Bonum Certa Men Certa

Links 29/07/2023: Thunderbird 115 on Flathub, FSF Blasts “Web Environment Integrity” (DRM)



  • GNU/Linux

    • Desktop/Laptop

      • Leveraging Linux OS for Strategic Business Advancements in the Internet Sector



        In the rapidly evolving world of the internet sector, businesses are constantly seeking innovative strategies to gain a competitive edge. One such strategy that has been gaining traction is the strategic utilization of Linux Operating System (OS). Linux, an open-source operating system, has emerged as a powerful tool for businesses looking to maximize growth and efficiency in the internet sector.

        Linux OS offers a plethora of advantages that make it an attractive choice for businesses. Its open-source nature means that it is free to use, modify, and distribute, providing businesses with significant cost savings. This is particularly beneficial for startups and small businesses operating on tight budgets. Moreover, Linux is renowned for its stability and security, making it a reliable choice for businesses that handle sensitive data.

    • Server

    • Instructionals/Technical

      • Christian HaschekSSH based comment system

        In 2015 I read an article (hn discussion) that was using SSH as a sort-of 2fa for websites where you needed to SSH into a server, which gave you a link with a token that allowed you to sign into the site.

        I wondered if I could make a comment system for this blog using SSH.

      • Julia EvansWhy is DNS still hard to learn?

        I write a lot about technologies that I found hard to learn about. A while back my friend Sumana asked me an interesting question – why are these things so hard to learn about? Why do they seem so mysterious?

        For example, take DNS. We’ve been using DNS since the 80s (for more than 35 years!). It’s used in every website on the internet. And it’s pretty stable – in a lot of ways, it works the exact same way it did 30 years ago.

        But it took me YEARS to figure out how to confidently debug DNS issues, and I’ve seen a lot of other programmers struggle with debugging DNS problems as well. So what’s going on?

        Here are a couple of thoughts about why learning to troubleshoot DNS problems is hard.

      • OSTechNixA Beginner’s Guide To Dual Booting Windows And RHEL

        Windows and Red Hat Enterprise Linux (RHEL) are two of the most popular operating systems in the world. Windows is known for its ease of use and compatibility with a wide range of software, while RHEL is known for its stability and security. If you're looking for a way to get the best of both worlds, dual booting Windows and RHEL is a great option.

      • IT ProHow to run graphical Linux applications in Windows [Ed: Windows Subsystem for Linux (WSL) is an attack on GNU/Linux. Do not use it. Instead, dual boot, use a virtual machine, or just get rid of Windows. WSL is meant to prevent people from doing so.]

        Windows is by far the most popular operating system in the world – but for developers and power users, it's often helpful to be able to switch to a Linux environment. In the past, this meant dual-booting or installing your chosen distribution in a virtual machine. But since 2016 there's been a better way: the Windows Subsystem for Linux (WSL) is an optional OS component that provides a fully working, officially supported Linux environment right inside Windows.

        The major limitation of WSL, when it was first introduced, was that it was a text-only interface. You could run scripts and command-line programs, but graphical applications were off the menu. That's no longer the case. All desktop editions of Windows 10 and 11 now support WSLg – an updated version of WSL, where the "g" stands for GUI. It enables you to run graphical Linux applications directly on the Windows desktop, with minimal configuration. It's a huge boon for anyone who works across multiple platforms, or who just wants to try out applications and tools that aren't available for Windows.

      • AddictiveTipsHow to use Google Bard from the Linux terminal



        To use Google Bard in your Linux terminal, you must install a few things. First, you’ll need to install the Google Bard API. You need this API to interact with Google Bard. To install the Bard API, start by opening up a terminal window.

        Once the terminal window is open and ready to use, it’s time to install the Google Bard API with the pip install command.

      • AboutChromebooksHow to install Google Earth Pro on a Chromebook

        Earlier this morning, I received an email question from a reader, asking how to install Google Earth Pro on a Chromebook. Yes, there is a web version as well as Google Earth for Android that runs on ChromeOS. But the most fully featured version is Google Earth Pro for desktops. And since there’s a version for Linux, you can easily install Google Earth Pro on a Chromebook.

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Nate GrahamThis week in KDE: Sounds like Plasma 6

          Excellent progress was made this week towards the goal of full sound theme support in Plasma 6, among other topics–including some important performance work for KWin!

          Significantly reduced cursor latency under heavy load in the Plasma Wayland session!

          System Settings gained a page to let you configure which sound theme you want to use!

        • Try KDE Gear 23.08 Beta on KDE neon

          KDE Gear is our bundle of apps which we release three times a year. Next month’s release just got a beta for testing so there’s now dozens of apps needing tested. You can download the KDE neon testing ISO or try the KDE neon container with Distrobox to give them a try.

          Try out the new KTuberling. Do not try out KFloppy, it has finally ended its long and happy life.

  • Distributions and Operating Systems

    • LWNSystemd 254 released

      Systemd 254 has been released. As usual, there is a long list of changes, including a new list-paths command for systemctl, the ability to send POSIX signals to services, a "soft reboot" feature that restarts user space while leaving the kernel in place, improved support for "confidential virtual machines", and a lot more.

    • University of TorontoOn the future of free long term support for Linux distributions

      To date, this public good has broadly been provided for free for various periods of time by Debian developers, Red Hat, Canonical, and so on. Red Hat's switch from 'CentOS' to 'CentOS Stream' and now their change to how Stream works marks Red Hat ceasing to provide this public good for free; it's now fairly likely to be a more or less private, for pay thing. Canonical has never provided this public good beyond five years (and in practice only to a limited extent), and now there are signs they're going to limit this in various ways (also). Debian has sort of provided this only semi-recently, in the form of non-official five year support (and extended paid support). I'm not sure about the practical state of openSUSE but see their lifetime page for the current claims.

    • New Releases

      • 9to5LinuxIndependent Distro 4MLinux 43.0 Released with Linux 6.1 LTS, Thunderbird 115

        4MLinux 43.0 is here about three and a half months after 4MLinux 42.0 and sticks with the long-term supported Linux 6.1 LTS kernel series. However, it brings the newer Mesa 23.1 graphics stack, the latest LibreOffice 7.5 office suite, and the recently released Firefox 115.0 and Chrome 115.0 web browsers.

        Other updated components in this release include AbiWord 3.0.5 word processor, GIMP 2.10.34 image editor, Gnumeric 1.12.55 spreadsheet editor, Mozilla Thunderbird 115.0 email and calendar client, Audacious 4.3.1 audio player, VLC 3.0.18 and SMPlayer 23.6.0 media player, and Wine 8.12.

    • Canonical/Ubuntu Family

      • The Register UKLatest version of Canonical's Wayland compositor arrives

        Canonical is still working away on its own Mir display server, used in several of its IoT product lines. Version 2.14 gains more functionality useful for full desktop environments.

        Mir is a complex project which has undergone some big changes over its more than a decade of existence, and it has several subprojects now, including the Lomiri desktop, which not only natively runs on Debian but is included as part of Debian 12.

        Mir 2.14 – that's version 14 of Mir 2, not version two-point-one-four – is out, and supports a larger range of Wayland functionality. The announcement says this release brings support for Wayland screenlockers (the ext-session-lock-v1 Wayland extension protocol), and support for Drag 'n Drop, which also means that "attached" windows can be "restored"" by a drag gesture. It has improved nVidia hardware support, and fixes an evdev handling bug.

        Since version 2.0, Mir has been a pure Wayland compositor, although the fondleslab version still uses the older Mir 1.8, because that also supports the older mirclient APIs. In fact, it's not so much a Wayland compositor; as lead developer Alan Griffiths told The Register: "Mir is a set of libraries for building Wayland compositors."

        He went on to say: "There are a number of projects that use these libraries, the most significant being Ubuntu Frame, Lomiri and Miriway."

    • Devices/Embedded

      • CNX Software12 Euros ESP32-S3-DevKit-LiPo board runs Linux 6.3

        Olimex ESP32-S3-DevKit-LiPo is a new open-source hardware ESP32-S3 board with 8MB flash, 8MB PSRAM, as well as LiPo battery and JTAG support that can run Linux 6.3, or the more traditional Arduino or MicroPython firmware.

        The board is based on the ESP32-S3-WROOM-1-N8R8 module, features two USB-C ports for power, programming, and JTAG debugging, plenty of expansion with two rows of I/Os plus a pUEXT connector, Reset and Boot buttons, and a couple of LEDs.

    • Open Hardware/Modding

      • [Repeat] Andrew HutchingsAmiga 3000: Restoration Part 4

        Of course, the day I started the vapour retrobrighting technique, the dark clouds rolled over, and we had rain for most of the day. So, the box was brought into my workshop and left near a window. The process was still working regardless, this is how it looked after the first 24 hours.

      • Pete WardenAccelerating AI with the Raspberry Pi Pico’s dual cores

        The summary is that I was able to get approximately a 1.9x speed boost by breaking a convolution function into two halves and running one on each processor. The longer story is that I actually implemented most of this several months ago, but got stuck due to a silly mistake where I was accidentally serializing the work by calling functions in the wrong order! I was in the process of preparing a bug report for the RPi team who had kindly agreed to take a look when I realized my mistake. Another win for rubberducking!

      • DanTheManBig Dan the Blogging Man

        This was one of those last minute decisions which was not well thought out. I found the component I wanted on mouser which had a foot print available for Kicad. I designed the PCB without actually seeing the component. I had worked on this for so long I wanted to get the PCB ordered without waiting to see get the actual component in hand.

        Its not like I’ve never seen a Micro USB socket before, but when I finally got them in the mail and looked at the size of the pins, my thought was “OH WOW how am I going to solder that???”

      • Solar Powered Conways Game of Life

        The device hangs on a wall a few feet from the window. Around 9am on bright summer days I will see the first new generation being born for the day. By that time the small drawdown from the ultra low power core of the esp32 will have been replenished by the solar panel and the battery voltage will have recovered to 3.3v.

        Each time that happens the ULP will wake up the main core to calculate the next generation based on the previous one which is stored in RTC memory. Then it will turn on the display driver board and push the next set of pixels to be drawn before writing this new generation to memory and entering deep sleep again.

      • Tom's HardwareRaspberry Pi Supply Improves. Here's Where to Buy One Now.

        Getting your hands on a Raspberry Pi is now much easier than 2022 or even than it was a few weeks ago. Raspberry Pi stock levels are improving, with some units remaining in stock for hours, rather than minutes. In a December 2022 blog post, Raspberry Pi LTD's CEO Eben Upton wrote about how he saw stock levels in 2023. This data was then refined a few months ago to provide more clarity. Now, more than half-way through the year, we can take a look at home Raspberry Pi stock levels have improved, and more importantly, tell you where you can buy a Raspberry Pi.

  • Free, Libre, and Open Source Software

    • [Old] Logikal SolutionsMedical Device Companies Using Qt

      Since this is a blog, we can start out with the cheap shot. Unless you are talking about the dudes looking to kick your ass in a bar fight, 4 is not a big number. According to an entity which monitors such things, as of the start of 2023 there were 933 medical device manufacturers in the United States.

    • OMG! LinuxThunderbird 115 is Now Available on Flathub

      What’s changed is that the Thunderbird Flatpak on Flathub is now packaged and maintained by the Thunderbird team directly.

    • Licensing / Legal

      • Matt RickardModern Samizdat Libraries

        Samizdat (“self-publishing” in Russian) was the practice of illegally copying and distributing books, manuscripts, and other materials to evade Soviet censorship.

        While samizdat initially started with Russian literature and expanded to politically focused materials, it was also reimagined for hacker culture. When Bell Labs made UNIX source code illegal to distribute, the book A Commentary on the UNIX Operating System (which contained an annotated version of the source code) was retracted. Illegally copying and distributing the book was known amongst hackers as samizdat.

    • Programming/Development

      • SyncpupErlang, the Unix way

        With this as a guide, it should be easy to have a client module do any number of nasty work. I’m going to use this scaffolding to run some massively parallel file IO work so that I don’t have to attempt the same in C/Unix. No way.

      • University of TorontoThe issue with control flow in interpreters using the 'eval' pattern

        The ideal situation for an 'eval()' style interpreter is where you're evaluating expressions and you only have to return a simple result (a number, a boolean answer, or the like). Life gets a bit more complex if you need to return a multi-option result where there are rules for combining the options together; for example, you might have a DSL where the result of an expression could be 'yes', 'no', or 'we have to defer this because DNS isn't cooperating'. When you have such a multi-option situation, every non-terminal Eval() method may need to specifically handle the third option in some way that makes sense (and may be domain specific).

      • EarthlyBuilding a CLI Application With Argparse

        A Command-Line Interface (CLI) is a method of interacting with a computer program by entering text commands. It provides a way of controlling programs, executing tasks, and manipulating system resources through a terminal or command prompt. To build programs that accept input through the command line, the Python library offers the argparse module. The module simplifies the process of building command-line interfaces by providing the functionality to define command-line arguments, parse arguments, validate user input, and generate help messages.

        In this tutorial, let’s explore using the argparse module by building a ToDo application that will be operated through the Command-Line. This project will serve as an example to introduce the various concepts of argparse and demonstrate their practical use. Therefore, throughout the tutorial, we will build the application incrementally while exploring the different features of the argparse module. The ToDo application will allow users to manage tasks by providing commands to add tasks, view the task list, mark tasks as done, and delete tasks.

      • EarthlyDesigning Extensible Software with Go Interfaces

        In this article, you’ll learn how to use interfaces in Go to design extensible, modular software. Moreover, you’ll learn how to use interfaces to promote code reusability, flexible architecture, and an improved development experience.

      • Python

        • LWNNo-GIL mode coming for Python

          The Python Steering Council has announced its intent to accept PEP 703 (Making the Global Interpreter Lock Optional in CPython), with initial support possibly showing up in the 3.13 release. There are still some details to work out, though.

        • Seth Michael LarsonSecurity Developer-in-Residence – Weekly Report #5

          I've continued working on having the Python Software Foundation registered as a CNA. We have at this point submitted our registration containing a list of contacts, a disclosure policy, location of advisories and an advisory database. We've received an onboarding meeting date (August 21st) where we'll meet with the CNA partner team to ask questions about the process and fill out some example CVE records.

          The Python Steering Council have approved having Python scoped under the PSF CNA! 🥳

  • Leftovers

    • Science

      • The Register UKFriendly AI chatbots will be designing bioweapons for criminals 'within years'

        Anthropic, founded by former OpenAI employees, prides itself on being safety-oriented and is best known for its large language model (LLM) chatbot Claude. Over the past six months the startup has reportedly been working with biosecurity experts to study how neural networks could be used to create weapons in the future.

      • HackadayWould We Recognize Extraterrestrial Technology If We Saw It?

        There’s a common critique in science fiction series like Star Trek about the extraterrestrial species not looking ‘alien’ enough, as well as about their technology being strangely similar to our own, not to mention compatible to the point where their widgets can be integrated into terrestrial systems by any plucky engineer. Is this critique justified, or perhaps more succinctly put: if we came across real extraterrestrial life with real extraterrestrial technology, would we even notice? Would an alien widget borrowed of an alien spacecraft even work with our own terrestrial spacecraft’s system?

    • Hardware

      • HackadayColor Can Triple QR Code Capacity

        Recently [mit41301] wondered about increasing the data capacity of QR codes, and was able to successfully triple the number of bits using color. He chose the new rectangular micro QR code (rMQR) standard which was adopted last year as ISO/IEC 23941:2022. This rectangular-shaped QR code is designed to be used on narrow spaces, with an aspect ratio similar to that of a traditional 1D bar code. There are quite a few variations of rMQR, but the largest can hold 361 bytes. The basic idea is to generate three different rMQR codes, coloring them as red, green, blue, and merging the result. Decoding is performed by separating the color image into its RGB components and then decoding the resulting three images.

      • HackadaySplitting 3D Prints Into Parts Can Add Strength

        One of the great things about 3D printers is their ability to make a single part all at once. Separating a part into multiple pieces is usually done to split up objects that are too big to fit on the 3D printer’s print bed. But [Peter] at Markforged (manufacturers of high-end 3D printers) has a video explaining another reason: multi-part prints can benefit from improved strength.

    • Health/Nutrition/Agriculture

      • Ruben SchadeCracking down on SUVs

        I couldn’t have put it better than Not Just Bikes when he said that the freedom to swing your fist ends at our faces, and SUV drivers are a selfish punch to everyone else in urban environments. Their size, pollution, and negatively-reinforced driving habits are antithetical to every climate, financial sustainability, and accessibility goal we have for our cities. They’re also hideous, though I think that of regular cars too.

      • El PaísChatting with strangers: Why the practice is dying out and why that matters

        On his daily commute to work, the professor observed what happens on the subway in any city in the world: people don’t look at each other, they don’t smile, and they never talk to each other except in an extreme emergency. We prefer to immerse ourselves in the depths of our cellphone, protected by headphones. Wearing headphones is a great shield that exempts us from social contact — just pointing to one of our ears is enough to dissuade any daring stranger from attempting the slightest interaction. A gesture that a decade ago would have been considered rude is today widely accepted.

      • [Old] El PaísDisconnecting from social media for a week can improve mental well-being: It’s time to do a ‘digital cleanse’

        Maybe you’re on vacation and your cellphone has no signal, or you forgot to charge your phone and now you’re sitting in a waiting room, anxious to see what’s happening on Twitter or what your friends are doing on Instagram. Feeling uncomfortable when you don’t have your phone in your hand, as if something is missing, is a warning sign: it’s time to disconnect. In most cases, you don’t need to disconnect completely and forever. A week-long break from social media is enough to yield significant improvements in well-being, according to a study published in the journal Cyberpsychology, Behavior and Social Networking in May 2022.

    • Proprietary/Artificial Intelligence (AI)

      • Giz ChinaMicrosoft laid off thousands of employees in the fiscal year 2023

        Microsoft, one of the world’s largest tech brands, has recently made headlines with its huge layoffs during its fiscal year 2023. These layoffs have broken the company’s previous records and have had a huge impact on various depts within the company. Microsoft, known for its software products and services, has been a major player in the tech industry for decades. However, like any other brand, it faces issues and must make strategic decisions to ensure its long-term success. One such decision was the layoff of 11,000 staff during its fiscal year 2023.

      • Health3PT Releases Blueprint for Third Party Risk Management to Fix the Ineffective Cyber Risk Assessment Process for the Healthcare Industry

        The Health 3rd Party Trust (Health3PT) Initiative today announced the release of the Health3PT Recommended Practices & Implementation Guide, a key deliverable in its mission to solve the third party cyber risk problem in the healthcare industry. The Health3PT Recommended Practices & Implementation Guide is the result of collaboration among a council representing the nation’s leading healthcare organizations and provides an instructional framework of actionable steps organizations can take to ensure due diligence and due care throughout the healthcare ecosystem—while improving effectiveness, reducing inefficiencies, and leading the way for standardization in Third-Party Risk Management (TPRM).

      • Help Net SecurityN2WS Backup and Recovery enhancements strengthen AWS workload protection

        In a significant move toward enhancing business continuity and data security for enterprises, N2WS has launched the latest version of N2WS Backup and Recovery.

        [...]

        The N2WS version 4.2 instance is deployed on Ubuntu 22, With this latest release, customers can choose to upgrade the underlying Ubuntu instances to Ubuntu Pro by using AWS License Manager.

      • Dark ReadingSenator Blasts Microsoft for Negligence in 365 Email Breach

        In a letter to the DoJ, FTC, and CISA, Oregon's Wyden also called for Microsoft to be held accountable in the sprawling SolarWinds breach.

      • NPRWhat my $30 hamburger reveals about fees and how companies use them to jack up prices

        This is what's known as stealth inflation.

        Basically, a price hike lurks, shark-like, just beneath the surface, waiting for you to click on that tantalizing $200 airfare deal or order that refreshing $4 iced coffee. Then it strikes: one fee, another fee, a 20% tip.

        Before you know it, you've just paid 30 bucks for a hamburger.

      • New York TimesResearchers Poke Holes in Safety Controls of ChatGPT and Other Chatbots

        In a report released on Thursday, researchers at Carnegie Mellon University in Pittsburgh and the Center for A.I. Safety in San Francisco showed how anyone could circumvent A.I. safety measures and use any of the leading chatbots to generate nearly unlimited amounts of harmful information.

        Their research underscored increasing concern that the new chatbots could flood the internet with false and dangerous information despite attempts by their creators to ensure that would not happen. It also showed how disagreements among leading A.I. companies were creating an increasingly unpredictable environment for the technology.

      • Scoop News GroupFBI warns of broad AI threats facing tech companies and the public

        Officials on Friday warned of the likely increase in “targeting [sic] and collecting against US companies, universities and government research facilities for AI advancements,” including the transfer of “AI information including algorithms, data expertise and computing infrastructure through a multitude of technology acquisition methods,” both illegal and legal, such as through foreign commercial investments.

      • Windows TCO

        • [Repeat] IT WireUS Senator seeks federal action over Microsoft Azure breach

          He made the request in a letter sent to Jen Easterly, director of CISA; Lina Khan, chair of the FTC; and Merrick Garland, US attorney-general.

          Wyden, a Democrat from Oregon, was referring to a recent breach of Microsoft's Azure platform. The email account of US Commerce Secretary Gina Raimondo was one of the more prominent accounts to have been breached during the attack which was blamed on Chinese attackers whom Microsoft has named Storm-0588.

        • Data BreachesHawaiÊ»i Community College pays ransom to attackers

          The university does not say how much it agreed to pay and it did not name the attackers in its announcement, but the listing on the NoEscape dark web leak site was removed. Although the NoEscape ransomware gang first appeared under that name in June of this year, they are believed to be a rebrand of the Avaddon threat actors. They appear to be just another group using the double-extortion model that leaks the data of victims who don’t pay.

        • Data BreachesALPHV ransomware adds data leak API in new extortion strategy

          The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks.

        • Data BreachesHealth data of more than 8 million people accessed by MOVEit hackers: US govt contractor

          The relevant section of Maximus’ SEC filing of July 26 reads: [...]

    • Pseudo-Open Source

    • Security

      • LWNSecurity updates for Friday [LWN.net]

        Security updates have been issued by Debian (kernel and libmail-dkim-perl), Fedora (openssh), and SUSE (kernel).

      • Kaspersky launches specialized solution for Linux-based embedded devices [Ed: Do not use proprietary software for security, not just because it's Russian]

        Kaspersky introduces support for Linux in their Kaspersky Embedded Systems Security product. This adaptable, multi-layered solution now provides optimized security for embedded Linux-based systems, devices and scenarios, in compliance with the rigorous regulatory standards so often applicable to these systems. The product provides optimum protection for every device it secures – whatever its power level – against the latest cyberthreats directed at today’s Linux systems.

      • Data BreachesCenters for Medicare and Medicaid notifying 645,000 Medicare members about MOVEit breach



        The Centers for Medicare and Medicaid (CMS) has posted a notice on its site about a data breach at one of its contractors, Maximus Federal Services, Inc. Maximus was one of hundreds of victims of a 0day attack on MOVEit file transfer software by the Clop ransomware gang.

        Maximus detected unusual activity on May 30 and reported the incident to CMS on June 2. CMS estimates that approximately 645,000 Medicare numbers had their information caught up in the attack.

      • USDOJSSNDOB Marketplace Admin Pleads Guilty To Charges Related To His Operation Of A Series Of Websites

        July 25 — Tampa, Florida – United States Attorney Roger B. Handberg, along with Special Agent in Charge Kareem Carter for the IRS – Criminal Investigation Washington D.C. Field Office, and Special Agent in Charge David Walker for the FBI – Tampa Division, announces that Vitalii Chychasov (37, Ukraine) has pleaded guilty to conspiracy to commit access device fraud and trafficking in unauthorized access devices relating to his administration of SSNDOB Marketplace, a series of websites that operated for years and were used to sell personal information, including the names, dates of birth, and Social Security numbers belonging to individuals in the United States. The SSNDOB Marketplace has listed the personal information for millions of individuals in the United States, generating more than $19 million in sales revenue. On June 7, 2022, seizure orders were executed against the domain names of the SSNDOB Marketplace, effectively ceasing the website’s operation.

      • Lebanon students to finally receive grades from June after cyberattack delay

        Middle and high school students in the Lebanon School District are expected to receive their grades for the academic year that ended in June next week. The delayed release comes after some of the district’s key systems were taken offline as a precaution following a June cyberattack.

        PowerSchool, a student information database where students and families can go to see grades, is expected to be back online for families on Friday, Aug. 4, according to Superintendent Amy Allen, a former assistant superintendent in Manchester who started work in Lebanon on July 1. Report cards for elementary school students were sent home at the end of the school year, but older students have yet to receive their grades.

      • Security WeekAxis Door Controller Vulnerability Exposes Facilities to Physical, Cyber Threats

        An Axis network door controller vulnerability can be exploited to target facilities, exposing them to both physical and cyber threats.

      • IT WireData of more than 8m stolen from US govt contractor Maximus

        A spokesperson for Maximus' Australian operations told iTWire: "MAX, part of Maximus, does not use the MOVEit platform in Australia, and as a result, no MAX customers were impacted.”

        Cl0P now appears to have delisted Maximus from its web site, one of 11 companies whose names have been removed after being listed, according to ransomware threat researcher Brett Callow.

        {loadposition sam08}Set up in 1975, Maximus has more than 39.000 employers and its annual revenue is claimed to be US$4.25 billion (A$6.3 billion).

      • QuartzThe SEC is giving companies four days to report cyberattacks

        The US Securities and Exchange Commission (SEC) wants public companies to be more transparent and forthcoming about “material cybersecurity incidents,” the federal agency said yesterday (July 26).

      • Security WeekCompanies Required by SEC to Disclose Cybersecurity Incidents in 4 Days

        The SEC has adopted new rules requiring public companies to disclose cybersecurity breaches that have a material impact within four days.

      • Security WeekCode Execution Vulnerability Impacts 900k MikroTik Devices

        Over 900,000 devices are impacted by an arbitrary code execution vulnerability in MikroTik RouterOS.

      • Scoop News GroupSEC’s breach disclosure rule raises concerns about tipping off hackers to flawed systems

        New rules require publicly traded companies to disclose cybersecurity breaches within four days of them being deemed material.

      • Scoop News GroupTop FBI officials warn of ‘unparalleled’ threat from China and AI

        Director Christopher Wray said "AI will enable threat actors to develop increasingly powerful, sophisticated, customizable, and scalable capabilities."

      • Best VPN for Linux [Ed: This seems to be partly promotional, not objective]

        The best virtual private networks (VPNs) for Linux mask your IP address and encrypt your data to provide an enhanced level of privacy when working on the operating system, particularly when you’re connected to a public network. They also allow you to watch geo-blocked content and bypass censorship to access websites that might be disallowed due to your home IP address. Some even go a step further to provide firewall, antivirus, anti-rootkit and tripwire services.

        This review looks at the best Linux VPN clients for hiding your traffic from prying eyes and gaining access to additional content, or both. Read on to learn more about these services, including how they work and how to set them up.

      • Securing Your Linux VPS: 15 Essential Tips and Best Practices

        One thing stands as an unbroken fact in the broad digital ecosystem where data flows continuously and cyber dangers abound – the critical significance of protecting your Linux Virtual Private Server (VPS).

      • StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability

        A flaw was found in the handling of stack expansion in the Linux kernel 6.1 through 6.4, aka "Stack Rot". The maple tree, responsible for managing virtual memory areas, can undergo node replacement without properly acquiring the MM write lock, leading to use-after-free issues. An unprivileged local user could use this flaw to compromise the kernel and escalate their privileges.

      • LWNExploiting the StackRot vulnerability

        For those who are interested in the gory details of how the StackRot vulnerability works, Ruihan Li has posted a detailed writeup of the bug and how it can be exploited.

      • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

      • Privacy/Surveillance

        • OpenRightsGroupThe CPTPP: trading away your privacy rights

          The Government have recently announced the UK accession to the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP). This trade agreement will contribute to a whopping 0.08% of the national gross domestic product over a period of ten years, but under a seemingly inconsequential move lies a very tangible risk: the agreement includes clauses that could force the UK to remove protections to personal data when transferred to foreign jurisdictions—mostly countries of the Asia-Pacific region.

          Before this, the UK joined the Cross-Border Privacy Rules (CBPR) Forum, an international data transfer regime based on the weak Asia-Pacific privacy framework. Meanwhile proposals in the Data Protection and Digital Information Bill are outspokenly meant to position the UK as the data-laundering hub of Europe.

          In other words, the Government are setting the stage to make your personal data their bargaining chip during trade negotiations.

        • IT WireFrance claims Apple abusing market position in collecting data for ads

          The French competition authority has accused Apple of abusing its dominant position in the market to implement "discriminatory, non-objective and non-transparent conditions" to mine user data for advertising purposes.

        • AntiWarHas Liberty Died in Our Hearts?

          Nevertheless, every encroachment upon personal freedom – here the natural human right to be left alone – when unchecked, forms a small precedent, and becomes another step on the stairway to totalitarianism. It makes the next encroachment easier for the zealots in the government to accomplish and to justify.

          If Americans believe that the Bill of Rights means what it says, then all rational persons – except the zealots in the deep state and the quislings in Congress – should be demanding that the Congress and the FBI conform to and abide by the restraints imposed upon them by the Constitution they have sworn to uphold.

          Here is the backstory.

    • Defence/Aggression

      • France24Japan says North Korea threat more serious than 'ever before'

        Japan said Friday that North Korea posed a more serious threat to its national security than "ever before", as nuclear-armed Pyongyang rattles its neighbours with repeated missile tests and belligerent rhetoric.

      • Hong Kong Free PressHong Kong national security police arrest man and woman over alleged foreign collusion and sedition conspiracy

        A man and a woman were arrested by the national security police on Thursday morning for allegedly conspiring to collude with foreign forces and commit seditious acts.

      • RFATaiwanese businessman allowed to leave China for Japan ‘relieved’ to be free

        Lee Meng-chu promised state security police he would delay his homecoming until after Taiwan's presidential poll.

      • LRTLithuanian parents who abducted children linked to anti-state movement

        The family who kidnapped their children after they were taken into care are linked to the so-called movement of sovereign citizens, Lithuania’s intelligence service, the State Security Department (VSD), said on Wednesday.

      • RFAChengdu steps up security measures after post calls for protests at University Games

        A post on GitHub calls for 'white paper revolutionary action' to call for Xi Jinping's resignation at the event.

      • The Register UKFlorida man accused of hoarding America's secrets faces fresh charges

        The celebrity defendant, a 77-year-old jack-of-all-trades, spent four long years occupying the White House after more than a decade as a reality TV host. On Thursday he faced three new charges [PDF] that may complicate his plan to re-establish residency in America's capital come January 2025.

        The charges include: attempting to destroy evidence (obstruction of justice); attempting to induce others to destroy evidence; and a further Espionage Act violation related to the unlawful retention of a top secret document about Iran.

      • The Age AUAustralia lagging in protecting teens from ‘dark rabbit holes’ on TikTok

        Rising numbers of adolescents are picking up dangerous self-harming trends on popular social media apps, say mental health experts, who are pushing for Australia to strengthen its online content moderation policies.

        Monash Health child psychiatrist, associate professor Michael Gordon, said TikTok was the standout app of concern and that usage in teenagers had soared during the pandemic.

        Gordon said there was a trend on TikTok where people filmed themselves being injured, while others were “showing off” wounds inflicted through self-harm.

      • RTLLast surviving Luxembourg veteran remembers fallen friend

        This week marks the 70th anniversary of the historic armistice signed between North and South Korea. 92-year-old Léon Moyen is the last surviving veteran from Luxembourg who fought in the historic conflict.

      • Rolling StoneTrump Tried to Delete Mar-a-Lago Security Footage to Thwart Investigators

        In the new superseding indictment, Carlos de Oliveira, a maintenance worker at Trump’s Mar-a-Lago resort, joins Trump and his aide Walt Nauta as a defendant in the case brought by the Justice Department in June. The new charges against the former president and his employees include “Corruptly Altering, Destroying, Mutilating or Concealing a Document, Record, or Other Object,” as well as “Altering, Destroying, Mutilating, or Concealing an Object.”

      • The StrategistSeventy years on, the Korean War still resonates

        Commemorations in South Korea yesterday, and elsewhere around the world, marked the 70th anniversary of the signing of the Korean War armistice at Panmunjom on 27 July 1953. Today, amid the war in Ukraine and tensions in East Asia that could flare into hostilities, the lessons of the Korean conflict are worth close re-examination.

      • RFAChina’s coal use increased to a record high in 2022, IEA says

        China’s coal consumption grew by 4.6% in 2022 to a new all-time high of 4.5 billion metric tons, dragging with it global coal demand offsetting declines in Europe and North America, a new report by an energy watchdog said.

        The coal market globally rose by 3.3% to hit a fresh new record of 8.3 billion metric tons in 2022, and will stay near that record level this year due to solid growth in Asia for both power generation and industrial applications, said the Paris-based organization International Energy Agency.

        The news comes as climate monitors warn of global temperatures reaching record highs in July, and coal is a major source of the emissions that cause global warming.

    • Environment

      • NatureWarning of a forthcoming collapse of the Atlantic meridional overturning circulation

        The Atlantic meridional overturning circulation (AMOC) is a major tipping element in the climate system and a future collapse would have severe impacts on the climate in the North Atlantic region. In recent years weakening in circulation has been reported, but assessments by the Intergovernmental Panel on Climate Change (IPCC), based on the Climate Model Intercomparison Project (CMIP) model simulations suggest that a full collapse is unlikely within the 21st century. Tipping to an undesired state in the climate is, however, a growing concern with increasing greenhouse gas concentrations. Predictions based on observations rely on detecting early-warning signals, primarily an increase in variance (loss of resilience) and increased autocorrelation (critical slowing down), which have recently been reported for the AMOC. Here we provide statistical significance and data-driven estimators for the time of tipping. We estimate a collapse of the AMOC to occur around mid-century under the current scenario of future emissions.

        [...]

        Computer code (Matlab and R) can be found in the following repository: [...]

      • NPRWhy it's so important to figure out when a vital Atlantic Ocean current might collapse

        To determine how close that tipping point might be, Ditlevsen analyzed ocean temperature records near Greenland over the past 150 years and ran a statistical analysis to track the fluctuations in temperature. He and his co-author found increasing variability in temperatures, which they say is a sign the AMOC is weakening. Based on their analysis, they estimate the AMOC could collapse between 2025 and 2095. That's decades earlier than other studies have found.

      • VOA NewsSaguaro Cacti Collapsing in Arizona Extreme Heat, Scientist Says

        Cacti need to cool down at night or through rain and mist. If that does not happen they sustain internal damage. Plants now suffering from prolonged, excessive heat may take months or years to die, Hernandez said.

      • Poll: SUV drivers in Paris to be charged higher parking fees, should Australia follow?

        Paris has announced plans to impose higher parking fees for bigger cars from January 2024 – in an attempt to discourage the ownership of SUVs and larger petrol and diesel vehicles.

      • News AUCalls for SUV drivers to pay higher parking fees to fight pollution

        Announcing the measures, deputy mayor David Belliard said SUVs were “incongruous in an urban environment” and the measure aimed to tackle “the inexorable growth in the weight and size of vehicles circulating in our cities”.

        He hoped more expensive parking would encourage people to buy lighter vehicles.

      • Energy/Transportation

        • CoryDoctorowTesla's Dieselgate

          The fundamental laws of physics don't care about this bullshit, but people do. The comsat lie convinced a bunch of people that pulling fiber to all our homes is literally impossible – as though the electrical and phone lines that come to our homes now were installed by an ancient, lost civilization. Pulling new cabling isn't a mysterious art, like embalming pharaohs. We do it all the time. One of the poorest places in America installed universal fiber with a mule named "Ole Bub": [...]

        • Deutsche WelleBurning ship off Dutch coast has more e-cars than thought

          A freight ship that caught fire off the Dutch coast and has been burning since, as fire extinguishers try to figure out ways to tackle the incident, has been carrying nearly 500 electric cars, far more than previously reported, the company that chartered the ship said.

          Initial reports said that the ship was carrying 25 electric cars.

          The Fremantle Highway vessel, which has burning for a fourth day off the Dutch coast, was chartered by Japanese transportation company K Line.

        • India TimesWorldcoin [cryptocurrency] already under scrutiny in Europe

          Less than a week after its launch, the Worldcoin [cryptocurrency] project of OpenAI chief executive Sam Altman is already under scrutiny by European regulators over its reliance on an eye scan to verify a user's identity, France's data protection agency said Friday.

      • Overpopulation

        • BIA NetÄ°stanbul breaks daily water consumption record amid heatwave

          According to İSKİ data, the average fill rate of the 10 dams supplying drinking and utility water to İstanbul is currently at 38%, whereas it was over 71% in July last year. (AÖ/VK)

        • The Register UKThames Water to datacenters: Cut water use or we will

          The objective then was to work with datacenter operators to reduce their overall water usage and discourage them from using drinking water for purposes such as cooling. At the time, the southern part of the UK was experiencing a heatwave that followed on from a period of unusually low rainfall.

          It appears that Thames Water is now moving beyond that and seeking to bring in measures such as putting flow restrictors onto supply pipes and charging more for water during periods when demand is high.

    • AstroTurf/Lobbying/Politics

      • New York TimesTrump Faces New Charges in Mar-a-Lago Classified Documents Case

        The office of the special counsel accused the former president of seeking to delete security camera footage at Mar-a-Lago. The manager of the property, Carlos De Oliveira, was also named as a new defendant.

      • Special security zone declared in Şırnak

        Citizens and opposition MPs question the successive declarations of special security zones in the southeastern provinces, resulting in the hindering of the economic activities of the villagers.

      • CBCThreads has lost half its users since launch, Zuckerberg tells staff

        Meta Platforms executives are heavily focused on boosting retention on their new social media app Threads, after it lost more than half of its users in the weeks following its buzzy launch, CEO Mark Zuckerberg told employees on Thursday.

      • NPRNew study shows just how Facebook's algorithm shapes conservative and liberal bubbles

        Still, the research sheds light on how Facebook's algorithm works. The studies found liberals and conservatives live in their own political news bubbles more so than elsewhere online. They also show that changing the platform's algorithm substantially changes what people see and how they behave on the site — even if it didn't affect their beliefs during the three-month period researchers studied.

        "The insights from these papers provide critical insight into the black box of algorithms, giving us new information about what sort of content is prioritized and what happens if it is altered," said Talia Stroud of the University of Texas at Austin, who is co-leading the research project.

      • New StatesmanThe risible origin story of “X”

        If we want to guess at how users will respond to this change, which abandons almost two decades of brand recognition and a verb – “tweet” – that’s entered the public lexicon, we can look to history. This isn’t the first time Musk has tried to make X.com a reality.

        In 1999 he launched on online bank with the same name. It eventually merged with Confinity, a company founded by Peter Thiel and Max Levchin that made a product called PayPal. Musk became the CEO of the combined company, and immediately started making a series of bad decisions. He sought to rewrite PayPal’s code base to align with X.com, losing millions in the process as development on new features came to a halt, and began the process of rebranding PayPal as X-PayPal with the goal of phasing out the old name altogether. But Musk faced an internal revolt.

        Focus groups told the company they trusted the PayPal brand but not X. They perceived the latter as a seedy name and said it reminded them of porn – not the associations you want for a bank and payment processor. But Musk charged forward anyway, until the board replaced him with Thiel while he was on his honeymoon. In the following months the X.com financial services were wound down and the entire company was renamed PayPal.

      • Scoop News GroupReport: Biden should prioritize cyber capacity building for allies

        More than a year into Russia’s largely failed invasion of Ukraine, Kyiv has been fairly successful in repelling Russian cyberattacks — in part thanks to assistance from partner nations and corporations. Now a new report is urging the Biden administration to build on that success and and prioritize cyber capacity building for allies and partners.

        Thursday’s report from the Foundation for the Defense of Democracies, a Washington think tank, includes a set of eight recommendations for the Biden administration to ensure that cyber capacity building makes up a key part of its forthcoming international cybersecurity strategy.

      • Craig MurrayBeware the Righteous

        All of the worst atrocities in human history have been perpetrated by people convinced they were in the right. People act according to the mores of their era and group. There is nothing more dangerous that the inability to see that it is reasonable for others to have a different view or interest.

      • Misinformation/Disinformation/Propaganda

        • VOA NewsNo, Mr. Putin, Europe Didn’t Ban RT for Telling the Truth

          That is false. While some journalists and academics have opposed banning the Russian media outlets on free speech grounds, RT and Sputnik have systematically spread falsehoods and disinformation about Russia’s war in Ukraine.

        • BBCFalse claims that heatwave is bogus spread online

          False claims suggesting that the BBC has been misreporting temperatures in southern Europe have been spreading on social media.

        • GreeceFacebook’s algorithm is ‘influential’ but doesn’t necessarily change beliefs, researchers say

          Talia Stroud, the founder and director of the Center for Media Engagement at the University of Texas at Austin, and Joshua Tucker, a professor and co-founder of the Center for Social Media and Politics at New York University, who helped lead the project, said they “now know just how influential the algorithm is in shaping people’s on-platform experiences.”

          But Stroud said in an interview that the research showed the “quite complex social issues we’re dealing with” and that there was likely “no silver bullet” for social media’s effects.

    • Censorship/Free Speech

      • Hong Kong Free PressImpartiality’s not an issue for Hong Kong broadcasters when only one opinion is permitted

        There used to be a traditional English saying that it was no use locking the stable door after the horse has bolted. This of course dates back to the days when horse metaphors were instantly understandable.

      • CPJAzerbaijani journalist Vugar Mammadov sentenced to 30 days in jail over interview

        The court verdict, viewed by CPJ, referred to at least three interviews by Mammadov with former Colonel Elnur Mammadov, most recently on July 19, in which the ex-soldier criticized the state of the country’s military and accused Defense Minister Zakir Hasanov of poor management and corruption. Elnur Mammadov, who is not related to the journalist, was also jailed for 30 days on the same charges.

      • RFAHong Kong court rejects civil ban on protest anthem 'Glory to Hong Kong'

        A court in Hong Kong on Friday rejected the government's bid to impose an injunction on performances of and references to "Glory to Hong Kong," the banned anthem of the 2019 protest movement, citing a "chilling effect" on freedom of expression.

      • Broadband BreakfastUK’s Online Safety Bill Likely to Impact American User Experience

        The Online Safety Bill is the UK’s response to concerns about the negative impact of various internet platforms and applications. The core of the bill addresses illegal content and content that is harmful to children. It places a duty of care on internet sites, including social media platforms, search engines, and online shopping centers, to provide risk assessments for their content, prevent access to illegal content, protect privacy, and prevent children from accessing harmful content.

      • VOA NewsReport: Six African Countries Restricted Internet Access Due to Protests or Political Crisis

        Netherlands-based Surfshark said that is twice as many nations as during the same months of 2022.

        Surfshark recorded 42 new internet disruptions worldwide, nine of which occurred in Africa. Six countries — Ethiopia, Guinea, Mauritania, Senegal, Sudan and Tanzania — accounted for those nine shutdowns.

      • BIA NetCourt affirms mentioning officials' names doesn't mean 'targeting them for terror groups'

        Two journalists who were put on trial based on a complaint by Akın Gürlek, a judge who presided over high-profile political cases in recent years and appointed as deputy justice minister after the May elections, were acquitted on June 13.

        Canan CoÅŸkun, a reporter for the Diken news portal, Barış Pehlivan, a columnist for the daily Cumhuriyet, were facing charges of "marking anti-terror officials as a target for terrorist organizations" due to their coverage and articles related to one of Gürlek's trials.

        The court acquitted CoÅŸkun and Pehlivan, who faced up to three years in prison, citing that the act they were accused of was not defined as a crime in the law. It said the detailed ruling would be released at a later date.

      • Deutsche WelleMuslim nations call for boycott of Swedish products

        Sweden scrapped its blasphemy laws in the 1970s and now has some of the strongest legal predections for the freedom of expression in the world. But the country does not have a law that specifically prohibits burnings or desecrations of religious texts, including the Quran.

        Boyfield said that at a conference earlier this year, Swedish business leaders were already extremely concerned about the way in which the authorities were, in their view, failing to prosecute protestors who burned the Quran. However, he added that because Sweden imports most of its oil and natural gas from Norway and other countries outside of the Middle East, it was important to emphasize that Gulf states have very little in terms of leverage over the Nordic country.

    • Freedom of Information / Freedom of the Press

      • IT WireCarr asks why Albanese not pushing for Assange's freedom

        Former NSW premier Bob Carr has taken aim at Prime Minister Anthony Albanese over the delay in the US freeing WikiLeaks founder and publisher Julian Assange, questioning why, if a request has been refused, the PM has not asked the US a second time.

      • BIA NetArrested journalist Fırat Can Arslan put in solitary confinement

        During a meeting with his lawyer, Arslan recounted that he was initially taken to the section where criminal detainees were held at Sincan Prison, and then, upon objection, prosecutors ordered his transfer to Sincan 1 Type F Prison, where political prisoners are held.

        The news report that led to his arrest was about a married judge and a prosecutor who presided over the same case, which was about 18 Kurdish media workers facing "terrorism"-related charges. The couple were reassigned to a different city after the first hearing of the trial on July 12, Arslan reported.

      • CPJSri Lankan police arrest, beat journalist Tharindu Uduwaragedara

        Officers pulled Uduwaragedara out of a rickshaw while he was leaving the protest and forced him into a police vehicle while he repeatedly identified himself as a journalist, according to Dehiaththage and video of the incident posted to Twitter.

        Two officers beat Uduwaragedara while en route to the Borella Police Station, where he remained detained without charge or access to medical treatment for a head injury as of Friday evening, Dehiaththage said.

    • Civil Rights/Policing

      • Terence EdenShould you embed alt text inside image metadata?

        But... People don't always add alt text when they upload an image. They may not realise it is helpful, or they don't know how to write a good description, or they may not have time to write something suitable. This leads to a frequently asked question: "Should I embed the alt text inside the image file? That way, whenever people share the image the alt text will automatically be attached!"

        Here's my attempt to answer that.

      • RFAStudy: Tibetan prisons shift to Xinjiang-like long-term detentions

        When she was just 13, Ngawang Sangdrol was arrested for protesting Chinese Communist Party (CCP) rule in Tibet. She spent more than a decade in prison before international pressure led to her release in 2002.

        Now an activist at the International Campaign for Tibet, her mission to draw attention to human rights abuses in her homeland like what she endured is complicated, she said, by China’s tight control over information in and out the region.

      • Hollywood ReporterWriters Guild, SAG-AFTRA Threaten Legal Action Over Radford Picketing Conditions

        The Writers Guild of America, now on the cusp of marking its third month on strike against the Alliance of Motion Picture and Television Producers, and performers organization SAG-AFTRA, which is two weeks into a work stoppage over its own contract dispute against the same studio association, both allege that Radford’s ownership has deprived them of their constitutional right to protest at the site safely and fairly.

      • RFERLIranian Parliament Unveils New, Stricter Hijab Law Amid Heavy Criticism

        The legislation also touches on the need for broader gender segregation in universities, administrative centers, educational institutions, parks, and tourist locations, and even in hospital treatment sections. It proposes severe penalties, including imprisonment and fines of up to 360 million Iranian rials ($720) for women who defy the mandatory hijab law.

      • El PaísNeither hippies nor nomads: Unaffordable rent in the US forces thousands into a mobile lifestyle

        Homelessness in the United States is becoming an increasingly pressing issue. According to the National Alliance to End Homelessness, the number has risen by 35% since 2015, totaling almost 600,000 people across the country. Of these, 28% are complete families. Housing First is a bipartisan policy that offers permanent housing as quickly as possible to homeless people. But the 20-year-old policy has come under fire as the 2024 elections approach. Democrats have implemented stricter policies to tackle the issue of homelessness in cities like San Francisco and Los Angeles. Meanwhile, Republicans aligned with Trump perceive these measures as exacerbating the problem. Republican Senator JD Vance from Ohio (author of the acclaimed memoir Hillbilly Elegy) says taxpayers are frustrated by programs that paradoxically lead to even more homelessness.

    • Internet Policy/Net Neutrality

      • AmazonNew – AWS Public IPv4 Address Charge + Public IP Insights

        We are introducing a new charge for public IPv4 addresses. Effective February 1, 2024 there will be a charge of $0.005 per IP per hour for all public IPv4 addresses, whether attached to a service or not (there is already a charge for public IPv4 addresses you allocate in your account but don’t attach to an EC2 instance).

    • Digital Restrictions (DRM)

      • VivaldiUnpacking Google’s new “dangerous” Web-Environment-Integrity specification

        The spec in question, which is described at https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md, is called Web Environment Integrity. The idea of it is as simple as it is dangerous. It would provide websites with an API telling them whether the browser and the platform it is running on that is currently in use is trusted by an authoritative third party (called an attester). The details are nebulous, but the goal seems to be to prevent “fake” interactions with websites of all kinds. While this seems like a noble motivation, and the use cases listed seem very reasonable, the solution proposed is absolutely terrible and has already been equated with DRM for websites, with all that it implies.

        It is also interesting to note that the first use case listed is about ensuring that interactions with ads are genuine. While this is not problematic on the surface, it certainly hints at the idea that Google is willing to use any means of bolstering its advertising platform, regardless of the potential harm to the users of the web.

        Despite the text mentioning the incredible risk of excluding vendors (read, other browsers), it only makes a lukewarm attempt at addressing the issue and ends up without any real solution.

      • The Register UKGoogle's browser security plan slammed as dangerous, terrible, DRM for websites

        Google's Web Environment Integrity (WEI) proposal, according to one of the developers working on the controversial fraud fighting project, aims to make the web "more private and safe."

        Ben Wiser, a software engineer at the Chocolate Factory, responded on Wednesday to serious concerns about the proposal by insisting that WEI aims to address online fraud and abuse without the privacy harms enabled by browser fingerprinting and cross-site tracking.

      • IT WireGoogle trying to corner browser market, Norwegian firm Vivaldi claims

        Norwegian firm Vivaldi, which produces a browser of the same name, has criticised Google for releasing a specification known as Web Environment Integrity which it claims would be toxic to the Web at large.

      • FSF"Web Environment Integrity" is an all-out attack on the free Internet

        Read why "Web Environment Integrity" is terrible, and why we must vocally oppose it now. Google's latest maneuver, if we don't act to stop it, threatens our freedom to explore the Internet with browsers of our choice.

        Editorial note: For greater visibility, this article has been published here, on fsf.org. You can also find it on defectivebydesign.org, which also has other DRM-related articles and materials.

    • Monopolies

      • VarietyMicrosoft Under EU Investigation on Possible Breach of Competition Rules Over Teams After Slack Complaint

        The investigation stems from a 2020 complaint submitted by Slack Technologies, which operates instant messaging program Slack, alleging that Microsoft illegally tied Teams to its dominant productivity suites.

        Microsoft includes Teams in cloud-based productivity suites for business customers – Office 365 and Microsoft 365.

      • [Repeat] IT WireEurope opens probe into Microsoft bundling of Teams with Office

        "We must therefore ensure that the markets for these products remain competitive, and companies are free to choose the products that best meet their needs. This is why we are investigating whether Microsoft’s tying of its productivity suites with Teams may be in breach of EU competition rules."

        The EC statement said: "The commission is concerned that Microsoft may be abusing and defending its market position in productivity software by restricting competition in the European Economic Area for communication and collaboration products," the statement said.

      • The Register UKIt's official: EU probing bundling of Teams with Microsoft 365

        Updated The European Commission has officially launched a “formal investigation” into whether Microsoft flouted EU competition rules by bundling Teams with dominant productivity software suite Office 365 and Microsoft 365.

        It’s been a long time in the making: Teams was integrated into the Windows-maker's software line-up in 2017, and Slack complained to the EU in 2020 that the move was anti-competitive as it forced the install on millions of customers, removal was blocked, and the true cost of the collaboration app was hidden.

      • Computer WorldMicrosoft faces EU antitrust probe for bundling Teams with M365

        Microsoft is facing an antitrust probe in Europe for bundling Teams with Microsoft 365.

        The European Commission — the executive arm of the European Union that governs regulations for its 27 member nations — said it is looking into a complaint that claimed Microsoft’s bundling of Teams with Office 365 was unfair.

      • Copyrights

        • TechdirtThat Which Copyright Destroys, ‘Pirates’ Can Save

          There’s an interesting post on TorrentFreak that concerns so-called “pirate” subtitles for films. It’s absurd that anyone could consider subtitles to be piracy in any way. They are a good example of how ordinary people can add value by generously helping others enjoy films and TV programs in languages they don’t understand. In no sense do “pirate” subtitles “steal” from those films and programs, they manifestly enhance them. And yet the ownership-obsessed copyright world actively pursues people who dare to spread joy in this way. In discussing these subtitles, TorrentFreak mentions a site that I’ve not heard of before, Karagarga: [...]

        • Torrent FreakItalian Pirate IPTV Customers Risk a 5,000 Euro Fine Starting August 8, 2023

          Italy's brand new anti-piracy law has just received full approval from telecoms regulator AGCOM. In a statement issued Thursday, AGCOM noted its position "at the forefront of the European scene in combating online piracy." The new law comes into force on August 8 and authorizes nationwide ISP blocking of live events and enables the state to issue fines of up to 5,000 euros to users of pirate streams .

        • Torrent FreakSci-Hub's Alexandra Elbakyan Receives EFF Award for Providing Access to Scientific Knowledge

          The Electronic Frontier Foundation will award Alexandra Elbakyan, founder of the 'pirate' library Sci-Hub, for her efforts to provide access to scientific knowledge. According to EFF, Elbakyan's site is a vital resource for millions of students and researchers. Some medical professionals have even argued that the site helped to save lives.



Recent Techrights' Posts

Saving What's Left of Decent and Independent Journalism on the Web
We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
Brian Fagioli's Latest "Linux" Article Appears to be Fake
Another form of plagiarism/ripoff using bots?
 
FSF Has Made It Halfway to Its Target (Funding Goal) a Week Before Christmas Day
$400,000 definitely seems reachable now, especially if they extend the "deadline"
[Meme] The Master Churnalist
Speaking of press releases being passed off as "journalism"
Spamnil's TFiR: Still Pretending Press Releases Are 'Articles' (TFiR 'Originals' as Plagiarism or Fluff)
Same as last year
Links 18/12/2024: Zakir Hussain Dies, TuneIn Layoffs
Links for the day
Links 18/12/2024: Karate Love and Advent of Code
Links for the day
Windows (or Microsoft) Has Become the "One Percent" (Market Share) in Chad
How long before it falls below 1%?
Arvind Krishna, IBM's CEO, Will Eventually Suck Up to Donald Trump Like His Predecessor Did or the Watson Family Did With Adolf Hitler
Literally Hitler
Being a Geek Need Not Mean Being Sedentary
"In the past 18 months," Berkholz writes, "I’ve lost 75 pounds and gone from completely sedentary to fit, while minimizing the effort to do so (but needing a whole lot of persistence and grit)."
GAFAM Kissing the Ring of the Mafia Don
"resistance" to dictatorship and defenders of democracy?
Slop Spaghetti From the Chef, Second Time Today
Fresh slop ready out the oven!
IBM - Like Microsoft - Lies About the Number of People It's Laying Off (Several Tens of Thousands, Not Counting R.T.O. "Silent" Layoffs and Contractors/Perma-Temps)
How many waves of silent layoffs have we seen so far at IBM this year?
Links 18/12/2024: EU Launches Probe Into TikTok (At Last!)
Links for the day
Links 18/12/2024: Doha/Qatar Trafficking, Bloat Comfort Zone, and Advent of Code 2024
Links for the day
[Meme] Microsoft's Latest Marketing Pitch
"Stop Being Poor; buy a new PC with TPMs"
In South Africa, a Very Large Nation, Web Developers Can Already Ignore Microsoft Browsers (Edge Measured Below 3% in 55 Nations)
The dumb assumption you must naively test with Microsoft browsers is no longer applicable in a lot of places
Open Source Initiative (OSI) is the Voice of Bill Gates and Satya Nadella
Not hard to see what they've done with the money
Microsoft Boasts That Its (Microsoft-Sponsored) "Open Source AI" Propaganda Got Cited in Media (That's Just What the Money Did)
This is a grotesque openwashing campaign
In Many Places Around the World, Perhaps as Expected, Yandex is Nearly Bigger Than Microsoft (Like in Several African Countries)
Microsoft may soon fall to "third place" in search
Keeping Productive This Christmas
We've (pre)paid for hosting till almost January 2026 and fully back on the saddle
IBM and Canonical Leave Money on the Table Because Microsoft Pays Them Not to Compete and Instead Market Windows, WSL, Microsoft 'Clown Computing', and TPMs
Where are the regulators?
Other Editors Who Agree "Hey Hi" (AI) is Just Hype But Won't Say So Publicly as It Might Upset Key Sponsors
Some media would gladly participate in a scam to make money
IBM (and Red Hat) is a Patent Troll, Still Leveraging Software Patents to Extract Money Out of Other Companies by Suing Them
Basically, when it comes to patents, IBM is demonstrably part of the problem, not the solution
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 17, 2024
IRC logs for Tuesday, December 17, 2024
[Meme] When the People Who Falsely Accuse You of Pedophilia Turn Out to be Projecting
When you attack something or someone using falsehoods, as happens a lot to Richard Stallman (RMS), there's risk that the attacks will backfire, badly
In Some Countries, Such as Greece, Almost 80% of Windows Users Are on Vista 10 and About 85% Need to Move to GNU/Linux for Security Patches
Vista 11 was a failure
[Meme] They Don't Want the Public to Know What "Responsible Encryption" Really Means
They also blame "China" for their own back doors (because China learned how to exploit those)
The Linux Foundation's Certificate Authority (CA) Significantly and Suspiciously Raises the Number of Certificates It Issues (Quantity Increase/Inflation) by Lessening Their Lifetime in the Name of 'Security' (That Barely Makes Sense!)
LE made 3 months the "standard" for most, soon to become just 6 days instead of 6 months?
Why I Continue to Believe That at the End Software Freedom Will Win
a short and incomplete list of factors which I believe contribute to the sentiment that we can - and will - win the battles over hearts and minds in the "Tech" realm
Links 17/12/2024: More China Sanctions, GOP Scheming to Prop Up Fentanylware (TikTok)
Links for the day
Gemini Links 17/12/2024: The Streisand Effect and Productivity-systems Desiderata
Links for the day
Technology: rights or responsibilities? - Part X
By Dr. Andy Farnell
Links 17/12/2024: More "Tesla Autopilot" and "Hey Hi" (AI) Blunders
Links for the day
Instead of Promoting GNU/Linux (or Ubuntu) Ahead of Vista 10's EoL Canonical is Marketing Microsoft's Proprietary Software
It's like Canonical employs people who work for Microsoft, not for Canonical
Links 17/12/2024: Many Abuses by Microsoft and War Updates From Ukraine
Links for the day
Content Management Systems (CMS) Bloat/ Static Site Generators (SSG) Trouble
some Web site management stories
DEI Room at fedoraproject.org Pretty Much Dead
We're not against diversity but against its weaponisation by greedy people who do not value diversity at all
The "Latest Technology News" at BetaNews is Slop About Slop
This is at the very top of the "news" (front page) at the moment
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 16, 2024
IRC logs for Monday, December 16, 2024
Gemini Links 16/12/2024: Invisibles and 20 Years of GNU/Linux on the Desktop
Links for the day
Microsoft's Windows Fell From 98% to Less Than 15% (in 15 Years in Africa)
Operating System Market Share Africa
Swaziland: GNU/Linux Leaps to 7.24%, Based on statCounter
Remember that Microsoft had many layoffs this year in Africa
A Birthday Wish
My birthday is a few hours away
[Meme] Definitely Not Your Role Models
Hypocrite Neckbeard Meme
Changes or Variation of Logo at the FSF as 40th Anniversary is Near (Months Away)
Next year the FSF turns 40
Mobile Usage Nearly 90% in Maharlika (Philippines)?
Microsoft has become just a footnote
Push Back and Become More Vocal for LLM Abuse and Misuse to Stop
We hope that more people out there (sites too) will call out the people who saturate particular topics on the Web with machine-generated junk
The Media Failed to Hold GAFAM Accountable (and Now It Suffers From It and For It)
This recognition of the problem emboldens us to carry on
Botswana: New Highs for GNU/Linux, All-Time Lows for Microsoft
No wonder Microsoft has so many layoffs in Africa this year
Links 16/12/2024: Skinnerboxes ("Smart" "Phones") and Control Social Media Blamed for Fights
Links for the day
Reminder: The Microsoft Person Who Used OpenAI for En Masse GPL Violations Told the Whistleblower to Kill Herself
The evidence (real message)
Links 16/12/2024: emacs, Drawabox, “You Should Have Your Own Website”
Links for the day
In Some Parts of the World, Like Central America and South America, Microsoft is Irrelevant on the Web
Nadella has bet the farm on a Ponzi scheme
[Meme] Microsoft is Not a Country
Reporting crimes is essential for democracy
There's Not Much Time Left for President Biden to Pardon Julian Assange and Signal to Journalists That Exposing States' Crimes or Rich People's Misbehaviour is Lawful
Apathy towards this is part of the problem
Image Fusion is Not 'AI' (LLMs Aren't Either)
Such fakes can (and always could) be done by a digital artist, it's just a little more expensive and time-consuming
GNU/Linux at New Highs in Bosnia And Herzegovina
Quite a few Balkan nations show high adoption rates for GNU/Linux
From Scientists to Pigeons: The EPO Has Turned Patent Examination Into a Process Made by Computers and Improperly Trained Staff Which Doesn't Meet the Requirements of the European Patent Convention (EPC)
Might as well abolish this entire system if this is the current trajectory
Razik Menidjel Will No Longer be Chief Operating Officer Operations at the EPO
What does the EPC say about slop and should it be updated to deal with trouble such as slop?
Underpaid and Inexperienced Workers Overwhelm the EPO, Granting Many Invalid Patents and Placing Pressure on Veteran Examiners
So-called "production" (giving monopolies) pressure is "compromising the quality of our products" [sic] according to a new report
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 15, 2024
IRC logs for Sunday, December 15, 2024