I have to say, I came out of my Librem 13 experience really impressed. Not only is the laptop top notch, the PureOS distribution does an outstanding job of adding to the security features baked into the hardware. If you’re seriously concerned with mobile security, the Purism Librem 13 or 15 would serve you well.
Stack Overflow, the largest and most trusted online community for developers, published the results of their annual developer survey, held throughout January 2018.
More than 100,000 developers participated in this year's Annual Developer Survey, which included several new topics ranging from ethics in coding to artificial intelligence (AI). The results are finally here and reveal the fact that some technologies and operating systems have become more popular than others in the past year.
I’ve researched these dates several times now over the years, in preparation for several talks. So I’m posting it here for my own future reference.
Security vulnerabilities in the kernel often remain undetected. The kernel hacker initiative, Kernel Self-Protection, promotes safe programming techniques to keep attackers off the network, and, if they do slip through the net, mitigate the consequences.
Any Black Hat who finds a previously unknown vulnerability in the Linux kernel has hit the jackpot. Potentially millions of servers and embedded devices are suddenly open to attack, and the attacker can usually gain root privileges. Users clearly don't want this to happen, and kernel makers try to prevent such events.
Over the past 5 years there has been a steady increase in the number of kernel bug fix commits that use the "Fixes" tag. Kernel developers use this annotation on a commit to reference an older commit that originally introduced the bug, which is obviously very useful for bug tracking purposes. What is interesting is that there has been a steady take-up of developers using this annotation:
In my role as vice president and general manager of the Communications Infrastructure Division within Intel’s Data Center Group, we guide the network transformation strategy for various market segments, including wireless core, edge, cable infrastructure, routers and switches and network security, among others. We focus on delivering processors, networking IP and software, and partner with many groups within Intel to deliver platform-level solutions, including field-programmable gate arrays (FPGAs), network interface controllers (NICs), solid state drives (SSDs) and others. Collectively we support network functions virtualization (NFV), and workload convergence on the path towards 5G.
Intel has an incredibly rich history supporting the development of open platforms, standards and the communities and ecosystems that shape them. We contribute time, resources and intellectual property to a wide variety of open source projects from OpenStack to the LF Networking Fund (LFN). Thousands of Intel developers contribute to over 70 open source projects, and we are recognized as one of the top contributors to the Linux Kernel.
FD.io, one of Linux Foundation’s open source projects, has introduced its 18.01 software release with a focus on improving Kubernetes Networking, Istio and cloud native NFV.
The Fast Data Project (FD.io) released its sixth update since its inception within the Linux Foundation two years ago. While the update list is extensive, most are focused on Kubernetes networking, cloud native network functions virtualization (NFV), and Istio.
The virtualization of network functions has resulted in a disaggregation of hardware and software, increasing interest in open source projects for both layers in return. To feed this interest, the Linux Foundation and Open Compute Project (OCP) recently announced a joint initiative to advance the development of software and hardware-based open source networking.
Both organizations have something to offer the other through the collaboration. The Linux Foundation’s OPNFV project integrates OCP as well as other open source software projects into relevant network functions virtualization (NFV) reference architectures. At the same time, OCP offers an open source option for the hardware layer.
With Wayland appearing in more places from automobile in-vehicle infotainments to planes to smartphones, having a good touchscreen calibration system is certainly important. Collabora developers have been working on a new touchscreen calibrator and new protocol extension for Weston.
After a one month development hiatus, Mesa 18.0 is due to be released today as the first major Mesa 3D release of 2018.
Mesa 18.0 is the latest quarterly update to this Linux user-space graphics driver stack that was originally due out by mid-February. While it's late, it's set to be released this Friday and the features make it well worth the wait -- assuming you stick to stable releases and don't habitually ride Mesa Git for the latest and greatest open-source driver features.
The open-source driver developers responsible for the reverse-engineered, open-source Vivante GC graphics driver "Etnaviv" have sent in the pull request of their updates for DRM-Next that is of material to be found in the upcoming Linux 4.17 development cycle.
The most notable addition to the Etnaviv Direct Rendering Manager driver for Linux 4.17 is that it's now wired into the DRM GPU scheduler, or rather it's the AMDGPU scheduler that was punted into the common DRM space. It will be interesting to see the impact of Etnaviv now making use of AMD's optimized GPU scheduler.
AMD developers have already submitted a few rounds of feature work to DRM-Next for Linux 4.17, including enabling DC for all supported GPUs while now they have sent in a last-minute pull request in aiming to get their newly-published "Vega 12" GPU support into the Linux 4.17 kernel.
Alex Deucher of AMD sent in this last feature pull to DRM-Next for in turn targeting the Linux 4.17 merge window. There are a few b
One day after AMD posted the big patch set providing Vega 12 GPU support for the Linux kernel's AMDGPU driver, a patch has emerged now adding Vega 12 support to the RadeonSI Gallium3D OpenGL driver.
Details are still scarce on the "Vega 12" GPU but is to be some new desktop GPU model and most of the speculation seems to be on it being a successor to the Radeon RX 500 "Polaris" series. An AMD representative already confirmed in our forums yesterday that Vega 12 is not about the Vega GPU found on select Intel CPUs. But for now there isn't much information to pass along and these Linux driver patches do not really reveal any useful information and is mostly leveraging existing Vega/Raven code-paths.
The Blender 2.8 3D modeling software update isn't even reaching beta until likely the second half of this calendar year, but it's going to be a darn exciting update once it finally ships.
The Blender developers have put out a new post highlighting some of the changes currently being worked on for the Blender 2.8 development cycle and there is a lot of significant improvements in store.
The end result of all this work is that we have been able to eliminate the magic side channels which used to proliferate, and lay the groundwork for properly communicating this information across multiple devices as well. Devices supporting ARM's AFBC compression format are just beginning to hit the market, which share a single compression format between video decoder, GPU, and display controller. We are also beginning to see GPUs from different vendors share tiling formats, in order to squeeze the most performance possible from hybrid GPU systems.
Is screen tearing while using Nvidia drivers in Linux driving you nuts? Do you have an Optimus laptop? I believe we may have a solution for you!
I experienced this issue for quite some time before finally finding a fix. This would happen in Ubuntu Mate, Ubuntu and similar distributions where Prime was used as a method to switch between Nvidia and Intel drivers.
Hot off the heels of NVIDIA’s announcement of RTX, a GameWorks ray tracer supported in Volta and later generation GPUs, AMD has announced its own open source Vulkan based real-time ray tracing engine.
Dubbed Radeon Rays, the company’s ray tracing developer suite will now support real-time ray tracing in Radeon Rays 2.0. The new engine is compatible with OpenCL 1.2. Built on Vulkan, Radeon Rays 2.0 leverages the API’s advanced support for asynchronous compute to make real-time ray tracing a reality. AMD is offering Radeon Rays 2.0 for free, the latest version of the SDK can be downloaded directly from GitHub.
When carrying out this week's Windows vs. Linux gaming tests with AMD Radeon and NVIDIA GeForce GPUs on the latest drivers, I also took the opportunity to run some fresh OpenCL benchmarks on Windows and Linux with the competing GPU vendors.
I was particularly interested in running this test given the maturing state of ROCm on Linux for providing a new and modern compute stack... That coming with Linux 4.17+ will even begin to work from a mainline Linux kernel. Albeit for this round of testing was using AMD/GPUOpen's stock ROCm Ubuntu packages for 16.04 LTS as outlined on their GitHub page.
Here are our latest Windows 10 versus Linux benchmarks for the week. This benchmarking dance is looking at the Windows performance compared to Ubuntu, Clear Linux, Fedora, Antergos, and Solus Linux in various workloads. Among the tests this time around were looking at the performance with Go, Java, Perl, Python, FFmpeg, and more.
If you've read my article about how I switched to Linux, then you know that I’m a superuser. I also stated that I’m not an “expert” on anything. That’s still fair to say. But I have learned many helpful things over the last several years, and I'd like to pass these tips along to other new Linux users.
A step by step guide showcasing how to install Raspberry Pi without a keyboard and monitor i.e. headless setup of Raspberry Pi using Linux.
For years Linux has faced a lot of bad press about the lack of good gaming capabilities. While many hard-core Linux enthusiasts have stuck by their beloved system, the reality is that the gaming options in Linux just haven't kept up with the rest of the gaming world. Could that finally be about to change? Is 2018 the year that Linux begins to compete in the games market?
Rogue-like Storytelling means that every decision you make will need to be pondered carefully as any character, even your main one can die permanently. Even this, however, won't stop the game from progressing.
The game uses a blend of turn based strategy and card RPG where the cards drawn will determine how you progress and the strategies you employ. Everything including the character classes has an impact on your battlefield tactics.
Pizza Connection 3 [GOG, Steam], the simulation and management game from Gentlymad Studios and Assemble Entertainment is now out with Linux support.
RUINER [Steam], the brutal action shooter from Reikon Games night finally arrive on Linux in April it seems.
Another Surviving Mars [GOG, Steam] patch is out to keep polishing the game with bug fixes and some minor improvements to make it an even better experience overall.
Eyes on the road racing fans, as F1 2015 is currently going free to grab a permanent copy and F1 2017 has a free weekend with sale.
The RADV Vulkan driver performance on the latest Mesa Git code is already looking quite good compared to the NVIDIA Vulkan Linux performance and even the Vulkan driver on Radeon Software under Windows. But the game is not over for the never-ending process of tuning the driver for optimal performance.
Crytek last year announced they would release the source code to their Sandbox editor; that goal has now been realized.
CRYENGINE Sandbox is their editor for games/assets for software making use of this Crytek game engine. Sandbox was previously closed-source but now it's been opened up in full, including its Qt user-interface components.
Always on the look-out for new games, today I came across Algo Bot [Steam]. A story-based puzzle game where you're trying to contain a crisis on a colonization ship. It looks like quite a treat for fans of puzzle games, especially since it pulls in aspects of programming.
A rather exciting update to Rocket League [Steam] is on the way, giving you the ability to run your own tournaments.
Probably one of the most entertaining Early Access games around, Streets of Rogue [Steam] is now even better with Alpha 47 adding in more disasters.
Clicker games are strange, I've never really been into them and then Lazy Galaxy [Steam] came along to make me think again.
Robocraft Royale [Steam], a new Battle Royale game from Freejam (the makers of Robocraft) may see Linux support if all goes well.
Thanks to its stability, performance, feature set and a loyal following, the K Desktop Environment (KDE) won Best Desktop Environment in this year's Linux Journal Readers' Choice Awards.
Following my last blog about Krafts upcoming release 0.80 I got a lot of positive reactions.
There was one reaction however, that puzzles me a bit and I want to share my thoughts here. It is about a comment about my announcement that I prefer to continue to develop Kraft on Github. The commenter reminded my friendly that there is still Kraft code on KDE infrastructure, and that switching to a different repository might waste peoples time when they work with the KDE repo.
That is a fair statement, of course I don’t want to waste peoples time. What sounds a bit strange to me is the second paragraph, that says that if I decide to stay with Github, I should let KDE people know that I wish Kraft to not be a KDE project anymore.
But … I never felt that Kraft should not be a KDE project any more.
I’m pleased to announce a new release of GTK-VNC, version 0.7.2. The release focus is on bug fixing, and addresses an important regression in TLS handling from the previous release.
Ubuntu users have discovered a memory leak in GNOME shell 3.26.2. According to Fossbytes, "Things as normal as opening the overview, minimizing to dock, switching windows, etc. are enough to trigger the memory leak. It grows over time only to interfere with the users' day to day activities." For more info, see the bug report.
The integration of the Plasma 5 desktop in Neptune is smooth and smart. I have not liked much of the Plasma development as it exists in other distros.
However, in this one the Plasma 5 desktop environment is an inviting alternative to my two favorite choices -- Cinnamon and Xfce. This latest Neptune release offers a computing environment that sits comfortably between both of those desktop options.
One notable weakness: If I ever wanted to play any computer games, I would be disappointed with the few meager choices in Neptune's game menu. It offers only GNUDoQ, KBreakout, KMarjongg and KMines. What, not even a solitaire game? Come on!
Zentyal Development Team is proud to announce Zentyal Server 5.1, a new release of the Zentyal Linux Small Business Server. Zentyal Server 5.1 is based on the latest Ubuntu 16.04.4 LTS and comes with the most recent versions of all the integrated software.
With the release of Fedora 27, the Fedora 28 release schedule is falling into place. As of now, the current Fedora 28 release schedule is as follows.
It's time for the Fedora 28 release dance and to place your bets if F28 will be released on time or is another Fedora release challenged by release delays.
Fedora 28 Beta had been due for release next week but has now been set by its first delay. Fortunately, a buffer was already built into the release schedule so for now is not impacting the final release of Fedora 28 due out in May.
Release status of the Fedora 28 Beta is NO-GO. Due to missing RC for the F28 Beta release and presence of blocker bugs, the decision is “No Go”. The Beta release slips for one week to “Target #1” date (April 3rd). We are not going to slip the Final GA yet.
I have a dozen or so movies on VHS that we still watch. To be honest, I'm not that concerned about the commercial movies; those are easy enough to replace. But what about our home movies? My high school cross country team videos and my wife's marching band videos, among others—you won't find those on Netflix anytime soon. So I decided it was time to get serious about something I'd been meaning to do for a long time: Digitize my VHS tapes.
In this article, I'll describe how I set up my Fedora desktop to convert my VHS tapes into 1s and 0s. Previously, Don Watkins described a different setup for VHS conversion.
My Outreachy internship with Debian is over. I'm still going to write an article about it, to let everyone know what I worked on towards the ending, but I simply didn't have the time yet to sit down and compile all the information.
You’re gawping at the brand new Ubuntu 18.04 default wallpaper.
Yes, seriously!
The new background image will make its appearance of tens of millions of desktops with the Ubuntu 18.04 release on April 26, 2018.
Like the Ubuntu 17.10 ‘Artful Aardvark’ background new wallpaper incorprates the release mascot (which for this release is a ‘Bionic Beaver’) and is drawn using a geometric-come-origami style.
Now that Linux is the preferred development platform for developers visiting Stack Overflow, the need for running the latest versions of your favorite programming languages, frameworks and development environments has become more and more important, and Canonical's Snappy technologies are the answer.
NodeSource, the organization behind Node.js, announced today they made a Snap package to allow Linux developers to more easily install the popular JavaScript runtime environment on their operating systems. Snap is a containerized, universal binary package format developed by Canonical for Ubuntu Linux.
Industrial PC maker Logic Supply has been offering small fanless computers for years, but the company says its new CL200 series PCs are its smallest to date.
Powered by an Intel Celeron N3350 dual-core processor, the little computer measures just 4.6ââ¬Â³ x 3.3ââ¬Â³ x 1.3ââ¬Â³, making it smaller than a typical Intel NUC computer.
Logic Supply has today unveiled two new additions to their range of small form factor computer systems announcing the launch of the Logic Supply CL200, designed for Internet of things projects and applications and offering users connectivity via Wi-Fi, Bluetooth and 4G. The CL200 mini PC systems will be available to purchase during Spring 2018 an offer one mini DisplayPort capable of 1080p or 4K resolution, one Gigabit LAN port, and 2 x USB 3.0.
Global computer hardware manufacturer Logic Supply has unveiled their CL200 computer, built to power innovation at the network’s edge. Surrounded by a cast aluminum enclosure, and configurable with Wi-Fi, Bluetooth and 4G connectivity, the CL200 has been engineered to bring reliability to the Internet of Things.
Global computer hardware manufacturer Logic Supply (www.logicsupply.com) has unveiled their CL200 Ultra Small Form Factor computer (www.logicsupply.com/cl200), built to power innovation at the network's edge. Surrounded by an ultra-durable cast aluminum enclosure, and configurable with Wi-Fi, Bluetooth and 4G connectivity, the CL200 has been engineered to bring reliability to the Internet of Things.
"IoT and Edge projects require flexibility, connectivity and dependability," said Logic Supply Director of Engineering Michael Kleiner. "The CL200 is our smallest fanless system ever, and represents the nextgeneration of IoT computing by combining connection flexibility and efficient performance in an affordable, highly-reliable platform."
If you're a Mintbox Mini user, you should know that Mintbox Mini 2 is currently in the works and it's coming this summer. It will be based on the Compulab Fitlet2 tiny computer, which suggests that Compulab is once again behind the production of the Mintbox Mini PCs, and will have better specifications and more features.
Compared to the first generation Mintbox Mini, Mintbox Mini 2 features dual-band antennas, two USB 3.0 ports, a microSD slot, audio and micro jacks, and a Kensington lock that's now available on the right side. Two programmable LEDs are present as well in the front, and the unit is as silent as you'd want it to be.
The Mintbox Mini 2 is a fanless computer that measures 4.4ââ¬Â³ x 3.3ââ¬Â³ x 1.3ââ¬Â³ and weighs about 12 ounces. It’s powered by a 10W Intel Celeron J3455 quad-core processor.
While replacing Windows 10 with a Linux-based operating system is a fairly easy exercise, it shouldn’t be necessary. Look, if you want a computer running Linux, you should be able to buy that. Thankfully you can, as companies like System76 and Dell sell laptops and desktops with Ubuntu or Ubuntu-based operating systems.
Another option? Buy a Mintbox! This is a diminutive desktop running Linux Mint — an Ubuntu-based OS. Today, the newest such variant — The Mintbox Mini 2 — makes an appearance. While the new model has several new aspects, the most significant is that the Linux Mint Team has switched from AMD to Intel (the original Mini used an A4-Micro 6400T).
Earlier this week, the Raspberry Pi 3 Model B+ SBC touched down with the refreshing lack of hype and hoopla typical of Raspberry Pi product introductions. The modest launch may also be a tacit admission that this upgrade to the insanely popular Raspberry Pi 3 Model B checks off only one major wish-list item: the upgrade from 10/100 to 10/100/1000Mbps Ethernet. There’s still only 1GB of RAM, and there’s still no eMMC storage, let alone SATA, mini-PCIe, or M.2 expansion.
UniPi’s “Axon” line of 13 DIN-rail PLC systems for smart home and building automation run Linux on an Allwinner H5, and offer GbE, WiFi, BT, and varying configurations of DIDO, analog I/O, relays, and serial I/O.
UniPi launched its flagship, Linux-based UniPi building automation add-on board for the Raspberry Pi Model B on Indiegogo back in 2014, and followed up with a more advanced Neuron PLC (Programmable Logic Controller) that integrated a Raspberry Pi 3. This week, UniPi left the Pi behind to launch a UniPi Axon line of 13 PLC computers that run Linux on a quad-core, Cortex-A53 Allwinner H5 SoC.
Artila’s “M-X6ULL” COM runs Linux 4.14 with the PREEMPT_RT patch on an 800MHz i.MX6 ULL, and offers dual LAN controllers, 4GB eMMC or an optional microSD slot, and an optional carrier board.
The M-X6ULL, which follows other Artila i.MX based modules such as the i.MX537 based M-5360A, measures only 68 x 43mm. Still, that’s hardly a record for modules featuring NXP’s Linux-driven, power-sipping i.MX6 ULL. MYIR’s MYC-Y6ULX measures 39 x 37mm.
Avnet has launched its open-spec Ultra96 96Boards CE SBC for $249, featuring a Zynq UltraScale+ ARM/FPGA SoC, WiFi, BT, 4x USB, a mini-DisplayPort, and support for Linaro’s 96Boards.ai.
Avnet’s Ultra96 (AES-ULTRA96-G) was unveiled earlier this week as part of Linaro’s joint announcement of its 96Boards.ai program for unleashing the potential of artificial intelligence technology on selected Arm SoCs. Now this Zynq UltraScale+ based, 96Boards CE standard (85 x 54mm) SBC is available for pre-order at $249 with shipments starting in May.
Yesterday in our Raspberry Pi 3 Model B+ benchmarks we looked at the faster Cortex-A53 CPU cores of this new $35 USD ARM SBC as well as its much faster Ethernet and better thermal management over earlier Raspberry Pi boards. The other area improved with the Raspberry Pi 3 B+ is the WiFi/WLAN wireless networking, which is what we have benchmarks of today.
So, we find ourselves in a situation where the compiler is doing the right thing for the code it is generating, but it also notices when the programmer has chosen to do what is now the wrong thing. We must therefore track down these instructions and offer a supported alternative. Previously, we introduced a special configuration setting that might be used to indicate to the compiler when to choose these alternative sequences of instructions: CPU_MIPS32_R1. This gets expanded to CONFIG_CPU_MIPS32_R1 by the build system and it is this identifier that gets used in the program code.
At NPE2018, SISE presents its new generation of multi-zone controllers (MV3). Soon, these controllers will be able to control as many as 336 zones. They are available in five sizes (XS, S, M, L and XL) with three available power cards (2.5 A, 15 A and 30 A). They are adaptable to the packaging, automotive, cosmetics, medical and technical-parts markets.
With a few simple tips, you can make your Android smartphone life better. These are some of my favorite ways to block spam, stop unwanted calls from annoying me, and keep an eye on just how much data I'm really using.
Today Los Alamos National Laboratory released new open source software called the Grand Unified File Index. GUFI is designed using a new, heirarchical approach to storing file metada, allowing rapid parallel searches across many internal databases. Queries that would previously have taken hours or days can now be run in seconds.
If the idea of transparency in software strikes fear in your heart, good luck trying to avoid it. The State of Open Source Security 2017 cited that 80-90 percent of all commercial software developers use open source components within their applications. Usi says that a lot of the products on the market today — such as ARRIS, a common cable modem — use open source modules within their programs to some degree, even those with products labeled as proprietary. Also consider the Equifax breach of 2017, which resulted in millions of sensitive records being exposed through the exploitation of a vulnerability in an open source component of the company’s database.
“The bad mojo with open source comes from the thinking that ‘If it’s open, it must be dangerous,’” Usi says.
At Kubecon in Austin, TX attended by over 4000 engineers, Craig McLuckie delivered a keynote on the Kubernetes journey.
InfoQ caught up with Craig McLuckie, one of the original founders of the Kubernetes project and CEO of Heptio.
The SRT Open Source Project, the fastest growing open source video streaming movement, continues in its mission to make SRT the de facto standard for low latency video streaming
A few of the big trends in technology these last few years have been AI and machine learning. The software is getting smarter and developers have access to some awesome tools. That doesn’t mean all developers have embraced the trends. Digital Ocean, a U.S.-based cloud infrastructure provider, has released their quarterly report on developer trends. The report covers everything from AI to net neutrality to open source.
AI and machine learning are popular but not widely used. The report found 74% of developers are not using AI or ML tools in their workflow, but 81% want to learn more about them. Google TensorFlow (17%) is the most popular choice among those who are using AI and machine learning. 46% of developers are most excited about advancements in automated machine learning.
There is alot of new tech already in motion this year - most of which was birthed into the industry years ago, though it's just now creeping into our daily thoughts as developers. So what do you think about, or should you be thinking about?
Cloud provider DigitalOcean has released a new survey on software developer trends and technologies. The survey had almost 6,000 respondents, with over half self-identified as developers.
ZTE has unveiled an end-to-end container networking solution for open-source NFV, which it hopes will promote the development of cloud native technology and the open source ecosystem. The vendor says operators need the ability to quickly adapt to changing network demands with low cost solutions while maintaining continuous innovation. As such, it believes that containers are the best carrier for NFV transformation.
ZTE says that container-based cloud native applications will become the trend for communications technology applications. However, the native Kubernetes network model used in the IT industry is too simple to meet telco service requirements.
Inspur, a member of the OpenPOWER Foundation, showcased its FP5280G2 server based on OpenPOWER9 that has completed the adaptation of mainstream open source software for cloud computing, big data and AI. It was the first time that this product was introduced in North America. As the initiator of the OpenPOWER Foundation, IBM disclosed more details of POWER9 processors: designed for emerging applications such as AI, cloud computing, and big data, and has 50% to 200% performance improvement compared to POWER8.
New technology companies and open source platforms may emerge to provide competition to incumbent information technology (IT) companies, management consulting firm Bain & Co has said.
This may not augur well for the $167-billion Indian IT-business process management (BPM) industry, which accounts for 55% of the global outsourcing market and has been a predominant supplier of software implementation and maintenance to global businesses at a time when the local players are gearing up to embrace digital faster owing to changing client demand.
The Indian technology service sector includes companies such as TCS, Infosys, Cognizant, Wipro, IBM, Accenture and HCL Technologies.
There are benefits to open-source software. A company might want to take advantage of a certain innovation right away without a fee attached or not want to be locked into a contract with another technology company.
When developers get comfortable with something new, such as blockchain, they’ll often start by using an open-source version. Many publishers flocked to Prebid.org’s open-source header bidder, for example, to have more control over programmatic demand.
Telefónica has kicked off a process to select an integrator of the Open Source MANO (OSM) platform and says it will carry out a "request for quotation" (RFQ) to make a final decision on a supplier in the second half of 2018.
For all the fans out there of the Rust programming language and/or micro-kernels, a new version of Redox OS is now available, the Rust-written from-scratch OS.
As the first release since last October's Redox OS 0.3.4, the Redox OS 0.3.5 release is now available. This update is quite prominent for introducing a new network stack for the operating system as well as bettering the security, adding a new web browser, ACPI power improvements, and more.
Share your knowledge and expertise by speaking at Open Source Summit North America, August 29-31 in Vancouver BC. Proposals are being accepted through April 29th.
As the leading technical conference for professional open source, Open Source Summit gathers developers, sysadmins, DevOps professionals, architects and community members from across the globe for education and collaboration across the ecosystem.
DevConf.cz is a popular annual conference held annually in Brno. This year, DevConf is expanding with the inaugural DevConf.us being held in Boston, USA this coming August. DevConf.us is an annual, free, Red Hat sponsored community conference. It is targeted at developers, system administrators, DevOps engineers, testers, documentation writers and other contributors to open source technologies.
Using these reports, we have managed to remove a good amount of code from mozilla-central, so far around 60 files with thousands of lines of code. We are confident that there’s even more code that we could remove or conditionally compile only if needed.
As any modern software, Firefox relies a lot on third party libraries. Currently, most (all?) the content of these libraries is built by default. For example,~400 files are untested in the gfx/skia/ directory).
One of Mozilla’s top priorities is to keep our users safe; this commitment is written into our mission. As soon as we discover a critical issue in Firefox, we plan a rapid mitigation. This post will describe how we fixed a Pwn2Own exploit discovery in less than 22 hours, through the collaborative and well-coordinated efforts of a global cross-functional team of release and QA engineers, security experts, and other stakeholders.
Pwn2Own is an annual computer hacking contest. The goal of this event is to find security vulnerabilities in major software such as browsers. Last week, this event took place in Vancouver. Without getting into technical details of the exploit here, this blog post will describe how Mozilla responded quickly to ship updated builds of Firefox once an exploit was found during Pwn2Own.
I presented today in Berlin at the Goethe Institute’s Startklar?! event. I went after a keynote (in German) by Cathleen Berger, Mozilla’s Global Engagement Lead. My time at Mozilla didn’t overlap with hers, but the subjects covered in our presentations certainly did!
It was good to see Cathleen reference the Web Literacy Map, work that I led from 2012 to 2015 at Mozilla. She also referenced the recent Cambridge Analytica revelations and the DQ Institute.
Mozilla is accepting applications for its 2018–2019 Internet Fellowships: "Mozilla Fellows are technologists, activists, and policy experts building a more humane digital world." Apply here. Applications are due April 20, 2018 at 5pm EDT.
They're both databases, obviously. More importantly, they are both examples of NoSQL databases. NoSQL is a type of database architecture in which data is stored in a relatively unstructured fashion. Compared to more traditional SQL-style databases, NoSQL can be a more efficient way of storing the large quantities of unstructured data that organizations commonly use for big data operations.
MongoDB and Cassandra are also both open source -- although commercial implementations are available, too. But even in that respect, they are not identical. MongoDB is governed by GNU Affero General Public License 3.0, whereas Cassandra is subject to Apache License 2.0.
DDoS attacks aren't the only threat the channel needs to worry about when it comes to securing the Internet of Things (IoT). According to WatchGuard Technologies, attacks on Linux devices are on the rise this year.
We are very happy and proud to announce that Red Cross, Cruz Roja Mexicana has implemented GNU Health in Mexico.
Too often, I hear it said that the MIT License has no patent license, or that it has merely some possibility of an "implied" patent license. If the MIT License was sensitive, it might develop an inferiority complex in light of the constant praise heaped on its younger sibling, the Apache License, which conventional wisdom says has a "real" patent license.
Reading through student proposals for Google Summer of Code yesterday, I took a break from sitting in front of a keyboard to get some gardening done. We've had a few windstorms since I last raked, and with spring beginning, a few weeds have been popping up as well.
One of the issues I've been reminding almost every student about is unit testing. The other is documentation. These are practices which are seen as not fun, not creative.
Raking isn't seen as fun or creative either! Nor is hunting and digging the wily dandelion. But I rake away the dead branches and fir cones, and snag those dandelions because later in the season, my healthy vegetables and beautiful flowers not only flourish without weeds, but look better without litter around them. In addition, we chop up the branches and cones, and use that as mulch, which saves water and keeps down weeds. The dandelions go into the compost pile and rot into richer soil to help transplants be healthy. In other words, the work I do now pays off in the future.
In the wake of a Tempe, Arizona woman being struck and killed by an Uber autonomous vehicle, there has been a flurry of information coming out about the incident. Despite that death being one of eleven in the Phoenix area alone, and the only one involving an AV, the headlines were far closer to the "Killer Car Kills Woman" sort than they should have been. Shortly after the crash, the Tempe Police Chief went on the record suggesting that the victim had at least some culpability in the incident, having walked outside of the designated crosswalk and that the entire thing would have been difficult for either human or AI to avoid.
As many of us in the DevOps scene know, most companies are hiring, or, at least, trying to do so. The required skills and job descriptions can change entirely from company to company. As a broad overview, most teams are looking for a candidate from either an operations and infrastructure background or someone from a software engineering and development background, then combined with key skills relating to continuous integration, configuration management, continuous delivery/deployment, and cloud infrastructure. Currently in high-demand is knowledge of container orchestration.
You know that already, of course. I keep wondering whether we've hit "peak hype" for blockchain and related technologies yet, but so far there's no sign of it. When I'm talking about blockchain here, I'm including distributed ledger technologies (DLTs), which are, by some tight definitions of the term, not really blockchains at all. I'm particularly interested, from a professional point of view, in permissioned blockchains. You can read more about how that's defined in my article Is blockchain a security topic? The key point here is that I'm interested in business applications of blockchain beyond cryptocurrency.
The workshop claimed that the way we structure our classrooms is in conflict with how boys are hard-wired to behave, therefore hampering boys’ success. By contrast, the trainers said, girls are innately programmed to do well in our classrooms.
The instructors encouraged us to create gender-specific environments and lessons. Face-to-face seating is appropriate for girls but will promote conflict in boys; bright lights and strong teacher voices facilitate male learning but will elicit a stress response in females; boys learn best through competitive, dynamic games, but girls flourish in a more collaborative setting. They claimed our classroom structure was the primary cause of behavioral and scholastic problems among male students, and this could be remedied by adjusting our academic climate to be more beneficial to boys.
Going back to early 1995, I was working for Los Alamos National Labs as a contractor systems administrator. I didn't have a security clearance so could not work 'behind the fence' as they said. Instead, I worked with a large number of similarly uncleared post-docs, graduate students, and college interns in a strip mall converted into offices. The offices ran from nearly one end of the strip mall to the other with a large selection of Unix, PC, and Mac systems spread through the building connected together with 10base2 (or thin-wire). To make things even more fun, most of the systems were disk-less SunOS Sparc ELC/SLC and IPC systems booting off a Sparc 10 which had 64 MB of RAM and I think 2 2 GB disk drives.
The first problem I had to deal with was my most of the systems would crash at different times during the day. I got a Digital network book my Dad had given me, and learned about common problems with networking as this was not something I had dealt with before. I found that the local network was connected to a T1 which ran back to the main campus about 2 miles away. The T1 went to a hub which had 7 thin-wire lines running out of it. That seemed fine until I traced the thin-wire out. I was worried there were bad connectors (there were) or kinks in the line (there were) but the real problem was that out of the 7 thin-wire lines 3 were used. Most of the systems were on one line. 2 (my desktop and the Sparc 10) were on another one, and the Next and SGI's were on the third. The other lines were just laying under the carpets not used. I met with my new boss Dale, and showed him what I had found. I learned a lot from Dale. He got me a copy of the Unix System Administrators Handbook and told me to start reading it on networks.
Remember Memcached servers? Now, we have another case of servers exposed online and fulfilling evil intentions of the hackers. This time, thousands of etcd servers maintained by corporates and organizations are spitting sensitive passwords and encrypted keys, allowing anyone to get access to important data.
Security researcher Giovanni Collazo was able to harvest 8781 passwords, 650 AWS access keys, 23 secret keys, and 8 private keys.
From an application security perspective databases are the most valuable parts of our systems. They store the data that gives value to our apps and companies. This data which has been entrusted to us by our users should be kept safe and away of the hands of criminals.
Thousands of servers operated by businesses and other organizations are openly sharing credentials that may allow anyone on the Internet to log in and read or modify potentially sensitive data stored online.
In a blog post published late last week, researcher Giovanni Collazo said a quick query on the Shodan search engine returned almost 2,300 Internet-exposed servers running etcd, a type of database that computing clusters and other types of networks use to store and distribute passwords and configuration settings needed by various servers and applications. etcd comes with a programming interface that responds to simple queries that by default return administrative login credentials without first requiring authentication. The passwords, encryption keys, and other forms of credentials are used to access MySQL and PostgreSQL databases, content management systems, and other types of production servers.
The United States has for years undermined the Venezuelan economy with economic sanctions, but US media coverage of Venezuela’s financial crisis has gone out of its way to obscure this.
The intent of the sanctions is clear: to inflict maximum pain on Venezuela so as to encourage the people of the country to overthrow the democratically elected government. SUNY professor Gabriel Hetland (The Nation, 8/17/16) pointed out in 2016 that the Obama government “prevented Venezuela from obtaining much-needed foreign financing and investment.” Such policies, Hetland notes,
Shireen Al-Adeimi is a doctoral candidate at Harvard University. But she is having a hard time focusing on her studies, when friends and family back home in Yemen are under violent attack by the heavily armed, US-backed Saudi forces, with many going hungry as a result of the Saudi blockade.
Al-Adeimi said on Tuesday, March 20, “This month marks the third anniversary of the U.S.-backed, Saudi-led war on Yemen. Despite the dire humanitarian crisis, however, the United States continues to sell arms to the Saudis and provide them with military support.”
On Tuesday, President Trump met with Saudi Arabia’s Crown Prince Mohammed bin Salman at the White House, where the two leaders finalized a $12.5 billion weapons deal. This comes less than a year after Trump announced a $110 billion arms deal with the Saudis. During the meeting, Trump held up posters of recent Saudi weapon purchases from the United States and said, “We make the best equipment in the world.” Human rights groups warn the massive arms deal may make the United States complicit in war crimes committed in the Saudi-led bombing campaign in Yemen. We speak with Al Jazeera’s Mehdi Hasan and Medea Benjamin of CodePink.
On Sunday, to nobody’s surprise, Vladimir Putin won another six years of Russia’s presidency. Russian political punk group Pussy Riot, of course, were waiting for the predictable victory with a fierce response.
They released a new song (video above) titled Elections to show their defiance to Putin’s 18 years of power. The grimy hop-hop song’s lyrics, translated from Russian, directly state, “Six years we’re gonna fight, we’re not gonna obey during his term.”
Evidence submitted by the British government in court today proves, beyond any doubt, that Boris Johnson has been point blank lying about the degree of certainty Porton Down scientists have about the Skripals being poisoned with a Russian “novichok” agent.
[...]
I knew and had published from my own whistleblowers that this is a lie. Until now I could not prove it. But today I can absolutely prove it, due to the judgement at the High Court case which gave permission for new blood samples to be taken from the Skripals for use by the OPCW. Justice Williams included in his judgement a summary of the evidence which tells us, directly for the first time, what Porton Down have actually said:
Corporate media didn’t make too much of the 15th anniversary of the US invasion of Iraq, and perhaps it’s just as well, as they’d’ve likely used the occasion to reinforce their favored idea: that the spectacularly devastating invasion was due preeminently to popularly shared miscalculations, on which they reported, rather than a campaign of demonization and deceit in which they participated.
Seth was shot to death about a block from where he lived in the Bloomingdale neighborhood of Washington, DC, on July 10, 2016. Police never found the killer. His parents, Joel and Mary Rich, have been besieged since his death by conspiracy theorists, alt-rightists, and Trump supporters — some representing the very heights of right-wing media — who were convinced that Seth’s murder was somehow orchestrated by Hillary Clinton and the Democratic Party in a byzantine scheme involving WikiLeaks and the Russia investigation.
[...]
The Riches aren’t just trying to stop the conspiracy theories about their family — they’re trying to prevent conspiracy theories from taking root in the first place, ever again. And by challenging the very process by which their son’s life became material for conspiracy theorists and bad-faith actors, they might be able to get some peace.
Ocean plastic can persist in sea surface waters, eventually accumulating in remote areas of the world’s oceans. Here we characterise and quantify a major ocean plastic accumulation zone formed in subtropical waters between California and Hawaii: The Great Pacific Garbage Patch (GPGP). Our model, calibrated with data from multi-vessel and aircraft surveys, predicted at least 79 (45–129) thousand tonnes of ocean plastic are floating inside an area of 1.6 million km2; a figure four to sixteen times higher than previously reported. We explain this difference through the use of more robust methods to quantify larger debris. Over three-quarters of the GPGP mass was carried by debris larger than 5ââ¬â°cm and at least 46% was comprised of fishing nets. Microplastics accounted for 8% of the total mass but 94% of the estimated 1.8 (1.1–3.6) trillion pieces floating in the area. Plastic collected during our study has specific characteristics such as small surface-to-volume ratio, indicating that only certain types of debris have the capacity to persist and accumulate at the surface of the GPGP. Finally, our results suggest that ocean plastic pollution within the GPGP is increasing exponentially and at a faster rate than in surrounding waters.
Rescuers faced a race against time to save dozens of short-finned pilot whales on Friday after more than 150 got stranded on an Australian beach.
More than half of the beached whales had died, said Jeremy Chick, incident controller at Western Australia's conservation department.
Authorities and volunteers were trying to save about 50 still alive on the beach and a further 25 in shallow waters.
Warren Buffett, the most successful investor of our time, is a huge fan of low-cost index funds — funds that replicate a market index rather than try to outperform it — as the way for the average investor to succeed in the stock market. “By periodically investing in an index fund … the know-nothing investor can actually outperform most investment professionals,” he wrote in his 1993 letter to shareholders of his Berkshire Hathaway conglomerate. “Paradoxically, when ‘dumb’ money acknowledges its limitations, it ceases to be dumb.”
He returned to the subject in this 2016 letter, writing, “Both large and small investors should stick with low-cost index funds.” And in his newest shareholder letter, Buffett said that one reason he made a widely publicized bet (which he has now won) that a low-cost Vanguard index fund would outperform a group of hedge funds over a 10-year period was “to publicize my conviction that my pick — a virtually cost-free investment in an unmanaged S&P 500 index fund — would, over time, deliver better results than those achieved by most investment professionals, however well regarded and incentivized those ‘helpers’ may be.”
Given Buffett’s praise of index funds — specifically, those with low fees — you’d think that all the employees at Berkshire Hathaway companies would get to practice what the boss preaches by being able to invest their 401(k) money in such funds.
Perhaps surprisingly for a former UN ambassador and State Department official, John Bolton thinks more often than not that military action, not diplomacy, is the answer.
President Donald Trump announced on Thursday that he was replacing his national security adviser, Army Lt. Gen. H.R. McMaster, with Bolton, who in recent years has been more known as a Fox News analyst,
A prolific commentator, Bolton’s views on a broad range of issues have been well documented over the years. He has delivered a steady stream of commentary as a constant fixture on Fox News and in many newspapers’ op-ed pages.
Many lawmakers and former officials have long expressed alarm about Bolton, who Trump spoke of appointing to a top post before he had even won the presidency.
“No man is more out of touch with the situation in the Middle East or more dangerous to our national security than Bolton,” Sen. Rand Paul wrote in an op-ed days after Trump’s election.
Here are some of his views.
Just as the Supreme Court is considering the legality of extraterritorial demands for communications held by US internet service providers in overseas data storage, Congress is doing all it can to short-circuit the debate. Tucked away towards the back of a 2,200-page spending bill is something called the "Clarifying Lawful Overseas Use of Data Act" or (of course) "CLOUD Act." (h/t Steve Vladeck)
The CLOUD Act [PDF - starting at p. 2201] would make any decision by the Supreme Court extraneous. If it agrees with Microsoft -- as lower courts have -- that the US has no right to demand communications stored overseas with a normal warrant, the Act would immediately overturn the decision. If it decides against Microsoft, it will be aligned with the new law. As it stands now, the route most likely to be taken by the Supreme Court is a punt. Legislation on point is in play and the Court will probably be more than happy to let legislators make the final call.
Beyond the obvious problem of giving US law enforcement permission to use regular warrants to bypass mutual assistance treaties, the law also allows for reciprocation. We can't go around waving SCA (Stored Communications Act) warrants in foreign lands without expecting pushback from locals. So, we'll have to give foreign countries the same privileges, even if the criminal charges being investigated wouldn't be considered criminal acts in this country and the country enjoying this reciprocation doesn't care much about its own citizens' rights and privacy.
Democracy is dying. As we convene to remember the 15th year anniversary of the Iraq War, the fundamental lesson of that war is that our democratic norms are at grave risk when judges and courts fail to hold government leaders accountable for a patently illegal war.
How many people have been killed in America’s post-9/11 wars? I have been researching and writing about that question since soon after the U.S. launched these wars, which it has tried to justify as a response to terrorist crimes that killed 2,996 people in the U.S. on September 11th 2001.
I like chatting with the neighbors in line at my polling place, which is a hallway in the middle school both my sons attended. I’m excited to pick up my ballot from the same eye-patched man who has been handing it to me ever since I moved to Oak Park almost 20 years ago. And I never walk out without picking up an “I Voted” sticker and proudly affixing it to my jacket.
Voting gives me a voice in the community I deeply care about, occasionally even allowing me to help elect people I know, a local camping-group mom or hockey-team dad running for office. Also, as a naturalized citizen, this small, fundamental act has come to embody for me the privilege and responsibility of living in our democracy.
In the first days of January, a meme spread through Iran. The image featured Telecommunications Minister Mohammad Jahromi drop-kicking the logos of Tor, an encrypted proxy network, and several social media platforms—a reference to the Iranian government's ban of the messaging service Telegram in response to protests in late December.
On January 4, the meme ended up on the front page of Ghanoon, a newspaper aligned with the country's liberal Reformist movement. The same day, Jahromi reposted it on his Instagram account along with the caption: "The National Security Council—which the Telecommunications Ministry is not part of—has decided, along with other security measures, to impose temporary restrictions on cyberspace in order to establish peace…instead of addressing the roots of the protests and unrest, some are trying to blame cyberspace."
The American Civil Liberties Union is suing the city of New Orleans over an anti-Donald Trump mural that artist Cashy-D painted on the property of real-estate developer Neal Morris in November 2017. The work features an excerpt from the infamous Access Hollywood tape, a recording of the President bragging to journalist Billy Bush in 2005 about grabbing women’s genitals.
According to the Art Newspaper, the city notified Morris that the work was a zoning violation and that he had to remove it. If he failed to comply, Morris was told that he would face “a maximum fine or jail time for each and every day the violation continues plus court costs.”
YouTube has broadened its restrictions on gun-related videos, while thousands of Americans are mobilizing to demand stricter gun controls Saturday in a mass march spurred by young survivors of a deadly armed attack on a Florida high school last month.
Google’s popular video-hosting site will bar videos that facilitate direct sales of firearms or accessories, and those that contain links to websites where such purchases can be made, YouTube’s revised policy states. Bump stocks and other add-ons that convert guns into automatic-fire weapons are among the accessories covered by the new rules.
As Spain continues to expand its (anti-)speech laws, the rights of its citizens continue to contract. Not content with making it illegal to insult a cop or government officials, the Spanish government has decided to tackle hate speech and terrorism with the same ineptitude.
There's no punchline here. People are being arrested and charged with speech having nothing to with promoting hate or terrorism. And this is in addition to people who've found themselves targeted by vindictive public servants for daring to publicly criticize their words or actions.
It's gotten so bad Amnesty International -- an entity that usually spends its time decrying the acts of dictators and brutal authoritarians -- has felt compelled to speak up about Spain's terrible speech laws. Mathew Ingram has more details at Columbia Journalism Review.
This is interesting on multiple levels, since the moral panic against online sites that eventually resulted in SESTA actually did start with Craiglist nearly a decade ago, with various state Attorneys General ganging up on the company -- despite no legal basis -- even threatening criminal charges. Because of all that, Craigslist eventually shut down its "adult" section, which was really what pushed Backpage into the spotlight.
And, as we noted last fall, a recent study showed that when Craigslist shut down its adult section, there was a dramatic increase in homicide, which many attributed to sex workers being unable to use the website to screen clients and protect themselves.
But, either way, the site dropped its adult section entirely all the way back in 2010. And, yet, now it realized it must shut its entire personals section, or potentially face crippling criminal liability. Remember how all the SESTA supporters insisted that SESTA would only target those willfully supporting sex trafficking and wouldn't do anything against other sites? That's already been proven wrong.
But Saleh, a student journalist at The Young Women’s Leadership School of Astoria, an all-girls school in Queens, New York, would be frustrated four days later when the school’s principal noticed the story on the wall, and removed it.
Students in high schools across the United States are having journalistic articles removed or suppressed by their schools, while school officials try to appease parents’ concerns and maintain order by limiting negative or inappropriate press.
After of lobbying from students and teachers, a bill to prevent school administrators from censoring the work of student journalists has became law.
Gov. Jay Inslee signed Senate Bill 5064 Wednesday in front of a group of students, teachers and school administrators in Olympia. The new law, which goes into effect this June, makes Washington the last state on the West Coast to pass an "anti-Hazelwood law," a reference to a 1988 U.S. Supreme Court ruling that made it legal for school administrators to censor content in school newspapers and other student-run media.
Chinese citizens, living under tight censorship control, don’t have too much freedom to crack jokes on the internet. Now, what tiny space they have left for having fun is increasingly being chipped away.
In an “extra urgent” document (link in Chinese) issued yesterday (March 23), the State Administration of Press, Publication, Radio, Film and Television (SAPPRFT), China’s main media-censorship body, banned videos that re-edit content from other works such as classic TV shows and films. According to the body, such videos distort content and take the original videos out of context in order to attract viewers, creating “an extremely bad influence on society.” It also banned trailers and behind-the-scenes videos from unapproved content on all online platforms.
Those are the words of Jim McGovern, representative for Massachusetts and member of the House of Representatives Committee on Rules, when, after 8:00 PM EST on Wednesday, he and his colleagues were handed a 2,232-page bill to review and approve for a floor vote by the next morning.
In the final pages of the bill—meant only to appropriate future government spending—lawmakers snuck in a separate piece of legislation that made no mention of funds, salaries, or budget cuts. Instead, this final, tacked-on piece of legislation will erode privacy protections around the globe.
This bill is the CLOUD Act. It was never reviewed or marked up by any committee in either the House or the Senate. It never received a hearing. It was robbed of a stand-alone floor vote because Congressional leadership decided, behind closed doors, to attach this un-vetted, unrelated data bill to the $1.3 trillion government spending bill. Congress has a professional responsibility to listen to the American people’s concerns, to represent their constituents, and to debate the merits and concerns of this proposal amongst themselves, and this week, they failed.
On Thursday, the House approved the omnibus government spending bill, with the CLOUD Act attached, in a 256-167 vote. The Senate followed up late that night with a 65-32 vote in favor. All the bill requires now is the president’s signature.
[...]
Because of this failure, U.S. and foreign police will have new mechanisms to seize data across the globe. Because of this failure, your private emails, your online chats, your Facebook, Google, Flickr photos, your Snapchat videos, your private lives online, your moments shared digitally between only those you trust, will be open to foreign law enforcement without a warrant and with few restrictions on using and sharing your information. Because of this failure, U.S. laws will be bypassed on U.S. soil.
After the much discussed Cambridge Analytica scandal, Facebook has broken all its ties with the Cambridge University researcher Aleksandr Kogan. In his defense, Kogan has said that he is being scapegoated in the matter and he wasn’t aware that he broke Facebook’s privacy policies.
A newer revelation made by The Guardian suggests that his ties with Facebook weren’t limited to the infamous CA scandal. For a research paper, titled “On wealth and the diversity of friendships: High social class people around the world have fewer international friends,” which was published in 2015, Kogan also received a huge chunk of data from Facebook.
AT&T submitted a $2.55 billion bid for the Regional Infrastructure Services I contract and was selected by NSA for exceeding the requirements in several areas such as technical services, enterprise management services and integration, according to redacted documents released Tuesday by the Government Accountability Office.
The winning AT&T bid for a $3.3 billion classified NSA contract was more expensive, according to redacted legal documents published by GAO this week.
AT&T bid $2.55 billion on a coveted contract to “technically evolve” the National Security Agency’s IT environment, which is an initiative to provide enterprise information technology (IT) services to NSA/CSS and affiliate locations worldwide. DXC Technology bid $1.79 billion.
A few months before Christopher Wylie helped build Cambridge Analytica, and five years before he helped bring it down, the data scientist had already settled on an ambition: “I want to build the NSA’s wet dream,” he told an acquaintance.
That was October 2013, and Wylie, in his early twenties, was gathering massive amounts of personal data as research director for SCL Group, a contractor that did military and political campaign work. He was also trying to raise money for his new startup concept — then called Arg.us — that would ingest users' social media activity and use it to build “psychographic” profiles that marketers could use to identify our personalities and, possibly, influence our behavior.
Cambridge Analytica whistleblower Christopher Wylie reportedly wanted to build a startup that was the “NSA’s wet dream,” according to BuzzFeed News. In documents obtained by the site, Wylie expressed his desire to produce “psychographic” profiles and sell them to marketers so they could use them to “identify our personalities and, possibly, influence our behavior.” At the time he was working for SCL Group—a company that does “military and political campaign work.” When writing about his startup in 2013, Wylie said that the “goal is first to make it an extremely profitable company...Then we will cleanse our souls with other projects, like using the data for good rather than evil. But evil pays more.” Wylie also wrote that he had ambitions to “change the world in a positive way” by creating “one of the world's largest population datasets that could massively revolutionize all kinds of scientific research.” One source told BuzzFeed that Wylie’s failed startup was a “precursor to Cambridge Analytica,” although Wylie’s lawyer said that they were “completely separate entities.”
Alex Stamos, the Facebook executive who plans to leave the company by August amid a backlash over disinformation, has not been one to hold back.
Mr. Stamos, Facebook’s chief information security officer, was often known to push superiors on security matters beyond where they were comfortable, people who have worked with him have said. He once challenged the National Security Agency director to his face, sparred with the media on Twitter and took his former bosses at Yahoo — and more recently at Facebook — to task over security issues.
Fusion GPS has gotten all the headlines. But there was a second, even more powerful and mysterious opposition research and intelligence firm lurking about with significant political and financial links to former Secretary of State Hillary Clinton and her 2016 campaign for president against Donald Trump.
Meet London-based Hakluyt & Co., founded by three former British intelligence operatives in 1995 to provide the kind of otherwise inaccessible research for which select governments and Fortune 500 corporations pay huge sums.
A Channel 4 news undercover investigation revealed that the company’s Eton-educated CEO Alexander Nix offered to use dirty tricks – including the use of bribery and sex workers – to entrap politicians and subvert elections. Much of the media spotlight is now on Cambridge Analytica and their shadowy antics in elections worldwide, including that of Donald Trump. However, Cambridge Analytica is a mere offshoot of Strategic Communication Laboratories (SCL Group) – an organisation with its roots deeply embedded within the British political, military and royal establishment. Indeed, as the Observer article which broke the scandal said “For all intents and purposes, SCL/Cambridge Analytica are one and the same.”
Hold on tight to those memories of all the good things the Internet has brought. SESTA has just passed the Senate, and at this point it's a clear legislative path to undermining Section 230, the law that has enabled all those good things the Internet has offered.
It is not entirely Facebook's fault: opportunists from Hollywood saw it as a chance to weaken the innovation that weakens their antiquated grip over people's creativity. Ill-informed celebrities, who understood absolutely nothing about the cause they professed to advocate for, pressed their bumper-sticker demands that something be done, even though that something is destructive to the very cause the bumper-stickers were for. Willfully ignorant members of Congress then bought into the bumper-sticker rhetoric, despite all the evidence they had about how destructive this law would be to those interests and online speech generally.
Even frequent innovation ally Senator Wyden joined the chorus mounting against the tech industry, lending credence to the idea that when it came to a law that would undermine the Internet, the Internet had it coming.
Another Alabama sheriff has been caught abusing a law that's inexplicably still on the books. Over the course of three years, Etowah County Sheriff Todd Entrekin took home at least $750,000 in funds meant to be used to feed inmates in his jail. Thanks to another bad law, there's no telling how much more than $750,000 Entrekin has pocketed, but he certainly seems to have a lot of disposable income.
A sheriff in Alabama took home as personal profit more than $750,000 that was budgeted to feed jail inmates — and then purchased a $740,000 beach house, a reporter at The Birmingham News found.
And it's perfectly legal in Alabama, according to state law and local officials.
Alabama has a Depression-era law that allows sheriffs to "keep and retain" unspent money from jail food-provision accounts. Sheriffs across the state take excess money as personal income — and, in the event of a shortfall, are personally liable for covering the gap.
In September, Etowah County Sheriff Todd Entrekin and his wife Karen purchased an orange four-bedroom house with an in-ground pool and canal access in an upscale section of Orange Beach for $740,000.
To finance the purchase, Entrekin got a $592,000 mortgage from Peoples Bank of Alabama, according to public real estate records. The home is one of several properties with a total assessed value of more than $1.7 million that the couple own together or separately in Etowah and Baldwin counties.
Monitors are commonly a condition of pre-trial release, or post-conviction supervision, like probation or parole. They are sometimes a strategy to reduce jail and prison populations. Recently, EM’s applications have widened to include juveniles, the elderly, individuals accused or convicted of DUIs or domestic violence, immigrants awaiting legal proceedings, and adults in drug programs.
This increasingly wide use of EM by law enforcement remains relatively unchecked. That’s why EFF, along with over fifty other organizations, has endorsed a set of Guidelines for Respecting the Rights of Individuals on Electronic Monitoring. The Guidelines are a multi-stakeholder effort led by the Center for Media Justice's Challenging E-carceration project to outline the legal and policy considerations that law enforcement’s use of EM raises for monitored individuals’ digital rights and civil liberties.
In another life, I was a teacher. I stood in front of young people, delivering lessons on ethics and morality, as well as math and physics. Now, I am a prisoner. For the past 16 months, I have been locked inside the Geauga County Safety Center in Chardon, Ohio.
“Safety Center” is a strange name for a jail with no outdoor space, where immigrant detainees are kept in windowless rooms. I have not felt fresh air in my lungs or the sun on my face for more than a year. I have not felt safe for years.
My troubles began on Sept. 15, 2014. I was leading a youth seminar in my hometown of Grand-Riviere-du-Nord, Haiti. I was mid-discussion on the problem of corruption in Haitian politics when I named a local government official — Benjamin Ocenjac — as an example of someone who works with gangs to terrorize the population.
That very day, I was attacked by members of “La Meezorequin,” the Shark Bones Army, a well-armed gang that supports Mr. Ocenjac. Men dragged me off my motorcycle and savagely beat me — breaking several bones and leaving me with scars which I bear to this day. They set my motorcycle on fire and threatened to kill me.
[...]
At Geauga, I have seen other asylum-seekers give up and return to countries where they fled danger because the price of seeking safety — imprisonment for months or years on end — was just too high. I am still fighting. The ACLU and partners filed a class action lawsuit on my behalf as well as for more than a thousand other asylum seekers who are currently locked up across the United States. We are suing the Department of Homeland Security for depriving us of due process.
Because this is the way things are now, the country’s secretary of State, Rex Tillerson, was fired via Twitter this week. Tillerson is to be replaced by current CIA Director Mike Pompeo, and Pompeo’s top spot may be taken by the current deputy director, Gina Haspel.
Most people won’t recognize the name, but human rights advocates know Gina Haspel well as chief of base of a secret prison in Thailand, called Cat’s Eye, where a man suspected of being in Al Qaeda was brutally tortured, including being waterboarded 83 times and hung by hooks from the ceiling. Questions are being raised about Haspel’s precise role in the torture, about whether her views have changed. But from a president who has declared support for “a hell of a lot worse than waterboarding,” the nomination of someone deeply involved in the rendition, detention and interrogation programs that shocked the conscience as they violated the law is deeply worrying.
Maha Hilal is the inaugural Michael Ratner fellow at the Institute for Policy Studies and an organizer with Witness Against Torture. She also works with the DC Justice for Muslims Coalition, and is a co-principal Investigator with the Torture Treatment Initiative out of Tulane University’s Traumatology Institute.
Authoritarian governments regulate what their citizens can see online. The U.S. lets tech companies make similar decisions.
We've noted for some time how the broadband industry fights tooth and nail against more accurate broadband availability mapping, since having a better understanding of the broadband industry's competition problem might just result in somebody actually doing something about it. This dysfunction and apathy was most recently illustrated with the FCC's recent release of an "updated" broadband availability map, which all but hallucinates competition, speeds, and overall availability. This map (available here) also omits pricing data at industry behest, resulting in a $300 million pair of rose-colored glasses.
But it's not just the FCC's broadband availability map that's under fire. FCC maps that determine which area get wireless subsidies (more specifically Mobility Fund Phase II (MF II) funding) are also a bad joke for many of the same reasons.
After the first suggested revision of potential treaty articles preventing the misappropriation of genetic resources was sent back to the drawing board this week, the second revision emerged today, for consideration by the World Intellectual Property Organization member states. Separately, a proposal by the committee chair to establish an expert group to meet prior to the next session of the committee meeting was positively received.
Marion Dietterich is the new director of the Global Challenges Division, which includes activities related to broader issues such as health and environment. She comes from the International Federation of Red Cross and Red Crescent Societies, in the Health Department, where she was GAVI CSO Constituency Coordinator. She follows Anatole Krattiger, who retired from the position at the end of last year.
Billy Goat Chip Co. is countersuing the Billy Goat Tavern, the iconic Chicago bar that in December sued the St. Louis potato chip maker over alleged trademark infringement.
In the original suit, Billy Goat IP LLC, the owners of the Billy Goat Tavern, accused Billy Goat Chip Co. of infringing on its trademarks and sought to stop the Billy Goat Chip Co. from using the “Billy Goat” phrase or logo.
Attorneys representing the Billy Goat Chip Co. filed a counterclaim this month arguing the chip maker was actually the first to use the “Billy Goat” mark in connection with packaged retail food and beverage products.
Missing from far too many of the stories we post on trademark bullies is anything amounting to blowback. While it happens on occasion, the reason that trademark bullying works is due to the costs for any sort of defense, nevermind the cost that would be required to actually go on the offense against a bully. Still, that isn't to say that when a trademark bully picks a fight that it cannot sometimes lead to a backfire.
That appears to be the risk Chicago's famous Billy Goat Tavern now faces after it sued Billy Goat Chip Co., given the countersuit and factual response made by the chip company. Billy Goat Tavern filed suit in 2017, alleging that the St. Louis potato chip maker was infringing on its trademark with its name and logo, which uses the silhouette of a rearing billy goat. For what it's worth, the tavern's logo is completely different and features a fully detailed cartoon head of a goat, not a black outline like the chip company.
We were concerned, last month, by the appeals court ruling in the Cox v. BMG case regarding the DMCA's repeat infringer policy rules, though the more I've reread that ruling, I've become less bothered by it. While I'm still concerned about how bad decisions by Cox created potentially bad law, there are enough specifics in the ruling that hopefully will limit the impact to specific circumstances. In particular, whereas Cox was found to not have implemented a "reasonable" termination policy for repeat infringers, the court does acknowledge that the law means that the platforms have wide leeway in determining what their termination policy should be. The real problem for Cox was that it appeared not to actually follow its own policy, and thus did not reasonably implement it.
That was over in the 4th Circuit. Last week, the 9th Circuit ruled on a case where there were also questions about a repeat infringer policy, and the ruling is a clean ruling in defense of platforms determining their own rules for terminating repeat infringers. The case, Ventura Content v. Motherless, involves a porn producer suing a site that allowed user uploads of porn. From the description in the case, Motherless qualifies for the DMCA's safe harbors as a site where the content is submitted by users, and the ruling goes into great detail about the steps that Motherless's sole employee, Joshua Lange, goes through to review content uploaded to the site to make sure it doesn't violate the site's terms (which mostly seem aimed at blocking child porn). Motherless also appears to follow a pretty standard DMCA takedown process. Actually, the site appears to go beyond what is legally required in accepting notices that don't even meet the DMCA notice standard, and removing much of the notified content.