Red Hat Enterprise Linux 8.1 is the first major update to the Red Hat Enterprise Linux 8 operating system series delivering new security enhancements, improved manageability, updated drivers for better hardware support, greater developer productivity, as well as another layer of performance improvements for better reliability and stability.
Security is very important these days, and Red Hat Enterprise Linux 8.1 Beta introduces container-centric SELinux profiles, which lets administrators create security policies that are more tailored to their needs for better control over container access of a host system's resources, such as compute, network, and storage.
and Linux kernel developer Chris Wright reassured everyone that Red Hat would be staying its open-source and product course.
Question number one was what are the plans for Red Hat's Kubernetes offering OpenShift. Kubernetes is vital for the modern-day hybrid cloud. Indeed, one of the big reasons why IBM bought Red Hat was for its hybrid-cloud expertise. That said, IBM has its own native Kubernetes offering, IBM Cloud Kubernetes Service for use on its private cloud offerings.
Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which there might be toilet paper conferences, you don’t know, and:
[00:01:15] What makes a good conference? We’re digging into this in some depth; what makes a conference fun, or useful, or beneficial, or all of the above, and what stops it from being those things? What’s the point of conferences anyway? A wide-ranging discussion trying to work out what people are doing well, and not so well.
Endeavour OS, Deepin 15.11, OnlyOffice 5.3, Ubuntu Mate 19.10 Alpha GPD MicroPC, Pinebook Pro Pre-orders, Silverblue, Gnome Extension With Malware, Google Stadia, Steam Sale Apollo 11
kernel series, a total of 11 kernel engineers authored no less than 61 patches, signed-off on a total of 131 changes, tested 47 fixes, acknowledged another 9 patches, and suggested 4 changes implemented by other kernel developers.
However, the most important contribution made by Collabora to Linux kernel 5.2 is the implementation of case-insensitive functionality for the EXT4 file system, which is used by default by almost all GNU/Linux distributions. This change will provide major performance improvements for various emulated programs, such as games running in Wine.
The big release is here. After about a month of QA on the Release Candidate, XCP-ng 8.0 is now available and can be safely used in production environments.
Most of the new features available in this new version have already been presented in our previous blogpost concerning the RC (some highlights, UEFI support, ZFS support and a new XOA quick deploy). However, some additional features and changes are notable.
XCP-ng, the enterprise-focused hypervisor based on Xen Server that offers a web UI for management, scalability optimizations, live migration support, and other community features, is up to version 8.0.
XCP-ng 8.0 was just released today and it is based on Xen 4.11. This XCP-ng 8.0 release adds in ZFS On Linux 0.8.1, UEFI support, MDS/Zombieload fixes, a variety of new packages, and other features.
This is a maintenance release of S3 DDX for X.Org X Server. The DDX compiles cleanly without compilation warnings on X Server 1.19.6.
Kevin Brace Brace Computer Laboratory blog https://bracecomputerlab.com
-- Alan Coopersmith (7): When checking malloc for success, it helps to use == NULL, instead of = s3_bios.c: Simplify code for choosing between 16000 & 16000 for RefClock Remove unused BIOS size & address macros configure: Drop AM_MAINTAINER_MODE autogen.sh: Honor NOCONFIGURE=1 Update README for gitlab migration Update configure.ac bug URL for gitlab migration
Emil Velikov (1): autogen.sh: use quoted string variables
Eric S. Raymond (1): Fix malformed list syntax.
Gaetan Nadon (1): Remove mibstore.h
Kevin Brace (5): Discontinue the use of xf86PciInfo.h Use const char for xf86GetOptValString return type Eliminate set but not used variable compilation warnings Eliminate unused variable compilation warning Version bumped to 0.7.0
Mihail Konev (1): autogen: add default patch prefix
Peter Hutterer (1): autogen.sh: use exec instead of waiting for configure to finish
git tag: xf86-video-s3-0.7.0
S3 Graphics drivers are still alive and well on Linux, well, sort of. On Thursday was the first new open-source xf86-video-s3 driver update in seven years.
Kevin Brace, the open-source contributor known for working on the VIA OpenChrome driver and other vintage open-source graphics drivers, took to releasing xf86-video-s3 0.7.0. While it's been seven years since the previous release (v0.6.5), there isn't all that much in 0.7.0.
In addition to this, there’s been a pretty significant rewrite, changing the overall design of Zink. The reason for this, was that I made some early design-mistakes, and after having piled a bit too many features on top of this, I decided that it would be better to get the fundamentals right first.
Sadly, not all features have been brought forward since the rewrite, so we’re currently back to OpenGL 2.1 support. Fixing this is on my list of things I want to do, but I suspect that cleaning things up and upstreaming will take presedence over OpenGL 3.0 support.
Each benchmark was run when the average load was less than 0.1. For each of the sbc-bench runs the full results uploaded to http://ix.io were checked for throttling and noted in the table. Slight throttling occurred on the X45 and NUC7PJYH whereas the X55 CPU got the hottest and suffered the most throttling as a consequence. The I/O read speeds for the Beelink X45 and X55 devices were nearly half that of the other devices which was also highlighted by the Phoronix IOzone test. The memory benchmark results were lower for the X45 as a result of only having 4GB of RAM and the consequence of this can be seen reflected in other test results.
Let’s have a look into the list of some of the best and top Linux virtualization software for everyone.
Two months have already passed since the release of Phoronix Test Suite 8.8 while today marks the first development snapshot/milestone of the next quarterly feature update, Phoronix Test Suite 9.0-Asker.
The second maintenance release of Rcpp, following up on the 10th anniversary and the 1.0.0. release, was prepared last Saturday and released to both the Rcpp drat repo and CRAN. Following all the manual inspection (including a false positive result from reverse dependencies), it has finally arrived on CRAN earlier today. The corresponding Debian package was also uploaded, and binaries have since been built.
Just like for Rcpp 1.0.1, we have a four month gap between releases which seems appropriate given both the changes still being made (see below) and the relative stability of Rcpp. It still takes work to release this as we run multiple extensive sets of reverse dependency checks so maybe one day we will switch to six month cycle.
One thing one can do in this amazing summer heat, is cut the 0.24 release of desktop-file-utils. It’s rather a small thing, but since the last few releases have been happening at roughly three-year intervals I felt it merited a quick post.
ChaosForge have managed to craft something quite special here with Jupiter Hell. Saying it's a turn-based roguelike DOOM would be a reasonably fitting description, but you need to play it to appreciate it.
The release date of August 1st for Early Access was announced previously and they're sticking to it, with a new trailer going up today. Feast your eyes on this, just make sure to turn the volume up a notch:
As the first Simple DirectMedia Layer release of 2019, SDL 2.0.10 has debuted today for this library that's widely used by cross-platform games including as part of the Steam run-time.
SDL 2.0.10 brings a number of new APIs (including some SIMD APIs around memory allocation and separately new floating point precision rendering APIs), batched rendering is now used by SDL's rendering API by default, and improved handling of WAV and BMP files to fix potential security problems.
Dicey Dungeons from Terry Cavanagh (Super Hexagon and VVVVVV), chipzel, and Marlowe Dobbe now has a confirmed release date of August 13th.
This unique roguelike is truly nothing like the others. Think you're a master at Slay the Spire? Well, Dicey Dungeons is a different kind of beast. You have cards for abilities, sure, but you actually have to roll your dice to the correct numbers to activate them and it's all kinds of awesome.
GNOME 3.33.4, the fourth development release in the GNOME 3.34 series, has been released by Javier Jardón on July 24th instead of July 18th as initially planned because of some problems with module dependencies and other unexpected things like summer vacations and travelling.
It comes with various updated core components and apps for the community to test and send feedback before the GNOME 3.34 desktop environment enters beta testing in early August, along with the "Feature Freeze" and "UI Freeze" development stages, currently scheduled for the 5th of August.
A brand new version of the Dash to Panel GNOME Shell extension is now available — and it features some great changes.
For those unaware, Dash to Panel is a popular Dash to Dock alternative that marries the GNOME Shell Dash and the GNOME Top Bar into a single, unified panel (think the Windows or Plasma 5 desktops).
Dash to Panel v20 is the first major update to the extension since last December.
The update introduces, among some smaller changes, a slate of window preview enhancements, such as a revised version of the slick preview morphing animation we previewed back in June.
Users also get more control over the appearance of window previews, with settings to adjust the size, padding, opacity, button location, header visible and font style (!) all debuting in this release.
Thursday, the first day, we had a brainstorming session. We triaged and then started attacking the GitLab issues for gnome-user-docs. Over the hackfest, we reduced 28 outstanding issues to 12.5. This entailed 33 commits and 105+ user help pages modified (in addition to a few pages in the Sys Admin Guide, and the wiki).
In recent months we've heard of Intel engineers working on better supporting third-party packages on Clear Linux that would be akin to Arch's AUR, Ubuntu's PPA, or Fedora's Copr systems for allowing unofficial/third-party packages to be more easily made available particularly in cases of closed-source software. It looks like that internally that system is now in beta as they work towards having more software available on Clear Linux.
In response to a mailing list question over whether Clear Linux has any ambitions for a commercial edition and to use the likes of Intel's commercial software offerings on Clear Linux, Intel's Arjan van de Ven commented on those prospects.
LibreELEC 9.1.002 (Leia) has arrived based upon Kodi v18.3, the 9.1.002 release contains many changes and refinements to user experience and a complete overhaul of the underlying OS core to improve stability and extend hardware support.
Red Hat, along with the Fedora Community, are excited to announce that the first user preview release of Fedora CoreOS is now available! First announced at Red Hat Summit 2018, Fedora CoreOS is an operating system aimed at providing a fully automated experience for cloud-native and container workloads. It brings together the latest Linux innovations from the Fedora community and key CoreOS components like Ignition, with the latest Open Container Initiative (OCI) technology for running containers.
Much like its predecessor, Container Linux, Fedora CoreOS shares many of the same design goals around automatic and transactional updates, multiple release streams for canary nodes and a declarative provisioning configuration that is platform agnostic. The Fedora CoreOS team also intends to expand its functionality to support for OKD, full SELinux support and other innovations.
Another late change proposal being talked about for this autumn's Fedora 31 release is introducing a 64-bit ARM (AArch64) Xfce desktop spin.
Fedora's ARM special interest group already maintains an AArch64 minimal spin, a server spin, and Fedora Workstation complete with the GNOME Shell desktop. This proposed Xfce desktop image for 64-bit Arm SoCs would be catering towards lighter-weight SBCs/systems not capable or interested in running a full workstation desktop.
The latest and greatest version of Debian, 10.0, also known as "Buster", was released earlier this month. Along with it came a number of significant improvements and updates, notably UEFI Secure Boot now being available, as well as a GNOME Shell defaulting to Wayland. You can read more these new features in the release notes.
With DebConf19, the annual conference for Debian contributors and users, in full swing this week in Curitiba, Brazil, what better time to look at the contributions made by Collaborans to this latest Debian release!
SparkyLinux 5.8 continues the SparkyLinux 5.x "Nibiru" series, a rolling release version of this Debian-based operating system that lets users install once and receive updates forever. However, SparkyLinux 5.8 being based on Debian GNU/Linux 10 "Buster," it is recommended for fresh installations too.
Powered by the Linux 4.19.37-5 kernel on 32-bit (i686) and 64-bit (amd64), as well as Linux kernel 4.19.57-v7+ on ARMhf, the SparkyLinux 5.8 "Nibiru" release is synced with the Debian GNU/Linux 10 "Buster" stable software repositories as of July 14th, 2019. It ships with Xfce, LXQt, Openbox, and CLI editions.
BT, the United Kingdom-based telecom provider, is starting to put the pieces together for a 5G core that it plans to introduce in 2022. The company tapped Canonical to provide the open source virtual infrastructure manager that will be part of BT’s NFV program.
Canonical develops and manages Ubuntu, the open source operating system, and has extended the capabilities of that platform on its Charmed OpenStack architecture, which facilitates private clouds running on Ubuntu. The announcement dovetails a similar contract BT landed in June with Juniper Networks to support its move to a cloud-based, unified, and virtualized network infrastructure.
“BT’s 5G core will be built on Canonical’s Charmed OpenStack and utilize Canonical’s open source tools to automate the deployment and operations of its infrastructure,” Neil McRae, BT Group’s chief architect, wrote in response to questions. BT will also use Ubuntu Advantage, Canonical’s service package for Ubuntu, for ongoing management and support of its 5G core, McRae explained.
BT's next-generation 5G Core network will be built on Canonical's Charmed OpenStack architecture on Ubuntu Linux. The company will also use all the open-source tools provided by Canonical, such as Charms, Juju, and MAAS, to automate the deployment and operations of their infrastructure, as well as for virtual network functions (VNFs) apps.
"BT has recognised the efficiency, flexibility and innovation afforded by an open architecture, and realises the value of such an approach in enabling its delivery of new 5G services. We’re delighted to be working with them to deliver the foundation to this approach, which will underpin BT’s 5G strategy," said Mark Shuttleworth, CEO of Canonical.
The future of telecommunications network is software-defined. Everything has been virtualized – compute, storage and network. And Open Source technologies like OpenStack and Linux are powering the software-defined networks.
British Telecom (BT), one of the biggest telecom providers of the UK is Open Source technologies to power its next-generation 5G network.
Pine64 has opened $199 pre-orders on its open-spec, 14-inch Pinebook Pro laptop, which runs Linux on a Rockchip RK3399 and features 3x privacy switches. The Rock64 Rev 3, PineTab tablet, PinePhone should follow shortly.
As promised in a July 5 blog announcement, Pine64 has opened pre-orders for $199 on its 14-inch Pinebook Pro laptop, the follow-on to the original 11.6-inch Pinebook. No ship date was listed, and although Pine64 billed the Pinebook Pro as a commercial product compared to the small batch, developer-focused Pinebook, the company warns that the first batch is likely to have some rough edges.
Pinebook Pro is an inexpensive Linux laptop with modest configuration and a price tag of just $200. Pre-order for this device is open now.
Pine64 is a popular name among the single board computer enthusiasts. It gained its fame with its $15 PINE A 64 Raspberry Pi alternative device. Since then it has formed a substantial open source community around its products.
A couple of years ago, Pine64 launched a low-end Linux laptop called Pinebook. It was basically a single board computer inside a plastic laptop body. The experimental device cost just $89.
Pine64 has now improved the specification of this inexpensive Linux laptop with the launch of Pinebook Pro.
In my previous post I talked about why consent matters when it comes to privacy; and yet, privacy is only one of the areas where tech companies take advantage of users without their consent. Recently, tech companies have come to a troubling consensus: that they can change your computer, remotely (and often silently) without your knowledge or permission.
[...]
Anyone who has ever worked for a large company in the computer age has experienced first-hand the authoritarian, controlling, and restrictive policies that IT employs to manage company computers. Starting with centralized systems like Active Directory, IT teams were able to create policies that controlled what sorts of passwords employees could use and whether employees could install applications, access printers, and even, in some cases, insert USB drives.
These centralized tools have evolved over the years: they can now add and remove files, install new software and software updates, remotely control machines over the network in order to view what’s on their screens and access local files. This controls extends into Active Management Technology features embedded into the Intel Management Engine, that lets administrators remotely control computers even if they are turned off. Now that smartphones are critical tools in many organizations, MDM (Mobile Device Management) tools are also often employed at enterprises to bring those devices under a similar level of control–with the added benefit of using GPS to track employee phones even outside the office.
The most common justification for these policies is convenience. If you are an IT department and have thousands of employees–each with at least one computer and one smartphone that you need to support–one of the ways to make sure that the appropriate software is on the systems, and updates get applied, is to push them from a central location. Companies often have custom in-house software their employees rely on to do their jobs, and throughout the life of the company more tools are added to their toolbox. You can’t expect the IT team to go desk-by-desk installing software by hand when you have thousands of employees working at offices all over the world: when an employee’s computer breaks, these same tools make it easy for IT to replace the computer so the employee can get back to work quickly.
The main justification for the strictest–and most controlling–IT policies isn’t convenience, though: it’s security. IT pushes software updates for protection against security bugs. They push anti-virus, anti-malware and remote monitoring tools, to protect both employee and company from dangerous email attachments, from software they might download from their web browser. IT removes local administrative privileges from employees in the name of protecting them from installing malware (and, practically speaking, from installing games and other time-wasting apps). They disable USB storage devices so employees can’t insert disks containing malware or copy off sensitive company documents. Each of these practices have valid reasons behind them for companies facing certain threats.
Emtrion’s “emCON-MX8MM” SODIMM module runs Linux on an up to quad -A53 i.MX8M Mini SoC with 4GB LPDDR4 and 16GB eMMC. The module is available with Avari and Bvari carrier boards.
Emtrion, which recently launched a emSTAMP-Argon module and emSBC argon SBC with an STM32MP157 SoC, has now posted a product page for a SODIMM-style emCON-MX8MM module that features NXP’s i.MX8M Mini. The up to quad-core, Cortex-A53 SoC, which features a 400MHz Cortex-M4 chip and 3D GPU with HD video support has appeared on a number of compute modules, including the recent Keith & Koep Trizeps VIII Mini.
Advantech’s fanless, Linux-friendly “EPC-U2117” mini-PC has an Apollo Lake SoC, 2x GbE, 4x USB 3.0, and 2x serial, plus SATA, HDMI, DP, CAN, mini-PCIe, M.2, and extended temp support.
It’s amazing what you can fit into a compact embedded computer these days. Advantech’s “preliminary,” Intel Apollo Lake based EPC-U2117 mini-PC, for example, hits pretty much all the I/O food groups while maintaining a slim 170 x 117 x 52.6mm footprints. The device is aimed at smart kiosk, smart vending machine, and digital signage, but with its wide-range, 12-24V power input, optional -20 to 60€°C support, and shock and vibration resistance, it could find its way into more hard-core industrial applications.
Allied Vision, a global provider of industrial camera solutions and Antmicro, a software-driven embedded technology company developing open-source based edge computing systems, have announced a strategic partnership to drive their common goals in building complex and portable vision systems.
The announcement is made to underline the ongoing collaboration between the companies that started with the joint demonstration of a successful technology integration between Allied Vision’s revolutionary Alvium camera series and Antmicro’s real-time deep learning object detection system based on the NVIDIA Jetson Xavier edge computing platform. The collaboration between Antmicro and Allied Vision in the embedded software domain was since extended to cover the entire NVIDIA Jetson series including the Jetson Nano board, as well as multiple platforms from NXP.
We are just less than 3 months from the big event UbuconEU2019 and it’s time to reinforce the dissemination of the event and call for the participation of volunteers.
Yes, we need your support now, during and after the event. Check out Trello to see where you can help and mark your support on the day of the event by signing up here.
For the better part of two years, the folks at Mozilla have been diligently chipping away at Mozilla WebThings, an open implementation of the World Wide Web Consortium’s (W3C) Web of Things standard for monitoring and controlling connected devices. In April, it gained a number of powerful logging, alarm, and networking features, and today, a revamped component of WebThings — WebThings Gateway, a privacy- and security-focused software distribution for smart home gateways — formally debuted.
Experimental builds of WebThings Gateway 0.9 are available on GitHub for the Turris Omnia router, with expanded support for routers and developer boards to come down the line. (Separately, there’s a new build compatible with the recently announced Raspberry Pi 4.) Mozilla notes that it currently only offers “extremely basic” router configuration and cautions against replacing existing firmware, but the company says that it’s a noteworthy milestone in its path to creating a full software distribution for wireless routers.
We all know that to build up a machine learning project, we need a dataset. Generally, these machine learning datasets are used for research purpose. A dataset is the collection of homogeneous data. Dataset is used to train and evaluate the machine learning model. It plays a vital role to build up an efficient and reliable system. If your dataset is noise-free and standard, then your system will give better accuracy. However, at present, we are enriched with numerous datasets. It can be business-related data, or it can be medical data and many more. However, the actual problem is to find out the relevant ones according to the system requirements.
IBM’s Center for Open-Source Data and AI Technologies (CODAIT) recently unveiled a pair of carefully curated databases designed to provide machine learning developers models and datasets for AI projects.
MAX, or Model Assets Exchange, is an online open-source repository for trainable/deployable AI models. You don’t necessarily have to be an AI expert to use the database – there’s even a tutorial that’ll walk you through developing an AI that can write captions – but some of the models available will probably only appeal to enterprise developers.
Alibaba’s chip-making subsidiary Pingtouge launched its first product on Thursday: chip processor XuanTie 910, which uses open-source architecture.
The processor will be used in applications including 5G telecommunications, artificial intelligence, and autonomous driving, and can lower the costs of related chip production by more than 50%, Alibaba said. Alibaba told Caixin the processor from Pingtouge, which is also known as T-Head, will soon be available for commercial sale, without providing a timetable or price range.
Notably, the processor uses the RISC-V instruction set architecture (ISA)—key programming infrastructure that decides how a device functions. Developers are allowed to build their own products using the Berkeley-based open-source ISA, with few intellectual property restrictions.
Wing 7.1 adds support for Python 3.8, warns about unused symbols, improves code warnings configuration, adds new auto-completer, project, and source browser icons, supports Dark Mode on OS X, and makes other improvements.
y for AArch64. This port brings PyPy's high-performance just-in-time compiler to the AArch64 platform, also known as 64-bit ARM. With the addition of AArch64, PyPy now supports a total of 6 architectures: x86 (32 & 64bit), ARM (32 & 64bit), PPC64, and s390x. The AArch64 work was funded by ARM Holdings Ltd. and Crossbar.io.
PyPy has a good record of boosting the performance of Python programs on the existing platforms. To show how well the new PyPy port performs, we compare the performance of PyPy against CPython on a set of benchmarks. As a point of comparison, we include the results of PyPy on x86_64.
Interesting. It should be noted that performance of Swift is a great match for some workloads, but not for others. In particluar, Swift is weak on small-file workloads, such as Gnocchi, which writes a ton of 16-byte objects again and again. The overhead is a killer there, and not just on the wire: Swift has to update its accounting databases each and every time a write is done, so that "swift stat" shows things like quotas. Swift is also not particularly good at HPC-style workloads, which benefit from a great bisectional bandwidth, because we transfer all user data through so-called "proxy" servers. Unlike e.g. Ceph, Swift keeps the cluster topology hidden from the client, while a Ceph client actually tracks the ring changes, placement groups and their leaders, etc.. But as we can see, once the object sizes start climbing and the number of clients increases, Swift rapidly approaches the wire speed.
A ‘critical' security flaw in VLC Media Player has been downgraded after the organisation behind the popular app claimed that the issue had already been fixed.
The NIST National Vulnerability Database has slashed its rating for CVE-2019-13615 from 9.8 to 5.5 and "is awaiting re-analysis which may result in further changes to the information provided" after VideoLAN, the not-for-profit open-source organisation behind VLC Media Player, complained that the advisories and associated CVEs were wrong.
Taking to Twitter, VideoLAN blamed a reporter for running VLC on an old version of Ubuntu with out-of-date libraries, and security firm MITRE for issuing a CVE before the reporter's claims could be examined by VideoLAN.
A few days ago, a German security agency CERT-Bund revealed it had found a Remote Code Execution (RCE) flaw in the popular open-source, VLC Media Player allowing hackers to install, modify, or run any software on a victim’s device without their authority and could also be used to disclose files on the host system.
The vulnerability (listed as CVE-2019-13615) was first announced by WinFuture and received a vulnerability score of 9.8 making it a “critical” problem.
According to a release by CERT-Bund, “A remote, anonymous attacker can exploit a vulnerability in VLC to execute arbitrary code, create a denial of service state, disclose information, or manipulate files.”
Some of our readers asked us this week, “What do you guys think of EvilGnome?”
#ICYMI, EvilGnome is a recent malware sample that’s made a few headlines, and although we haven’t seen any examples of it actually popping up in the wild, we thought we’d answer the question anyway.
Because Linux!
As you probably know, Linux malware and hacked Linux systems are very common, for the simple reason that most of the servers that power today’s internet run Linux in some form.
If you’re a cybercrook who wants to spread your Windows malware widely – keyloggers, for example, or banking Trojans, or other network nasties that thieve people’s digital stuff so it can be sold on to the next crook on the cyberunderground…
On June 18, the Internet Archive hosted a reading and panel discussion in celebration of Joseph Menn's new book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World.
As the evening's event began, an archived video of Cult of the Dead Cow (cDc) interviews from 1996 played silently on a wall-mounted TV, featuring some of the very same original members who would be a part of that evening's panel. In addition to the strong turnout at the Internet Archive itself, those unable to attend in person were able to watch the event livestreamed on the Internet Archive's Youtube channel. Guests enjoyed light refreshments and mingled before moving into the main auditorium to be welcomed by Internet Archive founder Brewster Kahle. After sharing a brief history of the Internet Archive's mission, Executive Director of the Electronic Frontier Foundation Cindy Cohn took the stage as MC for the evening.
Cohn expressed the importance of remembering the "wacky, weird, and wild" history of Internet security, and acknowledged the cDc's contributions to improving the community before introducing Joseph Menn to the stage. Menn recounted the beginning of cDc and cybersecurity by highlighting notable hackers and their contributions throughout the years, including crediting the cDc with coining the term "hacktivism" by "using it at every interview they could at DEFCON to get it into the English language." Looking forward, he went on to express how "the rank-and-file in Silicon Valley now are the most important heirs of the cDc's tradition of critical moral thinking."
Security updates have been issued by CentOS (java-1.7.0-openjdk, java-1.8.0-openjdk, and java-11-openjdk), Debian (exim4), Fedora (java-latest-openjdk), openSUSE (libsass, tomcat, and ucode-intel), Oracle (java-1.7.0-openjdk and thunderbird), SUSE (OpenEXR, spamassassin, and thunderbird), and Ubuntu (ansible and patch).
The University of Texas at San Antonio (UTSA) has launched an open source user computer environment for Amazon Cloud called Galahad. UTSA is also working to expand its capabilities to support OpenStack software.
The oil industry in North Dakota and Montana — home to the prolific Bakken Shale Formation — faces an “impossible choice.” That's according to a new petition to federal regulators from the attorneys general of North Dakota and Montana, in response to a Washington state law that aims to prevent trains hauling oil through the state from derailing and exploding.
That choice is to either remove the volatile components, such as butane, from Bakken crude oil before being loaded into rail tank cars, or send the volatile oil to other, harder-to-reach markets because — as the petition argues — removing the butane would cut into oil producers' profits, and almost 60 percent of the crude leaving North Dakota by rail goes to Washington refineries.
A year ago, Chesapeake Energy, at one time the nation’s largest natural gas producer, announced it was selling off its Ohio Utica shale drilling rights in a $2 billion deal with a little-known private company based in Houston, Texas, Encino Acquisition Partners.
For Chesapeake, the deal offered a way to pay off some of its debts, incurred as its former CEO, “Shale King” Aubrey McClendon, led Chesapeake on a disastrous shale drilling spree. Shares of Chesapeake Energy, which in the early days of the fracking boom traded in the $20 to $30 a share range, are now valued at a little more than $1.50.
Encino has marketed itself as a stable source of long-term returns (something the industry overall has struggled so far to create), attracting the managers of one of the world's largest pension funds to drill and frack the land that Chesapeake sold off to repay its enormous debts from fracking nationwide.
That’s the message of a piece in The Upshot (7/24/19)—the New York Times‘ project aimed at “examining politics, policy and everyday life in new ways”—written by Kevin Carey, who directs education policy at the New America foundation. (New America’s higher education program is largely funded by Bill and Melinda Gates.)
The DOJ has now spent more than a year dodging an obligation it created itself. For years, FBI directors and DOJ officials have told anyone who'd listen -- conference attendees, Congressional reps, law enforcement officials -- the world was going dark. Device encryption was making it far more difficult for the FBI to collect evidence from seized devices and the problem was escalating exponentially.
It wasn't. Every new "going dark" speech contained a larger number of impenetrable devices the FBI was sure contained all sorts of juicy evidence. When the FBI was asked about these devices by members of Congress, it finally decided to take a look at its numbers. The numbers were wrong. The FBI said there were around 8,000 locked devices in its possession. In reality, the number is probably less than 2,500.
The problem is we don't actually know what the correct number is. The DOJ has been promising an update since May 2018, but it has yet to release this number. Instead, it has released the mouth of its top man -- William Barr, a longtime fan of domestic surveillance.
For more than a decade, consumer rights groups (including EFF) worked with technologists and companies to try to standardize Do Not Track, a flag that browsers could send to online companies signaling that their users did not want their browsing activity tracked. Despite long hours and backing from the FTC, foot-dragging from the browser vendors and outright hostility from the big online media companies mean that setting Do Not Track in your browser does virtually nothing to protect your privacy.
Do Not Track grew out of widespread public concern over invasive "behavioral advertising" that relied on tracking to target ads; despite a generation of promises from the ad industry that consumers would welcome more relevant advertising, the consistent result has been that users are freaked out by "relevant" ads because they understand that relevancy is synonymous with privacy invasion. Nothing is so creepy as ads for a product you looked into earlier following you from site to site, then from app to app, as you are tracked and retargeted by a desperate vendor's algorithm.
Internet users didn't take this situation lying down. They wanted to use the Web, but not be tracked, and so they started to install ad-blockers. A lot of ad-blockers, and more every year.
Ad-blockers don't just stop users from seeing ads and being tracked (and indeed, some ad-blockers actually track users!). They can also stop the publishers and marketers who rely on tracking and ad-clicks from earning money. Predictably, industry responded with ad-blocker-blockers, which prevented users from seeing their sites unless they turned off their ad-blocker.
You'll never guess what happened next.
Since academics and investigative journalists first reported last year that Facebook was using people’s two-factor authentication numbers and “shadow” contact information for targeted advertising, Facebook has shown little public interest in fixing this critical problem. Subsequent demands that Facebook stop all non-essential uses of these phone numbers, and public revelations that Facebook’s phone number abuse was even worse than initially reported, failed to move the company to action.
Yesterday, rather than face a lawsuit from FTC, Facebook agreed to stop the most egregious of these practices.
Facebook has disclosed that the Federal Trade Commission opened an antitrust investigation into the company. In a recent statement for a Senate Judiciary committee hearing on antitrust, EPIC wrote that "companies that protect user privacy are being absorbed by companies that do not protect privacy." EPIC pointed to the Facebook-WhatsApp deal and the failure of the FTC to protect the personal data of WhatsApp users after the merger.
Very few law enforcement agencies take accountability seriously. Even when officers are held responsible for wrongdoing, their employers find ways to soften the blow. Powerful police unions make the situation worse. The gap between officers and accountability hasn't really shrunk, no matter how many recording devices we've attached to them or boards we've appointed to oversee them.
Nothing is going to improve if things like this keep happening. The backstory is this: Officer Philip Brailsford responded to call about a man in a hotel room with a gun. That man happened to be Daniel Shaver. Shaver killed pests so he owned pellet guns -- one of which he had in the hotel room with him.
Within minutes of Officer Brailsford's arrival, Daniel Shaver was dead -- shot five times by Brailsford whose AR-15 was decorated with the phrase "You're Fucked."
Shaver was, indeed, fucked. He never had a chance to make it out of this confrontation alive. The video of his shooting shows Shaver never posed a threat. It shows Brailsford was the aggressor in this situation -- laying down a steady stream of conflicting commands with the promise of death for any failure to comply.
Microsoft recently came under fire for racial bias in their facial recognition technology. This wasn’t something they aimed to do but was the result of their training methods of the software. They worked on fixing the problem after it was recognized.
One of the search warrants used by the San Francisco police department to go after a journalist for documents a PD employee leaked has been released. This is only one of the five warrants targeting "stringer" Bryan Carmody, whose house was raided by the SFPD back in May.
This search warrant targeted Carmody's phone records. It was granted on March 1st, allowing the SFPD to obtain records from Verizon. This was done supposedly to track down which cop called Carmody over a two-day period prior to the release of the leaked document to California news agencies.
We have been talking these past few weeks about a strange game of whac-a-mole currently being played between YouTube and a whole bunch of stream-ripping websites. While stream-ripping sites have been targeted by the music industry specifically for some time now, despite a wide range of non-infringing uses of such technology, it was only recently that YouTube decided to participate in all of this by blocking access to its platform for many of these sites. Built around claims of ToS violations, it's fairly clear that YouTube's actual goal in all of this is to appear to be attempting to bow to the music industry's wishes. Despite the blocks, many of these sites have managed to route around the blockade, thus the game of whac-a-mole.
It sometimes is difficult to get people to understand just how >utterly insane the college textbook market is. You have a captive audience who has no choice but to purchase what the professor requires (which is why it's doubly lame when professors require their own books). But even people who went to college a few decades ago may not be aware of just how much textbook prices have kept rising. A study from 2015 showed that college textbook prices had risen over 1000% since 1977. 1,000%.
