UserLAnd offers a quick and easy way to run an entire Linux distribution, or even just a Linux application or game, from your pocket. It installs as an Android app and is available for download from the Android Google Play Store. The best part is that because it operates from a typical chroot environment, you don't need to root your device.
I was fortunate enough to have a chance to spin up one of the early beta builds of UserLAnd. This beta build was limited only to SSH and VNC local connections from my Android mobile device, but it was more than enough to establish a sound sense of how things are and where things will progress.
To handle the SSH connection, UserLAnd leverages ConnectBot while using bVNC for anything graphical. The beta build I used supported only TWM. Future updates will add additional window managers and a desktop environment. Both ConnectBot and bVNC are installed when you create and launch your session (see below).
Immediately after installation and upon launching the application, you are greeted with a clean environment—that is, no root filesystems and no sessions defined.
I'm announcing the release of the 4.17.5 kernel.
All users of the 4.17 kernel series must upgrade.
I'm announcing the release of the 4.14.54 kernel.
All users of the 4.14 kernel series must upgrade.
The fourth weekly test release of the Linux 4.18 kernel is now available.
Linux Torvalds has just announced the 4.18-rc4 kernel, which roughly marks the midpoint overall of the Linux 4.18 kernel cycle. If all goes well, the Linux 4.18 kernel will be officially out in about four or five weeks.
Things look pretty normal here, and size-wise this looks good too, so it's another of those "solid progress to release" weeks. Boring is good.
Things look pretty normal here, and size-wise this looks good too, so it's another of those "solid progress to release" weeks. Boring is good.
About half of the updates are to drivers, with GPU and networking being the bulk of it, but there's some misc noise all over (PCI, SCSI, power management, acpi, dmaengine).
Outside of drivers, it's networking (including some bpf fixed), filesystems (cifs and ext4), some core scheduler fixes, and some arch updatyes (x86, riscv, small other updates).
Let's hope this release continues being quiet. But go test to make sure it's all working for you all,
Linus
Back in January there were Xilinx developers who posted a DRM/KMS driver for their DisplayPort subsystem as part of the ZynqMP SoC. It looks like the driver for this display pipeline may soon be ready for mainline.
Hyun Kwon of Xilinx posted the latest "XLNX" DRM driver patches on Sunday for their ZynqMP DP KMS code. This driver in its current form is just under six thousand lines of code.
VULKAN -- After a number of recent Vulkan 1.1 point releases being rather mundane, Vulkan 1.1.80 is out this morning and on top of documentation updates also brings three notable new Vulkan extensions.
Vulkan 1.1.80 has the usual churn within the documentation to clarify some statements and other work, but exciting us are the three new extensions: VK_EXT_conditional_render, VK_KHR_create_renderpass2, and VK_KHR_8bit_storage.
The past week has seen a number of improvements to Wayland's Weston compositor with new features.
The latest hardware at Phoronix for testing is the Dell XPS 13.3-inch (XPS9370) with Intel Core i7-8550U Kabylake-R processor featuring UHD Graphics 620. A number of interesting Linux benchmarks are currently being worked on, including Windows versus various Linux distribution performance tests as well as power consumption, etc. For some initial figures for your viewing pleasure this weekend are some of the gaming/graphics tests between Windows 10 and Ubuntu Linux.
- The open-source NVIDIA "Nouveau" driver continues to be largely a community affair aside from occasional code/documentation dumps (and hardware supplies) from NVIDIA and then Red Hat also employing a few of the key contributors to the Nouveau DRM kernel driver and Nouveau NVC0 Gallium3D within Mesa. When it comes to Red Hat's Nouveau developers like Ben Skeggs and Karol Herbst, they started out as community contributors over the years to this driver. Fortunately, this year has brought another new contributor to the Mesa driver stack.
Released yesterday was Vulkan 1.1.80 that offers three new extensions while the Intel ANV open-source driver has begun rolling out patches for supporting this latest Vulkan specification update.
Lead Intel ANV developer Jason Ekstrand took the opportunity over the weekend to begin sending out the v1.1.80 patches for ANV. The seven patches sent out on Saturday include the routine updating of the Vulkan headers/XML against the 1.1.80 upstream while the other work was focused on the VK_KHR_create_renderpass2 extension. KHR_create_renderpass2 is about making render passes more extensible via sub-structures at render pass creation time.
One of three new Vulkan extensions introduced in this weekend's Vulkan 1.1.80 specification update is VK_KHR_8bit_storage for providing 8-bit types is now available in patch form for the Intel open-source "ANV" Vulkan Linux driver.
Chances are if you are spending more than $400 USD to have the Intel Core i7 8086K, the limited edition processor that is Intel's first to have a turbo frequency at 5.0GHz (and can easily overclock on all cores to 5.0+ GHz), you probably care a great deal about your system's performance. For squeezing extra performance out of the hardware, there is a wide variety of software optimizations available. Many of those software optimizations can be found within Intel's own Clear Linux distribution as previously shown while for this i7-8086K benchmarking is a look at how nine Linux distributions compare out-of-the-box when tested on this Coffeelake CPU and all CPU cores overclocked to 5.0GHz.
CPod (formerly known as Cumulonimbus) is a cross-platform, open source podcast player for the desktop. The application is built with web technologies – it’s written in the JavaScript programming language and uses the Electron framework. Electron is often (rightly?) criticized for being a memory hog and dog slow. But is that mainly because of poor programming, rather than an inherent flaw in the technology?
CPod is available for Linux, Mac OS, and Windows. Installation was a breeze on my Ubuntu 18.04 distribution as the author conveniently provides a 64-bit deb package. If you don’t run a Debian/Ubuntu based distro, there’s an AppImage which effortlessly installs the software on all major Linux distributions. There’s also a snap package from the snapcraft website, but bizarrely (and incorrectly) flags the software as proprietary software. As CPod is released under an open source license, there’s the full source code available too.
In previous articles, you were introduced into the basics of LMMS, and using sound files and presets as instruments for your songs. Also, you were shown a few sound effect plugins using the FM Mixer interface. This series concludes by showing you some of my techniques that I use when composing music with LMMS. Hopefully, you will be able to experiment further with the features that LMMS has to offer, and find a way to use these tools (and other ones) in a way that works for you.
Here's an interesting way to look at how the amount of Linux users on Steam has changed over time, when looking at the amount of daily active users.
Using a similar method to the one made by user dmantione who submitted this article to us back in May of 2016, which looked at peak users. A user on reddit has taken a look at the Linux market share against Valve's reported daily active users, using data they gave out during a recent presentation.
RUINER, the cyberpunk action shooter from Reikon Games has another update out to add more languages and fix some lingering Linux issues.
In regards to language support, they've added in Italian and Turkish thanks to the community doing them in their free time. When it comes to Linux support, it seems cutscenes still had some issues actually triggering and some had sound issues, all of which should now hopefully be solved.
Another GZDOOM fan game has been updated recently, this time we have the rather good Castlevania: Simon's Destiny.
After speaking to the developer about it, they originally planned to keep Linux support back until it actually hit Early Access on Steam.
Trains & Things is a real time multiplayer focused economic strategy game that's currently on Kickstarter. It's being built with Godot Engine and other open source tools, which is pretty sweet.
To jog your memory, it was funded on Kickstarter way back in 2015 with $161,246 pledged from 4,045 backers. Linux was not a stretch goal and they even had a demo for us as well.
Asteroid Fight is an online real-time strategy game coming out this year with Linux support and it seems extremely promising. What's interesting about it, is that you build your hero unit yourself from various different hulls, weapons, special weapons and so on.
Hello all. About a week ago I managed to finally embed new lock free hash table into Krita instead of an old one.
As most of the KDE people know, you can use Libinput on X11 but there are some issues with the combination of Libinput + X11 + Touchpad KCM. In KDE, when you use Libinput on X11, there will not be a special KCM support to handle Libinput settings. Fixing this issue is one of the main purpose of my Google Summer of Code adventure. And, the day has come! Our planning and discussions about the issue is done and the work is in progress. Let me give you some background information.
This was quite a bugfixy week in KDE’s Usability and Productivity initiative, but we managed to squeeze in a cool new feature! See for yourself
The latest work on improving KDE's usability is adding a "share" menu to the Dolphin file manager.
Beginning with next month's KDE Applications 18.08 release, the Dolphin file manager now has a "share" menu when selecting files. This long overdue addition makes it possible to then easily share selected file(s) via email, KDE Connect to mobile devices, Nextcloud, Twitter, or other integrated services.
After Nate highlighted my latest work on Purpose (the new share menu in Dolphin) in his blog post I received quite some feedback. I’m glad that many people like the idea, but I also received some criticism/suggestions for improvements. This is always welcome as long as it is fair and objective. This was true for most comments, but unfortunately not all of them. I won’t even bother to reply to unfair and personal attacks for a useful feature, but rather like to respond to appropriate criticism and inform you about my future plans for Purpose.
First of all, for those who don’t know what Purpose is, it is an extensible framework to fulfill the developer’s purpose while providing an abstraction. Right now the only use-case is exporting/sharing a file, but more could be added in the future. It is used by Dolphin, Spectacle, Okular and other KDE applications and can export files to Email, Telepathy, KDE Connect, Nextcloud, Telegram (I did that one myself), Twitter, Imgur and many more.
The latest KDE Plasma 5.13.2 desktop environment is now available in the official software repositories of Chakra GNU/Linux, along with KDE Applications 18.04.2 and KDE Frameworks 5.47.0 software suites and several other up-to-date KDE apps, including Konversation 1.7.5 and Okteta 0.25.0, all build against the Qt 5.11.1 application framework.
"With your next system upgrade you will receive all the latest versions of KDE’s Plasma, Applications, and Frameworks, in addition to several other package updates," said Neofytos Kolokotronis. "We introduce Plasma 5.13 in its second bug-fix release, a brand new series that introduces many new features to our favorite desktop environment."
Back in May, it was revealed that an anonymous donor was giving the GNOME Foundation a cool million bucks. For some in the Linux community -- including yours truly -- there were mixed emotions. On the one hand, it was positive news -- money makes things happen, and it should make the GNOME Project better. On the other hand, the anonymous nature of the donation was troubling -- what if the donor was an evil person or company? GNOME users and developers deserve to know who or what is funding the project, right?
While we still do not know the identity of the donor, we do know how the GNOME Foundation will be putting some of the money to work. The foundation is using part of the funds to hire four additional employees.
I think some people might, upon glancing at Linux Lite's description, pass it off as just another one of the many Ubuntu derivatives. After all, one may wonder what separates Linux Lite from another flavour of Ubuntu running the Xfce desktop, such as Xubuntu.
While Lite does share a lot in common with other members of the Ubuntu family, the project has a lot of little features and special tweaks which left me impressed this week. The distribution includes a very nice and detailed help manual that is easy to navigate and provides a lot of useful information. The manual not only explains how we can do things, but also offers some alternatives and trouble-shooting tips, which I think new users will appreciate. Lite is also very easy to install, it can be set up by basically clicking "Next" a bunch of times in the Ubiquity installer.
While I ran into a few limitations while using Timeshift, I think the idea behind including it is good. I would like to see Timeshift run at a lower priority and offer a way to save snapshots on a remote computer, but otherwise the technology is off to a good start. I'd love to see Lite take Timeshift a step further and integrate it with boot environments.
Mostly though what impressed me with Lite was a combination of the performance and the visual style. Lite is one of the faster, smoother, more responsive distributions I have used this year. I also liked that there was a minimal amount of visual effects, but a maximum amount of detailed, colourful icons, high contrast buttons and fonts I could read without a trip to the settings panel. I get frustrated with minimal, stick-figure icons and buttons that are indistinguishable from labels. Lite looks nice. Not in a flashy way, but in a clear, easy to read, pleasant to navigate way.
As an example of Lite's visual style, I have used Xfce a lot recently. I run it on one computer or another almost every day. And, on an intellectual level, I knew it was possible to adjust the size and dimensions of the Xfce Whisker application menu. But I'd never thought to do it because on every other distribution I have used the menu's resize button is so muted and low-contrast I'd never noticed it before. But on Lite, the resize button stands out and I clicked and dragged the menu to the size I wanted without even thinking about it. This is a very little feature, but one I had never noticed on other distributions, even though it was always there. In my opinion, all of Lite is like that: offering well defined controls that are clear about what they do.
Lite's value, in my opinion, is not in any one big feature or unique offering, but in the way Lite polishes many little things which make it so much more pleasant to use day-to-day than most other distributions. Lite is an operating system I can use consistently without thinking about it, without distractions, without hiccups and without searching for features I suspect are there, but are tucked away. I've used some powerful distributions this year, and some with really neat, unique features; but probably not any that have offered such a smooth experience as I've had this week. That's why the next friend who asks me to come over and fix their messed up laptop is going to get a fresh copy of Linux Lite.
The PCLinuxOS Magazine staff is pleased to announce the release of the July 2018 issue. With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution- NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved. All articles may be freely reproduced via any and all means following first publication by The PCLinuxOS Magazine, provided that attribution to both The PCLinuxOS Magazine and the original author are maintained, and a link is provided to the originally published article.
In the July 2018 issue:
* Texstar’s Heartbreaking Announcement * GIMP Tutorial: Creating A User Bar * PCLinuxOS Family Member Spotlight: KS4UA * Short Topix: Yahoo Pulls The Plug On Messenger * ms_meme's Nook: Goin’ To The Forum * Tip Top Tips: pmwf (Poor Man's Weather Forecast) - Three Day Weather Forecast * Repo Review: QWinFF * YouTube, Part 5 * PCLinuxOS Recipe Corner * Microsoft Buys GitHub: The Good, Bad & Ugly * Net Neutrality: Now What? * And much more inside!
This month’s cover was designed by parnote.
Download the PDF (8.0 MB) https://pclosmag.com/download.php?f=2018-07.pdf
Download the EPUB Version (6.6 MB) https://pclosmag.com/download.php?f=201807epub.epub
Download the MOBI Version (5.2 MB) https://pclosmag.com/download.php?f=201807mobi.mobi
Visit the HTML Version https://pclosmag.com/html/enter.html
The Arch Archive has been cleaned up, the discussion started in this mail thread. The archive server was running out of space and therefore needed some cleaning, all packages which are not required for reproducible builds where removed (and where from 2013/2014/2015). Packages from these years should also be available at the internet archive.
If you are still running Red Hat Enterprise Linux 6 or one of the downstreams like CentOS, Scientific Linux, or Oracle Linux, these benchmarks are for you in showing the performance of Scientific Linux 6.9 vs. 6.10 vs. 7.5 for getting an idea about the current performance of EL6/EL7.
Red Hat's 2018 APAC Partner Conference starts today (10 July) in Bali, until 12 July, and "expects the attendance of more than 225 Red Hat partners, distributors, system integrators, ISVs, OEMs and solution providers".
The two-day conference will kick-off with "keynote presentations by Red Hat executives including Dirk-Peter van Leeuwen, senior vice president and general manager for Asia Pacific and Arun Oberoi, executive vice president for global sales and services, Mark Enzweiler, senior vice president, partners and alliances.
Red Hat Inc, a leading provider of open source solutions, announced at the weekend keynote speakers for the 2018 Red Hat Partner Conference Asia Pacific.
The event will take place in Bali, Indonesia from 10 to 12 July drawing more than 225 Red Hat partners, distributors, system integrators, ISVs, OEMs and solution providers to the popular tourist destination.
Competition to host the event was tight with bids presented by destinations in Vietnam, Macau and Malaysia, all keen to win the high-value conference.
Recently, I hosted a Red Hat webinar titled “Kubernetes is the Platform. What’s next?” during which I highlighted the current Kubernetes architecture and capabilities, some of the new innovation happening within the broader open source community, and how much of this innovation is making its way into Red Hat OpenShift Container Platform.
There were great questions from the audience afterward but due to time constraints, I wasn’t able to get to every one. I’ve tackled the remaining questions below and provided some additional links for details or learning.
There's beaucoup space in Red Hat's downtown Raleigh tower, but the open-source software company is starting to feel a bit squeezed.
When Red Hat moved its headquarters from Centennial Campus to the tower in 2013, it brought 600 employees and had plans to add another 540 over nine years. Five years later, the building now hosts anywhere from 2,000 to 2,200 Red Hatters on any given day, depending partly on how many people elect to work from home, said Allison Showalter, a Red Hat spokeswoman.
As the waves of disruption continue to shake every industry, we’ve hit a new tipping point. Based on conversations I’ve had with executives all over the world, all of whom face these similar challenges, I’ve come to realize that merely tweaking how we work is no longer good enough.
Five years ago, I measured what the most supported MIME type in Debian was, by analysing the desktop files in all packages in the archive. Since then, the DEP-11 AppStream system has been put into production, making the task a lot easier. This made me want to repeat the measurement, to see how much things changed.
Engineered to provide both a small footprint and package selection, the new Minimal Ubuntu operating system is designed and optimized for automated use by the masses on public clouds and the Docker Hub, promising to offer users state-of-the-art security, outstanding performance, stability, and reliability at all times.
If you want to use the smallest possible Ubuntu base image for automated cloud operations on public clouds, you need to use the new Minimal Ubuntu operating system, which is more than 50 percent smaller than the standard Ubuntu Server image and offers up to 40 percent faster booting.
It has been some time since I last reviewed a Linux distribution. That is in large part because I've found that the Linux distribution landscape is not as dynamic as it once was, with fewer new distributions vying for market share, while older established distributions have simply continued to exist and develop. As a result, unless you readers have particular suggestions for distributions that I should review (as long as it can be done via a live USB) or a distribution particularly catches my eye, I will likely be sticking to reviewing Linux Mint each time a new release comes out, until and unless Linux Mint declines in quality so much that I need to start looking for new distributions.
The Raspberry Pi Foundation keeps updating its Debian-based Raspbian operating system from time to time. The developers keep adding new features to make the device a more attractive option for beginners who wish to start learning programming or get into DIYing.
The latest Raspbian update brings a bunch of new features and updates. First things first, this release ships with a new program called “Recommended Software”; the developers are calling it their version of Apple App Store.
I have been meaning to write about my device driver experiments with L4Re, following on from my porting exercises, but that exercise took me along various routes and I haven’t yet got back to documenting all of them. Meanwhile, one thing that did start to bother me was how much space the software was taking up when compiled, linked and ready to deploy.
Since each of my device drivers is a separate program, and since each one may be linked to various libraries, they each started to contribute substantially to the size of the resulting file – the payload – needing to be transferred to the device. At one point, I had to resize the boot partition on the memory card used by the Letux 400 notebook computer to make the payload fit in the available space.
As well as being a test of the reliability and agility of the flying robots themselves, the challenge – which gets harder every time – makes significant demands of the software and communication systems that operate them.
One autopilot software suite in particular has emerged as the preferred choice of the competing teams. It’s open source and more than half of its development effort comes from Australians.
Back to Indico then. The company has produced Enso, an open-source library designed to streamline the benchmarking of embedding and transfer learning methods for a wide variety of natural language processing tasks.
To satisfy the increasing demand for a unified platform for big data analytics and deep learning, Intel recently released BigDL. It’s an open source, distributed, deep learning framework for Apache Spark*.
In the familiar role of the company whose founders start an open source goliath, providers like Databricks risk becoming victims of their own success. In this case, the founders are the ones who created the Spark project; their product or service has it, and so do many frenemies.
Databricks, the company positions itself as the cloud-based analytics platform that "unifies data science and engineering." It boasts a growing partner ecosystem encompassing almost all the usual suspects among cloud platforms; roughly a dozen software partners spanning data preparation, databases, data science, and visualization tools; plus a range of consulting and training providers.
In the wake of the Cambridge Analytica story, I took a hard look at how far I had let Facebook penetrate my online presence. As I'm generally concerned about single points of failure (or compromise), I am not one to use social logins. I use a password manager and create unique logins for every site (and you should, too).
What I was most perturbed about was the pervasive intrusion Facebook was having on my digital life. I uninstalled the Facebook mobile app almost immediately after diving into the Cambridge Analytica story. I also disconnected all apps, games, and websites from Facebook. Yes, this will change your experience on Facebook, but it will also protect your privacy. As a veteran with friends spread out across the globe, maintaining the social connectivity of Facebook is important to me.
The High Court in Auckland has granted injunctions and other relief to open source learning management platform Moodle after a falling out with a former partner.
Free and open source Moodle was created by Martin Dougiamas beginning in 1999 and is based in Perth, Western Australia.
Injunctions have been granted to protect Moodle's trademark from use by former Moodle partners and associates 123 Internet, Moodle Partners NZ, Onlearn Ltd and Gary Trevor Benner.
Although of all of that, it seems that Microsoft still holds the hate given to it from the open source community. Following the announcement, thousands of users were screaming on Reddit, Twitter and all other online platforms about what’s going on...
For those compiling code on AArch64 (64-bit ARM) systems with LLVM Clang and tuning for your particular SoC, the Clang compiler now supports -mcpu=native.
“The excessive demands put forward by Elsevier have left us with no choice but to suspend negotiations between the publisher and the DEAL project set up by the Alliance of Science Organisations in Germany.” That was the verdict of the lead negotiator and spokesperson for the DEAL Project Steering Committee, Prof Dr Horst Hippler, the President of the German Rectors’ Conference, speaking in Bonn, where the last discussion took place this week.
“As far as we’re concerned, the aim of the ongoing negotiations with the three biggest academic publishers is to develop a future-oriented model for the publishing and reading of scientific literature. What we want is to bring an end to the pricing trend for academic journals that has the potential to prove disastrous for libraries as it stands. We are also working to promote open access, with a view to essentially making the results of publicly funded research freely accessible. The publishers should play a crucial role in achieving this. We have our sights set on a sustainable publish and read model, which means fair payment for publication and unrestricted availability for readers afterwards. Elsevier, however, is still not willing to offer a deal in the form of a nationwide agreement in Germany that responds to the needs of the academic community in line with the principles of open access and that is financially sustainable,” said Hippler.
Pandas is an open source library for the Python programming language which provides data structures and data analysis tools. This is a sponsored project by NumFOCUS. It is interesting to visit NumFOCUS to know more about sponsored projects.
This is a small bug-fix with build issue for python 3.7 which is latest version of python and was released few weeks ago only. Thanks to pandas team for excellent work to resolve the issue in single day and release done on saturday.
Steve Ditko, the reclusive comic book artist who co-created Marvel’s Spider-Man and Doctor Strange, was found dead in his New York City apartment on June 29th, according to The Hollywood Reporter. He was 90 years old.
By the 1970s, DuPont and 3M had used them to develop Teflon and Scotchgard, and they slipped into an array of everyday products, from gum wrappers to sofas to frying pans to carpets. Known as perfluoroalkyl substances, or PFAS, they were a boon to the military, too, which used them in foam that snuffed out explosive oil and fuel fires.
It’s long been known that, in certain concentrations, the compounds could be dangerous if they got into water or if people breathed dust or ate food that contained them. Tests showed they accumulated in the blood of chemical factory workers and residents living nearby, and studies linked some of the chemicals to cancers and birth defects.
Now two new analyses of drinking water data and the science used to analyze it make clear the Environmental Protection Agency and the Department of Defense have downplayed the public threat posed by these chemicals. Far more people have likely been exposed to dangerous levels of them than has previously been reported because contamination from them is more widespread than has ever been officially acknowledged.
Moreover, ProPublica has found, the government’s understatement of the threat appears to be no accident.
The EPA and the Department of Defense calibrated water tests to exclude some harmful levels of contamination and only register especially high concentrations of chemicals, according to the vice president of one testing company. Several prominent scientists told ProPublica the DOD chose to use tests that would identify only a handful of chemicals rather than more advanced tests that the agencies’ own scientists had helped develop which could potentially identify the presence of hundreds of additional compounds.
A resolution to encourage breast-feeding was expected to be approved quickly and easily by the hundreds of government delegates who gathered this spring in Geneva for the United Nations-affiliated World Health Assembly.
Based on decades of research, the resolution says that mother’s milk is healthiest for children and countries should strive to limit the inaccurate or misleading marketing of breast milk substitutes.
Then the United States delegation, embracing the interests of infant formula manufacturers, upended the deliberations.
Otherwise, if such a folder is not found on the targeted computer, a miner module is downloaded which creates a VBS script for mining Monero or Dashcoin Cryptocurrency.
Almost all of us have heard about SELinux. It stands for Security-Enhanced Linux, a set of kernel modifications, patches, tools which separates the security decisions security policy. In simpler terms, the control of access to security policies including Mandatory Access Control (MAC) away from the security policies itself.
Josh and Kurt talk about the Gentoo security incident. Gentoo did a really good job being open and dealing with the incident quickly. The basic takeaway from all this is make sure your organization is forcing users to use 2 factor authentication. The long term solution is going to be all identity providers forcing everyone to use 2FA.
Hackers by employing a MacOS malicious program target people investing in crypto-currencies who utilize both chat platforms namely Discord and Slack. Dubbed OSX.Dummy, the malicious program utilizes a rather crude infection technique, however, PC operators that get successfully compromised get their systems to execute random code via remote operation.
One blog post dated June 29 by Digital Security's chief research officer Patrick Wardle indicates that with a successful connection with command-and-control server of the attacker, the latter would manage running commands arbitrarily onto the contaminated PC. Security researchers from UNIX were first to find clues about the malicious program some days back. According to Remco Verhoef, top researcher who made a blog post dated June 29 on SANS' InfoSec reporting his discoveries, the past week witnessed several assaults sequentially against MacOS.
One of the oft-repeated reasons for using alternative operating systems is the suggestion that alternatives to Windows are more secure because malware is not produced for these minority systems—in effect, an argument in favor of security by minority. For a variety of reasons, this is a misguided notion. The proliferation of web-based attacks—which are inherently cross-platform, as they depend on browsers more than the underlying OS the browser runs on—makes this argument rather toothless.
[...]
While WellMess is far from the first malware to run on Linux systems, the perceived security of Linux distributions as not being a significant enough target for malware developers should no longer be considered the prevailing wisdom, as cross-compilation on Golang will ease malware development to an extent for attackers looking to target Linux desktop users. As with Windows and macOS, users of Linux on the desktop should install some type of antivirus software in order to protect against malware such as WellMess.
Disclaimer: I created PfP: Pain-free Passwords as a hobby, it could be considered a LastPass competitor in the widest sense. I am genuinely interested in the security of password managers which is the reason both for my own password manager and for this blog post on LastPass shortcomings.
TL;DR: LastPass fanboys often claim that a breach of the LastPass server isn’t a big deal because all data is encrypted. As I show below, that’s not actually the case and somebody able to compromise the LastPass server will likely gain access to the decrypted data as well.
According to the latest threat 2018 National Exposure Index from analytics solutions provider Rapid7, the US scored the highest in nearly every exposure metric measured and along with China, Canada, South Korea, and the United Kingdom. Together they control more than 61 million servers listening on at least one of the surveyed ports.
It is one of the world’s oil “choke points,” which sees around 5% of the world’s oil supply and 10% of world trade float past every day.
One final thought. I trust that Dawn Sturgess will get a proper and full public inquest in accordance with normal legal process, something which was denied to David Kelly. I suspect that is something the government will seek to delay as long as possible, even indefinitely.
The Russian Embassy in the United States has asked the Central Intelligence Agency (CIA) to update the map of Russia that the agency had posted on Twitter by marking the Crimean peninsula as the Russian territory.
CIA posted some facts about Russia and Croatia on Saturday, when the two countries were facing each other in the quarter-finals of the 2018 FIFA World Cup currently held in Russia. The US agency posted a map of Russia, with Crimea marked as part of Ukraine, although the peninsula's residents rejoined Russia in 2014 after a referendum.
The Crimean peninsula once again became a stumbling block in Moscow’s relations with the United States after the Russian embassy in Washington took issue with the CIA for not including the annexed territory as part of Russia in its World Cup factsheet.
Russia seized Crimea from Ukraine in 2014. The United States and other allies have refused to recognize the annexation, and levied sanctions against Russia for the action.
Police open murder investigation, say same nerve agent was used against ex-Russian spy and his daughter in March
An exchange on June 28 in the parliament, prompted by questions from Green senator Andrew Bartlett, underscored the fact that Australia’s sweeping new “foreign interference” laws have immense implications, not only for whistleblowers, but for the right of media organisations to publish leaked information. Aspects of the legislation, relating to espionage and secrecy, appear to call into question what millions of Australians consider to be fundamental democratic rights and the freedom of speech. Bartlett highlighted remarks made in an interview by Liberal-National Coalition government member Andrew Hastie—the former special forces officer who chairs the Australian Parliamentary Joint Committee on Intelligence and Security, which drew up much of the legislation.
[...]
Seselja’s “explanation” raises staggering questions about the right to whistleblow on government criminality, and the right of the media to publish leaks that reveal it. The legislation defines “national security” in the most sweeping terms. It includes, for example, the “protection of the integrity of the country’s territory and borders from serious threats” and, “the country’s political, military or economic relations with another country or other countries.” “Foreign principal” is likewise defined in a broad and vague fashion. It includes foreign governments, bodies, state-owned entities and political organisations.
A “foreign political organisation” is defined as everything from a “foreign political party” and a “foreign organisation that exists to pursue political objectives.”
I took half an hour out yesterday from building the Doune the Rabbit Hole site to take part in a worldwide broadcast in support of Julian Assange. You can see me here on YouTube from 3 hours and 43 minutes in, though you may prefer to watch Slavoj Zizek who is on just before me.
The fact that I could broadcast video to people all over the world from a beautiful but remote field in the shadow of the Trossachs, via a mobile phone connection, is an example of just why the state and corporate media can no longer dominate the narrative with their propaganda. That is the main subject of my brief talk.
With an impressive 732,000 Twitter followers, Megaupload founder Kim Dotcom is no lightweight on the social networking platform. Unfortunately, however, some people are trying to exploit the entrepreneur's popularity in order to scam cryptocurrency from the public. Thankfully, the tricks of the criminals are easily avoided.
At their 25th bilateral summit, in Brussels on 11 July, the EU and Japan will sign their strategic partnership agreement, that will govern their relations on the political level in the future in the sectoral domain and as regards international cooperation in the face of global challenges (peace and security, sustainable development and climate change). The will also sign their economic partnership agreement, which was concluded in December 2017 and which will establish free trade between the two partners.
In the face of the USA’s inward-looking protectionism and its disengagement at multilateral level, "these two agreements are a clear sign in favour of an international order founded on rules and against protectionism", a senior European official stated on Thursday 5 July.
The EU and Japan "hope to ratify their economic partnership agreement swiftly, for implementation in early 2019", the official said. In order to do this, the agreement will have to be approved by the European Parliament and the Japanese Diet.
On the European side, this free trade agreement will, in the long term, remove 99% of the customs duties applied to EU exports to Japan. These currently stand at nearly €1 billion. The agreement will create important new openings for the EU in the areas of agriculture, services and public procurement, and it will ensure the protection of European geographical indications in Japan. The agreement is based on the highest standards in terms of labour, safety, the environment and consumer protection. It is also the first trade agreement including a specific commitment to the international climate agreement concluded in Paris in 2015.
The World Bank is in the process of completing its “World Development Report 2019: The Changing Nature of Work” and, surprisingly, the latest draft version opens with quotes from Karl Marx and John Maynard Keynes. Has the World Bank suddenly lost sight of its purpose and will now take up the cause of working people?
Well, you already know the answer to that question, didn’t you?
Only a few paragraphs down we begin to see where this paper is heading. After a bit of perfunctory hand-wringing over disruptions caused by robotics, we read the problem is “domestic bias towards state-owned or politically connected firms, the slow pace of technology adoption, or stifling regulation.” And although some jobs are disappearing, fear not because “the rise in the manufacturing sector in China has more than compensated for this loss.”
Oh, so we should all move to China to get new jobs.
Never mind that the highest minimum wage for Chinese workers, that mandated in Shanghai, is $382 per month. In some places the minimum wage is half that, if workers are fortunate enough to be paid regularly. And that millions of rural Chinese are being driven into cities to become sweatshop workers, so for now there won’t be enough work for the rest of the world. Then again, letting bosses have the upper hand is what the World Bank has in mind. No, its economists haven’t forgotten what the institution’s purpose is nor why it exists.
It was predictable that news of the planned July 16 meeting between Presidents Trump and Putin would be greeted with displeasure in many sectors of the western world, and especially by the military-industrial complex. Trade is most important to its oligarchs — but peace and friendship come way down their page of priorities, because it is enmity and distrust that lead to lucrative sales of weapons.
President Trump appears to be looking the other way from Morocco’s occupation of Western Sahara in the pursuit of World Cup politics.
The Associated Press recently reported that, “The 2026 World Cup contest has been engulfed in intrigue about whether Donald Trump’s rhetoric on immigration and foreign policy will cost North America votes. What’s barely talked about is the impact of a territorial conflict that is impeding Morocco’s bid.”
More plainly, this “territorial conflict” is barely being talked about, period.
It is now a commonplace among supporters of our membership of the EU that, on the Remain side in the referendum, there was a disastrous absence of emotional appeal. I did not understand it then, and I do not understand it now. Europe has always been important to me, because it has shaped me. Europe has been threaded through my life, sometimes consciously, sometimes subconsciously, since my birth.
My father had to seek out a new career during the Second World War, having seen his Swansea pharmacy and his home destroyed in the blitz. My earliest memories of political events, as a 12-year-old, were around Britain’s Suez debacle and, in the same year, the Soviet invasion of Hungary. As a teenage schoolboy my first overseas visit was to Rome in 1960 to see the Olympic Games, having had first to measure out a meagre ration of foreign currency. In the sixties, as a student at Oxford, and long before de Gaulle’s veto on our membership, I heard Edward Heath lecture persuasively on Europe. The same year student friends and I drove across Europe in a battered van through what was then Yugoslavia to Greece. The plight of the Balkans and of Greece meant so much more as a result.
As for Russia, it said the country’s population is 142.3 mln people, while its total area is 17,098,242 square kilometers. The CIA failed to take into account the area and population of Crimea and the city of Sevastopol, which reunited with Russia in 2014 after a referendum held there.
Boris Johnson has resigned as foreign secretary, becoming the third minister in 24 hours to walk out of the government rather than back Theresa May’s plans for a soft Brexit.
The prime minister hammered out a compromise with her deeply divided cabinet in an all-day meeting at Chequers on Friday, but after consulting friends and allies since, Johnson decided he could not promote the deal.
A Downing Street spokesman said: “This afternoon, the prime minister accepted the resignation of Boris Johnson as foreign secretary. His replacement will be announced shortly. The prime minister thanks Boris for his work.”
After the Chequers summit, it emerged that Johnson had referred to attempts to sell the prime minister’s Brexit plan as ‘polishing a turd’.
But Twitter also has administrators: a small group of real and fallible human beings. And this is where the trouble starts. In their efforts to disrupt the world, the masters of Silicon Valley are finding it harder and harder to stand apart from the politics of it.
[...]
Soon enough, user accounts were being deactivated for simply sharing a link to the Splinter story—the kind of escalation typically used to block the spread of terrorist propaganda. Eventually, users were deactivated for merely noting the deactivation of other users. In an ironic twist, alt-right activists—many previously banned from Twitter for their embrace of violent white nationalism—returned to the platform long enough to help hunt down and report the offending users.
It was great to see such a good turnout in Parliament Square on Wednesday protesting Labour MP Sarah Champion’s well-meaning but misguided attempt to protect victims of sexual exploitation by suggesting that we could follow Trump’s method and madness by banning all websites where sex workers advertise.
Justice Department attorneys have asked a federal judge to extend by two weeks their response to a lawsuit that challenges the constitutionality of FOSTA and seeks a preliminary injunction over the new law.
Woodhull Freedom Foundation and other plaintiffs sued the government last month following President Trump signing FOSTA into law in early April.
I chose to do sex work, and choose to write about it, from a place of privilege. My story is not everyone’s but it is not especially unique. I used my privilege, in addition to online platforms and the culture of consent they created to keep myself physically and psychologically safe. Not all sex workers have had access to those tools. And after the passage of SESTA/FOSTA now none of us do.
Back in February MoltenVK was open-sourced as part of The Khronos Group and Valve working harder to get Vulkan working on macOS/iOS by mapping it through to using Apple's Metal Graphics/Compute API. The most notable user of MoltenVK on macOS to date is the Vulkan Dota 2 on Mac, but for those looking to use this Vulkan-to-Metal framework on iOS, it looks like Apple might be clamping down.
We were alerted today by an indie game studio that one of their iOS games is now rejected by Apple over its MoltenVK usage. Specifically, the game was rejected for "non-public API" usage. Apple's rejection letter cites the use of non-public interfaces around IOSurface, which is used directly by MoltenVK.
The Montreal International Jazz Festival broke its silence Sunday on its decision to cancel a controversial show featuring a white woman singing songs composed by black slaves, denying the decision was an act of censorship.
Festival CEO Jacques-Andre Dupont said the decision to abruptly cancel SLAV partway through its run was made for “a mix of technical and human reasons,” including security concerns raised by the escalating vitriol surrounding the show.
It’s 50 years since the Theatres Act 1968 came into force, abolishing state censorship of the British stage and enshrining the right of free expression in theatrical works.
Censored! Stage, Screen, Society at 50, a new display at the V&A, explores the impact the abolition of state censorship had on theatrical creativity while also asking the question of how free we really are in what we can stage.
Bilal Abdul Kareem is an American journalist, reporter, and documentary filmmaker. He is known for reporting from the Syrian rebel-controlled territory near Aleppo since 2012. He was born in 1970 in the US state of New York. His career as a host of video programs did not begin in Syria. Before traveling to Syria, he made a film in Libya, whose government was overthrown in a 2011 NATO bombing campaign. In Libya, Abdul Kareem wrote on his website, “I met many respectable Islamic fighters calling for Islamic law.
The internet blackout in parts of Tamil Nadu following the death of 13 people in police firing in Thoothukudi in May is a perfect illustration of the inadequacy of India’s Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules, 2017, to prevent online censorship. Framed under the archaic Telegraph Act (1885), these rules give Union and state governments sweeping powers to suspend internet services, without seeking accountability and transparency.
After the May 22 police firing and deaths, in a two-page order marked “Top Secret”, the state government compelled telecom service providers to cut off the internet for five days in Thoothukudi and adjoining districts to prevent what it termed “proactive messages” and “rumours with half-truth” from spreading through social media. But the timing, design and execution of the order indicate that rather than addressing a public emergency, it was a concerted attempt to prevent the free flow of information.
While the technology might seem innocuous to some, it could be used to track undocumented immigrants or black activists. Even the workers at Amazon have written a letter to the company’s CEO Jeff Bezos and asked him to curb this project as there’s no need to wait and see if the agencies end up misusing the technology.
Join us Monday 23 July for a FREE workshop with ORG legal consultant Alex Haydock about two tech projects by Open Rights Group and Projects by IF.
A digital map has been broadcasting the whereabouts of Britain’s secret service agents including MI6, MI5 and GCHQ workers’, the second incident of this kind to spark security concerns.
Polar - a Finnish fitness tracker company with offices in the UK and America - said it is "tweaking" its fitness tracking app, after researchers warned that it was possible to identify personnel at sensitive government locations and facilities, dating as far back as 2014.
For the second time this year, a fitness app is to blame for revealing the locations of people working at military bases, intelligence agencies and other sensitive sites as well as pinpointing those users’ homes.
The fitness app Polar Flow allows users to share the GPS locations of where they are exploring – aka exercising; that’s supposedly a feature and not a flaw. Yet the API could be queried to reveal users’ fitness activities, their locations, their homes – as it is often where people would turn on and later off the tracking when beginning and ending a workout – and some additional sleuthing revealed even users’ names.
Polar makes an online map available to its users and displays all their exercise routes and locations since 2014. According to an investigation by Bellingcat and De Correspondent, that map can also be used to let “anyone” find the names and addresses of military and intelligence agency personnel, as well as names and addresses for “personnel at nuclear storage facilities, maximum security prisons, military airports where nuclear weapons are stored, and drone bases.”
In my limited sample size, the complaints about Facebook were less about misinformation on the platform or the proliferation of ads. They seemed more basic than that: relatives writing distasteful posts about politics or acquaintances oversharing about their personal lives. For the first time, I noticed people were making excuses as to why they were even on Facebook anymore as though it was an embarrassing vice.
It’s turned dating into a bad sci-fi film, with participants trying to enhance photos for hidden ice-breaker opportunities.
Charges brought by the U.S. government against more than 200 people who protested on the day Donald Trump was inaugurated President were abruptly dropped today.
The government's case amounted to threatening 234 people with a maximum sentence of 70 years in prison for 6 broken windows. It's great that reason prevailed. It's not great that it took a year and a half, and that exercising their right to free speech cost these people so much.
Abu Zubaydah, a Saudi Arabian native and the first victim of the CIA’s torture program, has never been charged with a crime. But he has been detained by the United States for more than 16 years, much of that time at Guantánamo Bay. The U.S. government’s explanation for why it has detained Zubaydah, that he was a top member of al-Qaeda, has been discredited. He remains in custody, however, and has not been permitted to plead his case for exoneration and freedom.
Yet, in late May, nearly 5,000 miles from Guantánamo Bay, Abu Zubaydah achieved a measure of justice, albeit small. The European Court of Human Rights (ECHR) ruled that Lithuania was legally responsible for violating Zubaydah’s rights by allowing the CIA to detain him at a secret site in the country.
A RECENTLY released report of the UK Intelligence and Security Committee of Parliament under the chairmanship of conservative MP Dominic Grieve QC has received remarkably little media coverage in Australia. There are a number of reasons to be concerned about the information contained within the report, not least because it raises serious questions about the level of Australian complicity in the behaviour described in the report. Following the events of September 11, 2001 the administration of US president GW Bush announced its ‘war on terror.’ Components of this ‘war’ including the setting up of secret and not so secret detention camps. Prisoners were ‘rendered’ (ie kidnapped) to these camps where many have been held indefinitely, without trial, without due process of law, and as the UK report makes clear, tortured. Information gained by torture, or enhanced interrogation as it was euphemistically described, was then shared by the US with its allies. Two Australian citizens, David Hicks and Mamdoub Habib, were victims of this process.
In a recent article in Open Democracy Mark Perryman argues that for a Left politics to succeed it must engage with popular culture and, for example, “translate what we see on the pitch into the changes beyond the touchline we require of a more equal society”. He moves on to notice the increasing multiculturalism of World Cup teams as a symbolic mark for the beginning of a journey away from racism.
A day after the article appeared we were confronted with something decidedly less hopeful in the run up to the England-Colombia football game - the Sun’s “GO KANE” front page, referencing both English striker Harry Kane and Colombia’s link to the cocaine trade. Even following the subsequent victory, the Daily Mail chose to headline their coverage by singling out one of England’s black players, Raheem Sterling, for criticism.
We should not be surprised and we should brace ourselves for worse, indeed do so in direct proportion to Britain’s subsequent victories. As Pratt and Salter put it, hyper-commoditised, spectacular football – exemplified in its World Cup and Euro-Cup varieties – has long been “a meeting point for a variety of social conflicts, hostilities and prejudices” [1]. As social media is currently observing, for example, instances of domestic and racist violence increase exponentially during football matches.
This is how it ends for the DOJ, which has largely lost its bids to install a chilling effect via over-broad "rioting" prosecutions. While it's true property was damaged during the protests, rounding up a couple hundred protesters is the opposite of targeted prosecution. If the DOJ hadn't been shutdown in its attempt to amass personal information on more than a million website visitors and Facebook members, the number of defendants would have been even bigger. The eventual dismissals would also have skyrocketed, so the government probably should be happy it walked away with anything at all.
Sprint and T-Mobile last week went before Congress to literally argue that fewer competitors in the wireless space will magically result in... more competition in the wireless space. The two companies are trying to gain regulatory approval for their latest $23 billion merger attempt, the second time in four years this particular deal has been attempted.
The companies' previous merger attempt was blocked in 2014 after regulators noted that removing one of just four major carriers would result in a proportionally-lower incentive to actually compete on price, something that's really not debatable if you've paid attention to telecom and broadband industry history. That's especially true in Canada, where consolidation to just three players has resulted in some of the highest mobile data prices in the developed world. AT&T's attempt to acquire T-Mobile in 2011 was blocked for the same reason, a move that many forget resulted in T-mobile being more competitive than ever.
The New Zealand Commerce Commission has taken a preliminary decision to retain the power to regulate mobile roaming in the country, in the event that it is required in future.
The predators hiding behind the photograph or fake webcam video of an attractive woman are almost always men too. The scammer could be an old flame, a neighbour or a honey trap most likely in the Philippines or Nigeria. “Although the easiest way to trace them is through the servers, most scammers use virtual private networks and ask for money in bitcoin and overseas accounts that makes it challenging for us,” says Rajput.
The big IP news out of China last week was an injunction won by chipmakers UMC and Fujian Jinhua Integrated Circuit against US competitor Micron. American media outlets have identified the Idaho-based company as a victim of the ongoing US-China trade war. Looking at it in conjunction with cases and statistics previously reported in IAM, that may not be far from the truth. The underlying dispute between the three parties goes right to the heart of the issues raised by the Trump Administration in its Section 301 investigation of China, which played a key role in sparking recent trade tensions.
The Federal Court of Justice held that the correct assessment of the involvement of an inventive activity requires that the problem is first identified without knowledge of the invention.
The CJEU noted that it is true that EUIPO’s bodies are not automatically bound by previous decisions. Accordingly, each application must be assessed on its own merits. However, that does not mean that that those bodies are relieved of the obligations arising from the principles of sound administration of justice and equal treatment.
The GC was thus right to consider that, in such circumstances, EUIPO’s bodies could not satisfy their obligation to state reasons by merely stating that the lawfulness of EUIPO’s decisions must be assessed solely on the basis [of the previous applicable Regulation No 207/2009] and not on the basis of its earlier decision-making practice.
In light of all the aforementioned arguments, the CJEU concluded that the GC did not disregard the principle of sound administration and in particular the obligation to state reasons for its decisions.
Karry Lai speaks with the luxury brand’s civil enforcement head in China on tackling imitation counterfeits and strategies for trade mark protection
As reported, Amazon now has for sale on its online marketplace approximately 100 private brand labels, 60 of which have been introduced during the past year alone. But few such products are sold under the "Amazon" brand, with most being sold under such names as “Spotted Zebra” (children’s clothes), “Good Brief” [Merpel says— “Not a bad name at the descriptive/suggestive trademark divide for men’s underwear"], “Wag” (dog food) and ‘River” (home furnishings). Interestingly, some of these private label products can only be purchased by customers who pay an annual subscription fee to sign up for Amazon Prime.
Behind what the article describes as a bevy of “anodyne” private label names lies the prediction for massive growth by Amazon in the private label industry. Amazon is said to anticipate that, within a couple of years, up to 50% of all on-line shopping will be carried out on its platform, translating, according to the estimate of one analyst (SunTrust Robinson Humphrey), into potential revenue of up to $25 billion dollars within four years. Not impressed by that number? Consider that $25 billion is reported to equal all of Macy’s 2017 revenue.
These projects are not in fact an alternative: Sci-Hub started providing access to paywalled papers that could not be found anywhere on the Internet, because distributing them is illegal, while solutions like Unpaywall provide access to papers that are already available on the Internet, which is a huge difference.
Sci-Hub always intended to be legal, and advocated for the copyright law to be repealed or changed, so that it will not prohibit the development of science.
Earlier this year, a coalition of Canadian media groups including Bell, Rogers, Quebecor, and the Canadian Broadcasting Corporation, presented a controversial proposal to the Canadian telecommunications regulator to implement a website-blocking system and independent agency to respond to online piracy. While the “FairPlay Coalition” is seeking additional tools to respond to piracy and copyright infringement, the recent legal struggles of Canadian software developer and founder of TV Addons, Adam Lackman, illustrate the effective and severe tools currently available through Canadian courts. Lackman’s experience highlights the potentially severe consequences of being sued for copyright infringement, even before claims have been heard by the courts and tried on their merits.