Kubernetes is the hottest thing to hit containers since...Docker. That's faint praise, given that Docker barely burst onto the scene in 2013. But, given the pace of enterprise infrastructure innovation these days, four years may be all the limelight one gets. As such, it's critical to make the most of an opportunity, which Kubernetes has done by delivering great code and, as I've called out, superior community.
Docker and other container platforms have caught the attention of enterprise software development teams and IT departments, but relatively few are entrusting their production workloads to the technology.
According to the Cloud Foundry Foundation's latest Global Perception Study, 25 percent of enterprises are using containers in production, a three percent increase compared to 2016. Forty-two percent of respondents said their organizations were currently evaluating container technologies.
IBM is one of the founding members of the Linux Foundation and has long used Linux Foundation events as the place to announce new Linux products and services. At the Open Source Summit here on Sept. 12, IBM announced a new Linux mainframe that will provide more power and security for container workloads.
The new system is called the LinuxONE Emperor II and is the successor to the original Emperor system that IBM first announced at the LinuxCon 2015 event in Seattle.
IBM at an Open Source Summit North America conference today improved its case for deploying applications on an instance of Linux running on a mainframe. An update to the distribution of Linux that IBM makes available on mainframes, dubbed LinuxONE Emperor II, extends the IBM LinuxONE Secure Service Containers in a way that encrypts data by default in addition to making it impossible for anyone to tamper with an application.
Linus Torvalds, creator of the Linux kernel, took to the stage at Open Source Summit in Los Angeles. In this keynote presentation, Torvalds joined The Linux Foundation Executive Director Jim Zemlin in conversation about Linux kernel development and how to get young open source developers involved. Here are some highlights of their talk.
Linux kernel 4.13 is out and - like in the 4.12 release - 12 Collabora developers contributed a total of 72 patches. In addition Collabora developers provided 25 Reviewed-by tags and 10 Tested-by tags. Furthermore 83 patches received a Signed-off-by tag from Collabora peoples. Again, general information about the merge window is available by LWN.net in form of the following articles: part 1 and part 2.
After the Linux 4.14 merge window is over, I'll begin with a lot of fresh Linux kernel benchmarks from this in-development release. But I/O and EXT4 changes already have me running some preliminary tests.
With EXT4 are some scalability improvements to note. The scalability improvements around allocating inodes may help in some workloads. I received a report of this patch on a consumer SSD helping out the Phoronix Test Suite's BlogBench. There's also been some talk of other performance changes to find in Linux 4.14.
Steve Jobs was never seen without his trademark black mock turtleneck, blue jeans, and New Balance sneakers. It's been said Bill Gates, the world's richest man, dresses like your high-school math teacher. But Linus Torvalds, creator of Linux, likes to be comfortable in his home office, so he spends his workdays in his bathrobe. Life is good when you're the world's most influential developer.
At The Linux Foundation's Open Source Summit in Los Angeles, Jim Zemlin, executive director of the Foundation, interviewed Torvalds in front of a packed audience. Zemlin asked how Torvalds felt about his fame. Torvalds replied he doesn't really think about it, but "I'm happy I did something meaningful. Everyone wants to do something that matters."
RISC-V developers have been preparing their kernel port for the mainline Linux tree while it's looking like for Linux 4.15 that goal may finally be realized.
RISC-V developers have spent months getting their code into shape so it could be accepted to the mainline Linux kernel for this open-source, royalty-free CPU instruction set architecture. They have missed out on past merge windows, realize it's too late now for Linux 4.14, and are focusing on being ready come Linux 4.15.
In addition to the BFQ improvements already staged for Linux 4.14, it looks like another fix will be on the way.
Jaegeuk Kim has submitted the F2FS Flash-Friendly File-System updates for the Linux 4.14 kernel merge window.
For this cycle, F2FS developers have been working on providing a better user experience for F2FS when running on Android devices. One of the notable focuses has been working on the atomic write feature of F2FS and has been testing/developing it in conjunction with the SQLite folks. As part of the F2FS developer work has also been new/improved features for analyzing I/O behavior with this flash-focused file-system.
xf86-video-amdgpu 1.4.0 and xf86-video-ati 7.10.0 ship with the same set of enhancements and are designed to work with X.Org Server version 1.13 to 1.19 on any supported GNU/Linux distribution. The new releases improve performance of clients, including composite managers that use DRI page flipping even when the "TearFree" option is enabled for any CRTC, and make sure CRTCs that don't have TearFree support won't suffer from tearing.
Both drivers are now capable of preventing certain DRM master processes from accessing buffers that have been created by the respective driver when switching away to a different VT (Virtual Terminal). This improvement alone might be useful especially when the DRM master processes come from other local users.
While we have already compared the Threadripper 1950X to the current top-end Core i9 7900X processor, today we are taking things a step further with our Threadripper Linux benchmarks by doing a side-by-side showdown when each system is tested across three different Linux distributions.
Here is a multi-way comparison when running the Threadripper 1950X and Core i9 7900X under Ubuntu 17.10 with its latest daily snapshot as of testing, Antergos 17.9 Rolling, and Clear Linux 17650. This provides a diverse look at the performance across distributions for these high-end desktop processors.
Harmony is audio player inspired from iTunes, it is built with Electron and vanilla JS, available for Linux, Windows and Mac. It plays audio files locally and from cloud services as well. It is based on plugins, and plugins are available for Spotify, SoundCloud, Google Play Music, Hype Machine, Deezer, and local files. It is skinable means you can write and install themes but it has two themes available other than default. Harmony can be controlled using keyboard shortcuts and media keys. Press ? to see the list of available shortcuts. It is responsive design player that means you can resize it however you want, make it compact or half screen or full screen, it will follow you. It uses the tray or the sound menu integration to control the playback even when the app isn't focused.
Inkscape is a free and open-source professional vector graphics application, it is cross-platform available for GNU/Linux, Windows and Mac. You can use Inkscape if you are either professional or hobbyist designer, using this software you can create wide variety of graphics such as illustrations, icons, logos, diagrams, maps and web graphics. Inkscape uses the W3C open standard SVG (Scalable Vector Graphics) as its native format.
The torrent traffic comprises a major portion of the world’s internet traffic. With the rise of streaming services (many of them are free), people are adopting the subscription model with more frequency but it isn’t affecting the health of torrent ecosystem. However, one should note that torrenting isn’t limited to downloading illegal media. There are many legal torrent websites that host such content.
A new version of Gradio, a desktop radio app for Linux desktops, is available for download.
A fairly sizeable update, Gradio 6.0 introduces a number of UI improvements, including a new sort menu, extended radio station search, and the ability to ‘edit’ station details.
The app isn’t new of course. We’ve written about this GTK desktop radio player of times before but this release marks its first stable update in 2017.
These are the release notes for Blender 2.79, released September 12th, 2017.
Today marks the long-awaited debut of the Blender 2.79 3D modeling software release. Especially for those using OpenCL acceleration, Blender 2.79 is quite an exciting update.
Exciting us the most about Blender 2.79 is better OpenCL support and much greater performance. The performance improvements in Blender 2.79 aren't limited to OpenCL (or CUDA) but include greater performance on the CPU too thanks to continued AVX optimizations as well as continued multi-threading work. On the CPU side there can be 10~20% speed-ups while for some situations on OpenCL are now as much as 50% faster.
ââ¬â¹There are so many awesome open source apps available on Linux for taking notes and managing a to-do list and amongst them is QOwnNotes. QOwnNotes is a fantastic app for doing both. The app allows you to save your notes in plain text format with Markdown support. It has cross platform support on Linux, Windows, and macOS and works together with the notes application of ownCloud and Nextcloud. The main strength of QOwnNotes is versatility. It comes with some pretty awesome features that have made it quite popular and appealing to many who want something more with their note-taking apps.
For fans of the MPlayer-forked MPV Player, it's time to upgrade to version 0.27.
MPV 0.27 brings a rework of the video output code for rendering API abstraction in order to support non-OpenGL video outputs in the future. Though there was no immediate indication what future APIs that MPV may decide to target.
As a big fan of real-time strategy games, I couldn’t pass up checking out Tooth and Tail [Official Site, Steam] from Pocketwatch Games.
JYDGE [Steam, Official Site] looks like the nuts top-down shooter I've seen for a while and the great news is that it's arriving on Linux in October.
Duck Game [Official Site] is a popular action game that's a little insane and it's actually possible to run it on Linux, thanks to developer "0x0ade".
The Infectious Madness of Doctor Dekker [Steam, Official Site], a Full Motion Video game about solving murder whilst dealing with the unusual patients of the recently deceased Doctor Dekker.
KGraphViewer 2.4.0 has been released.
KGraphViewer is a visualiser for Graphviz’s DOT format of graphs. https://www.kde.org/applications/graphics/kgraphviewer
This ports KGraphViewer to use KDE Frameworks 5 and Qt 5.
For those relying upon KGraphViewer as a Graphviz dot graph viewer, it's the latest package ported to Qt5 and KDE Frameworks 5.
I can proudly tell that Qt 5.10 Alpha is released today.
Please check Qt 5.10 New Features -wiki to see what new is coming with Qt 5.10 release. And as usual the official Alpha is a source code delivery only.
It's arriving a bit late but the first alpha release of Qt 5.10 is now available for testing.
Qt developers for the 5.10 update have been working on their initial Vulkan helper support, OpenGL ES 3.2 now being exposed in a cross-platform manner, Qt Quick / Qt Quick Controls 2 improvements, Qt WebEngine was rebased to Chromium 60, support for multiple screens and plugins with the emulator, and more.
Today sees the release of GNOME 3.26 — and you’re probably wondering what new features are going to be on offer.
[...]
The GNOME desktop is made up of multiple parts. This includes the main user interface (called ‘GNOME Shell’) as well as core apps (like the file manager Nautilus), and ‘invisible’ background libraries and services that help glue everything together.
After six months of hard work, the GNOME Project's development team was proud to announce today, September 13, 2017, the immediate release and general availability of the GNOME 3.26 desktop environment.
Dubbed "Manchester," after the city where the annual GUADEC (GNOME Users And Developers European Conference) developer conference took place this year, the GNOME 3.26 desktop environment packs many enhancements for the apps and core components included in the GNOME Stack, along with new features.
This year, on August 15, the GNOME Project celebrated its 20th anniversary, and we couldn't be happier to be using GNOME as our main desktop environment. The biggest new features of the GNOME 3.26 release are support for emoji, Flatpak improvements, as well as a brand-new Control Center that's now called simply "Settings."
The GNOME Project is excited to announce the release of version 3.26, the latest version of GNOME 3. The new version is the result of six months’ hard work by the GNOME community, and comes packed with improvements and new features. Announcing the release, Matthias Clasen of the GNOME Release Team, said “We are happy and proud to announce GNOME 3.26, the latest major release of GNOME, “Manchester”, just a few weeks after we celebrated the 20th birthday of GNOME at GUADEC. As always, the GNOME community did a great job in delivering exciting features, completing translations, and refining the user experience. Thanks!”
GNOME 3.26 "Manchester" has been officially released.
Matthias Clasen announced a few minutes ago on the mailing list, "This release brings refinements to the system search, animations for maximizing and unmaximizing windows and support for color Emoji. Improvements to core GNOME applications include a redesigned Settings application, a new display settings panel, Firefox sync in the Web browser, and many more."
GNOME 3.26 is the latest version of GNOME 3, and is the result of 6 months’ hard work by the GNOME community. It contains major new features, as well as many smaller improvements and bug fixes. In total, the release incorporates 24105 changes, made by approximately 778 contributors.
3.26 has been named “Manchester” in recognition of this year’s GUADEC organizing team. GUADEC is GNOME’s primary annual conference and is only possible due to the amazing work of local volunteers. This year’s event was held in Manchester, UK, and was a big success. Thank you Team Manchester!
Porteus 3.2.2 left a very strange feeling in my heart.
From one side, it ran smoothly, very fast (from-memory) and crashed nowhere.
On another side, complexity with installation of additional software is definitely a show-stopper for many inexperienced Linux users.
Have you used Porteus yourself? How do you like it?
What i personally love about this project is its little but awesome developers community, and this summer was more productive than ever.
I am proud to announce the official release of Parrot 3.8, that introduces many new features and updates.
A quick look at our changelog will immediately spot the most important changes.
First of all, the new parrot 3.8 is now based on Debian 10 buster (current Debian testing release) with Linux 4.12, ZFS support, better wireless drivers support and the introduction of the new MATE 1.18, GCC 6.4 and 7.2, java 9 and so on, and all the parrot flavors now include electrum, a lightweight bitcoin client.
Zorin Group recently announced the release of Zorin OS 12.2. It's Ubuntu based operating system for both, beginners and advanced users. This version brings innovations from the Open Source community together with a familiar user interface, requiring nearly no learning curve for PC users.
openSUSE Project's Dominique Leuenberger is back with a new weekly report to inform OpenSuSE Tumbleweed users about the fact that a total of four snapshots have been published this week despite infrastructure's issues still not being fully addressed.
"I’m mainly astonished that there were still 3 (4) snapshots completed, considering the issues the infrastructure had during the last days (openQA had a corrupted disk/database, then download.opensuse.org disappeared on us)," said Dominique Leuenberger in his report.
After two years of work, the Open Container Initiative launched Version 1.0 for container runtime and image specifications in July. OCI’s foundation, formed by a number of container industry leaders, was tasked with the mission to create specifications that would support container portability across different operating systems and platforms. Red Hat Inc.’s chief technologist likes the specifications that he’s seen so far.
“We had some initial code associated with those specifications as part of the OCI project and expectations that we’d get further adoptions from other parts of the ecosystem, and we’re seeing the evidence of that happening today,” said Chris Wright (pictured), vice president and chief technologist, Office of Technology, at Red Hat. “It’s a great milestone.”
Red Hat is looking for another senior software engineer to join their Desktop Graphics Team where in particular they will be working on the open-source Radeon support, including Vulkan and comp
The Nutanix cluster – which cost between €£300,000 and €£400,000 – replaces an existing infrastructure made up of numerous storage arrays and based around a Red Hat-supplied GlusterFS file system (covered by ComputerWeekly in 2013) that had become cumbersome and difficult to manage.
Now, Ubuntu Artful gets a new System Settings with a fully-new interface from GNOME 3.25. It's officially renamed to Settings and it got big changes. It's very amusing to read Georges Staracas' article (the developer of Settings) especially the fact that more than 30.000 lines of code changed since v3.20 by 15 contributors! This means when finally released, Ubuntu 17.10 will include Settings by default. Now let us see the quick look at Artful here. Enjoy!
If you loved the look of the Unity 8 desktop as used in Canonical’s shelved Ubuntu phone and tablet project, I can guarantee you’re going to love the following icon set.
Why? Because it is the Ubuntu phone and tablet icon set!
Yup, even though Ubuntu Touch died and Canonical (painfully) let the majority of its design team go, the story isn’t yet done for the Suru icon theme.
Congatec’s “Conga-B7AC” is a Linux-friendly Type 7 COM with up to a 16-core Atom C3000, and support for 4x 10GbE, 32x PCIe, and industrial temperatures.
Congatec delivered one of the first COM Express 3.0 Type 7 modules with its Conga-B7XD, based on Intel 5th Gen “Broadwell” Xeon D and Pentium processors. Now it has introduced the Conga-B7AC Type 7 module with the same 125 x 95mm dimensions, 10GbE support, Linux support, and an up to 16-core Intel Server-class SoC, but with a more power efficient Atom C3000 “Denverton” SoC. There’s also a Conga-X7/EVAL carrier board (see farther below)
Aaeon announced a “NanoCOM-KBU” COM Express Type 10 Mini module with Intel 7th Gen U-Series chips and a “COM-KBHB6” Type 6 Basic module with a Xeon E3.
Anavi has gone to Crowd Supply to launch a new run of its $16 “Anavi Infrared pHAT,” which adds IR remote control to the Pi, and offers optional sensors.
FWUL 2.0 comes with many under-the-hood improvements and features, but one major feature stands out among the rest – persistent mode. As mentioned previously, the operating system is made to be run as a live-USB OS, which usually means after rebooting your computer that any of your changes made in FWUL will not be saved. This is not a huge deal as the operating system is not really meant for general usage, but some, such as developers, may find themselves using FWUL more like a normal OS for many of their needs.
The open-source community used to thrive on rebellion against profitable proprietary corporations like Microsoft Corp. and others. All have since reconciled, and are now joining forces to fight common enemies holding back agile development.
“Open source doesn’t have that enemy anymore. It’s the standard,” said John Furrier (@furrier) (pictured, right), co-host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio. “So the questions is what is going to motivate the organizations?”
Deep learning is cutting edge artificial intelligence. It’s what Google used to build AlphaGo, which beat the world champion of board game Go earlier this year in China. It’s what powers a lot of self-driving cars, by giving their machine vision human-level accuracy. And it’s being used by many of the world’s top tech companies as the basis for recommender systems, fraud detection and cybersecurity.
[...]
Open-source software is the bedrock of enterprise and government applications, from Linux through to Hadoop. The next layer to go open-source is AI, and that’s great news for government agencies. But open-source alone is insufficient: those agencies should make sure their tools till play well with others in the stack, so that they can march their AI solutions to the finish line. During our time in the government-focused startup accelerator, DCode42, the Skymind team learned firsthand the kind of partner and collaboration that agencies and departments require to adopt and implement new technology.
For this list, we selected 50 of the most well-known of these open source artificial intelligence projects. They are organized into categories and then alphabetized within those categories. The lines between some of the categories can be fuzzy, so we used the project owners' descriptions of their applications to determine where to place the various tools.
- Symphony Software Foundation (the Foundation), the nonprofit organization fostering innovation in financial services through open source software, will be hosting its inaugural Open Source Strategy Forum at the BNY Mellon Conference Center in New York on November 8, 2017. Registration is open today.
Our Techie Tuesdays of the week, Shakthi Kannan dons the hats of Free and Open Source Software (FOSS) advocate, documentation expert, and DevOps engineer with ease.
Impeccably attired, Shakthi Kannan was half an hour early for our meeting, which, in essence, describes the man – meticulous and a perfectionist.
The easiest way to keep track of your expenses and income is to use GnuCash. It's an accounting package that has a number of useful features for small businesses. There's even an Android app so you can work with your books on the go.
If you don't mind getting your hands dirty at the command line, you'll want to give Ledger a look. Ledger is a double-entry accounting app that also has several graphical frontends.
I can't think of any small business owner who doesn't want to get paid by customers and clients. To do that, you need to send invoices. Sure, you can create invoices in a word processor and print them off or email them as PDFs, but that makes the invoices hard to track. Instead, turn to a dedicated invoicing application.
For those looking to follow the development of Google's Fuchsia operating system that is written from scratch, it's low-level Magenta core has been renamed to Zircon.
As a reminder, Fuchsia is a (non-Linux) real-time operating system developed by Google that has been under much public speculation since its code began appearing last year. Fuchsia uses a micro-kernel design with it being called Magenta.
Today, Mozilla is announcing 15 new Fellows in the realms of science, advocacy, and media.
Fellows hail from Mexico, Bosnia & Herzegovina, Uganda, the United States, and beyond. They are multimedia artists and policy analysts, security researchers and ethical hackers.
Over the next several months, Fellows will put their diverse abilities to work making the Internet a healthier place. Among their many projects are initiatives to make biomedical research more open; uncover technical solutions to online harassment; teach privacy and security fundamentals to patrons at public libraries; and curtail mass surveillance within Latin American countries.
In a previous post, we announced that Oracle was beginning to explore moving Java EE technologies to an open source foundation in order to make the process of evolving these standards more agile, flexible and open. Since mid-August, we’ve had many discussions with other vendors, community members and open source foundations in order to move the process forward. Here’s an update on the progress we have made so far.
Oracle announced today that they, along with IBM and Red Hat, will be moving Java EE to the Eclipse Foundation. I would like to welcome everyone involved to our community. We look forward to working with all of the participants in the Java EE ecosystem as it moves to a more open and collaborative development model.
Oracle is continuing to free up Java Enterprise Edition (EE), Java's enterprise middleware platform, from its once iron-grip. In a blog post, Oracle Software Evangelist David Delabassee said, "After careful review, we have selected the Eclipse Foundation."
Oracle has recently admitted that "although Java EE is developed in open source with the participation of the Java EE community, often the process is not seen as being agile, flexible, or open enough, particularly when compared to other open-source communities. We'd like to do better."
M-CORD, the leading open source platform for Carrier 5G Edge Network innovation, is today demonstrating a number of new, ground-breaking capabilities at Mobile World Congress Americas. Based on the CORDââ¢Platform and hosted by the Open Networking Foundation (ONF), M-CORD is the leading platform for 5G innovation, addressing the needs of mobile operators by using cloud-native approaches to prototyping 5G innovations.
Motivated by the 2017 GNU Tools Cauldron, an ARM developer is looking for feedback on improving the options enabled by default for the GCC 8 compiler.
Wilco Dijkstra of ARM is looking to possibly loosen GCC's conservative defaults a bit by allowing some more modern options by default and possibly adding more optimizations to -O2 too.
Public institutions spend millions of Euros every year for the development of new software that is specifically tailored to their needs.
Unfortunately, most of this software is closed source.
This means that your tax money is being used to pay for software that cannot be modified or even studied. Most public institutions pay to develop programs that they do not or cannot release to the public. When other institutions need to solve similar problems, they have to develop the same software again. And each time the public - including you - has to foot the bill.
Once upon a time, I wanted to be an evolutionary biologist. To make a long story short, I had a change of heart and dropped out of my PhD program to pursue a career in computer science. I'm now a senior software engineer at Red Hat, where I work on a variety of machine learning and data science projects (you can read more about my journey on my blog). Not long after joining Red Hat, many people—including three different University of Chicago grad students—asked me about transitioning to a career in data science, so I started looking into it.
Under this program, the state released its first two data sets in 2016. One set included a 3-D seismic survey from the North Slope that covered a huge chunk of ground near Prudhoe Bay. And the state saw a burst of activity, requests from university researchers, companies, and contractors.
And even getting the data that is open to the public is still vaguely super-spy-ish. Acting Deputy Commissioner of the Department of Natural Resources Steve Masterman says they ask people to provide a brand new hard drive, still in the wrapper.
One of the hot topics right now in the web development world is functional programming in the language of the web, JavaScript.
Functional programming encompasses a whole host of mathematical properties and phenomena that is beyond this post, but what I am going to address here is how to write a a few functions with nominal functional programming.
That's one of many takeaways from a new survey, aptly titled The 2017 State of the Modern Developer, that was conducted by research firm Coleman Parkes for the software analysis and measurement company CAST. In all, 500 developers in four countries -- USA, UK, France and Germany -- were surveyed. According to CAST, the research was conducted "to learn more about the motivators and behavior of modern developers, in addition to their attitude towards code quality."
Well that was a nothingburger.
Today Apple announced the arrival of several new iPhone models and other updated gadgets. As usual, the phones were revealed with great fanfare -- but from the glass exterior down to its guts, the new iPhone is just another freedom-restricting trap for unsuspecting users.
We get it: people like technology that they believe is easy to use, and costly, flashy-looking smartphones have become status symbols for many. The trouble is that the cost of owning an iPhone is even higher than the new iPhone's hefty $1000 USD price tag.
Education pays.
According to a new report from the Organisation for Economic Co-operation and Development (OECD), adults with a college degree are 10 percentage points more likely to be employed, and will earn 56% more on average than adults who only completed the end of high school. They are less likely to suffer from depression than their less-educated peers.
The US has always enjoyed a huge advantage in higher-ed attainment. In 2000, 43% of 25-34 year olds had a college education compared to an average of 26% in the 35 OECD member countries. But that advantage is quickly closing. In 2016, it was down to four points, with 48% of Americans following through to higher ed. And Americans now have to compete in an increasingly competitive global workforce.
he security company Armis has revealed eight separate Bluetooth wireless protocol flaws known collectively as BlueBorne. This new nasty set of vulnerabilities have the potential to wreak havoc on iPhones, Android devices, Windows PC, and, oh yes, Linux desktops and server, as well.
While BlueBorne requires a Bluetooth connection to spread, once the security holes are exploited, a single infected device could infect numerous devices and computers in seconds. Attacks made with BlueBorne are silent, avoid activating most security measures, and require nothing from new victims except that their devices have Bluetooth on.
Armis Labs has gone public today with "Bluebourne", an IoT-focused attack vector via Bluetooth. This Bluetooth attack does not require the targeted device to even be paired with the attacker or on discoverable mode, making it more frightening.
Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.
One of the largest financial data breaches in U.S. history, it exposed names, addresses, Social Security Numbers, birth dates, driver's license numbers and other sensitive information belonging to 143 million U.S. consumers, as well as data belonging to an undisclosed number of UK and Canadian consumers.
The attackers also accessed credit card data for about 209,000 consumers and credit dispute information for about 182,000 consumers, Equifax said.
[...]
However, with respect to the possibility that it resulted from an exploitation of a vulnerability in the Apache Struts Web Framework, it was not clear which vulnerability could have been utilized, Gielen said.
One assumption connected the breach to CVE-2017-2805, one of several patches Apache announced on Sept. 4.
"However, the security breach was already detected in July, which means that the attackers either used an earlier announced vulnerabiity on an unpatched Equifax server or exploited a vulnerability not known at this point in time -- a so called Zero Day Exploit," Gielen noted.
The committee members have put enormous effort into "securing and hardening the software we produce," he added, and they fix problems that come to their attention.
There's a distinction between the existence of an unknown flaw in the wild for nine years and failing to address a known flaw for nine years, said Gielen, emphasizing that the committee just learned about this flaw.
The has not had any contact with anyone using the @equifax domain on any Apache list in more than two years, said Apache spokesperson Sally Khudairi.
"To be clear, whilst we haven't had contact with anyone using the @equifax domain -- official or otherwise -- that is not to say there isn't a chance that someone from their team may have done so using an alternate channel," she told LinuxInsider.
Today, a security issue was disclosed that had the potential to be the most serious Linux kernel security issue that Red Hat Product Security has dealt with in our 18 year history: BlueBorne. A flaw where a remote (but physically quite close) attacker could get root on a server, without an internet connection or authentication, just needing a system that has Bluetooth hardware installed and listening.
Back in May, the WannaCry ransomware decimated millions of Windows PC around the world. Later, a similar worm – dubbed EternalRocks – compromised a load more Windows machines. Hacker group ShadowBrokers released WannaCry and EternalRocks – both stolen NSA hacking tools – promising more to come. Now, it seems ShadowBrokers are true to their word. The group unveiled a fresh NSA hacking tool: a Trojan known as UNITEDRAKE. UNITEDRAKE is able to compromise Windows systems from XP to Windows Server 2012, and pretty much every version in-between.
It seems Virginia can't catch a break when it comes to voting. Trusting vendors to provide secure electronic voting devices just isn't paying off. Two years ago, Virginia pulled a bunch of voting machines after it was discovered they were leaky, insecure devices masquerading as something American voters could trust.
The security wasn't just bad in the way many machines are -- frailties that can only be sussed out by security researchers and talented criminals. No, they were bad in the way your grandparents' Google Box is: "secured" with passwords like "abcde" or "admin," along with accessible DOS prompts and multiple open ports.
The Dlink 850L is a router overall badly designed with a lot of vulnerabilities.
Basically, everything was pwned, from the LAN to the WAN. Even the custom MyDlink cloud protocol was abused.
All 24 minority members of the committee signed a letter to the Equifax executive, Richard Smith, calling on him to come forward with more information about his handling of the crisis.
Even if you want to be part of the class action lawsuit against Equifax, you can still sue Equifax for negligence in small claims court using the DoNotPay bot and demand maximum damages. Maximum damages range between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee.
Researchers at IoT security firm Armis say they have found eight flaws in the Bluetooth protocol that can be used to attack devices running Android, iOS, Linux and Windows.
The BlueBorne attack doesn’t even require the victim to tap or click on any malicious links. If your device has Bluetooth and is on then it is possible for an attacker to take complete control of it from 32 feet away. This even works without the attacker pairing anything to the victim’s device and the target device doesn’t need to be set to discoverable mode either. The team at Armis Labs have identified eight zero-day vulnerabilities so far and believes many more are waiting to be discovered.
Professional truth-teller and self-appointed Russian counter-propagandist Jake Tapper had Arizona Sen. John McCain on his State of Union show (CNN, 9/10/17) for a chummy interview Sunday night. The interview began with Tapper lobbing softballs at McCain about his mortality and reminiscing about buddying up on the 2000 campaign trail (Tapper was, according to his then-editor David Talbot, a McCain “groupie”) before moving on to “issues.”
The intelligence community has used the threat of terrorism to its advantage, especially regarding mass surveillance, according to Edward Snowden. He believes terrorism would still be a lower threat than many other issues, even if 9/11 happened every year.
In an exclusive interview with the German media outlet Der Spiegel, the NSA whistleblower noted that although terrorism is a "real problem," it has claimed much fewer lives outside of war zones than car accidents and heart attacks.
After threatening to scuttle all amendments on a massive defense policy bill, Sen. Rand Paul is likely to secure a vote on ending the war authorizations the US military uses to fight terrorism across the globe. Paul's office announced he would get a vote Wednesday on the Kentucky Republican's amendment that would repeal the 2001 and 2002 war authorizations after six months, giving Congress time to pass a new Authorization for Use of Military Force for the wars against Al Qaeda, ISIS and the Taliban.
A Senate panel may be stealthily trying to give federal law enforcement a new tool to go after the anti-secrecy group WikiLeaks and its U.S. collaborators.
A one-sentence “Sense of Congress” clause was tacked onto the end of a massive 11,700-word bill that was approved by the Senate Intelligence Committee and is likely to come before the full Senate later this month.
The clause says that WikiLeaks “resembles a non-state hostile intelligence service” and that the U.S. government “should treat it as such.”
Houston Mayor Sylvester Turner on Tuesday gave his strongest endorsement to date for constructing a physical coastal barrier to protect the region from deadly storm surge during hurricanes.
Though such a barrier system would not have guarded against the unrelenting and unprecedented rain Hurricane Harvey dumped on the area, Turner — one of the region’s last leaders to endorse the so-called “coastal spine” concept — said at a Tuesday news conference that he believes it is crucial.
“We cannot talk about rebuilding” from Harvey “if we do not build the coastal spine,” he said.
Trump just waived 26 environmental laws—and two religious freedom laws—to build his wall.A three-mile section of border fencing in California will be constructed without federal protections for clean water and air, endangered species, and historic sites, according to a notice posted Tuesday in the Federal Register. Elaine Duke, the acting secretary of the Department of Homeland Security, said in the notice that the “El Centro Sector,” which covers the eastern half of California’s border with Mexico, is “an area of high illegal entry for which there is an immediate need to construct border barriers and roads.” The area is also home to wildlife habitat—including some threatened and endangered species—as well as farmland, desert vegetation, wetlands, archaeological resources, and prehistoric sites, according to a U.S. Customs and Border Protection environmental assessment of the area in 2012. But none of that will get in the way of Trump’s wall. Here are all the laws that have been waived, per Tuesday’s notice.
The National Environmental Policy Act The Endangered Species Act The Clean Water Act The National Historic Preservation Act The Migratory Bird Treaty Act The Migratory Bird Conservation Act The Clean Air Act The Archeological Resources Protection Act The Paleontological Resources Preservation Act The Federal Cave Resources Protection Act of 1988 The Safe Drinking Water Act The Noise Control Act The Solid Waste Disposal Act The Resource Conservation and Recovery Act The Comprehensive Environmental Response, Compensation, and Liability Act The Archaeological and Historic Preservation Act The Antiquities Act The Historic Sites, Buildings, and Antiquities Act The Farmland Protection Policy Act The Federal Land Policy and Management Act Section 10 of the Reclamation Project Act of 1939 The National Fish and Wildlife Act of 1956 The Fish and Wildlife Coordination Act The Administrative Procedure Act The Rivers and Harbors Act of 1899 The Eagle Protection Act The Native American Graves Protection and Repatriation Act The American Indian Religious Freedom Act The Religious Freedom Restoration Act
Recent events in Texas and Florida remind us that in some cases, it’s better to flee danger. To the extent that hurricanes travel rather slowly, a motor-vehicle is a practical solution to getting large numbers of people out of harm’s way. Buses are better than smaller vehicles in terms of rate of evacuation and efficiency but many of us do own personal vehicles which can be used.
There is an EV connection here. Many were frustrated in evacuation because they could not use the vaunted advantage of great range of the gas-guzzler because the tank was running on empty and line-ups and outages at filling-stations wasted many hours. Folks with an EV sitting in the garage or driveway already topped up from the mains just load up the vehicle and go…
Most people remember the last day of a temp job. Maybe colleagues take you out to lunch; maybe you send that goodbye email promising to keep in touch. But for Keith Noreika, the temporary head of the Office of the Comptroller of the Currency, his final temp day is just like any other Tuesday. Because he doesn’t plan on leaving.
Noreika’s unusual stint running the OCC, a top bank regulatory agency, as a “special government employee” enabled him to sidestep congressional vetting and ethics rules for members of the executive branch. But a watchdog group believes that unique status runs out today, and they want Noreika investigated for illegally overstaying his welcome.
Last night the House of Commons voted on the “second reading” on the European Union (Withdrawal) Bill. This is a general vote on the principle of the legislation.
MPs voted in favour of the Bill, and it now will be considered in committee where the clauses will be examined and amendments considered.
You can follow the Bill as follows.
A damning report has revealed the government has no real plan to tackle homelessness, despite huge hikes in the number of people sleeping rough.
The National Audit Office says the Conservatives ‘light touch’ approach to solving the problem has failed and there are no proposals to properly assess the impact of welfare cuts on people losing their homes.
Since 2010, the number of people living on the streets has more than doubled and the number of households living in temporary accommodation has risen by more than half.
Britain and the European Union postponed a new round of Brexit negotiations by a week until the end of the month in what EU diplomats said was to allow time for Prime Minister Theresa May to make a key speech in about 10 days.
In confirming a delay until Sept. 25, which Brussels had been expecting, the British government said in a statement it was a joint decision taken because “more time for consultation would give negotiators the flexibility to make progress”.
There has been no confirmation in London that May will make any speech around Sept. 21. There was no immediate official comment from the European Commission, which is the EU executive.
It is official: Brexit is boring – at least on the continent. As the European commission president, Jean-Claude Juncker, delivered his “state of the union” address on Wednesday, setting the tone for the new political year, Brexit was relegated to a brief mention at the end. And even there, it was framed as a moment of sadness and regret, not horror. In last week’s TV encounter between the German chancellor, Angela Merkel, and her challenger, Martin Schulz, Brexit was totally absent.
A number of states and cities go to the polls today to elect or nominate candidates for local offices.
In two states on different sides of the Mason-Dixon line, two upstart candidates are vying in elections aiming to upset the local political order.
In Mississippi, voters head to the polls in what could be a shocker of a special election. A state House seat for District 102 that has long been in GOP hands is up for grabs, and if Republicans lose it, they lose their supermajority in the legislature. The election was triggered when Toby Barker, the former House member — who had cast a critical vote against expanding Medicaid — was elected mayor of Hattiesburg and stepped down.
On the steps of Downing Street when she became Prime Minister, Theresa May said: “When we take the big calls we’ll think not of the powerful, but you.”
Her words were powerful. They spoke to people’s sense that our country is far too often run for big business and the wealthiest and they were an implicit rebuke to David Cameron’s government that had gone before.
Unfortunately she has not delivered. Whether it is workers on boards or an energy price cap, she has talked tough and then retreated.
Boris Johnson is flying in to the hurricane ravaged British Caribbean territories to play benevolent colonial master. Hurricane Irma plays in to the fantasies of the Tory Brexiteers – Britain as world-bestriding Empire, with great interests around the globe. Hurricane Irma caused death and huge deprivation to local people.
Individuals were cowering behind furniture and preparing for emergency flights out. These latter were the ultra-wealthy in London who were terrified that the rooves would be torn off company registries and their tax haven secrets scattered abroad by the hand of God.
Despite having all the Tory fantasy elements of patrician benevolence, warships, colonies, subjects and soldiers, the Tory instinct of meanness remains overriding. Some of the British overseas territories in the Caribbean have suffered enormous damage to their infrastructure, with power, water, hospitals and schools out of action. But the British government response so far has been to provide a paltry €£32 million in aid of which it claims €£28 million is already spent.
As Congress finally starts to debate whether to reauthorize Section 702 of the FISA Amendments Act before it expires at the end of this year, it’s important to remember that we know a lot more about the government’s troubling practices since the law was last reauthorized in 2012.
As a reminder, FISA is the statute that regulates foreign intelligence surveillance and for decades required individualized court orders based on probable cause to collect information about people here in the U.S. Seeking to authorize President George W Bush’s warrantless wiretapping program, Congress passed Section 702 to allow the government to target foreigners abroad without any judicial determination that the person was a national security threat– knowing that the collection would happen here in the US and that Americans could be picked up in the process. Procedurally, the government obtains an annual 702 order from the FISA Court after negotiating the privacy and targeting rules that will apply to the program. The government is then allowed to choose its own targets for “foreign intelligence” spying, which not only includes terrorists, spies, and foreign leaders, but for people relevant to the catch all categories of defense and foreign affairs. It collects both metadata and the content of communications, and compels U.S. tech companies, phone companies and internet service providers to turn over the data. Once collected, it is saved for years and used not only in intelligence investigations, but criminal prosecutions. It has not been substantively amended since its original passage in 2008.
Regulations released Sept. 7 made creators of online groups responsible for managing information within their forums and the behavior of members. While they don’t take effect until October, authorities have jumped into action by disciplining 40 people in one group for spreading petition letters while arresting a man who complained about police raids, according to reports in official Chinese media.
Self-censorship is kicking in fast on WeChat as China’s new rules on message groups cast a chill among the 963 million users of Tencent Holdings’ social network.
Regulations released last week made creators of online groups responsible for managing information within their forums and the behaviour of members.
The measure do not take effect until next month, but the authorities have jumped into action by disciplining 40 people in one group for spreading petition letters and arresting a man who complained about police raids, according to reports in official Chinese media.
Toxicity, bad language, homophobia, racism and a plethora of other issues remain prevalent in the world of gaming and esports. Just this week, renowned streamer PewDiePie used the “n-word” whilst being watched by thousands. Rightly so, he’s received extreme criticism across a multitude of platforms. Not only do streamers have responsibility, but in-game chat whether typed or vocal can be a cesspit of vitriol at the best of times.
It remains to be seen if the new NHS app will have adequate protections in place.
A bipartisan bloc of House Judiciary Committee leaders have agreed to demand new limits on the National Security Agency’s warrantless surveillance program as a condition of temporarily extending its authorization, setting up a fight with the Trump administration.
The lawmakers — including the Republican representatives Robert W. Goodlatte of Virginia and Jim Sensenbrenner of Wisconsin, the current and former committee chairmen, and Representative John Conyers of Michigan, the ranking Democrat — have privately agreed to support extending the law, the FISA Amendments Act, through 2023, according to congressional officials who spoke on condition of anonymity to discuss the negotiations. It is set to expire at the end of December.
The journey to interview Edward Snowden is a long one. For DER SPIEGEL, it began over a year ago, with numerous conversations with his lawyers in New York and Berlin. It ended two weeks ago on a Wednesday in a Moscow hotel suite with a view over Red Square.
The 34-year-old former United States intelligence worker, who exposed the global surveillance system deployed by the National Security Agency (NSA), lives somewhere in the Russian capital. Since blowing the whistle, he has been an enemy of the state in his home country. He has become an icon for defenders of civil liberties and also a man on the run. The journey to Snowden almost took even longer, when he came down with a bad cold and nearly had to delay the interview. In the end, Snowden turned up -- coming across as modest and astoundingly optimistic in an interview that lasted more than three hours.
Huge news for broadband privacy! A California bill that would restore many of the privacy protections that Congress stripped earlier this year is headed for a final vote this Friday,
The bill, A.B. 375, had languished in the Senate Rules Committee due to the efforts of AT&T, Comcast, and Verizon to deny a vote. But constituents called and emailed their representatives and reporters started asking questions. The overwhelming public support for privacy has so far counteracted the lobbying by telecommunications companies, which will spare no expense to keep the gift handed to them by Congress and the Trump administration.
In a stunning move, the House of Representatives on Tuesday approved an amendment to the Make America Secure and Prosperous Appropriations Act that will roll back Attorney General Jeff Sessions’s expansion of asset forfeiture.
Amendment number 126 was sponsored by a bipartisan group of nine members, led by Michigan Republican Rep. Justin Amash. He was joined by Democratic Reps. Ro Khanna of California; Washington state’s Pramila Jayapal, a rising progressive star; and Hawaii’s Tulsi Gabbard.
Civil asset forfeiture is a practice by which law enforcement can take assets from a person who is suspected of a crime, even without a charge or conviction. Sessions revived the Justice Department’s Equitable Sharing Program, which allowed state and local police agencies to take assets and then give them to the federal government — which would in turn give a chunk back to the local police. This served as a way for these local agencies to skirt past state laws designed to limit asset forfeiture.
oney Earl Jr. was 25 years old when he was convicted for felony possession of a controlled substance with intent to sell. Though he had never been to prison before, he was sentenced to 42 months in a New York state correctional facility. He would serve 31 months of that sentence. When he was released in 2008, he needed a job.
In the first year Earl was out, he applied to almost 40 jobs — all entry level. Earl was interviewed for at least a dozen of those positions. Yet every time a conditional offer was made and a background check was conducted, the position would simply disappear.
This case challenges President Trump’s executive order prohibiting entry to the United States to people from six Muslim-majority countries. The president imposed a version of the order in January, to immediate and devastating impact, as many incoming travelers were detained at airports, and families across the country were separated from their loved ones. Thousands of people flooded the airports in protest, and the courts quickly stepped in to block the ban, starting with a case filed by the ACLU and our partner organizations. Other challenges quickly followed. When federal judges temporarily blocked that ban, Mr. Trump issued the current version, which left in place the same fundamental defects.
Unlike most police departments nationwide, the Minneapolis Police Department has taken an important step toward becoming more transparent and accountable to the communities it serves.
On August 9, it launched a new online data portal that allows the public to access raw data from certain stops, including suspicious person and traffic stops, that officers make. The data set goes back to November 1, 2016, and, as promised, has been updated every 24 hours since launch. The data is searchable by race, gender, location of the stop, whether a search occurred, and more.
Kindness makes people’s lives better, but just encouraging individuals to be kinder to each other has significant limitations. Therefore, we have to transform the social, economic and political structures that inhibit our ability to act in kindness, and at the same time strengthen the links between these actions and our aspirations for greater social and economic justice.
Dolores Huerta, a largely unsung hero in the fight for farmworkers’ rights, is the subject of the new movie, Dolores, that recounts her life as a feminist and union organizer, reports Dennis J Bernstein and Miguel Gavilan Molina.
New Zealand telecommunications companies and service providers cop the most criticism from the country’s consumers of all business and industry sectors, according to a new report just published by the competition enforcement and regulatory agency The Commerce Commission.
A few years ago Netflix wasn't all too worried about piracy but now that it produces a lot of original content, this has changed. The company now has a "Global Copyright Protection Group" and also enlists its 'own' stars to address the issue head on. The executive board of 'Cali Cartel' in the hit series Narcos threatens to 'kill' those who dare to download the show from "shitty websites.
In 2014, police in Germany revealed a manhunt for two brothers said to be behind streaming sites Movie4K and KinoX. Unusually, authorities claimed the pair were violent and possibly armed, hardly common traits among pirate site operators. It's now been revealed that one of the brothers has handed himself into the German embassy in Kosovo.
For many years now, we've been covering the sometimes odd/sometimes dopey case of the monkey selfie and the various disputes over who holds the copyright (the pretty clear answer: no one owns the copyright, because the law only applies to humans). David Slater, the photographer whose camera the monkey used, has always claimed that he holds the copyright (and has, in the past, tried to blame us at Techdirt for pointing out that the law disagrees). A few years back, PETA, the publicity-hungry animal rights group, hired big time lawyers at Irell & Manella to argue (1) the monkey holds the copyright, not Slater, (2) PETA somehow magically can stand in for the monkey in court -- and sued Slater over it. Slater and I disagree over whether he holds the copyright, but on this we actually do agree: the monkey most certainly does not hold the copyright.