Our mission is to deliver a publication that reflects the principled approach followed by kernel developers and the tenets of Open Source philosophy. As the Original Magazine of the Linux Community, Linux Journal engages with a wide readership--from home automation hobbyists to Free Software advocates to hard-core hackers to high-level systems architects--seeking to explore the trending, timeless and practical in Linux and related technologies.
This is the fifth post in my series on finding an alternative to Mac OS X.
A bit over a year ago I wrote about my search for an alternative to Mac OS and switch to Linux. In this post I reflect on how that year went and detail some further adventures into Mac OS alternatives.
Chromium evangelist at Google François Beaufort shares today with us a new experimental feature that's coming to a Chromebook near you later this year and it's now available for public testing.
The new feature we're talking about here is a docked magnifier tool that will be available from the accessibility settings of the Chrome OS operating system and promises to let you magnify the top section of your screen. Users will be able to choose between a 2x and 20x zoom level value.
Microservices have got the tech world, and especially DevOps circles, buzzing. And no wonder, since this is the perfect technology for taking advantage of the cloud computing delivery model. As with any rapidly trending Next Great Thing, however, it can be tough to sort through all the hype vs. how microservices actually apply to every day, rubber-meets-the-road project work.
For those ready to learn the practical basics and application of microservices, The New Stack gets the low-down from some of this emerging sector’s thought leaders.Microservices 101
At the Open Source Leadership Summit (OSLS), the Cloud Native Computing Foundation (CNCF), which sustains and integrates open-source, cloud native technologies such as Prometheus and containerd, and Chen Goldberg, Google Cloud's director of engineering, announced that Kubernetes is the first project to graduate from the CNCF.
That may sounds a little odd since Kubernetes is already the dominant cloud container orchestration program. But, for the CNCF, graduation has a particular meaning. To graduate, a project must must show it has been adopted by multiple organizations, have a documented, structured governance process, and show a strong commitment to community success and inclusivity.
The Cloud Native Computing Foundation (CNCF) has announced that Kubernetes has moved from incubation to graduate. For this to happen, projects have to demonstrate a thriving adoption, documentation, structured governance process, and a commitment to community success and inclusivity.
According to the foundation, this is the first open-source project to graduate.
The Cloud Native Computing Foundation was created when Google agreed to release Kubernetes as an open-source project back in 2015, and the CNCF plans to announce this week that Kubernetes has graduated from its incubation program, signaling a new level of stability and maturity for the container-orchestration software.
According to The Register, the open-source XenServer Project far exceeded its crowdsource goal, and the first XCP-ng release, based on XenServer 7.4, will be March 31st.
Linus Torvalds sometimes is criticized for bombastically cursing out kernel developers. He does do this, but it's not his default behavior, and I think the real nature of when and how he posts to the mailing list is interesting. For example, he stayed out of the whole discussion of how to replace the BitKeeper revision control system for a long time, letting various projects guess frustratingly at his desires, before he finally took a break from Linux development to design and implement git.
In other cases, he's allowed developers to lambaste each other savagely for days or longer over key elements of the kernel or the behaviors of new hardware peripherals, only to enter the debate later on, generally to propose a simpler solution that neither camp had thought of.
Sometimes he'll enter a discussion for apparently no other reason than that a particular bug or piece of code interests him, and he works with whoever posted a given patch to get the kinks out or track down underlying problems.
In general, Linus tends to stay out of most discussions, coming in primarily only on controversial issues after he's developed a position of his own.
Days after the release of xf86-video-amdgpu 18.0 is now an updated xf86-video-ati / Radeon DDX release for namely the pre-GCN graphics processors.
The xf86-video-ati 18.0 release is available today that like the AMDGPU DDX driver has also switched over to a year-based versioning scheme. With most attention these days being on GCN Radeon GPUs, there isn't too much to this Radeon DDX driver that ends out its support with the Radeon HD 6000 series, depending upon if GCN 1.0/1.1 support for your kernel is set to AMDGPU yet or not.
Intel open-source developer Ankit Nautiyal has restarted work on adding picture aspect ratio support to the Linux kernel's Direct Rendering Manager (DRM) layer.
Previous work on adding aspect ratio handling to the DRM subsystem's mode-setting paths and exposing that to user-space had failed and been reverted since it didn't properly deal with user-space applications not supporting the aspect ratio information attached to modes. With these new patches, the new aspect ratio support is hidden behind a capability flag as to not cause problems for existing software.
Version 2.4.91 of the Mesa DRM library (libdrm) is now available for this component that notably sits between the Linux kernel and various user-space clients like Mesa and the X.Org Server.
Last month we reported on work resuming with the Mali T700 series open-source GPU driver called Chai. It's continued with the lead developer now working on an Assembler and soon beginning work on shaders.
Alyssa Rosenzweig who has been working on this open-source Mali T700 driver from where the Lima project left off several years ago continues making progress.
It was last summer that a GSoC student developer worked on an OpenMAX Tizonia state tracker for Gallium3D to replace the existing and out-of-date "Bellagio" code. Finally today that new Tizonia code has landed in Mesa 18.1-devel Git.
Last month Intel open-sourced a new "NEO" OpenCL driver including an LLVM graphics compiler and its compute runtime supporting OpenCL 2.1. I finally found some time to give this new open-source Intel OpenCL Linux driver a try.
This new Intel OpenCL open-source driver dubbed "NEO" that replaces the Beignet previous open-source OpenCL Linux driver as well as Intel's previous closed-source OpenCL SDK driver is in much better standing. While Beignet hit OpenCL 2.0 support a few months ago, NEO already exposes OpenCL 2.1 and they are on the way with OpenCL 2.2 support. This NEO driver is also cross-platform, introduces a new "GMMLIB" graphics memory management library, and makes use of a new LLVM-based graphics compiler stack. This new Intel stack focuses on Broadwell "Gen 8" graphics hardware support and newer.
In this article, I'll show you how to turn a command line output in Linux into an image using Termshot. Termshot is Linux tool which turns a cli command's output into a screenshot including colors and interactive text. This is of the essence if working on something that you need to screenshot for sharing, reference or documentation purposes. Sometimes you would copy terminal output in a text format but when you paste it on a different platform like CMS, it will lose original formatting and its colors giving it an atrocious look.
One of the really confusing things for users who are new to messing with the command line, can be trying to search with specifics. A useful little tool for aiding in this process, is called grep, or “global regular expression print,” which will search for regular statements in anything you pipe it through, and show you matches for what you looked for (if any exist.)
Albert is a fast and flexible keyboard launcher, written in C++ and based on the Qt framework. As the name implies, the principal duty of Albert is to launch things, nothing more, nothing less. Using Albert, you can run applications, open files or their paths, open bookmarks in your web browser, search the web, calculate things and much more. Albert has flexible extension system, so the users and/or the developers can extend the functionality of Albert by creating plugins. It is free, open source and licensed under GPLv2.
Way of the Passive Fist [Steam] is not the type of brawler I expected it to be, but it’s still a very fun experience.
The Linux beta of Arma 3 [Steam] is once again up to date with the Windows client at version 1.80 (meaning for now multiplayer with Windows gamers is possible), this also brings compatibility with the Tac-Ops Mission Pack.
Railway Empire [GOG, Steam] has expanded again with a new beta that brings in some much requests features making a bigger and more interesting game.
It’s an exciting time to be a fan of six-degree-of-freedom shooters, Overload has a final Early Access build up before the big full release.
Why is it exciting? Well—the full release will have the full singleplayer and online multiplayer implemented, so it’s going to be pretty awesome to finally blow some people up online.
In FoxTail [GOG, Steam], you play as a young fox named Leah who goes on a journey to find a cure for her grandmother. It's now out in Early Access with a Linux version
Parkitect [Steam, GOG], the super sweet game about building your own theme park has a new beta out with a new ride and improved performance.
Do you like the idea of keeping people alive during a zombie apocalypse? Deadly Days [Steam] is currently in Early Access and it has Linux support.
Developer Valentin Breiz recently updated his PS4 Linux Loader, a simple payload tool designed with a single goal in mind, to let you run Linux on your Sony PlayStation 4 gaming console, to support some PlayStation 4 models running firmware 4.55.
This is possible thanks to IDC's kernel exploit for firmware 4.05, which has now been updated for firmware 4.55 too. However, for now it looks like running Linux on PlayStation 4 only works with some PS4 models having a FAT filesystem.
Candidate images for the Kubuntu Bionic Beaver (18.04) Beta 1 are now available for testing.
The Kubuntu team will be releasing 18.04 in April. The final Beta 1 milestone will be available on March 8.
Glasgow’s group of Linux nerds has been gathering for 20 years so I was pleased to eat lots of curry at the Scottish Linux User Group’s 20th anniversary dinner. In the pub afterwards I showed off the new KDE Slimbook II and recorded a little intro. It’s maybe not the most slick presenting skills but it’s my first time making a video...
KaOS is proud to announce the availability of the March release of a new stable ISO.
The developers of the KaOS Linux operating system announced today that availability of March 2018's ISO snapshot with up-to-date components and latest GNU/Linux technologies.
KaOS 2018.03 is now available for download and it's the first to ship with the recently released KDE Plasma 5.12 LTS desktop environment by default. In fact, the new release includes KDE Plasma 5.12.2 LTS, along with the KDE Applications 17.12.2 and KDE Frameworks 5.43.0 software suites built on Qt 5.10.1.
One of the important missing features in Plasma wayland session is without a doubt possibility to share your screen or record you screen. To support this you need help of the compositor and somehow deliver all needed information to the client (application), in ideal way something what can be used by all DEs, such as Gnome. Luckily, this has been one of the primary goals of Pipewire, together with support for Flatpak. If you haven’t heard about Pipewire, it’s a new project that wants to improve audio and video handling in Linux, supporting all the usecases handled by PulseAudio and providing same level of handling for video input and output. With Pipewire supporting this, there was recently a new API added to xdg-desktop-portal for screen cast support and also for remote desktop. Using this API, applications can now have access to your screen content on Wayland sessions or in case they are running in sandbox. With various backend implementation, like xdg-desktop-portal-kde or xdg-desktop-portal-gtk, they just need to support one API to target all desktops. Screen cast portal works the way, that the client first needs to create a session between him and xdp (xdg-desktop-portal) backend implementation, user then gets a dialog with a screen he would like to share and starts screen sharing. Once he does that, xdp backend implementation creates a Pipewire stream, sends back response to the client with stream id and then client can connect to that stream and get its content. Once he no longer requests content of the selected stream, xdp backend implementation gets information that nobody is longer connected to the created Pipewire stream and can stop sharing screen information and xdp backend implementation is again ready to accept next requests for screen sharing. This is all happening in the background so there is really no cool picture I can show, at least this dialog which you get when you request to share a screen.
With Wayland not enforcing any standard for screensharing, KDE developers are now building off GNOME's approach of XDG-Desktop-Portal and PipeWire for desktop/screen sharing for adding this feature to Plasma on Wayland.
Red Hat / KDE developer Jan Grulich has been working on screen sharing support for the KDE Plasma Wayland session. For this understandably he's gone with the groundwork laid by XDG-Desktop-Portal/Pipewire to allow for a quick bring-up of this support.
Users of Kubuntu 17.10 Artful Aardvark can now upgrade via our backports PPA to the 3rd bugfix release (5.12.3) of the Plasma 5.12 LTS release series from KDE.
(Testers of 18.04 Bionic Beaver will need to be patient as the Ubuntu archive is currently in Beta 1 candidate freeze for our packages, and but we hope to update the packages there once the Beta 1 is released)
The full changelog of fixes for 5.12.3 can be found here.
GTK’s support for loadable modules dates back to the beginning of time, which is why GTK has a lot of code to deal with GTypeModules and with search paths, etc. Much later on, Alex revisited this topic for GVfs, and came up with the concept of extension points and GIO modules, which implement them. This is a much nicer framework, and GTK 4 is the perfect opportunity for us to switch to using it.
Cairo needs help. It is the main 2D rendering library we use in GNOME, and in particular, it's what librsvg uses to render all SVGs.
My immediate problem with Cairo is that it explodes when called with floating-point coordinates that fall outside the range that its internal fixed-point numbers can represent. There is no validation of incoming data, so the polygon intersector ends up with data that makes no sense, and it crashes.
I've been studying how Cairo converts from floating-point to its fixed-point representation, and it's a nifty little algorithm. So I thought, no problem, I'll add validation, see how to represent the error state internally in Cairo, and see if clients are happy with getting back a cairo_t in an error state.
I’m pretty happy with the GNOME Shell desktop Ubuntu switched to last October, but I do miss being able to quickly browse and open my files from the Unity Dash.
But I need miss it no more.
A new GNOME extension brings similar file view functionality to the GNOME Shell desktop.
We’re pleased to announce the fifth release candidate for Qubes 4.0! This release contains bug fixes for the issues discovered in the previous release candidate. A full list of the Qubes 4.0 issues closed so far is available here. Further details about this release, including full installation instructions, are available in the Qubes 4.0 release notes. The new installation image is available on the Downloads page.
We are pleased to offer MX-17.1-RC1 for testing.
Just about every day, new technological developments threaten to destabilize even the most intricate and best-laid business plans. Organizations often find themselves scrambling to adapt to new conditions, and that's created a shift in how they plan for the future.
According to a 2017 study by CompTIA, only 34% of companies are currently developing IT architecture plans that extend beyond 12 months. One reason for that shift away from a longer-term plan is that business contexts are changing so quickly that planning any further into the future is nearly impossible. "If your company is trying to set a plan that will last five to 10 years down the road," CIO.com writes, "forget it."
Istio is pretty fast. It’s written in Go and adds a very tiny overhead to your system. Plus, what you may lose in online performance should be paid for by increased developer efficiency and speed. That’s the theory at least. Don’t overlook the fact that developers are expensive.
As for the software, Istio is open source, so you can grab it and start using it now.
As a Red Hat Certified Cloud and Service Provider, ORock offers a "pure-play" open source environment that is designed to deliver enhanced flexibility, security features and control. The following services are In Process for FedRAMP authorization from the DoD: Red Hat Enterprise Linux; Red Hat OpenStack; Red Hat Ceph Storage; Red Hat CloudForms; Red Hat Ansible Tower; Red Hat Satellite and all associated cloud APIs. In addition, ORock provides SaaS offerings and services including ORock Federal Authorization Services (FAS) and ORock VirtualClouds, which enables secure mobile cloud access.
Fedora 28 (F28) is slated to release in May 2018. On the Fedora Design Team, we’ve been thinking about the default background wallpaper for F28 since November. Let’s walk through the Fedora 28 background process thus far as a sort of pre-mortem; we’d love your feedback on where we’ve ended up.
Microsoft promised months ago that Windows 10 users would be able to install and run multiple Linux distributions side-by-side on the Windows Subsystem for Linux.
We’re excited to announce that you can now download & install Debian GNU/Linux via the Windows Store!
After we announced that you’d be able to install and run multiple distro’s side-by-side on WSL , we are happy to introduce another one of your favorite Linux distros to the Windows Store. As promised, we are expanding your ability to run multiple distros on WSL!
Microsoft announced on Tuesday that it brought the popular Debian GNU/Linux operating system to the Windows Store for those who want to install it on top of the WSL (Windows Subsystem for Linux) feature for Windows 10.
The exciting announcement comes just one day after Microsoft introduced the Debian-based Kali Linux ethical hacking and penetration testing GNU/Linux distribution on the Windows Store for those who want to download and install it on their Windows 10 machines that support WSL (Windows Subsystem for Linux), and now you can do the same with Debian GNU/Linux.
Our most recent Linux vs. WSL benchmarks remain quite promising for getting decent performance out of this subsystem if being stuck to Windows 10 but the big caveat remains with much slower I/O performance.
My monthly report covers a large part of what I have been doing in the free software world. I write it for my donors (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.
On 3 March I attended a Debian Bug Squashing Party in Tirana. Organized by colleagues at Open Labs Albania Anisa and friends and Daniel. Debian is the second oldest GNU/Linux distribution still active and a launchpad for so many others.
A large number of Kosovo participants took place, mostly female students. I chose to focus on adding Kosovo to country-lists in Debian by verifying that Kosovo was missing and then filing bug reports or, even better, doing pull requests.
Preparations for the release of TeX Live 2018 have started a few days ago with the freeze of updates in TeX Live 2017 and the announcement of the official start of the pretest period. That means that we invite people to test the new release and help fixing bugs.
Besides the Ubuntu 18.04 minimal spin that is around to 30MB compressed, the Ubuntu 18.04 "Bionic Beaver" installer recently added an option for a "minimal installation" from the desktop Live DVD/USB environment. Here's a look at what that means for desktop users.
The minimal installation option from the Ubuntu 18.04 Ubiquity installer isn't to be confused with the lightweight Ubuntu minimal spin for containers and building your Ubuntu stack from scratch. Rather, the desktop minimal installation is advertised as only installing "a minimal desktop environment with a browser and utilities."
Commell’s Pico-ITX “LP-150” SBC runs Android or Linux on a quad -A7 Rockchip RK3128 SoC, and provides 8GB eMMC, GbE, WiFi, LVDS, HDMI, and dual USB ports.
Aaeon has launched the “UP AI Core” — a $69 mini-PCIe version of Intel’s Movidius Neural Compute Stick for neural network acceleration that’s designed to work with the UP Squared SBC and other Ubuntu-driven x86_64 computers.
There are plenty of reasons not to want to hand off the tasks of storing your data and running your services to third-party companies; privacy, ownership, and avoiding abusive "monetization" are some of the top ones. But for most people, the task of running a server is just too time-consuming and requires too much-specialized knowledge. Instead, we compromise. We put aside our worries and just use cloud-hosted corporate services, with all the advertising, data mining and selling, and everything else that comes with them.
There is no question that the face of the web has been transformed in recent years by open source fonts. Prior to 2010, the only typefaces you were likely to see in a web browser were the generic "web safe" core fonts from Microsoft. But that year saw the start of several revolutions: the introduction of the Web Open Font Format (WOFF), which offered an open standard for efficiently delivering font files over HTTP, and the launch of web-font services like Google Fonts and the Open Font Library—both of which offered web publishers access to a large collection of fonts, for free, available under open licenses.
It is hard to overstate the positive impact of these events on web typography. But it can be all too easy to equate the successes of open web fonts with open source typography as a whole and conclude that the challenges are behind us, the puzzles solved. That is not the case, so if you care about type, the good news is there are a lot of opportunities to get involved in improvement.
Divisive Politics are destroying Open Source. Many Open and Free Software projects have been ripped apart, just in the last year, by politics that seem to serve no purpose other than to divide us as people. I take a look at three recent, and noteworthy, examples: FreeBSD, Node.js (part of the Linux Foundation), and Mozilla. Three organizations that have a massive impact on our lives (even if we don’t know it) — that have had divisive politics cause significant turmoil and damage to not only themselves… but the entire Open Source and technology world.
One industry that lags behind others in the adoption of digital or open source tools is the competitive and lucrative world of scientific publishing. Worth over €£19B ($26B) annually, according to figures published by Stephen Buranyi in The Guardian last year, the system for selecting, publishing, and sharing even the most important scientific research today still bears many of the constraints of print media. New digital-era technologies present a huge opportunity to accelerate discovery, make science collaborative instead of competitive, and redirect investments from infrastructure development into research that benefits society.
Patrick Lopez, VP of Networks Innovation at Telefónica, talks about how vendors and operators can utilize open source to take more control over the design and programming of networks. In addition, Lopez examines Telefónica's approach to edge computing, and use cases for the technology such as in IoT and robotics.
The dev shared the code powering SLayout on GitHub for fellow developers to download and play with. All in all, Inkle Studios says that SLayout can be used in Unity to provide an easier way to handle layout properties and animation for text and UI elements.
Today the Open Source Initiative€® (OSI) announced its Incubator Project, ClearlyDefined, a crowdsourced project aimed at boosting the success of FOSS projects by clearly defining their status. Absences or ambiguities around licensing or known security vulnerabilities can erode confidence and limit project success. Project teams often are not aware of these concerns or do not know how to address them. ClearlyDefined identifies the gaps and works with project teams to fill them.
"This is an important project to amplify the success of FOSS projects through wider adoption and confidence. It aligns closely with OSI's mission to educate and advocate for open source," said Simon Phipps, President of the board of directors of the OSI, curator of the world's open source licenses.
Rolling out ahead of the Android variant with this version, Chrome 65 is now available for Mac, Windows, and Linux. This update focusses on introducing several new features that developers can take advantage of, as well as security improvements.
The Chrome team is delighted to announce the promotion of Chrome 65 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.
Google has rolled out Chrome 65 to its stable channels on Linux, macOS, Android, and Windows.
The Review Team is a specialized group responsible in reviewing and approving or rejecting every budget requests made by Mozilla Reps.
At the Open Source Leadership Summit in Sonoma, California, on Tuesday, members of the open source community gathered under a big tent.
It was a tent with carpeting and chandeliers at a stylish wine country inn, but a tent nonetheless, and it served as a clear metaphor for the aspirations of the community: People from diverse backgrounds working together for the benefit of all concerned, while also allowing for the creation of value and return on investment, according to those there.
Open source software is at its core about code licensing, but making open source projects work in the context of companies and contributors is about people and process.
Open Source Summit Japan and Automotive Linux Summit 2018 are once again co-located and will be held June 20-22 at the Tokyo Conference Center Ariake in Tokyo. Both events offer participants the opportunity to learn about the latest projects, technologies, and developments taking place across the open source ecosystem, and specifically in the Automotive Linux arena.
APRICOT is the largest annual internet community conference in the Asia-Pacific region. Nearly one thousand attendees show up for two weeks of workshops, tutorials and presentations. While the primary focus of the conference is on networking, the conference also attracts a sizable number of systems people. I also attended some of the APTLD conference which overlapped for a couple of days during the APRICOT workshop week. This was the first time I attended APRICOT.
Open-source licensing can get ... complicated. These days, many programs are 20 percent original code on top of 80 percent previously open-sourced code. To help address the resulting licensing complications, GitHub has open sourced Licensed, an internal tool they've used to automate some of GitHub's open-source projects licensing process.
That's pretty impressive considering only a few years ago, GitHub's laissez-faire attitude to licensing had led to 77 percent of all GitHub programs having no licenses at all. If that doesn't sound important to you, then you're a developer who's never tried to commercialize their program.
Designing climate experiments is all but impossible in the real world. We can’t, for instance, study the effects of clouds by taking away all the clouds for a set period of time and seeing what happens.
Instead, we have to design our experiments virtually, by developing computer models. Now, a new open-source set of climate models has allowed this research to become more collaborative, efficient and reliable.
On Tuesday, job search site Indeed announced that it has joined the Cloud Native Computing Foundation (CNCF), an open source software foundation dedicated to making cloud-native computing universal and sustainable.
The CNCF is part of the The Linux Foundation, and is a vendor-neutral home for fast-growing projects. Indeed relies on open source technologies such as Python, Apache, Mesos, and OpenTracing to build and deliver its products, according to a blog post making the announcement.
Can anyone recommend software for running a web service similar to archive.org?
We are looking for something similar to manage digital assets within the Computing History Special Interest Group.
At the end of the day you’re done with work, you go home—and you don’t spend any of your free time coding. And that’s fine, you have other things going on in your life. But your coworker does spend another 20 hours a week coding, and all that practice means they’ll end up better programmers than you, and so they’ll get promoted faster, and they’ll get paid more. And that’s not fine.
It’s also not true.
But I thought it could maybe be useful to list a bunch of concrete skills and concepts I’ve learned along the way. Like anything else, “computer networking” involves a large number of different concepts and skills and tools and I’ve learned them all one at a time. I picked most of these things up over the last 4 years.
A lot of websites are seeing mobile traffic growth from using Google’s open-source AMP protocol, but critics are raising some big ethical questions. Are those concerns enough to dissuade organizations from using AMP?
The Drugs for Neglected Disease initiative (DNDi), a nonprofit research and development organisation, today announced a collaboration with pharmaceutical companies and other nonprofits to manufacture and supply a “new, more affordable” hepatitis C treatment in Latin America. Hepatitis C medicines have been renowned for their high prices worldwide.
From the press release: “A new collaboration between pharmaceutical companies and non-profit organizations will manufacture and supply a new, more affordable, hepatitis C treatment regimen in Latin America. An estimated 3.5 million people live with this viral disease in Latin America including around 325,000 in Argentina, with high treatment prices one of the many barriers to access for life-saving care.”
The laptop lets you disable the keyboard and touchscreen while cleaning, so that nothing is accidentally inputted. All three products are built to withstand deterioration from being cleaned with germicidal wipes, which may help reduce the spread of health care-related infections.
4G LTE isn’t nearly as secure or private as you think it is. Mobile privacy and security are both at risk. Researchers from Purdue University and the University of Iowa have released a new research paper detailing ten attacks on 4G LTE networks. Some attacks allow fake emergency alerts to be sent to a phone, others allow for the spoofing or tracking of the target’s location. The attacks could be carried out with less than $4,000 of equipment and open source 4G LTE software.
If for some reason you are still riding the Linux 4.1 kernel series, you really should think about upgrading to at least a newer LTS series in the near future. But if you still plan on riding it for a while longer, at least it's getting page table isolation support for Meltdown mitigation.
An Oracle kernel developer has posted patches bringing kernel page table isolation (KPTI, formerly known as KAISER) to the Linux 4.1 stable kernel series.
The Solaris-derived OpenIndiana operating system now has KPTI (Kernel Page Table Isolation) support for testing to mitigate the Intel Meltdown CPU vulnerability.
Thanks in large part to the work done by Joyent on KPTI support for SmartOS/OmniOSce, the Illumos kernel used by OpenIndiana now has a KPTI implementation for testing. They have spun up some live install images for testing as well as an IPS repository containing a KPTI-enabled kernel build. With this KPTI work is also PCID (Process Context Identifier) support too.
I had a quiet New Year's Eve and Day for the beginning of 2018. We had originally planned a trip away with my parents and some friends from southern California, but they all fell through -- my father was diagnosed with cancer late in 2017 and their trip to visit us in the U.S. was cancelled, and our friends work in medicine and wound up being on call. One of Lou's other friends came to visit us, instead: she was on a mission to experience midnight twice on January 1st by flying from Hong Kong to San Francisco. That might sound like an excuse to party hard, but instead we sat around an Ikea table playing board games, drinking wine and eating gingerbread. It was very pleasant.
[...]
To mitigate Meltdown (and partially one of the Spectre variants), you have to make sure that speculative execution cannot reach any sensitive data from a user context.
Not even a week has passed since the code sharing platform GitHub suffered the world’s biggest DDoS attack recorded at 1.35Tbps. Just four days later, the world record of the biggest DDoS has been broken in an attempt to take down the systems of an unknown entity identified as a “US-based service provider”.
The size of massive distributed denial-of-service attacks continues to grow, hitting yet another new high on March 5, with a report of a 1.7-Tbps attack.
The attack was reported by Netscout Arbor and came just four short days after the March 1 report of the then largest DDoS attack at 1.35 Tbps against GitHub. Both of the record breaking DDoS attacks were enabled via improperly configured memcached servers that reflected attack traffic, amplifying the total volume.
A newly uncovered 'nation-state level' cyber espionage operation has targeted humanitarian aid organisations around the globe via the use of backdoors hidden within malicious Word documents.
Dubbed Operation Honeybee based on the name of lure documents used during the attacks, the campaign has been discovered by security researchers at security company McAfee Labs after a new variant of the Syscon backdoor malware was spotted being distributed via phishing emails.
Perhaps the biggest challenge will be durability. At present we have a hard time patching a phone that’s three years old. Yet the average age of a UK car at scrappage is about 14 years, and rising all the time; cars used to last 100,000 miles in the 1980s but now keep going for nearer 200,000. As the embedded carbon cost of a car is about equal to that of the fuel it will burn over its lifetime, we just can’t afford to scrap cars after five years, as do we laptops.
Zetter unearthed a 2006 contract with the state of Michigan and a report from Pennsylvania's Allegheny County that same year that both showed ES&S employees using a remote-access application called pcAnywhere to remotely administer equipment it sold.
For much of human history, the idea of freedom had little meaning. This was because life was, as Thomas Hobbes put it, “poor, nasty, brutish, and short.” And while he thought this descriptor applied to life outside of society, for a long time it did not really matter – life within pre-modern societies often had the same limiting character. Religious belief in these same times reflected this depressing fact by asserting that there was no hope of meaningful freedom in this life. To achieve it you would have to die and go to Heaven. So, what set you free was death.
French economy minister Bruno Le Maire says the EU has plans to tax big multinational technology companies — like Google, Apple, Facebook and Amazon — between 2% and 6% of their revenue, with the figure being closer to the lower end.
A procedural vote to scale back banking regulations is set for this Tuesday in the Senate, only 10 years after the Great Recession — caused by some of the regulations that Dodd-Frank hoped to address. The Senate plan is staunchly supported by the Trump administration — and all signs point towards it becoming law.
The issue exposes both the rifts within the Democratic Party and the extent to which the Trump administration is unashamed, as President Donald Trump's entire campaign was built on the premise that he was an outsider who would drain the swamp.
A well-intentioned effort in Oregon to drive more competition to the broadband market has instead netted Comcast a $15 million annual tax break for effectively doing nothing differently.
Back in 2014 the Oregon State Supreme Court issued a hugely-controversial ruling that allowed companies to be taxed based on "intangible" assets such as the value of their brands. Lobbied by Google, the state in 2015 signed a new law rolling back those assessments to try and incentivize competitors looking to deploy faster broadband networks.
Prosecutors are letting debt collectors hijack the justice system at the expense of people who cannot afford to pay bills.
When Roz, a mother raising three children with special needs on a razor-thin budget in Washington, wrote a check for $41.19 to Goodwill to buy secondhand clothing for her children, she had no idea it would lead to threats of criminal prosecution and jail. But that’s exactly what happened when the check bounced, and her inability to pay a bill led to her being sucked into the criminal justice system.
That the check bounced because of a banking mix-up didn’t matter. Roz received a letter in the mail that looked like it had been sent by her local prosecutor. The letter stated she had been accused of the crime of issuing a worthless check and she had to pay the amount of the check plus $185 in fees within 10 days “to avoid the possibility of criminal charges being filed.”
The threats for failure of nonpayment did not end there.
In late February, Venezuela's government began accepting presidential candidate registrations and announced a snap legislative election for April.
The Pew Research Center (3/1/18) recently released a survey on political attitudes by generation. “America is politically sorted by generations in a way it never has before,” was the takeaway of New York‘s Jonathan Chait (3/1/18).
Well, sort of. The generational divide is a striking feature of US politics, but it’s not exactly breaking news. While as recently as the 2000 election, young people were the least likely age group to vote for the Democrat, and old folks the most, since 2008 the generations have voted the stereotype of left-leaning youth and conservative elders. That’s still happening, Pew finds.
Stormy Daniels says the "hush" agreement she signed is invalid since President Trump didn't sign it, according to a lawsuit.
We’ve updated “The Money Game,” our Illinois governor’s race fundraising widget, with improvements to the design and data, as well as the addition of automated cards to share on social media.
The data changes are the most significant update. We’re now tracking campaign contributions across a four-year window, compared to two years in the previous version. That’s because many candidates stockpile and transfer money among multiple campaign funds over several campaign seasons.
The Trump Organization says it has removed golf markers bearing the presidential seal from one of its golf courses.
As ProPublica and WNYC reported yesterday, President Trump’s company recently ordered dozens of presidential seals to be used as golf tee markers. It is illegal to use the presidential seal for commercial purposes.
In a statement Tuesday morning, a spokesman for the company said, “The plaques were presented to the club by a small group of members, who are incredible fans of the President, in honor of Presidents day [sic] weekend. They were temporary and have since been removed.”
PornHub's owner Mindgeek this weekend revealed its UK plans for AgeID, an encrypted tool for users to unsurprisingly verify their age when accessing one of the largest porn sites in the world.
[...]
AgeID has already been in operation since 2015 on porn sites in Germany. And while things seem to be hammering away nicely, there're a few raised eyebrows over handing verification control over to Mindgeek and its family porn sites, which include YouPorn, Brazzers and RedTube.
Having already brought Turkey’s mainstream media to heel, and made considerable headway in rolling back Turkish democracy, the government of President Recep Tayyip Erdogan has set its sights on a seemingly innocuous target: a satellite television preacher named Adnan Oktar.
[...]
“It is just about control,” said Kerem Altiparmak, a human rights and media lawyer. “Considering what has been happening in Turkey, I have no doubt this is a hegemonic power, controlling newspapers, TV and the judiciary, that is now out to control the [I]nternet sector.”
Hi folks, it’s Shelly Banjo. Banned books and blocked websites are the norm in China. Now, as the tech industry and political leadership forge closer ties, there’s a growing sense here that we’re about to see a whole different level of censorship.
This isn’t about the looming VPN ban, or President Xi Jinping’s bid to abolish term limits and cement his power. It’s about a deeper level of control and restrictions, encroaching into pop culture, entertainment and other seemingly apolitical content.
Claiming censorship, attorneys are claiming that Arizona State University is illegally blocking a Muslim academician from speaking on campus because of his political beliefs.
The lawsuit filed in federal court here says the university won't allow Hatem Bazian to speak on campus about the "boycott, divest, sanction'' movement aimed at pressuring Israel to change its policies, particularly in regard to Jewish settlements on the West Bank. That's because Bazian won't sign an agreement certifying that he will not engage on a boycott of Israel.
People in marginalized communities who are targets of persecution and violence—from the Rohingya in Burma to Native Americans in South Dakota—are using social media to tell their stories, but finding that their voices are being silenced online.
This is the tragic and unjust consequence of content moderation policies of companies like Facebook, which is deciding on a daily basis what can be and can’t be said and shown online. Platform censorship has ratcheted up in these times of political strife, ostensibly to combat hate speech and online harassment. Takedowns and closures of neo-Nazi and white supremacist sites have been a matter of intense debate. Less visible is the effect content moderation is having on vulnerable communities.
Get ready for your head to explode.
In the middle of TEDxBrussels talk on March 5 that focused on censorship, a male event organizer walked onto the stage and physically dragged the female presenter off. And the kicker? The theme of the entire TEDx event was Brave New World — as in, yes, the Aldous Huxley book about a dystopian future wherein an all-powerful state controls the lives of its citizens.
And it only gets worse from there.
Another case of YouTube's copyright notification system being abused has filtered down through social media. A YouTuber whose channel specializes in game reviews was targeted by the developer of the game after some back-and-forth on the internet over his negative review.
Chris Hodgkinson reviewed a game called Super Seducer, which supposedly teaches dudes how to pick up women through the magical art of full-motion video. Call it "edutainment." (If you must…) The developer, Richard La Ruina, didn't care for his game being featured on a video series entitled "This is the Worst Game Ever." Nor did he care for Hodgkinson's suggestion the game offered nothing to men in the way of usable pick-up artistry.
The European Commission recently launched a consultation on “fake news and online disinformation” to which La Quadrature has responded. The current debate about these phenomena seems to be dominated by a prevailing confusion and risks to lead to measures restricting freedom of expression and the right to information. Nonetheless, the big platforms' system of commercial surveillance needs to be addressed seriously, as it disrupts public debate by treating our attention as a commodity.
A spectre is haunting American and European political leaders, the spectre of "fake news". Early in January, Emmanuel Macron announced future legilsation in order to prevent the spread of " false information ", especially during election period. The draft bill is supposed to be discussed in French National Assembly1 end of March.
The European Commission's consultation was closed on 23 February, and the results should lead up to a decision whether European legislation on this topic is needed or not. In parallel, the Commission appointed an expert group charged with submitting a report in March. Both measures exclusively target online content which is “lawful but false', without defining “false”.
Mumbai, Mar 6 Veteran filmmaker Shyam Benegal today said the kind of censorship and mood the country has with regards to cinema is reminiscent of the Emergency era.
The veteran director was speaking at a panel discussion here at FICCI Frames, which was moderated by senior journalist Bhupendra Chaubey.
Mike Godwin (you know who he is) was recently going through some of his earlier writings, and came across an essay (really an outline) he had written to the Cypherpunks email list 25 years ago, in April of 1993 concerning the Clipper Chip and early battles on encryption and civil liberties. If you don't recall, the Clipper Chip was an early attempt by the Clinton administration to establish a form of backdoored encryption, using a key escrow system. What became quite clear in reading through this 25-year-old email is just how little has changed in the past 25 years. As we are in the midst of a new crypto war, Godwin has suggested republishing this essay from so long ago to take a look back at what was said back then and compare it to today.
After the prosecution of a California doctor revealed the FBI’s ties to a Best Buy Geek Squad computer repair facility in Kentucky, new documents released to EFF show that the relationship goes back years. The records also confirm that the FBI has paid Geek Squad employees as informants.
EFF filed a Freedom of Information Act (FOIA) lawsuit last year to learn more about how the FBI uses Geek Squad employees to flag illegal material when people pay Best Buy to repair their computers. The relationship potentially circumvents computer owners’ Fourth Amendment rights.
The documents released to EFF show that Best Buy officials have enjoyed a particularly close relationship with the agency for at least 10 years. For example, an FBI memo from September 2008 details how Best Buy hosted a meeting of the agency’s “Cyber Working Group” at the company’s Kentucky repair facility.
The memo and a related email show that Geek Squad employees also gave FBI officials a tour of the facility before their meeting and makes clear that the law enforcement agency’s Louisville Division “has maintained close liaison with the Geek Squad’s management in an effort to glean case initiations and to support the division’s Computer Intrusion and Cyber Crime programs.”
Insurance brokers must play a more direct role in helping financial institutions and energy companies map and quantify cyber risk, a former director of the UK security agency GCHQ has said.
Speaking at a Marsh Energy Insurance Conference in Dubai, Iain Lobban said insurance brokers should attend cyber breach planning exercises held by insureds, along with representatives from intelligence agencies.
It might like a contradiction in terms, but this week has seen a fascinating session of the Investigatory Powers Tribunal (IPT). That’s because, after one witness from GCHQ had repeatedly given misleading evidence to the tribunal, Privacy International, who are challenging GCHQ’s bulk collection powers, were given permission to cross-examine him for the very first time.
The Senate Armed Services Committee unanimously approved President Trump’s choice to lead the National Security Agency on Tuesday morning.
The committee held a brief voice vote on the nomination of Lt. Gen. Paul Nakasone, before holding a hearing on worldwide threats to the United States featuring testimony from Director of National Intelligence Dan Coats and from Lt. Gen. Robert Ashley, the director of the Defense Intelligence Agency.
VPNs are widely used to overcome geographical obstruction, to access a remote network securely, and other different purposes. They are extensively used by organizations to share resources across various office locations. In recent times, VPNs have gained widespread usage in bypassing country restrictions to access blocked services.
A Republican activist subsequently revealed suggestive Facebook messages that the then-married congressmen sent her in 2012.
Winner is an NSA contractor accused of mailing a classified document on alleged Russian hacking [sic] of voter registration systems to The Intercept. She was charged with violating the Espionage Act and is currently in detention awaiting trial.
Eventually having had enough of people wandering the halls and calling the front desk, the Hilton called the police to complain. They arrived at around 10pm to find the 6316 room empty. It was later discovered that Yeye had left the hotel and checked into another at the Sanya Phoenix International Airport.
She was arrested on Friday (2 March) and charged with prostitution and disruption (of the Hilton Hotel). All her social media accounts have been suspended.
There is a major difference between Alexander Litvinenko and Sergei Skripal, which is not being reflected in the media. Litvinenko was a good man who attempted to expose abuses of power within Russia, in defence of the rights of Russians. Skripal is a traitor who sold the identities of Russian agents abroad to the UK, in exchange for hard cash. This may very well have caused the deaths of some of those Russian agents operating in conflict zones. If this is indeed a poisoning, there are a great many people who may want Mr Skripal dead – nor in this murky world should we overlook the fact that he must have known interesting things about his MI6 handlers. “Litvinenko II” is rather too pat and obvious, and could be a false flag set-up.
At least four technology companies have taken steps to bar Atomwaffen Division, a violent neo-Nazi organization, from using their online services and platforms to spread its message or fund its operations.
The action comes after ProPublica reports detailing the organization’s terrorist ambitions and revealing that the California man charged with murdering Blaze Bernstein, a 19-year-old college student found buried in an Orange County park earlier this year, was an Atomwaffen member.
Activists and journalists with other media outlets have criticized the tech firms — among them chat services, web merchants, social media channels and gaming platforms — for enabling the outfit, which has members in 23 states and Canada, records show.
In two consecutive SWAT-style raids, ICE and the U.S. Marshals’ agents raid a family’s home without a warrant.
Around noon, on April 10, 2017, Alicia Amaya Carmona glanced through her partially closed blinds at the Wing Pointe apartment complex in Heber City, Utah. What the 48-year-old grandmother saw terrified her.
A group of men in blue and green vests, carrying assault weapons and pistols, were running through the parking lot towards the apartment she shared with her son and her daughter-in-law. She grabbed her grandchildren who were awake and ran to the master bedroom where her other grandchildren were napping. Loud knocking ripped through the apartment. Suddenly the men burst into the apartment. “Come out with your hands up!” one shouted.
Frightened, Carmona came out of the master bedroom into the living room with her hands up. Her four grandchildren, all U.S. citizens, stood behind her, screaming and crying out of fear. The men pointed their assault weapons and pistols at Carmona and the children. First, Carmona was ordered out of the apartment and told she could not touch nor speak to her grandchildren. The children, all barefoot, were then ordered out of the apartment, too. The temperature was in the 40s.
The heavily armed men, members of Immigration and Customs Enforcement (ICE) and the U.S. Marshals, finally let Carmona know why they were there. They were after Carmona’s husband, Abel Ramirez Sr., who had been indicted for illegal reentry six years before. Illegal reentry is not a violent crime, yet the family saw this group of federal officers armed for war burst into the apartment without a warrant.
The original Move Your Domain Day came into being in 2011 when popular domain name registrar GoDaddy spoke out in support of the hugely unpopular Internet blacklist bills SOPA and PIPA. The ensuing backlash from Internet users led to a call for customers to leave GoDaddy in favor of companies better-aligned with their online freedom goals. As a result, the first Move Your Domain Day raised over $64,000 for EFF’s work on this and other issues. The response reflected the overwhelming public sentiment that eventually toppled SOPA/PIPA and proved Internet users are powerful when they work together.
Six technology companies, including Kickstarter, Foursquare and Etsy, have launched a lawsuit against the Federal Communications Commission (FCC) in an effort to preserve net neutrality rules.
The companies, which also include Shutterstock, Expa and Automattic, on Monday filed their petition with the U.S. Court of Appeals for the District of Columbia Circuit.
Washington state Governor Jay Inslee Monday signed the nation’s first state law intended to protect net neutrality, setting up a potential legal battle with the Federal Communications Commission.
The law bans broadband providers offering service in the state from blocking or throttling legal content, or from offering fast-lane access to companies willing to pay extra. The law doesn't stop providers from imposing data limits, and doesn't address the practice of allowing certain content to bypass data limits, known as "zero rating."
Washington became the first state Monday to set up its own net-neutrality requirements after U.S. regulators repealed Obama-era rules that banned internet providers from blocking content or interfering with online traffic.
But, as per the order, the forfeiture order appears to only cover the physical album and not the associated copyright.
The MPA, Netflix, Amazon, and dozens of other content companies are ramping up the pressure on a third-party Kodi addon developer. Last year, JSergio123 was warned by the Alliance for Creativity and Entertainment to cease his activities and sign a confidential settlement agreement. He did not and now he's coming under pressure to comply. But what are ACE's demands?
We are grateful this is over. We are grateful for the wonderful work of the EFF, Durie Tangri, and Blurry Edge, our brilliant attorneys who stood up to Playboy's misguided and imaginary claims. We are glad the court quickly saw right through them.
As Spotify prepares to collect billions of dollars with a listing on the New York Stock exchange, a little-known fact about the company has emerged. The music streaming service, which had uTorrent developer Ludvig Strigeus as one of its early developers, was also the owner of the popular BitTorrent client for a while.
People who access Spotify using hacked apps that remove some of the restrictions placed on free accounts are receiving warning emails from the company. Noting that "abnormal activity" has been observed from the user's software, Spotify warns that future breaches could result in suspension or even termination of a user's account.
"MC5: A True Testimonial," which started production in the '90s and made a brief run on the festival circuit in 2003, was held back from wider release amid licensing and copyright disputes.