Bonum Certa Men Certa

Links 26/11/2014: Docker Patched, New DragonFlyBSD





GNOME bluefish

Contents





GNU/Linux



  • About Linux Weekly News - 24th November 2014


  • Desktop



    • Expensive "Free/Libre Software Laptop" Uses A NVIDIA GPU
      While there's been an ongoing discussion this week about delivering a $500 "open to the core" laptop that runs Ubuntu Linux and would be comprised of open-source software down to the firmware and Coreboot, announced last week was a high-end laptop that also aims to promote free/libre software. Though don't get out your wallets quite yet.




  • Server



    • Docker Update Fixes Pair of Critical Security flaws
      The open-source Docker container virtualization technology has emerged as one of the hottest and most hyped technologies of the year. Docker, however, isn't immune from security vulnerabilities, as a pair of recent updates illustrate.


    • AMD & PathScale Join OpenACC Group
      Up to now the OpenACC parallel programming standard has mostly been perceived as a NVIDIA affair along with backing from the likes of Cray and PGI. Now, however, AMD and PathScale are joining the OpenACC Standards Group so hopefully we'll see greater, multi-vendor adoption of it going forward.






  • Kernel Space



    • Graphics Stack



      • PowerVR SGX Driver Code Gets Leaked


      • Valve's VOGL Is Finally Back To Having New Commits, OS X Support
        While Valve's VOGL open-source OpenGL debugger was off to a great start when announced at the start of the year, recently it fell into a bit of a dry period when it didn't see any new work for more than a month. Fortunately, that dry spell is over and there's new commits flowing back into VOGL.


      • Nouveau Might Have A Logo
        A designer, Valeria Aguilera, has been working to make a Nouveau logo. Last night she posted her first draft of the proposed Nouveau logo, "I would like to highlight that the logo incorporates a penguin corresponding to the linux kernel components used to create this open source driver. The 3D cube/shape represents the 2D and 3D acceleration capability. The 'n' simply stands for the first letter in Nouveau and the green colour was chosen because the driver is for NVIDIA video cards."


      • Mesa 10.4 RC1 Is Here, Lands Direct3D 9 State Tracker
        Emil Velikov has announced the first release candidate for the upcoming Mesa 10.4 release.


      • Freedreno MSM Driver Has Big Changes For Linux 3.19 Kernel
        Most notable for this MSM DRM driver that's associated with the Freedreno driver project is the support for the Qualcomm Adreno A4xx series. The Qualcomm Innovation Center added the A4xx hardware support to the open-source DRM/KMS driver as a surprise move. Meanwhile, Rob Clark of Red Hat took to writing the Gallium3D support that's now in Mesa Git master following the recent Mesa 10.4 branching.


      • NEMO-UX Shell Is A Futuristic, Multi-User Wayland Experience
        Demonstrated at the ACM Interactive Tabletops and Surfaces (ACM ITS) event in Dresden, Germany the past few deays was the "NEMOSHELL" that looks like a futuristic user experience supported by Wayland.




    • Benchmarks



      • Apple OS X 10.10 vs. Ubuntu 14.10 Performance
        While I delivered some OS X 10.10 Yosemite preview benchmarks back in August, here's my first tests of the official release of Apple OS X 10.10.1 compared to Ubuntu 14.10 Linux. Tests were done of OS X 10.9.5 and OS X 10.10.1 against Ubuntu 14.10 Utopic Unicorn when running the benchmarks under both GCC and LLVM Clang compilers.


      • AMD Radeon Gallium3D Is Catching Up & Sometimes Beating Catalyst On Linux
        Last week I shared some preview benchmarks from Steam on Linux showing Radeon Gallium3D starting to beat Catalyst. In this article are the full results from comparing the open and closed-source AMD Linux graphics cards with sixteen Radeon graphics cards while testing Team Fortress 2 and Counter-Strike: Global Offensive on Linux. The results yield a very close race!






  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • Colorpick
        Colorpick is a color picker and contrast checker. I originally wrote it to help me check and fix the background and foreground colors of the Oxygen palette to ensure text was readable. Since then I have been using it to steal colors from various places and as a magnifier to inspect tiny details.




    • GNOME Desktop/GTK





  • Distributions



    • Rescatux Is a Useful Tool to Fix Grub and Promote Windows Users to Admin
      Rescatux, a Linux distribution that allows users to perform all kinds of rescue operations with the help of an easy-to-use wizard called Rescapp, has been upgraded to version 0.32 Beta 3, and the developer has made a number of important fixes.


    • Ready to give Linux a try? These are the 5 distros you need to consider


      There are so many Linux distributions that choosing one can be overwhelming for a new user. One might be too intimidating for a user to even try, while another might be too simplified, blocking that user from knowing how Linux systems actually function.

      I have been using Linux as my primary OS since 2005 and have tried all major (and quite a lot of minor) distributions. I have learned that not every distribution is for everyone. Since I also assist people in migrating to Linux, I have chosen the 5 distros that I recommend to new users based on their level of comfort and desire to learn (or not learn) more about Linux.


    • New Releases



    • Red Hat Family



      • Fedora



        • Fedora Linux: The Safest Operating System on the Planet


        • Open Seat on the Fedora Server Working Group
          This past week, David Strauss chose to step down from his position on the Fedora Server Working Group, citing a lack of alignment with his current work usage. The Fedora Server SIG would like to thank David for his contributions up to this point and wish him well.

          This means that there is currently a vacancy in the Fedora Server Working Group. The Working Group is the nine-person volunteer body that oversees the development, testing, release, documentation, marketing and evangelism of the Fedora Server. Membership on this Working Group is a moderate commitment requiring a participation of a minimum of two hours a week, one hour of which being the (usually) weekly meeting.


        • Fedora Good, Bad, & Ugly and Debian's Rise
          Pádraig Brady today offered up his assessment of Fedora 21 in comparison to Fedora 16 from which he upgraded. Bruce Byfield is back with a look at the "rise of Debian technology" and Softpedia is reporting that CentOS was used to make the black hole in hit movie Interstellar. Gunnar Hellekson refutes the assertions in a recent GCN article declaring Open Source poorly designed and, finally today, Linux powered submersible says polar caps thicker than estimated.


        • Fedora 21 Innovates in Docker Cloud Virtualization with Project Atomic
          Docker, OpenStack, EC2 and "Project Atomic" are among the leading buzzwords for Fedora Linux 21, the upcoming release of the community-developed open source operating system that serves as the basis for Red Hat's enterprise Linux platforms. Due out next month, the release is now receiving its final tweaks from developers, who have revealed further details on the cloud and virtualization innovations in the new version.


        • Important Fedora vote concludes today!


        • Fedora Council Election Results


        • Fedora Will Begin Upgrading The X.Org Server As A Distribution Update
          While Fedora is working to migrate over to Wayland by default, the X.Org Server won't disappear anytime soon for legacy X11 application support and other purposes. With Fedora 21 and going forward, Fedora is likely to be getting in-place X.Org Server updates upon new releases.






    • Debian Family



      • The rise of Debian technology
        Out of 285 active distributions on Distrowatch, 132 are based on Debian and 67 on Ubuntu. This predominance is not only unrivalled in a field as diverse as Linux distros, but has been true now for several years. I've cited it several times, but until now, I haven't addressed the question this observation also raises: how did this state of affairs come about?


      • Derivatives



        • Canonical/Ubuntu



          • Bq Introduces More Android Devices, But Still No Ubuntu Phones
            Bq held a media event today where many were hoping the first Ubuntu Phone would be officially unveiled, but that was not the case with Ubuntu receiving no mentions during the event.

            Bq is one of Canonical's first two Ubuntu Phone partners and they had plans to ship the first Ubuntu Phone by the end of 2014. The other phone partner, Meizu, has previously said the MX4 with Ubuntu Touch would come in December.


          • Canonical Is Still Considering Turning the Phone into a Mini-PC
            Canonical is working to complete their idea of convergence with the launch of Ubuntu Touch, a new operating system for mobile devices. The desktop flavor of Ubuntu will eventually share the same code with the mobile one, and their plans go even further than that.


          • Tiny quad-core ARM mini-PC runs Ubuntu with Cinnamon
            A startup is pitching a $129-$199 “Imp” mini-PC on Indiegogo based on a quad-core Odroid-U3 SBC, with HDMI streaming and an Ubuntu/Cinnamon Linux desktop.

            A day after reporting on one Israeli-based, non-Android ARM mini-PC — SolidRun’s $100 CuBoxTV with OpenElec Linux — here comes another. Aside from the usual hyperbole found on crowdfunding pages — are we really “democratizing the digital home experience” or just buying an embedded ARM computer? — the Ubuntu-based Imp mini-PC looks like a pretty good deal.


          • Flavours and Variants











  • Devices/Embedded



    • Quad-core media player runs Kodi/XBMC on OpenElec Linux
      SolidRun’s tiny, $100 “CuBoxTV” media player runs OpenElec Linux and Kodi (formerly XBMC) on a quad-core i.MX6 SoC, and offers 100Mbps+ video decoding.

      The CuBoxTV is the first Freescale i.MX6 based media player to run the Kodi (formerly XBMC) multimedia distribution, says Israel-based SolidRun. CuBoxTV is closely based on the company’s latest i.MX6 based CuBox mini-PC, which now sells for $80 to $140, depending on the number of Cortex-A9 i.MX6 cores and other features. The CuBoxTV, which is available only with the quad-core i.MX6 SoC, goes for a sale price of $100.


    • CuBoxTV: Tiny $100 Linux-based XBMC media center
      SolidRun’s CuBox line of tiny desktop computers are cubes that measure just 2 inches across. But the little boxes sport Ethernet jacks, optical audio output, 2 USB ports and a micro USB port.


    • Linux-based AUV maps Antarctic sea ice thickness
      Woods Hole Oceanographic used a Linux-based “SeaBED” AUV to build the first 3D map of Antarctic sea ice — and found it’s thicker than had been estimated.

      Every now and then we see some good news about climate change sprinkled in with all the increasingly dire warnings. Yesterday, the New York Times reported that solar and wind energy are starting to become competitive with natural gas. On the same day, Woods Hole Oceanographic Institute (WHOI), based in Massachusetts, announced it had published a paper in Nature Geoscience on experiments run by an autonomous, Linux-based submarine called the SeaBED. The underwater survey indicated that Antarctic sea ice was thicker than had been previously estimated.


    • Sub-notebooks/Tablets







Free Software/Open Source



  • Hey, here's some face-tracking tech from Samsung you probably won't find creepy at all
    Samsung says it'll release the source code to software that allows physically disabled people to move a mouse pointer with their eyes.


  • Samsung 'eye mouse' helps the paralyzed use PCs, will be made open-source
    From his adjustable bed, Shin made the words appear on the computer screen using Eyecan+, an eye-tracking device developed by Samsung Electronics.

    “I’m happy that eye mouse is developed in Korea,” he continued. “The eye mouse is not just an IT product, but limbs for the disabled. Hope this kind of research will continue.”



  • Assembly Helps Developers Find, Monetize Open Source Contributions


  • An open source Christmas with Kano
    So this season, what every open sourc-erer wants might just be Kano, a computer kit that comes will all the functions needed to build it and learn to code afterwards.


  • Mapping the world with open source
    In the world of geospatial technology, closed source solutions have been the norm for decades. But the tides are slowly turning as open source GIS software is gaining increasing prominence. Paul Ramsey, senior strategist at the open source company Boundless, is one of the people trying to change that.

    Ramsey has been working with geospatial software for over ten years, as programmer and consultant. He founded the PostGIS spatial database project in 2001, and is currently an active developer and member of the project steering committee. Ramsey serves as an evangelist for OpenGeo Suite, works with the Boundless business development team to share about their collection of offerigns, and speaks and teaches regularly at conferences around the world.


  • Google Brings Open Source Security Gifts
    'Tis the season for giving, and search giant Google wants to give security researchers and end-users some new tools. Over the past few weeks Google has released multiple security tools and open source efforts to help end-users and organizations defend themselves from modern threats.


  • OPNFV Does Telecom/Open Source 'Mind Meld'
    The Open Platform for NFV Project Inc. is growing rapidly -- ZTE joined just last week and more new members will be announced in December -- while trying to meet an aggressive schedule of new software releases every six months, beginning in the first half of 2015. (See Open NFV Group Uncloaks Its Platform Plan and Will Carriers Step Up to Open Challenge?)


  • Particulate sensor developed using open source approach
    A New York based start up company has used an open source approach, as well as funding from Kickstarter, to develop AirBeam – a handheld sensor which determines the concentration of particles in the air measuring 2.5€µm or less.

    [...]

    The AirCasting app and website code is available on GitHub as open source, along with the AirBeam firmware and electronic schematics. The STL files for 3D printing the AirBeam and LiteBeam enclosures can be downloaded from www.shapeways.com.


  • Web Browsers



    • Chrome



      • Google will kill Microsoft Silverlight in Chrome by disabling NPAPI plug-in
        GOOGLE IS MOVING ahead with plans to kill off support for Microsoft Silverlight in its Chrome browser.

        The Microsoft runtime depends on an ageing plug-in protocol called Netscape Plugin Application Programming Interface (NPAPI), for which Google is currently phasing out support in its browser.


      • What’s the Difference Between Chromium and Chrome?
        Chromium is the open-source project that forms the basis for Google Chrome. Because it’s completely open source, Chromium is available in many Linux distributions’ software repositories for easier installation.




    • Mozilla



      • Review of the new Firefox browser built for developers
        Mozilla recently announced a new browser version for developers on the 10th anniversary of the Firefox browser. The Usersnap team and I took a look at whether it works well for the web development process, offers developers a variety of possible applications, and if it keeps up with the Google Chrome dev tools.






  • Oracle/Java/LibreOffice



    • First Beta Version of LibreOffice 4.4 Is Now Ready for Testing
      The work for LibreOffice never stops and this is actually one of the perks of being open source software. The application is constantly improved and the users can easily see what is being done in this regard. Usually, new major updates for a new branch will have several devel versions before the stable one is released, and that means we are still pretty far away from that milestone.


    • VirtualBox 4.3.20 Arrives, Still No Sign Of VirtualBox 4.4
      VirtualBox 4.3 was released in October of 2013 and since then VirtualBox from an external look appears to be largely in maintenance mode. The 20th point release was put out today with just stability and regression fixes. There's not yet any public development releases of VirtualBox 4.4 or any other next-generation series to this virtualization software born during the Sun Microsystems days. Thankfully, during this time, KVM and Xen along with components like Virt-Manager and QEMU continue advancing in a steadfast manner for those interested in open-source virtualization.




  • CMS



  • Business



  • Funding



    • Open-Source Chat Platform Scrollback Raises $400,000 Seed Round
      Scrollback, a free open-source chat platform for online communities, has raised $500,000 Singaporean dollars (about $400,000) led by Jungle Ventures, with participation from Singapore’s National Research Foundation, Crystal Horse Investments, Singapore Angel Network, Roland Turner, and other angel investors.




  • BSD



    • DragonFlyBSD 4.0 Drops i386 Support, Improves Graphics
      The much anticipated release of DragonFlyBSD 4.0 is now available.

      The biggest "big ticket item" of DragonFlyBSD 4.0 include improving graphics support with the Linux-ported Intel DRM driver now handling Intel "Haswell" graphics complete with OpenGL support, well more than one year after it's been optimized for Linux users. DragonFlyBSD 4.0 is also significant in that it drops 32-bit i386 support in making it 64-bit only for x86 systems. While the DRM driver porting takes a while across all BSD distributions right now, at least DragonFlyBSD developers can take a stand for pushing forward and focusing on 64-bit support rather than 32-bit.


    • DragonFly 4.0.1 released
      Version 4 of DragonFly brings Haswell graphics support, 3D acceleration, and improved performance in extremely high-traffic networks. DragonFly now supports up to 256 CPUs, Haswell graphics (i915), concurrent pf operation, and a variety of other devices. Check the full release notes for details, and visit the mirrors page for download links.
    • 64-bit ARM FreeBSD Support Is Taking Shape
      While Linux/Android on AArch64 is what's usually talked about, FreeBSD developers continue making progress on porting their kernel to 64-bit ARM.


    • A review of PC-BSD 10.1


    • Google Now Uses Clang As Their Production Compiler For Chrome Linux Builds
      For just over one month Google's Chrome/Chromium team has been using Clang as their production compiler on Linux in place of GCC.




  • FSF/FSFE/GNU/SFLC



    • The FSF is hiring: Seeking a full-time outreach and communication coordinator
      The Free Software Foundation (FSF), a Boston-based 501(c)(3) charity with a world wide mission to protect freedoms critical to the computer-using public, seeks a motivated and organized tech-friendly Boston-based individual to be its full-time outreach and communication coordinator.


    • GNU Guix 0.8 Has A New Visual UI In Emacs
      The GNU Guix functional package manager has been updated to version 0.8 and incorporates four months of changes.

      GNU Guix 0.8 features a new visual user interface in Emacs, a variety of new Guix sub-commands, improved reporting of package upgrades, and various improvements to the Linux-libre distribution portion of Guix.




  • Project Releases



  • Public Services/Government



    • Finland’s Innovillage spurs open development of e-gov services
      Finlands Innovillage - an online collaborative platform for the development and implementation of new government service models and practices - shows that innovation demands an open process that involves users, professionals, managers, experts and policy-makers. “Fundamentally, e-government innovation needs to be open and allow participation”, says Pasi Pohjola, coordinator of Finland’s Development Programme for Social Welfare and Healthcare.


    • Glitch takes down DOD’s open source IT collaboration environment
      “On Sunday, 23 Nov, our hosting provider executed an automated script that inadvertently corrupted all Forge.mil systems,” DISA said in an email notification obtained by FedScoop. “We’ve been working with their SysAdmins since then to bring Forge.mil back into service. We were expecting all systems back up Monday afternoon but problems with recovering from our backup systems have prevented that. We continue to work with our hosting provider to escalate issues and apply necessary resources to achieve resolution until all systems are back up and available.”




  • Openness/Sharing



    • Free the Seed – The Open Source Seed Initiative
      With the slogan, “Free the Seed”, a group of plant breeders, academics, among others, have formed an Open Source Seeds Initiative to prevent the down stream restrictions to germ plasm, genetic material, breeding and seeds in general. Based in the open software philosophy, the initiative seeks to create a common pool of seeds. Like open source software, these seeds are expected to be free for all kinds of use and distribution.


    • Dinner can be like open source too


    • Startup to Open Source Parallel CPU
      A startup founded by two teenagers is designing a parallel processor that it hopes delivers a 10x leap in performance per watt for high-end systems. Rex Computing will make open source its instruction set architecture in hopes of rallying supporters around it.




  • Standards/Consortia



    • Berners-Lee: new HTML5 'open web' milestones
      The Computer Weekly Open Source Insider blog noted on January 1 2013 that the World Wide Web Consortium (W3C) made note that a stable specification of the HTML5 web markup language has been laid down for web application developers to now focus on.


    • ZigBee Announces New Internet of Things Standard
      The ZigBee Alliance, has announced the unification of its wireless standards to a single standard named ZigBee 3.0, which will provide interoperability among the widest range of smart devices, providing consumers and businesses access to innovative products and services.


    • OpenCL & SYCL Updated For Heterogeneous Parallel Programming
      The Khronos Group has released updated versions of the OpenCL and SYCL specifications from the Super Computing 2014 conference in New Orleans.






Leftovers



  • Science



    • US Department of Defense Militarizes Social Science
      In 2008, the US Department of Defense founded the Minerva Initiative, a “social science research initiative” which focused on regions of “strategic importance to US national security policy.” The initiative focuses on results that can be used in the field (that are “warfighter relevant,” in the words of the Minerva Initiative website). The DoD is issuing $17 million to fund twelve new projects for 2014-17. As Nafeez Ahmed reports in the Guardian, the DoD funding social science is a conflict of interest and certain proposed projects raise questions about how the social science might be used in warzones.




  • Security



  • Defence/Police/Secrecy/Aggression



    • Video Analysis of Fatal West Bank Shooting Said to Implicate Israeli Officer
      One day after Israel charged an officer from its border police force with manslaughter in the shooting of a Palestinian teenager at a protest in the West Bank last May, the boy’s father and an Israeli architect who helped reconstruct the killing based on video evidence argued that the officer should be indicted on a murder charge instead.







  • Finance



    • HOTEL 22: The Dark Side Of Silicon Valley
      Jimmy hands $2 worth of dimes to the conductor and finds a seat at the back of the bus.

      He settles himself in for what is going to be a long night - taking off his scuffed leather shoes and resting his head against a window opaque with condensation.

      Jimmy, 47, has had the same routine for the last three years since losing his job as a chef at Microsoft.


    • Save the Fatcats
      CEO Justin Forsyth €£139,950 COO Anabel Hoult €£139,950 COO / CFO & Strategic Initiatives Rachel Parr €£131,970 Global Programmes Director Fergus Drake €£113,300 Fundraising Director Tanya Steele €£112,2001

      [...]

      StC has just given Tony Blair its “Global Legacy” award. What kind of people like Tony Blair? People who earn over 100,000. I am not sure that if you put money in a tin, or bought from their charity shop, you thought you were paying that many fat salaries. There are also gold plated pensions and other benefits. Justin Forsyth, the CEO, of course worked in Tony Blair’s neo-con policy unit.


    • NYT Columnist's Faulty Attack on Elizabeth Warren's 'Rage'
      New York Times columnist Andrew Ross Sorkin has earned a reputation over the years for being friendly with the Wall Street giants he covers. If you read his bizarre rant against Senator Elizabeth Warren, it's not hard to see why.


    • Millions in Poverty Get Less Media Coverage than 482 Billionaires
      In June 2014, Fairness and Accuracy in Reporting (FAIR) published a study showing that ABC World News, CBS Evening News, and NBC Nightly News give more media coverage to the 482 billionaires in the U.S. than to the 50 million people in poverty, airing almost four times as many stories that include the term “billionaire” as stories including terms such as “homeless” or “welfare.” According to the report, an average of only 2.7 seconds per 22-minute nightly news program were devoted to covering stories where poverty was mentioned.




  • PR/AstroTurf/Lobbying



  • Censorship



    • Google Asked to Censor Three Million Pirate Bay URLs


      The Pirate Bay reached a questionable milestone today when copyright holders asked Google to remove the three millionth Pirate Bay URL from search results. While most requests are valid, Google also removed several non-infringing pages.




  • Privacy



    • Want to avoid government malware? Ask a former NSA hacker
      A young British company called Darktrace, whose technology was spawned in the classrooms and bedrooms of Cambridge University, can now boast a covey of former spies among their executive ranks. Jim Penrose, who spent 17 years at the NSA and was involved in the much-feared Tailored Access Operations group (TAO), is one of Darktrace’s latest hires.


    • UK Pirate Party slams government plans for IP address identification
      THE UK PIRATE PARTY has slammed government plans which could see IP addresses linked to individuals in the same way as phone numbers.

      Loz Kaye, outspoken leader of the party, said: "It's extraordinary that the Home Office did not consult [the] industry about these plans.

      "To me it shows they don't care whether they will work or not. They are just interested in headlines."

      He went on to criticise the Liberal Democrats, which had earlier welcomed the move, saying it provides proof that there will be no return to snooping in this Parliament.


    • Slack now letting employers tap workers' private chats
      Slack, whose chat app aims to help workers get stuff done, might now have them running scared, knowing the boss could access their chats.

      The company's upcoming paid Plus plan will include an optional feature called Compliance Exports, announced Monday, which will let administrators access their team's communications, encompassing public and private messages.


    • Most people have heard of Snowden, few have changed habits as a result
      New worldwide survey results conducted by a Canadian think tank show that most people around the world (60 percent) have heard of Edward Snowden, but just over a third "have taken steps to protect their online privacy and security as a result of his revelations."


    • Thinking of buying a security camera? Read this first
      Most security cameras and their software aren’t built with computer security in mind. None of the vendors could provide me with a clear understanding of code reviews and penetration testing. In fact, most of my security inquiries were met with befuddlement. Often I was called back by someone days later who either did not know the answers to my questions or said yes to everything I asked so often, you knew they were not telling the truth.
    • Truly private surfing
      In my previous post i recommended to use two firefox plugins to truly surf through Internet whoes pages are "infected" with social network embedded widgets that only report about our presense in those pages and if we are lucky, only that, but i also identifies us because the propagation of cookies.

      In this post i will give some recommendations about how to stop Firefox from surfing the web without us knowing it, yes, in the background. The other day i was analyzing what happens in the background in the network with Firefox open, and i was worried for a minute or two because i saw connections going out of my computer but i was not surfing anything... i had one page open, so i closed it incase that that page had some javascript with a loop doing some connections without me knowing.... but the connections kept being done.


    • Report On UK Terrorist Murder: MI5 Absolved, Facebook Guilty
      Of course, that would mean finding some way to win support for an intrusive Communications Data Bill, which provoked such a strong reaction the last time it was discussed. So it's interesting coincidence that the day after that place-marker by the Home Secretary, a new report (pdf, and embedded below) has been published on a particularly brutal terrorist attack that took place on the streets of London last year. The report comes from the UK's Intelligence and Security Committee (ISC), which was roundly condemned by a Parliamentary committee earlier this year for being out of touch and ineffectual. It was asked to examine what lessons could be learned from the failure to stop the attack, given that both the two men convicted of murdering the British soldier Fusilier Rigby were known to the UK intelligence service.

      [...]

      Well, that's because they are communications companies: they provide ways to communicate, just like phone companies or the post system. There's no more reason they should be monitoring every piece of content on their systems than telephone companies should monitor the content of calls, or post offices the content of letters. It's not their job, and would in any case be an extraordinary invasion of privacy.

      [...]

      That the ISC's report into the attack turns out to be a whitewash is no surprise. Earlier this month, the UK's leading human rights groups decided to boycott another inquiry that it would be conducting, since they had "lost all trust in the committee’s ability to uncover the truth." And just before the ISC report was published, it was claimed that the committee had "failed to speak to witnesses who say the plot's leader was repeatedly contacted by the security services before the attack"...

      [...]

      So who gave that information to GCHQ? The statement above makes it clear it wasn't Facebook itself but a "third party". Who else had access to such private messages? Someone at the company? Maybe, although that seems very unlikely given the company's awareness of how big an issue this would be.

      Another obvious candidate is the NSA. Snowden has told us that it accesses and stores vast quantities of messages as they flow across the Internet; given the nature of the conversation, and the keywords it contains, it seems quite likely that it was added to a database somewhere, "just in case". Perhaps it was dug out at the request of GCHQ, which then passed it on to the company concerned -- in order to land it in hot water, and get MI5 off the hook. Just another benefit of being part of the Five Eyes club.
    • Lee Rigby: inquiry into murder of fusilier ‘failed to seek out witnesses’
      The official inquiry into the jihadi-inspired murder of Lee Rigby in 2013 is poised to clear the security services of major criticisms but is facing claims that it failed to speak to witnesses who say the plot’s leader was repeatedly contacted by the security services before the attack.


    • Survey: Public Clouds, File Syncing and Data Privacy Dangers
      Lots of employees use public cloud services, like Dropbox and Box, to sync and share files even if they contain sensitive data. That's not too surprising, but what is is the finding that more than half of organizations don't have policies in place to keep important data out of the public cloud, at least according to their employees. So says M-Files, which has released interesting survey results on this topic.
    • The Coming War on Encryption, Tor, and VPNs
      And that, of course, will not go down well with the world's spy agencies. As I wrote a couple of weeks ago, there is a clear move to demonise strong encryption using a crude "if you have nothing to hide, you have nothing to fear"-type argument: only bad people could possibly want to hide their communications. I predict that things will only get worse - not just because of Let's Encrypt, but also following the Home Secretary's announcement this week of yet more counter-terrorism measures.

      One of them claims to address the fictional "capabilities gap the authorities face when it comes to communications data." There is no such gap, because the volume of communications data has grown so hugely that any *percentage* loss of capabilities is more than made up for by the greater total quantity of information now available. For example, even if the authorities were only able to access a half of all communications data, say, that would still represent hundreds of times more raw information than previously because overall traffic has probably increased many thousands of times thanks to the rise of the Internet (those figures are plucked from the air, but the point remains valid.)

      [...]

      But it is, of course, trivial to avoid this surveillance using Tor or a VPN. And so inevitably the next stage of this assault on online digital liberties will be to attack those too, even though both have perfectly legitimate uses, especially the latter. Indeed, now would be a good time for businesses to make it known to the UK government that they require VPNs to function properly in the online world, just as they require strong encryption; and that trying to outlaw any of these, or to restrict or weaken them in the name of "counter-terrorism" would be yet another deeply disproportionate response with serious adverse consequences for the economy and society.


    • How to Encrypt the Entire Web for Free
    • Secret Malware in European Union Attack Linked to U.S. and British Intelligence
      Complex malware known as Regin is the suspected technology behind sophisticated cyberattacks conducted by U.S. and British intelligence agencies on the European Union and a Belgian telecommunications company, according to security industry sources and technical analysis conducted by The Intercept.


    • NSA privacy director defends agency's surveillance
      The U.S. National Security Agency’s surveillance programs are legal and under close scrutiny by other parts of the government, the agency’s internal privacy watchdog said Monday in an online Q&A.


    • EC-Council President Warns Global Leaders of Cyber Pandemic at World Internet Conference
      In a rousing speech made to a packed audience at the World Internet Conference held November 19th - 21st in the historic city of Wuzhen in Zhejiang Province, Jay Bavisi, President and Founder of EC-Council, pushed for emphasis on solving cybersecurity threats by focusing on secure coding, the creation of a global legal framework, and better education initiatives. The theme of the event, "Interconnected World, Shared and Governed By All" resonates on the information security industry as cyber crime is a global problem in need of global solutions. Top executives from Chinese tech firms, including Baidu, Alibaba, and Tencent, as well as representatives from Apple, Amazon, Microsoft, Samsung, LinkedIn, and non-profit organization ICANN attended the conference.


    • Regin Spyware Likely Made by NSA, UK
    • NSA, GCHQ or both behind Stuxnet-like Regin malware?
    • Sophisticated Regin Malware Could be the Child of GCHQ or NSA
    • NSA, GCHQ or both behind Stuxnet-like Regin malware?
    • Sophisticated Malware Regin Linked To NSA, British Intelligence
    • 'Elegant' Regin Malware Linked to Brits, NSA
      A sophisticated malware program called "Regin" has been used in systematic spying campaigns against a range of international targets since at least 2008, Symantec reported on Sunday.


    • Patriot Act Deadline Threatens to Splinter NSA Reformers
      Privacy advocates, facing an uphill battle in a Republican-controlled Congress next year, will have to make a difficult choice.

      Some argue that their best shot to curb the National Security Agency's powers will be to kill core provisions of the USA Patriot Act altogether. But other reformers aren't ready to take the post-9/11 law hostage.
    • NSA Reform Could Pit GOP Hawks Against Party’s Libertarian Wing
      Efforts to curb the National Security Agency’s bulk collection of American phone metadata were dealt a blow with the defeat of the USA Freedom Act on Nov. 18. With a 58-42 vote, the bill failed to attract the 60 votes necessary to clear the Senate filibuster.


    • Cryptocurrency News: NSA 'Outlined Bitcoin-Like System' and 70% of Bitcoins Unspent
      Most other major cryptocurrencies have seen a similar upturn in fortunes, with litecoin, dogecoin, peercoin and darkcoin all rising in price by between 3% and 6%.
    • "Big Data Ethics" Sound Great, But They Won't Stop The NSA—Or Facebook
      It was worth a shot. At the recent Strata Conference in Barcelona, Hadoop founder Doug Cutting took to the stage to argue for a new era of Big Data ethics.

      "It’s time for us to reflect as we enter this new data age on how we want it to work," Cutting declared. "This is the time when the practices and policies we want will be set for the coming decades."


    • Edward Snowden Receives Stuttgart Peace Prize 2014
      Edward Snowden has been awarded Stuttgart Peace Prize 2014, but could not attend the ceremony and sent a message via a video, urging to fight for the observation of human rights.
    • NSA leaker Snowden feted in Stuttgart
      NSA whistleblower Edward Snowden accepted the Stuttgart Peace Prize and called on the public to keep fighting for peace in a speech via video uplink on Sunday.


    • Utah is considering shutting off water to the NSA
      What happens when a US state government directly opposes the operations of one of the most powerful agencies in the country? Utah might be about to find out, with a bill going forward early next year proposing Utah shuts off water to the NSA's massive data collection center in Bluffdale.

      Republican Marc Roberts proposed the bill, which states municipalities in Utah must “refuse support to any federal agency which collects electronic data within this state.”
    • NSA Spies Recruit Teenage Kids: We Can Stop It
      As if the creepy spy-guy wandering around your kid’s college campus trying to recruit her into the NSA wasn’t bad enough, now you can find him wandering the halls of your local high school and middle school as well.

      According to a recent article in the Intercept, the NSA recently established cybersecurity camps for middle school and high school students, and hopes to eventually have a presence in schools in all 50 states.


    • NSA ‘privacy director’ went on Tumblr to convince people ‘this is a real job’
      The NSA’s “Civil Liberties and Privacy Director” Rebecca Richards did a Tumblr Q&A Monday, answering a number of questions about her job and the agency’s privacy practices.

      Someone cut right to the chase and asked what we were all thinking: “Is ‘NSA Civil Liberties and Privacy Director’ a real position or is this all a joke?”
    • Memo to NSA: Stop Saying You Apply the FIPPs
      The intelligence community has no set of general principles for judging the privacy impact of their programs. Some privacy scholars believe that the Fair Information Protection Principles (FIPPs) serve this purpose and can apply to intelligence programs as they do to myriad other government programs. The NSA itself said in a recent report on collection under Executive Order 12333 that it was applying the FIPPs for the first time. But however appealing it may seem to apply generally applicable privacy principles to intelligence programs, it is simply impossible for the intelligence community to apply the FIPPs literally.


    • Ex-NSA and GCHQ spooks showcase Intel platform
      Darktrace, a cybersecurity company comprised of ex-spooks from NSA and GCHQ, has revealed details of its new behavioural analytics software.
    • Insight into the mind of a former NSA programmer/hacker
      Many cybersecurity specialists working for the NSA and GCHQ tend to get burned out, and then head to the private sector. It provides a unique opportunity to hear more about some of the efforts the US government have employed to conduct organized cyberespionage against foreign governments.


    • Wyden pledges to pursue NSA reform
      Legislation that would have ended the National Security Agency’s bulk data collection program stalled in the Senate last week, falling two votes short of the 60 needed to advance.

      Sen. Ron Wyden, D-Ore., a proponent of reining in what he views as the NSA’s overly broad surveillance powers, was undeterred by the setback. He was disappointed that senators were unable to debate the bill’s merits, because Republicans filibustered a motion to proceed, but pledged to return to the issue.
    • Viewpoint: Silicon Valley must step up privacy fight
      It's unlikely the valley will be able to innovate itself out of this mess. The right to privacy is one of the nation's most treasured principles. Silicon Valley needs to take a more active role in protecting Americans' privacy and restoring public trust in its products.


    • UN calls digital spying 'highly intrusive' and a violation of human rights
      The UN has expressed deep concerns about online spying - particularly on a mass scale - as it violates people's rights to privacy
    • Massive surveillance operations possible with explicit help from telecom companies
      U.S. and U.K. spy agencies including the NSA and GCHQ, respectively, have performed a variety of sophisticated spy operations, collecting massive amounts of personal data, as many Edward Snowden leaks revealed in the past year. German publication Süddeutsche Zeitung has published a new report that reveals that as far back as 2009 the GCHQ, and thus also the NSA, had massive access to submarine cable links around the globe with help from now Vodafone-owned Cable & Wireless.


    • GCHQ Paid Millions to Spy on UK Submarine Data Cables, Edward Snowden Reveals
      New documents leaked by Edward Snowden reveal Cable & Wireless, a UK company which is now part of Vodafone, was paid millions of pounds by the British government's spy agency GCHQ to tap into its undersea communications cables.
    • Five-eyes partners dilute UN resolution criticising metadata collection
      The “five eyes” surveillance partners – the USA, the UK, Australia, Canada and New Zealand – have joined forces to nobble a UN General Assembly committee's statements on digital privacy.

      While the General Assembly's human rights committee has adopted a non-binding resolution saying that “unlawful or arbitrary” mass surveillance, interception and data collection are “highly intrusive acts” and a violation of the right to privacy.


    • UN human rights panel passes resolution to protect privacy
      A landmark resolution demanding privacy protection in the digital age and urging governments to offer redress to citizens targeted by mass surveillance has been approved by the UN general assembly’s human rights committee, the Guardian reports.

      The resolution, which was adopted Tuesday, Nov 25, in the face of attempts by the U.S. and others to water it down and which comes at a time when the UK government is calling for increased surveillance powers, had been put forward by Brazil and Germany in the wake of revelations by U.S. intelligence whistleblower Edward Snowden about large-scale U.S. surveillance.
    • Should Schools Monitor Students’ Social Media Use?
      The electronic devices that give students instant access to the world for educational purposes are also their conduit to social media, and that presents a host of problems for school administrators.


    • Lee Rigby report expected Facebook to break US law
      Yesterday saw the publication of the Intelligence and Security Committee report into the events leading up to the murder of Lee Rigby. On reading it, one gets a sense of naivety from the members of the committee on how the Internet works, particularly when it comes to international jurisdictions. (Communications data is p139 onwards)


    • The US should not be allowed to run the internet
      A VACUUM HAS emerged over exactly who should manage and maintain the internet.

      A poll by CIGI and Ipsos showed that only 57 percent of respondents would be happy with 'a combined body of technology companies, engineers, non-governmental organisations and institutions that represent the interests and will of ordinary citizens and governments to play an important role in running the internet'.

      Even fewer are willing to let the geeks inherit the Earth, as only 54 percent approved of 'an international body of engineers and technical experts'.

      But the worst score of all was for the US government. Just 36 percent liked the idea of letting the nation run the show unilaterally.
    • UN Resolution Warns of ‘Intrusive’ Digital Spying
      Privacy concerns highlighted by UN Committee in wake of mass surveillance and data interception revelations

      A committee at the United Nations has expressed its deep concern over digital spying and surveillance, in the wake of the NSA revelations by Edward Snowden.


    • Lee Rigby murder should not be used as excuse for an increase in state power
      Yesterday, the Intelligence and Security Committee (ISC) issued its report into the murder of Fusilier Lee Rigby in Woolwich. Despite cataloguing a number of failures, the report claims that the security services couldn’t have prevented Lee Rigby’s killing, while appearing to claim that Facebook could have.


    • Open Rights Group response to the Counter-Terrorism and Security Bill
      ORG has also pointed out that parts of the legislation aimed at preventing extremism in educational and other institutions, “are so open-ended that they could easily lead to work-place surveillance, where employers would be obliged by guidelines to check their employees’ email and web history.”




  • Civil Rights



    • Amnesty International USA: Ferguson, the World is Watching
      Nearly 24 hours after the grand jury decision was announced, and after an initial night which included peaceful protests as well as widespread incidents of looting, arson and vandalism, Amnesty International USA Executive Director Steven W. Hawkins issued the following statement:

      “This has to be made clear - the burden to keep protests peaceful is shared. Armored vehicles, tear gas and smoke bombs used large-scale against largely peaceful protesters in order to quell acts of violence by a minority only serves to escalate and exacerbate an already incredibly tense environment.

      “Law enforcement officers have a right to defend themselves and a duty to protect the safety of the public, but this role should be carried out in a way that ensures full respect for the right to life, liberty and security of all persons, including those suspected of crime. Even when confronting violence, they must work within the law and in conformity with international standards governing the use of force.

      “The eyes of the world continue to watch the events in Ferguson as a measure of the United States’ capacity to respect the fundamental human right to assemble. Our right to protest peacefully should be bolstered by law enforcement, not inhibited through intimidation.”


    • Two More 'Police Incidents,' Shrouded in Media Euphemism
      The policies, practices and attitudes that lead to so many black people being killed by law enforcement have to be confronted. There are some things euphemism can't cover up.


    • Mexico: Revolution Day Protests End in Violent Police Repression; Protesters Charged with Terrorism
      Día de la Revolución 2014 (Revolution Day) was a national holiday that Mexican citizens will not soon forget. People in more than 16 Mexican states protested on November 20th including Campeche, Chiapas, Morelos, Michoacán, Sonora, Veracruz, Nuevo León, Coahuila, Tamaulipas, Guerrero, Nayarit and Jalisco. Activists in Mexico tell us they estimate half a million people participated in peaceful protests on November 20 demanding justice for the 43 missing normalista students from Ayotzinapa. The largest protests in Mexico City ended in a very violent police repression and arbitrary arrests by granaderos and 11 protesters are now charged with terrorism.



    • Oops: After Threatening Hacker With 440 Years, Prosecutors Settle for a Misdemeanor
      Thanks in part to America’s ill-defined hacking laws, prosecutors have enormous discretion to determine a hacker defendant’s fate. But in one young Texan’s case in particular, the Department of Justice stretched prosecutorial overreach to a new extreme: about 440 years too far.


    • New Security Bill will force online service providers to keep log of users' activity
      Major online service providers, such as Google, will be legally obliged to retain a log of users and the mobile phones or computers they have accessed in case police and security agencies later need the information to help them locate criminals. This measure will be included in the Counter-terrorism and Security Bill that is being introduced in the wake of Isis’s beheadings of prisoners, including British aid workers David Haines and Alan Henning, this year




  • Internet/Net Neutrality



    • Global coalition from 19 countries launches Thisisnetneutrality.org website
      Anyone who thinks that net neutrality is a boring technical issue for computer geeks needs to look outside the U.S. Netizens around the world aren't fooled by the confusing misdirection of industry lobbyists—they're championing the cause of an open internet by pushing for laws and policies that protect the features that made the internet what it is today. And they are just as fired up as President Obama himself was just this month, when he gave his full support for the open net. Net neutrality is not an American issue, or a European issue, or an African issue. It is increasingly a global human rights issue.



    • Letter to the Council of the European Union: "Don't Turn Your Backs on Net Neutrality!"
      Tomorrow on Thursday November 27th, the "Transport, Telecommunications and Energy" (TTE) Council will meet in Brussels to discuss the general approach on Telecom Single Market the Italian Presidency sent to the delegations of the Member States on November 14th. This text, which aims at protecting Net Neutrality and therefore the freedom of our communications, unfortunately lost the innovative and revolutionary features of the resolution voted by the European Parliament on April 3rd. The Italian Presidency, in fact, gives way to the industrial lobbies' interests and ignores the massive citizen mobilization which has taken place in the spring of 2014. Jeopardizing Net Neutrality means infringing the fundamental rights and freedoms of every single European citizen; for this reason and to remind our representatives their responsibilities, La Quadrature du Net and its European partners sent a letter to the Council of the European Union in order to call its ministers to reject the text under discussion and come back to a real protection of everyone's indicidual rights and freedoms.




  • Intellectual Monopolies



    • Copyrights



      • Senator Uses Piracy Report to Pressure Visa, Mastercard


        Chairman of the Senate Judiciary Committee Sen. Patrick Leahy (D-VT) has sent letters to Visa and MasterCard on the topic of online piracy. Citing a report from Netnames detailing the activities of the world's top cyberlockers, Leahy urges the services to stop doing business with all 'pirate' sites.


      • How an eBay bookseller defeated a publishing giant at the Supreme Court
        Sometimes all it takes to alter the course of history is one pissed-off person. Supap Kirtsaeng wasn’t a crusader or lone nut; he was just an eBay trader who got backed into a legal corner and refused to give up.

        To help pay for grad school at USC, he sold textbooks online—legitimate copies that he’d purchased overseas. But academic publishing behemoth John Wiley & Sons sued Supap, claiming that his trade in Wiley’s foreign-market textbooks constituted copyright infringement.

        The implications were enormous. If publishers had the right to control resale of books that they printed and sold overseas, then it stood to reason that manufacturers could restrain trade in countless products—especially tech goods, most of which are made in Asia and contain copyrightable elements such as embedded software.


      • UK music industry seeks review of law allowing fans to copy music
        The UK music industry is seeking a judicial review of new legislation allowing music fans to make copies of legally-purchased music, arguing that musicians must be compensated as a result of lost sales.

        The Musicians’ Union, the British Academy of Songwriters, Composers and Authors and industry body UK Music are taking legal action over the government’s new copyright legislation, which came into force on 1 October.


      • BT Starts Blocking Private Torrent Sites
        UK Internet provider BT blocked two dozen torrent sites this past weekend, including IPTorrents and TorrentDay, two of the largest private trackers. This is the first time that a UK ISP has blocked private torrent sites, and there doesn't appear to be a court order underlying their decision.


      • White House Admits That It Still Supports Parts Of SOPA: Wants To Make Streaming A Felony
        Last week, we wrote that Senator (and still for the next few weeks, Majority Leader) Harry Reid was looking for ways to push for a piece of SOPA, making streaming a felony, into law. The story we'd heard from multiple sources was that he was looking to attach it to the USA Freedom Act. His office came out and denied that claim vehemently. Still, multiple sources insisted not only that it was true, but that Reid was still looking for other vehicles to push that through. And... just days later, the White House responded to some (somewhat pointless) White House "We The People" petitions by... announcing that it, too, wanted to turn unauthorized streaming into a felony. This was in response to two separate petitions, Stop SOPA 2013 and Stop SOPA 2014. Neither petition made much sense, as SOPA has been long dead since early 2012. There was never any specific bill in either 2013 or 2014. And yet, Alex Niejelow, the chief of staff to the IP Czar (a position that is in limbo, as the new czar has been nominated, but not yet approved), used those petitions as an opportunity to reiterate that the White House, like Reid, supports making unauthorized streaming a felony.


      • Kim Dotcom: I Regret Not Taking Threat of Copyright Law and MPAA More Seriously
        Kim Dotcom has spoken out about his long battle over copyright with the US government and his regrets about the events that have led to his arrest ahead of his bail breach hearing on Thursday that could see him return to jail in New Zealand.

        "Would I have done things differently? Of course. My biggest regret is I didn't take the threat of the copyright law and the MPAA seriously enough," Dotcom said via live video link from his mansion in Auckland, New Zealand at the Unbound Digital conference in London on Tuesday.








Recent Techrights' Posts

KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024
Gemini Links 20/11/2024: Game Recommendations, Schizo Language
Links for the day
Growing Older and Signs of the Site's Maturity
The EPO material remains our top priority
Did Microsoft 'Buy' Red Hat Without Paying for It? Does It Tell Canonical What to Do Now?
This is what Linus Torvalds once dubbed a "dick-sucking" competition or contest (alluding to Red Hat's promotion of UEFI 'secure boot')
Links 20/11/2024: Politics, Toolkits, and Gemini Journals
Links for the day
Links 20/11/2024: 'The Open Source Definition' and Further Escalations in Ukraine/Russia Battles
Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites
Problems cannot be addressed and resolved if merely talking about these problems isn't allowed
Links 20/11/2024: Standing Desks, Broken Cables, and Journalists Attacked Some More
Links for the day
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban
Links for the day
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP
Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia
Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk
Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West
Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West
Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024
IRC logs for Tuesday, November 19, 2024