There are many different operating systems around and they have their weaknesses. There’s a long-standing fun write-up that compares operating systems with airlines. It states that if you’re boarding Linux Air, you’ll end up having a great experience.
The entire idea of one year or another being the year of the Linux desktop has become an insider joke among many within the FoSS community. The reason: the entire concept is deeply personal. What was a good year for the Linux desktop for one person might not have been for someone else.
For example, I'd suggest that the year that Knoppix Linux became popular was clearly the Year of the Linux desktop. For the first time, anyone who wanted to try Linux on their PC without installing it, could do so very easily. A lot of people believe the first live distros were Ubuntu in nature when it fact, Debian inspired Knoppix and later Simply Mepis were among the first.
In recent years, we've seen changes to the Linux desktop that have surprisingly outperformed my expectations.
Today in Linux news Matt Hartley asked if 2017 just might be that fabled "year of the Linux desktop." Ada Ivanova has six suggestions in LibreOffice extensions while Bruce Byfield is afraid MUFFIN is "an over-hyped and misplaced effort." Christine Hall is back with more on Mint and I thought I'd share a few thoughts on my experience in Bluestar Linux.
2016 was unequivocally Linux’s best year yet. It’s on more devices than ever before and more secure than ever before. Were there embarrassing moments along the way? Yes, I kept reasonably close to the news and watched a few of these evolve and get patched as quickly as they were found.
I’d also like to predict that 2017 will end being Linux’s best year yet. And I’ll even go one year further than other folks making predictions and say that 2018 will top them all.
Finally, beginning and intermediate Linux users should check out Open CourseWare for Linux from College@Home. This is a good find. The site offers free online courses on many Linux-related topics. You can take concise courses on using Ubuntu, GnuCash (finance software for Linux), FreeMind (mind mapping software), Gentoo Linux, GIMP, and more.
Arcan is the project we first wrote about earlier this year as an open-source display server built atop a game engine and with Lua scripting support. It's been in development for years and progressed a lot this year. Lately the developer has been working on X11 and Wayland compatibility for Arcan.
Development of the X.Org Server by commits and new code barely passed the low amounts achieved in 2015, which in turn is significantly lower -- halved or more -- than just a few years prior.
For helping not only their Ubuntu laptop customers but all NVIDIA Linux users, System76 has recently been working with the green GPU firm over getting more fixes into their proprietary driver.
System76, the Linux hardware supplier for laptops, desktops and more has been working with NVIDIA on fixing up their drivers.
It's good to see more companies get involving in speaking with and working directly with NVIDIA to improve Linux graphics drivers. It's important for our future to have stable drivers as it makes the experience for everyone so much better. Every little issue fixed would hopefully make us look more attractive to people new to Linux too.
In the NVIDIA 375.26 driver two bug fixes made it in thanks to System76: The screen backlight not coming on after entering idle mode and the driver not detecting when the power source had changed (say between battery and being plugged in).
They are still working on a bug involving the screen backlight not adjusting properly, which should arrive in a future driver.
I spoke with their community manager Ryan Sipes about it to see if I could find out a little more.
Last week I published a 31-way Linux graphics card comparison with an assortment of both NVIDIA GeForce and Radeon graphics cards using the latest Linux drivers. I also published a variety of Vulkan benchmarks. In those tests the open-source Radeon driver stack was used given that's what AMD is endorsing these days for Linux gamers with AMDGPU-PRO not even working on all modern Linux distributions. But for those curious how AMDGPU-PRO compares to those big result data-sets, here are those -PRO results to share today.
Wayland much progress in 2016 and arguably the biggest milestone of it shipping by default in Fedora 25 Workstation with the GNOME 3.22 desktop.
Aside from the GNOME Wayland session premiering as the default on the Fedora desktop this year, many other milestones were achieved. This includes a lot of progress by KDE on their native Wayland support, toolkit support for Wayland continuing to improve, Vulkan working on Wayland, various other compositors advancing their Wayland support, NVIDIA publishing their EGLStreams support for Wayland, new Wayland protocol and Weston features, more Linux desktop programs losing their hard dependencies on X11, and various other efforts.
It's unfortunate that the Beignet developers weren't able to get OpenCL 2.0 support fully working for Intel graphics hardware by the end of 2016, but nevertheless the project is ongoing and more OCL2 work landed today.
One of the criticisms towards Wayland is the lack of a Window Manager concept. This to have an option of a different window manager behaviour/experience without needing to write a whole compositor as well. On LWN, daniels confirmed that it’ll become easier with time thanks to libweston.
Given this weekend's release of Darktable 2.2 as a big upgrade to this open-source RAW photo workflow software, here are some fresh benchmarks of NVIDIA GeForce and AMD Radeon graphics cards under Linux when making use of the program's OpenCL support, which did see some improvements during this v2.2 cycle.
The developers of the open-source and cross-platform darktable RAW image editor proudly announced the release and general availability of the 2.2 stable series, a major release that brings countless new features and improvements.
Although open-source software excels at innovation and leverages the immense power of talented developers dedicated to solving difficult problems, the focus is rarely on enterprise capabilities, asserts CloudBees, the hub of enterprise Jenkins and DevOps. Fortunate for Jenkins developers, CloudBees, Inc., has announced CloudBees Jenkins Enterprise, a Jenkins distribution aimed directly at enterprises that "ensures the highest levels of testing and verification, providing smooth upgrades and the most reliable and stable Jenkins foundation for software development and DevOps teams".
Here's another Christmas present for your kids, that, of course, if you use open-source software products: the GCompris educational software reached version 0.70, an important milestone that brings many goodies.
GCompris is a cross-platform application available for GNU/Linux, Android, and Microsoft Windows operating systems, and it's widely known as a high quality educational software suite that consists of a collection of multiple activities for children aged 2 to 10.
After being in development for more than thirteen years, the open-source and cross-platform HandBrake video converter reached 1.0.0 milestone, and it can now finally be considered a mature application for editing various video file types.
Are you looking to create a destination on the web, or perhaps a blog? If so, you're probably very aware of many of the tools from the open standards and open source arenas that can make your work easier. Still, these are always spreading out at a fast clip and there are some applications and tools that are rarely discussed. Here at OStatic, we try to regularly update our collections focused on them. In this post, you'll find our latest updates on numerous free resources for web development that range from complete online courses available for free to unsung applications.
Stellarium developer Alexander Wolf announce on the first day of Christmas the availability of the first point release of Stellarium 0.15 open-source, free, and cross-platform planetarium software.
It's so damn simple to use which is why I love it! You draw a box on the screen and record away, then you can adjust the frames and export it to a gif or an MP4. It's simple and does the job.
Maybe you don’t like Kgif. Maybe you don’t like Qgifer or any other gif making tool available for Linux.
A big update to the Open-Source Computer Vision library was quietly released just before Christmas.
OpenCV 3.2 features many improvements to the DNN module, support for more image formats and camera back-ends, an interactive camera calibration application, more algorithms have been added, support for the newest operating systems, various Intel and ARM architecture optimizations, support for using a vendor-provided OpenVX and LAPACK/BLAS libraries, and much more.
A new version of the open-source OpenVPN virtual private network software stack is now available.
After you get Linux up and running on your computer, there are still a few things left to do. Here’s a short list of things newcomers might find helpful.
Those who are new to Linux might just go to work right away after installing, or having someone else install, GNU/Linux. However, there are a few things you should do first. Some of them, such as updating your system and activating the firewall, are essential. Others are just things you do to customize your Linux experience.
Here’s a short checklist of things to do after you get Linux up-and-running on your computer. You should consider the first two items on this list as being required, with all the other items being optional. The list is specific to Linux Mint 18.x Xfce Edition, so if you’re using another flavor of Linux, you’ll be better off searching for another list.
Today, December 27, 2016, the development team behind the OpenMW open-source Elder Scrolls III: Morrowind engine reimplementation for GNU/Linux, macOS, and Windows operating systems proudly announced the release of OpenMW 0.41.0.
OpenMW 0.41.0 is yet another maintenance update that paves the way towards the major OpenMW 1.0 milestone, which promises to be the biggest release of role-playing game. It comes three and a half months after the OpenMW 0.40.0 build and promises to implement a bunch of new features, but also to fix numerous issues reported by users.
I like survival games, but often I find them hard to get into. Wrongworld [Official Site] looks like it will make that rather easy, as it just looks so damn funny.
Behold Studios, those behind Knights of Pen & Paper and Chroma Squad have now officially announced their new game: Galaxy of Pen & Paper [Official Site]. It will have Linux support too and it sounds interesting.
The developers said they have been working on it now for two years, and it is a Pen & Paper sequel, but this time in a science fiction setting.
No specific release date set, but it will be sometime in 2017. The only announced store is currently Steam, but they specifically stated Linux in all their press materials and it's included in the teaser video too.
Earlier today I released sway 0.11, which (along with lots of the usual new features and bug fixes) introduces support for security policies that can help realize the promise of a secure Wayland desktop. We also just started a bounty program that lets you sponsor the things you want done and rewards contributors for working on them.
A new release of the Sway Wayland Compositor is now available, which continues as an i3-compatible Wayland solution.
Tuesday, 27 December 2016. Today KDE releases a Bugfix update to KDE Plasma 5, versioned 5.8.5. Plasma 5.8 was released in October with many feature refinements and new modules to complete the desktop experience.
As expected, KDE announced today the general and immediate availability of the fifth maintenance update to the long-term supported KDE Plasma 5.8 desktop environment for GNU/Linux distributions.
KDE Plasma 5.8.5 is the fifth planned bugfix release of KDE Plasma 5.8 LTS, and also the last for 2016. According to the changelog, which we've attached at the end of the article, this point release fixes a total of 57 issues reported by users since last month's KDE Plasma 5.8.4 maintenance update.
Among the components that received the most attention in KDE Plasma 5.8.5 LTS, we can mention Plasma Workspace, Plasma Desktop, Plasma Discover, and KScreen. Additionally, the Plasma add-ons, Breeze icon theme, KWin window manager, libkscreen, plasma-integration, and Plasma NetworkManager (plasma-nm) got small fixes.
We in this case are myself and the KDE Visual Design Group, and we would absolutely welcome input from everybody out there, because you are the people we want to be able to make happy. So please, get in touch and we will greatly enjoy listening to your amazing ideas, so we can create the best Peruse possible.
KDE contributor Bhushan Shah announced today, December 28, on his personal blog that the development team behind the Plasma Mobile operating system is considering a rebase to either AOSP or Lineage OS from CyanogenMod.
We are at almost end of 2016, unfortunately 2016 also took away great project with it, Cyanogenmod. However there is fork named LineageOS in pipeline. Given we switched our android base to CyanogenMod earlier, lots of people asked me how this will affect Plasma Mobile?
We used CyanogenMod source tree and kernel for generating minimal android system which is used in hammerhead port. All of them are available on github currently. However it is not clear that upto when it will be available and will receive updates given code review system (gerrit) for CyanogenMod is offline. At this point we have two options...
Given the fall of CyanogenMod, it appears KDE Plasma Mobile developers are looking at switching its phone/mobile base operating system over to the upstream Android Open-Source Project (AOSP).
The team behind The Randa Meetings is pleased to announce a community partnership with the KDE e.V. The Randa Meetings is the largest sprint organized by KDE, where roughly fifty KDE contributors meet yearly in the Swiss Alps to enjoy seven days of intense team work, pushing KDE technologies forward.
For the past years the sprints were organized by a core Swiss team and supported by the KDE community. Organizing sprints was challenging, but the result always justified the efforts. To keep the yearly sprints going and make easier the work for the Swiss core team, the Randa Meetings have now become an official KDE e.V. community partner.
Ricardo Wurmus of the GNU Guix project proudly announced the release and general availability of new versions of the GuixSD GNU/Linux distribution and the Guix package manager.
Guix System Distribution (GuixSD) is a Linux-based, stateless computer operating system designed for power users. It uses the GNU Guix advanced package management system, and the latest version, 0.12.0, is here approximately four moths after the previous release to add a bunch of improvements and new features.
We should improve openSUSE and hold the position of being one of the best Linux distributions.
The U.S. Navy has awarded DLT Solutions a potential five-year, $133.4 million blanket purchase agreement to provide Red Hat (NYSE: RHT) software licenses for the service branch.
The BPA has a base ordering term of one year worth approximately $22.8 million and four option years for firm-fixed-price task orders, the Defense Department said Tuesday.
It’s that time of the year. We all look back at 2016, think about the good and bad things, and wish that Santa brings us the gifts we deserve. We, at Red Hat, are really proud to bring you a present for this holiday season: a new version of Red Hat OpenStack Platform, version 10 (press release and release notes). This is our best release ever, so we’ve named it our first Long Life release (up to 5 years support), and this blog post will show you why this will be the perfect gift for your private cloud project.
Below is a three month price history chart comparing the stock performance of FB vs. RHT...
Last week shares of Red Hat (RHT) were obliterated after the company reported a disappointing third quarter. On Dec. 21, Red Hat reported third-quarter fiscal 2017 earnings of 61 cents per share, 3 cents better than the consensus estimate. The 3-cent beat came from a lower-than-expected tax rate.
The 15 analysts offering 12-month price forecasts for Ally Financial Inc have a median target of 23.00, with a high estimate of 32.00 and a low estimate of 21.00. The median estimate represents a +15.87% increase from the last price of 19.85.
I hope everyone is having a lovely holiday season and doing the things they find fun or recharging.
Ferdinand Thommes was proud to announce on Christmas Eve the release and general availability for download of the siduction 2016.1 "Patience" GNU/Linux operating system.
It's been two weeks since our last report on the latest security updates pushed to the stable repositories of the Debian-based Parsix GNU/Linux operating system, and a new set of patches for various software components arrived the other day.
Canonical's Till Kamppeter sent a message to the Ubuntu development mailing list to invite early adopters of the upcoming Ubuntu 17.04 (Zesty Zapus) operating system to test a brand-new printing system implemented recently in the GNU/Linux distribution.
It would appear that Ubuntu 17.04 received support for IPP Everywhere printers, which means that you'll finally be able to print to network printers without special software or drivers, as well as Apple AirPrint support, so you can create full-quality printed output without the need to download or install drivers on your Ubuntu Linux operating system and without having access to a Windows or Mac computer.
Not everyone is happy about the state of Ubuntu Phone, especially with the lack of any recent updates on the matter, no clear vision being had anymore for the project, convergence running behind schedule, and limited communication about OTA-15 as the next update. Given the situation, one Ubuntu Phone customer even comically announced Ubuntu Crickets given Canonical developers being silent over future Ubuntu Phone plans, no timeline for OTA-15, and no word on whether there will be future phone models and thus just the sound of crickets chirping.
Huawei announced that it has shipped more than 10 million units of the Huawei P9 and P9 Plus since they made their debut in April. The phones are the first flagship-tier devices from Huawei to break the 10 million mark, and the milestone highlights the brand's growth in the smartphone segment over the course of the year.
A great blow for Android users, CyanogenMod OS is officially dead. The company that aimed to create better versions of the Google Android OS is shutting down. Through separate blog posts released over the past few days, both Cyanogen Inc. and CyanogenMod have announced that they are shutting down.
I love Christmas and the whole holiday season, but now that it’s all but over for 2016, I’ve got to say, that I’m starting to get excited about 2017 and Android. As much as I’d also like to sit here with everyone else and continue to complain about how sh*tty parts of 2016 is/was, there are some good things on the horizon to consider. Plus, don’t we all need some positivity in our lives at this moment? (RIP, George and Carrie.)
Woolim is a small, white Android device that looks like a fairly standard tablet. The hardware itself is made by Chinese manufacturer Hoozo, but the North Korean government has removed some components such as those for wi-fi and bluetooth, and put its own bespoke software on top.
After the researchers presented work covering RedStar OS, North Korea’s Linux-based operating system, a South Korean NGO offered the tablet to the group. Woolim is just one of several tablets designed for North Korea, but Woolim appears to be the most recent, likely dating from 2015.
Open sourcing your code is only a small part of building a successful open source community. Like any new venture, you need a vision of what you want to achieve and a concrete plan that will take you there. You want to be able to answer questions about your project like...
After the introduction of "cheap" computers, we had boxes of floppy disks with amazing software like FreeHand, QuarkXPress, CorelDraw, and many others. And all could be had for only a few hundred dollars. At that time, we had to order the boxes of disks from software publishers and install them, disk-by-disk. Then publishers would introduce new, incredible enhancements and upgrades that could be purchased for… a couple hundred bucks.
As 2016 comes to a close, it is time to bring you the best 10 Free and Open Source Software (FOSS) programs I have come across during this year.
Some of these programs may not be new in that they weren’t released for the first time in 2016, but they are new to me and I have found them helpful.
No one has a crystal ball to see the future of technology. Even for projects developed out in the open, code alone can't tell us whether or not a project is destined for success—but there are hints along the way. For example, perhaps it's not unreasonable to assume that the projects that will help shape our future are those projects that have first seen rapid growth and popularity among the developer community.
So which new projects should an open source developer watch in 2017? Let's take a look at a few projects that emerged in 2016 to achieve rapid notoriety in the GitHub community.
To develop this list, I went through GitHub with a focus on projects whose repository was created in 2016, and looked at the projects ranked by number of stars. It's not a perfect system; there are, of course, repositories that contain something other than an open source project, and so these were omitted from the list. Of course, there also were many great projects introduced in 2016 whose development took place somewhere other than GitHub. Admittedly, the process of picking these 10 projects to watch for 2017 from a pool of many choices was as much of an art as a science. But I still think these projects are worth keeping an eye on in the new year.
The industry is still adapting after two years of significantly depressed prices. On top of this, ‘the great crew change’ has meant a significant loss of experienced folks who understood processes and the business. These two factors have forced a technology transformation throughout the value chain to help reduce costs and get ahead of the competition.
Advanced analytics, enabled by open source technologies such as Apache Hadoop play a key part.
As 2016 began, more bold predictions for the artificial intelligence and machine learning spaces were arriving, and there are very some promising, newly open sourced tools have arrived this year. We've been covering these promising tools and conducting some relevant interviews with leaders in the AI and machine learning arenas.
You may have noticed (but you probably did not), but on 2017-02-04, at 14:00, in room UB2.252A (aka "Lameere"), which at that point in time will be the Virtualisation and IaaS devroom, I'll be giving a talk on the Network Block Device protocol.
HackIllinois, a student-run hackathon hosted by University of Illinois Urbana-Champaign, is heading into its fourth year this February. The event brings together students from around the country to work on coding challenges, learn new skills and connect with tech companies, at a school known for its coding prowess. It's one of the premier events in the Midwest, organizers say: Last year they had over 1,500 attendees.
Believe it or not, the free and open-source SeaMonkey Internet suite produced by Mozilla and consisting of a web browser, e-mail and chat client received its second big update for 2016, versioned 2.46.
SeaMonkey 2.46 is here more than nine months since the 2.40 release, and it's a major milestone that has been built on the same Mozilla platform as the Firefox 49.0 we browser. It brings lots of improvements and support for the latest Web technologies, including HTML5, JavaScript, as well as better hardware acceleration. The biggest change being support for HTML5 full-screen video playback on YouTube and similar sites.
Late last year, Docker announced its Ecosystem Technology Partner program, thorough which it has sought to partner with organizations to offer customers better logging and visibility of their Dockerized applications. Throughout 2016, Docker continued to form key partnerships, and now Cloudera has announced that it has partnered with Docker, Inc. to provide Commercially Supported (CS) Docker Engines with a jointly developed solution to secure Docker container volumes.
The integrated solution is targeted to let government agencies share data via cryptographically secure containers as part of a partnership where Cloudera provides level one and level two technical support backed by Docker.
etcd is a key-value store for the most critical data of distributed systems. Use cases include applications running on Container Linux by CoreOS, which enables automatic Linux kernel updates. CoreOS uses etcd to store semaphore values to make sure only subset of cluster are rebooting at any given time. Kubernetes uses etcd to store cluster states for service discovery and cluster management, and it uses watch API to monitor critical configuration changes. Consistency is the key to ensure that services correctly schedule and operate.
A lot of companies and organizations have adopted Prometheus and the project quickly gained an active developer and user community. It is currently a standalone open source project maintained independently of any company. In 2016, Prometheus joined the Cloud Native Computing Foundation as the second hosted project after Kubernetes. We talked to Björn Rabenstein, engineer at SoundCloud and Prometheus core developer, about how Prometheus can help companies adopt DevOps.
The Kubernetes community is building a platform that will make application development completely cloud infrastructure agnostic. Sam Ghods, co-founder of Box, said Kubernetes’ combination of portability and extensibility put it in a class of its own for cloud application development, during his CloudNativeCon keynote in November.
Running applications in our brave new container orchestration world is like managing herds of fireflies; they blink in and out. There is no such thing as uptimes anymore. Applications run, and when they fail, replacements launch from vanilla images. Easy come, easy go. But if your application needs to preserve state, it and must either take periodic snapshots or have some other method of recovering state. Snapshots are far from ideal as you will likely lose data, as with any non-graceful shutdown. This is not optimal, so Apache Mesophere's Isabel Jimenez and Kapil Arya presented some new ideas at LinuxCon North America.
A common rap against OpenStack is that the platform hasn’t caught on with public clouds. But that’s too U.S.-centric of a viewpoint, according to findings published by Forrester Research this week.
OpenStack is generally associated with private clouds. When it comes to public clouds, the platform hasn’t had a great year, PR-wise. VMware scaled back its infrastructure-as-a-service (IaaS) ambitions. Hewlett Packard Enterprise (HPE) sold its OpenStack assets to Linux provider SUSE. And Cisco recently announced the end of its Intercloud platform.
Some companies are even abandoning the public cloud in favor of private, OpenStack-based clouds, Bryce said. “We’ve seen a wave this year of companies that went very heavily into the public cloud and then started to bring pieces of their workload back in-house with an OpenStack private cloud because it was dramatically cheaper for steady-state workloads.”
LibreOffice is already packed with features, and I bet there are dozens of them you rarely or never use. However, it’s possible some of the features you need don’t come with LibreOffice by default but in the form of an extension. Here is a list of some of the best LibreOffice addons that will provide the greatest value for you.
Effective from January 1st, 2017, access to LibreOffice Certification will be extended to volunteers active at global and local levels, members of not-for-profit bodies sitting in the Advisory Board (namely, FSF, FSFE, Gnome Foundation and KDE), and for individuals whose competence and commitment are demonstrated by facts (successful migrations and trainings). In addition, Members of the Certification Committee can invite people to apply for certification, even if they do not belong to the approved categories, based on their direct relation, and to the competence and commitment of these individuals.
The Education and Training Board of the City of Dublin has signed a EUR 158,400 support contract for its current Moodle eLearning environment, it announced in late November. The city’s cloud-hosted Moodle implementation was awarded to Wholeschool, an eLearning specialist in Northern Ireland.
Undeadly editor Peter Hansteen (pitrh) recently spoke to the Bergen (BSD and) Linux User Group (BLUG) on the subject "OpenBSD and you", and has shared the slides from the talk.
With its emphasis on open source and open data, and modular, interoperable ICT solutions, OS2 is challenging Denmark’s incumbent public administration ICT organisations. The community favours smaller ICT development cycles, avoiding IT vendor lock-in and fostering sharing and reuse.
The Swiss Federal Department for Building and Logistics (BBL) is looking for providers of ICT services with experience in the use of GeoNetwork, open source tools for geolocation information. BBL hopes to sign an 8 year framework contract for consulting, software development and support.
The cost to fabricate one sculpture is about $100 and this design meets all of her goals. It makes me think of the Little Free Library project — a welcoming and fun movement where small weather-resistant bookshelves are built and installed throughout the community. It encourages interactions beyond the small sphere of people you regularly interact and builds goodwill throughout the community. Invisible looks to the same benefits, to add something you’ll notice in your daily life while helping to encourage interaction in real life.
Germany's DEAL project, which includes over 60 major research institutions, has announced that all of its members are canceling their subscriptions to all of Elsevier's academic and scientific journals, effective January 1, 2017.
Science is one of the most remarkable inventions of humankind. It has been a source of inspiration and understanding, lifted the veil of ignorance and superstition, been a catalyst for social change and economic growth, and saved countless lives.
Yet, history also shows us that its been a mixed blessing. Some discoveries have done far more harm than good. And there's one mistake you will never read about in those internet lists of the all-time biggest blunders of science.
The worst error in the history of science was undoubtedly classifying humans into the different races.
Enterprises, governments and end users faced no shortage of security challenges in 2016. As the year draws to a close, we wonder: What security trends will continue into 2017? What will be the big security stories of the year to come? Many trends emerged in 2016 that are very likely to remain key issues for organizations of all sizes and shapes in 2017. Among them is the continued and growing risk of ransomware, which emerged in 2016 as a primary attack vector for hackers aiming to cash in on their nefarious activities. In 2016, nation-states once again were identified by multiple organizations as being the source of serious cyber-threats, and there is no indication that will change in the year ahead. Among the emerging trends that could become more prominent in the new year are the widespread use of containers and microservices to improve security control. This eWEEK slide show will present 17 security predictions for the year ahead from 17 security experts.
This year (2016) I accepted as much incident response work as I could. I spent about 300 hours responding to security incidents and data breaches this year as a consultant or volunteer.
This included hands on work with an in-progress breach, or coordinating a response with victim engineering teams and incident responders.
These lessons come from my consolidated notes of those incidents. I mostly work with tech companies, though not exclusively, and you’ll see a bias in these lessons as a result.
The most famous, and unlikeliest, hacker in the news this week is little Ashlynd Howell of Little Rock, Ark. The exploits of the enterprising 6-year-old first came to light in a Wall Street Journal story about the difficulties of keeping presents a secret in the digital age. It seems that while mom Bethany was sleeping on the couch, Ashlynd gently picked up her mother's thumb and used it to unlock the Amazon app on her phone. She then proceeded to order $250 worth of Pokemon presents for herself. When her parents got 13 confirmation notices about the purchases, they thought that either they'd been hacked (they were, as it turned out) or that their daughter had ordered them by mistake. But she proudly explained, "No, Mommy, I was shopping." The Howells were able to return only four of the items.
Caught in the middle of all this are the financial transactions of millions of Americans, in addition to whatever sensitive government information might have been located on the FDIC's computers.
But claiming the Chinese were involved seems premature, even according to Reuter's own reporting, which relies heavily on a bunch of anonymous government officials discussing documents no one at Reuters has seen.
I am now 91 years of age and it has been 70 long, wide years since I returned home on Christmas Eve, 1945. My family was unaware that I was even in the U.S. because I did not want them to know I had spent a month in a Naval hospital before being discharged. My triumphant return was a Norman Rockwell painting; the cab stopped across the street, I tossed my seabag over my shoulder and walked across the street. A light snow was falling, I pressed the doorbell, the door opened, and there was my mom and dad, my brother and my sisters and a few family friends. I had not seen my family since June of 1942, 3 1/2 years earlier.
I was home, I was still alive, I was the luckiest guy on the planet.
As the title of Sebastian Bae’s piece says, war is only romantic if you have never been in one. I have seen close friends killed, I have held young boys in my arms as they died. I have taken the lives of other human beings. I have known fear so intense as to drive good men insane.
History loves little markers, tidy packages of symbolism that wrap up a big, complex thing.
You know, the helicopter on the roof of the American Embassy in Saigon standing in for years of failed war, the Berlin Wall being knocked down to visually note the end the Cold War, that sort of thing.
Well, the never-ending-gobsmacker of the Afghan War may have gotten its iconic moment.
A Facebook safety check for Bangkok, which the company claimed was prompted by a one-man protest near the prime minister’s office, helped spread a fake news report of an explosion in the city.
The incident is the latest example of the social media platform’s algorithms failing to distinguish between reliable and faulty news sources.
Is the veteran US diplomat Henry Kissinger working to secure a rapprochement between the US and Moscow by pushing for an end to sanctions in exchange for the removal of Russian troops from eastern Ukraine?
A flurry of reports suggest the 93-year-old diplomat is positioning himself as a intermediary between Vladimir Putin and President-elect Donald Trump. He has publicly praised Mr Trump, and traveled to Trump Tower in New York to offer his counsel built on decades of lobbying and diplomacy.
A report in the German tabloid Der Bild headlined ‘Kissinger to prevent new Cold War’, claimed the former envoy was working towards a new relationship with Russia.
U.S. Secretary of State John Kerry strongly criticized Israel's government in a speech on Wednesday, saying that trends on the ground are leading to a one-state solution and defending the U.S. decision not to veto a UN Security Council resolution against the Israeli settlements. Netanyahu's office replied and accused the U.S. Secretary of State of obsessing about settlements.
"If the choice is one-state, Israel can either be Jewish or democratic, it cannot be both and it won't ever live in peace," Kerry said.
Kerry presented the principles of a future final status agreement: An Israeli and a Palestinian state based on the 1967 lines; full rights to all citizens; a solution to the Palestinian refugee issue; Jerusalem as the capital of both states; an end to the occupation, while satisfying Israel's security needs, with a demilitarized Palestinian state; an end to all claims by both sides.
A bill to allow government officials to deny any public-record request they choose by arguing it is "unduly burdensome" or "harassing" is back for a second year in a row.
[...]
Kavanagh last year said the bill was not meant to limit media or public access to information, but to curb abuse. He said he introduced it at the request of cities that say there are a handful of gadflies who make an extraordinary number of very broad requests for records, requiring significant work from city staff, and then don't even look at the results.
On Tuesday Tesla announced that it had struck a deal with Panasonic to produce photovoltaic cells at the new Buffalo, New York, solar panel factory scheduled to go online in 2017. The factory’s construction was started by SolarCity, which was purchased by Tesla in November in a $2.6 billion all-stock deal.
Local officials in Traverse City voted Monday night to become the second Michigan city looking to meet 100 percent of municipal electricity needs from renewable sources.
Traverse City Commissioners unanimously approved a resolution to set a goal of 100 percent renewables by 2020 to power city services, such as streetlights, a wastewater treatment plant and government buildings.
“It seems like one of the right things to do with a changing climate and changing aspects of our energy production,” Traverse City Mayor Jim Carruthers said prior to Monday night’s vote.
The charity behind the proposed garden bridge across the Thames in London has warned that any more hold-ups to the controversial and much-delayed project could see it having to be scrapped altogether.
While the Garden Bridge Trust insists it remains confident the tree and plant-filled pedestrian crossing will be built, it has conceded that the delays have affected fundraising and that any more significant obstacles could prove terminal.
It was ultimately up to the charity’s trustees, who include the project’s originator, the actor Joanna Lumley, to demonstrate the money committed – €£60m of which comes from taxpayers – was being used prudently, its executive director said.
The Co-operative Group is planning to create 1,500 jobs in the new year by opening 100 stores across the country.
The group will invest €£70m in the new shops, which will be spread throughout London, south-east England, Yorkshire and Scotland.
Theresa May’s government has been accused of changing the rules on public appointments to make it easier in future for ministers to pick their political allies for senior jobs at the BBC and regulators such as Ofsted.
The new code on public appointments will give ministers greater powers over who oversees a raft of agencies, watchdogs and advisory committees, while weakening the involvement of the independent commissioner for public appointments, who scrutinises the system.
Labour said the changes, which will come into force on 1 January, represent a “power grab” by ministers and risk returning to the days of patronage and cronyism in public life.
The Commission on Presidential Debates, or CPD, has been under fire for its policies for several years now. For the past 24 years, the CPD has excluded anyone but the Republican and Democratic nominees from participating in the three presidential debates and one vice-presidential debate in September and October before the election.
An important lawsuit, Level the Playing Field, et al. v. Federal Election Commission, goes before a federal judge on Jan. 5. That suit seeks to accomplish what the CPD has refused to do on its own: change the rules to stop systematically preventing independent candidates from debating - and becoming president.
Donald Trump will disappoint and disillusion his far-right supporters by eschewing white supremacy, according to some of the movement’s own intellectual leaders.
Activists who recently gave Nazi salutes and shouted “hail Trump” at a gathering in Washington will revolt if the new US president fails to meet their expectations, the leaders told the Guardian.
The last line of defense against the torrent of half-truths, untruths and outright fakery that make up so much of the modern internet is in a downscale strip mall near the beach.
Snopes, the fact-checking website, does not have an office designed to impress, or even be noticed. A big sign outside still bears the name of the previous tenant, a maker of underwater headphones. Inside there’s nothing much — a bunch of improvised desks, a table tennis table, cartons of Popchips and cases of Dr Pepper. It looks like a dot-com on the way to nowhere.
Appearances deceive. This is where the muddled masses come by the virtual millions to establish just what the heck is really going on in a world turned upside down.
If Hillary Clinton and Donald Trump are the 2016 presidential candidates, gender will be part of the campaign in an unprecedented way. It goes beyond the fact that Clinton would be the first woman nominated by one of the two major parties as its presidential candidate: Polls consistently show that women really, really don’t like Trump, and men — to a lesser but still significant degree — really don’t like Clinton.
In 1923, a motley collection of philosophers, cultural critics, and sociologists formed the Institute of Social Research in Frankfurt, Germany. Known popularly as the Frankfurt School, it was an all-star crew of lefty theorists, including Walter Benjamin, Theodor Adorno, Erich Fromm, Max Horkheimer, and Herbert Marcuse.
The Frankfurt School consisted mostly of neo-Marxists who hoped for a socialist revolution in Germany but instead got fascism in the form of the Nazi Party. Addled by their misreading of history and their failure to foresee Hitler’s rise, they developed a form of social critique known as critical theory.
A guiding belief of the Frankfurt School, notably among Adorno and Horkheimer, was that mass culture, in all its forms, was a prop for totalitarian capitalism. The idea was that art, in late-capitalist society, had been reduced to a cultural commodity. Critical theory sought to expose this by rigorously examining the products of popular culture. In particular, they tried to show how culture became a stealth vehicle for the inculcation of capitalist values.
Liberal filmmaker Michael Moore on Tuesday detailed his five-step strategy for countering President-elect Donald Trump.
I was watching the Al Jazeera Channel on TrueVisions yesterday morning and heard that a news story was coming up about a Thai woman who has started an NGO that helps give meaning to the lives of underprivileged inner-city children in Bangkok by teaching them to play musical instruments.
As I waited to watch this obviously inspiring story, the anchor announced it with the words, “Meanwhile in Thai…” At the sound of the cue word “Thailand”, TrueVisions blacked out the two-and-a-half-minute broadcast, showing in its place the irritating notice “Programming will be resumed shortly.”
We've talked a lot about how the trend du jour in online media is to ditch the news comment section, then condescendingly pretend this is because the website just really values user relationships. ReCode, NPR, Reuters, Bloomberg, Popular Science and more have all proclaimed that they just love their on-site communities so much, they'll no longer allow them to speak. Of course what these sites often can't admit is that they were too lazy or cheap to cultivate their communities, can't seem to monetize quality discourse, and don't really like people pointing out their story errors in quite such a conspicuous location.
As you may have noticed, earlier today we made some renovations here at VICE.com. Gave the place a facelift. Slapped a new coat of paint on the old URL. As with most redesigns, this is the first step in an ongoing process, and over the coming weeks and months we'll be tweaking things and adding features to make the new site even better. But along with these additions will come the loss of some staples from our old site, notably the comments section.
[...]
Unfortunately, website comments sections are rarely at their best. Without moderators or fancy algorithms, they are prone to anarchy. Too often they devolve into racist, misogynistic maelstroms where the loudest, most offensive, and stupidest opinions get pushed to the top and the more reasoned responses drowned out in the noise. While we always welcomed your thoughts on how we are actually a right-wing mouthpiece for the CIA, or how much better we were before we sold our dickless souls to Rupert Murdoch, or just how shitty we are in general, we had to ban countless commenters over the years for threatening our writers and subjects, doxxing private citizens, and engaging in hate speech against pretty much every group imaginable.
Fears are running high that US President-elect Donald Trump will crack down hard on civil liberties once he takes office next month. But Democrats are missing the opportunity to stand up for free speech when it comes to advocacy for Palestinian rights.
The Anti-Semitism Awareness Act – presenting itself as a force against anti-Jewish bigotry, but actually a means of censoring campus criticism of Israel’s policies – was unanimously passed by the Senate earlier this month.
The entire discussion over €»fake news€« might just be tactics in the endless war of power over information, over the agenda. Obviously, the establishment is not amused with the new competition.
The Turkish government’s latest attempt to censor online news has exposed a direct and potentially illegal link between the country’s internet service providers and the government’s internet authority, according to ISP employees with knowledge of the country’s censorship mechanisms.
The website of Dutch public broadcaster NOS.nl has been inaccessible in Turkey since Dec. 19. After a full week of investigations, however, all we know is who in the country’s censorship bureaucracy blocked the access, but not why. Further, the fact that NOS.nl was censored before a judge issued a court order reveals the new extrajudicial functions of Turkey’s censorship machine, which includes integrated servers between private Turkish ISPs and Turkey’s government.
At the end of September, the Indian motion picture producer's association, India's largest organization related to entertainment, announced a ban on all Pakistani artists.
In retaliation, Pakistan authorities imposed a complete ban on airing Indian content on all its TV channels, including Bollywood movies.
This cultural war, triggered by the September Uri attacks in Kashmir, is far from new.
Indeed it is a sad reminder of last year, when the Indian ultra regionalist Maharashtrian-based party Shiv Sena threatened to disrupt a performance by celebrity singer Ghulam Ali in Mumbai, forcing the concert to be canceled.
Well, you knew this was coming sooner or later. Reports came out this week (via the paywalled site The Information) that law enforcement in Bentonville, Arkansas issued a warrant to Amazon asking for any recordings that Amazon had from its Echo device that may have been relevant to a murder case they're working on. At issue is the Amazon Echo device owned by James Andrew Bates, who is accused of murdering Victor Collins a year ago. The key bit of information here is that Amazon refused to hand over any recordings that it might have logged, but did hand over more general information about Bates' account and purchases.
Of course, just the request for possible audio information has lots of people paying attention. This kind of thing has been predicted for ages -- now that pretty much everyone has "always on" microphones all around them in the form of either internet-of-things connected devices like the Echo, or merely your mobile phone with Apple's Siri or Google Now.
You have the right to remain silent -- but your smart devices might not.
Amazon's Echo and Echo Dot are in millions of homes now, with holiday sales more than quadrupling from 2015. Always listening for its wake word, the breakthrough smart speakers boast seven microphones waiting to take and record your commands.
Now, Arkansas police are hoping an Echo found at a murder scene in Bentonville can aid their investigation.
First reported by The Information, investigators filed search warrants to Amazon (see below), requesting any recordings between November 21 and November 22, 2015, from James A. Bates, who was charged with murder after a man was strangled in a hot tub.
While investigating, police noticed the Echo in the kitchen and pointed out that the music playing in the home could have been voice activated through the device. While the Echo records only after hearing the wake word, police are hoping that ambient noise or background chatter could have accidentally triggered the device, leading to some more clues.
It’s been a busy year on a number of fronts as we continue to fight to rein in the National Security Agency’s sweeping surveillance of innocent people. Since the 2013 leaks by former government contractor Edward Snowden, the secretive and powerful agency has been at the top of mind for those thinking about unconstitutional surveillance of innocent Americans and individuals abroad.
In 2016 the courts, lawmakers, and others continued to grapple with questions of how much we know about NSA surveillance.
Macleod-Ball also said it "would be nice" if the government had listened to the civil liberties concerns expressed by groups like his, but, then again, it "would be nice" if the government was generally more proactive on that front -- getting out ahead of complaints rather than just reacting to them. But it's just not going to happen. The government tends to push until something pushes back. And it does a lot of this pushing behind closed doors without asking for public comment.
Skipping this "optional" part of the application process may only increase scrutiny. Applicants will still be interviewed by CBP/DHS agents and the questions they field may revolve around any fields left blank. Agencies like these tend to operate with a "nothing to hide, nothing to fear" mindset and may view withheld information -- optional or not -- as the product of a guilty mind. The DHS says it won't officially prevent anyone who doesn't provide this information from entering the country, but there are several unofficial options that will achieve the same result.
Then there's the mission creep. Should this become part of the official form, you can expect other government licensing agencies to look at adding the same data gathering to their paperwork. In addition, the example set by the United States will only encourage countries far less interested in civil liberties from gathering this information from visitors to their countries, which means US citizens will need to get used to being more forthcoming with social media identifiers when looking to travel.
The EFF has won a small battle in a larger war against the US government for its continued withholding of documents related to its Hemisphere program. Files on this custom-built AT&T/DEA surveillance system have already made their way into the hands of the public. Contrary to the government's claims about other methods (warrants, subpoenas) taking too long to obtain phone records, previously-released documents showed AT&T employees worked directly alongside agents in DEA offices to perform instantaneous searches for records.
The EFF is seeking information not included in the Powerpoint presentation already produced by the DEA. It's looking for records on court cases where evidence derived from the program was submitted, communications between the government and AT&T concerning the program, communications between government agencies about the Hemisphere program, and Congressional briefings related to the side-by-side surveillance effort.
Amazon's Echo devices and its virtual assistant are meant to help find answers by listening for your voice commands. However, police in Arkansas want to know if one of the gadgets overheard something that can help with a murder case. According to The Information, authorities in Bentonville issued a warrant for Amazon to hand over any audio or records from an Echo belonging to James Andrew Bates. Bates is set to go to trial for first-degree murder for the death of Victor Collins next year.
Amazon declined to give police any of the information that the Echo logged on its servers, but it did hand over Bates' account details and purchases. Police say they were able to pull data off of the speaker, but it's unclear what info they were able to access. Due to the so-called always on nature of the connected device, the authorities are after any audio the speaker may have picked up that night. Sure, the Echo is activated by certain words, but it's not uncommon for the IoT gadget to be alerted to listen by accident.
Turkish authorities have arrested the cafeteria manager of the opposition Cumhuriyet newspaper for insulting the president after he said he would not serve tea to Tayyip Erdogan, one of the manager's lawyers told Reuters on Monday.
Senol Buran, who runs the cafeteria at the Istanbul office of Cumhuriyet, was taken into custody after police raided his home late on Saturday, lawyer Ozgur Urfa said. The newspaper is among the few still critical of the government.
Author Malcolm Gladwell recently name-checked the EFF in an article published in The New Yorker. Mr. Gladwell’s piece examines what he sees as the differences between whistle-blowers Edward Snowden and Daniel Ellsberg, and concludes that Snowden doesn’t deserve the respect (or apparently the same legal protection) that Ellsberg does. It’s always nice to be mentioned in respected publications, but as an organization that has actual experience with trying to make change with whistleblower information, we sharply disagree with Mr. Gladwell’s conclusion, and even more so with how he gets there.
AMY GOODMAN: It will be interesting to see what Donald Trump’s attitude to Julian Assange is right now—
JAMEEL JAFFER: Yeah.
AMY GOODMAN: —given the WikiLeaks dump of Hillary Clinton emails—
JAMEEL JAFFER: I think—yeah, I think that’s right.
AMY GOODMAN: —which many attributed to helping defeat her.
JAMEEL JAFFER: I think that’s right. I think that’s right. But then, there are also these questions that have arisen because of the statements that Trump has made during the campaign, and then over the last couple weeks, as well. You know, he has shown a kind of hostility to journalism and to—and, you know, I think to free speech, as well, reflected by the statement that Mike Pompeo made with respect to Julian Assange [sic]. So, I think there will be a set of—a set of issues—
In 2012, Joohoon David Lee, a federal Homeland Security agent in Los Angeles, was assigned to investigate the case of a Korean businessman accused of sex trafficking.
Instead of carrying out a thorough inquiry, Mr. Lee solicited and received about $13,000 in bribes and other gifts from the businessman and his relatives in return for making the “immigration issue go away,” court records show.
Mr. Lee, an agent with Homeland Security Investigations at Immigration and Customs Enforcement, filed a report saying: “Subject was suspected of human trafficking. No evidence found and victim statement contradicts. Case closed. No further action required.”
It appears some Air Force brass wish their subordinates would fly a little farther under the radar, especially when airing their office’s dirty laundry.
In 2011, an Air Force whistleblower had his security clearance revoked after pestering his supervisor about fraud and waste within the agency, according to a Defense Department Inspector General report. The Inspector General’s investigation concluded in December that his supervisor retaliated against the civilian employee for disclosing the infractions.
Turkish police detained five journalists and issued arrest warrants on four more who reported on the leaked emails of Turkey’s Energy Minister Berat Albayrak, according to pro-government daily Sabah.
The emails were hacked by a Marxist hacker group, RedHack, and were leaked to the public in October after the group's demand for the release of political prisoners was not met. Subsequent to the public leak, the government had banned cloud services. The email archive was later indexed by WikiLeaks, which remains banned in Turkey.
On Sunday morning, Turkish police special forces units raided houses of journalists from various outlets known for their critical news coverage, including daily BirGun’s Mahir Kanaat. BirGun was one of the first outlets to report Albayrak’s email addresses were hacked by RedHack.
Among the detained journalists, Eray Sargin is the editor-in-chief of news website Yolculuk, which was the first outlet to report on the leaks. Despite being censored for its news articles, Yolculuk kept reporting about the leaks.
Investigative reporter Tunca Ogreten was the former editor of Diken where he revealed the details of the oil trade between Turkey and Northern Iraq. Based on the email correspondence, Ogreten showed that Albayrak—who is also President Erdogan’s son-in-law—was the real boss behind the private oil monopoly Powertrans.
Britain played a key behind-the-scenes role in brokering the UN resolution condemning Israel for violating international law with its policy of building settlements on occupied Palestinian territory, it has been confirmed. The UK helped draft some of the key wording to ensure it met US concerns.
The UK role, first highlighted by Israeli diplomatic sources, leaves the UK on a collision course not just with Israel, but at odds with Donald Trump, the US president-elect and a strong opponent of the UN resolution, the first to be passed that is critical of Israel for seven years.
A Dutch woman who has lived in the UK for 24 years, and has two children with her British husband, has been told by the Home Office that she should make arrangements to leave the country after she applied for citizenship after the EU referendum.
The story of Monique Hawkins highlights the practical difficulties faced by millions of EU citizens concerned that they will not have the right to stay in Britain post-Brexit.
Hawkins had considered applying for citizenship before but decided not to as it did not confer any rights beyond her current EU rights. However, after the referendum she changed her mind, fearful that those rights would be diminished after Britain leaves the EU.
[...]
In a written complaint, Hawkins said the worst aspect about the process was the inability to contact anyone. She wrote: “I do not believe there is any other business, organisation or even legal process in the world that would treat its customers/clients/applicants in this manner.”
The software engineer, from Surrey, said she never once thought she would be deported but said her experience highlights the absurdity of the Home Office permanent residency process.
A Dutch mother with two British children who has lived in the UK for 24 years said the Home Office told her to make arrangements to leave the country.
Cambridge University graduate Monique Hawkins, who has two teenage children with her British husband, decided to apply for UK citizenship after the Brexit vote over fears her EU rights would be diminished when the country leaves the 28 nation bloc, the Guardian reported.
She told the newspaper she was concerned that if she did not apply for citizenship she would be forced “to join a US-style two-hour immigration queue” while the rest of her family “sailed through the UK passport lane”.
The popular torrent site ExtraTorrent has suffered several major DDoS attacks over the past ew days. The problems appear to be related to the site's recent ban of 'unofficial' proxy services. Meanwhile, The Pirate Bay is also down, but for now it's unclear what's causing the issues on their end.
We've written a few times in the past about the USTR's ridiculous "notorious markets" report, which is an offshoot of the already ridiculous Special 301 report, in which the USTR is supposed to name and shame countries that don't respect US intellectual property laws... based on whichever lobbyists whined the most to the USTR (seriously: the process is no more scientific than that). The "notorious markets" report is even more ridiculous, and lets the USTR go even further afield, often naming perfectly legal internet services just because Hollywood doesn't like them. It got seriously ridiculous last year when the USTR expanded the list of domain registrars, including the very popular domain registrar Tucows. The USTR claimed that it was okay to put Tucows on the list because it "failed to take action" when notified of infringement.
Um. But that's the correct thing to do. A registrar's job is just to manage domain registrations and not to police what's on those sites, or to strip those domains. If someone is infringing on copyrights/trademarks/whatever, take it up with whoever is behind the site, not two steps removed to the company that registered the domain. Many people pointed this out last year, but this is the USTR we're talking about, and the USTR doesn't give a fuck. It just went right back out and with the release of the 2016 Notorious Markets List is still listing domain registrars and other websites that are perfectly legal, but which Hollywood or other big legacy industries don't like very much.
While Tucows is no longer listed, they do name Domainerschoice as a "notorious market" because many online pharmacies have purchased domain URLs from that registrar. But, again, if the online pharmacies are the problem, go after those pharmacies, don't blame the domain registrar. Domainerschoice is just creating a database and selling URLs, not hosting any content or selling any drugs, legal, gray market or illegal.