Bonum Certa Men Certa

Links 9/9/2015: Steam for GNU/Linux Rising, Plasma 5.4.1 is Out





GNOME bluefish

Contents





GNU/Linux



Free Software/Open Source



  • Human Interface Guidelines (HIG) for the Unix shell
    When I first got involved in Unix and open source, I was choosing a pseudonym for a little podcast that I do called GNU World Order. I naively thought that in a community that values technology and, frequently, speculative fiction, the name "Klaatu" would be a quaintly obscure reference to my favorite movies. Of course, I have since learned that "Klaatu" as your handle in the tech community is rather like "Bob Smith" in the real world, so online I am also sometimes known as "notKlaatu" to set me apart from the other Klaatus.


  • Events



    • Birthday party at Endocode in Berlin: 30 years Free Software Foundation
      On 3 October 2015 Free Software Foundation Europe invites you for the 30th birthday party of the Free Software Foundation. While the main event will take place in Boston/USA, there will be several satellite birthday parties around the world to celebrate 30 years of empowering people to control technology, and one of them will be at Endocode in Berlin.


    • Lightning Fast
      For the last two years, we had only lightning talks & workshops at the ownCloud Contributor Conference. This is an exceptionally good model for creation-type events like ours and your event might benefit from it, too.


    • Looking Ahead to New Linux/FOSS Promotional Events
      While the FOSS/Linux expo season is winding down – Ohio Linux Fest, All Things Open and the Seattle GNU/Linux Conference (SeaGL) next month, and Fossetcon in November in sunny Florida, before we ramp up for the first-of-the-year 2016 event at SCALE 14x in January – thoughts wander to other events that could possibly take place sometime in the future, with a little imagination.


    • Inkscape Workshop at Smallworld
      Last weekend, I had the first Inkscape workshop at smallworld. It was very successful, we had 13 participants.




  • Web Browsers



    • Mozilla



      • Mozilla pays it forward
        Mozilla and seven other organizations will be participating in the Grace Hopper Open Source Day codethon taking place during the main conference event, on October 14. Emma Irwin is a Community Education Lead with Mozilla, and talks to me about why Mozilla is involved in the codethon, what she gets out of it, and what participants learn from it.


      • Bugzilla Bug Tracker Was Key to Recent Firefox Security Snafu
        The Bugzilla bug tracker has been a major part of how Mozilla has kept Firefox secure and stable for a long time, but according to the company, it was also the key to a recent attack on Firefox browser users. "An attacker was able to break into a privileged user's account and download security-sensitive information about flaws in Firefox and other Mozilla products," Mozilla said Friday in an FAQ about the security snafu (PDF doownload available). "Information uncovered in our investigation suggests that the user re€¬used their Bugzilla password with another website, and the password was revealed through a data breach at that site."






  • SaaS/Big Data



  • Oracle/Java/LibreOffice



  • CMS



  • Education



    • Linux and Python education for students in Israel
      Now entering its third year, the ROSE (Red Hat Open Source for Education) Project is a cross-community effort that brings students from Tira together with students from Yonatan Middle School in Ra'anana to the Red Hat offices in Israel to learn about the Linux operating system and Python programming. The students spent six months on a weekly basis working and learning together. At the graduation ceremony executive members of both municipalities were present and awards were given to the students including two special achievement awards.


    • Apps, bots, drones, and 3D printers: Coming to a school near you?
      I work at a university, in the computer science department, and my college-age students have access to all this technology and more. Imagine the things they're able to do and create—better yet, imagine the things they'll be able to do and create in five years with the next generation of all these technologies in the workplace and at home.




  • FSF/FSFE/GNU/SFLC



    • The Free Software Foundation: 30 years in
      We're also endorsing hardware that respects users' freedoms. Hardware distributors whose devices have been certified by the FSF to contain and require only free software can display a logo saying so. Expanding the base of free software users and the free software movement has two parts: convincing people to care, and then making it possible for them to act on that. Through this initiative, we encourage manufacturers and distributors to do the right thing, and we make it easy for users who have started to care about free software to buy what they need without suffering through hours and hours of research. We've certified a home WiFi router, 3D printers, laptops, and USB WiFi adapters, with more on the way.




  • Public Services/Government



    • UK government publishes ODF guidance
      The UK government on 7 September published recommendations and guidelines on the use and implementation of ODF, the Open Document Format. The compendium is authoritative, from its general introduction to the recommendations on procurement, a guide on integration of ODF with enterprise software, software that allows collaborating on documents and a review of ODF’s change tracking features.


    • Munich Becomes A Big Contributor To Open-Source
      The arguably best town in the world is now even better! The beautiful city of Munich has become "a major contributor to open-source."


    • After Ditching Microsoft, the City of Munich Is Now an Open Source Contributor
      The city of Munich became famous in the open source community by ditching its dependency on Microsoft products and adopting open source. This, in turn, is having a secondary effect on the community because the developers working with the city are now contributing code back.


    • Belgian HR agency promoting use of open badges
      Selor, the recruitment and selection agency for the Belgian public administration, is encouraging the use of Mozilla’s open badges, aiming to make the recognising of skills and achievements interoperable across organisations and systems. The HR agency is one of the organisers of the first Belgian workshop on Open Badges on 26 November.




  • Openness/Sharing



    • 15 open web advocates to follow on Twitter
      Working on the Open Web is a niche area of the greater open source community. Usually the work does not get the same level of fanfare of other areas of open source, but the work is very important.

      Here, I've compiled a list of 15 people helping move the Open Web forward you should follow on Twitter. All of them are doing amazing work and have great content to share and will help keep you up to date on important things happening on the Open Web.


    • Every Lesson Is an Experiment with 'Open Source' Science Class
      If you ask Rosalind Poon about the science class of yester-year -- the kind my generation, my parents' generation and their parents' generation attended, where the entire class follows the same instructions for an experiment like it was a recipe for baking cookies -- it doesn't explain how real science happens.

      "If you think about champagne or penicillin," said Poon, teacher consultant with the Richmond School District and a trained biology teacher, "a lot of our discoveries are discovered by mistake."


    • Three New Experiments in Science Education


    • A closer look at the world's first open digital cinema camera
      The journey of the AXIOM camera began years ago with simple, small devices, and then gained suuport in 2014 with a successful Indiegogo crowdfunding campaign that exceeded its funding goal. A couple months later, a grant from the European Union gave the project the financial momentum it needed to move forward.


    • Open Data



      • Reedsy Launches Open Source Author Survey
        How much money do authors typically make? And how much does it cost an author to self-publish a book?

        Questions like these are part of a new author survey launched by Reedsy, an all-encompassing self-publishing platform.


      • Open Data: 'civic engagement' is on the cusp
        Mark Headd is the key guy when it comes to developer evangelism at Accela -- the firm provides cloud-based 'civic engagement' solutions for government.




    • Open Access/Content





  • Programming





Leftovers



  • Security



    • Security advisories for Tuesday


    • SELinux insides – Part2: Neverallow assertions


    • Researchers have disclosed severe security flaws within the firm's products over the holiday weekend.
      Ormandy's disclosures were made at the same time another researcher's findings, Kristian Erik Hermansen, were posted online. Hermansen publicly disclosed a zero-day vulnerability within cyberforensics firm FireEye's security product, complete with proof-of-concept code.


    • Seagate drives at risk of data theft over hidden 'root' account
      A public vulnerability disclosure warns that an attacker could remotely download files from an affected hard drive, thanks to the hard-coded default password.


    • HP Drops Support For Hacking Competition As Wassenaar Arrangement Continues To Make Computing Less Safe
      An international agreement to treat certain software as weaponized is well on its way towards making computing less safe. Recent changes to the Wassenaar Arrangement -- originally crafted to regulate the sale of actual weapons -- have targeted exploits and malware. The US's proposed adoption of the Arrangement expands on the definitions of targeted "weapons," threatening to criminalize the work done by security researchers. While the Arrangement will likely have little effect on keeping weaponized software out of the hands of blacklisted entities, it could easily result in a laptop full of security research being treated like a footlocker full of assault weapons.


    • Duo Security Research Reveals Half of Apple iPhones on Corporate Networks Run Out-of-Date Versions of iOS
      Duo Security, a cloud-based access security provider protecting the world's largest and fastest growing companies, today announced results from a Duo Labs research study focusing on mobile devices on corporate networks. Unpatched and end-of-life devices that are no longer supported by the manufacturer are much more prevalent than expected and create significant risk for corporate networks. The Duo Labs research draws on data gathered from thousands of customer deployments in more than 150 countries worldwide.


    • TSA Master Keys
      Someone recently noticed a Washington Post story on the TSA that originally contained a detailed photograph of all the TSA master keys. It's now blurred out of the Washington Post story, but the image is still floating around the Internet. The whole thing neatly illustrates one of the main problems with backdoors, whether in cryptographic systems or physical systems: they're fragile.


    • A Tale of Three Backdoors
      The tale of three backdoors: TSA locks, the CALEA interface, and the Dual_EC PRNG, all amply illustrate the dangers posed by backdoors in systems. For backdoors may fail catastrophically, degrade national security, and can potentially be used against those who demanded the backdoors in the first place. The scars born by the security field in dealing with failed backdoors provides ample illustration why we find the idea of backdoors troubling and dangerous.


    • reproducible builds are a waste of time
      Yesterday I read an article on Motherboard about Debian’s plan to shut down 83% of the CIA with reproducible builds. Ostensibly this defends against an attack where the compiler is modified to insert backdoors in the packages it builds. Of course, the defense only works if only some of the compilers are backdoored. The article then goes off on a bit of a tangent about self propagating compiler backdoors, which may be theoretically possible, but also terribly, unworkably fragile.

      I think the idea is that if I’m worried about the CIA tampering with Debian, I can rebuild everything myself from source. Because there’s no way the CIA would be able to insert a trojan in the source package. Then I check if what I’ve built matches what they built. If I were willing to do all that, I’m not sure why I need to check that the output is the same. I would always build from scratch, and ignore upstream entirely. I can do this today. I don’t actually need the builds to match to feel confident that my build is clean. Perhaps the idea is that a team of incorruptible volunteers will be building and checking for me, much like millions of eyeballs are carefully reviewing the source to all the software I run.

      The original source document doesn’t actually mention deployment of the whacked SDK, just research into its development. Perhaps they use it, perhaps they rejected it as being too difficult and risky. Tricking a developer into using a whacked toolchain leaves detectable traces and it’s somewhat difficult to deny as an accident. If we assume that the CIA has access to developer’s machines, why not assume they have access to the bug database as well and are mining it for preexisting vulnerabilities to exploit? Easy, safe, deniable.


    • Debian Reproducible Builds to Detect Spyware
      Debian has been getting a lot of attention the last couple of days for Jérémy Bobbio's work on Reproducible Builds. Bobbio has been working on this idea and implementation for a couple of years now, but after a presentation at Chaos Communication Camp last month it's come back into focus. In other Debian news, updates 8.2 and 7.9 were released.


    • Debian Linux versus the CIA
      Hidden backdoors into software have long been a concern for some users as government spying has increased around the world. Now the Debian project has taken aim at the CIA and other government spy agencies with reproducible builds that aim to stop hidden backdoors.




  • Defence/Police/Secrecy/Aggression



    • Operation Flavius and the Killer Cameron
      Exactly twenty years ago the European Court of Human Rights found that the British Government had acted illegally in shooting dead three IRA members in Gibraltar, even though the court accepted that the government had a genuine belief that they were planning a bombing attack. Indeed the court accepted the victims were terrorists, and refused compensation to their families on those grounds. But the court refused to accept there was no possibility of foiling the plot through methods other than summary execution.






  • Finance



    • Has the CETA free trade deal run into more trouble?
      The EU/Canadian Free Trade Agreement (CETA) may have run into more trouble following news that the EU trade commissioner, Cecilia Malmström, has indicated that that there are now “no plans” to change the initialed agreement containing a rejected ISDS clauses – as she had previously said would happen.

      The Investor State Settlement clauses – which allow secret courts to adjudicate on disagreements between companies and sovereign states and on the ability of companies to sue sovereign countries at the ISDS court if they believe a country has taken actions which effect their profits or interests – have been holding up what the commission has described as “legal scrubbing” – tidying up the legal language and drafting errors.




  • PR/AstroTurf/Lobbying



    • 6,000 drop in number of UK journalists over two years - but 18,000 more PRs, Labour Force Survey shows
      Government statistics suggest the number of employed journalists has declined by 6,000 from a peak of 70,000 in 2013.

      The latest figures, for the year to June 2015, estimate that 64,000 people in the UK describe themselves as “journalists, newspaper and periodical editors”.

      This is a slight increase on the figure for the year to June 2014 of 60,000, but still a decline on the 2013 total.

      Meanwhile, the number describing themselves as "public relations professionals" as risen sharply from 37,000 in 2013 to 55,000 in the last data.




  • Privacy



    • IBM just signed a brilliant deal with ARM to 'watch' billions of devices on the Internet
      IBM has scored a sweet new partnership with ARM, the company best known for designing the chips that power our smartphones and tablets. This deal will let IBM's cloud watch and analyze data from billions of devices on the internet.

      The Internet of Things is the trend of adding chips and sensors to everyday items (from dishwashers to thermostats) and connecting them to the internet.

      Sensors will do everything from monitor the health of industrial equipment to monitor your medical issues in a fitness device.


    • Apple and Other Tech Companies Tangle With U.S. Over Data Access
      In an investigation involving guns and drugs, the Justice Department obtained a court order this summer demanding that Apple turn over, in real time, text messages between suspects using iPhones.

      Apple’s response: Its iMessage system was encrypted and the company could not comply.


    • US claim on the world’s servers at a crossroads
      The Obama administration on Wednesday will argue to a US appeals court that companies operating in the US must comply with valid warrants for data—even if that data is stored on overseas servers.


    • Facebook’s Way Past Friends—It Wants to Be Your Whole World
      Facebook doesn’t just want to be a social network. It wants to be your world.

      At an event at the company’s Silicon Valley headquarters today, Facebook said that 45 million small businesses worldwide are now using Pages as their digital storefronts. And Facebook wants to make it even easier for you to find businesses, and for businesses to serve you, all within its app.

      [...]

      The crux of these new updates comes down to the increasing power of your phone. As more and more users gravitate to mobile, businesses are hoping to reach users where they are. But according to a recent Forrester study, 85 percent of time spent on smartphones happens within apps, not web pages. That’s a problem not just for small businesses but larger businesses, too, says Benji Shomair, Facebook’s product marketing director for Pages. Apps are difficult and expensive to build—plus most users wouldn’t want, say, a company-specific app anyway.




  • Civil Rights



    • Right Wing's False Narrative on Scott Walker Probe Fueling Attack on Election Watchdog
      Newly-released emails from the now-halted campaign finance investigation into Scott Walker and his allies are being touted by right-wing media as proof of the probe's partisan motivations.

      Yet in many ways, the documents show the opposite.

      The Wall Street Journal editorial board trumpeted the two emails, sent between two lawyers in 2013, claiming that they demonstrate "that partisanship drove Wisconsin's John Doe." Wisconsin Watchdog calls the emails "explosive," which "expose the regulator as hyper-partisan."

      In truth, the emails demonstrate that prosecutors had a stated goal of not influencing the gubernatorial election, and show a career federal prosecutor leaning over backwards to avoid doing so, ultimately erring on the side of helping Walker and undercutting claims of his opponent.


    • Commission won't ask EU judges to decide on legality of ISDS
      The European Commission will not ask EU judges to decide on the legality of the investor-state dispute settlement (ISDS) mechanism in free trade agreements such as the Transatlantic Trade and Investment Partnership (TTIP).


    • European migrant crisis: Top UN official urges 'global response' for asylum seekers; Germany calls for joint system
      The United Nations' top official in charge of migration says that the crisis rocking Europe needs a "global response" amid a warning from the European Union that the situation could last for years.


    • Cautious on Syria war, Obama now cautious on refugee crisis


      During the past four years, 4 million Syrians have fled their country's civil war. The US has accepted just over 1,500 refugees, so far allowing Europe to take the lead on the issue.


    • Confidential Informants: Inherently Trustworthy Until They're Not
      The Tampa Police Department has suddenly been put in a very uncomfortable situation. On May 27, officers executed a raid on an alleged drug dealer. By the time it was done, one suspect had been killed by the SWAT team and only $2 worth of marijuana -- 0.2 grams -- had been recovered.

      It was a righteous kill. Letting themselves in through an unlocked door after no one answered their knock, the SWAT team came across Jason Westcott in his bedroom. Westcott had a gun (a legally-owned one) which he raised when the cops came crashing through the door. He was shot multiple times. Open/shut. Officers in danger, suspect with weapon, etc.


    • As Systems Collapse, Citizens Rise
      As we see pictures of German citizens cheering tens of thousands refugees arriving from Syria and other war zones, we may be witnessing an emerging pattern of the years to come: bureaucracy is failing (EU), systems collapsing (millions of Asylum seeking refugees in urgent need of helping hands) -- AND: citizens rising to the occasion!




  • DRM



    • Here’s Why Netflix Won’t Let You Download Movies
      Now that some Amazon Prime subscribers are able to download movies and TV shows for offline viewing, rival streaming company Netflix has been left to defend its reasoning for not offering a similar service.




  • Intellectual Monopolies



    • IP Enforcement Czar Wants To Hear From You About Government's IP Enforcement Plan
      It's that time again. The White House's IP Enforcement Coordinator (IPEC) -- often called the IP Czar -- is asking for public input on the upcoming "Joint Strategic Plan on Intellectual Property Enforcement" that it will be releasing next year. The Joint Strategic Plan comes out every three years and is supposed to guide the federal government in how it handles priorities around intellectual property enforcement. Now, I recognize that the cynical among you will already be insisting that there is no value in responding to this, because the government is going to simply repeat the arguments of the legacy industries and its copyright extremists. However, in the past, these open comment periods have actually helped, and the two previous Joint Strategic Plans have not been as bad as expected. In 2010, we sent in our feedback and was pleasantly surprised that at least some of it was reflected in the plan. It recognized the importance of fair use and encouraging innovation. It also admitted that most studies on the impact of intellectual property on the economy were bogus.


    • Copyrights



      • Minding the gap in research and policy
        Opening keynote speaker Julia Reda, MEP for the German Pirate Party, started the debate by calling for more and better evidence. Recounting a number of tales of poor stats, she warned that industry lobbyists are quick to fill the evidence void.

        [...]

        Closing keynote speaker Pamela Samuelson, Berkeley, encouraged academics to write more for non-academic audiences. She recounted her great fear that she would never be taken seriously again after penning an article for WIRED on the 'Copyright Grab.' Her fears were unfounded, but it does touch on a key point - there is a cultural taboo associated with non-academic publishing within academia. (Aha! That explains the slight terror I have every time I click the Blogger 'publish' button.)


      • Kim Dotcom Seeks Delay of 10th Scheduled Extradition Hearing


        Kim Dotcom and his former business partners want to delay an extradition hearing scheduled to take place in two weeks' time. The U.S. government wants Dotcom to face the largest copyright infringement trial in history but the Megaupload defendants say a fair hearing will be impossible if they aren't able to fund expert witnesses outside New Zealand.


      • Police Raid Fails to Dent UK Top 40 Music Piracy
        A raid last week by the UK's Police Intellectual Property Crime Unit has done little to reduce the availability of packs containing the country's most popular music tracks. Aside from the disappearance of the torrents usually uploaded by the individual who was arrested, it was very much business as usual during last Friday's global release day.


      • Getty Images Goes Copyright Trolling After A Meme Penguin
        Getty Images has a bit of a reputation for being a ridiculous copyright troll at times -- sending out threatening letters demanding large sums to "settle" for people who use an image from Getty's database. But, now, it appears to have taken the trolling to a new level, as the German blog GetDigital.de revealed last week when it reported that Getty had demanded nearly $1,000 for one year's use of an image of a penguin that is actually part of a semi-popular meme, better known as the Socially Awkward Penguin.








Recent Techrights' Posts

"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
Over at Tux Machines...
GNU/Linux news for the past day
 
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024
Gemini Links 11/10/2024: Against Cynicism, on Atheism, and Dropping Off The Internet
Links for the day
IBM Employees Smell Another Wave of Mass Layoffs (and Explain the Signs)
IBM currently has the policy of hiding the layoffs from shareholders and from the press using NDAs
Links 11/10/2024: Lots More Censorship and Growing Concerns About Health Impact of Social Control Media
Links for the day
Going Almost 4.5 Decades Back to Find 'Dirt' on a Person
That incident was 42.5 years ago. Is that how far some people would go in an effort to discredit a person?
XBox is Dead. This is Just the Beginning.
the main reason Microsoft bought Activision/Blizzard was to hide the growing losses and failure of XBox
The Risk to the "Linux" Brand
Brands that are not guarded from misuse/abuse will inevitably lose their original meaning and their value
Gemini Links 11/10/2024: Deploying Common Lisp Programs and Examining FreeBSD
Links for the day
Links 11/10/2024: Discord Still Blocked in Turkey, Google Might be Split
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 10, 2024
IRC logs for Thursday, October 10, 2024
LinuxSecurity (Guardian Digital, Inc) Sloppy With Its 'Linux' Slop
This kind of stuff is killing the World Wide Web and ruins human knowledge
[Meme] Chin-dropping and Jaw-dropping (Considerable Drop in Patent Validity and Quality)
This drop is very much intentional
Gemini Links 10/10/2024: Untruth, SSH, Gopher, and More
Links for the day
Geminispace Beyond 4,100 Capsules
4,000 was less than 8 weeks ago
Links 10/10/2024: TikTok's Legal Problems, WeblogPoMo Challenges
Links for the day
[Meme] European Patent Convention and Vienna Convention Became Only Fictions (Laws and Constitutions Are Now Works of Fiction in Europe)
A political crisis and blunder
Almost a Thousand EPO Staff Protesting to EPO Member States That the Office Illegally Grants Software Patents and Other Invalid European Patents
"The outcome confirms that the concerns about the EPO’s ability to grant legally sound patents remain"
Loss of Technical Merit(ocracy)
"buzzword diplomas"
Junk Science
science is being compromised for business purposes
[Meme] Dismantling .io (Stick a Fork, the Hype is Done)
NVIDIA is an excellent new example of hype driving up fictional "value"
UNIX is 55 This Year, It is 6 Years Older Than Microsoft
It should be noted that the surviving co-creator of UNIX, Ken Thompson, 'moved' to GNU/Linux (Debian) in recent years
This Year, for the First Time Since August 2019 (Bill Gates MIT Scandal, Jeffrey Epstein Bribes), libreplanet-discuss Was Inactive an Entire Month
The MIT injustice remains and recent "libreplanet" events were held in a venue that's not MIT and far less prestigious than MIT (the "Wentworth" imitation)
[Meme] Different Ending for Jurassic Park
UNIX in old movies
Evolution of Hype
Passing fads and rebranding
Groklaw Will Hopefully Come Back
Sites should be able to run for decades with hardly any human role/interaction, but that's not where we are...
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 09, 2024
IRC logs for Wednesday, October 09, 2024