches this morning for preparing the RadeonSI Gallium3D driver to have interoperability support between OpenGL and HSA/OpenCL.
The latest fruits of AMD's GPUOpen initiative is the open-sourcing of a beta of AMDOVX.
For your viewing pleasure to get our March 2016 Linux benchmarking started is a Linux 4.1 through Linux 4.5 kernel benchmark comparison when testing with a 4GHz Intel Xeon E3 v5 Skylake CPU and using a RadeonSI-supported graphics card and SSD for storage.
Used for today's kernel benchmark comparison was the new Xeon E3-1280 v5 with 3.7GHz base clock frequency and 4.0GHz turbo frequency, MSI C236A Workstation motherboard, 16GB of DDR4 system memory, 120GB Samsung 850 EVO SSD, and Radeon R7 370 graphics card. Thanks to MSI for making this motherboard and CPU testing possible.
With Clear Linux continuing to outperform other Linux distributions on Intel hardware, I was curious to see how the Intel OTC Linux distribution was performing when trying it with one of the new Xeon CPUs at our disposal for testing.
For some quick Clear Linux vs. Ubuntu 16.04 LTS development benchmarks I compared some of the original benchmarks for the Xeon E3-1280 v5 to that of a fresh install of Clear Linux 6470 as the latest build of this rolling-release-like distribution at the time of testing.
On one side is the user who almost reflexively tries out ever new option which hits the scene. They’ve tried handfuls of window managers, dozens of distributions, and every new desktop widget they can find.
On the other side is the user who finds something they like and sticks with it. They tend to like their distribution’s defaults. If they’re passionate about a text editor, it’s whichever one they mastered first.
A new version of open-source BitTorrent client Transmission is now available to download.
Rhino Labs, a leading provider of high-performance data security, networking, and data infrastructure solutions, is announcing the SDNA-7100 (Software Defined Network Appliance) platform family, an entry level enterprise-grade platform able to perform multiple applications within a small form factor at low power and low cost. The SDNA-7100 appliance family is ideal for high performance applications, providing all-inclusive network connectivity, security and storage based solutions.
The developer emailed in to let us know, and I replied asking for a key to give it some thoughts but no reply yet. I will hopefully be able to do a more in-depth article sometime soon.
Blowfish Studios‘ first-person shooter and world-building hybrid Gunscape is now available for PlayStation 4, Xbox One, Windows, Mac and Linux. A Wii U release is planned for Q2 of 2016.
A new Doom game is being released by Bethesda and id Software, and it seems to be working great with Wine in Linux.
When new titles are launched on the Windows platform, it usually takes a while for Wine to catch up. Most of the time, there are missing libraries or some other form error, which means that, at best, the game can be installed and not played.
The Wine developers and community are usually quick to fix any issues, especially with big games, but it's very likely that it won't be necessary. A Linux user managed to get the latest Doom Alpha running in Wine with little to no effort.
Gabe Newell from Valve was quite right to fear about the future when he starting talking up Linux, and now it looks like Microsoft will be trying to push their own store even more.
That Dragon, Cancer is now officially available on Linux & SteamOS. An immersive, narrative videogame that retells Joel Green’s 4-year fight against cancer through about two hours of poetic, imaginative gameplay that explores themes of faith, hope and love.
Wednesday, 02 March 2016. Today KDE releases a beta update to its desktop software, Plasma 5.6.
This release of Plasma brings many improvements to the task manager, KRunner, activities, and Wayland support as well as a much more refined look and feel.
I haven’t blogged for quite some time about the progress on KWin/Wayland and had a few people requesting an update. As we are now approaching a feature freeze and I have most of the things I wanted to do for Plasma 5.6 done, it’s time to blog again. I use this also as a public service announcement: thanks to Let’s Encrypt my blog is also available through an encrypted connection.
Michael first blogged about Kube, but we apparently missed to properly introduce the Project. Let me fix that for you Wink
Kube is a modern groupware client, built to be effective and efficient on a variety of platforms and form-factors. It is built on top of a high-performance data access layer and Qt Quick to provide an exceptional user experience with minimal resource usage. Kube is based on the lessons learned from KDE Kontact and Akonadi, building on the strengths and replacing the weak points.
Kube is further developed in coordination with Roundcube Next, to achieve a consistent user experience across the two interfaces and to ensure that we can collaborate while building the UX.
If you are deep in coding mode and cannot afford to turn your head or even your eyes to look through the window at outside to check the current weather… or if you are deep down below ground plumbing at your black hole farming machine and now preparing your way home and are unsure whether to put on a rain jacket or the sunglasses… what is there to help you? A widget on your computer telling you about the weather, right.
Plasma5 so far was missing the port of the weather widgets which were part of the Plasma Addons package with the older Plasma. While there are nice Plasma5 weather widgets on kde-apps.org (1, 2) I wanted the weather widget back I was used to.
Before the KDE 4.1 release in 2008, Aaron Seigo announced the end of desktop icons. He was being provocative, because what he was really announcing was the end of being restricted to a single icon set. Instead, KDE Plasma began supporting multiple desktops, and with them several ways to swap sets of icons in and out. These changes have received little publicity, but they are ideal for quickly customizing a desktop for a specialized task.
You do not have to use these features. However, if you choose to explore them, you can apply them not only to the main desktop, but also to any activities, or even any virtual workspaces, so long as you first select from the main menu System Settings > Workspace Behavior > Virtual Desktop > Different Widgets for each desktop. It's all a matter of which combination of customizations you prefer: a default desktop, folder views, multiple desktop folders, or a single desktop folder with filters.
KDE's Martin Gräßlin has provided a status update concerning KWin/Wayland support with the latest KDE stack.
Martin Gräßlin has been spending most of his time recently focusing upon the KDE input support for Wayland and better supporting libinput. There's been a lot of code clean-ups and bug fixes as well as bringing input features closer to parity between X11 and Wayland.
The KDE community has banded together to release the Plasma 5.6 beta today.
KDE Plasma 5.6 is bringing improvements to the default Breeze theme as well as to the light and dark versions, task manager improvements, smoother widgets, a weather widget has finally returned to Plasma 5, and plenty of Wayland improvements. Plasma 5.6 has also been prepping Plymouth boot screen and GRUB boot-loader screens designed around the Breeze theme in aiming to complete the KDE computing experience.
Since the last update on openSUSE Tumbleweed, there have been five snapshots and some of those snapshots have brought some interesting new packages.
The 20160225 snapshot allows Tumbleweed users to add a package called ‘discover‘, which is the KDE software installer, implemented as an app store like application.
KDE Plasma 5.6 Beta has been announced by the KDE community, marking the start of a new development cycle for the desktop.
The new KDE Plasma 5.x branch wasn't all that well received by users when it was initially launched, but the developers continued to improve upon it. This latest 5.6 Beta release shows just how far the project has come. The progress made by the developers is astounding, and it looks like they are still making significant changes.
We've just entered the UI and string freeze for 3.20, we have a lot of new stuff coming up for Maps in 3.20 that I'm really excited about to see ”out the door”.
One thing that I've been wanting in Maps for a while is support for transit routing (for using public transportation options) in addition to our current ”turn-based” routing for car, bicycle, and walking powered by GraphHopper.
GNOME Maps 3.20 looks like it's going to be a great release and developers have added quite a few new features.
When GNOME Maps was upgraded from 3.16 to 3.18, the jump wasn't all that obvious. Just a couple of new major features were added. On the other hand, the developers are now preparing for GNOME 3.20, and there's a lot more interesting stuff going on.
Budgie-Remix is a new Linux distribution based on Ubuntu that uses the Budgie desktop environment. This is the first try in having an Ubuntu-based distribution running this new desktop as default.
Solus has just received its first point release in the new "Shannon" series, and the new version is now available for download and your enjoyment.
Solus, one of the most talked about newcomer Linux distributions, is out with their 1.1 Shannon update.
Solus 1.0 was released at the end of 2015 while out today is the project's first point release.
The PCLinuxOS Magazine staff is pleased to announce the release of the March 2016 issue. With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution-NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved.
Sabayon is a free, open source and Gentoo based Linux distribution. It aims to provide the easy to use, simple and yet powerful Linux operating system. Sabayon team has made the monthly release Sabayon 16.3 available to download with bug fixes and applications updates. Sabayon is a Gentoo based Linux distribution. It is available in all popular flavors, KDE, GNOME, Xfce and MATE. So if you are wanting to try this distribution then you can install Sabayon in your favorite flavor.
Red Hat is teaming up with Italy’s Eurotech in a bid to help Internet of Things projects get bigger and more flexible without sacrificing their security.
"This is Lennart Poettering," said Walsh, showing a picture. "This is Solomon Hykes", showing another. "Neither one of them is willing to compromise much. And I get to be in the middle between them."
Since Walsh was tasked with getting systemd to work with Docker, he detailed a history of code, personal, and operational conflicts between the two systems. In many ways, it was also a history of patch conflicts between Red Hat and Docker Inc. Poettering is the primary author of systemd and works for Red Hat, while Hykes is a founder and CTO of Docker, Inc.
Cadence Capital Management LLC boosted its position in Red Hat Inc (NYSE:RHT) by 126.2% during the fourth quarter, according to its most recent filing with the Securities and Exchange Commission (SEC). The institutional investor owned 49,854 shares of the open-source software company’s stock after buying an additional 27,819 shares during the period. Cadence Capital Management LLC’s holdings in Red Hat were worth $4,128,000 at the end of the most recent reporting period.
This training has changed my life entirely. I started the training as a newbie. I took part in the training attentively and tried to learn and implement what all have been taught in the summer training. After few months I really could feel the change. I jotted down the skills those I didn’t used to have before the training and it felt so awesome. Finally this training has turned me into an Open Source Contributor :). I am learning a lot contributing to opensource.
My first chore was to set up VPN access to the development resources (source control, wiki, etc.). I sandboxed the proprietary VPN client in a VM with a systemd unit to run it at boot, so I can control it by starting and stopping that VM. I then set to work on unpacking and exploring the SoC vendor's evaluation module (EVM), starting by looking at serial output - of which there was none. Nothing on the LCD panel or network port either. A frustrating day.
Canonical and Intel continue to further their partnership in the IoT business, and the two companies have just recently completed a training session for developers at the Taipei Intel Technology Training Center.
The Linux Mint team is recovering from the website attack in February that seriously affected their credibility. The lead developer of the project, Clement Lefebvre explained in great detail everything that happened.
The Linux Mint developers have posted a summary of their reaction to the recent compromise of their distribution image. It provides an excellent example of what to do in such a situation.
Today in Linux news Clement Lefebvre today said that things are back up and running over in Mintland with more security measures in place. Douglas DeMaio posted of the latest Tumbleweeds news including new KDE app store and Jack Wallen asked, "Why's everybody all pickin' on Ubuntu?" The Free Software Foundation said to 'read the fine manual' in answer to the ZFS GPL question and another security vulnerability involving SSLv2 was announced.
Apparently, a hacker going by the handle “Peace.” Peace gave an interview to ZDNet reporter Zach Whittaker, in which he or she explained that the idea was mainly just to get access to as many computers as possible, possibly for a botnet. Peace first gained access to the site in January, via a security vulnerability in a WordPress plugin.
Fedevel released an open source design for a Linux-ready, i.MX6-based “OpenRex” SBC with a Cortex-M3 MCU, a stackable design, and Arduino and Pi expansion.
Most embedded board vendors announce a board for pre-sale, then wait to post whatever documentation they intend to release when they finally ship the board. Slovakia-based training and embedded firm Fedevel and its manufacturing partner Voipac have taken a different tack. In conjunction with their announcement of the open source OpenRex SBC, they released full documentation for the board, including complete Altium design files with schematic & PCB plus full manufacturing documentation.
Unlike with PCs, tablets, and smartphones, there likely won't be a short list of operating systems that dominate the entire IoT market. Instead, we're going to have to deal with dozens of popular choices that have specific pros and cons. This list of eight operating systems shows the wide variety of choices and where they are likely to be used.
Recently, while visiting Swecha, a non-profit in Hyderabad that is bringing social change with free and open source software and is part of the Free Software Movement of India, I came to know about FreedomBox. Maintained by the non-profit FreedomBox Foundation that runs on donations, the FreedomBox is a revolution in itself. This project's flagship product, costing just US$100, uses various open hardware components, runs on free operating system Debian OS and works as a secure personal server for distributed social networking, email and audio-visual communications.
BeagleCore has released design docs for its open-spec, BeagleBone-like COM and carrier board, which are both available for pre-order from Conrad Electronics.
Last summer, Iesy funded startup BeagleCore failed to win funding for its eponymous BeagleBone Black COM clone on Kickstarter. Now, however, a slightly tweaked design is available for pre-order from Conrad Electronics, with plans to ship in April.
The folks over at AmeriDroid (an American retailer of the South Korean ODROID SBC/SoC products) posted a video showing the unboxing of the C.H.I.P. mini-Linux computer. I wasn't even aware they were shipping yet.
Android 6.0.1 Marshmallow is about to roll out for Samsung Galaxy S6 Edge Plus following Galaxy S6 and S6 Edge. The latest Google mobile OS will bring 159 new emojis and new features that promise to improve the use of the smartphone.
Android N name, features, release date and news: Everything we know so far, and want to see, from Google's next mobile OS.
Looking forward to your smartphone getting the Android 6.0 Marshmallow update? That's nice for you.
However, while we don't want to dampen your enthusiasm or anything, you should probably know that Google will be officially unveiling Android 7.0 N in May.
Sure enough, the rumours and leaks have already started, if not flowing, then certainly dripping at an increased rate. Here's what we know, what we suspect, and what we want to see from Android N.
It’s become increasingly obvious in recent times that if you want to look for high-powered smartphones in the Android market at competitive prices, you have to look towards China. Xiaomi made a splash at MWC with the launch of its high-end Mi 5 that costs half what an S7 Edge might cost. Meanwhile, in China, Vivo has launched the Xplay 5 and Xplay 5 Elite, the latter of which boasts an enormous 6GB RAM.
Google has since said that the video was an inaccurate mockup, and that it doesn’t represent any future Android updates. But it does little to temper fears that it may soon be an endangered Android feature, because the app drawer’s been disappearing for awhile now.
The last time I sat down with Rich Miner, the co-founder of the mobile operating system Android, he talked about the huge opportunity in the mobile enterprise space.
A year later, there has not been a ton of progress in that area, but Miner still sees it as one of the brightest prospects for investment.
“I tend to not be wrong,” he said during an interview at last week’s Mobile World Congress in Barcelona. “I just tend to be early, sometimes too early.”
After 10 years of development was released the new major release of ReactOS, this event was highlighted in the most biggest tech resources. But I’m not interested in just talk about release notes from “crazy Russian developers”, more interested is technical opportunities and possibilities. Which architecture use React OS now, which hardware are supported, why users and developers might find it interesting, the degree of compatibility with Microsoft Windows? Is there a Windows-based copy with Unix-style? For these and other questions you can find the answers in this article (or ask new questions in comments).
It's 2016, and open source is everywhere you look. The norms, forms and faces of open source have changed so much, in fact, that they seem to signal the rise of a new generation of open source programmers. Here's why.
Lest I ruin anyone's day by appearing to spread falsehoods on the Internet, I will note that the idea of generations is a construct. I realize there is no actual line separating one so-called generation of people from another. I also realize that most of the people who wrote the first free or open source programs several decades ago are still around and coding.
What we’ve seen with Brahmaputra is key stakeholders collaborating across the industry and a marked increase in community engagement overall. For example, 35 projects were involved in the Brahmaputra release, compared to just five in Arno. That’s a six-fold increase in just ten months! Even more telling is the more than 140 developers involved in the release—which means we’ve seen developer participation in OPNFV as a whole increase five-fold since August of 2015.
Coreboot received some new Intel feature work yesterday for improving the state of initializing some newer hardware with this open-source alternative to proprietary UEFI/BIOS.
The Open Source Initiative€® (OSI) is honored to announce ISC (Internet Systems Consortium), the organization behind the ongoing development and distribution of the most used name server software, BIND, has joined the OSI as an Affiliate Member. Founded in 1994, ISC plays a critical role supporting the fundamental architecture of the Internet, driving standards for the Domain Name System (DNS). ISC provides leadership both in standards development and software for the Dynamic Host Configuration Protocol (DHCP) and is an active contributor to the Internet Engineering Task Force.
Over the past two decades open source has gone from a fringe interest to a mainstay of the technology industry. The importance of open source code and prominent issues like security flaws in major open source projects have led to open source foundations becoming more and more important, which means the decisions they make matter.
The foundations are not just for fundraising and patent protection, although Ghost notes: "As a non-profit, no individual stands to gain if we pay more tax or less tax. The foundation either has more, or less money to spend on its mission to create free, open source software -- that's all."
In this article, I’m going to relay my own experience and that of other engineers at Search Technologies with log analytics tools–Splunk and Elasticsearch, Logstash, and Kibana (ELK) in the Elastic stack. As every article says, you’ll have to decide what works best for you.
The famous festival SXSW is coming up in March in Austin, Texas and will hold a special event called SX Create, focused on cool gadgets and hardware projects. If you have a badge, this event will be open to you—plus, it's free and open to the public. How very open source of them.
The Internet of Things is changing the world around us, with new use cases, experiences and technologies emerging every day. As we continue to experiment in this space, we wanted to take a moment to share more details around our approach, process and current projects we’re testing.
Consumer VR is at our doorsteps, and it’s sparking the imagination of developers and content creators everywhere. As such it’s no surprise that interest in WebVR is booming. Publications like the LA Times have used WebVR to explore the landscape of Mars, and a doctor was able to save the life of a little girl by taking advantage of Sketchfab’s VR features. The creativity and the passion of the WebVR community has been incredible!
Mozilla's Virtual Reality team working in conjunction with the Google Chrome team is ready to release a proposal for a new web API for handling VR devices: meet the WebVR 1.0 proposal.
Many people on the cloud computing scene will characterize Amazon Web Services as the proprietary platform that rules the roost, while OpenStack gets the nod among open platforms. There are new ways to leverage both platforms, though. Hyperglance Ltd. has announced Hyperglance 4.0 to bring together Amazon Web Services (AWS) and OpenStack cloud infrastructure, including Nagios alerts, into what it is billing as "an interactive, easy to use, 3D topology console within a single browser tab view."
Quina, speaking at the Federal Health IT Pavilion at HIMSS16, demonstrated Crucible, a tool that was created to help developers identify errors in FHIR applications. Funding from MITRE Corp. has made it possible for the software to be offered as an open-source project with an Apache license. Using the web interface at ProjectCrucible.org, a developer can run 228 test suites that include over 2,000 tests of the FHIR specification.
The Free Software Foundation (FSF)'s Licensing & Compliance Lab has been tracking the public discussion of licensing issues surrounding ZFS and the kernel Linux with interest. We haven't made any statement about it, but we plan to soon.
After installing a major update or newer builds, users are reporting issues of losing programs in Windows 10.
The US National Institutes of Health (NIH) and GSK each own intellectual property that underlies this vaccine candidate. GSK is also the manufacturer of the vaccine.
I love my local hospital. They provide quick, courteous service 24Ãâ7. We are also ~30million people in a country larger than yours so we won’t crowd you at all.
As sure as "Results Wednesday" follows Super Tuesday, Americans were reacting to the outcome of the voting by searching on Google for how to move to Canada.
The Linux distro is also likely to tell you about bugs as soon as they are discovered instead of waiting for an arbitrary day like “Patch Humpday” or a press conference where they also announce some sort of positive news — “Now includes NSA-supplied encryption back door for added security!” — or some other new feature they’re proud of.
When it comes to bugs, hacks, and security breaches, FOSS is typically “no waiting” when it comes to telling users about program flaws.
Two open-source code libraries used in the development of the historic Mars rover have been exploited by cybercriminals and moulded into an effective espionage tool that is being used to target high-level officials in the Indian government.
First exposed by security researchers at Palo Alto Networks, the malware, now dubbed Rover, was found in a malicious phishing email received by India's ambassador to Afghanistan that was made to look like it was sent from India's defence minister which, if opened, would have installed a slew of vicious exploits on the computer system.
Upon analysis, the experts found the malware, which contained code that attacked a flaw in Office XP, boasted a range of spying features including the ability to hijack computer files, launch a keylogger, take screenshots and even record audio and video in real-time. All of the data compromised would be sent straight to the malware creator's command and control (C&C) server.
Last year on December 24, 2015, a potential online target was identified which was delivered via an email to a high profile Indian diplomat, an Ambassador to Afghanistan. The email was spoofed and crafted as if it was sent by the current defence minister of India, Mr. Manohar Parikar. The mail commended the Ambassador to Afghanistan on his contributions and success.
A report released Tuesday on the DROWN vulnerability raises concerns about possible attacks that could expose encrypted communications. DROWN is a serious vulnerability that affects HTTPS and other services using SSL version 2, according to the team of security researchers who compiled the report. The protocols affected are some of the essential cryptographic protocols for Internet security. An attack could decrypt secure HTTPS communications, such as passwords or credit card numbers, within minutes.
DROWN (aka Decrypting RSA with Obsolete and Weakened eNcryption) is a serious design flaw that affects HTTPS websites and other network services that rely on SSL and TLS – which are core cryptographic protocols for internet security. As previously reported, about a third of all HTTPS servers are vulnerable to attack, the computer scientists behind the discovery of the issue warn.
For the second time in as many years, HTTPS encryption has turned out to have a huge flaw. This time, it's called DROWN, and it affects more than 11 million servers that use the open source OpenSSL library. But that doesn't make it another Heartbleed, and it doesn't mean it's time to give up on OpenSSL entirely.
This program is an initiative of the US Department of Defense’s new division Defense Digital Service (DDS) that’s led by former Microsoft executive Chris Lynch. Mr. Lynch says that he’s using his industry contacts to invite security experts and coders to participate.
SHOE CONSERVATIONISTS should be glad that colourful security character John McAfee has lived up to his word and managed to unlock an iPhone.
If you are familiar with security , you likely saw the disclosure yesterday of the openssl v2 vulnerability given the sensational name “Drown”. Good news if you use Fedora (and it’s updated — Update with 20160229 ISOs) you don’t need to worry about a 0 day vuln fix. Openssl-1.0.2g IS the patched version and is on all Fedora Infrastructure and openssl that is shipped in fedora DEFAULTS to having the v2 AND v3 protocols not built-in “Compiled without openSSLv2/v3 support”.
In a couple of weeks (March 11th) the Fedora Security Team will be meeting in Washington, D.C. to hack on training, security fixes, and other issues. All Fedora contributors are welcome to stop by if you’re in the area.
This is the first time when the US has announced an open cyber attack. The cyber attack on ISIS will focus on recapturing the city of Mosul in Northern Iraq from ISIS. The electronic infrastructure of Iraq was set by the US during the reconstruction of Iraq and the US is going to capitalize on those electronics with the cyber attacks.
America’s mercenaries smell the blood (and the money) and are returning to Iraq.
Mercs are a great thing for the U.S. government, in that they aren’t counted as “troops,” or as “boots on the ground,” even while they are both. The Defense Department can disavow any mischief the contractors get up like, such as murdering civilians, and keep the headcount low and the body count low when things are going well, or bad. It only costs money, and that America has a bottomless pool of, as long as it being spent on something violent abroad instead of helping Americans at home (which is socialism, sonny.)
The drought that played a role in triggering the catastrophic Syrian Civil War was the worst such climate event in at least the past 900 years, according to a new study published this week.
The study bolsters the conclusions from other research that found that because of human-made global warming, the drought was made three times more likely to occur, and that it was one of a number of factors that led to the outbreak of hostilities in 2011.
Millions of cubic metres of mining waste burst from a dam at the iron ore mine, causing what is considered to be Brazil's worst environmental disaster.
Until his Academy Award acceptance speech on Sunday night, The Revenant star Leonardo DiCaprio had for years slipped under the radar as one of the most committed climate and oceans advocates in Hollywood.
Instead, the public image that stuck was one of a talented, hard-partying star who seemed to be constantly surrounded by a coterie of models.
Boko Haram, Nigeria’s homegrown Islamist terror group, continues to rampage across the country with growing impunity. Since its emergence in 2009, the group has killed 20,000 people and forced over 2.5 million Nigerians from their homes.
Its expansion has been aided by growing ties with more established terrorist networks, especially al-Qaeda in the Islamic Maghreb (AQIM), providing the group with “training and material support” according to the UN Security Council. Last year, Boko Haram pledged allegiance to the Islamic State (ISIS), active in parts of Iraq and Syria.
February was the warmest month in the satellite record of atmospheric temperatures, according to new data. This is just the first domino to fall during what will likely prove to be the warmest, or one of the warmest, months on record as more data trickles in on conditions during February.
The satellite data deals a setback to climate deniers that frequently cite the satellite record of atmospheric temperatures as evidence that human-caused global warming either doesn't exist or is far smaller than scientists claim.
Iraqi engineers involved in building the Mosul dam 30 years ago have warned that the risk of its imminent collapse and the consequent death toll could be even worse than reported.
They pointed out that pressure on the dam’s compromised structure was building up rapidly as winter snows melted and more water flowed into the reservoir, bringing it up to its maximum capacity, while the sluice gates normally used to relieve that pressure were jammed shut.
Passage of the Trans-Pacific Partnership agreement is the Obama administration’s top trade priority this year, the Office of the United States Trade Representative said in its annual trade agenda released today. The agenda highlights intellectual property protection but also says all the right things on copyright limitations and exceptions, safe harbor for internet service providers, promotion of generic medicines, and the ability of countries to use flexibilities under international trade law.
Hillary summed up the psychological trick of the faux egalitarianism in a simple sentence: “If we broke up the big banks tomorrow … will that end racism? Will that end sexism? Will that end discrimination against the LGBT community?”. It is brilliant rhetoric, a masterpiece of sophistry. Of course breaking up the banks will not directly end these other evils. But neither would ending those things end the appalling level of wealth inequality. It comes directly back to my opening question of whether multi-billionaires are OK as long as they are appropriately representative of black, female and LGBT.
I am one of the many young women who to the consternation of so many pundits is just not Ready for Hillary in 2016. And it’s not because I am a bad feminist, it’s because I am judging Hillary Clinton, just as she has asked to be judged, on her record and her foreign policy credentials. I spent nearly five years in Central America working as a cross-border solidarity activist and I now work with immigrants in Massachusetts who have fled the violence in that region. So, I might have been moved by Clinton’s recent pledge to “campaign for human rights” and take on immigration reform. But I have seen first-hand how Clinton failed on that front when top military commanders in Honduras (all men, of course) overthrew its democratically elected president Manual Zelaya in 2009.
But attaching the label of “movement” to the Sanders’ campaign mistakes appearance for reality. Sanders’ rallies have certainly attracted large crowds – even larger than those of Obama in 2008. But a crowd is not a movement.
Something you often see in media analysis is that campaign reporters have a bias toward the horserace—that is, because they want an audience, they have an incentive to present electoral races as more interesting and competitive than they actually are.
It’s completely untrue. The fact is, when real politics are at stake, corporate media often go out of their way to make races seem as boring as possible—to declare them over long before most citizens have had a chance to vote.
oonves noted that the election has been a boost for ratings—“We had a debate a couple of weeks ago, it was 14 million people on a Saturday night.
A new movie hosting website Play has popped up on ZeroNet, a network which utilizes crowd-sourcing in order to host websites in a Peer-to-Peer style instead of using a central server. This helps in reduced operation costs and increased bandwidth.
A few weeks ago, Donald Trump's spokesperson claimed that he had "single-handedly brought back free speech." It was an odd thing to say for a variety of reasons. First, the US has really strong free speech protections and they haven't gone away (even if there are some threats to them). That is, free speech doesn't need to be "brought back" because it's already here. Second, Trump himself, just a few weeks earlier was quoted deliberately mocking free speech, claiming that people who support it are "foolish people."
We are deeply concerned by the increasing attempts by the National Union of Students (NUS) and its affiliated Student Unions to silence dissenters – including feminists, apostates, LGBTI rights campaigners, anti-racists, anti-fascists and anti-Islamists – through its use of No-Platform and Safe Space policies.
This isn’t an issue specific to our school, but NU has been criticized recently for restricting speech. NU was recently named one of the 10 worst schools in the nation for free speech by the Foundation for Individual Rights in Education due to the Title IX investigation into Communication Prof. Laura Kipnis and allegations of censorship of Atrium, a magazine edited by Feinberg School of Medicine faculty.
A bit of a follow up to yesterday's story about Brazilian law enforcement arresting Facebook vice president for Latin America, Diego Dzodan, because Whatsapp (a Facebook subsidiary) refused to help in a drug trafficking case. This was a ridiculous move by almost any measure: (1) While Whatsapp is a Facebook subsidiary, it's operated independently, so arresting a Facebook exec is like arresting an investor for what one of its companies does; (2) Whatsapp uses strong end-to-end encryption from Open Whisper Systems, the folks who make the gold standard encrypted communication system Signal Private Messenger, meaning that it's impossible for Whatsapp or Facebook to decrypt messages; and (3) jailing unrelated executives over issues like that is just insane.
The FBI's demand that Apple craft new software to bypass iOS's security protections has ignited a worldwide debate about a government's ability to force tech companies to sabotage their own security. One repeated question has been: will other countries, like China, demand the same powers?
At the beginning of the year, the City of Kyle, Texas, approved a controversial agreement to install automated license plate recognition (ALPR) technology in its police vehicles. The devices would come at no cost to the city’s budget; instead, police would also be outfitted with credit card readers and use ALPR to catch drivers with outstanding court fees, also known as capias warrants.
With each card swipe, an added 25% surcharge would go to Vigilant Solutions, the company providing the system. As an added bonus the company would also get to keep all the data on innocent drivers collected by the license plate readers—indefinitely.
But before the license plate readers could even be installed, the Kyle city council voted 6-1 to rescind the order. The reason: public and media outcry over how the system would turn police into debt collectors and data miners.
“It’s a little Big Brother-ish for me. It’s a little too invasive for me,” Councilmember Daphne Tenorio said at the February 16 hearing. “I’m uncomfortable with it...Because my husband’s in IT, I see what happens and, for me, personally I can’t justify it.”
The February meeting was the city’s mulligan. Councilmembers grilled Vigilant Vice President of Sales Joe Harzewski with hard questions that should’ve been raised the first time around, such as what data is collected, where is the data stored, how long is it stored, how is it shared, and how is it protected.
This is a problem. It's not that the state police chose to withhold the information, as it has with several other Stingray-related documents requested by the News Journal and the local ACLU. It's that it says no records exist. This means the warrants the Attorney General says police must use are not being used.
What do appear to be used by Delaware State Police are vague pen register orders that hide from judges and defendants the technology actually being used to obtain this phone data. Public defender John Daniello had one such document turned over to him by the police -- one that apparently was used to deploy Harris Technology's cellphone-tracking technology.
A revised version of the Investigatory Powers Bill was published today, less than three weeks after critical reports by the Intelligence and Security Committee and the Joint Committee, which had scrutinised the Bill. Together with the Science & Technology Committee, they made 123 recommendations. On first reading, it appears that the revised Bill has made minor revisions not the full redraft that many, including ORG, have called for.
Open Rights Group has responded to the publication of the Investigatory Powers Bill.
The United States and the European Union are about to reach a new privacy agreement intended to replace the old Safe Harbor agreement that came under intense scrutiny after the Snowden leaks revealed the scope of NSA’s data collection operations.
The new Privacy Shield was published in full a few days ago, showing the principles that would govern the exchange of digital information between EU consumers and U.S. companies. However, the new agreement also has provisions that explain how and when the NSA can continue bulk data collection in the region.
NSA director makes plea to tech industry to partner on security; DROWN vulnerability hits SSL/TLS, but it's no Heartbleed; EMC, leaving HDDs behind, unveils several new flash arrays; and there's more.
This provision means a person can sue another person for unlawful interception, rather than just rely on the government to prosecute. It was, in this way, a directly enforceable privacy right. (It was a tort used, I understand, in phone and computer hacking claims.)
But the Bill does not (seem to) have this tortuous protection for individuals, even though Part 1 of the Bill is supposedly protecting privacy. (If it somewhere else in the vast Bill, I cannot find it. Please correct me if I am wrong.)
If this is correct, and the tort is being repealed, then why is the government removing this civil law right, leaving the individual only with criminal law protection under what will be the new Act – which in turn needs the prior consent of the Director of Public Prosecutions?
It is not only that I do not believe they could fail to notice. It is that anyone with that level of frequent access to the Prime Minister, other ministers and Royal family would be checked out by the security services. He would not have experienced full positive vetting (now called direct vetting), but a level of vetting would have been carried out on Savile himself. And many of his friends were subject to frequent direct vetting and it is impossible that a picture of Savile would not have built up tangentially. MI5, Special Branch (now also renamed) and GCHQ have tens of thousands of employees. What do you think these people do all day?
The DEA's South California wiretap kingdom is crumbling. Run almost solely through a single, very obliging judge and approved by an assortment of DA's office underlings, the wiretap warrants were so toxic the DOJ wouldn't touch them. Local prosecutors would, however, but now they're finding their cases falling apart.
The likely illegal wiretap program skirted guidelines meant to prevent exactly this sort of abuse. In response to the FBI's abuse of wiretaps to surveil civil rights leaders (including Martin Luther King Jr.) during the 1960s, the DOJ stated warrants had to be signed off by the top prosecutor in the area they were deployed: in this case, Riverside District Attorney Paul Zellerbach. Zellerbach delegated when he shouldn't have, compounding other problems, like the DEA's use of a county judge for warrant requests, rather than a federal judge.
Eric Schmidt, the former chief executive officer of Google, will head a new Pentagon advisory board aimed at bringing Silicon Valley innovation and best practices to the U.S. military, Defense Secretary Ash Carter said on Wednesday.
Carter unveiled the new Defense Innovation Advisory Board with Schmidt during the annual RSA cyber security conference in San Francisco, saying it would give the Pentagon access to "the brightest technical minds focused on innovation."
Schmidt, now the executive chairman of Alphabet Inc (GOOGL.O), the parent company of Google, said the board would help bridge what he called a clear gap between how the U.S. military and the technology industry operate.
You will see that “Part 1” of the Bill is called “General Privacy Provisions”.
This time around the issues surrounding encryption are much bigger than they were 20 years ago and reach far beyond the technical community. More than ever we need media and analysis that won't be confused or misled, that will follow stories past the headlines and scare tactics and that will help the much wider range of people affected by this debate understand what's at stake. Luckily, Techdirt is up for the task and all they need is a little help from their audience to get there. I hope you will help.
Congressional hearings involving law enforcement and intelligence folks tend to be fawning affairs, with most of Congress willing to accept whatever these guys have to say. Sure, you'll always have a few people critical of certain aspects, but generally speaking, Congress is especially friendly to the FBI, NSA, CIA, etc. So it must have come as a bit of a shock to FBI Director James Comey that during a long House Judiciary Committee hearing yesterday, they seemed pretty pissed off at Comey's belief that the courts should force Apple to help him open up encrypted iPhones.
Rogers tried to lighten the mood as he took the stage by calling it "an interesting panel to follow" as the NSA director.
The NSA has two key missions: foreign intelligence-gathering and information assurance. One mission helps the other, as intelligence gathered by one side can be used by the other team to improve how government networks and private sector networks are protected. The NSA will pull together its offensive and defensive capabilities as part of the NSA21, or NSA in the 21st century, plan, said Michael Rogers, commander of the United States Cyber Command and director of the NSA, at the RSA Conference on Tuesday.
The head of the U.S. National Security Agency has warned that hackers will inevitably attack U.S. infrastructure in an attempt to cause a power failure like the one in Ukraine last year.
Admiral Michael Rogers told a cybersecurity conference in San Francisco that it is a "matter of when, not if" a foreign state launches a cyberattack on U.S. targets.
"An actor penetrated the Ukrainian power grid and brought large segments of it offline in a very well-crafted attack that both focused on knocking the system down but also focused on how was the provider likely to respond to that outage," Rogers said.
The NSA is too big and slow to effectively fight ingenious cyber attacks without the help of Silicon Valley tech expertise, so it’s time to patch up relations between the two, the head of the NSA told a gathering of tens of thousands at RSA Conference 2016.
Just in case its motion to vacate wasn't enough, Apple late Tuesday filed an appeal of a California judge's order requiring it to help the FBI defeat the password protection on the iPhone of one of the San Bernardino mass shooters.
Apple's lawyers filed the appeal "in an abundance of caution," to cover the possibility that an appeal is the most appropriate way to oppose Magistrate Judge Sheri Pym's Feb. 16 order, they said in a court filing.
An appeal and a motion to vacate have similar goals, but attack a judge's order in different ways. A motion to vacate asks a judge to withdraw her previous order; in this case, Apple asked Pym to reverse her Feb. 16 decision.
His alleged victims were humiliated, abused, raped and kept quiet. They were supposed to be able to trust him.
Monsignor Francis McCaa spent nearly 40 years in the ministry, and for 25 of them, he was a serial abuser of young boys in his care, some as young as eight years old, according to a scathing report by a Pennsylvania state investigative grand jury.
“Father Francis McCaa was a monster,” the grand jury found on Tuesday, after investigating the sexual misconduct of dozens of clergy in the Altoona–Johnstown diocese in Pennsylvania. The report was largely spurred by the discovery of a secret diocesan archive detailing administrative action around sex abuse, uncovered in August through a search warrant.
I am like a lot of eighth grade students. I try to do my best in class. I like sports and playing outside, and I regularly go to Bible classes. I also believe in standing up for myself and others. So last year, along with some friends, I created a petition to ask my school to change its policy that says girls have to wear skirts to school or risk being punished.
The Obama administration record on torture and detention undermines its rhetoric.
The Obama administration this week made new pledges and commitments to protect “human rights and fundamental freedoms” to the United Nations in advance of the U.S. re-election to the U.N. Human Rights Council. Yet while the U.S. has used its first six years of HRC membership to advance human rights overseas, its participation has had little direct bearing on human rights at home. Lack of accountability for torture and cooperation with U.N. human rights experts are just two examples of such double standards.
When he took office, President Obama promised to disavow many of the disastrous Bush administration policies, including by closing Guantánamo and ending the use of torture. Obama also promised to reassert U.S. global leadership on human rights by joining the HRC later that year.
While the president issued an executive order on his second day in office ending the CIA’s secret detention and torture program, he declined to support any meaningful measures of accountability for crimes that had taken place. His policy of “looking forward rather than backward,” as well as his administration’s continuing fight against transparency and any attempts to reveal the whole truth about Bush administration torture policies, will undoubtedly stain his human rights legacy.
At the Mobile World Congress convention in Spain last week, one of the most well-hyped products in convention history was something that doesn't technically exist. Fifth generation wireless (5G) was all the rage at the show, with multiple carriers promising they were in various stages of bringing the new ultra-fast wireless standard to consumers. The problem is that while engineers have a general idea of some of the technologies that may be included in the final standard when approved, nobody actually knows what 5G is yet. And when it does finally get solidified, it's likely to be 2020 or later before actual launches occur.
But, because Roku believes it's first in line for the cable industry's affections, it appears to be backing away from an initiative that would likely be good for the entire sector (investment by Viacom, 21st Century Fox, and UK cable operator Sky might be shaping Roku's thinking as well). After all, why support broader, healthy competition when you believe you've got the inside track? Well, because should the FCC's gambit actually work, Roku (which people forget began as a brain child of Netflix) stands to gain a much larger chunk of this suddenly-open market than it will from remaining mute.
We'll be hand-delivering a comment against the the part of the DMCA (Digital Millenium Copyright Act) that makes circumvention of DRM a crime, even when done for important reasons like security research or accessibility. Our comment is co-signed by more than 1,000 people, but the Copyright Office won't let us submit it online without proprietary software.
The government of Honduras has committed to a work plan for protecting intellectual property rights that includes recognition of food names considered generic by the United States such as “parmesano” (parmesan), provolone and bologna, the Office of the United States Trade Representative (USTR) announced today. Other commitments include signal piracy related to cable and satellite, and a customs trademark registry.
Lots of brands seem to feel trademark infringement should be greeted with the full brunt force of the law -- even though it's rarely anything more than a civil offense. Counterfeited goods are their own issue, with Good Guy ICE on hand to run interference for major studios, the NFL and anyone else with a significant amount of lobbying power. Counterfeiters can end up in jail, but entities that do nothing more than use a trademarked name/logo without permission or in a "confusing" fashion? Not so much.
There are exceptions, of course. And caveats. But that's exactly what happened in Canada. Jail time for trademark infringement. Richard Stobbe of IPblog.ca has more details.
No, that's not some hipster band. It's the 44th president of the United States. President Barack Obama will be the first sitting president to speak at the annual music, film and interactive media gathering, which drew more than 80,000 attendees last year.
With the rise of users employing adblocking technology in the last 18 months, the conflict between online publishers and users has been mostly left as a problem for the market to resolve organically. However today the UK’s culture secretary John Whittingdale has announced that the British government intends to ‘do something’ on the issue, describing the practice as a ‘modern day protection racket’, and comparing it to piracy.
Copyright is too often used to stifle speech and restrict common sense uses of creative works, from books, to films, textbooks, images, and music. That's why we need exceptions and limitations to copyright, to serve as a safety valve against these kinds of abuse. Fair use is the most robust framework to permit uses of copyrighted material without permission from the creator or rightsholders. The United States is particularly known for having a strong, court-tested fair use regime, enabling all kinds of uses and innovation to thrive on the Internet.
Even though it has been so critical in the U.S. however, fair use is not strictly integrated into international law—nor, for that matter, any of the trade agreements the U.S. itself has negotiated with other countries. Most relevantly, the Trans-Pacific Partnership (TPP) trade agreement carries a framework for governments to enact exceptions and limitations in their laws. That could be enough to justify the introduction of fair use in all the participating countries, but it's far from a straightforward obligation unlike any of the pro-rightsholder restrictions that the agreement contains otherwise.