EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

03.22.15

Canonical Goes to Bed With Company That Sues Linux Using Software Patents and Copyrights (Through SCO)

Posted in Microsoft, SCO, Ubuntu at 9:58 am by Dr. Roy Schestowitz

“Microsoft hardly needs an SCO source license. Its license payment to SCO is simply a good-looking way to pass along a bribe…”

Bruce Perens

Summary: Despite Microsoft’s continued assault on GNU/Linux, Canonical is foolish enough to give Microsoft control over many Ubuntu instances

MICROSOFT is fooling the GNU/Linux world when it says it “loves Linux”. Based on its actions in this past month alone [1, 2, 3, 4, 5, 6], Microsoft very much hates GNU/Linux and fights it viciously. More than ten years ago Microsoft paid SCO and look how long-lasting the impact of this backing has become. Tom Harvey’s latest report (he is usually pro-SCO) overstates the chances of the lawsuit not being tossed out preemptively as every time in recent memory. Suing for huge sums does not equate to merit, but Harvey floats the claim of “damages of $5 billion” as if there’s a change that SCO will ever see any money at all. Quoting Harvey’s report:

Nearly 12 years after it was filed, a lawsuit against IBM Corp. that riled the open-source computer code community is back on the federal court docket in Utah.

The nearly defunct Utah company SCO Group Inc. and IBM filed a joint report to the U.S. District Court in Salt Lake City saying that legal issues remain in the case, which was initiated in 2003 with SCO claiming damages of $5 billion against the technology giant, based in Armonk, N.Y.

This received more attention than it deserved because of the headline, which reads: “It’s alive! Utah software company’s decade-old suit against IBM revived” (drama over substance).

Microsoft is now swapping money for power (which begets money) in its patent extortion strategy. Samsung has been a top “asset” (like a “high value target”) and Kyocera may be next. It’s all about control. Microsoft now has greater control over Samsung (and by extension over Android), owing to blackmail followed by settlement.

One way or another we should deduce from this that Microsoft’s nefarious attacks on Linux using patents and/or copyrights are not over. Nevertheless, Canonical decided to mimic Novell’s footsteps only in the sense that Canonical trusts Microsoft to prop it up a bit. As FOSS Force put it last week: “There’s little doubt that a few eyebrows were raised by the news on Friday, when Larry Cafiero reported on FOSS Force about Canonical’s partnership with Microsoft involving Microsoft’s OCS hardware and Ubuntu’s open source Metal-as-a-Service (MAAS) deployment product. Those with a little memory might wonder if this is a case of history repeating itself, as we’ve seen Microsoft court aspiring princess distros before, with SUSE, not long after the distro was purchased by Novell, a company with an uneven history.”

The author recalls that “In November, 2006, three years after acquiring SUSE, Novell received an eleventh hour bail out when it entered into a joint compatibility and patent agreement with Microsoft. In the pact, Microsoft agreed to pay SUSE $348 million up front and $46 million annually for five years, with return payment by Novell being mainly in the form of support subscriptions for SUSE Linux Enterprise Server (SLES).”

The conclusion is as follows: “So what does the old SUSE/Microsoft deal have to do with Ubuntu and Redmond’s new partnership arrangement? The quick answer: everything and nothing. Or, perhaps more appropriate for this stage of the game: It’s too soon to tell. One thing’s for sure, even if the deal turns out to be benign and never develops into anything as toxic as SUSE/Microsoft has been, this is sure to develop into something of a brouhaha in the FOSS user community. At the very least, this will become a hot topic on the forums.”

This was posted after Cafiero had written that “Canonical trumpets its partnership with Microsoft — yep, Microsoft — this week at the Open Compute Summit, where the Isle of Man reached across to Redmond to demonstrate how Canonical and Microsoft are working together to create scalable, OCP-compliant architecture.”

Here is Canonical’s original statement, some press coverage, and a blog post stating that “Canonical Deepens Partnership with Microsoft”.

Microsoft had used Novell not just for patent extortion. It later used it for Linux Foundation and events intrusion (like a free press or ticket), HyperV promotion, OOXML promotion, .NET promotion (through Mono), and Silverlight promotion (through Moonlight).

Canonical does not need Microsoft. “MS is reported to have only 10% share of the cloud,” writes Robert Pogson in response to Microsoft propagandist Tony Bradley, so what is Canonical thinking? Microsoft needs Canonical more than Canonical needs Microsoft. When Microsoft says it is changing, well… this is correct; unlike before, it is now embracing and extending (to extinguish) FOSS. It’s s strategic change. It is easy to envision how some time in the future Microsoft will offer ‘in-cloud’ conversions from Ubuntu to Windows. If Microsoft decided to patent the business method of embrace, extend and extinguish (EEE), it would probably not ‘license’ it to anyway. It is its secret weapon and Canonical should be smart enough to know this.

01.28.15

Qualys Starts Self-Promotional FUD Campaign, Naming a Bug That Was Already Fixed 2 Years Ago and Distros Have Covered With Patches

Posted in FUD, GNU/Linux, Google, Red Hat, Security, Ubuntu at 12:23 pm by Dr. Roy Schestowitz

Ghostwriting a Qualys horror story for maximal FUD (fear, uncertainty, and doubt)

Spooky

Summary: Responding to the media blitz which paints GNU/Linux as insecure despite the fact that bugs were evidently found and fixed

THERE IS something to be said about the “top” news regarding GNU/Linux. It’s not really news. The so-called “GHOST” publicity stunt needn’t be repeated by FOSS sites. It is about a bug which was patched two years ago, but some sites overlook this important fact and stick lots of spooky logos, playing right into the hands of Qualys, an insecurity firm (making money from lack of security or perception of insecurity).

We have watches the ‘news’ unfolding over the past day and a half and now is a good time to explain what we deal with. The so-called “GHOST” (all capital letters!) bug is old. Qualys is going two years ago into bugfixes, giving a name to the bugfixes, then making plenty of noise (all over the news right now). Qualys does not look like a proxy of Microsoft or other GNU/Linux foes, but it is self-serving. Insecurity firms like Qualys probably learned that giving a name to a bug in GNU (SJVN mistakenly calls it “Linux”, but so do many others) would give more publicity and people will pay attention to brands and logos rather than to substance. Just before Christmas an insecurity firm tried to do that with "Grinch" and it turned out to be a farce. SJVN says that this old “vulnerability enables hackers to remotely take control of systems without even knowing any system IDs or passwords.”

Well, it was patched back in 2013. Use of names for marketing is what makes it “news”; the opportunists even prepared a PRESS RELEASE and pushed it into ‘big’ sites like CNN. It has marketing written all over it, just like “Heartbleed” that had strong Microsoft connections behind the disclosure. It is sad that Linux sites fall for this. Phoronix copies the press release as though it’s reliable rather than self-promotional. Michael Larabel writes: “The latest high-profile security vulnerability affecting Linux systems us within Glibc, the GNU C Library.”

It is not “latest”, it is 2 years old. Larabel says that “Qualys found that the bug had actually been patched with a minor bug fix released on May 21, 2013 between the releases of glibc-2.17 and glibc-2.18.”

OK, so it’s not news. FOSS Force cites SJVN to amplify the scare and other FOSS sites are playing along as though this is top news. It oughtn’t be. It is already widely patched (maybe requiring a reboot), so let’s patch and move on (unless it was already patched upstream/downstream years ago). IDG has already published at least three articles about it [1, 2], including one from Swapnil Bhartiya, who is not too alarmist to his credit. He noted that “there was a patch released back on May 21, 2013, between the releases of glibc-2.17 and glibc-2.18. However it was not considered to be a security risk and thus major Linux distributions that offer long term support and get security updates remained vulnerable, including Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7 and Ubuntu 12.04.”

It affects very specific versions, mostly long-term support releases that already have reliable patches available. It should be clear that some headlines such as this or that clarify the limited scope of impact (not bad reporting) unlike the alarmist trolls.

What Techrights generally found was that early coverage came from so-called ‘security’ sites or blogs of insecurity firms that try to sell their services (e.g. [1, 2, 3]). These set the tone for many.

The response to this bug is proportional to the perceived danger (e.g. due to media hype), not the severity of the bug. Some security news sites [1, 2] focus on names and logos while facts remain only a side issue. This so-called “ghost” nonsense (some lines of code basically) was fixed 2 years ago and as the blog post “long term support considered harmful” explains it: “In theory, somebody at glibc should have noticed that fixing a buffer flow in a function that parses network data has security implications. That doesn’t always happen, however, for many reasons. Sometimes the assessment isn’t made; sometimes the assessment fails to consider all possible exploit strategies. Security bugs are “silently” fixed frequently enough (without evil intentions) that we should consider them a fact of life and deal with them accordingly.”

Some of the worst kind of coverage we found came from The Register with its flamebait headlines (scary headlines for maximum effect) and the troll Brian Fagioli. They are only some among many who are using the name to come up with puns and FUD. Jim Finkle is back to his GNU/Linux-hostile ‘reporting’, bringing this to the corporate media (there is some in the UK also) and LWN quickly cited the GNU/Linux-hostile Dan Goodin. He called “Highly critical” a bug that was patched two years ago.

Debunking some of the latest security FUD we had Fedora Magazine which stated “don’t be [worried], on supported Fedora versions.”

For unsupported version there is a lot more than this one bug that one needs to worry about.

Apple fans were quick to take advantage of the news, despite the fact that Apple is leaving systems vulnerable for many months, knowingly (like Microsoft does, until Google steps in).

See, with proprietary systems one knows for a fact that there is no security. With GNU/Linux is an open question and it depends on what measures one takes to keep it secure. For Apple and Microsoft security is not at all the goal; back doors and unpatched flaws are not really as “interesting” and important for them to patch as helping spying agencies. Google is not at fault here, Google just saw that Apple and Microsoft had no plans to plug serious holes — a patch evidently wasn’t going to be made ready before the public finds out about it, owing to Google. Apple chooses to blame Google; same as Microsoft. They should only blame themselves both for the bugs and for negligence after the bugs were highlighted to them. There is no room here for properly comparing GNU/Linux (Free/libre) to OS X or Windows (proprietary) because evidence clearly shows that the latter are not interested in security and not pursuing security when it is trivially possible.

What we find curious amid the latest FUD campaign is that Apple back/bug doors are not as widely publicised as a GNU bug that was patched 2 years ago and mostly affects LTS systems (which already have patches available). “Nothing I can think of,” said a reader of ours about this media hype, “but the LTS model followed by RHEL and Ubuntu have different goals and purposes than the short, fast development cycle like OpenBSD.”

Nobody is forced to use an LTS release and those who choose it must be aware of the potential risk.

Regarding the other FUD that flooded the press in recent weeks, targeting for the most part Google and Android, our reader XFaCE wrote the following:

I assume you want to write about that new Android vulnerability. Basically I can see the narrative being pushed through three points

- Microsoft supported Windows XP/7/etc. for years, why doesn’t Google support old Android versions

- Google told Microsoft about a very old bug in their software, so they are hypocritical

- Heartbleed bug was fixed way back for 4.1.1

For the last point, it’s a bullshit comparison because

a) 4.1.1 was one point release where upgrading to 4.1.2 fixed the issue (it was already fixed back when 4.1.2 was released)

b) The fix was one file, as evident by XDA members patched it themselves on phones manufacturers refused to upgrade to 4.1.2 SOURCE: http://forum.xda-developers.com/showthread.php?t=2712916

c) As shown by the link, a lot of manufacturers DIDN’T update certain 4.1.1 devices to 4.1.2, hence proving Google’s point. The fix there was SIMPLE, but the OEMs didn’t bother to do it

With Webview, not only is webview involved, but so is the webkit rendering engine, so the fix for all those previously releases is much more complicated

As for the second point, Google did catch it, with KitKat, and furthermore made KitKat supported on more low-end devices so theoretically older 512mb or less devices could be updated

For example, HTC said (when Jelly Bean 4.1 came out) that they would not update any device with 512 mb of RAM (SOURCE: http://www.cnet.com/news/htc-one-v-and-desire-c-will-never-get-jelly-bean/ ), so naturally when KitKat came out, they updated those devices because the OS officially was designed for such low ram devices

oh wait

http://www.androidpit.com/android-4-4-kitkat-update-plans

“Later this year, the entry-level smartphone the HTC Desire 500, should also be seeing the KitKat update. However, the One X, One X+, One S, and One V will be left in the dust and will be receiving no more official updates from HTC.”

So the OEMs are at fault for not upgrading the devices, not Google, which leads to point 1 – Google doesn’t control the Android OEMs like Microsoft does OEM pay Microsoft for the support whereby Microsoft controls all updates, Google doesn’t get paid or have the agreemeent in that way

OEMs like HTC could easily fix this by porting Kitkat to those devices, but they won’t cause they want you to buy a new HTC phone or whatever phone brand

Techrights did not cover that (except in daily links) because it should be self-evident that free-of-charge Android upgrades make it inhernetly different from proprietary software and keeping up to data typically ensures security. A lot of the analogies (Android and Windows) were inherently flawed and the FUD rather shallow.

12.11.14

Ubuntu Core Announcement is Not About Microsoft and Hosting Ubuntu on Azure is Worse Than Stupid

Posted in Deception, Free/Libre Software, Microsoft, Security, Servers, Ubuntu at 12:44 pm by Dr. Roy Schestowitz

Summary: The power of media spin makes the idea of hosting Free software under the control of an NSA PRISM and back doors partner seem alluring

IN the spirit of tackling FUD we thought it would be worthwhile to tackle spin regarding the news of Ubuntu Core (news that already appears in our daily links).

Microsoft boosters such as Microsoft Gavin try to frame it as Microsoft news, saying: “A smartphone-inspired version of Ubuntu Server for Docker minimalists has been revealed with initial backing from Microsoft.” The headline is even worse. It’s deceiving for the sake of drama.

The news is not about Microsoft. This is what is called bias by omission or selection — similar to this lousy piece from Lance Whitney, former staff of Microsoft media whose latest propaganda is now omitting an old disclosure saying that he is Microsoft’s ‘former’ staff and uses US-only spin to make Android look bad (the US is not the whole world and economic advantage favours overpriced phones).

Several readers have told us that the article “Canonical restructures Ubuntu in mobile mode; Microsoft is first partner” had been removed (we searched the site to verify this) before it was reinstated. How odd. No explanation was given and while it was gone we made a copy from the Google cache of the article, very shortly after it had been deleted, then created permanent archive of the removed version. We wrote publicly at around noon yesterday about how this article vanished after it had been posted (just shortly before we made copies from Google cache and also used archive.is). We later compared the version we had archived with what was reinstated and found no obvious differences in the text. Well, maybe the problem was purely technical, but the content of the article from Paul Gillin was curious, not just the angle. A reader of ours explained: “Below is the text of an article which just disappeared. It was online for only a few hours but contains some very incriminating statements. More might show up later, but for now this is all I have. It sure explains why the Ubuntu forums moderators/staff have been slamming RMS and censoring critique of Microsoft and His Billness – in any context.”

“The situation is bad,” explained our reader. “The previous article was not a mistake” because there is other coverage although it does not provide the Microsoft spin, including phrases such as those highlighted in Diaspora. The factual part is this:

Ubuntu Core is now available on Microsoft’s Azure cloud.

This, however, is not the main news. A lot of effort was put into injecting some pro-Microsoft angle. Here is where promotional spin got injected (apart from the headline):

“Ubuntu Core is the smallest, leanest Ubuntu ever, perfect for ultra-dense computing in cloud container farms,” the company said in a press release. In a twist that’s sure to prompt a double-take from many industry veterans, Canonical chose the Azure cloud from longtime Linux foe Microsoft as its first deployment platform. “Microsoft loves Linux,” said Bob Kelly, Corporate Vice President at Microsoft, in a prepared statement.

“Microsoft has been a terrific steward of Ubuntu,” said Dustin Kirkland, product manager for Ubuntu Core, in an interview. “We have a very tight relationship.” The deal with Microsoft is exclusive for ”a couple of weeks,” after which Ubuntu Core is expected to be available on all public clouds that currently support the operating system.

So ‘“Microsoft loves Linux,” said Bob Kelly, Corporate Vice President at Microsoft, in a prepared statement.’

This is part of the new lie which we wrote about in articles such as:

The problem with articles like the above is the pursuit for talking points to lull the victim into passivity, pretending that Microsoft is now like a “best friend” of GNU/Linux. All that Microsoft does with Ubuntu Core is put it under surveillance and back door control. That’s what Azure is about, as NSA leaks serve to demonstrate.

We could of course tackle some other propaganda if we had more time for writing (I am working full time myself). Consider this new UBM spin which pretends TrueCrypt is FOSS (it’s definitely not) and cites one bug (in OpenSSL) to pretend FOSS as a whole is less secure than proprietary software blobs. There is another ugly story making the rounds about a so-called attack on GNU/Linux machines (attributing it to a government, possibly Russia’s); all the stories we have found (over a dozen so far) neglect to say that the victim must install the rogue code himself or herself, it cannot really propagate except by the user’s stupidity or recklessness. Finally, there is another batch of stories about DCOS, which is backed by a Microsoft thug who boasted about “tilting into a death spiral” competitors of Microsoft and bankrolled Microsoft proxies. DCOS — like Azure — is attempting to control GNU/Linux guests at a higher level. IDG called it a “data center OS” that “allows single-source command for Linux servers”, potentially providing a back door. I have personally seen companies that manage hundreds of GNU/Linux servers from VSphere (proprietary from EMC, which is connected to RSA and hence NSA back doors) on top of Microsoft Windows (also back doors). Can EMC be trusted to not allow intrusion? Can Microsoft? These are rhetorical questions.

Anyone who is reckless enough to put a Ubuntu machine under Microsoft hosting sure has not been keeping up with news. Canonical too would be reckless to recommend such a thing, but perhaps it has short-term thinking, pursuing Microsoft dollars at the expense of customers’ security.

04.03.14

Ubuntu is Becoming More Privacy-respecting With Ubuntu One Shutdown

Posted in GNU/Linux, Ubuntu at 5:39 am by Dr. Roy Schestowitz

Summary: Canonical is abandoning a Fog Computing service which was a bad idea all along and has become even worse in the age of NSA espionage

CANONICAL is on a roll. The company is improving its stance on privacy not just by cutting some Amazon links (Amazon works very closely with the CIA now) but also by fighting against ACPI (which NSA likes to exploit for back doors) and now dropping Fog Computing. Ubuntu servers can still be set up to power Fog Computing services, but users of Ubuntu will not be pushed to upload their personal files to remote servers, and that’s a fantastic development!

A few days ago FOSS Force appropriately wrote [1] that “Richard Stallman has been trying to warn us for years that when it come to “free” online services such as cloud hosted email accounts, we’re not customers. From the moment we signup we become inventory.”

More people should have listened to Stallman. He just got some much-deserved credit in [2] and Snowden’s leaks (for which Stallman is thankful) proved him correct rather than “paranoid”. Perhaps more people will stop using ‘customer’-hostile hosted E-mail services such as GMail, Yahoo, and Hotmail, which on the face of it does not even support Windows users anymore [3] (not so well anyway). It’s all just a datagrab and people should reject it. The business model is based on privacy infringement.

So, the latest news says that Ubuntu One will soon be history [4-16]. Users should immediately get their files out of there and we strongly urge nobody to use DropBox or other such ‘alternatives’ (don’t spread personal files to yet more servers). DropBox wasn’t just on the PRISM timeline; it also changed its terms and conditions recently, supposedly to rid itself from liability for snooping. We shared dozens of links about it earlier this year and last year. A lot of the corporate press did not pay attention or even cover these serious matters, which had mostly gone under the radar while people clicked “I agree” without reviewing the changes. We don’t need an “alternative” to Ubuntu One just as we don’t need an “alternative” to Facebook. These are fundamentally bad ideas. Media hype (propaganda by repetition) somehow convinced people — even some rational people — that Fog Computing (surveillance-friendly) is a good idea and those who reject it are “Luddites”. Now we know better and we have leaked documents to prove it.

Canonical is a British company, which means that it shares space with GCHQ (the NSA’s other big brother, which helps the NSA spy on US citizens and even Europeans). It’s nothing to do with terrorism! Data on Ubuntu One should never have been assumed “private” or “secure”. Based on one of Snowden’s most recent leaks, the NSA systematically goes through files of sysadmins (news links were posted here last month), looking to harvest their passwords which they sometimes store outside work (in plain text) in order to crack networks in many countries. It’s about espionage. Many Ubuntu users are technical people who are also sysadmins, so hopefully they never got lured into Ubuntu One.

Store locally, encrypt, use only Free software, and avoid all blobs (including drivers) where possible. That’s the only way to stay secure these days. If you are a sysadmin, then you are already an “enemy” because in the NSA’s mind you help ‘guard’ the “Bad Guys” (people like Merkel) on your network.

Related/contextual items from the news:

  1. ATMs Might Go Linux, MS DOS Source Released & More…

    Remember, Richard Stallman has been trying to warn us for years that when it come to “free” online services such as cloud hosted email accounts, we’re not customers. From the moment we signup we become inventory.

  2. Widows XP DOA on Apr 8th: FREE THIS ORPHAN !!!!

    Richard Stallman is the guru of computing freedom –and a great source. He started the “hack” movement as an outsider inside MIT during the Vietnam protesting era, and founded both the GNU software movement and the Free S/W Foundation.

  3. The Hotmail Runaround

    People who complain that “there’s no tech support for Linux” should discover that there’s even less support for Microsoft products.

  4. Shutting down Ubuntu One file services
  5. Canonical kills Ubuntu One cloud file storage service
  6. Canonical to close Ubuntu One file services, says competing in ‘free storage wars’ was unsustainable
  7. Canonical shutters Ubuntu One cloud services
  8. Canonical: we can’t afford to keep Ubuntu One
  9. Canonical Shuts Down Cloud Storage Service Ubuntu One
  10. Canonical admits failure — shuttering Ubuntu One cloud services
  11. Canonical closes down Ubuntu One cloud file services
  12. Canonical to close Ubuntu One cloud-storage service
  13. Canonical Shutters Ubuntu One
  14. Canonical shutting down Ubuntu One file services
  15. Canonical to Shut Down Ubuntu One, Start Saving Your Data Now
  16. Ubuntu to shut down Dropbox competitor Ubuntu One as storage wars heat up

    Aside from being a distraction, Canonical says the service is being shut down because “free storage wars aren’t a sustainable place for us to be, particularly with other services now regularly offering 25GB – 50GB free storage.” Interestingly, this departure also marks Canonical’s departure from music streaming services; One offered a music streaming feature for songs stored on the service.

04.02.14

No More Opposition to Ubuntu Over Spyware

Posted in GNU/Linux, Ubuntu at 3:09 am by Dr. Roy Schestowitz

Spying

Summary: Canonical did the right thing by removing a controversial behaviour which was facilitating remote user profiling by Amazon, demonstrating yet again that users’ feedback counts

Our coverage regarding Ubuntu's departure from Amazon search in Dash (by default, in future versions) was followed by a lot of articles in general news sites [1] and a lot of blogs or GNU/Linux-oriented news sites which say “it seems that the online search paradigm in Unity is about to end.” Actually, this is pretty much confirmed now. Back in the days when Ubuntu had Mono (we lobbied hard to remove it, by default) and Ubuntu was about to have a Yahoo (Microsoft) search bar we found that Canonical does listen to its users; it’s just that when it takes action accordingly (corrective action) it never admits that it is due to users’ pressure. The bottom line though, Canonical listens. Just before Christmas of 2012 I contacted Stallman and asked him to address the issue of Amazon spyware, whereupon he wrote an article and started to tackle this issue (in his public talks too). He called it “malware”, but I advised him to call it “spyware” instead. 16 months later Canonical took action and a lot of people are exceedingly happy about it. Pressure from users acted as a moral compass, or a regulator. This is the power of Free software. We no longer rely on derivatives of Ubuntu (none of which had this behaviour) to give Canonical a run for the money.

I can happily install Ubuntu again. The weak attempts [2] to describe the end of Windows XP support as a “Bad for Linux and Open Source” [3] don’t quite correspond to what I am seeing. At this moment, after setting up Puppet to mass-remove Amazon from search in Dash (upon request), I know of a company (client at work) that is right now moving hundreds of desktops from Windows XP to Ubuntu (due to XP EOL). Let’s hope this is one example of many. Let’s also hope that Canonical keeps taking users’ needs seriously. It is apparent that even large companies did not like Amazon search in Dash; it’s not just to do with a bunch of opinionated Free software proponents.

Related/contextual items from the news:

  1. Ubuntu to ditch Amazon product suggestions from its search results
  2. Death of XP Bad for Linux? Nope.

    Christopher Tozzi wrote, “The sad reality is that everybody needs to run a Windows app now and then” in an article about the increasing difficulty of virtualizing that other OS on a GNU/Linux system. He’s right about the RAM/CPU/storage burdens of that other OS increasing but he’s wrong that this is bad for GNU/Linux and FLOSS.

  3. Why Windows XP’s Demise Is Bad for Linux and Open Source

04.01.14

Canonical Breaks Up With Amazon Over CIA Connections

Posted in Ubuntu at 4:58 am by Dr. Roy Schestowitz

Mark Richard Buranov Shuttleworth
Photo from Space Facts

Summary: Future versions of Ubuntu omit linkage to Amazon are are illegal to host in AWS, as per Mark Shuttleworth’s new vision

“WE have lost confidence in Amazon,” said Mark Shuttleworth at a press conference in London this morning. “Not only is its owner now running the Washington Post to cleanse the reputation of the CIA but Amazon is also the CIA’s partner of choice.

“We cannot maintain a relationship by which Amazon is harvesting the IP addresses of Ubuntu users and what they are searching for, let alone host their data and playlists on Amazon’s servers. Effective immediately, we break up with Amazon and we will no longer enable Amazon to host Ubuntu virtual machines, to which they have back door access inside the datacentres.”

“Putting Ubuntu in virtual machines hosted by Microsoft makes as much sense as putting Huawei routers inside the Pentagon.”
      –Mark Shuttleworth
Mark Shuttleworth recently experienced or at least witnessed what it's to be abused and witch-hunted by secret services and police and he then made the first step towards the goal of abolishing Amazon, but these latest moves sure are likely to cause controversy, for fears that Mr. Shuttleworth is becoming radical and Amazon-hostile like Richard Stallman.

Bloggers, however, have welcomed Shuttleworth’s policy, noting that “the controversial ‘search everything’ home scope is gone which was sending data to Canonical servers and instead it will become the ‘Application scope’ which will show applications. It will show installed apps as well as apps available for download – makes perfect sense.”

In other news, Shuttleworth is beginning to consider removing all Ubuntu instances from Azure by rewriting software licences. “PRISM,” he said, “has shown us that Microsoft is not just complying with the NSA; Microsoft is leading the NSA towards a state of mass surveillance. Putting Ubuntu in virtual machines hosted by Microsoft makes as much sense as putting Huawei routers inside the Pentagon.”

Happy April First news.

03.29.14

Canonical Removes Amazon Search From Ubuntu (by Default)

Posted in GNU/Linux, Ubuntu at 3:36 am by Dr. Roy Schestowitz

Summary: Ubuntu has removed Amazon results from local search, according to Canonical staff

BASED on this thread which started from yesterday's article, Canonical has removed the controversial behaviour that the EFF and the FSF criticised (to the point where Richard Stallman advised people not to recommend or use Ubuntu). This is great news. Perhaps we are indeed seeing a reformed/reforming Canonical. Let’s hope for more of the same.

03.28.14

Mark Shuttleworth With a Beard Starts Sounding More Like Richard Stallman

Posted in GNU/Linux, Ubuntu at 6:25 am by Dr. Roy Schestowitz

Mark Richard Buranov Shuttleworth
Photo from Space Facts

Summary: Ubuntu’s founder Mark Shuttleworth explains that his beard is grown as a political statement while he orders the elimination of ACPI, which is favoured by the world’s biggest back doors proponent, the NSA (and GCHQ)

Mark Shuttleworth is a fascinating and charismatic man. At a very young age, equipped with Free software, he was able to make his dreams come true and he is still very good at business [1]. In recent years many tried to portray him as a greedy exploiter — a narrative we rejected and fought back against. As a man who grew up in South Africa, he is aware of discrimination (sometimes to the extreme) and now that he lives in the UK he must be seeing some of the same symptoms, which is why he is growing a beard [2] (to make a statement).

“If Shuttleworth rejects ACPI, then he should also reject UEFI and Amazon (especially the Fog Computing aspect of it).”To be politically expressive sometimes contradicts and interferes with business. Just look at what’s being done to Mozilla right now. We are not going to entertain the politics of intimidation and blackmail (into conformity, by threatening one’s job and free speech), but a lot of readers may already know what we refer to. Either way, earlier this month, in response to NSA revelations, Mark Shuttleworth made it quite apparent that surveillance software like Skype won’t return into Ubuntu’s front page (in the Web site) any time soon. Shuttleworth seems to be grasping the fact that we are moving in a bad direction in technology, where surveillance and back doors are becoming somewhat of a norm. Earlier today a reader send us this news link [3] about US legislators wanting to require back doors not just in phones but also desktops/laptops (call it “Back Doors by Law”). This is seriously messed up!

Now, taking into account monopoly abuser‘s promotion of UEFI, which enables remote destruction of computers (the NSA helps validate this) we should definitely avoid it. Given what Amazon does with the CIA, we should avoid it too, not put Amazon spyware inside Ubuntu (in my job I was writing puppet config files to remove this spyware from hundreds of federated desktops). On the bright side of things, despite Canonical supporting Amazon and UEFI, Mr. Shuttleworth now declares war on ACPI [4], which is deemed a proprietary security threat (possible hijacking or remote bricking, like UEFI). There was press generated to that effect thanks to Mr. Shuttleworth [5-7], raising awareness among many.

Shuttleworth is not typically techno-political, except perhaps when it comes to software freedom. So his stance on ACPI is hopefully the start of more such stance changes. If Shuttleworth rejects ACPI, then he should also reject UEFI and Amazon (especially the Fog Computing aspect of it).

Related/contextual items from the news:

  1. Vendors “looking seriously” at Ubuntu – Shuttleworth

    Mark Shuttleworth, founder of Canonical, said that he is “very confident that large manufacturers are looking seriously at Ubuntu as the new open platform of choice”, following the recent announcement that it is working with two small players – bq and Meizu – to bring the first smartphones using the platform to market.

  2. Here’s why Mark Shuttleworth is growing beard

    “There is a slightly serious angle to beard. One of my colleagues was stopped and held by transport police in UK. He was questioned for hours. There was no justification to it and so while he was leaving, he asked them the reason and they said it was the beard. This is disgusting. A society should be civilised enough to not judge people on the basis of how they look.”

  3. Feds want an expanded ability to hack criminal suspects’ computers

    The United States Department of Justice wants to broaden its ability to hack criminal suspects’ computers according to a new legal proposal that was first published by the Wall Street Journal on Thursday.

    If passed as currently drafted, federal authorities would gain an expanded ability to conduct “remote access” under a warrant against a target computer whose location is unknown or outside of a given judicial district. It would also apply in cases where that computer is part of a larger network of computers spread across multiple judicial districts. In the United States, federal warrants are issued by judges who serve one of the 94 federal judicial districts and are typically only valid for that particular jurisdiction.

  4. ACPI, firmware and your security

    If you read the catalogue of spy tools and digital weaponry provided to us by Edward Snowden, you’ll see that firmware on your device is the NSA’s best friend. Your biggest mistake might be to assume that the NSA is the only institution abusing this position of trust – in fact, it’s reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies.

  5. Linux Bugs but Proprietary the Threat Says Shuttleworth
  6. Mark Shuttleworth Calls For An End To ACPI
  7. Proprietary firmware poses a security threat, Ubuntu founder says

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts