Gemini version available ♊︎

Links 2/9/2016: Docker Fork Questions, Baidu’s Free Software

Posted in News Roundup at 6:40 am by Dr. Roy Schestowitz

GNOME bluefish



  • Linux Journal September 2016
  • September 2016 Video Preview
  • Desktop

  • Server

    • A Docker Fork: Talk of a Split Is Now on the Table

      Discussions about a split from Docker are now underway among several Docker ecosystem vendors and end users. Expressing frustration of Docker’s management of Docker Engine, the technologists with the companies are exploring ways to address various issues around supporting enterprise Docker deployments.

    • Forking Docker will lead to more fragmentation

      If you have been keeping up with Docker lately, you may have come across my blog post about the sad state of Docker. In this post, I go over how the 1.12 release appeared interesting from all the marketing announcements and the constant copying and pasting of the same Docker content into blogs over the world. However, many others and I expressed our opinions on Hacker News on how Docker failed to deliver a quality product and how they failed to create a quality release. The New Stack then summarized all of the weekend discussions going on in a new blog post and discussed that a fork of Docker may arise. Is a fork really the best answer? Let’s take a look.

      The nice thing about open source software is that anyone can take the software and modify it as needed or even create their own version of the software for redistribution. Software repositories like GitHub make it really easy for developers to fork a project and begin making their own changes and improvements. A recent example was the fork of OwnCloud into NextCloud. My problem with forking is that it leads to fragmentation. I personally like one or two ways of doing something well versus many different ways to partially achieve the same goal.

    • Why the container community is wrong to whine about Docker

      The Docker inmates want to run the asylum, as Red Hat’s Daniel Riek makes clear. So much so, in fact, that there are rumblings of a Docker fork. Companies like Red Hat see their future in containers and worry about being forced into second-class citizenship, while operations vendors like VMware worry about the entire fabric of their virtualization businesses being ripped to shreds.

    • Memory Issues with Linux Control Groups Might Affect Containerized Applications

      The paper authors suggest several workarounds for these problems, including pre-touching the memory, which involves ensuring that the memory is allocated when the process starts, rather than on demand. The exact methods of doing this vary across platforms. Another option is to better assess the memory footprint of an application so that allocation can be done more accurately. The page cache usage is not easy to estimate, but the anonymous memory can be estimated easily. The anonymous memory can be estimated from system metrics like the Resident Set Size (RSS).

    • Docker usage rises, but high portability pointless for most

      The adoption of Docker — and containers in general — within AWS environments continues to rapidly increase. However, reports show that abandonment rates align with adoption rates, which is interesting for those looking at Docker’s potential.

      Docker usage has quintupled in a single year — following the patter of most-hyped technologies, according to a recent study by Datadog, a monitoring and analytics platform. But this raises some questions: Can this growth be sustained? And, if so, what will be the likely patterns of adoption?

    • IBM links Blockchain with AI in new Industry Platforms business unit

      IBM has underscored how seriously its taking Blockchain technology with the creation of a new business unit centered around it. The new business, called Industry Platforms, will be led by Global Business Services chief, Bridget van Kralingen.

      IBM’s entire blockchain leadership team will transition to the new business, which was first announced last year.

      As well as working on Blockchain technology, the Industry Platforms business will also work to promote its Watson artificial intelligence platform in the financial services sector.

      “The Industry Platforms business will bring clients radically optimized processes and marketplaces that leverage Watson, IBM Cloud, IBM Systems, blockchain, deep domain expertise and ecosystems of partners and developers,” said IBM CEO Ginni Rometty.

    • Habitat: Automating Applications, Minus Platform and Infrastructure Hassles

      Remember the days when technology platforms sat in silos and our fierce allegiance to them did too? “We’re a Mac shop,” admins would announce. “We’re all in on Windows,” another might say.

      Those days are quickly fading, along with the barriers that used to separate platform and infrastructure technologies. Instead, we are moving toward a world of containers, multiple instances of virtual machines, and multiple operating systems working in tandem. This is especially true in data centers, and open source tools are helping to drive the trend.

      There is a pronounced need for ways to run applications on multiple types of infrastructure, ranging from bare metal to virtual machines to containers to the cloud. That’s where Habitat comes in. It’s an open source project focused on “automation that travels with the application.” It has pedigree, too. Habitat comes from the makers of the venerable configuration management and automation platform Chef, which, like Puppet, has helped to optimize many heterogeneous technology environments.

  • Kernel Space

  • Applications

  • Desktop Environments/WMs

    • 8 Best and Most Popular Linux Desktop Environments of All Time

      In this article, we shall list and walk through some of the best desktop environments for Linux, including a few of their illustrious features and components. However, we should note that this list is not organized in any particular order.

    • K Desktop Environment/KDE SC/Qt

      • KDE Connect links your Android phone with your Linux desktop

        Despite the name, KDE Connect isn’t just for KDE Plasma desktop users. You can install KDE Connect on any Linux desktop environment. After that, you’ll just need to install the KDE Connect app for Android from the Google Play Store.

        With KDE Connect on your Linux PC and Android phone, you’ll be able to link them together. Notifications you receive on your Android phone will appear on your Linux PC. If you receive an SMS message on your phone, you’ll see it on your Linux PC and you can respond to it from Linux. KDE Connect also offers other useful features, like the ability to trigger custom commands and use your phone as a media controller remote. The connection is made without any servers—your phone and PC connect directly to each other using TLS encryption over the local network.

        Read more

      • KDE Arrives in Berlin, Elects Thomas Pfeiffer to the e.V. Board

        Today KDE has been arriving in Berlin for Akademy, our annual meeting, which is year is part of the larger QtCon conference. This year we are teaming up with KDAB to gather together with the wider community of Qt developers for the first time, which is a major opportunity to share experiences between the open source and the commercial worlds. Also at the gathering are the VLC developers. VLC is one of the most successful open source projects successfully reaching out to users on all platforms and is a project we have long cooperated with. And the Free Software Foundation Europe will be brining the important political edge to our talks.

      • Kubuntu-16.04 and updates

        I installed kubuntu-16.04 in April. Although I don’t use it much, I occasionally boot into it to check a few things. Whenever I booted into Kubuntu, I looked to see if the update applet was notifying me of updates. I left the system running for an hour or more, to give it plenty of time to find out.s

    • GNOME Desktop/GTK

  • Distributions

    • Finding Five Good Linux Distributions Isn’t That Easy

      This is a good alternative list of distribution suggestions. Android is an interesting shout but having tried it myself I think something needs to happen with regards to navigation to make it worthwhile.

      Xubuntu is always a worthy suggestion and it makes a good base for creating the distribution you really want.

      I tried Netrunner out recently. Whilst it is a reasonable distribution I am not personally a fan of the KDE desktop. Netrunner does come with a good set of applications pre-installed.

    • I Asked “What Are The Best Linux Distributions For The Average Person”, You Answered

      August was a light month for me blogging wise because I was in Florida for 2 weeks and unable to post anything.

      In September I will be ramping things back up and writing more reviews and more tutorials.

      What this process has shown me is that I have a lot of good readers and I thank everyone who submitted a list and everyone who reads the blog.

      I also have a very diverse reader base with people coming from all over the world to submit their lists.

      From a technical point of view there were 42 different distribution suggestions and this is maybe why it is hard to suggest a top 5.

      However if I sort the data based on the number of suggestions per distribution the top 5 are as follows:

      Linux Mint
      Linux Lite
      Ubuntu MATE / ZorinOS

      My original list included three of those distributions and the two that didn’t make the list above are Peppermint OS and PCLinuxOS.

      I can’t argue with Linux Lite and it is definitely up for a new review in September and Ubuntu MATE should probably have made the list of PCLinuxOS. As mentioned earlier I have concerns over Zorin and I will state my case in a new article next week.

      I stick with my suggestion of Peppermint however because it has been around a long time and it provides a good blend between being lightweight yet productive. I also personally still think PCLinuxOS is a good choice although often overlooked.

    • New Releases

    • OpenSUSE/SUSE

      • Throw a Beta Pizza Party
      • openSUSE 42.2 Pushed Back as Beta is Released
      • openSUSE Releases Leap Beta, Modifies Road Map

        Software testers and Linux enthusiasts can now get the Beta release of openSUSE Leap 42.2, which was released today.

        “Leap is for pragmatic and conservative technology adopters,” said Ludwig Nussel, the release manager for openSUSE Leap. “Testing the beta helps make Leap even more mature, so we encourage as many people as possible to test it.”

        openSUSE Leap focuses on well-established packages, like systemd 228 and Qt 5.6. The release day for the official version is scheduled for Nov. 16, which is one week after SUSECon.

      • Tumbleweed Enhances Encryption, has Massive Updates

        openSUSE users are at no loss for getting new software as this week the rolling distribution Tumbleweed had several snapshot releases and there was a beta release for openSUSE Leap 42.2.

        openSUSE’s rolling distribution Tumbleweed, which was originally created by Linux kernel developer Greg Kroah-Hartman, had six snapshots two weeks ago and four last week. This week we will look at another six snapshots.

    • Red Hat Family

      • Red Hat’s Latest OpenStack Platform Boasts New Management Features

        Red Hat is known to some people as the only U.S.-based public company that is exclusively focused on open source, and known to many for its Linux-focused strategy complemented by rock solid support. But as I’ve noted before, the cloud beckons in a big way for Red Hat. The company has recently extended a broad partnership with Microsoft focused on Linux and cloud agreements.

        And now, Red Hat has announced the availability of Red Hat OpenStack Platform 9, its latest open Infrastructure-as-a-Service (IaaS) platform designed to deploy, scale and manage private cloud, public cloud, and Network Functions Virtualization (NFV) environments. It’s based on the OpenStack community “Mitaka” release, and Red Hat says it offers customers a more secure, production-ready automated cloud platform integrated with Red Hat Enterprise Linux 7.2, Red Hat Ceph Storage 2, and Red Hat CloudForms for hybrid cloud management and monitoring.

      • Red Hat Inc. ranks 25th as most innovative company under the Forbes list of ‘World’s Most Innovative Companies’ list
      • Red Hat still plans on being The OpenStack company

        Other companies — Canonical, SUSE, and Mirantis — all plan on being OpenStack powers, but Red Hat shows it’s determined to be number one with its latest OpenStack cloud release.

      • Red Hat Takes Aim at VMware With RHV

        Although VMware and Red Hat might have seemed to be best buddies at last week’s LinuxCon, this week it’s become obvious that Red Hat is locked and loaded and has VMware in its sites. During a week when the suits at the virtualization company would doubtlessly like attention focused on Las Vegas and its VMWorld 2016 users’ conference, Red Hat has been stealing the headlines on just about every major tech site with news of its own virtualization products.

      • Finance

      • Fedora

        • SUSE Contributions, Fedora & Korora 24 Reviews, Security Distros
        • Fedora 25 Alpha Released with Wayland Default
        • Korora 24

          The Korora distribution is based on Fedora and provides users with several desktop editions. Each edition of Korora ships with multimedia support and with several third-party repositories enabled. This gives Korora access to a wider range of software with its default configuration.

          The latest release of Korora, version 24, is based on Fedora 24 and includes the same changes and technology as its parent. The Korora release is available in four flavours (Cinnamon, GNOME, MATE and Xfce). A fifth edition featuring KDE’s Plasma desktop is planned, but was not available when I began this review. The new release media is available for the 64-bit x86 architecture exclusively, however existing Korora 23 users who run 32-bit systems can perform live upgrades to Korora 24. The Pharlap driver manager has been removed from this release.

        • The next version of Fedora picks up Rust

          You know a language has arrived when its toolchain ships as a standard component with operating systems.

          Rust, Mozilla’s language for safe and speedy systems level programming, has landed a prime-time slot in the next edition of Fedora Linux, according to the change set for the first public alpha for Fedora 25.

        • Crash test dummy? Love the excitement of breaking an OS? Fedora 25 Alpha has landed

          If you’re a chronic complainer and nit-picker with a spare machine and a willingness to suffer multiple crashes, weird screen artefacts and possible data loss: Fedora 25′s alpha has landed ahead of its anticipated November 2016 release.

          If you want to help the developers by breaking stuff, don’t risk dual-boot on OS X if you’ve got live data, because this known bug is a treat:

          “The installer appears to support volume shrink for OS X volumes (Apple Core Storage) by offering a Shrink button and sizing slider in Automatic partitioning; and likewise allow numeric resizing in Manual partitioning. However, setting the installer to resize these volumes and proceeding with installation will result in complete data loss of the volume. Resize the volume in OS X’s Disk Utility to create free space before proceeding with the installation of Fedora.”

    • Debian Family

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu Touch OTA-13 to Be Released on September 14, Add Numerous Improvements

            We’ve been asked by many of our readers what’s going on with the development of the next major OTA software update for Canonical’s Ubuntu Touch mobile operating system for Ubuntu Phone and Ubuntu Tablet devices, the OTA-13.

          • Should You Upgrade To Ubuntu 16.04 From Ubuntu 14.04

            Ubuntu 16.04 has been out for about 4 months now and it is the latest long term support release which gurarantees support for 5 more years.

            Do you need to upgrade to Ubuntu 16.04 right now or should you wait a while? In this guide I am going to list reasons for and against upgrading to Ubuntu 16.04 and help you to decide when it is right for you.

          • Ubuntu Working On Improved Low Graphics Mode For Unity 7

            While Ubuntu developers continue work on preparing the Unity 8 desktop for rolling out across all form-factors, Unity 7 is still seeing some new improvements as their interim desktop solution.

          • 5 Things We Secretly Miss About Ubuntu

            Sure, it’s super stable, far more compatible, and less buggy than it was a few years back. The polish and professionalism mirrors Canonical’s own transition from scrappy startup to server-ruling stalwart.

          • Flavours and Variants

  • Devices/Embedded

    • ReSpeaker Is an Upcoming Open Source, Modular Voice Interface to Hack Things

      Softpedia was informed by SeeedStudio about an upcoming device that was fully funded in twelve hours on Kickstart, while still having 20 days to go on its crowdfunding campaign.

    • Linaro Announces First Development Board Compliant with 96Boards TV Platform Specification

      Linaro Ltd, the collaborative engineering organization developing open source software for the ARM® architecture, today announced support for the HiSilicon ‘Poplar’ board – the first development board compliant with the 96Boards Enterprise Edition TV Platform specification. The board is the latest addition to the 96Boards family, the open specification defining a platform for the delivery of low-cost 32-bit and 64-bit ARM ecosystem developer boards. It is available to purchase for under $100 from Tocoding Technologies.

    • HiSilicon’s Poplar Is The First Linaro 96Boards EE TV Platform

      Linaro has announced the first development board that supports their 96Boards’ Enterprise Edition TV Platform specification.

      The HiSilicon Poplar development board is their first TV Platform compliant product and targets set-top box developers and hobbyists. The Poplar dev board is powered by a Hi3798C V200 SoC that packs in a quad-core 64-bit Cortex-A53 processor and Mali T720 for graphics. The Poplar board costs $79 USD or closer to $100 when factoring in shipping.

    • Phones

Free Software/Open Source

  • Have a strum on Lightning Uke, the first open-source 3D printed electric ukulele
  • 3D printed ukulele comes with open source software

    A team of designers from Taiwan recently have created an open-source 3D printed electronic ukelele. This could very well to be the first open-source one in the world. With a full-size fretboard, regular strings and tuners, and a custom-made amplifier, pick-up, and speaker, the exotically shaped ukelele was named Lightening Uke and was particularly designed for consumer 3D printers.

    No matter for masters or green-hands, an ukulele would always be a good choice to play because of its portability and user-friendliness. However, few of these players would claim to be able to play “Over the Rainbow” with a 3D printed instrument. Surely we have already seen several 3D printed instruments online, (like the 3D printed violin) but these Taiwanese designers noticed that there weren’t any open-source ukuleles and that’s why they decided to bring this unique instrument to all makers.

  • Why News Corp loves open source

    The struggles of publishing giant News Corp and its media brethren are no secret, but from an IT perspective scurrying to cut costs amidst falling revenues may have inadvertently put the business on the path to innovation.

    Speaking at the Future IT Infrastructure forum in Melbourne this week, News Corp’s top infrastructure architect Nicholas Tan urged his peers to join the publisher in embracing the open source community.

    Open source is not “hobby software” anymore, Tan said.

    “It’s definitely the real deal and it is powering a lot of the tech we consume today even if we don’t realise it.”

    News Corp has been gradually deploying open source technologies at strategic points in its stack – “where our major business value is, where we need to be highly differentiated – that is where our developer talent will go”, Tan said.

  • How small enterprises can leverage open-source to build for the enterprise

    Open-Source software allows small businesses to leverage millions of dollars worth of software to build customized solutions which are usually well supported by a global community of users. Many of Canada’s closest allies have already made huge strides to adopt it for their biggest and most challenging IT projects.

  • Survey: Infographic Shows Open Source Increasingly Embraced by Developers

    Open source platforms are no longer just for a small group of hardcore coders. A recent study by Black Duck and North Bridge of developers and security professionals shows that 65 percent of respondents have embraced open source as a critical element of their development strategy.

    Emerging technologies such as containers are also on the rise; 59 percent of respondents already utilize containers in a variety of deployments to speed up their go-to-market strategies, from development and testing to internal and external production environment.

  • Culture and lack of skills holding back Australia’s open source adoption: Coles

    When it comes to the adoption of open source technologies in Australia, Niall Keating, head of Big Data at supermarket giant Coles, has said that it is both the culture and talent shortage that is holding the country back.

    Having worked in the Hadoop space for the past four years, Keating said he has seen a shift in attitude towards open source, watching businesses deploy such technology in earnest to solve real business problems.

  • Web4Africa has launched a data mirror project to localise popular open-source content in Nigeria

    Pan-African web hosting company, Web4Africa, has launched the first West African mirror project aimed at providing a local mirror of popular open-source projects in Nigeria.

    The Nigerian Mirror Project, which is physically hosted in Nigeria, will reduce the high cost of bandwidth by bringing free and open-source content closer to end-users in Nigeria through data mirroring. Access to bandwidth in Nigeria is expensive compared to most parts of the world, and this is mostly due to the fact that most of the content consumed by Nigerian Internet users is generated outside the country. With this Mirror Project, free and open-source software will become more available, and user experience will be made better with faster downloads.

  • The Intersection of Alchemy and Open Source

    As open source continues to take over over the software development landscape, so too are the metaphors for how its success today has multiple historical precedents. For science-fiction author and activitist Cory Doctorow, open source is an idea that helped to raise humanity out of the dark ages.

    In a keynote at the LinuxCon North America conference in Toronto last week, Doctorow compared the age of open source to the enlightenment.

  • Baidu open sources its deep learning platform PaddlePaddle

    Taking a cue from some of its U.S. peers like Google, Chinese Internet search giant Baidu has decided to open source its deep learning platform.

    The company claims that the platform, code-named PaddlePaddle after PArallel Distributed Deep LEarning, will let developers focus on the high-level structure of their models without having to worry about the low-level details. A machine translation program written with PaddlePaddle, for example, requires significantly less code than on other popular deep learning platforms, said Baidu spokeswoman Calisa Cole.

  • Baidu open-sources Python-driven machine learning framework
  • Baidu Open Sources its Deep Learning AI Platform
  • Chinese Search Company Wants to Revolutionize Deep Learning
  • Baidu open sources its machine learning software
  • China’s homegrown AI sector takes off
  • Baidu Open-Sources PaddlePaddle Deep Learning Platform
  • Baidu peddles PaddlesPaddles, floats open source AI tech
  • China’s Baidu to open-source its deep learning AI platform
  • Baidu follows US tech giants and open sources its deep learning tools
  • Baidu Signs Partnership Deal With HARMAN; To Open Source Software Platform
  • Baidu to Open Source New Platform for Deep Learning Community
  • Baidu Delivers a Hardened Open Source Deep Learning Tool

    A few weeks ago, in an article for TechCrunch, Spark Capital’s John Melas-Kyriazi weighed in on how startups can leverage artificial intelligence and deep learning tools to advance their businesses or even give birth to brand new ones. In a subsequent post, I noted that quite a few of them have been tested and hardened at Google, Facebook, Microsoft and other companies, and some of them may represent business opportunities.Since then, there has been more action on the open source AI and deep learning front.

  • Web Browsers

  • SaaS/Back End

    • Build vs. buy equation changes, as open source big data tools surge

      Build vs. buy is a decision that has long been intrinsic to the mission of the IT leader. In the age of big data and open source software tooling, the familiar dilemma has taken a different tone, according to reporters speaking in the latest edition of the Talking Data podcast.

      Important elements in making build vs. buy decisions are the total cost of ownership of software over time, the competitive benefit to be gained by adding new features quickly and the skill sets available within the organization for any given new technology initiative.

    • On complexity in big data

      What’s the scale we’re using here? What makes big data and NoSQL more complex than cloud or mobile?

  • Oracle/Java/LibreOffice

    • Contemplating the retirement of Apache OpenOffice

      Outgoing Apache OpenOffice project management committee (PMC) chair Dennis Hamilton has begun the discussion of a possible (note possible at this point) shutdown of the project. “In the case of Apache OpenOffice, needing to disclose security vulnerabilities for which there is no mitigation in an update has become a serious issue. In responses to concerns raised in June, the PMC is currently tasked by the ASF Board to account for this inability and to provide a remedy. An indicator of the seriousness of the Board’s concern is the PMC been requested to report to the Board every month, starting in August, rather than quarterly, the normal case. One option for remedy that must be considered is retirement of the project. The request is for the PMC’s consideration among other possible options.” (Thanks to James Hogarth.)

  • CMS

    • Drupal 8.2, now with more outside-in

      Over the weekend, Drupal 8.2 beta was released. One of the reasons why I’m so excited about this release is that it ships with “more outside-in”. In an “outside-in experience”, you can click anything on the page, edit its configuration in place without having to navigate to the administration back end, and watch it take effect immediately. This kind of on-the-fly editorial experience could be a game changer for Drupal’s usability.

      When I last discussed turning Drupal outside-in, we were still in the conceptual stages, with mockups illustrating the concepts. Since then, those designs have gone through multiple rounds of feedback from Drupal’s usability team and a round of user testing led by Cheppers. This study identified some issues and provided some insights which were incorporated into subsequent designs.

      Two policy changes we introduced in Drupal 8 — semantic versioning and experimental modules — have fundamentally changed Drupal’s innovation model starting with Drupal 8. I should write a longer blog post about this, but the net result of those two changes is ongoing improvements with an easy upgrade path. In this case, it enabled us to add outside-in experiences to Drupal 8.2 instead of having to wait for Drupal 9. The authoring experience improvements we made in Drupal 8 are well-received, but that doesn’t mean we are done. It’s exciting that we can move much faster on making Drupal easier to use.

  • Education

  • Pseudo-Open Source (Openwashing)

  • BSD

  • Public Services/Government

    • Which countries have open-source laws on the books?

      As the institutional use of open-source software continues to expand like an octopus, the public sector remains a key target market.

      Government users like Linux and other open-source software for several reasons, but the most important ones are probably that total cost of ownership is often lower than it is for proprietary products and that open-source projects don’t vanish if the company providing them goes under.

    • German free software proponents approach lawmakers

      German members of the Free Software Foundation Europe (FSFE) are once again contacting political candidates in next month’s state elections. The major, traditional parties fear the unknown, while left, green and pirate parties favour the use of such software in public administration.

      In the state of Berlin and the state of Mecklenburg-Vorpommern FSFE members are studying the party programmes. At the same time, the group is lobbying the candidates, advocating public administration’s use of free and open source software solutions.

    • Free Software in the Berlin election programs
    • Germany While Leading In Adoption Of FLOSS Still Has Luddites In High Places
    • Corbyn Promises Broadband For All And Open Source Government

      Labour leader Jeremy Corbyn vows to democratise the internet with funding, better public services, open source software and broadband access

      Jeremy Corbyn has pledged to deliver superfast broadband and mobile coverage to every home and business in the UK as part of a digital manifesto that also includes support for open source software.

      The Labour leader described a ‘universal service network’ that would provide the connectivity, alongside online resources for education, a digital bill of rights and a ‘digital passport’ that would be used as a secure online identity for public services.

      Public funding would be made available to make the cost of connecting citizens with services such as transport, accommodation, culture and catering and any Labour government would require all software and hardware paid for by public money to be made open source.

    • CNAS report recommends DOD ‘embrace open-source software’

      A new report from the Center for a New American Security is recommending the Pentagon take more aggressive steps to embrace open-source software.

    • Defense Department failing to capitalize on open-source benefits

      The Defense Department increasingly relies on software for everything from weapons systems to accounting, but it is failing to capitalize on the power of open-source software, according to a report from the Center for a New American Security.

    • Defense Department needs to embrace open source or military will lose tech superiority
  • Openness/Sharing/Collaboration

    • Open Data

      • Nice: NASA Opens Up Its Research Online For Free

        Every once in a while, we get some good news out of a government agency. Based on a 2013 directive from the White House, NASA had finally announced early this year that it would be following the NIH model and making its publicly funded research available for free online. With the only caveat being a restriction on research that relates to national security, NASA has made good on plans to publish the rest of this research on Pubspace, its new publicly-facing portal for sharing this research.

  • Programming/Development

    • Converseen 0.9.5 porting to Qt5 is available for Linux

      During the last weeks I worked on the Qt5 porting of my open source project Converseen, a cross-platform batch conversion and image processor tool, thanks to the help of rezso, an user from GitHub who sent me some patches with a lot of useful changes that enabled the project to be compiled with Qt5.

      In addition to this, I spent a couple of hours making the project compatible (and compilable) with Visual Studio 2015 in order to make it available for Windows platforms, too. In particular, the Windows version comes with ImageMagick 6.9.5 HDRI bundled in the same package.

    • Preliminary Qt 5.8 Alpha Packages Now Available

      The Qt Project is readying the Qt 5.8.0 Alpha toolkit release.

      Qt 5.8 is now under a feature freeze and working to get its release schedule back on track with hopes of releasing Qt 5.8 before Christmas.

    • GitHub Showcases Most Popular Open Source Developer Tools

      With open source having “won” in becoming “today’s preeminent architecture,” developers may want to check up on the most popular development tools used in community projects.

      One place to do that is GitHub, the go-to choice for developers worldwide to host their open source projects. Sure, the company has published the occasional report based on data mining its stores of projects, such as one recent study of the most popular programming languages, but there’s another resource that devs can consult at any time to check up on the hottest trends in open source development.

    • 5 great Java performance optimization tricks

      Optimizing your Java code requires an understanding of how the different elements in Java interact, and how it interacts with the operating system that is it running on. Use these five tips and resources to start learning how to analyze and optimize your code.

      Before we get to the good stuff, you might be concerned about licensing. Java is owned by Oracle, and is under Oracle’s BCL license which is not a free/open source license. Even so, Oracle Java is part of many open source projects. OpenJDK is the free software implementation of the Java platform, licensed under GPL v2. (See Free Java implementations on Wikipedia for more information.)


  • Genode OS 16.08 Released With seL4 Kernel Improvements

    Genode OS 16.08 allows running more software off the seL4 micro-kernel, adds support for virtual networking and Tor, support for VirtualBox on top of the Muen separation kernel, support for VirtualBox 5 on their NOVA kernel, virtual AHCI controller support, statistical profiling support, and more.

  • Health/Nutrition

    • WHO Debates Expansion Of Role In Virus-Sharing

      The global treatment of influenza is under reconsideration at the World Health Organization this week, as a review group of a WHO influenza pandemic framework looks at issues such as its relationship with an international treaty protecting countries’ ownership biological resources.

    • WHO Flu Pandemic Framework Working, Group Says; Some Concerned

      A World Health Organization framework to respond to influenza pandemics is working successfully, the confidential draft report of a review team has found. But some areas, such as virus genetic information, still need more work. Stakeholders, meanwhile, are challenging some findings and a concern was raised that lawyers may be influencing the science behind decisions on this issue.

  • Security

    • Linux Foundation Restructuring CII Security Effort for Scale

      Since creating the Core Infrastructure Initiative (CII) in 2014 in response to the Heartbleed vulnerability in the OpenSSL cryptographic library, the Linux Foundation has raised $5.8 million in funding to support the effort. It easily could raise much more, given its popularity.

      Nicko van Someren, CTO of the Linux Foundation, is leading an effort to restructure the governance model for the CII, to help accelerate security for the internet. In a video interview, he details his suggested changes, which are being reviewed by the CII’s existing membership.

    • BlackArch Linux Ethical Hacking OS Is Now Powered by Kernel 4.7.2, New ISOs Out

      On August 30, 2016, the development team behind the BlackArch Linux penetration testing distribution based on Arch Linux announced the release of new Live ISO images with updated components and various improvements.

    • Kali Linux 2016.2 Released as the Most Advanced Penetration Testing Distribution

      The Kali Linux (successor to BackTrack) developers are back from the DEF CON Vegas and Black Hat conferences for security professionals and ethical hackers, and as they promised earlier this year, they’re now announcing the availability of Kali Linux 2016.2.

    • Fairware ransomware for Linux Web servers
    • The Newcomer FairWare Ransomware Hits Linux Running Servers (Maybe)
    • New and Mysterious FairWare Ransomware Targets Linux Servers
    • FairWare Ransomware Strikes Linux Systems, Deletes Files, Demands Bitcoin Payment
    • New FairWare ransomware targets Linux web servers, holds web folder hostage
    • Fantom and FairWare ransomware discovered
    • FairWare ransomware infects servers through exposed Redis instances [Ed: Rerunning a story from last month to make Linux sounds scary, due to a Redis misconfiguration]
    • Insecure Redis Instances at Core of Attacks Against Linux Servers
    • Blackhat wannabes proffer probably bogus Linux scamsomware

      A new purported ransomware variant is hitting Linux servers, deleting files and demanding payment for the return of lost data.

      The scam is possibly a bluff, since it does not follow the regular format of encrypting files and leaving ransom notes for slick and automated payment.

      Information on the attacks is scarce. Bleeping Computer researcher Lawrence Abrams suspects it is likely a copy of the deleted files with the web folder uploaded to an attacker’s server, rather than complex encryption being applied.

    • School Creates Own Security Hole; Tries To Have Concerned Parent Arrested For Hacking

      We’ve seen it so often over the years, it’s probably now time to accept the fact that this will never change: when entities are presented evidence of security holes and breaches, far too often the initial reaction is to shoot the messenger.

      A school whose online student portal exposed a lot of sensitive data decided the best way to handle a concerned parent’s repeated questions about how it was handling the problem was to file a criminal complaint against the parent. (via the Office of Inadequate Security)

      The details of the breach (since closed) were reported by independent journalist Sherrie Peif.

    • [Tor] A New Bridge Authority

      After ten years of volunteer maintenance of Tonga, Tor’s bridge Authority—a piece of critical infrastructure within the Tor network—our colleague and friend, Lucky Green, a long time cypherpunk, and free speech and privacy advocate, has decided to step down from this role. Tonga’s cryptographic keys will be destroyed this week. We are incredibly thankful to Lucky for all his support and selfless labour in maintaining a key component of our censorship circumvention efforts, grateful for the years we have spent working with him, and very sorry to see him go.

    • More Than 40% Of Attacks Abuse SSL Encryption

      There’s an important caveat about encrypted traffic from new research released this week: Encryption works so well that hackers are using it as cover.

      A new study from A10 and the Ponemon Institute found that 80% of respondents say their organizations have been the victim of a cyberattack or malicious insiders in the past year — and 41% of the attacks have used encryption to evade detection. In addition, 75% say malware hidden within encrypted traffic is a risk to their organizations.

      At issue: The report found that SSL encryption not only hides data from would-be hackers but also from common security tools.

      “Hackers are using SSL encryption to slide by standard perimeter defenses,” says Chase Cunningham, director of cyber operations at A10 Networks.

    • The Cloud Security Alliance publishes its best practices for Big Data security

      Big Data is a boon for businesses worldwide, but the benefits come at a cost. The more data companies store, the more vulnerable they are to potential security breaches. And data breaches can be enormously expensive when they occur. IBM’s 2016 Cost of Data Breach report found that the average consolidated total cost of a data breach grew from $3.8 million to $4 million in the last year, which makes securing their data an important goal for any company that’s invested in it.

  • Defence/Aggression

    • Clinton: Treat cyberattacks ‘like any other attack’

      Hillary Clinton on Wednesday called for the U.S. to begin treating cyberattacks like any other assault on the country.

      “As president, I will make it clear that the United States will treat cyberattacks just like any other attack,” the Democratic presidential nominee said. “We will be ready with serious political, economic and military responses.”

      Clinton called for the U.S. to “lead the world in setting the rules in cyberspace.”

      “If America doesn’t, others will,” she said.

      The remarks, given during a foreign policy speech at the American Legion Convention in Cincinnati, address one the central challenges the Obama administration has faced in responding to cyberattacks.

    • How Clinton And US Government Benefit When New York Times Attacks WikiLeaks

      Without any evidence whatsoever, the New York Times published a “special report” tying the operations of WikiLeaks to Russian leader Vladimir Putin. Times reporters strongly suggested, “whether by conviction, convenience, or coincidence,” WikiLeaks’ document releases, along with statements by its editor-in-chief Julian Assange, have “often benefited Russia at the expense of the West.”

      This kind of journalism has historically been labeled yellow journalism. It is a crude exaggeration and distorting of reality aimed at sensationalism. Times reporters fuel a manufactured idea that somehow WikiLeaks is a Russian pawn of Prime Minister Vladimir Putin in the country’s new Cold War against the United States.

      In fact, decades ago, the CIA spread anti-communist propaganda and disinformation, which had a way of making it into American newspapers. Perhaps, during that era this type of story would have been planted by the CIA in the Times, however, nowadays the CIA does not need to plant news stories. Journalists willingly adopt their agenda and ideology and publish stories like this one, which have the same effect.

  • Finance

    • French minister calls for halt to TTIP talks

      There is ‘no more political support’ in France for EU-US trade pact, foreign trade secretary says.

      By Joshua Posaner for Politico Pro

      France wants to stop negotiations on a transatlantic trade pact between the EU and U.S., the country’s secretary of state for foreign trade said Tuesday.

      Matthias Fekl said “there is no more political support in France for these negotiations,” adding that “France calls for an end to these negotiations,” according to AFP.

    • The Secret Threat That Makes Corporations More Powerful Than Countries

      International corporations that want to intimidate countries have access to a private legal system designed just for them. And to unlock its power, sometimes all it takes is a threat. Part two of a BuzzFeed News investigation

    • Apple to shareholders: order to pay back $14.5bn in taxes ‘will be overturned’

      Tech giant Apple told shareholders it did not consider the European commission’s decision to collect $14.5bn in back taxes final on Tuesday and was “confident that it will be overturned”, but analysts warned the picture was more complex.

      In a note posted to the company’s investor relations page, the company said it did “not expect any near-term impact on our financial results” and that it was prepared to pursue the matter in court for years to come. “While we desire a resolution as soon as possible, the process is likely to take several years,” the company said.

      Peter Kenny, senior market strategist at Global Markets Advisory Group, said that it wasn’t clear which side would prevail, ultimately. “There’s no telling whether the verdict will stand on appeal, but we know that the landscape is changing for US corporations in the EU,” he told the Guardian.

    • Apple ordered to pay €13bn after EU rules Ireland broke state aid laws

      Apple has warned that future investment by multinationals in Europe could be hit after it was ordered to pay a record-breaking €13bn (£11bn) in back taxes to Ireland.

      The world’s largest company was presented with the huge bill after the European commission ruled that a sweetheart tax deal between Apple and the Irish tax authorities amounted to illegal state aid.

      The commission said the deal allowed Apple to pay a maximum tax rate of just 1%. In 2014, the tech firm paid tax at just 0.005%. The usual rate of corporation tax in Ireland is 12.5%.

      “Member states cannot give tax benefits to selected companies – this is illegal under EU state aid rules,” said the European competition commissioner, Margrethe Vestager, whose investigation of Apple’s complex tax dealings has taken three years.

    • Apple Inc. Could Lose $19 Billion In Ireland On Tax Probe

      Apple Inc. (NASDAQ:AAPL) was offered some reprieve on a European tax investigation in recent days after Margrethe Vestager, the Danish Commission in charge of the inquiry, decided to slow down its progress toward making conclusions. Despite that, Apple could still be very much in trouble in Europe, and a new report outlines some of the dangers that Tim Cook and his team may be facing.

    • European Commission Rules Apple Received Illegal State Aid From Ireland, Owes Billions in Back Taxes

      The European Commission on Tuesday will rule that Apple received illegal state aid from Ireland, according to a 130-page judgment known by Financial Times.

    • Apple’s Tax Game Is Hurting Economic Growth

      It’s a big number, though not nearly the tax bill Apple would owe the U.S. if it pulled the $92 billion in profits it is currently storing in Irish and other overseas accounts back to its home country.

      CEO Tim Cook says 40 percent of that would go in taxes to the U.S. and state governments, an amount he recently told the Washington Post Apple would not be willing to pay. “It’s not a matter of being patriotic or not patriotic,” Cook said. “It doesn’t go that the more you pay, the more patriotic you are.”

    • Industry’s Proposed Changes To Draft TPP Were Not Protected Under National Security Exemption, US Judge Says

      Changes to the draft text of the Trans-Pacific Partnership agreement (TPP) suggested during negotiation of the treaty are not protected under the national security clause of the US Freedom of Information Act (FOIA), a judge ruled yesterday in a rare rejection. But he also defended USTR’s protection of information on the basis that other countries in TPP might accuse the US of “steamrolling” them if US textual proposals from the negotiations were revealed.

    • Theresa May will lead us into a bleak future – outside the single market

      In a famous eulogy published following his death in 1881, the Times wrote of the 19th-century Tory prime minister Benjamin Disraeli that he “discerned the Conservative working man in the inarticulate mass of the English populace, as the sculptor perceives the angel imprisoned in a block of marble”.

      Can Disraeli’s admirer Theresa May already discern the shape of her Brexit deal imprisoned in the block of marble too? This week’s cabinet meeting at Chequers gave us some clues about the Britain the prime minister sees in her mind’s eye. A briefing stressed that curbing migration is a red line, and that Britain is not interested in an off-the-shelf deal with Europe but a bespoke one. Nevertheless it is still far from clear, perhaps even to May herself, what will emerge once she has finished with her hammer and chisel.

  • AstroTurf/Lobbying/Politics

    • New DNC Chair Donna Brazile Calls WikiLeaks’ Assange A ‘Criminal’ Over DNC Leak

      In an interview on Sunday, the interim chair of the Democratic National Committee criticized Julian Assange, the WikiLeaks founder who she called a “criminal,” and the media for what she perceived to be positive treatment of the government transparency website’s work.

      Donna Brazile took over as interim DNC chair in July after Debbie Wasserman Schultz resigned in the wake of WikiLeaks’ “DNC Leak,” an archive of almost 20,000 emails and over 8,000 files that also forced out other key party leaders.

      Appearing on ABC News’ “This Week”, Brazile praised Americans for supporting the victims of the Louisiana flood then criticized Republican presidential candidate Donald Trump for his failure to distance himself from the racist statements and attitudes of some of his supporters, including the so-called “alt-right” movement.

    • Bernie Sanders is a no-show for Tim Canova

      Bernie Sanders, the politician who elevated first-time candidate Tim Canova to national attention and a rich campaign warchest, doesn’t appear to be coming to South Florida to help out his protégé in his battle against U.S. Rep. Debbie Wasserman Schultz.

      At a press conference Wednesday — less than a week before the Aug. 30 primary — at his Hollywood campaign office, Canova pushed back against reporters’ questions about why Sanders hasn’t appeared in the Broward/Miami-Dade district.

      “You tell me why he isn’t coming,” said Canova. “I don’t have an answer to that. I am very proud to have his support. Quite frankly we don’t need him here to win this election. Our field operation is growing by the day. Debbie Wasserman Schultz is the one who needs to run out and get folks to come in from out of town to help protect her — to shield her from the voters. I am out there talking to voters every day.”

    • The Green Party’s Jill Stein Wants a Green New Deal
  • Censorship/Free Speech

  • Privacy/Surveillance

    • EU: Europe needs to invest $800bn in digital infrastructure to catch up with US

      Europe needs to invest close to $800bn in its digital infrastructure to catch up with the United States and China, the European Union commissioner responsible for the issue said on Thursday.

      Commissioner Guenther Oettinger also urged fellow Austrians to reject populist views that could deter technology experts from migrating to Europe to help drive development.

      If Europe can’t develop fibre-optic networks and next-generation high-speed 5G wireless applications and networks fast enough “we will lose, because important technological applications will not be possible any longer in our industry”, Oettinger said.

    • ESPN Can’t Get Out of NFL Player’s Privacy Lawsuit Over Reporter’s Tweet

      ESPN is no Gawker, but the sports giant is now facing the prospect of a trial in Florida that has shades of the litigation brought by Hulk Hogan over an invasion of privacy.

    • Court: Okay For Trial To Move Forward Against ESPN For Tweeting JPP’s Medical Chart

      ESPN’s lawyers also pointed out that Pierre-Paul is not suggesting that Schefter was prohibited from reporting on the exact details within the chart, which was the actual harming information if any harm actually was done, but that tweeting out the medical chart image itself suddenly was actionable. Why Pierre-Paul chose this attack on ESPN and a journalist rather than whatever source shared the chart with Schefter in the first place is largely left unaddressed, although the depth of the parties’ respective pockets likely has something to do with it.

      Regardless, this is a disappointing ruling on many levels. Those seeking medical attention certainly do have an expectation of privacy from those providing the healthcare work and one would think HIPAA violations may be in play here as well, but Pierre-Paul has no such expectation of privacy from a journalist covering him. The proper defendant in this case is obviously whomever provided the chart to Schefter and likely over HIPAA violations. Whatever the implications upon privacy at issue here, it seems quite clear that chilling the reporting of journalists who receive information from sources is not hte proper vector for addressing those issues. Between this and the Gawker case, along with the public comments by one well-known would-be politician, we seem to entering a different era in terms of how the press is viewed and treated in America.

    • FBI’s stingray quickly found suspect after local cops’ device couldn’t

      According to new government affidavits filed earlier this week, the Oakland Police Department (OPD) used its stingray without a warrant in 2013 for several hours overnight as a way to locate a man accused of being involved in shooting a local police officer. The OPD called in the FBI when that effort was unsuccessful. The FBI was somehow able to locate the suspect in under an hour, and he surrendered to OPD officers.

      That suspect, Purvis Ellis, is the lead defendant in the case of United States v. Ellis et al. The case involves four men who are charged with the January 21, 2013 attempted murder of local police officer Eric Karsseboom in the parking area in front of a Seminary Avenue apartment complex in East Oakland. The men are also charged with running an alleged local gang, centered around Seminary Avenue (known as “SemCity”).

    • Court Documents Show FBI Had To Bail Out Oakland Police With Its Bigger, Better Stingray

      The only reason these affidavits even exist is because the judge presiding over the prosecution of Purvis Ellis ordered the government to submit declarations detailing how the devices were used to locate him. Two declarations — one from the FBI [PDF] and one from the Oakland PD [PDF] — shed some additional light on the now-ubiquitous cell phone-tracking technology.

      Neither law enforcement agency sought a warrant for their Stingray deployments. Both declarations claim none was needed because of “exigent circumstances.” Given that this occurred before the DOJ instituted a warrant requirement for the FBI’s Stingray use, it’s unlikely any evidence is in danger of being tossed.

      The Oakland PD’s declaration states the same thing: no warrant was sought because of “exigent circumstances.” Similarly, there appears to have been no warrant requirement in place for the Oakland Police Department at that time. That doesn’t mean the court won’t find that the use of a Stingray device (or, in this case, two of them) requires the use of a warrant, but even if it does, the good faith exception is likely to apply — especially in the FBI’s case, as its warrant requirement was still thee years away. In both deployments, pen register orders were used to obtain subscriber info. Because exigent circumstances dictated the requests, no judicial approval of the orders was needed.

      Ellis’ lawyers are hoping the judge will find the circumstances surrounding the Stingray deployments to be not nearly as “exigent” as the government claims.

    • Lawsuit: Warriors App Secretly Allowed For Creepy, NSA-Style Tracking Of Users

      The Golden State Warriors are the team of the megalomaniacs and bloodsuckers of Silicon Valley, and they are run by a trophy-fucker who thinks he invented smallball. From their continued obfuscation of their own ridiculous luck with a teleological argument about how their success was predetermined by their organizational character to their second-best player humping the “Actually, Failure Is Good” line, they embody the worst tendencies of their region. I would have thought that secret data mining was beyond the capabilities of a basketball team, but according to a class-action lawsuit, the Warriors official team app may have violated users’ privacy. The lawsuit alleges that the team’s official smartphone app has recorded private conversations and other audio from users’ phones without their knowledge or permission, and without giving them the ability to opt out.

    • Flagrant foul? Mobile app user accuses NBA’s Warriors of spying on conversations
    • Lawsuit claims Warriors app used to secretly listen in on fans
    • Golden State Warriors Android app constantly listens to nearby audio, fan says
    • Lawsuit alleges that Warriors’ app illegally listens in on users
    • Lawsuit calls foul on Golden State Warriors’ app
    • Warriors’ app secretly records users’ conversations, according to lawsuit
    • Lawsuit filed against Warriors’ app for violating consumers’ privacy
    • Lawsuit claims popular Warriors app accesses phone’s microphone to eavesdrop on you
    • Class action lawsuit claims Warriors’ official app covertly listened to users
    • Golden State Warriors, Signal360 And App Developer Sued Over ‘Eavesdropping’ Allegations
    • Warriors Wrap Up: Warriors Face Lawsuit Regarding App
    • Lawsuit Claims Warriors App Monitors User Conversations
    • Lawsuit accuses Golden State Warriors of spying on fans through team app
    • Golden State Warriors’ app at the center of a lawsuit
    • Signed, Sealed, Delivered: Golden State Warriors to Notch Another NBA Championship?
    • Lawsuit Claims Warriors Team App Secretly Recorded Users’ Conversations
    • Warriors general manager says team will take time to evolve during new season
    • Golden State Warriors app alleged to record users’ conversations without consent
    • Lawsuit Claims Warriors Mobile App Eavesdrops On Fans Even When Not In Use
    • NBA Team Smartphone App Secretly Records Private Phone Conversations, Claims Lawsuit
    • Lawsuit claims Warriors app secretly records users’ conversations
    • NBA’s ‘Golden State Warriors’ app allegedly listens in on users’ conversations constantly
    • DOD data center closures could affect DC area
    • Inspector General Finds NYPD’s Surveillance Of Muslims Routinely Violated Consent Decree Guidelines

      Following two lawsuits against the NYPD for its pervasive, rights-violating surveillance of the city’s Muslims, the department’s Inspector General took a look at a sampling of cases from 2010-2015 to see if the Handschu Agreement — crafted in 1985 and heavily modified in 2002 — was being followed. The short answer is “No.” So is the long answer [PDF].

      The guideline was part of a consent decree created in response to pervasive NYPD surveillance of activities protected by the First Amendment, even when no unlawful activity was suspected. The guideline worked for awhile, but the 9/11 attacks changed that. The NYPD brought in two former CIA employees who decided to turn a domestic law enforcement agency into Langley on the Hudson. Former CIA officer David Cohen used terrorism fears to compel a judge to significantly modify the Handschu Agreement.

      >From that point on, the NYPD steadily abused the revamped agreement. Its “Demographics Unit” designated entire mosques as terrorist entities, placed the city’s Muslims under surveillance, and — best of all — generated zero leads.

      The Inspector General’s report points out that the NYPD couldn’t even comply with the relaxed, post-9/11 Handschu Agreement. Instead, the Demographics Unit copy-pasted justifications for pervasive surveillance and passed them up the ladder to the rubber stamps handling the approval process.

    • U.K. and Double Game of Terrorist Ratlines and GCHQ Spying: Control of Smartphones

      Edward Snowden warns about the role of big government in the United Kingdom (UK) and how the Government Communications Headquarters (GCHQ) can literally control smartphones at the drop of a hat. Of course, this isn’t a shock to anyone because the British government is obsessed with monitoring various different social media networks and all forms of telecommunications. However, despite this, it is still alarming to know that GCHQ can even spy on individuals when smartphones are turned off and take images.

      Before focusing on the advice of Snowden and looking into GCHQ in relation to smartphones, it is important to mention the terrorist intrigues of the British government. After all, various governments in the UK, irrespective if the Conservative Party or Labour Party, have supported various terrorist groups since the late 1970s onward in relation to Sunni Takfiri Islamist groups. Indeed, if you go further back into history then obviously several British governments also helped America in various areas in relation to supporting right-wing authoritarian regimes throughout South America.

    • EU General Data Protection Regulation

      The GDPR seeks to afford technologically neutral protection, by addressing legal aspects of the processing and free movement of personal data in light of the technological developments of the past 20 years. The review of the personal data protection system that led to the GDPR derived from the central role that the Internet plays in personal and business life and the concerns of individuals about unlawful intrusions by both companies and public authorities into their personal data (e.g., see the CJEU’s judgement in case C-362/14, Maximillian Schrems v Data Protection Commissioner, invalidating of the EU-US Safe Harbor).

    • Leaked Catalogue Reveals a Vast Array of Military Spy Gear Offered to U.S. Police

      A confidential, 120-page catalogue of spy equipment, originating from British defense firm Cobham and circulated to U.S. law enforcement, touts gear that can intercept wireless calls and text messages, locate people via their mobile phones, and jam cellular communications in a particular area.

      The catalogue was obtained by The Intercept as part of a large trove of documents originating within the Florida Department of Law Enforcement, where spokesperson Molly Best confirmed Cobham wares have been purchased but did not provide further information. The document provides a rare look at the wide range of electronic surveillance tactics used by police and militaries in the U.S. and abroad, offering equipment ranging from black boxes that can monitor an entire town’s cellular signals to microphones hidden in lighters and cameras hidden in trashcans. Markings date it to 2014.

      Cobham, recently cited among several major British firms exporting surveillance technology to oppressive regimes, has counted police in the United States among its clients, Cobham spokesperson Greg Caires confirmed. The company spun off its “Tactical Communications and Surveillance” business into “Domo Tactical Communications” earlier this year, presumably shifting many of those clients to the new subsidiary. Caires declined to comment further on the catalogue obtained by The Intercept or confirm its authenticity, but said it “looked authentic” to him.

    • Privacy Groups File FTC Complaint Over Whatsapp Facebook Privacy ‘Bait And Switch’
    • Meet USBee, the malware that uses USB drives to covertly jump airgaps
    • USBee, the new malware that covertly jumps airgaps using USB drives
    • How to Leak Data From Air-Gapped Computers With a USB Device
    • Creating a buzz: USBee software causes air-gapped computers to leak data via USB connections
    • USBee stings air-gapped PCs: Wirelessly leak secrets with a file write
    • Researchers have replicated one of the NSA’s scariest hacking tools

      Called USBee, and developed by security researchers at the Ben-Gurion University’s Cyber Security Center, the technology lets attackers move data from a protected computer over the air. Certain conditions have to be met. First, an insider must infect the computer with the malware. Then, any USB stick must be plugged into that computer. Finally, the attacker needs to be near the compromised device.Called USBee, and developed by security researchers at the Ben-Gurion University’s Cyber Security Center, the technology lets attackers move data from a protected computer over the air. Certain conditions have to be met. First, an insider must infect the computer with the malware. Then, any USB stick must be plugged into that computer. Finally, the attacker needs to be near the compromised device.

    • FBI director: ‘There is no such thing as absolute privacy in America’

      Welcome back, hope you had a great summer, let’s get right back to our regularly scheduled cyber programming: A global war over encryption.

      FBI Director James Comey, who has spent the last six months itching to get back into a public debate over the spread of encryption and mandated special backdoor government access to data, took to a spotlighted stage on Tuesday to pointedly criticize tech companies who offer default strong encryption on devices, saying he was preparing for the argument to extend into 2017 and beyond.

    • The NSA Research Director Wants Hackers to Know Who She Is [Ed: Another NSA puff piece comes out now…]
    • Mysterious Group Hacks The NSA

      The latest hack revealed over the weekend has nothing to do with the Democratic Party or George Soros, and instead a mysterious hacker group by the name “The Shadow Brokers” claims to have hacked the Equation Group – a government cyberattack hacking group associated with the NSA, and released a bunch of the organization’s hacking tools. The hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.

      “Attention government sponsors of cyber warfare and those who profit from it!!!!” the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr.

    • Cisco, Huawei and Juniper play down NSA attack reports

      Cisco, Huawei and Juniper have played down reports that the US National Security Agency (NSA) has developed tools to spy on traffic running through their equipment.

      Juniper and Cisco admitted that there were vulnerabilities, that have now been addressed. Huawei did not go so far, but said the company was making “significant investments” in security.

      The reports emerged after a group called Shadow Brokers released files that seemed to show the NSA was targeting not only US companies such as Cisco and Juniper but also Chinese vendor Huawei.

    • CIA director misled FBI about how agency spied on Pentagon Papers leaker

      CIA Director Richard Helms misled the FBI in June 1972 to cover up his agency’s role in helping to smear the reputation of Daniel Ellsberg, the man who leaked a secret history of the Vietnam War to the press, a newly released CIA document shows.

      In a June 28, 1972, memo to his deputy, Vernon Walters, Helms wrote that he asked the FBI to “desist from expanding this investigation into other areas which may well, eventually, run afoul of our operations.” Those details are included in the 155-page CIA inspector general’s report that was obtained through a Freedom of Information Act request by the conservative legal watchdog Judicial Watch and released Tuesday. Other elements of the document were first reported Tuesday by Fox News.

      Helms’ misdirection enabled the CIA’s role in the Pentagon Papers case to go undiscovered for 11 months amid a growing political scandal that would eventually force President Richard Nixon from office and lead to an extensive investigation into abuses by the CIA and other parts of the U.S. Intelligence community.

  • Civil Rights/Policing

    • Strong evidence suggests a Peruvian police ‘death squad’ set up and killed criminal suspects

      Nine members of Peru’s national police are being investigated on suspicion of participating in a “death squad” responsible for as many as 27 killings carried out to secure promotions and impress superiors, government officials said.

      One police general, a commander and seven officers are suspected of having organized at least six bogus police operations from 2011 to 2015 that resulted in the deaths. While most of the victims had criminal pasts, at least 11 people killed during the operations had no police records, investigators say.

      A source within a special investigative committee formed by recently inaugurated President Pedro Pablo Kuczynski told the Los Angeles Times late Tuesday that investigators believe corrupt police using intermediaries persuaded delinquents to carry out robberies and then killed them during the heists to gain performance points.

    • EFF, ACLU Asks Ninth Circuit Court To Rehear Two Recent CFAA Cases

      The EFF and ACLU are pushing the Ninth Circuit Court of Appeals to hold full en banc rehearings (with all 11 judges, rather than just three) of two recent CFAA-related cases. The first case, US v. Nosal, is the more (in)famous of the two. In this decision, the court read the language of the CFAA broadly enough to criminalize a mostly-harmless everyday activity participated in by thousands of Americans: password sharing.

      The court tried to couple this with some “authorization” wording to make it appear as though the court wouldn’t entertain frivolous prosecutions using interpretation of the CFAA, but that gives the court (and the DOJ) far more credit than they have earned.

      The other case — Facebook v. Power Ventures — is dangerous in its own way, even if it involves two private companies, rather than the US government’s prosecutorial arm. The same appeals court didn’t go quite as far as it did in the Nosal decision in terms of criminalizing password sharing, but instead made the district’s stance even more confusing by arriving at a seemingly-contradictory conclusion.

    • ACLU Challenges Gag Orders Issued To Tech Companies By The DOJ

      The ACLU is hoping to intervene in Microsoft’s legal battle against the government, challenging gag orders attached to warrants and subpoenas issued under the Electronic Communications Privacy Act (ECPA). Microsoft sued the DOJ back in April, arguing for the right to notify customers that their communications and data have been handed over to the government.

      Microsoft didn’t have a problem with the government’s gag orders in every case. It’s just that the demand for secrecy accompanied more than half of the ~300 orders per month Microsoft receives. And nearly 70% of those gag orders arrived with no fixed end date.

      The ACLU petitioned the court to intervene in the case on its own behalf, citing its position as a Microsoft customer. The DOJ filed a motion to dismiss Microsoft’s lawsuit, hoping the court will find Microsoft has no standing to challenge gag orders on its customers’ behalf. The ACLU is trying to prevent this from happening until the DOJ addresses the issues raised by the ACLU’s (attempted) intervention. In its opposition [PDF] to the DOJ’s motion, the ACLU points out that the government’s “no standing” argument pretty much nullifies any sort of due process for Microsoft customers (including the ACLU) who’ve been targeted by the DOJ’s super-secret warrants, relegating them to a Kafka-esque legal purgatory.

    • Australian Government Using Data Retention Law To Seek Out Journalists’ Sources, Hunt Down Whistleblowers

      If there ever were decent protections for whistleblowers in Australia, they’re gone now. Australia’s Attorney General was pushing for harsher whistleblower punishments two years ago, while simultaneously claiming data retention laws — and expanded permissions for intelligence agencies to pore through retained data — were simply the way governments were doing business these days.

      And what a business it is. The Australian government wants to punish whistleblowers but finds they’re often difficult to track down. It’s just so much easier to find those they leak documents to, like journalists, and work towards getting them to divulge their sources. The “best” part about the new data retention laws is that those seeking whistleblowers to punish won’t have to confront journalists directly. In fact, they may never need to speak to them at all.

    • Turkey removes more than 10,000 security personnel, academics in purge

      Turkish authorities have suspended about 8,000 security personnel and more than 2,000 academics, adding to a purge of people suspected of having links to perpetrators of a failed coup, the Official Gazette said on Friday.

      Since the coup attempt in mid-July, in which rogue soldiers tried to topple President Tayyip Erdogan’s government, Turkey has removed 80,000 people from public duty and arrested many of them, accusing them of sympathising with the plotters.

      Of the security personnel removed in the latest purge, 323 were members of the gendarmerie and the rest police, according to the Official Gazette, in which the government publishes new laws and orders.

  • Internet Policy/Net Neutrality

    • FCC Gives Up On Municipal Broadband Fight

      Easier said than done. Telecom incumbents, like so many large players, have an absolute chokehold over state legislatures. So much so that ISPs like AT&T continue to have success passing new laws of this type despite growing, significant bipartisan public opposition to them. For years ISPs quickly passed these laws by framing this as a partisan issue of government “competing with the free market.” But as Comcast and AT&T consumers get an ongoing master class in how broken and not free the telecom market is, members of both parties have grown increasingly hostile toward protectionism of this type.

    • AT&T, Poster Child For Government Favoritism, Mocks Google Fiber For Government Favoritism

      First, let’s just get out of the way that the idea of AT&T, now bone-grafted to our intelligence agencies’ domestic surveillance efforts, giving anybody a lecture on government favoritism deserves a major hypocrisy award.

      What’s AT&T actually upset about? Google Fiber has been pushing to reform utility pole attachment rules, one of several layers of regional bureaucracy telecom monopolies used to slow broadband competitors from coming to market. Google Fiber’s been pushing cities like Louisville and Nashville for “one touch make ready” laws that let a single, insured contractor move any ISPs’ hardware — often reducing installation from half a year to just a month. AT&T’s response? To sue cities like Louisville for overstepping their authority. Such decisions, AT&T argues, should be left up to the state regulatory bodies that AT&T all but owns.

      AT&T’s taking the opportunity to kick Google Fiber while it’s down, the company plagued by recent rumors that it’s pausing a handful of unannounced cities to consider supplementing fiber service with wireless broadband. Sources with knowledge of Google Fiber’s plan tell me many of the reports about Google Fiber hitting deployment “snags” have been either overstated or in error, but the fact that Google Fiber hasn’t publicly clarified its dedication to expansion suggests there likely is some possible restructuring going on as the company takes stock of its recent Webpass acquisition and eyes wireless as a way to supplement fiber.

    • AT&T Dodges FTC Throttling Lawsuit Using Title II Classification It Vehemently Opposed

      Back in 2011, AT&T stopped selling unlimited wireless data plans, and began heavily pushing more expensive capped and metered plans. Existing unlimited users at the time were grandfathered, but the company engaged in all manner of sneaky behavior to try and make life as unpleasant as possible for these users, ranging from blocking them from using Facetime unless they migrated to metered plans, to heavily throttling these “unlimited” users after only consuming a few gigabytes of data. Ultimately AT&T faced a $100 million fine by the FCC (currently being contested by AT&T), and a 2014 lawsuit by the FTC for misleading consumers and dramatically changing the terms of service while users were under contract.

    • T-Mobile Declares It’s On ‘The Right Side Of History’ As It Laughs At Net Neutrality

      While T-Mobile has certainly done some good things for the wireless industry, the company’s ongoing tone deafness on net neutrality isn’t doing the carrier any favors. T-Mobile fought against real net neutrality rules, then, once passed anyway, got right to work trying to find creative ways around the rules using zero rating (exempting only some content from usage caps). When net neutrality advocates and scholars repeatedly pointed out T-Mobile was violating net neutrality and being a bit hypocritical (“we’re edgy and love consumers but not real net neutrality!”), the company dug a deeper hole by attacking groups like the EFF.

      Last week T-Mobile upped the ante with new plans that promise “unlimited” data, but are not only more expensive, they throttle tethering, throttle overall consumption at 26 GB, and throttle all video to 1.5 Mbps or 480p. Users who want HD video to actually work correctly can apparently pony up $25 more per month. Emboldended by T-Mobile and a (so far) apathetic FCC, Sprint revealed similar “unlimited” data plans of its own, which throttle all video, games and music to 1.5 Mbps, 2 Mbps, and 500 kbps respectively, unless you pony up another $25 per month.

      Groups like the EFF were quick to point out that installing ISPs as middlemen who get to determine how well your services work based on how much you pay in a marginally-competitive broadband market sets a horrible precedent. If regulators allow T-Mobile to charge more money for HD video to work, what stops Comcast from charging you more if you want 4K Netflix streams to work? Or AT&T deciding it can charge you more if you want your Steam games to download at full bitrate? This is a door that, once opened, won’t be easily closed. And once this practice is a standard, it will be abused.

  • DRM

    • DRM: Still Hurting Paying Customers The Most

      So, we have two issues, neither of them useful to end users. On Adobe’s end, we have a protection scheme that requires an internet connection. That’s classic DRM — phone home, get permission… all well and good (NOT REALLY) until someone needs access to documents but can’t because they’re not connected to the internet.

      Then we have an update that breaks the connection Adobe’s DRM relies on, forcing the same problem on users who do have internet access. The problem with DRM schemes like these is that they rely on a bunch of parts that aren’t interconnected (Adobe, Windows) but both have to be working properly to get the job done… rather than just, say, open Adobe Reader and be done with it. Subtract an internet connection and Adobe’s documents are useless, even to authorized users. Throw a suprisingly volatile Windows update into the mix and end users doing everything right are still screwed. Combine the two and sensitive documents are suddenly so “protected” that a majority of users can’t even view them. And, remember, this is a “privilege” corporate customers pay for.

      DRM: still mostly useless and still mainly a pain in the ass for paying customers.

  • Intellectual Monopolies

    • A triple dose of defeat – three antibiotic patents of Cubist revoked in one trial

      This case concerns three patents owned by the defendant Cubist Pharmaceuticals LLC relating to the antibiotic daptomycin, originally discovered by Eli Lilly in the 1980s. Patent EP1115417 (“the 417 patent”) claims a range of doses of the drug to be administered once a day. The other two patents, EP1252179 and EP2264047 (“the 179 patent” and “the 047 patent” respectively), claim different methods of purifying daptomycin. The claimant, Hospira UK Limited, sought the revocation of all three patents, which were all considered in a single trial. Mr Justice Carr found all three patents to be invalid.

    • Trademarks

      • Louis Vuitton’s Inability To Take A Joke Opens Up A Chance To Fix Our Broken Trademark Laws

        As you may recall, earlier this year we wrote about a good ruling in a ridiculous lawsuit by the notoriously overaggressive trademark enforcers at luxury goods giant Louis Vuitton. You can look back at some of their earlier lawsuits, but the one we wrote about this year was particularly ridiculous. It sued a small bag maker called “My Other Bag” who made a simple tote bag that played on the famous joke bumper sticker “My Other Car is A….” with some sort of luxury car brand listed as the final point. People would put those on not-nearly-as-nice cars. In fact, when I was a kid, my dad had a Ford Pinto (yes, the exploding kind) and it had “My Other Car is a Porsche” as a bumper sticker. It’s not a very funny joke (and I totally didn’t get it as a kid), but it’s a joke.

      • Moosehead Lager Makers At It Again: Suing Moose Whiz Root Beer For Trademark Infringement

        Earlier this year, Moosehead Brewery made the wonderful decision to get into a trademark dispute with the makers of a different beer, called Müs Knuckle, I imagine because trademark lawyers now know both that I’m paying attention to these cases and that I have the sense of humor of a high school sophomore. Moosehead essentially asserted that it owned the trademark rights to anything remotely close to “moose”, including made up words that are homonyms but which have delightfully vulgar connotations. Other than the issue of the word “moose”, none of the trade dress in question had anything remotely to do with one another.

        Which is slightly different in another trademark suit that Moosehead Brewery has initiated. In the case of Moosehead Brewery v. Moose Wizz Root Beer, the labels are somewhat similar in color and logo, though there is certainly differentiation within them as well. The real issue here, instead, is that one of these is an alcoholic drink while the other is just a soda.

    • Copyrights

      • SUPER KAT-EXCLUSIVE: Here’s draft Directive on copyright in the Digital Single Market
      • Our ‘Copying Is Not Theft’ T-Shirt Seems To REALLY Upset Some People

        That doesn’t necessarily mean that copying is always legal or morally correct. But it pretty clearly is not theft.

        The shirt is selling fine (get yours soon, because it’s only available for a few more days!), but what’s been surprising is how much it has resulted in pure rage from some people who seem really, really pissed off that we’d dare suggest the simple fact that copying is not theft.

        Earlier this week, we wrote about the head of the Global Anti-Counterfeiting Group promising to make counterfeit copies of our t-shirt (which seems a bit… odd, no?), but today I wanted to highlight some of the other responses we’ve received. The fact is, many people do understand the message and seem to appreciate it, but I’m somewhat surprised at those who disagree with it who feel the need to not just disagree, but to act as if merely stating a four word factual sentence is somehow offensive. It started in our comments where someone insisted that saying copying is not theft wasn’t just wrong, but was “ignorant and irresponsible.” Huh.

      • Announcing The Techdirt Greenhouse Salon: The Battle For Copyright Reform

        Several years ago, we hosted a series of really fun events called the Techdirt Greenhouse, which involved getting a lot of smart people together and actively brainstorming on a variety of topics. We’ve been wanting to bring back the Greenhouse events for a while now, and we’re finally going to do so with a new series of evening “Greenhouse Salons” hosted by our Copia Institute. Today we’re announcing the very first of these new Greenhouse Salons, The Battle For Copyright Reform. As you know, there are ongoing efforts to reform copyright around the globe, with a proposal leaked for the EU and one expected shortly in the US.

      • PETA Has Lost Its Monkey’s ‘Next Friend’ In Its Crazy Copyright Case

        The ongoing saga that is the monkey selfie lawsuit has continued to move forward, with the lawyers for photographer David Slater filing their brief in response to PETA’s. As you probably recall, PETA had teamed up with a primatologist named Antje Engelhardt claiming to be “next friends” for the Indonesian macaque monkey named Naruto, who is alleged to have taken the following selfie with David Slater’s camera.

      • 3 copyright tips for students and educators

        Copyright is a really complicated topic, and when it comes to online use of creative works, accidentally crossing the line between fair use and a copyright violation is easy. How do you know what is copyrighted? Recently Frederico Morando (Creative Commons, Italy) and I presented a training session on understanding copyright policies at Wikimania 2016, which was originally proposed by Wikipedian User:Jim Carter. We covered topics such as fundamentals of copyright, exclusive rights, Berne convention, copyleft, Creative Commons licenses, Public Domain, fair use, and copyfraud.

      • The last thing the API economy needs is copyright friction

        The Oracle versus Google verdict set a positive precedent for the future of the API economy, but will it last? What is at stake if the decision is reversed?

        While on the surface Oracle versus Google might seem like a battle for profit between two tech giants, the implications are much more significant. This is a battle for interoperability and the merit-based making of entire markets.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. IRC Proceedings: Saturday, June 03, 2023

    IRC logs for Saturday, June 03, 2023

  2. Links 04/06/2023: Azure Outage Again (So Many!) and Tiananmen Massacre Censored

    Links for the day

  3. Links 03/06/2023: Qubes OS 4.2.0 RC1 and elementaryOS Updates for May

    Links for the day

  4. Gemini Links 03/06/2023: Hidden Communities and Exam Prep is Not Education

    Links for the day

  5. Links 03/06/2023: IBM Betraying LibreOffice Some More (After Laying off LibreOffice Developers)

    Links for the day

  6. Gemini Links 03/06/2023: Bubble Woes and Zond Updates

    Links for the day

  7. Links 03/06/2023: Apache NetBeans 18 and ArcaOS 5.0.8

    Links for the day

  8. IRC Proceedings: Friday, June 02, 2023

    IRC logs for Friday, June 02, 2023

  9. The Developing World Abandons Microsoft Windows, GNU/Linux at All-Time Highs on Desktops/Laptops

    Microsoft, with 80 billion dollars in longterm debt and endless layoffs, is losing the monopolies; the media doesn’t mention this, but some publicly-accessible data helps demonstrate that

  10. Links 02/06/2023: Elive ‘Retrowave’ Stable and Microsoft's Half a Billion Dollar Fine for LinkeIn Surveillance in Europe

    Links for the day

  11. Linux Foundation 'Research' Has a New Report and Of Course It Uses Only Proprietary Software

    The Linux Foundation has a new report, promoted by Clickfraud Spamnil and others; of course they’re rejecting Free software, they’re just riding the “Linux” brand and speak of “Open Source” (which they reject themselves)

  12. Links 02/06/2023: Arti 1.1.5 and SQL:2023

    Links for the day

  13. Gemini Links 02/06/2023: Vimwiki Revisited, SGGS Revisited

    Links for the day

  14. Geminispace/GemText/Gemini Protocol Turn 4 on June 20th

    Gemini is turning 4 this month (on the 20th, according to the founder) and I thought I’d do a spontaneous video about how I use Gemini, why it's so good, and why it’s still growing (Stéphane Bortzmeyer fixed the broken cron job — or equivalent of it — a day or two after I had mentioned the issue)

  15. HMRC Does Not Care About Tax Fraud Committed by UK Government Contractor, Sirius 'Open Source'

    The tax crimes of Sirius ‘Open Source’ were reported to HMRC two weeks ago; HMRC did not bother getting back to the reporters (victims of the crime) and it’s worth noting that the reporters worked on UK government systems for many years, so maybe there’s a hidden incentive to bury this under the rug

  16. Our IRC at 15th Anniversary

    So our IRC community turns 15 today (sort of) and I’ve decided to do a video reflecting on the fact that some of the same people are still there after 15 years

  17. IRC Proceedings: Thursday, June 01, 2023

    IRC logs for Thursday, June 01, 2023

  18. Links 02/06/2023: NixOS 23.05 and Rust 1.70.0

    Links for the day

  19. Gemini Links 02/06/2023: Flying High With Gemini and Gogios Released

    Links for the day

  20. Links 01/06/2023: KStars 3.6.5 and VEGA ET1031 RISC-V Microprocessor in Use

    Links for the day

  21. Gemini Links 01/06/2023: Scam Call and Flying High With Gemini

    Links for the day

  22. Links 01/06/2023: Spleen 2.0.0 Released and Team UPC Celebrates Its Own Corruption

    Links for the day

  23. IRC Proceedings: Wednesday, May 31, 2023

    IRC logs for Wednesday, May 31, 2023

  24. Tux Machines Closing the Door on Twitter Because Twitter is Dead (for a Lot of People)

    Tux Machines recently joined millions of others who had already quit Twitter, including passive posting (fully or partly automated)

  25. Links 31/05/2023: Inkscape’s 1.3 Plans and New ARM Cortex-A55-Based Linux Chip

    Links for the day

  26. Gemini Links 31/05/2023: Personality of Software Engineers

    Links for the day

  27. Links 31/05/2023: Armbian 23.05 Release and Illegal UPC

    Links for the day

  28. IRC Proceedings: Tuesday, May 30, 2023

    IRC logs for Tuesday, May 30, 2023

  29. Gemini Protocol About to Turn 4 and It's Still Growing

    In the month of May we had zero downtime (no updates to the system or outages in the network), which means Lupa did not detect any errors such as timeouts and we’re on top of the list (the page was fixed a day or so after we wrote about it); Gemini continues to grow (chart by Botond) as we’re approaching the 4th anniversary of the protocol

  30. Links 31/05/2023: Librem Server v2, curl 8.1.2, and Kali Linux 2023.2 Release

    Links for the day

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts