I'm proud to announce that LQ turned 18 today! I’d like to once again thank each and every LQ member for their participation and feedback. While there is always room for improvement, that LQ has remained a friendly and welcoming place for new Linux members despite its size is a testament to the community.
To say that feedback has been absolutely critical to our success is an understatement. As has become tradition, I'd like to use this thread to collect as much feedback as possible about LQ. What are we doing well and where can we improve? Where are we failing? What can we do to ensure long time members remain engaged and willing to help? What can we do to ensure new members feel welcome? What should we be doing differently?
As part of our 18 year anniversary, we'll be randomly selecting 18 posts from this thread and upgrading that member to "Contributing Member" status for one year. Stay tuned, and thanks again for being a member. Together, I think we can make LQ even better.
--jeremy
Windows 7 is already counting its days before Microsoft terminates the extended support cycle for the popular operating system that only receives security updates. Recently, the company pulled official tech support for various product forums including Windows 7.
I heard that Microsoft would be buying GitHub just a couple days before it happened when Carlie Fairchild at Linux Journal told me about it. I replied to the news with a solid, “Get! Out!” Needless to say, I had my doubts. As someone who remembers all too well the “Embrace, extend and extinguish" days of Microsoft, the news of this latest embrace did, however briefly, bring back those old memories. When I was asked what I thought, I answered that the optics were bad.A lot of years have passed since, back in 2001, Steve Ballmer declared Linux to be a cancer. These days, Microsoft loves Linux. It says so right on its website. Two years ago, Steve Ballmer also proclaimed his love for Linux. In 2018, Microsoft has its own distribution that it uses in its Azure cloud. Microsoft includes several different flavors of Linux in its app store (the Windows Subsystem for Linux), all of which can be installed on Windows 10. Microsoft develops for Linux. Heck, Microsoft even contributes to the Linux kernel.
[...]
But let’s, just for a moment, pretend that Microsoft is in fact up to its old "extend, embrace and extinguish" tricks. Open source can and would survive anything Microsoft could throw at it. Linux withstood SCO (backed at the time by Microsoft) in a long legal battle, and all of Microsoft’s best attempts to frame it as dangerous, not up to the job, unreliable and a cancer. That was back when Linux was the little guy. In 2018, Linux is the Big Man On Campus.
Linux and open-source software will do just fine, even with Microsoft running the show at GitHub.
Improving the performance and reliability of GitLab.com has been a top priority for us. On this front we've made some incremental gains while we've been planning for a large change with the potential to net significant results: moving from Azure to Google Cloud Platform (GCP).
The EFF yesterday announced the launch of STARTTLS Everywhere, "EFF's initiative to improve the security of the email ecosystem". The goal with STARTTLS is "to do for email what we've done for web browsing: make it simple and easy for everyone to help ensure their communications aren't vulnerable to mass surveillance." You can find out how secure your current email provider is at https://www.starttls-everywhere.org, and for a more technical deep dive into STARTTLS Everywhere, go here.
GitLab announced yesterday that it is moving from Azure to Google Cloud. GitLab claims the decision to switch to Google Cloud is "because of our desire to run GitLab on Kubernetes. Google invented Kubernetes, and GKE has the most robust and mature Kubernetes support." The migration is planned for Saturday, July 28, 2018, and GitLab will utilize its Geo product for the migration.
Andrew Newdigate, GitLab's Google Cloud Platform Migration Project Lead, explained GitLab was making the move to improve the service's performance and reliability.
Specifically, the company is making the move because it believes Kubernetes is the future. Kubernetes "makes reliability at massive scale possible." GCP was their natural choice because of this desire to run GitLab on Kubernetes. After all, Google invented Kubernetes, and GKE has the most robust and mature Kubernetes support.
The popular Open Source Guides for the Enterprise, developed by The Linux Foundation in collaboration with the TODO Group, are now available in Chinese. This set of guides provides industry-proven best practices to help organizations successfully leverage open source.
“Making these resources available to Chinese audiences in their native language will encourage even greater adoption of and participation with open source projects,” said Chris Aniszczyk, CTO of Cloud Native Computing Foundation and co-founder of the TODO Group. The guides span various stages of the open source project lifecycle, from initial planning and formation to winding down a project.
The seventh annual open source jobs report from The Linux Foundation and careers site Dice shows an increasing enterprise demand for open source skills, with Linux regaining the position of most-coveted technology.
The demand for open source skills is so high that nearly half of hiring manages responding to the survey said their organization are supporting open source projects solely for the purpose of recruiting hard-to-find talent.
That talent hunt is topped by the search for Linux skills, which is back on top as the No. 1 skill sought by hiring managers following a hiatus that saw cloud technologies ascending in last year's report.
Even if your association’s main stack isn’t based on open-source software, you should still know the language. According to a recent report from the Linux Foundation, it could even help you find new talent.
In my many years writing about the ins and outs of associations—and particularly their technology challenges—one common refrain I’ve heard is this: Open-source software is hard to maintain and comes with a lot of headaches that you won’t run into with a managed vendor.
Back in April we were able to run some IBM POWER9 benchmarks with remote access to the open-source friendly Talos II systems by Raptor Computer Systems. We were recently allowed remote access again to a few different configurations of this libre hardware with three different POWER9 processor combinations. Here are those latest benchmarks compared to Intel Xeon and AMD EPYC server processors.
Shotwell 0.29.3 brings a number of improvements to the fore, enhancing the user interface and overall stability of the application.
But it’s the return of Shotwell’s face detection feature to the master branch that excites me most in this release. This (optional) extra might help make it easier to organise and sort through photos based solely on who is in them.
— Not that facial recognition is entirely new to Shotwell, of course.
Gaming has traditionally been one of Linux's weak points. That has changed somewhat in recent years thanks to Steam, GOG, and other efforts to bring commercial games to multiple operating systems, but those games are often not open source. Sure, the games can be played on an open source operating system, but that is not good enough for an open source purist.
The second maintenance update of the KDE Plasma 5.13 desktop environment has been released today, version 5.13.2, with another layer of stability improvements.
Coming just one week after the first point release, KDE Plasma 5.13.2 arrives only two weeks after the release of the KDE Plasma 5.13 desktop environment to fix more bugs that the team discovered across various components, such as Plasma Discover, Plasma Desktop, Plasma Workspace, KSysGuard, Plasma Audio Volume Control, and others.
Highlights of this second point release include simplified Flatpak initialization process and inclusion of a donation URL for KNS in the Plasma Discover package manager, a fix for a leak of pipe FDs in the MD RAID code and support for Qt 5.11 in KSysGuard, as well as more improvements to the Fonts KCM panel. For more details, check out the full changelog.
Poudriere will grind away at dependencies and everything, and in the end spits out a nicely colored status line; it looks like this (here, I was rebuilding octave in order to test Qt5 compatibility, and most of the dependencies were already done).
I’ve finished LVM VG complete support to Calamares, including resize, deactivate and remove operations. All my progress is actually related to my PR from the last week (I’ve changed it’s name, because I decided to include the remaining LVM implementations on it). This PR got some dependency issues with kpmcore’s latest versions and the code needs some refactoring, but you can see it here:
A long time ago Konqui was a bit different than what it is today, you know – people evolve, and mascotts too.I think everyone here remembers the Huge konqui custume that I did for the brazilian conventions, it was the most amazing konqui costume ever but he’s resting in peace now, retired in a theather school.
This also appply to my new changes to Konsole. I’v did a lot of changes in the source this month, and I was sending experimental stuff to it that I had three accepted-merged-reverted commits. This doesn’t makes me angry at all, one of the features is probably be upstreamed to Breeze and all kde software will enjoy it, and the other two introduced regressions, and if we don’t produce code we can’t evolve, without new code there’s also no new bugs being introduced (as i did).
About 80 committed developers met in Oslo to talk about the latest developments in the Qt framework, enjoying beautiful weather in Oslo, and of course, the coffee.
The Qt Company has been on a roll this year with a slew of exciting announcements, the latest of which are Qt 3D Studio 2.0 and a new tool for user-interface designers as Qt Design Studio.
Qt 3D Studio 2.0 we've known has been coming with editor improvements, a new run-time built on Qt 3D rather than the NVIDIA rendering engine, and much more.
I don’t often write useless blog posts, but today will be an exception. The address sanitizer (asan) is a ludicrously good tool. The developers deserve a huge thank you.
With the exams having been left in the past, I can get back to hacking on Nautilus again. This time, it’s coming up with a GTK+ 4-ready tagged entry for the search. Heavily inspired by Matthias’ prototype, here is a sneak peek at the work-in-progress implementation:
For the longest time our wiki main page has been very plain and simple; our own Zalappy has designed a new look, and the modifications are almost ready! Keep watching, because it’s looking really good! Thanks to Zalappy for his artistic flair, and to apb for his hard work making it happen.
SUSE doesn't get the ink that Red Hat Enterprise Linux (RHEL) or Canonical Ubuntu does, but it's still a darn fine Linux server distribution. Now, SUSE takes another step forward in the server room and data center with the mid-July release of SUSE Linux Enterprise Server (SLES) 15.
SLES 15 will be available on x86-64, ARM, IBM LinuxONE, POWER, and z Systems in mid-July. So, no matter what your preferred server architecture, SUSE can work with you.
Today, SUSE announced the release of SUSE Linux Enterprise 15, SUSE Manager 3.2 and SUSE Linux Enterprise High Performance Computing 15 with a focus on helping customers innovate in this era of rapid digital transformation while meeting the needs of multimodal IT.
SUSE announced its Enterprise Linux 15 and SUSE Manager 3.2 updates on June 25, ushering in the next generation of enterprise Linux technologies from the Germany-based Linux vendor.
SUSE Enterprise Linux 15 is the first time since 2014 that SUSE has changed the major version for its flagship platform. While SUSE Linux Enterprise 12 was announced back in 2014, SUSE never released a version 13 or 14, deciding instead to skip ahead to version 15 for the new update.
"In various cultures, both 13 and 14 are unlucky numbers," Matthias Eckermann, director of SUSE Linux Enterprise product management, told eWEEK. "We were asked to not use these by partners and customers, so here we are at 15."
Sharing the same code-base as openSUSE Leap 15, on Monday SUSE announced the release of SUSE Linux Enterprise 15.
SUSE Linux Enterprise 15 was announced along with the release of SUSE Manager 3.2 and SUSE Linux Enterprise High Performance Computing 15. SUSE Linux Enterprise 15 products though are said to be available beginning around the middle of July.
A major contract from the U.S. Department of Defense could benefit some workers in the Triangle.
Red Hat leaders have been talking to defense officials about its JEDI cloud-services contract and think the company is "extremely well-positioned" to supply the project's back-end workings, Red Hat Chief Financial Office Eric Shander said in a recent interview.
Open source solutions provider Red Hat has launched what it calls the `next generation' of Red Hat JBoss BPM Suite, now called Red Hat Process Automation Manager.
It provides a cloud-native platform for developing applications that automate business decisions and processes.
The scavenger hunt game developed for the audience to play during the Red Hat Summit 2018 demo used Red Hat Data Grid as storage for everything except the pictures taken by the participants. Data was stored across three different cloud environments using cross-site replication. In this blog post, we will look at how data was flowing through Data Grid and explain the Data Grid features powering different aspects of the game’s functionality.
Summertime is typically a slow news cycle for technology, so some people find time to relax, while others use it as an opportunity to learning something new. One activity that draws lots of people eager to learn are the OpenShift roadshow, where both Application Developers and IT Operations can get hands-on with OpenShift and related technologies.
I do mentor/advise startups and if any of them come to me with proposals that involve buying hardware, setting up software as part of the servers etc, I will promptly throw them out. Create your stuff on the cloud – AWS, Google, Rackspace, DigitalOcean etc. Lots of them out there. At some point, when your project/start-up ideas have gained some form/shape, and you have paying customers, you could consider running your own data centers using Red Hat Open Stack and Red Hat OpenShift to make sure that you have a means to run your application in-house or in your own data center or onto the public cloud seamlessly.
There have been several controversial Fedora 29 changes this cycle like hiding GRUB by default and catering i686 packages to x86_64 while another one was approved today at the Fedora Engineering and Steering Committee.
The latest approved feature for Fedora 29 that's been met by some controversy in user/developer discussions is on changing the prioritization of some paths within the user PATH environment variable. Rather than ~/.local/bin and ~/bin currently appearing at the end of the PATH paths, with Fedora 29 they will be set to the front. This gives these local user paths higher priority over the system-wide paths when it comes to looking for commands on the system.
Hi, Fedora Community! I’d like to take a moment to introduce myself as the newly-hired Fedora Program Manager. I’ve been a Fedora user for over a decade and a contributor in various roles almost that long. I started out on the documentation team as a writer and then led the team for a few releases. I’ve also maintained packages, dabbled a little bit in marketing (I know I’m way behind on that video ticket, sorry!), and helped promote Fedora through social media and articles on Opensource.com. Professionally, my background is largely in systems administration (with a strong focus on high performance computing in public cloud), but I’ve spent the last two years in marketing. I have a bachelors degree in meteorology and a masters degree in IT project management. I’m also an organizer for a local tech meetup and an occasional freelance writer.
Welcome to the Ubuntu Weekly Newsletter, Issue 533 for the week of June 17 – 23, 2018. The full version of this issue is available here.
Libre Computer unveiled a “ROC-RK3399 (Renegade Elite)” SBC that runs Android Oreo or mainline Linux 4.19+ and offers GbE with PoE, HDMI 2.0, 2x USB Type-C with DP, 3x USB 2.0, and dual 60-pin headers.
Libre Computer has posted some photos and preliminary specs of a ROC-RK3399 (Renegade Elite) board follow-on to last year’s Indiegogo launched Renegade SBC. The Renegade Elite will launch on Indiegogo in July with general availability due in August. The original Renegade eventually went on to be re-sold by T-Firefly as the Firefly-ROC-RK3328-CC, and a similar future appears to await the Renegade Elite, as the photos show the board imprinted with the Firefly logo.
As the first step in bringing Sailfish to Gemini, our friends at Planet Computers have today made the community edition of Sailfish OS 2.1 available for the Gemini PDA. This version has been tested and verified by both Jolla and Planet.
As it’s a community initiative, the version is still somewhat limited, but essential features are supported. With this version you won’t yet get software updates or support for Android apps. Also the overall support is limited to our community’s efforts.
While the popularity of Jolla's Sailfish OS seems to be waning, if you are interested in their Linux-based, partially open-source software stack, it's now available on the Gemini PDA device.
I've been around in communities like KDE, openSUSE, Mandrake/Mandriva and others... and various open source and closed companies. Seen some do a good job. Seen others be mismanaged. This one: the most fun. Serious.
Working at Nextcloud is special. For one, we're a distributed company. Is it hard? Well, yes and no. Working from home is great with such a motivated team with very little management overhead and good communication. Our company is entirely built on it, that is why it works.
[...]
But we connect in person: roughly every second month, at a company-wide meeting in a single place, usually Stuttgart, for a full week of coding and having a great time. And once a year we go to Berlin for our conference, happening the last week of August! All those meetings are open, with often lots of community members participating in the whole process of designing and deciding around our software.
And yes, the sales people join there, too. I have NEVER worked in a company where the sales people, the marketing team and the engineers were so good with each other. Respect between these three departments is extremely rare, as I'm sure every one of my readers knows from experience.
Even though summer is here in the northern hemisphere, we’re not taking any breaks. Firefox continues our focus on making a browser that is smarter and faster than any other, so you can get stuff done before you take that much needed outdoor stroll.
Firefox 61 is now available, and with it come new performance improvements that make the fox faster than ever!
Mozilla is on schedule with releasing Firefox 61.0 today and can already be found via their FTP mirrors.
Firefox 61.0 has us excited due to performance improvements: This new web-browser update has furthered Quantum CSS to offer faster page rendering times with the parsing being parallelized, other rendering speed optimizations, and faster tab switching on Linux/Windows are among the performance enhancements.
Continuing Firefox Quantum’s investment in a high-performance engine, the Firefox 61 release will boost responsiveness of modern interfaces with an optimization that we call Retained Display Lists. Similar to Quantum’s Stylo and WebRender features, developers don’t need to change anything on their sites to reap the benefits of these improvements.
The new Firefox Monitor service will use anonymized range query API endpoints from Have I Been Pwned (HIBP). This new Firefox feature allows users to check for compromised online accounts while preserving their privacy.
From shopping to social media, the average online user will have hundreds of accounts requiring passwords. At the same time, the number of user data breaches occurring each year continues to rise dramatically. Understandably, people are now more worried about internet-related crimes involving personal and financial information theft than conventional crimes. In order to help keep personal information and accounts safe, we will be testing user interest in a security tool that lets users check if one of their accounts has been compromised in a data breach.
With any new openSUSE release, I am interested in the improvements that the big applications have made. One of these big applications is LibreOffice. Ever since LibreOffice has forked from OpenOffice.org, there has been a constant delivery of new features and new fixes every 6 months. openSUSE Leap 15 brought us the upgrade from LibreOffice 5.3.3 to LibreOffice 6.0.4. In this post, I will highlight the improvements that I found most newsworthy.
Since its development in the early 2000s, Arduino products like the Uno and Nano have revolutionized what people can make at home with inexpensive and easy-to-use components. Robotics and automation are no longer solely in the realm of engineers; anyone willing to spend the time to learn how these devices work can create their own inventions.
This has led to an influx of practical and innovative projects, and the technology to share them via video and social media has only accelerated the growth. We may be only halfway through 2018, but we’ve already seen a wide variety of innovative projects.
Here are a handful of our favorites so far—we can only imagine what else we’ll see in 2018!
We are big fans of pytest and use it as our default Python testing tool for work and open source projects. For this month's Python column, we're sharing why we love pytest and some of the plugins that make testing with pytest so much fun.
Python is a multi-paradigm programming language. Meaning, it supports different programming approach. One of the popular approach to solve a programming problem is by creating objects. This is known as Object-Oriented Programming (OOP).
I'm taking a break from debugging books to talk about a calamitous shitshow of textbook writing: Mastering C Pointers: Tools for Programming Power, by Robert J. Traister.
I learned of the book through a talk by Brian Kernighan where he refers to the book as probably “the worst C programming textbook ever written.”[1] He doesn't name it but with some help I was able to track down his obliquely accurate reference.
This book has become my white whale. Since I started reading debugging books, and especially now that I'm digging through older ones, I find bits of advice that simply don't work today. While some of it could be construed as useless or idiotic, I've always found the authors come from a position of earnestness, attempting to draw the best conclusions based on decent principles and what they knew at the time they wrote it. In some cases they may not have known much, but they're honestly and humbly trying to impart some wisdom.
Windows 98 turns 20 today. However, rose-tinted spectacles still don't make a hybrid 16 and 32 bit OS tottering on top of MS-DOS any more appealing.
While Windows NT 4.0 pointed to a future free from MS-DOS, the majority of the Windows user base simply did not have the hardware to run much more than a jumped-up version of Windows 95. Thus Windows 98 appeared to bridge the gap.
Codenamed Memphis, the first beta of Windows 98 arrived in 1996 with the final Release To Manufacturing (RTM – remember those?) version appearing two years later. USB support came as standard (and memorably exploded live on stage) along with a range of functions intended as a nod to that World Wide Web thing. Applications such as Outlook Express, FrontPage Express and a personal web server appeared as part of the installation.
The meteorite man of Montrose, Colorado, enchanted his community with promises of untold riches of extraterrestrial origin. But as Steven Curry collided with scientists and the legal system in his quest for recognition, his obsession took him to the Bundy Ranch and a police standoff.
As pharma companies underwrite three-fourths of the FDA’s budget for scientific reviews, the agency is increasingly fast-tracking expensive drugs with significant side effects and unproven health benefits.
Last week, developers on OpenBSD—the open source operating system that prioritizes security—disabled hyperthreading on Intel processors. Project leader Theo de Raadt said that a research paper due to be presented at Black Hat in August prompted the change, but he would not elaborate further.
The situation has since become a little clearer. The Register reported on Friday that researchers at Vrije Universiteit Amsterdam in the Netherlands have found a new side-channel vulnerability on hyperthreaded processors that's been dubbed TLBleed. The vulnerability means that processes that share a physical core—but which are using different logical cores—can inadvertently leak information to each other.
In a proof of concept, researchers ran a program calculating cryptographic signatures using the Curve 25519 EdDSA algorithm implemented in libgcrypt on one logical core and their attack program on the other logical core. The attack program could determine the 256-bit encryption key used to calculate the signature with a combination of two milliseconds of observation, followed by 17 seconds of machine-learning-driven guessing and a final fraction of a second of brute-force guessing.
Oracle has released fixes for Spectre v3a, Spectre v4, and the “Lazy FPU” vulnerability.
The two Spectre patches cover CVE-2018-3640 and CVE-2018-3640.
As Oracle's director of security assurance Eric Maurice explained, the patches apply to both Oracle Linux and Oracle VM and the associated Intel microcode.
Oracle has released patches for the latest Spectre CPU flaws and a fix for the Lazy floating-point unit (FPU) state restore issue affecting Intel CPUs.
Oracle's updates address the Spectre CPU flaws revealed in May, including CVE-2018-3640, also known as Spectre variant 3a, and CVE-2018-3639, Spectre variant 4.
Last year, when security researchers tore apart WPA2’s security with KRACK exploit, questions were raised regarding its ability to protect billions of WiFi-compatible devices across the world.
Please refer to our confidential Circular DBS.CO/CSITE/BC.8074/31.01.015/2016-17 dated April 17, 2017 (issued to banks) highlighting concerns about the ATMs running on Windows XP and/or other unsupported operating systems. A reference is also invited to our confidential Advisory No. 3/2017 dated March 06, 2017 and No. 13/2017 dated November 1, 2017 wherein the banks were advised to put in place, with immediate effect, suitable controls enumerated in the illustrative list of controls.
2. The slow progress on the part of the banks in addressing these issues has been viewed seriously by the RBI. As you may appreciate, the vulnerability arising from the banks’ ATMs operating on unsupported version of operating system and non-implementation of other security measures, could potentially affect the interests of the banks’ customers adversely, apart from such occurrences, if any, impinging on the image of the bank.
The Network Block Device (NBD) protocol is really useful to us when we deal with virtual machines and disk images. It lets us share disk images between machines and is also the universal protocol we use for communicating disk images between different bits of software. I wrote a pluggable NBD server called nbdkit to make this even easier.
However there was a problem: The protocol has no concept of logins. If you have an open NBD port, then anyone can connect and read or write your disk image. This is not quite as terrible as it sounds since when two processes are talking NBD to each other, we use a Unix domain socket and we hide the socket in a directory with restrictive permissions. But there are still cases — such as communicating between separate servers — where authentication would be useful.
Someone had sent emails to the bank’s employees with Microsoft Word attachments, purporting to be from suppliers such as ATM manufacturers. It was a classic spear-phishing gambit. When opened, the attachments downloaded a piece of malicious code based on Carberp, a so-called Trojan that unlocked a secret backdoor to the bank’s network. The malware siphoned confidential data from bank employees and relayed the information to a server the hackers controlled. Delving deeper, the Kaspersky team found that intruders were taking control of the cameras on hundreds of PCs inside the organization, capturing screenshots and recording keystrokes. Soon, the researchers learned that other banks in Russia and Ukraine had been hacked the same way.
When the Justice and Development (AK) Party took office in 2002, many intellectuals in Turkey and abroad were convinced that the party’s commitment to democratization was promising. The first term of the AK Party rule, which is considered as a golden era, broadly extended from 2002 to 2007. This era was characterized by high, inclusive economic growth, coupled with significant democratic reforms, ranging from a radical reordering of civil-military relations to the recognition of minority rights, including language and cultural rights for Kurdish citizens.
This initial high performance created a certain level of trust in the AK Party rule among Turkish intellectuals, including the Gülen Movement, that in time the AK Party would eliminate all the undemocratic aspects of the Turkish governmental system. Between 2009 and 2011, the AK Party government successfully managed to create a legal framework that precluded Turkish military involvement in politics, which would prevent military interventions of the kind Turkey had suffered from in the past. The end result, however, was not a consolidated democracy as expected, but a highly personalized autocracy embodied in the figure of Recep Tayyip Erdogan.
What went wrong with the AK Party and its leadership during the democratization of Turkey remains an important question. Was the performance of the party between 2002 and 2007 mere window dressing, with Erdogan and his close, oligarchic circle waiting for a convenient time to apply their secret, true agenda? Were they never democratic at all? Or was Erdogan obsessed with the idea that he had a messianic mission like being the ‘Caliph’ of the Muslim world?
One of the more devastating intelligence leaks in American history — the unmasking of the CIA’s arsenal of cyber warfare weapons last year — has an untold prelude worthy of a spy novel.
Some of the characters are household names, thanks to the Russia scandal: James Comey, fired FBI director. Sen. Mark Warner (D-Va.), vice chairman of the Senate Intelligence Committee. Department of Justice (DOJ) official Bruce Ohr. Julian Assange, grand master of WikiLeaks. And American attorney Adam Waldman, who has a Forrest Gump-like penchant for showing up in major cases of intrigue.
Each played a role in the early days of the Trump administration to try to get Assange to agree to “risk mitigation” — essentially, limiting some classified CIA information he might release in the future.
WikiLeaks on Thursday published a database that it claims reveals personal information on more than 9,000 current and former Immigration and Customs Enforcement employees.
Activists publish private information of ICE employees in protest of the current immigration policies, putting their lives in danger.
Activists, including a New York University professor, obtained the phone numbers and home addresses of more than 1,500 employees and published the information online.
Wikileaks also published personal information and photos and named the agency’s more than 9,000 current and former employees.
WikiLeaks this week published a database containing personal data on more than 9,000 current and former employees of U.S. Immigration and Customs Enforcement, a report said.
ICEPatrol is an important public resource for understanding ICE programs and increasing accountability, especially in light of the actions taken by ICE lately, such as the separation of children and parents at the US border.
GitHub, Medium, and Twitter have scrubbed a database of ICE employees off their platforms, soon after a New York-based artist posted the scraped LinkedIn information.
Sam Lavigne, who has previously worked on projects like a white collar predictive policing program, wrote in a Medium post today that, “As ICE continues to ramp up its inhumane surveillance and detention efforts, I believe it’s important to document what’s happening, and by whom, in any way we can.”
In an attempt to do that, Lavigne wrote a program that scraped LinkedIn for profiles that listed ICE as an employer. The program returned information on nearly 1,600 people, and Lavigne posted the resulting data publicly on GitHub. The database included information like job title, profile picture, and general location of work.
Professional information and LinkedIn profiles of U.S. Immigration and Customs Enforcement employees were published in a searchable online database by WikiLeaks, the organization said Thursday.
"ICEPatrol" appeared to provide professional information and profiles from the professional social networking site of government employees.
Information such as job titles, work history, education and city of employment appeared on many of the profiles. It was not immediately clear how many employees were targeted, but the site said more than 9,300 profiles were listed.
The Department of Homeland Security did not immediately respond to a request for comment.
The Western world never ceases to speak of its “democratic values.” In Western political theory, the way democracy works is by free speech and a free press. By speaking out, citizens and media keep the government accountable.
This liberal tradition means that there are no words or terms that cannot be used because some designated “victim group” can claim to feel offended. The inroads into free speech made by political correctness, now institutionalized in universities and the public school system, in the presstitute media, in American corporations such as Google, and in the enculturated habits of Americans, demonstrate a decline in the status of free speech. Governments have also made inroads, with the “war on terror” becoming a justification for warrantless spying, mass surveillance, and a clampdown on dissent.
The free press has declined even more dramatically than free speech. The NY Times of the Pentagon Papers disappeared during George W. Bush’s first term when the newspaper sat on the story that the Bush regime was spying without warrants. The NY Times sat on the story for a year, allowing Bush to be reelected without controversy and allowing the government time to legalize the spying on an ex post facto basis.
The US Supreme Court ruling upholding the right to digital privacy will destroy the National Security Agency’s "Treasure Map" project which is designed to map the entire global internet to locate all devices on earth, former NSA Technical Director and whistleblower Bill Binney told Sputnik.
The Supreme Court ruled on Friday that US authorities must obtain a warrant to tap cellphone towers for personal location data, Chief Justice John Roberts Jr. said in a court document.
In a federal courthouse in Augusta today, former intelligence contractor Reality Winner accepted a plea agreement for a single charge of espionage, in exchange for a sentence of 63 months in prison and three years of supervised release. The plea agreement is still tentative, pending a pre-sentencing investigation ordered by the court. Winner has already spent over a year in prison, and would be due for release in 2023.
Winner was arrested in June 2017, just days after The Intercept published a secret NSA report on Russian efforts to hack the 2016 election. Winner served in the Air Force for six years, and was working as an intelligence contractor at the time of her arrest. She held a top secret clearance.
The NSA’s election report, which was verified by The Intercept and published with voluntary redactions, detailed an attempt to hack a supplier of US election software and more than 100 election officials in the months leading up to the 2016 election. There’s no indication that the attacks succeeded in compromising vote tallies, although the attackers were able to maintain significant access to electoral boards.
Court records indicate a woman charged with leaking U.S. secrets to a news outlet has reached a deal with prosecutors.
U.S. Department of Justice spokesman Ian Prior confirmed in an email Thursday that former National Security Agency contractor Reality Winner plans to plead guilty.
A change of plea hearing is scheduled Tuesday. Online court records show a plea agreement was filed Thursday.
Winner’s lawyers couldn’t immediately be reached.
A disease-inducing fungus in amphibians worldwide could become deadlier as different genetic variations emerge, according to research led by The University of Alabama.
Biologists tested the harmfulness of a Brazilian hybrid form of Batrachochytrium dendrobatidis, known simply as Bd or the amphibian chytrid fungus, as well as both parent forms, on species of frogs from the Brazilian Atlantic Forest. They found infections and strength of the illness increased with the hybrid form.
I’m sure I looked comical as I staggered down a downtown San Francisco street on a recent weekday, arms full of packages—as I dropped one and bent down to pick it up, another fell, and as I tried to rein that one in, another toppled.
Yet it wasn’t funny, not really. There I was, wearing a bright-yellow safety vest and working for Amazon Flex, a program in which the e-commerce giant pays regular people to deliver packages from their own vehicles for $18 to $25 an hour, before expenses. I was racing to make the deliveries before I got a ticket—there are few places for drivers without commercial vehicles to park in downtown San Francisco during the day—and also battling a growing rage as I lugged parcels to offices of tech companies that offered free food and impressive salaries to their employees, who seemed to spend their days ordering stuff online. Technology was allowing these people a good life, but it was just making me stressed and cranky.
Sometimes art imitates life imitates art, and that happened this week after comedian John Oliver did an episode on censorship in China on his HBO show Last Week Tonight. Now China has blocked him for doing a show on Chinese censorship.
The New York Times reported that Oliver did a 20-plus minute segment on China and its leader, President Xi Jinping, and among other things, Oliver talked about Xi’s resemblance to the fictional character, Winnie the Pooh. This and talk of censorship touched a nerve in China, which caused them to block access to the show which can be seen around the world normally.
China’s Hainan island has proposed allowing foreign visitors access to censored websites such as YouTube and Facebook, a double standard that has raised cries of indignation from the country’s internet users.
The province, known as China’s Hawaii thanks to its resorts and tropical beaches, is set to become the country’s largest free trade zone and hopes to attract increased investment in hi-tech industries, as well as more tourist dollars.
Part of that effort includes making the island more hospitable to foreign tourists through such steps as instituting visa-free travel and making it easier to use foreign credit cards.
China's Hainan island has proposed allowing foreign visitors access to censored websites such as YouTube and Facebook, a double standard that has raised cries of indignation from the country's internet users.
The province, known as China's Hawaii thanks to its resorts and tropical beaches, is set to become the country's largest free trade zone and hopes to attract increased investment in hi-tech industries, as well as more tourist dollars.
There's finally a place in China where people can access previously banned social media sites. The provincial government of Hainan has drawn the plan in order to boost tourism in the area.
China is set to lift the ban on the southern tropical island of Hainan. Chinese President Xi Jinping announced his plan to turn "China's Hawaii," a spot famous for its palm-lined beaches, into a free-trade port by 2020.
In the midst of the backlash over the actions of the Trump Administration and US Immigration and Customs Enforcement (ICE), WikiLeaks compiled and shared over 9,000 ICE employees information online. "ICEPatrol is an important public resource for understanding ICE programs and increasing accountability, especially in light of the actions taken by ICE lately, such as the separation of children and parents at the US border," tweeted WikiLeaks. WikiLeaks included information and photos collected from LinkedIn of 9,243 former and current ICE employees. Users can search the database by location, current position, school attended, and field of study. According to The Washington Post, WikiLeaks seems to have expanded and published a project created by Sam Lavigne, a New York-based artist and programmer who taught at New York University’s Tisch School of the Arts. Lavigne attempted to publish a smaller ICE employee database on GitHub and Medium, but both were taken down.
BestVPN.com said it saw a 131 percent increase in traffic to its VPN guides for Turkish citizens in the past 24 hours and ahead of the Turkish presidential elections on 24 June. This data shows Turkish political opposition parties, journalists and citizens are in increasingly turning to VPN technology to bypass internet censorship which was imposed in March through a new law.
A new report from The Intercept sheds light on the NSA’s close relationship with communications provider AT&T.
The Intercept identified eight facilities across the U.S. that function as hubs for AT&T’s efforts to collaborate with the intelligence agency. The site first identified one potential hub of this kind in 2017 in lower Manhattan.
The report reveals that eight AT&T data facilities in the U.S. are regarded as high-value sites to the NSA for giving the agency direct “backbone” access to raw data that passes through, including emails, web browsing, social media and any other form of unencrypted online activity. The NSA uses the web of eight AT&T hubs for a surveillance operation code-named FAIRVIEW, a program previously reported by The New York Times. The program, first established in 1985, “involves tapping into international telecommunications cables, routers, and switches” and only coordinates directly with AT&T and not the other major U.S. mobile carriers.
The secrets are hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program.
The Intercept, the publication known for its groundbreaking reports, has come up with another revealing piece (via TechCrunch) about the National Security Agency. The report describes 8 AT&T data facilities that serve as hubs for NSA’s spying activities.
The eight facilities are located in major US cities, including Atlanta, Chicago, Dallas, LA, New York City, San Francisco, Seattle, and Washington DC.
A few months ago we put out a call for ideas for a new digital service that would help people use their rights under General Data Protection Regulation (GDPR).
Open Rights Group supporters sent in some great ideas for a new digital service about rights under GDPR. We take a look at some of the best ones.
The proposed system to stop a GDPR-caused block on access to website holders’ data could introduce fees and tip off online infringers. It’s also uncertain whether rights holders would get access
The NSA also reportedly purchased exploits from a France-based gray market company known as Vupen.
The company closed in 2015 and reopened under the name Zerodium.
The agency budgeted for $25.1 million to buy zero-days service, which involves leveraging unknown weaknesses in devices, in 2013, according to Slate.
The use of the gray market by government agencies permits the agencies to bypass the Vulnerabilities Equities Process, which involves the government deciding whether to flag zero-day vulnerabilities to tech companies or keep them under wraps.
The report comes as tensions rise between tech companies and the federal government over the issue of accessing encrypted information.
Nearly all the data collected by the National Security Agency (NSA) is being transferred to the cloud. The database — Intelligence Community GovCloud — is reportedly classified and will help the federal surveillance organization to “connect the dots” among the scores of systems currently employed by the agency to store and sort data.
The US National Security Agency is “systematically moving” all its data to a cloud-computing service, the chief information officer has said. In 2017 alone the agency tripled collection of data through US telecom companies.
The cloud – designed to harvest and store all sorts of NSA-relevant data, including foreign surveillance and intelligence information around the world – offers easy access to the data to “connect dots,” Greg Smithberger told NextGov.
Facebook has been widely recognized for the extreme lengths it takes to collect data on its users.
But several recently filed patents show just how widespread those efforts have become, ranging from anticipating your daily routine to predicting when you might die.
What's more, many of these techniques simply rely on your smartphone's geolocation data in order to learn more about you and your habits.
In perhaps one of the most shocking filings, Facebook researchers describe the ability to 'predict a life change event' for users, such as marriage status, birthdays, new jobs, a birth in the family, graduation, or even death.
On June 23, 2018 Madras High Court made it clear that Aadhaar card and its photocopy are compulsory during counselling to medical admissions in Tamil Nadu, despite the Supreme Court had in March this year ordered that it is not imperative during the NEET registration process.
Manon maintains her Facebook account to be able to stay in touch with the large number of users on the huge social network and as a “gateway” to log into other apps.
The ACLU’s class action lawsuit to end family separation and immediately reunite children and parents has reached a pivotal point, following a June 22 status conference where the government was unable to articulate a plan to reunite thousands of children in its custody with their parents.
The lack of foresight and planning is galling. For each day the government stalls, thousands of children are subjected to irreparable trauma. What’s more, there have been reports that immigration officers are actively pressuring parents to give up their asylum claims in order to be reunited with their children.
This cruelty and utter contempt for the welfare of children and the rule of law cannot stand. Our government cannot be allowed to hold children hostage in order to sabotage the legal claims of people seeking refuge.
On Monday, we asked the court to hold the Trump administration to account, and require it to reunify all children with their parents within 30 days, and within 10 days for children under five; provide parents, within seven days, telephonic contact with their children; stop future separations of children from their parents; and not remove separated parents from the United States without their children, unless the parent affirmatively, knowingly, and voluntarily waives the right to reunification before removal.
We know body cameras haven't been the police accountability godsend some imagined they would be. (I admit I saw a far rosier future when they first started being put into service.) So far, the research jury's still out on the effectiveness of cameras in deterring misconduct and excessive force deployment. And, so far, they've been far more useful to prosecutors than plaintiffs in civil rights lawsuits.
You can put a camera on a cop but you can't change the system that leads to abusive behavior and practices. Nothing's changing much for officers other than the attachment of a lightweight ride-along. Policies may require officers to activate their cameras in nearly every situation, but if no one's willing to hold them accountable for refusing to do so, then nothing's going to improve.
Since law enforcement agencies maintain control of equipment and recordings, there's not much the public can do when critical footage goes missing. Cops learned early on device tampering can reduce discrepancies in paperwork and shore up lies delivered as testimony. What went unpunished when it was just dashcams and body mics has continued forward to swallow the accountability body cams seemed to promise.
So, we already discussed how the Judge that let the AT&T merger proceed showed a comically narrow reading of the media and telecom markets when he approved AT&T's $86 billion Time Warner merger without a single condition. At no point in his 172-page ruling (pdf) did U.S. District Court Judge Richard Leon even utter the phrase "net neutrality," showing a complete failure to understand how AT&T intends to use regulatory capture, vertical media integration (ownership of must-have content like HBO) and its stranglehold over broadband markets in synergistically anti-competitive ways.
Leon focused almost exclusively on bickering between AT&T and DOJ-hired economists over whether the merger would result in higher rates for consumers (which, if you've watched AT&T do business should be a foregone conclusion). But because U.S. antitrust law is already ill-equipped to help police these kinds of vertical integrations, DOJ economists were locked into very specific confines of economic theory, even if it should be obvious to everybody and their uncle that AT&T will use its ownership of CNN, HBO, and other media properties to jack up licensing costs for streaming competitors.
Of course higher costs for licensing (which in turn means higher costs for consumers) is just one way AT&T intends to leverage its greater scale anti-competitively. It also couldn't be more clear that with net neutrality rules out of the way, AT&T has an absolute arsenal of creatively anti-competitive tools at their disposal, whether that means hijinks at interconnection points (something else Leon likely has never heard of), to the use of usage caps to "zero rate" AT&T's own content, while still penalizing competitors like Netflix.
The rapid rise of digital technology in the twenty-first century places new demands on intellectual property protections, while presenting new challenges. A new report suggests that a leading US agency that investigates patent infringement may need to be updated to keep up.
Karry Lai speaks with the US conglomerate’s China IP counsel to find out about challenges in patent litigation, what Patent Law changes he would like to see and how big picture thinking has been key to his success
In a unique joint translation process, community members from Creative Commons Portugal and Brazil came together to release a single Portuguese translation of the CC 4.0 license suite.
Pepe the Frog, the “Distracted Boyfriend” meme and Arthur’s balled-up fist are all under threat. So are reactions GIFs such as the one of a confused Zach Galifianakis, or the clip of Steve Carrell shouting ‘No!’ in The Office.
EU lawmakers may inadvertently destroy the internet’s robust meme culture with a proposed law designed to fight online piracy. One article in the legislation would force online platforms such as Google, Facebook, YouTube and Twitter to automatically censor copyrighted content uploaded by anyone who isn’t licensed to share it.
While it's always great to have ISPs side with their customers rather than capitulate to copyright trolls or the governments that allow them to operate, few go to equal lengths as Swedish ISP Bahnhof. Bahnhof is known for taking all kinds of actions to protect its customers and for fighting back against copyright trolls as viciously as possible. Happily, Sweden's Pirate Party has recently declared its own war on copyright trolls, giving the ISP an ally in the region.
But as the crusade by Bahnhof continues, the person in charge of the ISP's communications has published an open post on the company's site attacking the very heart of the laws that allow copyright trolls to operate in the first place. Here's how Carolina Lindahl sets the stage for what is currently going on in Sweden.
Over the past decade or so we've seen lots of arguments from legacy industries -- mainly recording industries, publishing industries, and film industries -- freaking out about Google and Facebook. The go-to response generally seems to be to run to the government and demand that they force the successful internet companies to transfer some of their wealth to the legacy industries. In some cases, these pleas appear to be working -- such as with the link tax proposal in the EU.
Generally speaking, this whole thing is pretty disgusting. It's usually legacy private companies which had a successful business model under a previous system, failed to adapt to a changing world, and then act as if they're magically entitled to someone else's money. Of course, that's not how it should work (even if sometimes it does). But I'm interested in comparing this approach to the approach of Wikipedia, whose executive director, Katherine Maher, has an article in Wired arguing that Google and Facebook should consider giving back to the site, especially seeing as those platforms are increasingly relying on the information within Wikipedia.