Not only is Purism working on their Librem 5 smartphone this year with hopes of still readying the software and hardware for shipping to consumers in 2019, but they are also planning to unveil their tablet this year.
Todd Weaver, the founder and CEO of Purism, posted today about the company's goals for 2018. Besides releasing the development board for the Librem 5 phone this year and working on other efforts for their smartphone plans, they are also planning to "release the much-anticipated Librem tablet."
Purism has some lofty goals that seem more attainable with each advancement that we make. Our pace for these achievements is already impressive, and we plan on maintaining and exceeding that pace in 2018.
Munich City officials could waste €100m reversing a 15-year process that replaced proprietary software with open source following an official vote last year.
Munich officials in 2003 voted to migrate to an in-house custom version of Ubuntu Linux called LiMux and tailor digital docs to be compatible with LibreOffice. Now the councillors have decided that Munich will switch some 29,000 PCs to Windows 10 and phase out Linux by early 2023.
The cost of the U-turn could be even more catastrophic if another council vote by the end of 2018 fails to take a more reasoned tally. An approval would replace the open-source office suite LibreOffice with Microsoft Office.
That decision will cost the city upwards of €50m plus another €50m to revert to Windows 10, according to reports. The bill results from a combination of buying Windows 10 licences and converting some 12,000 LibreOffice templates and macros along with developing a new templating system for Microsoft Office.
Linux Journal, the Houston-based publication that covered and championed the open-source computer operating system for 23 years, won't shut down after all.
Publisher Carlie Fairchild said Monday in a post to the Linux Journal website that the online magazine has been "rescued" by Private Internet Access VPN, a company owned by London Trust Media of Denver.
At this point I’d had more than enough of Microsoft Windows. I used my laptop to download the ISO for Lubuntu 17.10 and create a LivePendrive, and I installed Lubuntu on the Aspire XC600. Although I run a source-based Linux distribution on two laptops, for ease and speed of installation and maintenance I opted to install a binary-based distribution on the family PC. I chose Lubuntu specifically because it uses the LXDE desktop environment, which is closer in look and feel to classic Windows than e.g. the Unity or GNOME desktop environments in Ubuntu, and is not as processor-hungry as KDE. I found that Lubuntu worked extremely well out-of-the-box, including scanning and printing using my Canon MP510 MFP. I used the GUI Software utility (‘System Tools’ > ‘Software’ from the LXDE application menu) to uninstall AbiWord and Gnumeric and install the LibreOffice suite. I added user accounts for all my family (‘System Tools’ > ‘Users and Groups’). Since the machines on my home network use SMB to share files, I installed samba and sambaclient and edited the smb.conf file via the command line, and browsing SMB shares worked first time. We have a decent family PC again.
Linux, the open-source operating system project first developed by Linus Torvalds in 1991, is now used by millions of people on desktop computers, mobile devices and servers; Google’s Android and Chrome OS even have Linux roots. Because the software has been free and open for developers to enhance and improve for years, Linux is now available in many versions (typically called “distributions”) that vary in complexity and user interface.
In terms of being able to do everything a Windows desktop can do, a Linux system is certainly capable of most common tasks, like browsing the web, sending and receiving email, creating documents and spreadsheets, streaming music and editing photos. Many Linux distributions include all the basic programs you need, and you can install others from Linux software repositories online, but make a list of everything you need to do on the computer and make sure you have a Linux solution for it.
Windows today beats almost all the markets thanks to its simplicity and large number of programs and games in a free access. We are used to Windows since there are no compatible systems like Windows. However, it is not true. Only a small number of people might have heard about Linux. This operating system started at the beginning of 90th and quickly gained popularity for supercomputers and huge server rooms. Today, you will actually be able to compare all the advantages and disadvantages of Linux operating system to understand whether it is worth your attention or not. Maybe, you will be even convinced of switching over to Linux after all. So let's start with advantages and disadvantages and then a small summary that I hope will help you to process all the newly acquainted information.
Dell’s new XPS 13 laptop is thinner than its predecessors, features slimmer bezels, and adds a Windows Hello-compatible infrared camera. There’s also a brand new white model if you prefer that to the black and silver version Dell’s been offering for the past few years.
Just ahead of the Consumer Electronics Show (CES) in Las Vegas, Dell has unveiled a new XPS 13 high-end laptop.
The new XPS 13 makes use of Intel's 8th Gen CPUs, the laptop chassis has been improved upon, and the battery life is said to be better than last year's model. From a far the laptop looks similar to the previous XPS 13 but is now a little bit thinner and lighter with a 2.68 pound weight and measures in at 11.9 x 7.8 x 0.46 inches. The bezel on this new laptop comes in at just 4mm.
Amazon has released its own version of the open-source Linux operating system for enterprise customers who use its cloud offering – Amazon Web Services – which will run both on clients’ computers as well as in the cloud.
This marks a shift in Amazon’s cloud computing strategy as it earlier did not allow similar operating systems to run on its clients’ servers, but rather on Amazon-owned data centres. Reports suggest the company will allow its cloud customers to rent access to its new operating system, which it calls Linux 2, but will also allow clients to install the new OS on its own servers.
We’re back and excited about all the cool new innovation happening around microservice architectures. We kick off 2018 with an introductory discussion about “Service Mesh” technologies, such as Istio, Envoy and Linkerd, and how they apply to modern application architectures.
Submit your proposal now to speak at Embedded Linux Conference + OpenIoT Summit in Portland, Oregon, March 12 - 14, 2018. Share your expertise with 900+ technologists in the embedded Linux and IoT space.
Lucas Stach has submitted the DRM driver updates for Etnaviv that are requested to be pulled for Linux 4.16.
This open-source, reverse-engineered Vivante graphics driver continues getting better. Besides some basic fixes, the Etnaviv-Next 4.16 changes include occlusion query buffer support in their command stream validator, fixes/cleanups needed to turn on GPU performance profiling, and prep work for hooking in to the DRM GPU scheduler.
RADV developer Bas Nieuwenhuizen has wired in support for ETC2 texture compression to this Mesa-based, open-source Radeon Vulkan driver.
The textureCompressionETC2 device feature is now supported by the RADV driver with the latest patches. This ETC2 lossy texture compression support is handled by Radeon GPU hardware with Stoney Ridge APUs or Vega "GFX9" GPUs and newer, including Raven Ridge.
Solus taking a break from their Steam Linux integration improvements and their other open-source desktop innovations has been experimenting with their own Qt Wayland compositor over the holiday period.
The Solus team shared some holiday experiments they were doing with a QtWayland-based Wayland compositor with their Budgie 11 desktop environment. Interestingly, they made use of NVIDIA proprietary driver support with EGLStreams.
Earlier this week when news was still emerging on the "Intel CPU bug" now known as Spectre and Meltdown I ran some Radeon gaming tests with the preliminary Linux kernel patches providing Kernel Page Table Isolation (KPTI) support. Contrary to the hysteria, the gaming performance was minimally impacted with those open-source Radeon driver tests while today are some tests using the latest NVIDIA driver paired with a KPTI-enabled kernel.
NVIDIA has released their first beta driver in the long-awaited 390 series.
This driver update is notable in that it should have a workaround for the recent vRAM memory leakage. Additionally, the 390 series will be the last supporting 32-bit.
Mario Kleiner's work on plumbing Mesa for handling 10-bit colors has landed in Mesa 17.4-dev Git.
These patches have been floating around for a few months for getting Mesa/Gallium3D ready for 10-bit color visuals that go from 256 luminosity levels per color/channel with 8-bit color to 1024 levels with 10-bit. Many GPUs support 10-bit color while the number of monitors so far supporting 10-bit color isn't too common, at least not yet.
For those of you riding the Mesa 17.3 stable train, the second point release is expected for release this weekend with many fixes.
The release candidate for Mesa 17.3.2 was issued today by Collabora's Emil Velikov who continues serving as Mesa's primary release manager. So far there is just over one dozen patches queued up but over one dozen more still being reviewed.
The open-source Mesa RADV Vulkan driver, RADV, now has patches for supporting VK_ANDROID_native_buffer.
The initial benchmarks of these security patches published yesterday were focused on Intel desktop hardware following all the media attention around this "Intel CPU bug" now known as Meltdown and Spectre following the disclosure today by Google's Project Zero.
In those initial benchmarks most of the overhead from these page table isolation patches to improve the Linux kernel security were found to slowdown select I/O workloads. Our continued testing through today has found for desktop-type hardware to mostly be impacted on that front with no severe slowdowns in other common desktop workloads. I provided a summary this afternoon of further analyzing the performance on more systems.
As a blogger I take a lot of screenshots and annotate a lot of screenshots. Any app that can help to speed up my workflow is super appreciated.
Writers are fiercely loyal to the tools they use. For years, I swore by the ultra-slimline markdown editor iA Writer. Sadly, this hugely popular app is a macOS exclusive, and when I ditched my MacBook Pro to join the PC world, I had to leave it behind.
For ages now, I’ve searched for a successor to iA Writer, and nothing has ever come close. That is, until I stumbled upon GhostWriter, which is available for Linux and Windows.
For the past month, I’ve used it as my daily driver on Ubuntu 17.10. I compose almost all of my articles in it. Rather quickly, I’ve become an enthusiastic fan.
It is time to share a list of the best 20 Free and Open Source Software I found during the year 2017. Some of these programs may not be new in that they weren’t released for the first time in 2017, but they are new and have been helpful to me. It is in the spirit of sharing that I’m writing this article hoping you find some of these programs useful as well.
Tablao is a cross-platform table editor with which you can easily create tables in HTML the way you would create tables in Excel.
You no more need to write cumbersome HTML-tags, Markdown- or ASCII tables. But unlike Excel, Tablao creates correct HTML tables without any style information and very easy to use in your own HTML documents.
Opera Software has released the latest Opera 50 version desktop browser for Windows, macOS, and Linux. Opera includes numerous new features such as a new anti-cryptomining feature and Chromecast & VR 360 support for the Oculus VR headset. These features were initially available on the beta RC version of Opera 50.
Valve have updated the SteamOS beta once again, this time they're pulling in some major package updates to give a better experience.
This is the second beta update in less than two months, which is really damn nice to see! A pretty nice start to 2018, let's hope they can keep a little momentum going here.
Much like with the fourth version, the developer working on the Linux ports of The Jackbox Party Pack 2 [Steam] & 3 [Steam] has allowed me to announce their Beta for Linux today.
Are you a fan of games like Rocket League? Ultraball [Steam] might be your game. A free multiplayer sci-fi action sports game with players wearing robotic armour. The description alone tickled my interested and after watching some early footage, I feel like I need to play it.
I've loved the game since I first tried the early test builds, but now I've put some proper time into the co-op experience, I can safely say it's firmly near the top of my favourites list. Even though it's not finished (Early Access), it still has a ridiculous amount of content.
Want to play Jagged Alliance 2 on Linux and have a good experience? The JA2-Stracciatella game engine is exactly what you need.
Stellar Interface [Steam, itch.io] is a rather crazy looking space shooter with a randomly-generated galaxy, it recently gained an Endless Mode too. This is one from my list of "games that got buried", it was previously in Early Access and it's been updated rather a lot.
RPCS3, the open source emulator for the Playstation 3 has a new progress report out and it's looking really good.
Xenomarine [Steam, itch.io], the early access sci-fi dungeon crawler has been updated again, it's not a huge update but it's a fun one.
The 5th and final bugfix update (5.11.5) of the Plasma 5.11 series is now available for users of Kubuntu Artful Aardvark 17.10 to install via our Backports PPA.
This update also includes an upgrade of KDE Frameworks to version 5.41.
Challenges with cloud messaging for embedded devices has inspired the Kaltiot & SnowGrains teams to create a cross-platform Qt API which enables easy push messaging from and to embedded devices. The API is called the Qt Cloud Messaging API and it is built with flexibility and extensibility in mind.
We have decided to target other Qt areas, too, and make the API easily extensible to any service provider instead of being for embedded only. This enables developers to use the same API for both mobile and desktop development.
We are happy and proud to announce the immediate availability of Zanshin 0.5.0.
After 0.4.0 one year and a half ago and 0.4.1 last year (which wasn't publicly announced), this new release introduce new features. The 0.4 series was mostly about the Qt 5 port and stabilization, now we can be a bit more ambitious again.
I prefer to set expectations, I haven’t worked hard on GtkSourceView and Tepl this time around, because the fundraising is not as successful as I would like. Since I’m paid less than one hour per week for that project, I don’t feel forced to work > 10 times more, I think it’s understandable.
I’d like to take this opportunity to thank all the people who became Friends of GNOME, whether they chose me or someone else for the postcard, or even if they opted out. Your donation to the GNOME Foundation helps us a lot. And if you’re not already a donor, consider becoming one!
Since January 1st, GIMP depends on the “mypaint-brushes” repository which I am maintaining until MyPaint project finally takes it alongside its other repositories.
I am hoping that I won’t have to maintain this for long and am looking forward for the MyPaint developers to take care of it (and last I heard of it, in the bug report, they wanted to). So this blog post is also to say that I am not trying to fork MyPaint or anything. I am just taking a little advance because we cannot wait much longer unfortunately since GIMP now uses libmypaint and we are really looking into releasing GIMP 2.10 as soon as we can.
As you may remember from my last post on fonts, our goal was to support OpenType font variations. The Linux text rendering stack has multiple components: freetype, fontconfig, harfbuzz, cairo, pango. Achieving our goal required a number of features and fixes in all these components.
Getting all the required changes in place is a bit time-consuming, but the results are finally starting to come together. If you use the master branches of freetype, fontconfig, harfbuzz, cairo, pango and GTK+, you can try this out today.
If you’re among the many GNOME Shell users who like to put icons on the desktop, brace yourself for change
Developers working on the next major release of the GNOME desktop environment have removed the ‘desktop’ feature currently used to display and manage files, folders and attached drives kept on the desktop workspace.
the first Core Update is ready to be released today and it comes withh a huge number of various bug and security fixes.
“Open source is the best source for choice and security.” These were the first words that Paul Smith, Senior Vice President and General Manager, Public Sector, Red Hat, chose to open his talk at the recent 2017 Red Hat Government Symposium. The yearly Red Hat Government Symposium goes beyond demos and new product announcements to explore the best practices to successfully leverage people, process and technology in order to maximize digital transformation and modernization initiatives within the government.
In an effort to make application release automation easier for DevOps teams, Red Hat has announced DeployHub OSS and Pro by OpenMake is now certified by the company and available in its Connect Container Catalog.
DeployHub OSS is an “open source continuous deployment tool built by developers for developers to achieve agile DevOps,” according to Red Hat. It features a fully functional version, ansible integration, an agentless architecture, and CI integrations.
Investors in Linux and open-source software distributor Red Hat (RHT) should not be worried that the company is competing directly with Amazon (AMZN) in Linux now within the enterprise, not just the cloud, urges Deutsche Bank’s Karl Keirstead, who reiterates a Buy rating on Red Hat, and a $150 price target.
The new year has arrived, but in the TeX world not much has changed – we still get daily updates in upstream TeX Live, and once a month I push them out to Debian. So here is roughly the last month of changes.
This is a continually updated article to inform you about Linux Mint 19 release date, features and everything important associated with it.
Linux Mint 19 codename has just been released. The first release of the upcoming Linux Mint 19 series will be called “Tara”.
The Linux Mint project turned out to be an early Christmas present, as it usually does, but this release is perhaps more important than usual given that Mint is much more alone in the Linux distro world than it was just one year ago.
2017 saw Ubuntu abandon the Unity desktop and come back to the GNOME fold, which means that Linux Mint is now the most popular distro that doesn't ship with GNOME. Mind you, Linux Mint doesn't just not ship GNOME by default, it doesn't ship a GNOME version at all. That doesn't just make it unique, but also more important than ever.
The latest release of Linux Mint 18.3 “Sylvia” kicked off the development of the new Linux Mint 19.x series. In a recent blog post, the development team shared some brief updates on the same. It has been confirmed that the first release in this series will be called Linux Mint 19 “Tara.” “Tara is a popular name here in Ireland, and the name of someone we really like,” the announcement read.
The release of Linux Mint 18.3 in November 2017 put the development focus of the team on Linux Mint 19, the next major version of the popular Linux distribution.
Linux Mint 19 is the first significant release of the operating system since June 2016 when Linux Mint 17, codename Sarah, was released by the team.
We’ve had some good news for our Gear S3 readers in the UK and now its time to continue the good “vibes” for our Gear S3 T-Mobile readers in the US. Today, T-Mobile have announced that Samsung Gear S3 Classic and Gear S3 Frontier devices are now being updated to Tizen 3.0.0.1, which includes the Gear S3 Value Pack. Now, I’m presuming this download already has the battery fix included as it wouldn’t make sense releasing a download without an important patch pre-applied!
For at least one startup, 2018 opened with a thud. On Tuesday, the open source mapping company Mapzen announced it would shut down at the end of the month, with its hosted APIs and support services going dark on February 1.
That’s a real pain for Mapzen users, whose ranks include civic tech organizations like Code for America, app developers, and government agencies like the Portland-area transportation agency TriMet. And it’s a bummer for those who contributed to Mapzen’s wide-ranging data sets, which included detailed info on public transportation.
Put on your cow bells and follow the herd of Gentoo developers to Université libre de Bruxelles in Brussels, Belgium. This year FOSDEM 2018 will be held on February 3rd and 4th.
Our developers will be ready to candidly greet all open source enthusiasts at the Gentoo stand in building K. Visit this year’s wiki page to see which developer will be running the stand during the different visitation time slots. So far seven developers have specified their attendance, with most-likely more on the way!
In preparation for CSS Grid shipping in browsers in March 2017, I worked on a number of guides and reference materials for the CSS Grid specification, which were published on MDN. With that material updated, we thought it would be nice to complete the documentation with similar guides for Flexbox, and so I updated the existing material to reflect the core use cases of Flexbox.
In order to stop sophisticated modern threats, organizations need to be flexible and scalable with the way they handle their data. Network flows and data need to be collected and examined at cloud scale in order to let defenders identify anomalous behavior, but getting to that stage is a heavy lift.
Henry Sowell, technical director for Hortonworks, spoke with CyberScoop on how open source systems allow for that flexibility and scalability, especially at a time where the onslaught of threats has never been greater.
The Rust team is happy to announce a new version of Rust, 1.23.0. Rust is a systems programming language focused on safety, speed, and concurrency.
If you go to GitHub, the most popular developer platform today, and search for a piece of code, it is a plain-text search.
“It’s like how we used to search on the web in 1996,” said Eiso Kant, CEO and co-founder at source{d}, a startup focused on applying machine learning on top of source code.
“We have been writing trillions of lines of source code across the world, but none of the systems or developer tools or programming languages we’ve designed actually learn from all the source code we have written.”
Every software development organization today seems to practice the agile software development methodology, or a version of it. Or at least they believe they do. Whether you are new to application development or learned about software development decades ago using the waterfall software development methodology, today your work is at least influenced by the agile methodology.
But what exactly is agile methodology, and how should it be practiced in software development?
RPM of PHP version 7.2.1 are available in the remi-php72 repository for Fedora 25-27 and Enterprise Linux ââ°Â¥ 6 (RHEL, CentOS) and as Software Collection in the remi-safe repository.
Perl is a bit battle-scarred, but it’s battle-tested, too. If you want to experiment with the latest, flashiest technologies, Perl may not be your first choice. However, if your business depends on having solid software with a track record of getting things done, Perl’s often a great choice.
That means iGen’ers were seeing their friends in person an hour less a day than GenX’ers and early Millennials did. An hour a day less spent with friends is an hour a day less spent building social skills, negotiating relationships, and navigating emotions. Some parents might see it as an hour a day saved for more productive activities, but the time has not been replaced with homework; it’s been replaced with screen time.
Impressively, according to this survey by the Pew Research Center, 94% of Americans have at least heard about self-driving cars, with 35% saying they’ve heard “a lot” about them. Yet, not everyone is thrilled to hear the news. A slight majority of 56% of Americans say they would not want to ride in a driverless car, largely due to trust issues. 42% of people who don’t want to ride in a driverless car say they “Don’t trust it” or are “Worried about giving up control.”
In literature, the potential existence of extra dimensions was discussed in Edwin Abbott's satirical novel "Flatland: A Romance of Many Dimensions" (1884), portraying the Victorian society in 19th century England as a hierarchical two-dimensional world, incapable of realizing its narrow-mindedness due to its lower-dimensional nature.
In physics, on the other hand, the possibility that our universe comprises more than three spatial dimensions was first proposed in the wake of Albert Einstein's theory of general relativity in the 1920s. Modern string theory – trying to reconcile Einstein's ideas with the laws of quantum mechanics – even postulates up to 10 dimensions.
Humans possess six forms of the protein actin, which perform essential functions in the body. Two in particular, ò-actin and ó-actin, are nearly identical, only differing by four amino acids. Yet these near-twin proteins carry out distinct roles. A long standing question for biologists has been, how is this possible?
When a new undersea communications cable becomes operational late this year, it will break the record for a key metric: data rate times distance. In a single second, its six fiber-optic pairs, stretching roughly 13,000 kilometers (8,000 miles) between Hong Kong and Los Angeles, will be able to send some 144 terabits in both directions. That’s as much data as you’d find in several hundred Blu-ray discs. The cable’s main purpose is to connect Facebook and Google data centers in East Asia with those in the United States.
The new cable is part of an ongoing transformation of the submarine fiber-optic cable network. Originally, that network carried telephone calls and faxes. Later those subsea conduits served primarily to shuttle data between Internet users and a myriad of service providers. Now, it’s mostly transferring content and cloud-computing offerings between the data centers of a handful of tech giants.
The cofounders of Witchsy, an online marketplace for dark or funny art that wasn’t a good fit for other arts marketplaces, last year accidentally conducted an experiment on sexism in tech. Fast Company briefly described their experience in an August 2017 article—a story that quickly went viral. And last month, at the Atlantic Inclusion in Tech summit, the Witchsy cofounders—Penelope Gazin and Kate Dwyer—filled in the fascinating details.
We're living in yesterday's future, and it's nothing like the speculations of our authors and film/TV producers. As a working science fiction novelist, I take a professional interest in how we get predictions about the future wrong, and why, so that I can avoid repeating the same mistakes. Science fiction is written by people embedded within a society with expectations and political assumptions that bias us towards looking at the shiny surface of new technologies rather than asking how human beings will use them, and to taking narratives of progress at face value rather than asking what hidden agenda they serve.
Long ago, Intel made a design mistake in its 64-bit chips -- and now, all Intel-based operating systems and their users must pay the price.
Linux's developers saw this coming early on and patched Linux to deal with it. That's the good news. The bad news is it will cause at least a 5-percent performance drop. Applications may see far more serious performance hits. The popular PostgreSQL database is estimated to see at least a 17-percent slowdown.
How bad will it really be? I asked Linux's creator Linus Torvalds, who said: "There's no one number. It will depend on your hardware and on your load. I think 5 percent for a load with a noticeable kernel component (e.g. a database) is roughly in the right ballpark. But if you do micro-benchmarks that really try to stress it, you might see double-digit performance degradation."
Red Hat's John Terrill informs Softpedia today that Red Hat is aware of the two hardware bugs (Meltdown and Spectre) affecting most modern microprocessors and they're working on security updates to mitigate them on their supported operating systems.
The Meltdown and Spectre vulnerabilities (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754) were publicly disclosed earlier today as critical hardware flaws affecting modern microprocessors made in the last two decades. These can be exploited by an unprivileged attacker to bypass hardware restrictions through three unique attack paths and gain read access to privileged memory.
Red Hat Product Security provided us with several resources to better understand the impact of these hardware bugs on any of their supported Linux-based operating systems from an open source technology perspective. They said that Intel, AMD, POWER 8, POWER 9, IBM System z, and ARM chips are affected by the newly discovered vulnerabilities.
We're finally getting actual technical details on the CPU vulnerability leading to the recent race around (K)PTI that when corrected may lead to slower performance in certain situations. Google has revealed they uncovered the issue last year and have now provided some technical bits.
Google says their Project Zero team last year discovered serious flaws in speculative execution that could lead to reading system memory where it shouldn't be authorized. Google was also able to demonstrate an attack where one VM could access the physical memory of the host machine and in turn read memory of other VMs on the same host.
Today Google security blog has posted about the two vulnerabilities that put virtually many computers, phones, laptops using Intel, AMD and ARM CPUs at risk. Using the two major flaws hackers can gain read access to the system memory that may include sensitive data including passwords, encryption keys etc.
Linux kernel maintainers Greg Kroah-Hartman and Ben Hutchings have released new versions of the Linux 4.14, 4.9, 4.4, 3.16, 3.18, and 3.12 LTS (Long Term Support) kernel series that apparently patch one of the two critical security flaws affecting most modern processors.
The Linux 4.14.11, 4.9.74, 4.4.109, 3.16.52, 3.18.91, and 3.2.97 kernels are now available to download from the kernel.org website, and users are urged to update their GNU/Linux distributions to these new versions if they run any of those kernel series immediately. Why update? Because they apparently patch a critical vulnerability called Meltdown.
A flaw in many chips leaves devices vulnerable to attack unless they’re patched with software that will make them sluggish. Some semiconductors from ARM, whose chips are popular with mobile phone makers, are also affected. AMD chips may also be affected, though the company told Axios there is a “near zero” risk to its products.
Linux inventor and founder Linus Torvalds is not known for holding back strong opinions he has about computers, which is why he's become one of the loudest voices critical of Intel's handling of the so-called Meltdown bug, which was revealed on Wednesday and could enable an attacker to steal confidential information, including passwords.
"I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed," Torvalds wrote in a sharply-worded email sent on to a Linux list on Wednesday.
So we have an attack (Meltdown) which is arbitrary memory read from unprivileged code, probably on Intel only, fairly easy to set up, mitigated by KPTI.
Then we have another, similar attack (Spectre) which is arbitrary memory read from unprivileged code, on pretty much any platform (at least Intel, AMD, Qualcomm, Samsung), complicated to set up, with no known mitigation short of “wait for future hardware which might not be vulnerable, until someone figures out an even more clever attack”. It even can be run from JavaScript, although Chrome is going to ship mitigations from that to happen.
These problems seem to have come about as a result of "speculative execution" -- an optimization technique that involves doing work before it is known whether that work will be needed. Correcting the vulnerabilities, therefore, comes at a performance price. More information on this tradeoff is available from this Red Hat post. Patches could slow down systems by as much as 30% -- a hit that most users are likely to feel. However, the specific performance impact will be workload dependent. To address Spectre in the short term, Red Hat has modified the kernel by default to not use the performance features that enable the vulnerability. Their customers do have the option to disable the patch and use the performance features. While Red Hat is working with chip manufacturers and OEMs on a longer-term solution, this option gives customers a way to make their own security and performance decisions
Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers.
The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers, servers running in so-called cloud computer networks.
The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms, each requiring slightly different fixes. In many cases, these fixes also require microcode updates from the hardware vendors. Red Hat has delivered updated Red Hat Enterprise Linux kernels that focus on securing customer deployments. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place.
A design flaw in all Intel chips produced in the last decade is responsible for a vulnerability that puts Linux, Windows and macOS-powered computers at risk, according to multiple press reports. The flaw reportedly is in the kernel that controls the chip performance, allowing commonly used programs to access the contents and layout of a computer's protected kernel memory areas. The Linux kernel community, Microsoft and Apple have been working on patches to their operating systems to prevent the vulnerability.
While these bugs impact a huge number of devices, there has been no widespread attacks so far. This is because it’s not straightforward to get the sensitive data from the kernel memory. It’s a possibility but not a certainty. So you should not start panicking just yet.
KPTI patches are out from most vendors now. If you haven't applied them yet, you should; even my phone updated today (the benefits of running a Nexus phone, I guess). This makes Meltdown essentially like any other localroot security hole (ie., easy to mitigate if you just update, although of course a lot won't do that), except for the annoying slowdown of some workloads. Sorry, that's life.
Spectre is more difficult. There are two variants; one abuses indirect jumps and one normal branches. There's no good mitigation for the last one that I know of at this point, so I won't talk about it, but it's also probably the hardest to pull off. But the indirect one is more interesting, as there are mitigations popping up. Here's my understanding of the situation, based on random browsing of LKML (anything in here may be wrong, so draw your own conclusions at the end):
Intel has issued microcode patches that they claim will make most of their newer CPUs (90% of the ones shipped in the last years) “immune from Spectre and Meltdown”. The cornerstone seems to be a new feature called IBRS, which allows you to flush the branch predictor or possibly turn it off entirely (it's not entirely clear to me which one it is). There's also something called IBPB (indirect branch prediction barrier), which seems to be most useful for AMD processors (which don't support IBRS at the moment, except some do sort-of anyway, and also Intel supports it), and it works somewhat differently from IBRS, so I don't know much about it.
The rumored bugs in Intel (and beyond) processors have now been disclosed: they are called Meltdown and Spectre, and have the requisite cute logos. Stay tuned for more.
See also: this Project Zero blog post. "Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, we have exploits that work against real software. We reported this issue to Intel, AMD and ARM on 2017-06-01."
See also: this Google blog posting on how it affects users of Google products in particular. "[Android] devices with the latest security update are protected. Furthermore, we are unaware of any successful reproduction of this vulnerability that would allow unauthorized information disclosure on ARM-based Android devices. Supported Nexus and Pixel devices with the latest security update are protected."
A major security flaw has surfaced that’s thought to affect all Intel microprocessors since at least 2011, some ARM processors and, according to Intel, perhaps those of others. Unusually, the exploit, called Meltdown, takes advantage of the processors’ hardware rather than a software flaw, so it circumvents security schemes built into major operating systems.
Two highly publicized security flaws in the Intel x86 chip architecture have now emerged. They appear to affect other microprocessors made by AMD and designs licensed by ARM.
And they may be some of the worst computer bugs in history -- if not the worst -- because they exist in hardware, not software, and in systems that number in the billions.
These flaws, known as Meltdown and Spectre, are real doozies. They are so serious and far-reaching that the only potential fix in the immediate future is a software workaround that, when implemented, may slow down certain types of workloads as much as 30 percent.
Security researchers have found serious vulnerabilities in chips made by Intel and other companies that, if exploited, could leave passwords and other sensitive data exposed.
He's not the only one unhappy with Intel. A Linux security expert is irked at both Google and Intel. He told me that Google Project Zero informed Intel about the security problems in April. But neither Google nor Intel bothered to tell the operating system vendors until months later. In addition, word began to leak out about the patches for these problems. This forced Apple, the Linux developers, and Microsoft to scramble to deliver patches to fundamental CPU security problems.
The result has been fixes that degrade system performance in many instances. While we don't know yet how badly macOS and Windows will be affected, Michael Larabel, a Linux performance expert and founder of the Linux Phoronix website, has ran benchmarks on Linux 4.15-rc6, a Linux 4.15 release candidate, which includes Kernel Page Table Isolation (KPTI) for Intel's Meltdown flaw.
You may have heard about Meltdown, an exploit that can be used against modern processors (CPUs) to maliciously gain access to sensitive data in memory. This vulnerability is serious, and can expose your secret data such as passwords. Here’s how to protect your Fedora system against the attack.
The Project Zero researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible. For example, an unauthorized party may read sensitive information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications. Testing also showed that an attack running on one virtual machine was able to access the physical memory of the host machine, and through that, gain read-access to the memory of a different virtual machine on the same host.
Technology companies are working to protect their customers after researchers revealed that major security flaws affecting nearly every modern computer processor could allow hackers to steal stored data — including passwords and other sensitive information — on desktops, laptops, mobile phones and cloud networks around the globe.
The scramble to harden a broad array of devices comes after researchers found two significant vulnerabilities within modern computing hardware, one of which cannot be fully resolved as of yet. Experts say the disclosure of the critical flaws underscores the need to keep up with software updates and security patches and highlights the role independent research plays in prodding tech companies to minimize security weaknesses.
In the month of November last year, Intel CEO Brian Krzanich sold off a big chunk of his company stocks worth $24 million (245,743 shares). The stocks were valued at $11 million back then. Now, the CEO is left with just 250,000 shares which fulfill the minimum requirement to continue his job.
Just yesterday, a report from The Register disclosed a massive security screwup on behalf of Intel, which impacted nearly all chips manufactured in the past ten years. It was also reported that future patches released by the developers of Windows and Linux kernel could reduce the performance of devices up to 5-30%. That’s a lot.
As might be guessed, a fair number of these updates are for the kernel and microcode changes to mitigate Meltdown and Spectre. More undoubtedly coming over the next weeks.
Several recently-published research articles have demonstrated a new class of timing attacks (Meltdown and Spectre) that work on modern CPUs. Our internal experiments confirm that it is possible to use similar techniques from Web content to read private information between different origins. The full extent of this class of attack is still under investigation and we are working with security researchers and other browser vendors to fully understand the threat and fixes. Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox. This includes both explicit sources, like performance.now(), and implicit sources that allow building high-resolution timers, viz., SharedArrayBuffer.
Meltdown is specific to x86 processors made by Intel; it does not appear to affect AMD. But virtually every CPU going back decades that has a feature called speculative execution is vulnerable to a variety of the Spectre attack. In short, for those processors that execute "future" code downstream in anticipation of what the results of certain branching operations will be, Spectre exploits the timing differences that occur when certain kinds of speculatively executed code changes what's in the processor cache. The attacker may not be able to read the memory directly, but (s)he can find out if it's in the cache by looking at those differences (in broad strokes, stuff in the cache is accessed more quickly), and/or exploit those timing changes as a way of signaling the attacking software with the actual data itself. Although only certain kinds of code can be vulnerable to this technique, an attacker could trick the processor into mistakenly speculatively executing code it wouldn't ordinarily run. These side effects are intrinsic to the processor's internal implementation of this feature, though it is made easier if you have the source code of the victim process, which is increasingly common.
People living now in Yemen’s third largest city, Taiz, have endured unimaginable circumstances for the past three years. Civilians fear to go outside lest they be shot by a sniper or step on a land mine. Both sides of a worsening civil war use Howitzers, Kaytushas, mortars and other missiles to shell the city. Residents say no neighborhood is safer than another, and human rights groups report appalling violations, including torture of captives. On Dec. 26th, 2017, a Saudi-led coalition bomber killed between 20 and 50 people in a crowded marketplace.
As the new year begins, it is important for the U.S. to acknowledge its troubling history of global war-making, especially over the past two-decades, as Nicolas J.S. Davies delineates.
Those wishing to kill the Joint Comprehensive Plan of Action (JCPOA), the agreement that restricts Iran’s nuclear program, have never given up. The agreement’s ever-lengthening successful record, now more than two years old, of keeping closed all possible pathways to an Iranian nuclear weapon ought to have discouraged would-be deal-slayers. But the slayers got a new lease on life with the election of Donald Trump, who, as part of his program of opposing whatever Barack Obama favored and destroying whatever he accomplished, has consistently berated the JCPOA.
President Trump tweets that his “nuclear button” is “much bigger & more powerful” than North Korean leader Kim Jong-un’s. Meanwhile, North and South Korea have opened lines of communication, saying they are open to direct negotiations. We speak with Bruce Cumings, professor of history at the University of Chicago, author of “North Korea: Another Country.”
But is this the real reason for the sudden unanimous decision by the board to end support? Is it possible that the Freedom of Press Foundation dropped support for Wikileaks due to a strategy outlined in the “Wikileaks Threat” PDF? (Seen here Wikileaks Threat link ) Did an agency of the US use this strategy to turn the board of directors at FPF against it’s Founder? I have included a copy of part of the strategy used by First of America in 2010 and the following intel agencies ( Palantir Technology, HBGary & Berico Holdings) in hopes of destroying Wikileaks. As you know, this strategy didn’t work.
Late Sunday night, just hours after the FBI released a new document that appeared to confirm Swedish sexual assault charges against him were trumped up by the U.S. Deep State, WikiLeaks co-founder Julian Assange tweeted what appears to be an encryption code.
The Ecuadorian embassy has spoken out following rampant speculation about the health and whereabouts of Julian Assange after his recent cryptic tweet.
The concern was sparked by the WikiLeaks founder sending a bizarre tweet on New Year’s Day which featured a 60 character code and a link to the popular ‘Paper Planes’ song by British rapper MIA. Many wondered why the 46 year old had tweeted the seemingly random string of letters and numbers.
That same day, WikiLeaks posted a late-night tweet saying not so fast, NY Times, Daily Wire reported.
For San Francisco tourists, Aquatic Park Cove is one of the city‘s most iconic areas, a popular spot to watch enormous sea lions and harbor seals frolicking in the water across from Ghirardelli Square.
For locals – or those who can brave the brisk waters, in any case – the cove is known as one of the best places for an open-water swim, especially favored by triathletes.
But last week, the cove‘s most prominent features clashed in a harrowing manner, when “aggressive” marine mammals attacked three swimmers in the span of about five days, officials said.
Even before Hurricane Harvey hit, Houston was no stranger to devastating rainstorms. The city got two "100-year" storms in the two years before Harvey made landfall. All three storms flooded thousands of houses, many outside of the Federal Emergency Management Agency's flood plains.
Intel Corp. admitted Wednesday that its chips have a vulnerability that will require software patches, but denied a media report that said other companies’ chips were not affected and that the software updates will have a major effect on devices’ performance.
According to a report published by the Register yesterday, “a fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.” Windows and Linux developers have reportedly been working to address the issue since November.
As our friends at Gizmodo ES pointed out (via Hacker News), Intel’s CEO Brian Krzanich sold roughly $11 million in company stock at the end of November. Counting the employee stock options Krzanich exercised, the CEO unloaded 245,743 shares, leaving him with 250,000 remaining shares—the minimum Krzanich is required to own according to the company’s bylaws, the Motley Fool reported.
Alphabet Inc.’s Google moved 15.9 billion euros ($19.2 billion) to a Bermuda shell company in 2016, regulatory filings in the Netherlands show -- saving the company billions of dollars in taxes that year.
Google uses two structures, known as a “Double Irish” and a “Dutch Sandwich,” to shield the majority of its international profits from taxation. The setup involves shifting revenue from one Irish subsidiary to a Dutch company with no employees, and then on to a Bermuda mailbox owned by another Ireland-registered company.
The amount of money Google moved through this tax structure in 2016 was 7 percent higher than the year before, according to company filings with the Dutch Chamber of Commerce dated Dec. 22 and which were made available online Tuesday. News of the filings was first reported by the Dutch newspaper Het Financieele Dagblad.
American authorities have decided that Alibaba's digital payment firm, Ant Financial, won't be allowed to acquire the cash transfer company Moneygram.
Ant Financial, which was one of our 50 Smartest Companies in 2017, is a Chinese tech company that handles mountains of data generated by its mobile payment business and other banking services. It was created in 2014 by e-commerce giant Alibaba to operate Alipay, a dominant mobile payment platform in China with 520 million users, and uses tools like computer vision and natural-language processing to reimagine financial services (see “Meet the Chinese Finance Giant That’s Secretly an AI Company.”)
Merrill Lynch financial advisors cannot buy bitcoin-related investments for their clients, The Wall Street Journal reported Wednesday.
The ban prevents the financial giant's roughly 17,000 advisors from pitching investments related to bitcoin and executing client requests to trade Grayscale's bitcoin investment trust (GBTC), the newspaper said, citing a person familiar with the matter.
"The decision to close GBTC to new purchases is driven by concerns pertaining to suitability and eligibility standards of this product," according to an internal memo the newspaper reviewed.
In 2017 we were told that blockchain technology and cryptocurrencies were going to save the world, disrupting just about anything with a digital fingerprint. But we saw very few tangible examples that justified the hype. In 2018, many of the intriguing pitches we heard will still be around, only now the challenge is going to be finding a way to deliver real products and services. Here are some of the biggest issues that members of the blockchain world will have to work through if the new year is going to realize the potential that was so highly touted in the last.
And as one goes downward (of course) from left to right one can only blame the UK for adopting such positions.
At the base of the stair is where the UK must end up, by reason of its “red lines”.
British government policies to boost income for poorly paying jobs could actually incentivize firms to automate instead.
As Donald Trump surrenders America’s global commitments, Xi Jinping is learning to pick up the pieces.
The retiring senator has always been a shameless tool of billionaire campaign donors and a partisan errand boy for the likes of Donald Trump.
This may be the most irresponsible tweet in history. Julian Sanchez articulated the best-case scenario: “The good news is, other countries won’t take talk like this too seriously because they understand Trump is a small man who blusters to make himself feel potent. That’s also the bad news; there’s nowhere left to go rhetorically when we need to signal that we’re serious.” Most likely, that’s the fallout.
But what if this needless social-media saber rattling escalates into war?
The Gimlet Media host P.J. Vogt asks a key question: “Imagine if you were the person who invented Twitter.” If I were that person, I would ban President Trump immediately.
And I would ban all other world leaders, too.
It goes on. Normally, none of this would be Techdirt-worthy, but late last night, a new twist was added. According to ABC News, President Donald Trump has hired lawyer Charles Harder to threaten Steve Bannon with a lawsuit for defamation, breach of confidentiality and non-disparagement agreements. And, then, this morning, more news broke of another letter, written by Harder, sent to Wolff and the book's publisher, demanding that the book not be published at all -- and that they send Harder a complete copy of the book.
So, let's lay our cards on the table here: the lawyer, Charles Harder, is still the lawyer representing a plaintiff in an ongoing lawsuit against us -- and we've written about many of his other lawsuits, including representing the First Lady, Melania Trump. Not much more needs to be said about him. We're also not huge fans of Steve Bannon. Or Donald Trump. Or, for that matter, of Michael Wolff, who has a long history of... not being very good at his job. So, if you want to accuse us of bias in this post, consider it spread all around.
Now, however, I do subscribe to the notion that Russia interfered with the US election on Trump’s behalf. It passes all of my sniff tests. It does not move the BS needle on my Truthometer. Putin put Trump in office. All the meetings, the indictments, the lies from Trump and his family and so much more are overwhelming. It’s Mueller Time, as they say.
Yes, Hillary conspired, unwittingly, with her own iniquitous collusion to bump off Bernie and with her bloodstained foreign policy record. Like so many, I voted for her as a purely defensive and highly emetic act.
In a case that highlights what some are calling the “Palestine exception” to free speech on college campuses across the nation, we look at students who are suing Fordham University’s Lincoln Center campus in New York for their right to start a Students for Justice in Palestine group. The student government approved the group unanimously, but the dean of students overruled the approval, saying the group would “stir up controversy” and be “polarizing.” On Wednesday, the students asked a judge to reinstate the student government’s approval. We speak with Ahmad Awad, who has graduated from Fordham University and is the lead petitioner, now a law student at Rutgers University. We also speak with Dima Khalidi, director of Palestine Legal.
In August of this year, a white supremacist plowed through a crowd of protesters gathered in downtown Charlottesville, Virginia. The attack injured around 20 people and killed 32-year-old Heather Heyer. The violent clashes that weekend shocked Americans, among them Emily Crose, who wanted to be there to protest against the white supremacists but couldn’t make it. A friend of hers was there, and was attacked and hurt by neo-Nazis.
Crose is a former NSA analyst and ex-Reddit moderator who now works at a cybersecurity startup. Inspired by her friend’s courage, and horrified by the events in Charlottesville, Crose now spends her free time teaching an AI how to automatically spot Nazi symbols in pictures spread online, be it on Twitter, Reddit, or Facebook.
Even before the protest, Iran’s government blocked large portions of the internet, including YouTube, Facebook, and any VPN services that might be used to circumvent the block. The government enforced the block through a combination of centralized censorship by the country’s Supreme Cybercouncil and local ISP interference to enforce more specific orders. The end result is a sometimes haphazard system that can still have devastating effects on any service the regime sees as a threat.
In September 2017, a law with the euphonious name ‘Netzwerkdurchsetzungsgesetz’ (‘network enforcement law’) was adopted in Germany. Its goal is to force social networks to remove hate speech and certain other unlawful content within 24 hours in obvious cases, otherwise within 7 days upon being notified. The transition period ended on 31 December 2017 - meaning the new rules can now be enforced. Failure to delete content within the given deadlines can result in heavy administrative fines of up to EUR 50m.
Unlike hate language, taboo words, dirty words, or fighting words that may cause harm, offense, or incite violence, the dangerous seven are not only surprisingly innocuous, but one might even say necessary to describe the present concerns of modern life and science. Astonishingly, “science-based” and “evidence-based” are on the list of the so-called banned words, along with “vulnerable,” “entitlement,” “diversity,” “transgender,” and “fetus.” The Post reports further that in some instances, semantically manipulative mouthfuls were offered, such as “CDC bases its recommendations on science in consideration with community standards and wishes,” in place of the widely accepted “science-based” or “evidence-based.” For the rest of the words to be avoided, such as “fetus,” there are no other suggested alternatives.
Last month, Chinese state media published articles commemorating the 30th anniversary of China’s first-ever email: ‘Across the Great Wall, we can reach every corner in the world.’
The email was sent from a research institute under China North Industries Group Corporation in Beijing on 14 September 1987 and received by the University of Karlsruhe in Germany at 8.55 pm on 20 September 1987.
Techno-optimists believed that the internet would ensure a free flow of information and ultimately a democratic society in authoritarian states like China. Thirty years on, however, China has instead built a Great Firewall, a vast hardware and software system that aims to prevent access to undesirable websites and censors sensitive content.
The law gives social media platforms 24 hours to remove "obviously illegal" content. This, of course, raises the question about how obvious "obviously illegal" content needs to be to trigger the 24-hour deletion requirement. Presumably, the government gets to decide how "obvious" the illegality is and how often it gets to collect millions of euros.
In what must be considered a show of government largesse, one week will be allowed to handle "complex" removal orders -- again, something likely determined solely by the German government. Given Germany's ultra-weird relationship with its Nazi past, the difference between complex and simple takedown demands isn't likely to be clear cut, putting companies in the path of fines and further German government grousing.
I understand that American companies are somewhat obliged to follow local laws when providing services overseas, but they should not be put in the position of being held criminally and civilly liable for the posts of their users. They can attempt to moderate content with an eye on local statutes, but the fines for posting "obviously illegal" content should be levied on the person posting it, rather than the service provider.
Freedom of the press in Venezuela has been threatened by the government for more than a decade. Even though the constitution of Venezuela protects freedom of expression and press freedom, Reporters without Borders found in 2017 that oppressive leader Nicolas Maduro “does his utmost to silence independent media outlets.”
The accumulation of power in the executive branch has enabled the Venezuelan government to intimidate, harass, and criminally prosecute the opposition, human rights defenders, and independent media outlets. While traditional media outlets are being threatened, social media serves as an alternative tool to transmit and consume news.
Two artists behind a controversial art installation commissioned for a newly opened subway station in Toronto say the city’s refusal to greenlight the project has ironically achieved what the art was meant to do — spark a debate about free speech.
German brothers Jan and Tim Edler, owners of realities:united, a Berlin-based art studio, say they’d been working with the Toronto Transit Commission on the project since 2009. But they say it was only days before the new Pioneer Village subway station’s scheduled opening last month that they were told authorities had concerns about the art piece.
At issue is LightSpell, a public art installation that would allow users to enter eight characters on a control panel in the station that show up on giant light screens that hang from the ceiling.
Since the 2009 Green Movement protests in Iran, internet connections have grown significantly, which is why social media is likely playing an important role in the anti-government demonstrations rocking the country.
"I believe that has made a tremendous difference between now and then," said Hadi Ghaemi, executive director for the New York-based Center for Human Rights in Iran. "One difference between now and 2009 is that almost the whole nation is now plugged online.
"I think for these protests it's extremely important."
China’s media regulator is being taken to court over its view that homosexual activities are “abnormal”, in a rare public case that pits state censorship against gay rights.
Following a crackdown on showing homosexuality in the country’s media, a Beijing court has made the unusual move of accepting a legal challenge brought by a member of the public hoping to raise awareness in a country still gripped by dated conservative views on homosexuality.
The extraordinary rise of Xi Jinping was, understandably, the main talking point of the 19th National Congress of the Communist Party of China (CPC) in October. Thanks to the president’s relentless consolidation of his personal power base within the party and the official encouragement of something approaching a cult of personality, comparisons with Mao were inevitably made by Western media outlets.
The symbolic culmination of Xi’s ever-tightening grip on power was the unprecedented incorporation of his personal political theory, known as his “Thought on Socialism with Chinese Characteristics for a New Era”, into the party’s constitution. Xi’s 14-point plan to turn China into a “great modern socialist country” that is “prosperous, strong, democratic, culturally advanced, harmonious and beautiful” has been accompanied by equally strong ambitions on the international stage. At the 2017 World Economic Forum annual meeting in Davos, he cast himself as the leading champion of free trade and the fight against climate change, sensing the vacancy created by Donald Trump’s America First foreign policy and a European Union increasingly looking inward as it grapples with Brexit. Trump’s extravagant courting of Xi during his recent Asian tour and his refusal even to broach the issue of human rights only underscored China’s rising global standing.
Election candidates will be required to register for vote-canvassing on electronic and social media, according to the current draft of the organic law governing the election of MPs.
The National Legislative Assembly (NLA) committee vetting the bill has finished the first round of deliberation for all 178 sections of the law, said spokesman Taweesak Suthakavatin.
The bill was submitted to the NLA by the Constitution Drafting Committee (CDC) on Nov 28, along with another organic bill related to the Senate.
The panel's next task will be to ask those NLA members who proposed changes to the law to elaborate on their amendments.
By filtering internet content, schools diminish the academic freedom of teachers and students.
Imagine a school administrator telling a high school political science teacher that a whole range of timely topics — for example, medical marijuana, terrorism in the Middle East, gun control, or even politics in general — was off-limits for class discussion. The pedagogical absurdity of it, not to mention the upending of academic freedom it embodies, would seem obvious to most. In school districts across the country, however, a similar type of censorship takes place in the classroom every day, with little dissent.
The censorship takes place invisibly, through the use of internet filtering programs that block certain categories of websites — or even websites that mention specific words — when students use school computers to access the internet. Although primarily designed to prevent access to pornography, the deeply flawed software, and school districts’ widespread embrace of it, has a significant impact on classroom teaching.
Each year, I renew a contract to provide legal services to incarcerated people in an Arizona county jail.
I have been doing this for 12 years without complications. Lately, though, there has been some extra paperwork that has nothing to do with my work as an attorney. Now, in order to renew my contract, I am being asked to promise that I will not participate in a boycott of Israel.
[...]
My interest in the Israeli-Palestinian issue isn’t new. I have visited the region previously. I raised a Jewish son. Last spring, he and I traveled together to Israel and Palestine. We met journalists, human rights advocates, Israelis, and Palestinians living under Israeli occupation in the West Bank. No one we talked to believed that Israel would ever dismantle the more than 100 Israeli settlements peppered through the West Bank. It was painfully clear to us that Israel will not stop, and in fact has accelerated, its de facto policy of permanent Israeli occupation. On the other hand, it will never allow equal rights for the 2.8 million West Bank Palestinians in a single state.
Facebook continues to increase its stranglehold on news delivery, reducing pipelines of info to a nonsensically-sorted stream for its billions of users. Despite the responsibility it bears to its users to keep this pipeline free of interference, Facebook is ingratiating itself with local governments by acting as a censor on their behalf.
While Facebook has fought back against government overreach in the United States, it seems less willing to do so in other countries. The reporting tools it provides to users are abused by governments to stifle critics and control narratives. And that's on top of the direct line it opens to certain governments, which are used to expedite censorship.
If you’re afraid that your smartphone is spying on you…well, you’re right. But that’s kind of a non-optional part of modern living: amassing huge amounts of consumer data is how companies like Google operate. But recently some third-party apps have been found taking a few more liberties than they should, like a HAL 9000 in your pocket.
Technology startup Alphonso has caused widespread concern by using smartphones microphones to monitor the TV and media habits of games and apps users.
Documents recently obtained by the Daily Beast reinforce the many problems with the Department of Homeland Security’s attempts at surveillance of immigrants’ social media posts.
“Social media vetting” is one part of the Trump administration’s program of “extreme vetting” of immigrants. The Obama administration began the practice of monitoring visa applicants’ social media accounts, but President Trump has hastily and dramatically expanded it. This kind of social media surveillance can impact people applying for visas from abroad, immigrants in the United States, and U.S. citizens with online connections to applicants.
According to Princeton University researchers Gunes Acar, Steven Englehardt, and Arvind Narayanan, web trackers are exploiting browser login managers.
Actually, they said on the Freedom to Tinker site, which is hosted by Princeton University's Center for Information Technology Policy, a long-known vulnerability is abused by third-party scripts for tracking on over 1,000 sites.
It is important for small business owners to understand what the GDPR is as well as its application. The GDPR is the outcome of four years of constant discussions, investigations, and amendments made by the EU to update its data privacy rules and regulations.The GDPR will replace the Data Protection Directive established in 1995, creating a greater territorial scope and stricter penalties for those states members, and business dealing with Personal Data, who fail to keep and handle data according to the new regulation. The GDPR was finally approved by the EU Parliament on 14 April 2016 but will apply from 25 May 2018, giving a two-year transition period for all EU members states.
James Risen, the New York Times reporter who scored a Pulitzer in 2006, wrote a lengthy piece for The Intercept about his battles to get the paper to publish two of his stories — about the NSA's warrantless wiretapping of American citizens and a botched CIA plan to deliver faux nuclear blueprints to Iran — in the face of government intervention.
I was sitting in the nearly empty restaurant of the Westin Hotel in Alexandria, Virginia, getting ready for a showdown with the federal government that I had been trying to avoid for more than seven years. The Obama administration was demanding that I reveal the confidential sources I had relied on for a chapter about a botched CIA operation in my 2006 book, “State of War.” I had also written about the CIA operation for the New York Times, but the paper’s editors had suppressed the story at the government’s request. It wasn’t the only time they had done so.
President Donald Trump’s insecurity over losing the popular vote and the salacious allegations in the Steele Dossier have prompted him to lash out at the intelligence community’s claims that Russia influenced the 2016 election. Now that war against the intelligence community is impacting American national security.
A day after the expose by The Tribune on unauthorised people freely accessing Aadhaar data, the government made no announcement of any formal investigation being launched, and the UIDAI denied there was any breach. However, multiple security agencies were understood to have got into motion as several made contact with The Tribune to get information.
The personal data of almost a billion Indian citizens who have an Aadhaar number could be accessed by paying just a handful amount of money, according to a report by The Tribune.
The Indian newspaper claims to have sourced the entire Aadhar database for just INR 500 ($7.8) after contacting an ‘agent’ via a WhatsApp group. A login ID and password given by the anonymous agent provides access to personally identifiable information including name, address, postal code (PIN), mobile number, photo, and email.
It was only last November that the UIDAI asserted that “Aadhaar data is fully safe and secure and there has been no data leak or breach at UIDAI.” Today, The Tribune “purchased” a service being offered by anonymous sellers over WhatsApp that provided unrestricted access to details for any of the more than 1 billion Aadhaar numbers created in India thus far.
An activist promoting the Tibetan language stood trial Thursday in western China for inciting separatism after he appeared in a documentary video produced by The New York Times, highlighting the risks that Chinese citizens often face when speaking to foreign media.
Tashi Wangchuk’s lawyer Liang Xiaojun told The Associated Press that a judge in Qinghai province heard oral arguments for four hours and will issue a verdict at an unspecified date.
Tashi has pleaded not guilty. If convicted, he could face a lengthy prison term.
Meanwhile, members of Israel’s parliament, the Knesset, erupted in a shouting match Wednesday, as Prime Minister Netanyahu and right-wing lawmakers advanced legislation that would make it easier to carry out death sentences against Palestinians convicted on terrorism charges. Capital punishment is legal in Israel but has not been implemented since 1962, when Nazi leader Adolf Eichmann was put to death for his role in the Holocaust.
Sixteen months ago, the Washington Post issued the equivalent of “wanted” posters targeting more than a dozen of the most effective leftwing sites on the internet -- including Black Agenda Report, the only Black-managed operation singled out for suppression. Since then, the radical sites slimed as “Russian propaganda outlets and sympathizers” by Prop-or-Not, the Post’s shadowy “source,” report having lost on average nearly half their Google search-generated audiences,. BAR editors have also noted a drastic drop in the number of our own articles that come up in routine Google searches, compared to pre-November, 2016. BAR’s internet profile has been methodically shrunken.
[...]
Amazingly, the Democrats attacked Trump from the Right, reprising the McCarthy era of three generations ago. Trump was soft on the Kremlin, which is depicted as the home of Euro-Asiatic totalitarianism, no matter who is actually in charge. However, the new “Red Scare” requires the linking of Trump/Putin with domestic Reds – thus, the vilification of BAR and other Left sites by Prop-or-Not, a toy in the hands of Amazon and Washington Post owner Jeff Bezos, the world’s richest man and business partner with the CIA.
If you listen to Comcast , AT&T, Verizon and their army of paid allies, nothing bad will happen now that the FCC has voted to kill net neutrality protections. In fact, Comcast argues, without government oversight of an uncompetitive market, investment and jobs will soon be miraculously springing forth from the sidewalks. It will, the industry argues, be impossible to even measure the incredible innovation that will be created by letting entrenched ISPs (and their natural monopoly over the broadband last mile) run roughshod over the backs of American consumers and smaller competitors.
But even among folks that support net neutrality, there's pretty clearly a contingent that still believes the damage caused by the repeal of the rules will somehow be subtle. Because the net neutrality debate in recent years wandered into more nuanced and quirky areas like interconnection and zero rating, they believe the ultimate impact of the repeal will likely be modest. After all, these harms (like Comcast exempting its own content from usage caps, or Verizon covertly choking interconnection points) were murky and out of the intellectual or technical reach of many Luddite consumers.
Under Section 706 of the Telecommunications Act, the FCC is required to consistently measure whether broadband is being deployed to all Americans uniformly and "in a reasonable and timely fashion." If the FCC finds that broadband industry is failing at this task (you may have noticed that it is), the agency is required by law to "take immediate action to accelerate deployment of such capability by removing barriers to infrastructure investment" and by "promoting competition in the telecommunications market."
Of course given that the telecom sector is often the poster child for regulatory capture, this mandate often gets intentionally lost in the weeds. This is usually accomplished by simply pretending the lack of competition doesn't exist. Or worse, by meddling with broadband deployment metrics until the numbers show something decidedly different from the reality on the ground. It's a major reason why broadband ISPs (and the lawmakers who love them) whine incessantly every time we try to update the definition of broadband to a more reasonable and modern metric.
This statement was made by Mmboneni Muofhe, Department of Science and Technology (DST) deputy director general for technology and innovation, at the ninth Intellectual Property Summer School held at the University of the Western Cape (UWC) in December. The meeting brought together students, lawyers, scientists and different professionals drawn from Africa and other parts of the developing world for a ten-day intensive programme in intellectual property.
Should a company be able to shut down competition by asserting copyright in a collection of software commands? Tech giant Cisco Systems thinks so: it’s gone to court to try to prevent its competitor, Arista Networks, from building competing Ethernet switches that rely in part on commands Cisco argues it initially developed. Cisco lost the first round in a California district court, but it’s hoping for a better outcome from the Court of Appeals for the Federal Circuit.
As we explain in a brief we’ve submitted supporting Arista, Cisco is wrong. First, where the collection of commands in question is simply a group of standard, highly functional directives, arranged based on logic and industry standards, it shouldn’t be copyrightable at all. Second, any copyright that does exist must be sharply limited, as a matter of law and good practical policy. Without such limits, the software industries will find themselves embroiled in the same elaborate and expensive cross-licensing arrangements we see in the patent space and/or face an explosion of litigation. Either option will discourage innovation and competition.
Just last month we joked about how confused the creator of PlayerUnknown's Battlegrounds, Brendan Greene, was when he claimed that there was no intellectual property for video games. That's completely wrong, and there are many, many cases to show that it's wrong. Yet... now there's a case that bizarrely, argues that video games don't get copyright (hat tip to Rick Sanders and Owen Barcala for flagging this one). The case is one that's been dragging through the courts for years, bouncing around, concerning publicity rights of former professional football players when used in EA games like Madden NFL.
The latest issue involves EA asking for the latest iteration of the case to be dismissed based on another ruling concerning NCAA basketball players and their publicity rights. In that ruling from April of this year, the 9th Circuit ruled (among other things) that federal copyright preempted state-based publicity rights claims. I don't want to dig too deeply into what all of that means, but suffice it to say that under the 1976 Copyright Act, the law says that federal copyright law now trumps all state copyright or copyright-like laws, and you can't hide behind some state law when federal law should apply. Here, the court said that the state-based publicity rights claims were blocked because of that, as the only issue should be covered under federal copyright law, where they would fail.
Music streaming company Spotify was sued by Wixen Music Publishing Inc last week for allegedly using thousands of songs, including those of Tom Petty, Neil Young and the Doors, without a license and compensation to the music publisher.
Wixen, an exclusive licensee of songs such as "Free Fallin" by Tom Petty, "Light My Fire" by the Doors, "(Girl We Got a) Good Thing" by Weezer and works of singers such as Stevie Nicks, is seeking damages worth at least $1.6 billion along with injunctive relief.
In other words - its defence is that Wixen isn't acting with the knowledge of artists and that it doesn't actually have a right to sue Spotify in the first place.
Google is accepting "prophylactic" takedown requests to keep pirated content out of its search results. Caleb Donaldson, copyright counsel at Google, explains that the company is 'removing' infringing links before they are indexed. Aside from these novel features, the company also has high hopes for artificial intelligence.