Every day, while working in the marketing department at ONLYOFFICE, I see Linux users discussing our office productivity software on the internet. Our products are popular among Linux users, which made me curious about using Linux as an everyday work tool. My old Windows XP-powered computer was an obstacle to performance, so I started reading about Linux systems (particularly Ubuntu) and decided to try it out as an experiment. Two of my colleagues joined me.
As most people were busy dealing with Meltdown and Spectre, the development of 4.15 got impacted. There are still pending fixes in the upcoming release.
Intel’s had a (mostly) crappy start to the year, thanks to the revelation of Meltdown and Spectre, two major security flaws affecting a wide range of its processors that are present in hundreds of thousands of devices around the world. It’s working to release fixes for them, but Linux creator Linus Torvalds is not impressed by the company’s efforts.
Patches released by Intel Corp. to fix highly malicious Spectre and Meltdown vulnerabilities affecting its CPUs turned out to be faulty, the company admitted, urging customers to stop installing them until further notice.
Earlier this month, security researchers at Google Project Zero disclosed that data processed by the majority of modern CPUs, be they desktop computers or smartphones, could be vulnerable to critical exploits they called ‘Spectre’ and ‘Meltdown.’ Tech companies reportedly had months to prepare, and since the public announcement of the vulnerabilities, Intel released at least three patches – before discovering that their fix led some PCs to reboot unexpectedly.
Are you using protection? Longtime kernel developer, Greg Kroah-Hartman, just posted a simple recipe for users to verify whether they are running a Spectre/Meltdown patched version of the Linux kernel.
Linux inventor Linus Torvalds has never been one for diplomacy. He previously said “fuck you” to Nvidia for not supporting Linux, and now Intel has angered him enough to generate some more expletives. In a message to the Linux kernel mailing list on the weekend, Torvalds has expressed his dismay at Intel’s security updates to protect against the major Spectre variant 2 CPU vulnerability. The industry has been scrambling to fix the Meltdown and Spectre vulnerabilities, and the variant 2 of Spectre has been particularly challenging.
This year I have been working with Bhumika Goyal on making various kernel structures read-only. We have constified over 1500 structures this year. This work has also motivated various bug fixes and performance improvements in Coccinelle.
I have also been working on automatically identifying patches that should be considered for backporting to stable kernels, in collaboration with Greg K-H, Sasha Levin, and colleagues at Singapore Management University. Our approach is still work in progress, but several hundred commits that were not originally tagged for stable have been identified and applied to stable versions.
There is yet another change for X.Org Server 1.20 that has now been in development for more than one year.
The XWayland code within the xorg-server will now better safeguard against potentially overflowing the Wayland connection that could trigger the connection being aborted within the Wayland client library.
Prominent Etnaviv driver developer Lucas Stach for working on open-source, reverse-engineered Vivante graphics support has posted initial patches for the GC7000L support as found on the i.MX8M SoC.
This bring-up is important especially with Purism hoping to use the i.MX8M for their Librem 5 smartphone and as part of that using the open-source Etnaviv graphics driver.
Migrating to a new operating system is not a simple task, especially for enterprise users. This has led many people to exploring whether WINE on Linux is an enterprise friendly solution. This article will look at working examples at how it can be, but may not be the best idea for a long term approach.
The Document Liberation Project announced today the availability of five new or improved libraries designed to aid the export of EPUB3 files and import of several widely-used document formats.
LibreOffice 6.0, the next major release of the acclaimed open-source and cross-platform office suite, is slated for release at the end of the month, on January 31, and it will incorporate a bunch of new libraries that'll make it easier for users to export or import various document formats.
These libraries will give LibreOffice 6.0 compatibility with the EPUB3 (export only), AbiWord, Microsoft Publisher, PageMaker, and QuarkXPress documents (import only). However, they can also be used as standalone libraries for any other open source software project that needs them.
PowerFake is a new mini-framework/tool to make it possible to fake/mock free functions and static & non-virtual member functions in C++. It requires no change to the code under test, but it might need some structural changes, like moving some parts of the code to a different .cpp file; or making inline functions non-inline when built for testing.
It is useful for writing unit tests and faking/mocking functions which should not/cannot be run during a test case. Some say that such a feature is useful for existing code, but should not be needed for a code which is written testable from the beginning. But, personally I don’t agree that it is always appropriate to inject such dependencies using virtual interfaces or templates.
Currently, it is not supposed to become a mocking framework on its own. I hope that I can integrate PowerFake into at least one existing C++ mocking framework. Therefore, currently it doesn’t provide anything beyond faking existing functions.
Since my previous post was about writing pylint plugins I figured I'd let you know that I've released pylint-django version 0.8.0 over the weekend. This release merges all pull requests which were pending till now so make sure to read the change log.
nbdkit is our toolkit for creating Network Block Device (NBD) servers from “unusual” data sources. nbdkit was already configurable by writing simple plugins in several programming languages. Last week Eric Blake and I added a nice new feature: You can now modify existing plugins by placing “filters” in front of them.
Tableau 10.5 also introduces Tableau Server on Linux so that users can combine Tableau’s analytics platform with Linux’s enterprise capabilities.
With identical end user functionality to Tableau on Windows, customers already using Linux in their IT environments can integrate Tableau Server into their processes and workflows.
It's been one year since last talking about Castle Game Engine, the open-source, cross-platform engine written in Object Pascal. But this weekend marked the release of Castle Game Engine 6.4.
Castle Game Engine 6.4 continues supporting 2D/3D games from the Linux desktop to Android and iOS devices. The 6.4 engine update brings rigid-body physics support via the Kraft Physics Engine, upgrades to the terrain generation API, improvements to the shader pipeline rendering code, new API additions, and various other improvements.
We’re proud to announce Castle Game Engine 6.4 release! Castle Game Engine is a free, open-source game engine written in Object Pascal. We support both 3D and 2D games. We are cross-platform (desktop, Android, iOS — with the help of our own build tool and scalable user-interface components). The complete list of the engine features is here, so go ahead and download it and try!
Looks like a #Linux beta of Battle Chasers: Nightwar is finally coming https://www.gamingonlinux.com/articles/looks-like-a-linux-beta-of-battle-chasers-nightwar-is-finally-coming.11085
OBS Studio 21.0.1 [Official Site] is a pretty big release and it sounds really quite exciting too, with the possibilities that come with Luajit/Python3 scripting support.
OBS comes with a few script examples, like the clock I included below to show you:
The first-person steampunk dungeon crawler Vaporum [Official Site] is showing signs of being released for Linux and it looks great.
DECEIVER [Official Site] is a cyberpunk pre-apocalyptic philosophical shooter with parkour and robotic drones that's come to Linux next year.
In the latest production update to We Happy Few [Official Site], the developers note it will have another delay from going April until 'Summer 2018'.
Feral Interactive is asking the community what Linux (and macOS) game ports you would like to see this year.
Feral just asked via Twitter what games you would enjoy seeing on your favorite platform.
I am pleased to inform that Qt 5.9.4 is released today. As a patch release Qt 5.9.4 does not add any new functionality, but provides many bug fixes and other improvements.
Compared to Qt 5.9.3, the new Qt 5.9.4 contains nearly 200 bug fixes and in total more than 500 changes since Qt 5.9.3. For details of the most important changes, please check the Change files of Qt 5.9.4.
Of all the desktops available for the Linux operating system, GNOME has managed to become on of the most efficient, stable, and reliable—while still remaining incredibly user-friendly. In fact, most users—regardless of experience—can get up to speed with GNOME with next to no effort.
With that said, users who are new to both Linux and GNOME would do best to know the ins and outs of the desktop that makes Linux not only easy, but fun.
Here, we’ll be discussing the latest release of GNOME—3.26. This will be a vanilla release (unlike the version of GNOME found in Ubuntu 17.10—which bears a similar look and feel to the now-defunct Ubuntu Unity desktop). To get this vanilla GNOME, we’ve opted to demonstrate with the Fedora 27 workstation. Although Fedora isn’t a distribution commonly thought of for new users, it is one sure-fire way to have the newest version of the desktop.
And so, without further ado, let’s talk GNOME.
This is a blog post I kept as a draft right after GUADEC to reflect on it and the GNOME project but failed to finish and publish until now. Forgive any outdated information though I think the post is mostly relevant still.
I’m on my train back to London from Manchester, where I just spent 7 amazing days with my fellow GNOME community members. Props to the local team for an amazing organization, everything went smoothly and people seemed extremely pleased with the setup as far as I can tell and the venues seemed to have worked extremely well. I mostly want to reflect on a feeling that I have which is that GNOME seems to be experiencing a renaissance in the energy and focus of the community as well as the broader interest from other players.
GNOME is dropping Active Desktop, Ubuntu is holding back Nautilus and I have been writing a lot of scripts.
We are thrilled to announce that Kirsten Kliphouse has joined Red Hat as senior vice president and general manager of North America Commercial Sales, succeeding Rick Akie, who is retiring from Red Hat in 2018 after serving several years in that capacity. Red Hat extends its thanks to Rick for his years of service and for his work to build a world-class team.
[...]
She left Microsoft as corporate vice president of the company’s worldwide Customer Support and Professional Services organization, but she previously served as vice president of Enterprise Software Sales and Consulting and general manager of the company’s OEM business.
Fedora 27 was released on Nov 14, 2017. It contained many latest development results from free and open source community at the time.
The Ambassadors in Taiwan, Freedomknight (éâ¢Â³Ã¨Â²Â´Ã©â«) and zerng07 (Cheng-Chia Tseng), hosted “Fedora 27 Release Party at Taipei” event for the community to share the joy of 27 release on Dec 9, 2017. The main theme on the event is to let more and more people know Fedora Project and get involved. The location was at MozTW space, a space of Mozilla Taiwan community, in Taipei.
Canonical's Will Cooke published a new Ubuntu Desktop newsletter today to inform the community on the development progress of the upcoming Ubuntu 18.04 LTS (Bionic Beaver) operating system.
Besides various improvements for the GNOME desktop environment, the Ubuntu Desktop team over at Canonical recently started to investigate the boot speed of the Ubuntu Linux operating system, planning to give it another boost by using systemd’s latest features to do some profiling, which will help them identify any issues that might cause slow boot up time.
Canonical just announced today that it pulled the Intel microcode firmware update from the software repositories of all supported Ubuntu releases due to some hardware issues.
Two weeks ago, Canonical updated the Intel microcode firmware for Intel processors to version 20180108 to mitigate the Spectre security vulnerability (CVE-2017-5715) that could allow a local attacker to expose sensitive information like credit card details or encryption keys from kernel memory.
We’ve been working on a patch for udisks to hide snaps from applications such as GNOME’s Disks. This will hide all loop devices, including installed snaps, from disk management utilities making it less confusing and less cluttered. We’ve reworked the patches a couple of times to align with the upstream developers suggestions and are still working on a few bugs. We hope that this will be merged upstream soon.
There is a bug where window titles are not correctly aligned when you have the dash-to-dock extension installed and the dock visible. We’ve upstreamed a fix and are working with the GNOME team to agree the best route forward.
We’ve also been working with GNOME’s design team on some new sound options for Settings and Tweaks to add support for increasing the volume level above 100%.
Nearly a decade ago Canonical/Ubuntu developers had a goal of a 10 second boot time. They made good on that for their netbook focus at the time, but in the years since their boot time has slowed down and we haven't seen any concerted effort on improving their boot speed again.
If you are following closely the news of various tech websites, one of the latest hot topic in the community was about Nautilus removing desktop icons. Let’s try to clarify some points to ensure the various discussions around it have enough background information and not reacting on emotions only as it could be seen lately. You will have both downstream (mine) and upstream (Carlos) perspectives here.
Canonical published today a new set of kernel updates for all of its supported Ubuntu Linux releases that include patches for the Spectre and Meltdown security vulnerabilities.
After pulling Intel's microcode firmware update from the software repositories of Ubuntu 17.10, 16.04 LTS, and 14.04 LTS, Canonical now released the Spectre patches for all supported Ubuntu Linux releases, including all official flavors and those using HWE (Hardware Enablement) kernels, and Meltdown kernel patches for PowerPC (PPC64el) architectures.
Canonical has announced Ubuntu product month which is due to begin on February 7th. The event comprises of several webinars which take place over the course of the month and discuss several technologies that Canonical is working on. Each webinar can be watched live or on demand and BrightTalk event pages have been set up to register your interest.
Hardkernel has launched a Linux-powered, open source $54 “Odroid-HC2” NAS platform with an SBC based on the octa-core Odroid-XU4 that features SATA III, plus a stackable metal frame to store a 2.5 inch HDD/SSD or 3.5-inch HDD.
The Odroid-HC2 Home Cloud 2 network attached storage (NAS) device updates a previously released Odroid-HC1, and similarly lets you share and stream multimedia files to mobile and desktop devices with support for multiple users. Compared to the HC1, the HC2 has a larger, stackable metal frame, and adds support for 3.5-inch HDDs in addition to 2.5-inch HDD/SSDs. The 197 x 115 x 42mm case supports storage of up to a height of 27mm, up from 15mm.
Advantech’s Linux-ready “MIO-3360” Pico-ITX SBC is equipped with a choice of Apollo Lake SoCs, dual display support, mini-PCIe and MIOe expansion connectors, and an optional carrier board.
After uncovering a ferocious horde of hidden spyware in official Android apps the Yale Privacy Lab and Exodus have created an app store that only allows apps that include their source-code and whose licenses require anyone who modifies them to also include the source.
Despite the many words written and spoken on the difference between "open source" and "free" software, few people have pointed out that discussion of these differences frequently resembles the debate surrounding the social role of business, which in recent decades has been dominated by the concept of corporate social responsibility (CSR).
The fact of the matter, however, is that organizations committed to open principles could (and should) be reporting their activities—because those activities have effects that are both economic and social. And an analysis of how this is the case might actually help us reconcile two principled positions that have more in common than they might realize.
If you have a website or run an online business, collecting data on where your visitors or customers come from, where they land on your site, and where they leave is vital. Why? That information can help you better target your products and services, and beef up the pages that are turning people away.
To gather that kind of information, you need a web analytics tool.
Many businesses of all sizes use Google Analytics. But if you want to keep control of your data, you need a tool that you can control. You won’t get that from Google Analytics. Luckily, Google Analytics isn’t the only game on the web.
Here are four open source alternatives to Google Analytics.
If you ask me, the new, successful FOSS projects should be project that fix, replace, rewrite, whatever… the really unglamorous, low-level tools, libraries and so on that would make that happen. Yes, I know that this is really unlikely to happen under current business models and until IoT everywhere, new iPhones every year and the like are perceived as higher priorities, regardless of their environmental impacts and, very often, sheer lack of sense.
It's almost ten years ago that I attended my first ApacheCon EU in Amsterdam. I wasn't entirely new to the topic of open source or free software. I attended several talks on Apache Lucene, Apache Solr, Hadoop, Tomcat, httpd (I still remember that the most impressive stories didn't necessarily come from the project members, but from downstream users. They were the ones authorized to talk publicly about what could be done with the project - and often became committers themselves down the road.
Stephen Jacobs (SJ) and I are co-teaching “Project in FOSS Development” at RIT this semester, which basically means “hey students, want to get course credit for contributing to a FOSS project?” The class is centered around 5 project sprints of two weeks each. The first 3 weeks of class are preparing for the sprint periods; the week before spring break is a pause to reflect on how sprints are going. Otherwise, class efforts will be centered around executing project work… (aka “getting stuff done”).
SQLite 3.22 is now available as the latest version of this widely-used, embedded database library.
This is a short preview of how Notebookbar will look like on LibreOffice 6.0. Notebookbar is a new toolbar appearance on LibreOffice since version 5.3 that look similar to Microsoft Office 2007 Ribbon Toolbar. It's tabbed, column based, and categorized. We can use Notebookbar on Writer, Calc, and Impress already. It's still a experimental feature for now, so it's not recommended for production use. However, it's already good looking at LibreOffice 6.0 and we need to see more. I show here screenshots of Writer's Notebookbar from all tabs with some commentary.
Do you like to use nice bitmap pattern in LibreOffice for area fill. So if you draw a rectangular, a start, … whatever you can use this bitmaps.
With the help of designers from openclipart, pixabay, publicdomainpictures, … I made 42 seamless area bitmap pattern but only 50% are needed. So which one do you like which one can be dropped.
The Document Liberation Project has announced five new or improved libraries to export EPUB3 and import AbiWord, MS Publisher, PageMaker and QuarkXPress files.
Design’N’Buy announces the launch of their flagship product – the AIOD on Magento Open Source Version 2.2. With the launch of web to print solution on Magento Version 2.2 , Design’N’Buy becomes first event in web to print industry to offer complete eCommerce printing solution for printers on one of the widest and latest technology platform.
Singapore-based decentralised database provider Bluzelle has announced that its initial coin offering (ICO) has raised $19.5 million in funding, according to a press statement.
Bluzelle’ advisor list includes the likes of Brian Fox, creator of GNU Bash, Alex Leverington, one of the original Core ethereum developers, Prashant Malik, co-creator of Apache Cassandra and Ryan Fugger, the original creator of the cryptocurrency Ripple.
The federally run online court document access system known as PACER now finds itself listed on a federal docket. Its overseer, the US government, is a defendant in a proposed class-action lawsuit accusing the service of overcharging the public.
The suit, brought by three nonprofits on Thursday, claims millions of dollars generated from a recent 25-percent increase in page fees are being illegally spent by the Administrative Office of the Courts (AO). The cost for access is 10 cents per page and up to $3 a document. Judicial opinions are free. This isn't likely to break the bank for some, but to others it adds up and can preclude access to public records. The National Consumer Law Center, the Alliance for Justice, and the National Veterans Legal Services Program also claim in the lawsuit that these fees are illegal because the government is charging more than necessary to keep the PACER system afloat (as is required by Congress).
A groundbreaking lawsuit is poised to decimate what is arguably the most unjust, destructive, and it now sounds like illegal paywall in the world, the Public Access to Court Electronic Records, PACER.
PACER is the federal government court documents repository. Every federal court document, for every case, lives in PACER. It’s essentially a giant FTP document repository with a horrendous search system bolted on, not dissimilar to EDGAR.
PACER was created in 1988 to enable access to court records electronically. Initially available only in courthouses the system was expanded to the web in 2001.
Codasip, the leading supplier of RISC-V€® embedded processor IP, today announced that it has launched the 7th generation of its Studio, the unique IP-design and customization software that allows for fast configuration and optimization of RISCV processors, customer-proprietary processor architectures, and their accompanying software development toolchains.
Some consider Perl 6 to be a sister language to Perl 5. Personally, I consider Perl 6 more of a genetically engineered daughter language with the best genes from many parents. A daughter with a difficult childhood, in which she alienated many, who is now getting out of puberty into early adulthood. But I digress.
While not mentioned in the original Letter, a frequent theme in the comments was that Perl 6 should be renamed, as the name is inaccurate or is damaging.
This is the topic on which I wrote more than once and those who have been following closely know that, yes, many (but by no means all) in the Perl 6 community acknowledge the name is detrimental to both Perl 6 and Perl 5 projects.
This is why with a nod of approval from Larry we're moving to create an alias to Perl 6 name during 6.d language release, to be available for marketing in areas where "Perl 6" is not a desirable name.
Trying to bet on how many new JavaScript frameworks will be released each month, is, the best software engineer’s game in the past 5 years.
TL;DR: Ick is a continuous integration or CI system. See http://ick.liw.fi/ for more information.
The EE4J project, which was created to manage the Eclipse Foundation’s stewardship of Java EE technologies following Oracle’s decision to open source them, is starting to gain traction.
Soon after the project was created, EclipseLink and Yasson (the official reference implementation of Java JSON Binding, JSR-367) became the first two projects to be transferred under the EE4J umbrella. As reported in December, the announcement was made that seven more projects were being proposed.
As telecommunications companies continue along the nearly decade-long process to develop and implement 5G technologies, the perfect testing ground for the new mobile data systems may already exist.
Several factors make Finland a potential sandbox for 5G developers: the average person in Finland used about 20 gigabytes (GB) of mobile data in December 2017, a dramatic rise from the 2016 average of 11 gigabytes per month—more than any other country in the world on a per capita basis. (Mobile subscribers in Latvia, who come in second, used 8.2 GB per month in 2016 while U.S. subscribers ranked 13th at 2.67 GB per month.)
In particular, this need to make up lost sleep, which has been seen not just in jellyfish and humans but all across the animal kingdom, is one of the handholds researchers are using to try to get a grip on the bigger problem of sleep. Why we feel the need for sleep is seen by many as key to understanding what it gives us.
Biologists call this need “sleep pressure”: Stay up too late, build up sleep pressure. Feeling drowsy in the evenings? Of course you are—by being awake all day, you’ve been generating sleep pressure! But like “dark matter,” this is a name for something whose nature we do not yet understand. The more time you spend thinking about sleep pressure, the more it seems like a riddle game out of Tolkien: What builds up over the course of wakefulness, and disperses during sleep? Is it a timer? A molecule that accrues every day and needs to be flushed away? What is this metaphorical tally of hours, locked in some chamber of the brain, waiting to be wiped clean every night?
Score another one for Seoul while Silicon Valley slides.
The U.S. dropped out of the top 10 in the 2018 Bloomberg Innovation Index for the first time in the six years the gauge has been compiled. South Korea and Sweden retained their No. 1 and No. 2 rankings.
The index scores countries using seven criteria, including research and development spending and concentration of high-tech public companies.
You’d be forgiven for forgetting Roe is the law of the land. In 2017 alone, 19 states adopted 63 new abortion restrictions.
On January 22, 1973, the U.S. Supreme Court issued its landmark decision Roe v. Wade, recognizing that the Constitution protects a woman’s right to an abortion. Forty-five years later, Roe is still law of the land — but if you’ve been following the news lately, you’d be forgiven for thinking otherwise.
Since October, the ACLU has had to go to court repeatedly to stop the Trump administration from blocking several young immigrant women from getting abortions because the Office of Refugee Resettlement, the agency responsible for unaccompanied immigrant minors, has as adopted a no-abortion policy. It requires any young woman who requests an abortion to visit a “crisis pregnancy center” — outfits that exist for the sole purpose of dissuading women from terminating their pregnancies — and prohibits her from going to an abortion clinic.
We’ve already gone to court on behalf of Jane Doe, Jane Poe, Jane Roe, and Jane Moe, so that they could get the abortions they wanted, but we know that there are more Janes out there. We’ve asked a federal court to allow us to bring the lawsuit in the name of all pregnant young women in ORR custody so we can put a stop to this unconstitutional policy.
The French drug maker Sanofi said on Monday that it had agreed to acquire Bioverativ, a biopharmaceutical company focused on treatments for hemophilia and other rare blood disorders, for $11.6 billion in cash.
Sanofi has sought use acquisitions to bolster its portfolio of drugs, particularly because it faces declining sales for its diabetes drug, Lantus, which has lost its patent protection. According to the company, sales of Lantus declined more than 16 percent in the first nine months of last year, based on constant exchange rates, and rivals are moving to introduce generic versions of the treatment.
The Bioverativ deal would enhance Sanofi’s “presence in specialty care and leadership in rare diseases” and “creates a platform for growth in other rare blood disorders,” Olivier Brandicourt, the Sanofi chief executive, said in a news release.
A former Trump campaign worker appointed at age 23 to a top position in the White House’s drug policy office had been let go from a job at a law firm because he repeatedly missed work, a partner at the firm said.
While in college, late in 2014 or early in 2015, Taylor Weyeneth began working as a legal assistant at the New York firm O’Dwyer & Bernstien. He was “discharged” in August 2015, partner Brian O’Dwyer said in an interview.
“We were very disappointed in what happened,” O’Dwyer said. He said that he hired Weyeneth in part because both men were involved in the same fraternity, and that the firm invested time training him for what was expected to be a longer relationship. Instead, he said, Weyeneth “just didn’t show.”
Security is not a one-size-fits-all proposition, and features that are prohibitively inconvenient for some could be critical for others. For most users, standard account security settings options are sufficient protection against common threats. But for the small minority of users who might be targeted individually—like journalists, policy makers, campaign staff, activists, people with abusive exes, or victims of stalking—standard security options won’t cut it.
For those users, Google recently added the option to add stronger protections to personal Google accounts with the Advanced Protection Program. Advanced Protection is a big step in the right direction to provide different levels of protection for different people, and other companies and platforms should follow suit.
An account with Advanced Protection turned on will change in three main ways. First, when you sign in, you’ll need to use a physical security key in addition to your password. Advanced Protection also requires you to have a second back-up key on hand. Second, you’ll only be able to use Gmail and other Google services on the Chrome browser, and third-party apps won’t be able to access your Gmail or Google Drive. And third, if you ever get locked out of your account, regaining access will take more time and require more types of identity verification. Respectively, these measures protect against phishing, malicious apps that try to trick you into granting them excessive permissions, and attackers who try to use the account recovery process to take over your account.
The Trusted Platform Module on your computer's motherboard could lead to better security for your Linux system.
The security of any operating system (OS) layer depends on the security of every layer below it. If the CPU can't be trusted to execute code correctly, there's no way to run secure software on that CPU. If the bootloader has been tampered with, you cannot trust the kernel that the bootloader boots. Secure Boot allows the firmware to validate a bootloader before executing it, but if the firmware itself has been backdoored, you have no way to verify that Secure Boot functioned correctly.
I have my Yubikey on my key ring, so whenever I leave my computer, I have to remove the Yubikey. So why not lock the screen automatically?
The study of over 1,200 IT leaders, conducted by analysts Freeform Dynamics for software company CA Technologies, finds 58 percent of respondents cite existing culture and lack of skills as hurdles to being able to embed security within processes.
Security researcher Karan Saini found the bug in Uber's two-factor authentication process, which has yet to be rolled out widely to Uber users. The flaw relates to the way an account is authenticated when users log in, meaning hackers [sic] with someone's username and password can drift pass the 2FA with ease.
Intel Corp (INTC.O) said on Monday that patches it released to address two high-profile security vulnerabilities in its chips are faulty, advising customers, computer makers and cloud providers to stop installing them.
Intel Executive Vice President Navin Shenoy disclosed the problem in a statement on the chipmaker's website, saying that patches released after months of development caused computers to reboot more often than normal and other "unpredictable" behavior. (intel.ly/2DsL9qz)
“I apologize for any disruption this change in guidance may cause,” Shenoy said. “I assure you we are working around the clock to ensure we are addressing these issues.”
As many as 978 million people in 20 countries lost money to cybercrime last year, according to a new report by security firm Norton.
OnePlus hasn’t been making Android phones for a very long time, but over its four years in existence it has made numerous screw ups. This all finally led up to last week’s massive credit card breach. It’s time we stop trusting a company with such clearly low standards.
Assange took up residence in Ecuador’s embassy to skip bail on two sex assault-related charges in Sweden in 2012. And despite the fact that charges have been dropped in Sweden on a technicality, British authorities have still promised to arrest him if he steps foot outside of the embassy. Any foreign embassy is considered that country’s territory under international law and Assange is now on Ecuadorian soil, despite being in London.
Ecuador's president is lashing out at WikiLeaks founder Julian Assange even as he contends his government is working behind the scenes to help him out of the Ecuadorean embassy in London.
Lenin Moreno said in a televised interview Sunday that Assange had become “more than a nuisance” after he violated terms of his asylum by interfering in other countries’ political affairs.
Ecuador granted citizenship to Assange this month in an unsuccessful attempt to provide him diplomatic immunity so he could evade arrest in Britain. Moreno said other countries and “important personalities” he didn't name are working to mediate a solution.
Julian Assange and his advisers are preparing to try to use Ecuador’s decision to grant him diplomatic status to force Britain to declare him persona non grata and expel him, a source close to Assange said.
Reuters also has learnt that as part of their continuing criminal investigation of Assange and WikiLeaks, investigators from the Federal Bureau of Investigation recently sought new information about years-old contacts between WikiLeaks and Chelsea Manning, the former U.S. Army private who leaked the website thousands of classified U.S. government documents.
Ecuador announced earlier this month it granted diplomatic status to Assange, who in 2012 took refuge in its London Embassy after British courts ruled he should be extradited to Sweden for questioning in a sexual molestation investigation.
The former Baywatch pin-up, 50, visited the WikiLeaks founder at the Ecuadorian Embassy in London on Monday, where he has been living since 2012 to avoid extradition to Sweden.
President Donald Trump approved a plan to enact tariffs on imported solar cells and modules, committing an unforced error that promises to raise the price on one of the most promising renewable energy sources.
Puerto Rico Gov. Ricardo Rossello said Monday he plans to sell the assets of the island's power system to the private sector in a effort to improve “its deficient service.”
In a video Rossello posted to Facebook, the governor called the Puerto Rico Electric Power Authority (PREPA) "a great burden for our people, who today is a hostage of its deficient service and high costs."
The global elite will use any means necessary to prevent the economic radicalization of the left. So “MeToo” and smears distract while tax evasion has become legitimate.
Three widely reported recent events sum up our current sad predicament: the open conflict between Donald Trump and Steve Bannon, Oprah Winfrey’s speech at the Golden Globe awards, and the prospect of Julian Assange’s release from the Ecuadorian embassy in London. Because, although they appear totally unconnected, they fit together as pieces in a puzzle.
The conflict between Trump and Bannon exploded in public following the publication of Michael Wolff’s book ‘Fire and Fury’. The ridiculous quarrels about who said what should not divert our attention from the crux of the matter.
Bannon is a kind of honest Rightist populist who takes anti-capitalism with a minimum of seriousness, demanding higher taxes for the rich, more public investment etc., and his rage exploded when, with the new tax law, it became clear that Trump is the president of the super-rich. An economic neoliberal who just superficially flirts with popular discontent.
Gov. Bruce Rauner’s executive order seeking to bar state lawmakers from representing clients before a board that hears property tax appeals is largely symbolic, state data suggest, revealing how limited the Republican governor’s options are for changing the system.
Vowing to end what he called a “clear conflict of interest,” the governor cited the Chicago Tribune and ProPublica Illinois’ “The Tax Divide” series in promising to follow up the order with legislation to reform the property tax system in Cook County, as well as across the state.
“We have a deeply flawed and overly complicated property-tax system that recent investigations have shown results in inequitable, disproportionately high property-tax burdens on low-income residents,” Rauner said in a statement. “For any legislator to profit from this system undercuts the public’s faith that they are in office to do what’s best for their constituents.”
While Infosys recently committed to hire 10,000 Americans over two years, Wipro stepped up local hiring to achieve a workforce mix with more than 50% locals. TCS has also increased local hiring.
Household-products maker Kimberly-ClarkKMB said Thursday it plans to cut 1,600 jobs, or 3% of its global work force, as it slims down in the tough economy.
The maker of Kleenex tissues, Huggies diapers and scores of other household items employs 53,000 people around the world. It plans to make the cuts primarily among salaried and non-production workers and executives said the company doesn't plan to close any plants.
In response, he says, Facebook is “hiring over 10,000 more people this year to work on safety and security”, but warns that it is hard to that sort of moderation “at a global scale … since it is hard for machines to understand the cultural nuances of political intimidation.”
Whether social media is a net benefit to democracy is, at best, an open question. “I wish I could guarantee that the positives are destined to outweigh the negatives, but I can’t,” Chakrabarti writes. “That’s why we have a moral duty to understand how these technologies are being used and what can be done to make communities like Facebook as representative, civil, and trustworthy as possible.”
When Facebook first came to Cambodia, many hoped it would help to usher in a new period of free speech, amplifying voices that countered the narrative of the government-friendly traditional press. Instead, the opposite has happened. Prime Minister Hun Sen is now using the platform to promote his message while jailing his critics, and his staff is doing its best to exploit Facebook’s own rules to shut down criticism — all through a direct relationship with the company’s staff.
The Cambodian government has cultivated a deep expertise in Facebook's baroque acceptable conduct rules, and they use this expertise to paint opposition speech as in violation of Facebook's policies, using the company's anti-abuse systems to purge their rivals from the platform.
Since well before his election in 2016 and subsequent inauguration, Trump has been letting loose on just about anyone who gets in his path on the social media platform. But after he was sworn into office, his tweets took on new significance: In June 2017, the White House declared that the president's tweets are official statements, meaning all of those 140-character notes are burned into the governmental record. The messages sent since this time — considered to be official presidential statements — have included incendiary opinions, racist retweets, and bullying, so Teen Vogue took a look at his first year in office through tweets to see what exactly he's been talking about for the past 365 days.
Shortly after Trump was elected I wrote a post predicting how things might unfold on the tech policy front with the incoming administration. It seems worth taking stock, now almost a year into it, to see how those predictions may have played out.
Most of this post will track the way the issues were broken down last time. But it is first worth commenting how in one significant overarching way last year's post does not hold up: it presumed, even if only naively in the face of evidence already suggesting otherwise, that the Trump administration would function with the competency and coherence that presidential administrations have generally functioned with in order to function at all, let alone effectively enough to drive forth a set of preferred policy positions. There seems to be growing consensus that this presumption was and remains unsound.
Furthermore, the normal sort of political considerations that traditionally have both animated and limited presidential policy advocacy do not seem applicable to this presidency. As a result, conventional political wisdom in other areas of government also now seems to be changing, as the rest of the political order reacts to what Trump actually has done in his year as President and prepares for the next major round of elections in 2018
Imagine a film about a backer of an American war in the Third World who, as a State Department official, decides to visit and observe that war firsthand. After many months he learns that most of what our leaders have been telling the public about the war was wrong. In reality, our side was not winning, and most of the claims made for the effort were false. For example, patrols reported to protect certain areas did not even exist. The written reports describing these patrols were simply made up. Therefore both American troops, and the foreign natives we were allied with, were dying by the thousands for fraudulent reasons.
A Quinnipiac poll of 1,212 voters taken last week found that Bernie Sanders was far and away the most viable Democratic candidate (76% approval), beating Oprah (69%) and Gillibrand (25%) -- and that moreover, his approval ratings were highest among women and people of color, putting a lie to the stereotype of "Bernie Bros" as young, middle-class white male political radicals who are oblivious to the more moderate preferences of others.
Expect much more of this kind of thing, as a newly-confident, and increasingly arrogant, China starts to swing its weight around. It will doubtless seize on even the most trivial "hurt", real or perceived, as a pretext for humbling Western companies and thus, implicitly, their governments -- just as they did to China once upon a time.
President Trump’s now infamous remark, questioning why America is accepting so many immigrants from “shithole countries,” has been making headlines since The Washington Post broke the news Jan. 11.
As news outlets jumped on the story, many readers expressed surprise and displeasure over several major publications’ decision not to censor Trump’s expletive. Some criticized news programs for failure to be family-friendly — while others cried “fake news” — insisting such a distasteful comment would never have come from the president’s mouth.
The problem with these critiques is they only find fault in those who reported on Trump’s crude comment. The fact that the President of the United States, who according to multiple officials who heard it first hand, spoke the crude language in the first place seems to be overlooked.
We are sending a message to today’s meeting of the Council’s working group on intellectual property, in which the EU member state governments are seeking consensus on the European Commission’s controversial proposal: Upload filters as foreseen by Article 13 would function as “censorship machines”.
[...]
The crucial vote in the Parliament’s Legal Affairs Committee is currently scheduled for March 26/27, 2018.
In a new campaign video, several Members of the European Parliament warn that the EU's proposed mandatory upload filters pose a threat to freedom of speech. The new filters would function as “censorship machines” which are "completely disproportionate," they say. The MEPs encourage the public to speak up, while they still can.
President Donald Trump and his administration have censored or stifled science — particularly climate science — almost 100 times since the election.
This adds up to a reckless and unprecedented war on science, according to the Silencing Science Tracker, which tallies up all of the budget cuts to science, the record low number of science positions filled by Trump, the deletion of science data from websites, the censorship of the words “climate change” from federal reports, and so on.
Hot-button topic "fake news" is going to be the downfall of the internet. All over the world, governments are trying to tackle the non-issue by introducing harmful legislation that will only result in increased direct control of the press by the governments passing these bills. "Fake news" defies definition. It could be read to encompass satire and parody. It could also cover legitimate news that deals with subject matter certain people don't like. That's pretty much how it's been defined by the party in power here: whatever Donald Trump doesn't like is deemed "fake news" by the Commander in Chief, even if the news is based on factual events and credible statements.
Allowing the government to get in the speech business is a bad idea. All "solutions" proposed by world government officials are vehicles for abuse by the state -- a way to suppress anything that doesn't align with the party in power's narrative. On a smaller scale, it also creates a handy heckler's veto for social media platforms, putting brigades a click away from shouting down stuff they don't like.
The last time that Techdirt wrote about Tunisia was back in 2011, when the Internet helped bring about a major regime change there. Although violent protests against the government have flared up recently, in general, the processes that are being applied to shift national policies in Tunisia are both peaceful and successful.
Both the National Security Agency (NSA) and the FBI have recently failed to comply with orders to preserve specific data, with one body claiming it didn't have enough storage to follow through, the other saying a trove was accidentally erased.
The NSA was under court order to hold on to information that was linked to warrantless wiretapping during the George W Bush administration, while the FBI was told to by the Homeland Security and Governmental Affairs Committee to preserve text messages between two agents who had been accused of anti-Trump bias, The Hill reports. Agencies were expected to preserve the data in long-term storage.
Not long ago we wrote about our support for the City of Berkeley’s proposed Surveillance Technology Use and Community Safety Ordinance. In the time since, conversations like those already underway in the Police Review Commission, Peace and Justice Commission, and Disaster and Fire Safety Commission have continued with city agencies and residents.
Having been sculpted through these conversations and the recommendations of members of the Berkeley community, this ordinance represents the civil rights and civil liberties values of the people of the City of Berkeley.
In recent months, we’ve seen worrying decisions in state and federal courts that weaken the First Amendment protection for anonymous speech. Last week, EFF called on the California Supreme Court to limit the impact of one these decisions, Yelp v. Superior Court.
The Yelp case involves a defamation lawsuit brought by an accountant who claims that an anonymous Yelp reviewer defamed him and his business. Last year, a California court of appeal found that Yelp had to turn over information identifying the anonymous user because the plaintiff had a plausible case of defamation. As we wrote then, the court applied a test that failed to give full weight to the First Amendment. We predicted that the Yelp decision was a time bomb that “could invite a fresh wave of lawsuits against anonymous speakers that are designed to harass or intimidate anonymous speakers rather than vindicate actual legal grievances.”
The NHS has given hospitals the go-ahead to store sensitive patient records in the cloud.
NHS Digital, which advises hospitals and doctors on tech issues, has issued guidance on the use of cloud services by healthcare and social care organisations.
The NHS holds vast amounts of extremely sensitive health data about nearly everyone in the UK; to allow that information to be stored in the cloud is a huge vote of confidence in the technology from one of the world's largest organisations.
The types of surveillance people accept today are a logical extension of George Orwell’s ‘1984’ telescreens spying on you as well as churning out propaganda, which is a clear invasion of privacy rights, analysts told RT.
The US National Security Agency (NSA) is using voice recognition software to spy on people and detect their locations, according to declassified documents obtained by the media. The NSA has been recording and gathering private phone calls to identify people by their unique “voiceprint” for more than a decade.
RT discussed the issue with William Binney, former NSA technical director and whistleblower, and Richard Barbrook, academic in the School of Social Sciences, Humanities and Languages at the University of Westminster.
“In 1984 George Orwell has this idea that a large number of the population had telescreens where the television spies on you as well as gives you propaganda. And this is the source of the logical extension of this,”Barbrook told RT.
Suppose you’re looking for a single person, somewhere in the world. (We’ll call him Waldo.) You know who he is, nearly everything about him, but you don’t know where he’s hiding. How do you find him?
The scale is just too great for anything but a computerized scan. The first chance is facial recognition — scan his face against cameras at airports or photos on social media — although you’ll be counting on Waldo walking past a friendly camera and giving it a good view. But his voice could be even better: How long could Waldo go without making a phone call on public lines? And even if he’s careful about phone calls, the world is full of microphones — how long before he gets picked up in the background while his friend talks to her Echo?
We've been given six more years of Section 702 collections, thanks to many, many Congressional representatives who just couldn't find it in their hearts to tell the dear old NSA "No." An extension was granted to push the "debate" into 2018, but there was no debate to be had. Instead, oversight committees on both sides of the Congressional aisle used this time to push out zero-reform renewal packages that actually made Section 702 worse.
After a brief, two-week consideration of opposing views, things moved ahead as though the program had never been abused by the NSA and had never "inadvertently" swept up US persons' communications without a warrant. The same politicians who complained about the NSA's power being in the hands of Donald Trump were the ones who voted for the passage of "reform" bills increasing the agency's reach and grasp.
Now, Congressional reps are granting the Trump Administration even greater control of US spy powers. The House spending bill contains an alteration to the language covering the Intelligence Community's use of federal funds. The funding of surveillance programs is already secret. The NSA's infamous "black budget" makes it impossible for citizens to see how -- and how much -- money is being spent spying on the world.
On Sunday, Jan. 21, Snowden backed KC Verma, former head of India’s external intelligence agency, the Research and Analysis Wing (RAW), who had written about his experiences with Aadhaar. Snowden retweeted the article published in The Wire saying the act of organisations such as banks and telcos forcing individuals to produce their Aadhaar numbers should be “criminalized.”
Car manufacturers are mostly warehousing this data (leaving it vulnerable to leaks and breaches, search-warrants, government hacking and unethical employee snooping), and can't articulate why they're saving it or how they use it.
We learned in recent days that the FBI and the National Security Agency “inadvertently” deleted electronic messages relating to reported felonies, but one noxious reality persists: No one in the FBI or NSA is likely to be held to account for these “mistakes.”
Beà Ÿikçi said it was due to a single line of code, which created a window "one pixel high, one pixel wide" — essentially invisible to the human eye — to Bylock.net. Hypothetically, people could be accused of accessing the site without having knowingly viewed it.
#MeToo has spawned a surge in defamation claims designed to silence victims. But there are ways to minimize legal risks.
The #MeToo movement has drawn an outpouring of testimony by the victims of sexual harassment and sexual abuse. In response, there has been a surge in retaliatory defamation lawsuits by their abusers. Many lawyers say they've seen a spike in defamation lawsuits in recent years. And in the past two months, I have received more than a half-dozen calls from women who were threatened for telling their stories.
These threats are real, and are designed to force the victims back into silence. But there are many ways to minimize or limit these legal risks.
First, and foremost, if you’re telling the truth, you shouldn’t be sued for defamation. Truth is an absolute protection for American libel defendants since the historic Zenger case in 1735.
Yet judges and juries can get things wrong. It happens. Especially if the abuser is willing to lie to counter your testimony. So you may need to have solid legal expertise to defend yourself in court. Attorneys can be expensive, especially good ones. But you may already have the right to insurer-paid counsel simply because you own your home or rent an apartment. Homeowners’ and renters’ policies usually insure against libel claims, and will provide a defense. Call your broker and review your general liability insurance policies.
In addition to insurance, there are many practical ways to minimize your legal risks.
A former CIA Case officer, Jerry Chun Shin Lee, has been arrested and charged with possessing classified material. Further, authorities have implicated Lee in the dismantling of both Chinese and Russian spy networks with at least 20 people (assets, in intel speak), captured and executed. I don’t have any answers, but this post raises the questions I have about the case and tries to figure out what is going on. If nothing else, it seems like the CIA is really not winning awards for “strongest asset security.”
Montana Gov. Steve Bullock (D) signed an executive order on Monday requiring internet service providers with state contracts to abide by net neutrality principles.
Montana’s governor signed an executive order today that would force internet service providers with state contracts to abide by net neutrality rules, even while the FCC has repealed those rules nationally.
A coalition of conservative groups are urging Congress not to support a bill that would overturn the Federal Communications Commission’s (FCC) repeal of net neutrality.
Of those comments that were clearly submitted directly to the FCC (rather than through a bulk upload system), the vast majority favored network neutrality. And while the "the majority of the raw total number of comments fall into the anti-neutrality camp," Figueroa said, the majority of the comments that were likely organic—including those submitted through another system—were in favor of network neutrality.
But Comcast's merger agreement with the FCC expired, as per schedule, on January 20. The expiration, combined with the FCC's decision last month to repeal the industry-wide net neutrality rules implemented in 2015, will free Comcast of FCC oversight when it comes to net neutrality. Comcast will still face some merger-related oversight from the Department of Justice until September, though.
While rival media companies merge, fire staff and fret about the future of their businesses, Netflix keeps chugging along, adding customers at home, in Europe and Latin America. Fourth-quarter sales grew by a third to $3.29 billion, the company said, while earnings almost tripled from a year prior to 41 cents, meeting estimates.
We see all kinds of crazy copyright disputes and lawsuits around here. It is, after all, kind of our thing. Still, occasionally you come across a copyright lawsuit so completely head-scratching as to make you question reality. Thus is the case with the lawsuit Crytek filed against CIG, makers of the long-anticipated Star Citzen game, for both breaking a licensing agreement between both parties and copyright infringement. Strangely, if you read the complaint, all of this centers around CIG choosing not to use the Crytek engine.
These days, Cracker and Camper Van Beethoven frontman David Lowery may be best known as a thorn in the side of music-technology companies like Spotify, which he sued in 2015 for copyright infringement related to unpaid mechanical royalties. That case ultimately resulted in a $43 million class action settlement against the company that is awaiting court approval, although Lowery is no longer the named plaintiff, helping publicize an issue that returned to the news in late December when Wixen Music Publishing sued Spotify for $1.6 billion. (Another class action brought by Lowery against Rhapsody is still active.)
"Streaming is the future of the music business, and I'm not against it -- I just want everyone to get paid fairly," says Lowery, 57. "There could be millions of songs that songwriters weren't getting paid royalties for, and the future should be better than that."
Mr Dotcom's accountants have estimated that, had Megaupload, the company at the centre of his legal travails, been allowed to continue, it would have been worth $10bn (€£7bn) by now. And he wants satisfaction.
Mr Dotcom had a 68 per cent shareholding in the business he created, and so is looking for $6.8bn in damages.
Rupert Murdoch issued a new salvo in the row between Facebook and news publishers on Monday, calling on the social media company to pay publishers for their content.
The executive chairman of News Corporation, Rupert Murdoch, says that if Facebook wants to recognise "trusted" publishers then it should pay them a carriage fee similar to that paid by cable firms. News Corporation is the world's biggest media company, and owns TV, radio and news outlets in numerous countries, including Australia.
Murdoch was reacting to Facebook's recent announcement that it would be depending on users to judge the trustworthiness of news sources, in the wake of many fake news stories being circulated in the run-up to the 2016 US presidential election.
Rupert Murdoch, the executive chairman of publishing empire News Corporation, issued a statement today proposing a new licensing deal between media organizations and platform-owning tech companies. His goal: get entities like Facebook and Google to pay money to publishers, effectively in exchange for the value news outlets bring to those platforms.