This is the second edition of TWTWTW, a weekly blog proclaiming noteworthy news in the open source world. It provides a concise distilled commentary of notable open source related news from a different perspective. For the second edition, we present a succinct catchup covering software, hardware, book releases, ending with a real Barry Bargain!
Softpedia was informed today, February 24, 2017, by Entroware, a UK-based hardware manufacturer known for building and selling desktops, laptops, and servers with the popular Ubuntu Linux operating system pre-installed, about a brand-new product.
The new Entroware Aether is the latest Linux powered laptop from British company Entroware, and is powered by the latest Intel Kaby Lake processors.
Linux-specific hardware especially laptops have been seeing a rapid growth in the PC industry as of late. It is no secret that well-established manufacturers like Dell amongst others have been stepping up and slapping Ubuntu on models of their desktops and laptops as an optional operating system for their power users.
While we have other PC manufacturers like System76 on the forefront of this space, (with all their available models running Linux exclusively) it is always nice to have new players in the game.
The whole juggernaut that is now Linux on Dell started as the brainchild of two core individuals, Barton George (Senior Principal Engineer) and Jared Dominguez (OS Architect and Linux Engineer).
It was their vision that began it all back in 2012. It was long hours, uncertain futures and sheer belief that people really did want Linux laptops that sustained them. Here is the untold story of how Dell gained the top spot in preinstalled Linux on laptops.
Where do you start when no one has ever really even touched such a concept? The duo did have some experience of the area before. George explained that the XPS and M3800 Linux developer’s laptops weren’t Dell’s first foray into Linux laptops. Those with long memories may remember Dell testing the waters for a brief while by having a Linux offering alongside Windows laptops. By their own admission it didn’t work out. “We misread the market,” commented George.
But we can be Free from Microsoft! As we saw above, there is a powerful – and now popular movement afoot to make alternative software available. The Free Software Foundation, and the GNU Project, both founded by Richard Stallman, provide Free software to users with licenses that guarantee users rights: the rights to view, modify, and distribute the software source code. With GNU-licensed software, such as Linux, the user is in complete control over the software they employ. And as people contribute to modify Free Software source code, and are required to share those modifications again, the aggregate creative acts give rise to the availability of many more, much more useful results. Value is created beyond what anyone thought possible, and our freedom multiplies.
"Red Hat is now our backbone. Our business cannot run if Red Hat is not there." That is India's biggest stock exchange's CEO talking. Established in 1875, the Bombay Stock Exchange (BSE) is considered to be Asia’s earliest established stock exchange with an overall market capitalization of $1.43 Trillion in 2016 making it the world's 11th largest. Open Source have had many major wins last year, and this has to be one of the biggest.
The Central Office Re-architected as a Data Center (CORD) open source project is partnering with the xRAN Foundation. The two groups plan to work on a software-based, extensible Radio Access Network (xRAN) architecture.
Apparently, the xRAN Foundation is a new standards group that was formed in late 2016. Deutsche Telekom, a founding member, is hosting a press event at Mobile World Congress next week to introduce the group and explain its mission. Other initial members of xRAN include AT&T, SK Telecom, and Intel.
Today, the OpenStack Foundation is launching the latest version of its platform that allows enterprises to run an AWS-like cloud computing platform in their data centers. Ocata, as the 15th release of OpenStack is called, arrives after only a four-month release cycle, which is a bit faster than its usual six-month cycle, which will resume after this release. The reason for this is a change in how the Foundation organizes its developer events over the course of a release cycle. Because of the shorter cycle, this new release focused more on stability than new features, but it still manages to squeeze a number of new features in as well.
In our second conversation of our “I Am A Mainframer” interview series, Jeffrey Frey talks with Emily K. Hugenbruch, OpenStack Cloud Enablement Engineer, z/VM and Software Engineer at IBM about the OpenStack Newton release and her overall career experience as a woman working in the mainframe space.
To date, almost all of the talk about containers and microservices has been about "stateless" applications. This is entirely understandable because stateless applications are simply easier. However, containers and orchestration have matured to the point where we need to take on the interesting workloads: the stateful ones. That's why two of my talks at SCALE 15x are about databases, containers, and Kubernetes, which is an open source system for automating deployment, scaling, and management of containerized applications.
Stateless services are applications like web servers, proxies, and application code, which may handle data, but they don't store it. These are easy to think about in an orchestration context because they are simple to deploy and simple to scale. If traffic goes up, you just add more of them and load-balance. More importantly, they are "immutable"; there is very little difference between the upstream container "image" and the running containers in your infrastructure. This means you can also replace them at any time, with little "switching cost" between one container instance and another.
As DevOps has grown in popularity, an increasing number of organizations are looking to containerization technology as a way to simplify and streamline application deployment and management. In fact, the RightScale 2017 State of the Cloud Report found that Docker, the leading containerization tool, was the most popular DevOps tool among the companies it surveyed. Forty percent of the enterprises surveyed said that they use Docker, and 30 percent more said they planned to do so in the future.
Today, I was re-reading an linux.com article from 2014 by Leslie Hawthorne which had been reshared by the Linux Foundation Facebook account yesterday in honor of #GirlDay2017 (which I was regrettably unaware of until it was over). It wasn’t so much the specific content of the article that got me thinking, but instead the level of discourse that it “inspired” on the Facebook thread that pointed me there (I will not link to it as it is unpleasant and reflects poorly on The Linux Foundation, an organization which is in most circumstances largely benevolent).
Peoples of the blogosphere, welcome back to the solipsism! Happy 2017 and all that. Today's missive is about Snabb (formerly Snabb Switch), a high-speed networking project we've been working on at work for some years now.
What's Snabb all about you say? Good question and I have a nice answer for you in video and third-party textual form! This year I managed to make it to linux.conf.au in lovely Tasmania. Tasmania is amazing, with wild wombats and pademelons and devils and wallabies and all kinds of things, and they let me talk about Snabb.
The Linux Foundation announced yesterday that it had combined open source ECOMP and the Open Orchestrator Project into ONAP, the Open Networking Automation Platform, with the aim of helping users automate network service delivery, design, and service through a unified standard.
Jim Zemlin, executive director of the Linux Foundation, said that ONAP should be a boon to enterprise IT departments, thanks to improved speed and flexibility.
Open source ECOMP and the Open Orchestrator Project (OPEN-O) have merged to create the new Open Network Automation Platform (ONAP) Project, further harmonizing the ever-growing array of disparate virtualization groups.
ONAP will allow end users to automate, design, orchestrate, and manage services and virtual functions.
Linux never sleeps. Linus Torvalds is already hard at work pulling together changes for the next version of the kernel (4.11). But with Linux 4.10 now out, three groups of changes are worth paying close attention to because they improve performance and enable feature sets that weren’t possible before on Linux.
Here’s a rundown of those changes to 4.10 and what they likely will mean for you, your cloud providers, and your Linux applications.
A few days ago I posted some results of surprise performance improvements for a Radeon RX 470 when testing the DRM-Next code queued for Linux 4.11. I've now tested that kernel on more systems and can confirm at least benefits more widespread for RADV's Vulkan performance.
Arnd Bergmann has submitted the big batch of ARM hardware changes for the Linux 4.11 kernel merge window.
While Linus Torvalds yesterday was criticizing the DRM code quality using colorful language and threatening not to accept the DRM changes for Linux 4.11, he ended up merging the code to mainline.
After complaining about the code and making some changes to it for reducing the compiler warnings, he ended up letting all of this new Direct Rendering Manager code be merged rather than dropping TinyDRM or not merging any DRM code at all.
Better support for Intel Turbo Boost Max 3.0 are among the changes to find with the platform-drivers-x86 updates for the Linux 4.11 kernel.
With Linux 4.10 came initial Turbo Boost Max 3.0 (TBM3) support, but it was only enabled for systems with the motherboard/BIOS exposing hardware P-States. For many Broadwell-E boards, including mine, this wasn't the case and as such TBM 3.0 isn't currently working on systems like my Core i7 6800K. But Intel developers have been working on expanded Turbo Boost Max 3.0 support for non-HWP systems and that code is now set to land for Linux 4.11.
The MD pull request was submitted on Friday for the Linux 4.11 kernel as were the Btrfs file-system changes.
Chris Mason's pull request of new feature material for Linux 4.11 wasn't particularly exciting. The Btrfs updates primarily include fixes and code clean-ups. There's been a lot of code polishing and fixing that happened by multiple developers, but not much in the way of new feature work.
OpenRISC continues advancing with its sights on being a free and open processor for embedded systems using the RISC instruction set architecture.
Last year the Linux kernel got a new OpenRISC maintainer and for Linux 4.11 there is a fair amount of interesting changes for the OpenRISC code within the mainline tree.
The tinydrm code seems like absolute pure shit that has never seen a compiler.
I'm upset, because I expect better quality control. In fact, I expect *some* qualitty control, and this piece-of-shit driver has clearly seen none at all.
And those patches were apparently committed yesterday.
WHAT THE ACTUAL FUCK?
At the Audio MC at the Linux Plumbers Conference one thing became very clear: it is very difficult for programmers to figure out which audio API to use for which purpose and which API not to use when doing audio programming on Linux.
Several years back we wrote about Ultra Kernel Samepage Merging (UKSM) for data de-duplication within the Linux kernel for transparently scanning all application memory and de-duping it where possible. While the original developer is no longer active, a new developer has been maintaining the work and continues to support it on the latest Linux kernel releases.
I'm announcing the release of the 4.9.13 kernel.
All users of the 4.9 kernel series must upgrade.
The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st...
Well, that didn't take long, and it looks like the recently released Linux 4.10 kernel series just got its first point release today, Linux kernel 4.10.1, marking the branch as stable and ready for deployment in stable OSes.
Linux kernel 4.10.1 comes only one week after the release of Linux 4.10, which is now considered the most stable and advanced kernel available for any GNU/Linux distribution that wants to adopt it for their users, so you can imagine that the changes are quite small in number. According to the appended shortlog, a total of 21 files were changed in this first point release, with 259 insertions and 52 deletions.
The GNU Linux-libre 4.10 kernel was released last weekend just after the official Linux 4.10 kernel release while I hadn't noticed the de-blobbed kernel release until today. The Linux-libre folks continue to criticize the open-source GPU DRM drivers as being offenders for using binary blob firmware/microcode.
GNU Linux-libre for those that don't know is the FSFLA effort to de-blob the mainline Linux kernel by removing support for loading binary-only modules as well as stripping out drivers or portions of driver code that rely upon closed-source/binary-only firmware/microcode images, which is quite common among newer hardware.
Last December we wrote about work being done on fuzzing OpenGL shaders leading to wild differences with the work being done at the Imperial College London. While they were testing other drivers on different operating systems, they have now fired up tests of Mesa.
Wayland 1.13 was released earlier this week but the adjoining Weston compositor update didn't happen at the same time due to some last minute changes needing more time to test, but this Friday, Weston 2.0 is now shipping.
But before getting too excited, Weston 2.0 doesn't represent some break-through changes but rather was bumped away from the Wayland versioning rhythm due to its new output configuration API breaking Weston's ABI. Thus the major version bump.
Welcome to the official release of Weston 2.0. There are no changes since RC2.
The out-of-tree Reiser4 file-system has been updated for the Linux 4.10 kernel.
Reiser4 for the Linux 4.10.0 kernel is available as of earlier this week, managing to release their updated file-system driver code quite promptly. This port to Linux 4.10 yielded a few changes to the Reiser4 code as they re-based to this Linux kernel with the ->readlink() of inode operations being removed as well as the WRITE_FLUSH_FUA flag being removed.
The NV_dedicated_allocation extension that is one of the Vulkan extensions needed by Valve's SteamVR on Linux, has now been enabled within mainline Mesa for the RADV driver.
Back in November we saw patches for wiring in PRIME support to the RADV Vulkan driver and last week rewritten RADV PRIME code was released while this weekend it has landed in Mesa Git.
For those curious how Ubuntu 17.04 is shaping up, considering this week was the "beta" release for participating flavors, I decided to take a fresh Ubuntu 17.04 x86_64 daily ISO and see how its performance compares to Ubuntu 17.10, Clear Linux 13600, Antergos 17.2, and openSUSE Tumbleweed.
When posting last week our Windows 10 vs. Ubuntu Radeon benchmarks and Windows vs. Linux NVIDIA Pascal benchmarks and then the Windows vs. Linux relative performance analysis, as usual, it didn't take long for some to argue that the Linux gaming performance is actually faster but "Unity 7 is slower" and the similar FUD that is usually waged whenever looking at cross-platform performance.
We have done cross-desktop Linux gaming benchmarks previously to show that generally there isn't as big of a difference these days as the desktop/compositor in use as some would like to argue, but given the recent Windows vs. Linux results and the never-ending advancements to the open-source Linux graphics stack, here are some fresh numbers to share today.
Peek Gif Recorder is the perfect screen capture tool for short and sharp video clips.
It was designed to use ffmpeg and imagemagick to take screencasts of your desktop and animate them to make them Gifs.
It’s that nifty tool for those who might want to demo a bug or a brief gameplay session quickly.
The latest feature release Git v2.12.0 is now available at the usual places. It is comprised of 517 non-merge commits since v2.11.0, contributed by 80 people, 24 of which are new faces.
Looking through the release log, Git 2.12 doesn't bring any big breakthrough feature, but has a variety of improvements throughout. Git 2.12 brings updates for its p4 sub-command, finer-grained controls for what transport protocols can be used for clone/fetch/push can now be setup via the configuration file, a variety of updates to other sub-commands, several performance improvements, build updates for Cygwin, and quite a number of fixes too.
systemd 233 is scheduled to be released next week, and there is only a handful of small issues left. As usual there are tons of improvements and fixes, but the most intrusive one probably is another attempt to move from legacy cgroup v1 to a “hybrid” setup where the new unified (cgroup v2) hierarchy is mounted at /sys/fs/cgroup/unified/ and the legacy one stays at /sys/fs/cgroup/ as usual. This should provide an easier path for software like Docker or LXC to migrate to the unified hiearchy, but even that hybrid mode broke some bits.
Introducing a new command line tool which solves the issue of memorizing commands or storing them somewhere which is difficult to find. With the grep and run commands, one can easily find their long forgotten commands and use them them right away.
I'm happy to annouce the release of qutebrowser v0.10.0!
qutebrowser is a keyboard driven browser with a vim-like, minimalistic interface. It's written using PyQt and cross-platform.
I haven't announced the v0.9.0 release in this blog (or any patch releases), but for v0.10.0 it definitely makes sense to do so, as it's mostly centered on QtWebEngine!
GNOME Pomodoro is, like the name suggests, a Pomodoro timer for GNOME. The application website mentions that it's currently only for GNOME Shell, however, an AppIndicator is also available.
Build automation is a vital tool for devops, sysadmins, and developers. It is nothing but scripting or automating the process of compiling source code into binary. Sysadmins can use build tools to manage and update config files. Following is a list of awesome open source and popular tools associated with automating build processes on Linux or Unix-like system.
Thomas Rini of the Konsulko Group presented at this week's Linux Foundation Embedded Linux Conference (ELC2017) about the state of U-Boot.
Rini has served as the "head custodian" of U-Boot for the past number of years and presented on the overall state and accomplishments for this Universal Boot Loader most commonly associated with ARM and other architectures.
Nuclear is a beautifully designed Open Source multiplatform music streaming app that fetches media content from multiple online sources including YouTube and last.fm. The app has a simple yet glossy UI and does an excellent job at playing audio files. It was developed using Electron and can be thought of as the GUI version of mps-youtube with just a few customization features under its belt.
There are various comic book reader apps for Linux out there but today we bring you Peruse – an Open Source comic book reader developed by the KDE team to simplify reading comic books on your KDE desktop environment and to make it more pleasurable.
Peruse has a simple and intuitive UI but I must admit that it is a just a couple of paces away from boring – the app needs a better-polished look to be able to compete with already famous comic book readers in the market.
Calibre developer Kovid Goyal is pleased to announce the availability of version 2.80 of his hugely popular, open-source and multi-platform ebook library management software.
Calibre 2.80 comes two weeks after Calibre 2.79 and appears to be a major release that introduces quite a bunch of new features and new news source, besides the usual bug fixes. The most significant addition being the ability to sideload KFX files that have been created using the third-party KFX plugin for Calibre.
tl;dr: you can use kexec to stage a kernel upgrade in-memory without the need for a full reboot. Your system will reload the new kernel on the fly and activate it. There will be a service restart of every running service as the new kernel is loaded, but you skip the entire bootloader & hardware initialization.
The developers of the open-source and multi-platform MAME (Multiple Arcade Machine Emulator) computer emulator application announced the availability of MAME 0.183.
MAME 0.183 is a maintenance and feature release of the software project that promises to add numerous functionality improvements, a bunch of bug fixes, and some new additions, such as support for some incredible rare systems, including Omega, Dodge Man, Flash Boy, Sega Sonic Cosmo Fighter, Galaxy Games StarPak 3, and Puzznic.
Realpolitiks [Steam, Official Site] is a new real-time (with pausing) grand strategy game from Jujubee S.A. and I was sent a key by the developer to be able to take a look.
It does have a demo available on Steam, so it will be worth taking a look to see if it's your thing.
A couple of things to note first of all: The game seems to be locked to 60FPS and you cannot adjust the scrolling speed or the interface at all. I actually found the text a bit too small, which didn't help my enjoyment of it.
This past week Valve brought SteamVR on Linux into public beta. With watching the constant hype around VR on Windows, I was quite excited to finally give VR a try with having lined up an HTC Vive for testing and currently Oculus or others not offering current Linux support. I was thinking that I would have some large GPU/driver comparisons and such completed this weekend, but once actually setting up the hardware and software, I realized that wasn't going to be feasible in such short time. So for those interested in the Linux VR space, here are some of my first impressions and why I would consider the current SteamVR more like an alpha release than beta, just yet another struggle Linux gamers face, and another obstacle to overcome if Linux is to be a more serious competitor to Windows in the gaming space.
Inside Serious Sam VR: The Last Hope is an 'easter egg' that may give the release date of Serious Sam 4.
As usual, the wider media and people who like to generate clicky headlines like to claim Steam Machines are dead in the water. The truth is though, that it's not quite so simple.
You might remember my little preview of The Exiled [Steam, Official Site] back in December, well it seems the game is now officially out in Early Access on Steam.
I did find it quite interesting and it is pleasing to see Linux gain another MMO, as it's a genre we still lack good titles in.
Railway Empire [Steam, Official Site] is an new strategy and simulation game from Gaming Minds Studios and Kalypso Media Digital that will support Linux.
For those that don't know, elusive targets are time-limited challenges where you're given an new target to kill. You only get one life too, so you have to be very careful. They are incredibly challenging and damn fun to do. I wonder if I will fail this one as miserably as I did my first one, but it sure will be fun to try!
The developers of strategy game Northgard [Steam] have confirmed their plans for a Linux version, they already have it working with SDL2 and OpenGL!
MATE 1.17 is a testing release, it has no official announcement like 1.16 stable release (odd = unstable, even = stable). But what made me interested is because Ubuntu MATE 17.04 includes it by default so I write this short review. The most fundamental news is about MATE Desktop is now completely ported to GTK+3 leaving behind GTK+2. You may be interested seeing few changes and I have tried Ubuntu MATE 17.04 Alpha 2 to review MATE 1.17 below. Enjoy MATE 1.17!
The good folks at KDE managed to engage a market of Linux desktop users underserved by other distribution models. Or, maybe it’s just me.
KDE has a long history in the desktop ecosystem. It was the first Linux desktop I was exposed to back in 2006. Back then, it was on OpenSUSE and it was clean and functional. For some reason after that, installing KDE had never really appealed to me. I’ve tested it out briefly when poking around at what the OpenSUSE guys were doing and I’ve run Kubuntu for brief snippets. For years, I’ve been trying to find out what type of desktop user I am and which distro fits my needs.
The KDE-FreeBSD team bumped Qt to 5.7.1 and KDE Frameworks to 5.31.0 in official ports last week, so we’re fairly up-to-date in that department. On FreeBSD, we still fully support Qt4 next to Qt5, so some of the delay in getting this stuff in is due to some shuffling of install locations. In particular, we’ve added qt-chooser in this round of updates, so that qmake is qmake — and no longer qmake-qt4 or some other suffixed binary. We use qt-chooser to switch out one or the other. Checking that this doesn’t break anything else — or at least making sure that everything still compiles — is what took the most time this round of updates.
Following "United" theme, there is also "Simple Menu" launcher for KDE Plasma 5.9. It's minimal, a smaller form of full screen menu; it's also clean, showing all applications at once. Honestly, it's UI is similar to Pantheon Menu in elementary OS but including categories. If you like horizontal-oriented menu, Simple Menu is suitable for you. It's available to install from KDE Store. Thanks to Sho for creating Simple Menu.
This KDE Twitter Plasmoids offers a simpler alternative to a desktop Linux twitter app like Choqok. See tweets, send tweets, and check mentions.
Some time ago I posted a blog post about how I packed telegram desktop client for flatpak. I’ve been updating it since then in some reasonable intervals as I don’t have time to update it more often and mostly because the telegram client’s build system breaks my build quite oftenly. Recently I discovered that someone managed to patch telegram to use system Qt libraries instead of building own patched Qt and building linking it statically. After some time I managed to adjust those patches and make them work with my build which allows me to use Qt from KDE runtimes. Here are new instructions how to get this work:
Let’s say you got a 64-bit ARM device running Android. For instance, the Tegra X1-based NVIDIA Shield TV. Now, let’s say you are also interested in the latest greatest content from the dev branch, for example to try out some upcoming Vulkan enablers from here and here, and want to see all this running on the big screen with Android TV. How do we get Qt, or at least the basic modules like QtGui, QtQuick, etc. up and running on there?
WebGL Streaming is optimized for Qt Quick and allows you to run remote Qt Quick applications in a browser.
A mix of Qt5, Vulkan, Android on AArch64, and a NVIDIA Shield TV with Tegra X1 SoC sounds like a fun weekend for those wanting to experiment with the latest Qt tool-kit possibilities in development.
Qt developer Laszlo Agocs has written a lengthy blog post about building the Qt5 dev branch for Android AArch64. His guide was done with a NVIDIA Shield TV. Thanks to using the Qt dev branch and the Tegra X1 SoC having Vulkan drivers, he was able to even show off Qt's forthcoming Vulkan enablement work.
Today I did a talk to introduce students of UNSAAC to the Fedora and GNOME world as it was announced by the GDG Cusco group. We started at 8:30 am and it was a free event:
There are a lot of complete themes for Firefox. We spoke about 3 of them in one of our previous articles. The good news today is that “GNOME 3” theme (which was also called Adwaita) for Firefox was updated. Now it’s working with all versions higher than Firefox 45.
Previously, the theme didn’t work with the recent versions of Firefox. So people had to switch to other available themes. Fortunately, this finally changed today when another developer took the code, fixed the compatibility problems and re-released the theme.
With the addition of over two thousand lines of code, GStreamer's video-convert code within gst-plugins-base is now properly multi-threaded.
Video scaling and conversion can now be multi-threaded when using GStreamer. With this multi-threading work by Sebastian Dröge, he commented with the commit, "During tests, this gave up to 1.8x speedup with 2 threads and up to 3.2x speedup with 4 threads when converting e.g. 1080p to 4k in v210."
The Linux power user is a celebrated breed, and one that does not simply burst fully-formed from the earth. All newbies must toil long and hard with their Linux installations before they can describe themselves as one.
At the very least, the power user will have a great degree of skill concerning all things Linux, whether it's the kernel, Bash or package management systems – and they won’t be afraid to get their hands dirty in the name of configuring the system.
The Calamares open-source universal installer framework for Linux-based operating systems has been updated recently to version 3.1, a major release the users of the KaOS GNU/Linux distribution can already enjoy if they download the latest ISO snapshot.
Bodhi Linux is a lightweight Ubuntu-based distro that appeared on the scene back in 2011. Its system requirements are among the lowest out there for any desktop Linux flavour. It can even run on a non-PAE CPU with 128MB of RAM and a 300MHz processor.
We didn’t have one of those lying around, but we did have a pretty old and dusty PC which we could test it on. The OS boasts a simple Ubiquity install process (just like you get on Ubuntu) and it’s a thoroughly usable, and not at all bad-looking, distro.
Linux From Scratch is a book which can be used to build an independent Linux distribution which doesn’t use any other Linux distribution as a base. It teaches you how things work under the hood and how to compile software and build your own Linux system. The guide is also free for all.
BLFS (Beyond Linux from Scratch) is an additional guide which will take you through graphical user interfaces setup, printing support, networking and more. It also contains a lot of great information.
It's been a while since hearing anything out of the Linux From Scratch (LFS) camp, but this weekend they announced the release of LFS 8.0 as well as Beyond Linux From Scratch (BLFS) 8.0.
Bruce Dubbs from the LFS (Linux From Scratch) and BLFS (Beyond Linux From Scratch) projects that allow experienced users to build their own Linux-based operating systems from scratch announced the release of Linux From Scratch 8.0 and Beyond LFS 8.0.
Both Linux From Scratch 8.0 and Beyond Linux From Scratch 8.0 major versions are available with and without the systemd init system, and they offer support for some of the latest GNU/Linux and Open Source components, including GCC (GNU Compiler Collection) 6.2.0, GNU Binutils 2.27, and Glibc (GNU C Library) 2.24.
This week marks the 17.01.0 final release of the Linux Embedded Development Environment (LEDE). They also presented at this week's Linux Foundation Embedded Linux Conference about their project that's a fork of OpenWRT and aims for router/embedded use-cases.
LEDE 17.01.0 final was released on Wednesday and modernizes many parts of its OpenWRT stack, switches to the Linux 4.4 kernel (from Linux 3.18), updates many pieces of key software, adds additional security features, improves networking support, and has a wide variety of other improvements.
It is with deep regret that we are announcing that the Manjaro-Arm team is shutting down. I started this project a little over a year ago with no intent to become the sole maintainer.
While the project is dying, the team has offered help to anyone who is willing to continue this project. The team will guide through all the process and even teach if needed. If anyone is interested in continuing this project, now is the time. Otherwise we all have to say goodbye to Manjaro-ARM.
This week we had to cancel a couple snapshots, as a regression in grub was detected, that caused issues on chain-loading bootloaders. But thanks to our genius maintainers, the issue could be found, fixed and integrated into Tumbleweed (and this despite being busy with hackweek! A great THANK YOU!). Despite those canceled snapshots, this review will still span 4 revisions: 0216, 0218, 0219 and 0224. And believe me, there have been quite some things coming your way.
Old build workers, rack mounted
Old build workers, rack mounted
One year after introducing a new kind of Open Build Service worker machines, the “lambkins”, the openSUSE Build Service got a big hardware refresh. The new machines, sponsored by SUSE, are equipped with:
2,8GHz AMD Opteron Processors (6348) 256 GB RAM one 120 GB SSD
Four of them are located in a chassis with a height of 2 units and run 12-16 workers on them (virtual machines, that are building packages).
That new build power allowed us to remove some of old machines from the pool. The unified hardware makes the management of the machines a lot easier now, even if there are still the most powerful old machines left.
While we had some fun and good food and drinks, we also managed to discuss a lot during the three days in the Nuremberg headquarter. This was needed because this was the first time that the Heroes came together in their current form. In the end, we managed to do no coding and even (nearly) no administration – but instead we started to discuss our (internal and external) policies and work flows – and did some decisions regarding the next steps and the future of the openSUSE infrastructure.
During last year's Summer of Code I had the honor of mentoring Nanduni Indeewaree Nimalsiri. She worked on Inqlude, the comprehensive archive of third party Qt libraries, improving the tooling to create a better structured web site with additional features such as categorization by topic. She did an excellent job with it and all of her code ended up on the master branch. But we hadn't yet made the switch to change the default layout of the web site to fully take advantage of all her work. As part of SUSE's 15th Hack Week, which is taking place this week, I took some time to change that, put up some finishing touches, and switch the Inqlude web site to the new layout. So here we are. I proudly present the new improved home page of Inqlude.
Hewlett Packard Enterprise (HPE) and Red Hat announced this week that they are working together to accelerate the deployment of network functions virtualization (NFV) solutions based on fully open, production-ready, standards-based infrastructures.
HPE plans to offer ready-to-use, pre-integrated HPE NFV System solutions and HPE Validated Configurations incorporating Red Hat OpenStack Platform and Red Hat Ceph Storage for communications service providers (CSPs).
The idea is to turn telcos into digital service providers using cloud services and new-gen infrastructure, helping them to add new lines of business to their platforms.
Undergoing rapid expansion, MyRepublic found it was increasingly challenging to innovate and grow via its existing infrastructure. Scaling out services, handling spikes in user demand, and resolving outages by simply re-using spare capacity from other services were also difficult to address with the ISP’s legacy infrastructure. Faced with the costly renewal of its proprietary software and aging hardware, MyRepublic chose to modernize its IT platform with a more scalable and flexible platform that could better meet its needs.
The earlier versions of DebianDog work flawlessly, but the latest release seems to suffer from some work-in-progress flaws.
I had very little trouble running the default software as-is. When I changed system settings or configured applications a certain way, those changes either did not work or were accompanied by a variety of glitches.
I also had some trouble getting the persistent memory options to work. A related problem was setting up the personal save storage file. These issues cropped up or did not appear at all, depending on the hardware I was using. I used the same boot CD and bootable DVD drive on all of my test computers.
DebianDog Linux is a good alternative for Linux users looking for something different. It is a very good OS choice if you work on multiple computers or travel around to various work locations and want all your work files on the same OS configuration that you carry in your pocket.
DebianDog can be a very workable alternative to lugging a laptop around.
The developers of the Voyager Linux OS announced the availability of the first Beta build of the upcoming Voyager 9 release, which will be based on the soon-to-be-announced Debian GNU/Linux 9 "Stretch" operating system.
Am I the only person to notice that comic book shop-owning Stuart (Kevin Sussman) on the "The Big Bang Theory" is wearing an Ubuntu T-shirt on the episode airing Thursday, Feb. 23, 2017? (It's Season 10, Episode 17, if that information helps you.)
The T-shirt appearance isn't as overt as Sheldon's mention of the Ubuntu Linux operating system way back in Season 3 (Episode 22, according to one YouTube video title), but it's an unusual return for Ubuntu to the world of "Big Bang."
Ubuntu is the most well-known version of Linux around. It’s how millions of people have discovered Linux for the first time, and continues to draw new users into the world of open source operating systems. So the interface Ubuntu uses is one many people are going to see.
In this area, Ubuntu is unique. Even as a new user, rarely will you confuse the default Ubuntu desktop for something else. That’s because Ubuntu has its own interface that you can — but probably won’t — find anywhere else. It’s called Unity.
Installing Ubuntu MATE onto my Raspberry Pi 3 was straight forward. You can easily use Etcher to write the image to a microSD card, the partition is automatically resized to fill your microSD card when the pi is powered up for the first time, and then you are sent through a typical guided installer. Installation takes several minutes and finally the system reboots and you arrive at the desktop. A Welcome app provides some good information on Ubuntu MATE, including a section specific for the Raspberry Pi.
The Welcome app explains that the while the system is based on Ubuntu MATE and uses Ubuntu armhf base, it is in fact using the same kernel as Raspian. It also turns out that a whole set of Raspian software has been ported over such as raspi-config, rpi.gpio, sonic-pi, python-sent-hat, omxplayer, etc. I got in a very simple couple of tests that showed that GPIO control worked.
This new release of Zorin OS Business takes advantage of the new features and enhancements in Zorin OS 12, our biggest release ever. These include an all new desktop environment, a new way to install software, entirely new desktop apps and much more. You can find more information about what’s new in Zorin OS 12 here.
Earlier this week, we told you that Black Lab Software, the developers of the Ubuntu-based Black Lab Linux distribution, published the roadmap of the next Black Lab Linux releases.
The official Ubuntu 17.04 flavors are available for download. Here's a quick look at what's new in the latest 17.04 beta release of Ubuntu Budgie, Xubuntu, Ubuntu GNOME, and Kubuntu.
This article doesn't cover Lubuntu, Ubuntu Kylin and Ubuntu Studio, flavors that also had a 17.04 beta 1 release, but which don't seem to have any interesting changes, at least according to their release notes. Other flavors, such as Ubuntu MATE, as well as Ubuntu (with Unity) did not take part in the 17.04 beta 1 release.
VIA unveiled an SODIMM-style COM based on its Cortex-A9 WM8850 SoC, with 512MB RAM and 8GB eMMC, plus Ethernet, CSI, graphics, USB, and serial ports.
The 68.6 x 43mm “SOM-6X50” computer-on-module appears to be VIA’s second-ever ARM COM. Back in Sept. 2015, the company released a 70 x 70mm Qseven form factor QSM-8Q60 COM, based on a 1GHz NXP DualLite SoC.
In a previous article, I published a small userspace image and Linux kernel for the Zenwatch 3 that enables root access with SSH over USB on the watch. By now, I reached my initial goal to get AsteroidOS, the alternative Android Wear operating system, running on the Zenwatch 3. Similar to SailfishOS and Ubuntu Touch, AsteroidOS uses the original Android kernel - a patched Linux kernel - with a GNU/Linux userspace that, in turn, also uses some of the original, closed-source Android libraries to access certain hardware like the GPU. As the Android libraries expect a different software ecosystem, e.g., a different C library called bionic, we cannot simply call the Android libraries from within a common GNU/Linux application. Instead, we need an additional software layer that translates between the Android and the common GNU/Linux world. This layer is called libhybris.
Harman Kardon, the company recently acquired by Samsung, has developed its very own Cortana speaker, which is very similar to the Amazon Echo but featuring Microsoft’s famous digital assistant.
And since Cortana is the key feature of this little device, it only makes sense for Harman Kardon to turn to Windows 10 to power the device. And yet, it looks like the so-called Harman Kardon is actually running Linux.
Mobile is the hottest industry. Banking and payments are rushing to mobile. Governments doing healthcare and education with mobile. Travel from airlines to taxis to trains and busses to hotel bookings is going mobile. Your driver's licence is migrating to the mobile phone as are your keys to your home. And all the other big tech stories from Internet of Things (IoT) to 'Big Data' analytics to Cloud computing - are all dependent on mobile. And next week we have the massive industry event in Barcelona, Mobile World Congress. My brand new TomiAhonen Almanac 2017 is now finished and is released today. So this is the perfect time to do my annual 'State of Mobile' blog of the major statistics. What are the big numbers. Lets start with reach. Yes, mobile is by far the most widely-spread communication technology humankind has ever witnessed.
The Tizen Store, as the name suggests, is the Tizen Application Store for developers to publish their free and paid for Tizen apps. In April 2015, we saw the store expand it’s coverage to include 182 countries, which was mainly for FREE apps, but we saw this as setting the foundation for providing paid for apps further down the road.
All three smartphones are running Android 6.0 Marshmallow, which is disappointing to see regardless of how affordable a device may be. The A3 and the U5 also come with special capabilities when it comes to your selfie taking needs, with features like Face Mask, Face Show, Selfie Album, Face Beauty, and more available.
Nearly two months after ZTE announced that the Blade V8 Pro would be coming to the US, the company is adding two new devices to the line: the Blade V8 Lite and Blade V8 Mini. Both phones will only be initially available in the Asia Pacific and Europe, including Russia, Japan, and Germany. Let’s check out the specs:
If it wasn't already clear that Lenovo is trying to cover every conceivable tablet niche, it is now. The tech giant has just introduced Tab 4 and Tab 4 Plus models that theoretically please everyone on a budget, ranging from parents to the productivity-minded. The 8- and 10-inch editions in each range can use an optional Kids Pack (a shock-resistant case, screen protectors and a blue light filter) to ready themselves for your little one's playtime. Suddenly, Amazon's Fire HD Kids tablets have fresh competition. And if you spring for one of the 10-inch tablets, there's a Productivity Pack whose Bluetooth keyboard and matching case automatically switch you to a work-oriented mode. No one will mistake the combo for a Surface, but it should be enough to get some quick office work done.
Now that Google has officially launched Android Wear 2.0 and released its own smartwatches made by LG, it’s time for the rest of the Android Wear partners to launch new models. And the first one out of the gate is Huawei, which is refreshing its Huawei Watch from 2015 with two new, sportier models.
Last year, LG swung for the fences with the G5, taking a radical approach to the nascent world of mobile modularity. It didn’t quite work as planned, and one year later LG is moving on from the failed experiment.
HMD Global, the company now whole sole responsible for manufacturing, selling and promoting Nokia phones throughout the globe, has slotted the event and is all set to take the centre stage with its new Nokia smartphone launches tomorrow.
GitHub has recently launched its Open Source Guides, a collection of resources addressing the most common scenarios and best practices for both contributors and maintainers of open source projects. The guides themselves are open source and GitHub is actively inviting developers to participate and share their stories.
TechRadar recently posted an article about "The best open source software 2017" where they list a few of their favorite open source software projects. It's really hard for an open source software project to become popular if it has poor usability—so I thought I'd add a few quick comments of my own about each.
Dropbox is looking to tackle unauthorized access and other security incidents in the workplace with a chatbot. Called Securitybot, it that can automatically grab alerts from security monitoring tools and verify incidents with other employers.
The company says that through the use of the chatbot, which is open source, it will no longer be necessary to manually reach out to employees to verify access, every time someone enters a sensitive part of the system.
The bot is built primarily for Slack, but it is designed to be transferable to other platforms as well.
Disillusion with chatbots has set in across the tech industry and yet Dropbox’s deep thinkers believe they have spotted the technology’s hidden talent: cybersecurity.
Many of us will have been involved in a free-software community that ran out of steam, and either ended up moribund or just plain died. Some of us will have gone through such cycles more than once; it's never nice to watch something that used to be a vibrant community in its death throes. Knowing what motivates the sort of people who get heavily involved in free software projects is really useful when trying to keep them motivated, and a systematic approach to understanding this is what Rina Jensen, Strategist at Mozilla, talked about at FOSDEM 2017.
Mozilla talks a lot about promoting innovation and opportunity on the web, and the organization does care a lot about those objectives, but the realities of day-to-day life can interfere and make working toward them tedious. The thinking was that if Mozilla could help make the experience for contributors better, then the contributors could make Mozilla better — but doing that required understanding how things could be better for contributors.
Music is a major part of everyone’s life, and our smartphones allow us to truly enjoy our music anywhere. Over the years, Android has received a fair share of excellent music player apps, and Shuttle Music Player has managed to stand out.
Shuttle is a music player following Google’s Material Design guidelines, and its listing is nearing 4 Million downloads. Currently, the app offers two versions: free and paid. The paid version is priced at $0.99 and has received over 50 thousand downloads on the Play Store already.
The 2017 Open Source Leadership Summit, put on by the Linux Foundation, brought together leaders from the open source community in Lake Tahoe last week to discuss timely open source topics. The topics that came up most throughout the conference included: open source becoming mainstream, future open source business models, security in a time where everything is connected, and a call to action to be active in technology policy.
Open source is becoming a larger focus for major companies, from Toyota to Disney to Walmart. While open source vendors continue to look to the Red Hat model as one of the most successful open source business models to date, entrepreneurs believe there are new models that can surpass this success. As the world becomes ever more connected to the internet, there are general concerns about security, and a call to take action in policymaking. Read on below to learn more about the conversations at the Open Source Leadership Summit.
In most cases, when a machine crashes or fails, we lose whatever we had loaded into memory, which for some applications can result in quite a bit of time and effort to recover when the system comes back online. At LinuxCon Europe, Maciej Maciejewski, Senior Software Engineer at Intel, talked about how persistent memory can be used to retain its contents after a power failure.
Despite efforts to enhance diversity, women continue to be under-represented in the science, technology, engineering and math (STEM) fields, and open-source software is no different.
A talk at the Linux Foundation’s Open Source Leadership Summit (OSLS), held last week in Lake Tahoe, highlighted some of the issues facing women in the open source community, from low participation to gender bias and unequal pay to overall job satisfaction.
If you love technology, you can find a space for yourself and connect with others around mutual interests, according to Avni Khatri, president of Kids on Computers (KoC), a nonprofit that sets up computer labs using donated hardware and open source software in areas where kids have no other access to technology.
During LinuxCon North America 2016, Khatri organized Kids Day, a day-long workshop that’s aimed at helping school-aged children get interested in computer programming. For Khatri, it’s also a way of furthering her dream of giving children unlimited access to education and helping them succeed in technology.
Do you like Open Source? Join Hackaday and Tindie at the largest community-run Open Source conference in North America. We’ll be at the Southern California Linux Expo next week, and we want to see you there.
IBM Interconnect 2017 is coming up next month in Las Vegas. Last year’s conference was a whirlwind of useful talks, inspiring hallway conversations, and great networking opportunities. I was exhausted by the week’s end, but it was totally worth it.
After much preparation, the tickets for foss-north 2017 is available at foss-north.se – grab them while they are hot!
Yesterday during our team meeting Eike told me that I’m a mobile C++ conference nowadays. While it sounds funny, it is true that I’ve been a bit more active than usual.
The hatchet is finally completely buried. Iceweasel was laid to rest a year ago with the return of Firefox to Debian. Now, Icedove gets to go gently into that good night as well, as the Thunderbird email client returns to Debian.
The first OpenStack Project Teams Gathering (PTG) event was held this week in Atlanta. The week was broken into two parts: cross-project work on Monday and Tuesday, and individual projects Wednesday through Friday. I was there for the first two days and heard a few discussions that started the same way.
The OpenStack Foundation has released Ocata, the 15th iteration of the popular open source cloud platform. The latest release has focused on enhancing core compute and networking services and expanding support for application container technologies.
The RDO community is pleased to announce the general availability of the RDO build for OpenStack Ocata for RPM-based distributions, CentOS Linux 7 and Red Hat Enterprise Linux. RDO is suitable for building private, public, and hybrid clouds. Ocata is the 15th release from the OpenStack project, which is the work of more than 2500 contributors from around the world (source).
Two Walmart associates who spoke recently at the Linux Foundation’s Leadership Summit provided some updates on the retailer’s efforts to automate its business.
According to Andrew Mitry, a distinguished engineer, Cloud, and Megan Rossetti, a senior engineer, Cloud, the company is expanding its cloud services to encompass more than its e-commerce business. And it’s streamlined its cloud services and DevOps teams into one group for the whole company.
Are you interested in keeping track of what is happening in the open source cloud? Opensource.com is your source for news in OpenStack, the open source cloud infrastructure project.
Princeton University’s web team had a complex and overwhelming digital ecosystem comprised of many different websites, created from pre-built templates and hosted exclusively on internal servers.
Fast forward six years: Princeton continues to manage a their multisite and flagship endeavors on the open-source Drupal platform, and have seen some great results since their migration back in 2011. However, this success did not come overnight. Organizational buy-in, multi-site migration and authentication were a few of the many challenges Princeton ran into when making the decision to move to the cloud.
Another open-source project, the Mozilla-backed (and Dipert-beloved) Thunderbird email client also mentioned as atypically thriving in my late-2012 blog post, is now also struggling. As is Firefox itself, which recently wound down its Firefox OS-for-smartphones efforts and is also facing browser add-on developer defections due to its embrace of Chrome-model APIs and other changes. Even mighty Linux is struggling with developer-induced bugs. Wonder if all this uncertainty is behind longstanding open-source poster child Munich, Germany's reconsideration of Microsoft products?
The second release candidate to the upcoming NetBSD 7.1 is now available for testing.
NetBSD 7.1 RC2 is primarily comprised of fixes since 7.1 RC1, and in particular, security fixes. The raw list of NetBSD 7.1 changes can be found here.
The developers of the FreeBSD-based TrueOS operating system (formerly PC-BSD) announced the release and general availability of a new stable build versioned 2017-02-22.
LLVM/Clang 4.0 are running a few days behind schedule but should be released in the very near future. With that said, here's our usual look at the new features of this next compiler infrastructure and C/C++ compiler front-end updates.
With a new website showcasing federal software code, the Pentagon is the latest government entity to join the open-source movement.
The Defense Department this week launched Code.mil, a public site that will eventually showcase unclassified code written by federal employees. Citizens will be able to use that code for personal and public projects. Code written by government employees can be shared with the public because that material usually isn't covered by copyright protections in the U.S., according to the Pentagon.
Non-profits that provide project support have proven themselves to be necessary for the success and advancement of individual projects and Free Software as a whole. The Free Software Foundation (founded in 1985) serves as a home to GNU projects and a canonical list of Free Software licenses. The Open Source Initiative came about in 1998, maintaining the Open Source Definition, based on the Debian Free Software Guidelines, with affiliate members including Debian, Mozilla, and the Wikimedia Foundation. Software in the Public Interest (SPI) was created in the late 90s largely to act as a fiscal sponsor for projects like Debian, enabling it to do things like accept donations and handle other financial transactions.
Software Freedom Conservancy is pleased to announce the addition of Clojars as its newest member project. Clojars is a community-maintained repository for free and open source libraries written in the Clojure programming language. Clojars emphasizes ease of use, publishing library packages that are simple to use with build automation tools.
Despite not much advertising, word has gotten around and we typically have 5-7 kids on Dojo nights, enough that all the makerspace's Raspberry Pi workstations are filled and we sometimes have to scrounge for more machines for the kids who don't bring their own laptops.
A fun moment early on came when we had a mentor meeting, and Neil, our head organizer (who deserves most of the credit for making this program work so well), looked around and said "One thing that might be good at some point is to get more men involved." Sure enough -- he was the only man in the room! For whatever reason, most of the programmers who have gotten involved have been women. A refreshing change from the usual programming group. (Come to think of it, the PEEC web development team is three women. A girl could get a skewed idea of gender demographics, living here.) The kids who come to program are about 40% girls.
In early 2017, the Raspberry Pi Foundation announced a Google developer survey, which requested feedback from the maker community on what tools they wanted on the Raspberry Pi. The blog post says that Google has developed tools for machine learning, IoT, wearables, robotics, and home automation, and that the survey mentions face- and emotion-recognition, speech-to-text translation, natural language processing, and sentiment analysis. "The survey will help them get a feel for the Raspberry Pi community, but it'll also help us get the kinds of services we need," the post explains. Meanwhile, data scientists aren't waiting around to put Google's TensorFlow, an open source software library for machine learning, to work on the Raspberry Pi.
Let's take a look at a few cool examples of machine learning with TensorFlow on the Raspberry Pi.
Using the Lapdock wired to the X3 charges the phone and provides the most reliable connection for Continuum. I found the wireless connection made things a little unreliable and choppy on some more graphically intense things like full-screen video playback. Connecting the phone is as simple as just plugging it in and watching a Windows 10 desktop burst to life on the Lapdock.
While the Windows 10 desktop looks familiar, this is exactly when I realized just how limited Continuum really is. There’s a Start Menu that’s basically the home screen of a Windows phone, and access to Cortana, but there’s a lot missing. Things like putting apps side by side simply don’t exist in this Continuum world, nor do a lot of the typical places you’d right-click on apps or use keyboard shortcuts to get to the desktop. If you’re a Windows power user like me, or even if you’re just used to a standard window management system, it’s immediately frustrating.
In 1975, researchers at Stanford invited a group of undergraduates to take part in a study about suicide. They were presented with pairs of suicide notes. In each pair, one note had been composed by a random individual, the other by a person who had subsequently taken his own life. The students were then asked to distinguish between the genuine notes and the fake ones.
Some students discovered that they had a genius for the task. Out of twenty-five pairs of notes, they correctly identified the real one twenty-four times. Others discovered that they were hopeless. They identified the real note in only ten instances.
The radiation levels in Fukushima's unit two reactor are so high they could kill a human in two minutes, according to data collected by a robot.
Tokyo Electric Power, the company which operates the nuclear plant in Fukushima, carried out a robotic survey of the area around the core that melted six years ago, following the earthquake and tsunami that triggered the nuclear accident.
But the scorpion robot Sasori got stuck inside the reactor after its crawling functions failed while climbing over highly radioactive debris and had to be abandoned inside the reactor.
It was created by Microsoft as a way to have a standard delivery date/schedule for updates that were being provided for the companies software. This allowed a lot of stability for users and IT Pros so they could be prepared for the monthly distribution oof the updates.
Well this month Microsoft has hit a snag with their monthly Patch Tuesday.
The bug resides in Apache SVN, an open source version control system that WebKit and other large software development organizations use to keep track of code submitted by individual members. Often abbreviated as SVN, Subversion uses SHA1 to track and merge duplicate files. Somehow, SVN systems can experience a severe glitch when they encounter the two PDF files published Thursday, proving that real-world collisions on SHA1 are now practical.
After sitting through an endless flood of headless-chicken messages on multiple media about SHA-1 being fatally broken, I thought I'd do a quick writeup about what this actually means.
Yes, SHA-1 has been cracked, but that doesn't mean your code in Git repositories is in any real danger of being hacked.
Linux creator Linus Torvalds says two sets of patches have been posted for the distributed version control system git to mitigate against SHA-1 attacks which are based on the method that Dutch and Google engineers detailed last week.
The post by Torvalds detailing this came after reports emerged of the version control system used by the WebKit browser engine repository becoming corrupted after the two proof-of-concept PDF files that were released by the Dutch and Google researchers were uploaded to the repository.
I thought I'd write an update on git and SHA1, since the SHA1 collision attack was so prominently in the news.
Quick overview first, with more in-depth explanation below:
(1) First off - the sky isn't falling. There's a big difference between using a cryptographic hash for things like security signing, and using one for generating a "content identifier" for a content-addressable system like git.
(2) Secondly, the nature of this particular SHA1 attack means that it's actually pretty easy to mitigate against, and there's already been two sets of patches posted for that mitigation.
(3) And finally, there's actually a reasonably straightforward transition to some other hash that won't break the world - or even old git repositories.
Thanks to Josh Triplett for sending us this Google Project Zero report about a dump of unitialized memory caused by Cloudflare's reverse proxies. "A while later, we figured out how to reproduce the problem. It looked like that if an html page hosted behind cloudflare had a specific combination of unbalanced tags, the proxy would intersperse pages of uninitialized memory into the output (kinda like heartbleed, but cloudflare specific and worse for reasons I'll explain later). My working theory was that this was related to their "ScrapeShield" feature which parses and obfuscates html - but because reverse proxies are shared between customers, it would affect *all* Cloudflare customers. We fetched a few live samples, and we observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security. "
SELinux is well known as the most sophisticated Linux Mandatory Access Control (MAC) System. If you install any Fedora or Redhat operating System it is enabled by default and running in enforcing mode. So far so good.
Some people worry a lot about security issues. Anyone can worry about their personal information, such as credit card numbers, on the Internet. They can also be concerned with someone monitoring their activity on the Internet, such as the websites they visit. To help ease these frustrations about the Internet anyone can use the Internet without having to “look over their shoulder”.
Cloudflare revealed a serious bug in its software today that caused sensitive data like passwords, cookies, authentication tokens to spill in plaintext from its customers’ websites. The announcement is a major blow for the content delivery network, which offers enhanced security and performance for more than 5 million websites.
This could have allowed anyone who noticed the error to collect a variety of very personal information that is typically encrypted or obscured.
In the last 24 hours, news broke that a serious Cloudflare bug has been causing sensitive data leaks since September, exposing 5.5 million users across thousands of websites. In addition to login data cached by Google and other search engines, it is possible that some iOS applications have been affected as well. With the scale of this leak, the best course of action is to update every password for every site you have an account for. If there was ever a good time to modernize your password practices, this is it.
As consumers and denizens of the Internet, we have a responsibility to be aware of the risks we face and make an attempt to mitigate that risk by taking best-effort precautions. Poor password and authentication hygiene leaves a user open to risks such as credit card fraud and identity theft, just like forgetting to brush your teeth regularly can lead to cavities and gum disease. This leaves us with the question of what good password and authentication hygiene looks like. If we stick with the (admittedly poorly chosen) dentistry analogy, then there are five easily identifiable aspects of good hygiene.
The award-winning Smoothwall Express open-source firewall—designed specifically to be installed and administered by non-experts—continues its forward development march with a new 3.1 release.
Ever since Wire launched end-to-end encryption and open sourced its apps one question has consistently popped up: “Is there an independent security review available?” Well, there is now!
The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information.
The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority. The privacy order's data security obligations are scheduled to take effect on March 2, but Chairman Ajit Pai wants to prevent that from happening.
The data security rule requires ISPs and phone companies to take "reasonable" steps to protect customers' information—such as Social Security numbers, financial and health information, and Web browsing data—from theft and data breaches.
"Chairman Pai is seeking to act on a request to stay this rule before it takes effect on March 2," an FCC spokesperson said in a statement to Ars.
One of the world's oldest programming styles, the ladder logic that runs on industrial programmable logic controllers, remains dangerously vulnerable to attack, according to boffins from Singapore and India.
The researchers – Naman Govil of the International Institute of Information Technology, Hyderabad; and Anand Agrawal and Nils Ole Tippenhauer of the Singapore University of Technology and Design – explain that for all the attention paid to attacks like Stuxnet, there's a dearth of work looking at what's going on at the control logic level.
All of the major technology vendors are making a play in the Internet of Things space and there are few organisations that won’t benefit from collecting and analysing the vast array of new data that will be made available.
But the recent Mirai botnet is just one example of the tremendous vulnerabilities that exist with unsecured access points. What are the main security considerations and best practices, then, for businesses seeking to leverage the potential of IoT?
Thousands of mourners gathered in a small Egyptian town on Wednesday for the funeral of the Muslim cleric known as "the blind sheikh" who was convicted of conspiracy in the 1993 World Trade Center bombing in New York.
Omar Abdel-Rahman, who was also convicted of planning a broader "war of urban terrorism" in the United States, died on Saturday in a North Carolina prison aged 78.
Movements across the Islamist spectrum from the Muslim Brotherhood to al Qaeda issued statements mourning him, and several leaders from Egypt's Islamic Group, which views the sheikh as a spiritual leader and renounced violence in 1997, attended.
Egyptian security officials say suspected militants have killed two Christians in the restive north of the Sinai Peninsula, days after an Islamic State affiliate vowed to step up a wave of attacks on the embattled minority.
The officials said Saad Hana, 65, was shot dead and his son Medhat, 45, was abducted and burned alive before their bodies were dumped on a roadside in el-Arish on Wednesday.
India has expressed shock after the fatal shooting of an Indian national in the US, amid reports that the attack may have been racially motivated.
Srinivas Kuchibhotla died shortly after Wednesday's attack at a bar in Olathe, Kansas. His friend Alok Madasani, also from India, and an American were hurt.
Adam Purinton has been charged with premeditated first-degree murder.
The killing dominated news bulletins in India and social media, where some blamed Donald Trump's presidency.
This isn’t really about some loser losing it. It’s about Trump not understanding leadership. If he understood leadership, he would lead his country towards the light not towards Hell. If he’s doing it deliberately, and understands leadership, he is a traitor to USA of the first magnitude.
US President Donald Trump has vowed to start building a wall on the Mexican border "soon, way ahead of schedule", in a speech at a conservative event.
Addressing the Conservative Political Action Congress (CPAC), he vowed to always put American citizens first and build a "great, great border wall".
He also promised to focus on "getting bad people out of this country".
Trump is not so stupid that he doesn’t know smugglers are entrepreneurial, so this is just another lie in a long line of them, about a project of no value except getting elected by haters and lazy voters who are now aroused and angry and going after their congresspeople.
Christian families and students fled Egypt's North Sinai province in droves on Friday after Islamic State killed the seventh member of their community in just three weeks.
A Reuters reporter saw 25 families gathered with their belongings in the Suez Canal city of Ismailia's Evangelical Church and church officials said 100 families, out of around 160 in North Sinai, were fleeing. More than 200 students studying in Arish, the province's capital, have also left.
Seven Christians have been killed in Arish between Jan. 30 and Thursday. Islamic State, which is waging an insurgency there, claimed responsibility for the killings, five of which were shootings. One man was beheaded and another set on fire.
The BBC appear enraptured by the apparent death of Ronald Fiddler in Mosul fighting for Islamic State forces. Fiddler was a former inmate of Guantanamo Bay, so this “vindicates” the War on Terror. The BBC are leading every news bulletin and giving us full spectrum security services propaganda. We have MI6 mouthpiece Frank Gardner, the discredited neo-con chancers of the Quilliam Foundation and the far right professional supporter of military attacks on the Middle East, Afzal Ashraf, all giving us their views every half hour on the BBC.
It has never been disputed that Ronald Fiddler was tortured in Guantanamo, which is partly why he was paid substantial compensation by the British government. It does not seem to have occurred to the BBC as worth any consideration that the fact Fiddler emerged from Guantanamo and apparently became a supporter of violent Islam, does not in any sense prove that he was a violent islamist before being tortured in Guantanamo. Yet that Guantanamo was the cause of his extreme alienation is on the surface highly probable.
The Nuclear Question is becoming increasingly obfuscated by spin and lobbying as the West sleepwalks into Cold War II — a walk made all the more dangerous when the loose lips of the U.S. tweeter-in-chief announced that another nuclear arms race is a great idea (see link and link). Two Cold War II issues are central and almost never addressed: What will be the Russians’ understanding of all the propaganda surrounding the Nuclear Question and the looming American defense spendup? And how might they act on this understanding?
The Western-backed war in Syria, like the invasion of Iraq, was so smothered by propaganda that truth was not only the first casualty but has been steadily suffocated for five years, now reaching the Oscars, says Rick Sterling.
It’s well documented that the FBI is keen on adopting new technologies that intrude on our civil liberties. The FBI’s enthusiasm for technology, however, doesn’t extend to tools that make it easier for the public to understand what the agency is up to—despite such transparency being mandated by law.
A lawyer acting for Wikileaks founder Julian Assange told NBC News there is "great concern" among his team that a new Ecuadorian president could force him out of the country's London embassy and warned his health was deteriorating.
Ecuador's presidential race will be decided in a run-off election, to be held April 2, between ruling party candidate Lenin Moreno and opposition candidate Guillermo Lasso.
Moreno has indicated he would back Assange's continued stay, while Lasso has indicated he would evict the Australian activist within 30 days of taking office.
"We are preparing potential legal remedies should the opposition come to power in Ecuador," Jennifer Robinson, a member of the legal team representing Assange and Wikileaks, told Keir Simmons on MSNBC Saturday.
A lawyer acting for Wikileaks founder Julian Assange told NBC News there is "great concern" among his team that a new Ecuadorian president could force him out of the country's London embassy and warned his health was deteriorating.
Ecuador's presidential race will be decided in a run-off election, to be held April 2, between ruling party candidate Lenin Moreno and opposition candidate Guillermo Lasso.
Moreno has indicated he would back Assange's continued stay, while Lasso has indicated he would evict the Australian activist within 30 days of taking office.
A new theory has emerged as a possible explanation for climate change. Human generated electromagnetic radiation may contribute to global warming by diverting a natural energy force termed KELEA (kinetic energy limiting electrostatic attraction) from its presumed association with cosmic rays. This theory states that cosmic ray delivered KELEA normally participates in the formation of clouds, by transforming electrostatically inert particles into electrostatic aerosols capable of acting as cloud condensation nuclei (CCN). These clouds then act as a reflective barrier to some of the infrared radiation from the sun, thereby, reducing the earth’s heat.
Filmmaker Jahnny Lee working with the Sundance Institute was arrested yesterday by North Dakota police while filming a stand-off between police and water protectors. He was charged with “obstruction of a government function.” I can only surmise that the charge of “criminal trespass,” leveled at Jihan Hafiz and many other journalists while covering events of the Standing Rock resistance against the DAPL pipeline, could not be used against Jahnny because he was on State Highway 1806. (How can one trespass on a highway?)
A Unique Approach to Habitat Conservation in Culebra, Puerto Rico
“Swedish people are quite keen on being out in nature and they are aware of what we need do on nature and environmental issues,” Gripwall says. Despite these successes, Swedish authorities are not satisfied. Gripwall says the eventual aim in Sweden is to stop people from sending waste to recycling in the first place; instead, they are actively promoting repairing, sharing and reusing, and assessing other futuristic waste collection techniques. In this respect, Sweden is a practical role model for the rest of the world.
You may accept, by now, that robots will take over lots of jobs currently held by human workers. But you probably believe they won't be taking yours. Though other industries are in danger, your position is safe.
That's according to a report released Thursday by LivePerson, a cloud-based messaging company that provides customer service messaging software to companies and which surveyed 2,000 U.S.-based consumers online in January. Their researchers find that only three percent of respondents say they experience fear about losing their job to a robot once a week. By contrast, more than 40 percent of respondents never worry about it.
The shadowy donor group that gave the Democratic Unionist Party €£425,000 during the Brexit referendum campaign has links to the former Director General of the Saudi intelligence service – also the father of the current Saudi Ambassador to the UK – openDemocracy can reveal.
The donation to Arlene Foster’s party – which was used to fund key Leave campaign advertisements across the UK in the run up to the European referendum – was initially kept hidden because of Northern Ireland’s donor secrecy laws. However, under pressure from activists after openDemocracy revealed how Brexit campaigners were funnelling dark money through Northern Ireland to fund “Take Back Control” adverts, the Democratic Unionist Party was forced last night to reveal its major donor to be a group calling itself the Constitutional Research Council.
The NPR story mentions the US-backed Yemen catastrophe, but only in the context of the botched January 29 raid, which it euphemistically says had “mixed and disputed results,” without mentioning that those results included the death of an eight-year-old girl—a US citizen—and dozens of other civilians (though the linked article does, ten paragraphs down).
NPR glosses over the January raid by insisting it was “planned during Barack Obama’s final days” (again, that which is bipartisan must therefore be normal and moderate and good) but even this is misleading. Lots of things are “planned” by the military; whether a president greenlights them depends upon their disposition and, yes, restraint. Members of Obama’s inner circle have denied “planning” such a raid at all.
The problem with this framing is that Trump does not have the power to unilaterally change what rights transgender students have. These rights derive from Title IX, a federal law passed in 1972, that bars discrimination based on gender in publicly funded schools. It was a series of federal court rulings, not the Obama administration’s say-so, that found that protection against gender discrimination extends to trans people.
President Trump blames Mexicans, Chinese and other foreigners for the plight of downwardly mobile Americans but the real culprits are his corporatist pals who grab the lion’s share of the wealth from U.S. global dominance, says JP Sottile.
Hungarian Prime Minister Orban looking at the Bavarian and the Hungarian flag in front of the parliament building in Budapest, Hungary, March 2016. Peter Kneffel DPA/Press Association. All rights reserved.There is nothing new in consecrated terms being used in an entirely novel sense without announcing the change, and thereby misleading readers. It happens every day. It is no surprise if, being unable to explain a new phenomenon, people give it a resounding name instead of a theory or at least a description. This is what is happening with ‘populism’ or ‘right populism’ – or even ‘left populism’ – words used to depict states of affairs old as the hills at the same time as surprisingly new ones. ‘Populism’ has become a synonym of ‘I don’t understand it, but I was asked to talk about it’.
Democrats on Saturday chose Tom Perez to lead the party, sparking criticism from progressive organizations who say picking the former labor secretary over the other front-runner, Rep. Keith Ellison (D-Minn.), was a missed opportunity for the party.
Perez's win was secured in a second round of voting by the Democratic National Committee (DNC) gathered in Atlanta, getting 235 votes to Ellison's 200.
It marks the end of a race many observers saw as a choice between the establishment and the progressive wing of the party. Ellison had the backing of lawmakers like Sens. Bernie Sanders (I-Vt.) and Elizabeth Warren (D-Mass.) and groups including National Nurses United and the Communications Workers of America; Perez was backed by "many from former President Obama's political orbit," as ABC News writes, and "is viewed—with good reason—as a reliable functionary and trustworthy loyalist by those who have controlled the party and run it into the ground," journalist Glenn Greenwald wrote this week.
A man interviewed by Bill O’Reilly of Fox News this week, who was identified in an on-screen caption as a “Swedish Defense and National Security Advisor,” turns out to be entirely unknown in his native country, with no connections to either the nation’s defense or security services.
As the Swedish newspaper Dagens Nyheter reported on Friday, Nils Bildt, who echoed President Donald Trump’s debunked claim that immigrants from Muslim majority nations had driven a rise in violent crime in Sweden, has no known expertise in national security, and has not lived in his homeland since 1994. Officials at the Swedish Defense Ministry and Foreign Office told the newspaper they have never heard of this “unknown Bildt.”
While the Washington press corps is expressing ever-greater alarm over President Donald Trump’s mounting attacks on journalists — culminating in Friday’s banning of some leading outlets from a White House press briefing — the media executives who sign their paychecks are praising the new administration for a deregulatory agenda that would likely boost company profits.
Les Moonves, the chief executive and chairman of CBS Corporation, told investors recently that he is “looking forward to not having as much regulation and having the ability to do more.”
Moonves specifically celebrated the appointment of Trump’s new FCC chairman, former Verizon attorney Ajit Pai, calling him “very beneficial to our business.”
The media industry arguably helped Trump enormously in the early presidential campaign with extensive coverage that drowned out his competitors and left little room for discussion of the substantive policy issues facing voters. Now it has a lot to gain if the FCC begins a new wave of ownership deregulation and relaxes certain limits that currently prevent media conglomerates from controlling a large swath of local television stations, and prevent firms from owning television stations and newspapers in the same media market.
The BBC is to launch a major new unionist propaganda channel in time for the next Independence referendum. There will be 80 new unionists employed as journalists. Close relatives of senior Labour party figures are particularly welcome to apply, and in a new broadening of BBC Scotland employment policy, a larger percentage of Ruth Davidson fans will also be recruited. The news of the new job opportunities is especially welcome to the large number of Labour Party hacks who will be unemployed following the Scottish council elections in May.
Tom Perez, the former Obama administration secretary of labor, was elected Saturday to chair a Democratic National Committee that must rapidly renew the party after a devastating 2016 election cycle that saw Republicans take control of the executive and legislative branches of the federal government and most statehouses.
“A united Democratic Party is not only our best hope,” declared Perez, “it is Donald Trump’s worst nightmare.” That is undoubtedly true.
But Perez clearly recognizes that he will have to work hard to first unite the party and then transform it into a dramatically more grassroots-oriented and ideologically progressive political force within a broader resistance to Trump.
President Trump announced Saturday he will not be attending this year's White House Correspondents' Association dinner, a break with past presidents.
"I will not be attending the White House Correspondents' Association Dinner this year. Please wish everyone well and have a great evening!" Trump tweeted.
The New York Times reports that it and at least two other media outlets, CNN and Politico, were barred today from a White House press event. Also locked out were the LA Times and Buzzfeed, writes Politico's Dan Diamond.
The White House has blocked several major news outlets from covering its press briefing.
White House Press Secretary Sean Spicer on Friday hand selected news outlets to participate in an off-camera “gaggle” with reporters inside his West Wing office instead of the James S Brady Press Briefing Room.
The news outlets blocked from the press briefing include organisations who President Trump has criticised by name. CNN, BBC, The New York Times, LA Times, New York Daily News, BuzzFeed, The Hill, and the Daily Mail, were among the news outlets barred from the gathering.
Even before the Revolutionary war began, the founding fathers and mothers articulated how important the freedom of the press is. The Continental Congress – the legislative body of these political minds – wrote in 1774:
"The last right we shall mention regards the freedom of the press. The importance of this consists, besides the advancement of truth, science, morality, and arts in general, in its diffusion of liberal sentiments on the administration of Government, its ready communication of thoughts between subjects, and its consequential promotion of union among them, whereby oppressive officers are shamed or intimidated into more honorable and just modes of conducting affairs."
News organisations including The New York Times, the Los Angeles Times, CNN and Politico were blocked from joining an informal, on-the-record White House press briefing. Key points:
The Associated Press chose not to participate in the gaggle after White House press secretary Sean Spicer restricted the number of journalists present for the briefing.
Typically, the daily briefing is televised and open to all news organisations credentialed to cover the White House.
On Friday, hours after President Donald Trump delivered a speech blasting the media, Mr Spicer invited only a pool of news organisations that represents and shares reporting with the larger press corps.
Every bit as meaningless as Trump's promise to "drain the swamp." The Beltway Swamp is drain-proof. The process that populates the swamp is rigged. Not in the "millions of illegal votes from illegals" way... or even the "I can see the Russians hacking the election from my house" way. It's rigged because the only federal agency charged with making sure the election process is fair and equitable can't -- actually, won't -- do a single thing to ensure the process' integrity.
Is it really safe for you to return to Sweden, asked an American friend, jokingly, when I prepared to check out from my hotel in Washington, D.C. President Donald Trump had just warned his audience in Melbourne, Florida, about Muslim immigrants and terrorism in Europe. “You look at what happened last night in Sweden” the president yelled, “Sweden! Who would believe this!”
Swedes took to social media to speculate about which awful event he referred to. An aged pop star had technical problems during rehearsal for a popular music contest, observed someone. Another Swede tweeted that out of respect for the families of victims we should not speculate about the terrible event until after it actually occurs. #lastnightinsweden quickly became a meme.
Breitbart News Network, the far-right media outlet that heralded President Trump’s rise and was once led by his top White House strategist, is owned in part by a wealthy conservative family that poured millions into propelling Trump into office, the company’s chief executive acknowledged Friday.
The site’s financial backing from the Mercers further cements the family’s status as some of the most influential financiers of the Trump era. The news comes as Breitbart has enjoyed a higher profile within the White House press corps.
“Why does nobody ever go to jail?” asked Mandy Grunwald, a messaging guru for the Hillary Clinton campaign, in an email in 2015 to eight other top campaign officials.
She was responding to a settlement announced by the Department of Justice with several large banks that had manipulated foreign exchange markets. Though the banks pled guilty as institutions, no individual banker was punished.
Thirty years ago one of the most famous public service announcement ad campaigns was launched. “This Is Your Brain on Drugs” featured a man asking the audience if they understood the dangers of drug use. He then held up an egg, saying, “This is your brain.” He motioned to a frying pan, “This is drugs.” He then cracked the egg into the pan and as the egg fried said, “This is your brain on drugs.”
Now just a bit more than a month into President Donald Trump’s administration, I’ve found myself returning to the imagery of that ad because it seems to so perfectly encapsulate the cognitive damage that we risk as a result of the Trump presidency.
While there is little question that the Trump team is set to unravel our democracy, our foreign relations and every stitch of political progress our nation has ever made; that isn’t all that is at stake here. A healthy democracy depends on an active and engaged citizenry. It demands a citizenry attentive to issues and able to productively debate and dialogue. But, most important, it requires a nation that can think.
The below is a post by Spokesperson Maryam Namazie on restrictions faced when speaking at universities.
According to a recent report, more than nine in 10 UK universities are restrictive of free speech. This doesn’t surprise me at all. I continue to face restrictions of varying degrees, though this is changing due to the widespread push-back in defence of free expression.
Nowadays, I find that universities don’t bar me outright as Warwick University initially did nor do Islamic Societies (ISocs) organise to cancel and threaten my talk as at Goldsmiths. Their efforts are often more covert though no less sinister.
The Electronic Frontier Foundation has warned the Copyright Office that aggressive copyright enforcement policies could stifle innovation, free speech, and other basic human rights. Anti-piracy filters, website blockades, and terminating Internet accounts of repeat copyright infringers, will come at a high cost, the organization says.
THE UK GOVERNMENT has shelved plans to enforce an 'anti-piracy' law on search engines after Google and Microsoft agreed to a voluntary code earlier this week.
The code agreed earlier this week and will oblige Google and Bing to make it harder for people to find pirated media on their search engines.
It has also forced the UK government to remove an anti-piracy amendment made to the Digital Economy Bill that would have forced the search firms to take action on 'pirated' content.
The rise of abusive remarks in online comments sections has prompted some publishers to do away with the comments feature altogether. But Google said its technology incubator has developed an alternative solution: a troll filter dubbed Perspective that's powered by machine learning.
Launched today by Google Jigsaw, Perspective is an application program interface (API) built on human reviewer ratings of hundreds of thousands of online comments. Starting from this human-determined baseline of what makes comments "toxic," Perspective then learns to automatically identify similar comments so they can be flagged by online publishers.
Here in the United States, if the internet isn’t working, or is working slowly, the solution is often as simple as calling tech support. In most cases, they’ll have the user run a speedtest, and there are millions of sites and applications that provide this service. However, there aren’t so many sites that allow users to see who has access to their information, and for people in countries where the internet is censored or restricted, even the fastest internet connection won’t grant them open access to information.
The National Press Club has condemned Donald Trump’s exclusion of select media outlets from a White House press conference, calling the unprecedented action “deeply disturbing” and likening it to censorship.
Senior figures from the world's leading professional organisation for journalists joined a host of other industry leaders in protesting the decision announced by White House Press Secretary Sean Spicer to block news outlets including CNN, The New York Times, BBC, The Guardian and BuzzFeed from the off-camera “gaggle”.
“I find it deeply disturbing and completely unacceptable that the White House is actively running a campaign against a constitutionally enshrined free and independent press,” the club's president, Jeffrey Ballou, said in a statement.
With that programming note, out of the way, my first stop is the main hall, where the topic du jour is… “Censorship on campus,” featuring recently notorious professor Jordan Peterson, who has been involved in an ongoing dispute over his right to use whatever pronouns he chooses, even over the objections of a target thereof.
Miami Beach Mayor Philip Levine and President Donald Trump are two peas in a pod.
While Trump blasts news organizations for "fake coverage," and closes off press to White House gaggles, Levine takes censorship a step further, trying to gag the press by blocking them off of social media. Mayor Levine's feelings are so fragile, in fact, that he's gone block-happy on Twitter, censoring reporters and members of the public who raise questions about his tenure as mayor or say, well, pretty much anything else he doesn't like.
Facing jail or a fine, Lena Hendry says she is baffled why she's only one charged when documentary was shown at international conference and by other groups.
Once again our elected state representatives are attempting to nail a lid on the constitutional right to protest, assemble, and express contrasting ideas. The recent bill passed by the state Senate to ostensibly protect businesses from property damage perpetrated by so-called professional anarchists is a thinly veiled attempt to intimidate and punish citizens who get off the couch and activate their right to protest.
Laws that punish violence and mob rule are already on the books and have been so for generations. I suggest that these elected officials see themselves as police rather than representatives of the people. Controls and censorship seem to be the prevailing philosophies driving many folks in the Arizona government and feeding on people’s fear of the “what ifs” is their tactic to nail down the commonweal to a prescribed set of behaviors they deem acceptable.
It’s ironic that a film which shows women as individuals with sexual needs and fantasies is suddenly such a big deal. I read that it was rejected because it might make "one particular section of the society" uncomfortable.What should really make the society uncomfortable are item songs like ‘Fevicol Se’ (Dabangg 2) where women are compared to tandoori murgi. Or the sexual jokes in films like Mastizaade that objectify women. I think the only section such a movie would offend are alpha males who cannot comprehend a woman's existence outside their stunted perception of gender roles, people who don't care for creative liberties, or general social progress of any kind.
The filmmaker said the movie was based on on intimacy and personal lives of ordinary women and their struggles.
Prime Minister Andrew Holness says that his Government will not give in to any public urge for censorship as a response to controversial cultural activities, including dancehall music.
Holness told a breakfast meeting with members of the board and senior editorial staff of the Jamaica Observer at the newspaper’s Beechwood Avenue head office in Kingston on Friday that education would be a better response to public alarm regarding anything that may be considered offensive.
Techdirt stories on China tend to paint a fairly grim picture of relentless surveillance and censorship, and serve as a warning of what could happen in the West if government powers there are not constrained. But if you want to see how a real dystopian world operates, you need to look at what is happening in the north-western part of China's huge domain. Xinjiang was originally a turkic-speaking land, but the indigenous Uyghur population is increasingly swamped by Chinese-speaking immigrants, which has caused growing unrest. Violent attacks on the Chinese population in the region have led to a harsh crackdown on the Uyghurs, provoking yet more resentment, and yet more attacks.
The danger to our privacy is growing commensurately with the development of sophisticated biometric technology. More and more companies are using biometrics, such as requiring our fingerprints to access amusement parks, or scraping social media for our faces.
The San Jose City Council is considering a proposal to install over 39,000 “smart streetlights.” A pilot program is already underway. These smart streetlights are not themselves a surveillance technology. But they have ports on top that, in the future, could accommodate surveillance technology, such as video cameras and microphones.
EFF and our allies sent a letter to the San Jose City Council urging them to adopt an ordinance to ensure democratic control of all of that community’s surveillance technology decisions—including whether to plug spy cameras into the ports of smart streetlights.
Appeals Court Should Find Warrant Violated Fourth Amendment Protections
Boston—An FBI search warrant used to hack into thousands of computers around the world was unconstitutional, the Electronic Frontier Foundation (EFF) told a federal appeals court today in a case about a controversial criminal investigation that resulted in the largest known government hacking campaign in domestic law enforcement history.
The Constitution requires law enforcement officers seeking a search warrant to show specific evidence of a possible crime, and tie that evidence to specific persons and places they want to search. These fundamental rules protect people from invasions of privacy and police fishing expeditions.
But the government violated those rules while investigating “Playpen,” a child pornography website operating as a Tor hidden service. During the investigation, the FBI secretly seized servers running the website and, in a controversial decision, continued to operate it for two weeks rather than shut it down, allowing thousands of images to be downloaded. While running the site, the bureau began to hack its visitors, sending malware that it called a “Network Investigative Technique” (NIT) to visitors’ computers. The malware was then used to identify users of the site. Ultimately, the FBI hacked into 8,000 devices located in 120 countries around the world. All of this hacking was done on the basis of a single warrant. The FBI charged hundreds of suspects who visited the website, several of whom are challenging the validity of the warrant.
Linux is always a better option than other operating systems in terms of security, and it is an ideal OS for the privacy and security conscious user, but the best way to secure your online activity and increase your privacy is to use a good Linux VPN, a Virtual Private Network that encrypts all your internet traffic and prevents monitoring of your online communications. VPNs are useful tools to access business or home networks when you are traveling, and region-restricted websites, hide your browsing activity when you use a public Wi-Fi connection, avoid internet censorship, and download files.
The new chairman of the U.S. Federal Communications Commission will seek a stay on privacy rules for broadband providers that the agency just passed in October.
FCC Chairman Ajit Pai will ask for either a full commission vote on the stay before parts of the rules take effect next Thursday or he will instruct FCC staff to delay part of the rules pending a commission vote, a spokesman said Friday.
Your Internet service provider’s (ISP) ability to not only spy on you, but to profit on that spying, has been upheld by the FCC. Ajit Pai, President Trump’s pick for the new FCC Chairman has made it clear that he is going to overturn wide-reaching data security and privacy order that the FCC had originally agreed upon back in October of 2016 under Tom Wheeler. The privacy order, which would have come into effect by December 4, 2017, would have forced large ISPs, such as AT&T, to get user consent before selling personal information such as web browsing history, to third party advertisers. The data security order, which would have come into effect by March 2nd, 2017, would have forced phone companies and ISPs to take steps to protect any sensitive user information such as social security number or health information.
Adm. Michael Rogers — both head of the National Security Agency (NSA) and Cyber Command — is pushing for widespread changes to the U.S.'s treatment of cyber weaponry, including contracting private sector firms to develop arms.
“In the application of kinetic functionality — weapons — we go to the private sector and say, ‘Build this thing we call a [joint directed-attack munition], a [Tomahawk land-attack munition].’ Fill in the blank,” he said at a conference in San Diego, as quoted by the Department of Defense.
“On the offensive side, to date, we have done almost all of our weapons development internally,” Rogers said. “And part of me goes — five to 10 years from now is that a long-term sustainable model? Does that enable you to access fully the capabilities resident in the private sector? I'm still trying to work my way through that, intellectually.”
Late last year, Thomas Fox-Brewster of Forbes uncovered a strange search warrant among a pile of unsealed documents. The warrant -- approved by a magistrate judge -- allowed law enforcement officers to demand that everyone present at the searched location provide their fingerprints to unlock devices seized from the same location.
In support of its request, the government cited cases dating back to 1910, as though they had any relevance to the current situation. The most recent case cited was 30 years old -- still far from easily applicable to today's smartphones, which are basically pocket-sized personal data centers.
The judge granted it, stating that demands for fingerprints, passwords, or anything (like encryption keys) that might give law enforcement access to the devices' content did not implicate the Fourth or Fifth Amendments. While the magistrate was correct that no court has found the application of fingerprints to unlock devices to be a violation of the Fifth Amendment, the other access options (passwords, encryption keys) might pose Fifth Amendment problems down the road.
NSA and US Cyber Command boss Mike Rogers has revealed the future direction of his two agencies – and for the private sector, this masterplan can be summarized in one word.
Palantir Technologies Inc., the data mining company named after the all-seeing stone from the Lord of the Rings, likes to apply J.R.R. Tolkien references to many aspects of its business. The name of its London office is Grey Havens, a major strategic port in the fantasy trilogy’s Middle Earth setting.
It’s an apt moniker since the U.K. capital has become a vital hub driving growth of the $20 billion startup. Palantir has roughly tripled annual revenue from Europe over the past three years, said Alex Karp, the chief executive officer who started the company with billionaire Peter Thiel.
The Turkish government has urged teachers and parents in western Germany with Turkish roots to report any criticism of President Recep Tayyip Erdogan they hear at schools, according to local media.
The Turkish consulate in North Rhine-Westphalia (NRW) told parents and teachers at “information events” in Düsseldorf, Essen, Cologne und Münster in January that they should spy on classes at German schools, the Westdeutsche Allgemeine Zeitung (WAZ) reported on Thursday.
Attendees were told to report any criticism of Erdogan they witnessed in schools to the consulate.
An investigation has been launched after unrest broke out in Rinkeby, which saw masked rioters throwing rocks, setting vehicles alight and looting shops.
The violence broke out at around 8pm following the arrest of a man on drugs charges a few hours earlier.
Warning shots were fired, but police later said one officer had also fired at least one shot at stone-throwers directly.
Amnesty International condemns the impending arrest of prominent human rights defender Senator Leila de Lima as politically motivated and is calling for all charges against her to be dropped immediately. The arrest of de Lima is a blatant attempt by the Philippine government to silence criticism of President Duterte and divert attention away from serious human rights violations in the “war on drugs.”
I can tell you what political harassment feels like in Putin’s Russia. Like many dissidents I am used to abuse, but a recent campaign against me was so personal, so scary, that I was forced to flee.
Two months ago, a Russian plane transporting the world-famous military choir Alexandrov Ensemble crashed into the Black Sea en route to Syria. They were travelling to perform for pilots involved in Russia’s air campaign on Aleppo.
Attorney General Jeff Sessions’s four-sentence memo rescinding Justice Department guidance to reduce the use of private prisons sent stock soaring for the two companies that dominate the industry, Geo Group and CoreCivic (formerly Corrections Corporation of America). That’s not necessarily because the memo will lead to a ramp-up in Geo- or CoreCivic-run federal prisons. As of December 2015, about 12 percent of all inmates in federal prisons were housed in private facilities, representing only 22,660 inmates. That certainly won’t decline under Sessions, but he didn’t promise to increase it substantially. “I direct the [Bureau of Prisons] to return to its previous approach,” Sessions wrote. Anyway, DoJ renewed a pair of contracts with CoreCivic despite the now-scuttled order, so it’s unclear if the status quo ever stopped.
But the high-profile memo does matter because of the precedent. States and federal agencies that might have otherwise been wary of the negative perception of private prisons, and their often horrific outcomes, can now rest easy.
Pope Francis has delivered another criticism of some members of his own church, suggesting it was better to be an atheist than one of many Catholics who he said lead a hypocritical double life.
In improvised comments in the sermon of his private morning mass in his residence, he said: “It is a scandal to say one thing and do another. That is a double life.
“There are those who say, ‘I am very Catholic, I always go to mass, I belong to this and that association’,” the head of the 1.2 billion-member Roman Catholic church said, according to a Vatican Radio transcript.
Nothing good can come from the expansion of racketeering laws, which are already abused by government agencies and citizens alike. But it gets worse. A lot worse. It doesn't just apply to protesters who damage property. It applies to anyone possibly connected to a protest in which damage occurs, even if they don't induce or encourage the destruction. (Perhaps even if they speak out against violent acts, but still support the demonstration's premise.)
And, to top it all off, police officers would not only be authorized to arrest people engaged in First Amendment activity just because someone down the street broke a window, but also to enrich themselves in the process.
Because there's just not enough opacity shrouding police misconduct and not enough slanting of the criminal justice system against defendants, California police unions have decided to get involved in a judicial dispute over lists of law enforcement officers whose half of "our word against yours" isn't quite as bulletproof as is normally assumed.
A Los Angeles sheriff is trying to do the right thing, but he's running into opposition from his own supposed "representatives."
He had insisted that because he and his wife married in Pakistan under Sharia law a divorce could only be approved in that country. The man made this argument after his wife, a dual British and Pakistani citizen, filed a petition for divorce here in the UK.
Following a hearing in Birmingham, Mr Justice Francis dismissed the man’s claim and ruled that his wife was entitled to seek a divorce in England.
Accepting the man’s argument would have “far-reaching consequences”, the Judge explained. Had he done so, the wife “would be subjected to different rules of English law than people of other faiths or other nationalities living here”.
This would amount to “approving both racial and gender discrimination” Mr Justice Francis declared. If the husband’s claim was endorsed by the Court, it would state that his wife “should be treated differently from a British citizen who is not a national of Pakistan”.
But many in the Somali-American community say finding a food shelf that caters to their religious dietary restrictions is almost impossible.
“Some food shelves are trying to meet the need, but some of them already got canned beans that have already been mixed with pork — and there is a literacy issue here,” said community activist Fartun Weli.
A group of first-generation Somali Americans says they need help in developing a food shelf that specializes in healthy foods that do not contain pork or pork byproducts.
A woman in Minnesota has sued Uber, alleging that one of the company's drivers attempted to rape her in August 2016.
As is the case in other sexual assault lawsuits involving the ride-sharing company, the woman argues that Uber has been negligent in its hiring practices. The company, she claims, is not as safe as it purports to be.
Uber has faced numerous similar legal battles in recent years. Last month, a New Jersey man sued the company over an alleged assault that he sustained after his driver apparently refused to take him from Philadelphia back to his hometown, nine miles away. Last year, two women in Boston settled their lawsuit with Uber on similar allegations of sexual assault.
This week, Uber drew increased scrutiny in the wake of public allegations by a former engineer named Susan Fowler, who described Uber as having a culture of sexual harassment during her tenure there. The San Francisco company has since publicly rebuked this behavior and announced that it has retained former US Attorney General Eric Holder to investigate Fowler's allegations.
However, in response, some customers renewed calls to "#DeleteUber," which led the company to respond with an automated message about the investigations. The hashtag dates back to 2011 but didn't really get going until 2014, and it has flared up at various moments since.
This week on CounterSpin: Early morning deportation raids are stoking fear in immigrant communities, pulling parents from children and shipping people who’ve lived in the US for decades to places they don’t remember. Donald Trump talks about rounding up “drug lords” and murderers, but not only is that not who is being targeted, recently released executive orders expand the category of “criminal alien” to any immigrant who has been accused of a crime, or who someone thinks may have committed one.
The evidence of the chaos and harm deportation policies inflict is in the spotlight now. Can we use the moment to talk about resisting viewing immigration policy through a lens of criminality? Jettisoning the pretense that these measures—from Obama’s stated “felons, not families” approach to this new conceit about “bad hombres”—are about public safety? That shift will be key in moving toward a humane vision of immigration. We talk about that with Mizue Aizeki, deputy director of the Immigrant Defense Project.
I know because I worked in the White House to bring them to the United States.
Since President Trump first issued an executive order slashing refugee admissions to the United States this year from 110,000 to 50,000, a certain irony keeps running through my mind. Candidate Trump campaigned on a slogan of “Make America Great Again.” Yet now he is pushing to cut refugee admissions by more than half. I can think of few policy decisions that would make America look smaller or more cold-hearted than closing our doors to refugees who desperately need a second chance at life. Even worse, the decision is animated by a discriminatory intent that is completely inconsistent with our values and Constitution.
I spent the last few years of the Obama administration running the refugee portfolio from the White House, which gave me a front row seat on countless displays of true American greatness. Faced with an unprecedented global humanitarian crisis, I watched America’s commitment to respond grow week by week — in communities around the country, in the private sector, and within government. At the White House, we convened officials from across the federal agencies at the deputy secretary level every two weeks to ensure we were doing as much as we could. We worked to not only meet our refugee admissions targets each year but to increase them, even as we added new layers of rigor to our security screening.
When Barack Obama became the forty-fourth president of the United States in 2009, he appointed Norman Eisen, a “special counsel for ethics and government,” to ensure that he violated no prohibitions on conflicts of interest. Before he was replaced in 2011, Eisen, later an ambassador to the Czech Republic and a lawyer who specialized in cases involving fraud, addressed a wide range of questions, including such matters as whether President Obama, a basketball fan, could accept tickets to see the Washington Wizards or the Georgetown Hoyas play.
Minnesota Democratic Congressman Keith Ellison lost his bid to become the chair of the Democratic National Committee (DNC) on Saturday after a scorched-earth smear campaign targeting his religious faith, his affinity for the Nation of Islam in his youth, and his support for Palestinian rights alongside a secure Israel.
Instead, the majority of the DNC’s voting members chose former labor secretary Tom Perez to lead the party. After two rounds of voting in Atlanta, Perez netted 235 votes to Ellison’s 200.
Perez was widely perceived as being brought into the race by allies of President Obama, former Democratic presidential candidate Hillary Clinton, and other members of the party establishment. One of the speakers who introduced his nomination, South Carolina Democratic Party Chair Jamie Harrison, also works as a corporate lobbyist for the D.C.-based Podesta Group. After neither candidate reached a majority of votes in the first round of voting, Harrison was on the floor, whipping votes for Perez.
On Jan. 25, 26 and 27, the new president repeated falsely that “torture works.” Claiming to have spoken with high-level intelligence officers, Trump said they told him torture works “absolutely.”
This implausible story flies in the face of the 2014 Senate Intelligence Committee report which concluded that torture is not merely illegal but worthless. The 6,000+-page report found that torture produced “fabricated information, resulting in faulty intelligence.” This common knowledge has been settled law for so long that torture has been prohibited by international treaties and US statutes. Historian Michael Kwass reminds us that as early as 1764, Cesare Beccaria called for abolishing torture because it is immoral and doesn’t work. For good measure, the Senate again voted to ban torture in 2015.
On Feb. 17 last year at an event in Bluffton, S.C., Trump said, “Don’t tell me it doesn’t work — torture works,” and, “Half these guys [say], ‘Torture doesn’t work.’ Believe me, it works. … I would bring back waterboarding. And I would bring back a hell of a lot worse than waterboarding.” At a big rally Nov. 23, 2015, he said, “Would I approve waterboarding? You bet your ass I would, in a heartbeat, in a heartbeat. And don’t kid yourself folks, it works, okay, it works. Only a stupid person would say it doesn’t work. It works.” At a Republican debate last March he said, “Waterboarding is fine, and if we want to go stronger I’d go stronger too. We should go for waterboarding and we should go tougher than waterboarding.” In a televised chat with South Carolina State Rep. Bill Herbkersman, Trump said that if elected he would “immediately” resume waterboarding and “much worse,” calling waterboarding a “minor form” of interrogation.
She told the BBC she was put in a van and taken to the airport from the Dungavel Detention Centre in South Lanarkshire on Saturday without the opportunity to contact her lawyer or get any clothes from her home.
Mrs Clennell was given indefinite leave to remain in the UK after her marriage but periods spent in Singapore caring for her elderly parents appear to have invalidated her residential status.
She has made repeated attempts – both in the Singapore and in the UK – to re-apply for permission to live with her husband, who she said is in poor health and needs her as his carer.
Regulators who don’t much believe in regulation are looking like a hallmark of the Trump administration. What does that mean for the access to communication and information that’s critical to our daily lives? The newly appointed chair of the Federal Communications Commission, Ajit Pai, doesn’t want to actually eliminate the agency, as far as we know, but what does his record suggest for his term leading what’s meant to be the public’s advocate in the communications realm? Jessica Gonzalez is deputy director and senior counsel at the group Free Press. She joins us now by phone from Los Angeles. Welcome to CounterSpin, Jessica Gonzalez.
The video game industry has been a particularly notable enemy of fair repair.
The video game industry is lobbying against legislation that would make it easier for gamers to repair their consoles and for consumers to repair all electronics more generally.
The Entertainment Software Association, a trade organization that includes Sony, Microsoft, Nintendo, as well as dozens of video game developers and publishers, is opposing a "right to repair" bill in Nebraska, which would give hardware manufacturers fewer rights to control the end-of-life of electronics that they have sold to their customers.
For some time now, famed jewelry retailer Tiffany & Co. has been a staunch defender of intellectual property and an adversary to a free and open internet. You will recall that this is the company that wanted eBay to be held liable for third-party auctions of counterfeit Tiffany products. The company also lent its support to censoring the internet via the seizing of domains it didn't like, as well as its support for COICA (which was the predecessor of the bill that eventually became SOPA). COICA, among other things, was a bill that would have allowed the DOJ to seize so-called "pirate" websites that infringed on others' intellectual property.
In 1998, the Smithsonian institute’s National Museum of American History carried a display—“America’s Clothespins”--, which included 41 patents dealing with clothespins for the period between 1852-1887 (although the child of one visitor was heard to say-- “What’s a clothespin, Dad?”) All of this points to a fascinating tale of how patents served as a linchpin (with a Kat apology for the unintended pun) for the rise of the American of State of Vermont, nestled in the northwestern corner of New England, as, in the words of the New York Times, “the Silicon Valley of 19-century clothespin technology”.
First there was metadata, then there was Google AdWords, the latest High Court dispute concerns the question: can the adverts which are displayed on a website constitute trade mark infringement?
Back in 1992, Argos Systems Inc (ASI), an American company specialising in CAD systems for the design and construction of buildings, registered the domain argos.com. Several years later in 1996, Argos Limited, a well known UK retailer registered argos.co.uk. Argos owned various EU and UK trade marks for ARGOS but was too late to the domain name party to secure the .com.
Yesterday, the group that runs the .org top-level domain announced that they will suspend their plans to create a new, private, problematic copyright enforcement system. That’s welcome news for tens of millions of nonprofits, charities, businesses, clubs, bloggers, and personal website owners that use .org. It’s also surprising, because most of those Internet users had no idea that a new copyright system, strongly reminiscent of the failed SOPA/PIPA Internet censorship bills, might be forced on them.
The possibility was easy to miss. Public Interest Registry, the nonprofit organization that administers the .org domain, never mentioned the new policy on its blog before yesterday, nor on the registrar websites where people actually register and renew their domain names. It was announced two weeks ago on a news website that covers the domain industry. And it was referenced in a proposal by the Domain Name Association, an industry group, titled “Registry/Registrar Healthy Practices,” a day later.
Next week the latest round of secret negotiations of the Regional Comprehensive Economic Partnership (RCEP) kicks off in Kobe, Japan. Once the shy younger sibling of the Trans-Pacific Partnership (TPP), the recent death of the TPP has thrust RCEP further into the spotlight, and raised the stakes both for its sixteen prospective parties, and for lobbyists with designs to stamp their own mark on the text's intellectual property and e-commerce chapters.
Our last analysis of RCEP pointed out some of the ways in which the then-current leaked text represented an improvement on the TPP, but how other parts of it—including those on copyright enforcement—repeated its mistakes and failed to seize opportunities for improvement. This week, over 60 copyright scholars released an open letter that sets out their views of what negotiators ought to do in order to address these problems.
[...]
While EFF's position is that copyright doesn't belong in trade agreements at all, we have acknowledged that copyright lobbyists aren't going to stop seeking their inclusion in such agreements any time soon. We have also recommended some improvements to the processes of trade negotiation that would make them more transparent and inclusive, and therefore more democratically legitimate. Although our recommendations were directed to the U.S. Trade Representative (which is not a party to the RCEP negotiations), the law professors' letter echoes the spirit of some of them.
Throughout human history, culture has been made by people telling one another stories, building on what has come before, and making it their own. Every generation, every storyteller puts their own spin on old tales to reflect their own values and changing times.
This creative remixing happens today and it happens in spite of the legal cloud cast by copyright law. Many of our modern cultural icons are “owned” by a small number of content companies. We rework popular stories to critique them or assign new meanings to them, telling our own stories about well-known characters and settings. When copyright holders try to shut us down, fair use helps us fight back.
Talking about fair use often means talking about your right to re-use existing copyrighted works in the process of making something new - to make remixes and documentaries, parodies, or even to build novel Internet search tools. But now that copyright-protected software is in almost everything (including our cars, our toasters, our pacemakers and our insulin pumps) fair use has a new critically important role: basic consumer protection.
We entrust a lot of our lives to the devices we use on a daily basis – and to the software inside them. We trust them to get us from one place to another safely, to monitor our health conditions accurately and securely, and to keep us warm on a cold night. But what if those devices break? What if we want to make sure they aren’t collecting information about us without our consent, or infecting our systems with malware? What if we just want to be able to use third party apps and so on to make them work better?
A federal judge has just let a plaintiff know there's a big difference between providing hosting for infringing content and actually participating in copyright infringement. ALS Scan sued basically everybody for copyright infringement after discovering adult images that it owned posted all over the web. In addition to Steadfast Holdings -- the defendant just dismissed from this suit -- ALS Scan sued Cloudflare, Juicy Ads, and a number of other hosting services and Does.
The next chapter of Snapchat's life will begin over the coming months, as parent company Snap, Inc. goes public with an initial offering that could value the firm at approximately $20 billion. Success is far from certain: The Venice Beach, Calif.-based Snap has warned in investor documents that it could lose users to competitors with “greater resources and broader global recognition" — shorthand for the Facebook-owned Instagram. Snapchat's once-meteoric growth is showing signs of slowing, with only 8 million new users over the last six months.
But whether or not Snapchat survives in a competitive market in the coming years, its contributions — along with those of rivals like Instagram and Apple — to the medium of photography and visual communication are unprecedented. Snap put it this way in its IPO documents: “In the way that the flashing cursor became the starting point for most products on desktop computers, we believe that the camera screen will be the starting point for most products on smartphones.”