On this episode of This Week in Linux: Linus Torvalds gave his opinion on Wireguard, Lubuntu Takes a New Direction, LineageOS launches their annual Summer Survey, and Hiri’s Experience with Selling on Linux. Then we’ll check out some distro news from Slackware, OpenWRT, Ubuntu LTS, and RebeccaBlackOS. Later in the show, we’ll look at the new NetSpectre vulnerability varient, Forbes’ 5 Reasons to Switch to Linux, a really interesting blog post from the KDE Team about Plasma’s Engineering and finally we’ll check out some Linux Gaming news. All that and much more!
Another security hardening measure coming to the Linux kernel is STACKLEAK.
Kees Cook of Google queued STACKLEAK into one of his feature branches that will be sent in for the upcoming Linux 4.19 kernel.
While the controversial Speck crypto support was added to Linux 4.17 and with Linux 4.18 it's being exposed via fscrypt for a disk encryption option, which Google intended to be used on low-end "Android Go" devices that don't have CPUs with capable native encryption extensions, instead Google is backtracking.
One of the interesting patch series in the works is the "PSI" work by Johannes Weiner of Facebook.
PSI in this context is actually Pressure Stall Information. This information to be exposed by future versions of the Linux kernel make it possible to quantify resource pressure on the system across CPU, memory, and I/O -- including within cgroups.
Following a one week delay, the Linux 4.18 kernel is set to be released this coming weekend. In case you forgot about the new features and improvements since the Linux 4.18 cycle kicked off back in June, here's a look back at some of the most prominent additions for this latest kernel version.
Security researchers are warning Linux system users of a bug in the Linux kernel version 4.9 and up that could be used to hit systems with a denial-of-service attack on networking kit.
The warning comes from Carnegie Mellon University's CERT/CC, which notes that newer versions of the Linux kernel can be "forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (DoS)".
The Linux kernel has been hit with a TCL flaw that was recently discovered by security researcher Juha-Matti Tilli. Assigned CVE-2018-5390, this flaw could be exploited by malicious actors to trigger a resource exhaustion attack using an available open port. This flaw, named SegmentSmack by Red Hat, affects the Linux kernel 4.9 or above.
Now that Google will not be using the Speck crypto code for disk encryption on low-end Android devices but instead developing "HPolyC" as outlined in the aforelinked article, a plea has already been submitted to remove the current Speck code from the mainline Linux kernel.
Following yesterday's mailing list announcement that Google has changed its mind on using Speck and instead investing in a new option, Linux developer Jason Donenfeld took the liberty of issuing a "request for comments" on removing the Speck crypto code. Donenfeld is the developer that's been working on WireGuard and the new Zinc crypto library.
A few days ago we covered Enhanced IBRS as mitigation against Spectre attacks being added to Linux 4.19 kernel, and now we just found out that another security hardening measure, known as STACKLEAK, is being added to the Linux 4.19 kernel as well.
Filament is a physically-based rendering engine that has now been open-sourced by Google for Android, Linux, macOS, and Windows systems.
This physically-based rendering engine is designed to be as small and efficient as possible so that it can scale down and run with ease on Android-based systems. Filament is written in C++ and requires the use of the LLVM/Clang compiler, supports OpenGL 4.1+ / OpenGL ES 3.0+ / Vulkan 1.0 for rendering back-ends, supports a wide range of rendering capabilities, and all-around looks like quite an exciting PBR engine.
The i3-inspired Sway Wayland compositor had already introduced many features ahead of Sway 1.0 while with today's fifth alpha release are yet more new features to advertise.
Sway 1.0 Alpha 5 was released today and while it's just a few weeks past the alpha 4 milestone, there are more than 250 changes and a number of new features.
Following last week's PHP 7.3 beta release, which also marks the feature freeze for this next PHP7 update, I've been running some performance benchmarks on a couple different Linux systems.
My latest PHP 7.3 benchmarks using the first beta copy jive with my earlier PHP 7.3 benchmarks showing this next PHP7 iteration being a nice evolution to the performance and continuing to run much better than during the PHP5 days.
It is a Python module which helps to write faster and simple tests involving HTTP requests. It records all the HTTP interactions in plain text files (by default in a YAML file). This helps to write deterministic tests, and also to run them in offline.
If you have been following our posts, we published an article that lists the best online terminal platforms for learning how to work with the Linux not too long ago.
I hear you ask “how are online Linux terminals different from online Bash editors?” – well, for starters, bash editors are the best apps to use for creating and executing bash scripts and some online terminals don’t even allow you to work with local files and save data.
If you want to go beyond the beginner-level scripting then a bash editor is what you need and below is our list of the best online platforms you can use right from your browser.
Dicey Dungeons is a new roguelike from Terry Cavanagh, Marlowe Dobbe, and Chipzel that seems quite simple, until you start getting further in and it becomes quite addictive.
I've been silently following it for a while, as a fan of Cavanagh's previous games like Super Hexagon and VVVVVV I've been quite curious to see what it's like. Today, he put out a new build with fresh art from Marlowe Dobbe and music from Chipzel so it seemed like a good time to jump on in.
What surprised me the most, is how deceptive the game is with its initial simplicity. You move around a really basic board, battling anyone you land on as you move. In terms of style and overall presentation, it's incredibly simple, but in terms of gameplay it's something else entirely.
Xenko, a game engine owned by Silicon Studios has officially released its third version on August 2. The major change in Xenko 3.0 is the transition to being open-source. It also comes with changes made to the project system and added support for videos as well as hair, and skin rendering.
One of the nicest things about Linux (and open source software in general) is the freedom to choose among different alternatives to address our needs.
I've been using Linux for a long time, but I was never entirely happy with the desktop environment options available. Until last year, Xfce was the closest to what I consider a good compromise between features and performance. Then I found i3, an amazing piece of software that changed my life.
I3 is a tiling window manager. The goal of a window manager is to control the appearance and placement of windows in a windowing system. Window managers are often used as part a full-featured desktop environment (such as GNOME or Xfce), but some can also be used as standalone applications.
One of the coolest new features of the KDE Plasma 5.14 desktop environment, as developer Nate Graham notes in his latest usability and productivity report, is the ability to upgrade your computer's firmware through the Plasma Discover graphical package manager, which is installed by default and helps KDE Plasma users update their GNU/Linux distributions and KDE applications.
The ability to upgrade your computer’s firmware recently landed in the Plasma Discover package manager and was implemented by developer Abjiheet Sharma. KDE Plasma 5.14 looks to be the first release of the open-source desktop environment to ship with this features, as it doesn't look like it will be backported to Plasma 5.13.
What comes with it though is that we’ll also be publishing the flatpak and Mac OS nightlies there from now on. The CI that is building those nightlies will be integrated eventually, but that job is not complete just yet.
In my previous post I played with the team size and activity metrics on several communities and see what would come out of it. Interestingly, to me this wasn't necessarily the most interesting of what I posted (it's rather basic in what it presents) but somehow it's the one which triggered the most comments, especially in the KDE community. Looks like I struck a nerve. :-)
Anyway, it got quite a lot of good comments, so I thought it deserved a follow-up post with a different tone. For the record, I generally try to avoid putting too much of my own personal opinion in posts where I present metrics. I think it's sane to try to shield facts on the data from my biased position. It's obviously super hard, if not impossible. Indeed, at a minimum I'm forced to mention potential events in the time frame considered (if I know them)... it's risky, but still I do it because otherwise things would be just very dry and super annoying to read! And I think that's why the previous post struck a nerve, but more on that below.
While GNOME Software has long offered integration with Fwupd for offering firmware upgrades on supported devices, KDE Discover has now received similar functionality.
Being worked on this summer by Abhijeet Sharma as a Google Summer of Code (GSoC 18) project is a fwupd back-end for Discover to handle firmware updating. Firmware upgrades can now happen via Fwupd while integrating nicely with Discover and offering notifications on new upgrades being available. Details on the effort can be found via this KDE GSoC Wiki page.
We’ll be participating and presenting Chakra in the KDE Distro BoF, where there will be “short introductions for GNU/Linux distributions and open discussion on distribution-related topics”.
Akademy 2018 is less than a week away. Apart from meeting up again with friends and colleagues, the KDE community has another reason to be joyful: this year we have broken the record for the number of sponsors for the event. Although there have been many sponsors of Akademy over the years, never have there been so many at one time.
Eike Hein, Treasurer of the KDE e.V. board, believes that the extra influx of sponsors is thanks to "KDE software being loved again." Eike points out that Plasma is reaching more kinds of devices every day, attracting larger communities and more hardware manufacturers -- some of which will be at Akademy this year. KDE applications are also becoming more mainstream and reaching larger audiences. Krita and Kdenlive, for example, are making inroads within the community of graphical artists, raising awareness of KDE in a whole new sector of end users. Kirigami is becoming the go-to framework for projects that need convergence on desktop and mobile devices.
"I would also attribute the increase in support to the fact that KDE actively engages with partners" says Eike. A case in point is the Advisory Board. The Advisory Board makes organization-to-organization interaction more rewarding and helps build a stronger network of like-minded Free Software associations and companies. Through the Advisory Board, KDE can better reach and support a larger communities, which in turn reinforces KDE's position within Free Software.
According to Richard Hughes, who officially welcomed Lenovo to LVFS, tens of thousands of Linux users will soon receive automatic firmware updates in the coming weeks either through the GNOME Software graphical package manager or by running the fwupdmgr update command in a terminal emulator.
In the coming months, hundreds of thousands of Linux users will also receive automatic firmware updates for their Lenovo computers as the team of developers behind the Linux Vendor Firmware Service initiative will move numerous Lenovo models from the testing channels to the stable ones.
Read more
It’s been a while after my last post. This time, we have many exciting news to share. For one, we have a new release of GNOME Keysign which fixes a few bugs here and there as well as introduces Bluetooth support. That is, you can transfer your key with your buddy via Bluetooth and don’t need a network connection. In fact, it becomes more and more popular for WiFis to block clients talking to each other. A design goal is (or rather: was, see down below) to not require an Internet connection, simply because it opens up a can of worms with potential failures and attacks. Now you can transfer the key even if your WiFi doesn’t let you communicate with the other machine. Of course, both of you need have to have Bluetooth hardware and have it enabled.
Fractal is a Matrix client for GNOME and is written in Rust. Matrix is an open network for secure, decentralized communication.
The GSoC coding period just ended. I would first like to apologize for not updating about my work. I am working on improving Todo.txt and Todoist integration to GNOME To Do. During the coding period, a lot of improvements were added to Todo.txt and Todoist and in this blog post I write about my journey and describing the implementation details.
I’ve more or less just returned from this year’s GUADEC in Almeria, Spain where I got to talk about assessing and improving the security of our apps. My main point was to make people use ASan, which I think Michael liked ;) Secondarily, I wanted to raise awareness for the security sensitivity of some seemingly minor bugs and how the importance of getting fixes out to the user should outweigh blame shifting games.
The developers behind the Netrunner Linux operating system announced over the weekend the availability of a new Rolling release with all the latest KDE technologies and recent software updates.
Netrunner Rolling 2018.08 is here as the second installment for 2018, incorporating the KDE Plasma 5.13.3 desktop environment, along with the KDE Applications 18.04 and KDE Frameworks 5.48 software suites compiled against the Qt 5.11.1 application framework, as well as the Firefox Quantum 61.0 web browser, Mozilla Thunderbird 52.5 email and news client, and Krita 4.1.1 digital painting app.
"Despite the hot summer in most of Europe, the Netrunner Team is happy to announce the immediate availability of Netrunner Rolling 2018.08 – 64bit ISO," reads today's announcement. "2018.08 comes with some new Plasma Theme that has some transparency built in to allow for experimenting with the new Blur options. It also features a new default wallpaper style, because… why not."
After hitting 1.0 in October of last year and being shipped as generally available (GA) in OpenShift 3.9, CRI-O has reached another important milestone—it’s now being used in production for many workloads running on OpenShift Online Starter accounts using OpenShift 3.10. Using CRI-O in a real-world production environment with diverse Kubernetes workloads is an important part of the development feedback loop for improving and extending CRI-O and OpenShift.
The rush to enable and adopt Kubernetes is evident with nearly weekly announcements of new Kubernetes distributions or services. The CNCF Kubernetes Conformance Program lists, as of this writing, at least 37 conformant software distributions of Kubernetes alone, plus additional hosted services.
That’s a lot of choice. But many of these vendors and organizations are certifying and delivering just Kubernetes, or Kubernetes plus one or two components that add some extended functionality, not an overall solution or platform in which Kubernetes plays a part. Just like the Linux Foundation is the governing body for the upstream development of Linux, which is also one piece of the much larger operating system platform, so is CNCF the governing body for Kubernetes. Conformance in the upstream development stage does not imply a viable enterprise solution.
IT suppliers of all types live in a time of great opportunity. Organizations across industries have accepted that digital transformation has to be an integral part of their business and the channel must step forward and become a leader that helps companies to modernize infrastructure, exploit hybrid cloud capabilities and develop applications faster than ever before. However joint research we conducted in collaboration with CRN UK shows that channel partners in Europe still have work to do: just 22 percent of IT suppliers feel capable of providing a complete service to cater for digital transformations.
Cary’s Booth Amphitheatre has a new general manager from a familiar place.
Taylor Traversari, who has been general manager of downtown Raleigh’s Red Hat Amphitheater since it opened in 2010, will move from one municipal-owned venue to another.
Red Hat‘s (NYSE: RHT) enterprise-grade products will be available to government agencies and regulated industries on Amazon Web Services‘ GovCloud marketplace via a distribution agreement with DLT Solutions, ExecutiveBiz reported Friday.
DLT will offer Red Hat’s products and managed services as a “Certified Cloud Service Provider” through an agreement that builds on the companies’ strategic partnership that dates back to 2004, DLT said Wednesday.
It used to be that operators in the U.S. turned to Red Hat for their IT department needs, but for the past several years Red Hat has been increasingly involved on the network side of their businesses.
With the emphasis on NFV and open source, Red Hat is becoming an increasingly significant player in the wireless space. “In the past few years, we’ve had interactions with every operator in the U.S.,” in some form or another, said Ian Hood, Red Hat's chief technologist and global service provider, in an interview with Fierce.
Publicly, of course, the company is limited on which customers it can disclose. In the U.S., Verizon has openly participated in Red Hat’s OpenStack Summits and talked about its NFV deployments, for example.
Robin Dreeke's The Code of Trust is a helpful guide to developing trustful relationships, and it's particularly useful to people working in open organizations (where trust is fundamental to any kind of work). As its title implies, Dreeke's book presents a "code" or set of principles people can follow when attempting to establish trust. I explained those in the first installment of this review. In this article, then, I'll outline what Dreeke (a former FBI agent) calls "The Four Steps to Inspiring Trust"—a set of practices for enacting the principles. In other words, the Steps make the Code work in the real world.
The Fedora Respins SIG is pleased to announce the latest release of Updated F28-20180805 Live ISOs, carrying the 4.17.11-200 kernel. This set of updated isos will save about 1GB of updates after install. (for new installs.)
You can already run some Linux applications on some Chromebooks thanks to Google’s Project Crostini software. But as I noted when testing Crostini on the Acer Chromebook Tab 10 last month, the feature is still very much a work in progress.
For now it’s not available if you’re using the stable channel version of Chrome OS, it doesn’t run on all Chromebooks, and you have to jump through some hoops to enable Crostini. Once you do that, you’ll find that you generally need a little Linux know-how to find and install applications using the command-line apt tool.
A few weeks back, I was tinkering around in the Canary channel and through some hacky loops and multiple attempts, I was able to install a Linux installer that allowed me to launch Debian(.deb) Linux packages on my Chromebox.
Granted, the workaround was in vain as I got Steam up and running just to find that GPU support is still nowhere to be seen but hey, the installation worked so the experiment was a success.
As I have noted, I have been working on packaging the VHDL simulator GHDL for Debian after it has dropped out of the archive for a few years. This work has been on slow burner for a while and last week I used some time at DebConf 18 to finally push this to completion and upload it. ftpmasters were also working fast, so yesterday the package got accepted and is now available from Debian unstable.
The package you get supports up to VHDL-93, which is entirely down to VHDL library issues. The libraries published by IEEE along with the VHDL standard are not free enough to be suitable for Debian main. Instead, the package uses the openieee libraries developed as part of GHDL, which are GPL’ed from-scratch implementations of the libraries required by the VHDL standard. Currently these only implement VHDL-89 and VHDL-93, hence the limitation.
Here is the eighth issue of This Week in Lubuntu Development. You can read the last issue here.
Several Motorola MDT-9100T "Mobile Data Terminals" came up on eBay and their retro-future design was too neat to pass up. The stylish housing combined with an aperture-less amber CRT looks like something slipped from the Fallout or BladeRunner universe into our own. Some of us at NYC Resistor bought them and are repurposing them.
[...]
In order to replace the i386 with a BeagleBone Black it was necessary to build an adapter board that plugs into the ribbon cable, deduce the VGA timings and write a Device Tree overlay (DTBO) to configure the LVDS framing for the special screen, and design a USB HID keyboard interface for the keyboard and function keys.
Though it came to our attention more than two years ago, Google’s "Fuchsia" project recently made news again when Bloomberg dropped a report indicating Fuchsia was intended to replace Android within five years.
Though a Google spokesperson later disputed some details of the report, including the timeframe, it hasn’t stopped speculation about exactly what the company’s ambitions and expectations are for the software at this point.
Google I/O 2018 packed some hefty surprises for Android users. While the company’s advancements in Google AI and Google Assistant held us spellbound, the Android Pie features pleased Google fans.
Now that the name of Android version 9.0 isn’t a mystery anymore, it’s time to see a bunch of cool and exciting features. This year, Google is focused on making our digital lives more calm and organized through Android Pie. The update rollout has begun for Pixel devices and Essential Phone, and others should follow soon.
Android 9 harnesses the power of artificial intelligence to give you more from your phone. Now it's smarter, faster and adapts as you use it.
Android Pie is a major update for Android. Large chunks of the OS get a UI makeover in line with Google's updated Material Design guidelines. There is an all-new notification panel, a reworked recent-apps screen, new settings, and tons of system UI changes. There's support for devices with notched displays (like the iPhone X) and a gesture navigation system (also like the iPhone X). So far, battery life on the preview builds has been great, with improvements like the AI-powered adaptive battery system, a new auto-brightness algorithm, and changes to CPU background processing.
At last, the wait is over! Google has finally started shipping the stable version of Android 9.0 for smartphones. Fans who placed their money on Popsicle, Popcorn, Pistachio, sad news for you guys — the new Android P is now “Android Pie.”
Aricent, a global design and engineering company, today announced an Open Source collaboration with CableLabs, a non-profit innovation and R&D lab founded by members of the cable television industry, on a self-managed and optimized virtual infrastructure platform on the Kubernetes and the Docker container model.
Following an earlier move centered on OpenStack, CableLabs has introduced a Kubernetes stack as the industry R&D house tries to add more open source software to the mix and MSOs size up their software defined networking and network functions virtualization strategies.
Their goal? To create a means of differentiating legitimate from automated accounts and detail the process so other researchers can replicate it.
What makes Twitter bots tick? Two researchers from Duo Security wanted to find out, so they designed bot-chasing tools and techniques to separate automated accounts from real ones.
Automated Twitter profiles have made headlines for spreading malware and influencing online opinion. Earlier research has dug into the process of creating Twitter datasets and finding potential bots, but none has discussed how researchers can find automated accounts on their own.
Duo's Olabode Anise, data scientist, and Jordan Wright, principal R&D engineer, began their project to learn about how they could pinpoint characteristics of Twitter bots regardless of whether they were harmful. Hackers of all intentions can build bots and use them on Twitter.
DevConf IN was organized at Christ University, Bangalore 05/06 August. It turned out to be totally fun-packed excited weekend for me. I really had a great time meeting people from various other open source communitites from India. I also delivered a talk on Flatpak mainly focusing on overall architecture, it’s benefits for the user and developers.
Mozilla released today the Mozilla Thunderbird 60 open-source email, calendar, and news client for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows.
In development for the past several months, the Mozilla Thunderbird 60 release is a major one adding numerous new features and improvements, including new Light and Dark themes, OAuth2 authentication support for Yahoo and AOL accounts, individual update interval for RSS feeds, and support for WebExtension themes.
Attachments handling during email compose has been greatly improved in Mozilla Thunderbird 60, which adds a new "Delete" button in the To/Cc/Bcc selector when writing emails to allow you to remove a recipient. Also, users can now re-order attachments using drag and drop, keyboard shortcuts, or a dialog.
Mozilla developers have recently finalised version 60.0 of Thunderbird. This version has currently not been put up for distribution through update but can be directly downloaded from the official webpage by the users themselves.
Thunderbird is a free and open source Email client for Linux, Mac and Windows computers. It is a default email client for many Linux distribution. Thunderbird is a full featured Email client with features such as customization, calendars, Tasks, Reminders, Address Books and many more. Thunderbird is not only available for general users, also it is available for enterprises.
As you may already know, last Friday August 3rd – we held a new Testday event, for Firefox 62 Beta 14.
Mozilla Firefox is expected to introduce two new features in its next patch: DNS over HTTPs (DoH) and Trusted Recursive Resolver (TRR) which it has been testing in the web browser’s Nightly build. The latter is advocated by Mozilla with specific attention to security. This release attempts to override configured DNS servers with Cloudflare. This partnership has received stark criticism for security violation as this overhaul allows Cloudflare to access all DNS requests and the information that they entail.
Facebook Inc. is open sourcing a new library its created for the Transport Layer Security protocol, which is designed to help developers protect their data as it traverses the Internet. The social media giant says Fizz is a TLS 1.3 library written in C++14, and is making its code available on GitHub for anyone to use.
TLS is a replacement for the older Secure Socket-Layer protocol that was once the standard for securing websites against cyberattacks. TLS apparently improves on SSL, as it supports stronger encryption and no longer supports older secure algorithms that might now be vulnerable.
You may have noticed that Google's Chrome web browser now marks all websites without Transport Layer Security (TLS) as insecure. So, it's past time to secure your sites with TLS. So long as you're doing this, give Facebook's newly open-sourced TLS 1.3 library, Fizz a try.
TLS 1.3 is the newest version of TLS. In turn, TLS is the replacement for Secure Socket-Layer (SSL). It's designed to be better than its ancestors at preventing attacks. TLS 1.3 does this by supporting stronger encryption and dropping support for many older, no longer secure encryption algorithms.
What contributors of Linux distributions and BSD families think
While the sources have been tagged in Git for several days now, the binaries are now available too with LLVM 7.0 RC1 now officially being announced.
Hans Wennborg has announced the availability of LLVM 7.0 RC1, including sub-projects like Clang 7.0 RC1. Downloads of LLVM 7.0 RC1 are available from here.
Flexera has released FlexNet Code 2018, according to their press release, this makes it easier for software suppliers to add a new layer of trust and transparency into their software supply chain.
New functionality allows suppliers to analyse software assets and create an inventory Bill of Materials (BOM).
NASA's Curiosity lander touched down on the surface of Mars in August, 2012, and its rover payload rolled out shortly after to begin its meandering mission. While the intrepid explorer did its thing, NASA needed an educational project to help explain the technology and the mission to the general public. That role was filled by a scaled down version called ROV-E, and now tinkerers, students, part-time scientists and the rover curious can build their very own mini Mars rover for exploring backyard craters and vast garden mountain ranges.
Becoming a programmer from an underrepresented community like Cameroon is tough. Many Africans don't even know what computer programming is—and a lot who do think it's only for people from Western or Asian countries.
I didn't own a computer until I was 18, and I didn't start programming until I was a 19-year-old high school senior, and had to write a lot of code on paper because I couldn't be carrying my big desktop to school. I have learned a lot over the past five years as I've moved up the ladder to become a successful programmer from an underrepresented community. While these lessons are from my experience in Africa, many apply to other underrepresented communities, including women.
Andy Palmer is the founder and CEO of Tamr, which offers a patented software platform for enterprise-scale data unification that combines machine learning and human expertise. He's generally credited with coining the term DataOps three years ago.
GraphicsFuzz is the company that started out via university research into fuzzing GPU drivers and finding many graphics driver bugs along the way. After forming the company GraphicsFuzz, the researchers took to fuzzing from the web browser with WebGL. That company has now been acquired by Google.
For decades, the district south of downtown and alongside San Francisco Bay here was known as either Rincon Hill, South Beach or South of Market. This spring, it was suddenly rebranded on Google Maps to a name few had heard: the East Cut.
The peculiar moniker immediately spread digitally, from hotel sites to dating apps to Uber, which all use Google’s map data. The name soon spilled over into the physical world, too. Real-estate listings beckoned prospective tenants to the East Cut. And news organizations referred to the vicinity by that term.
But tech companies aren't the only ones shouldering responsibility for your digital well-being. Increasingly, governments are interceding. A new law in Georgia prohibits drivers from so much as touching their devices unless they're parked. A bill recently introduced in Congress with bipartisan, bicameral support requested $95 million to study tech's impact on kids. And in one of the most dramatic government interventions to date, France last week enacted a nationwide ban on smartphone use in schools—a measure French education minister Jean-Michel Blanquer has called “a public health message to families.”
Caucher Birkar, a mathematician at the University of Cambridge, UK won the award for his work on categorising different kinds of polynomial equations. He proved that the infinite variety of such equations can be split into a finite number of classifications, a major breakthrough in the field of arithmetic geometry. Born in a Kurdish village in pre-revolutionary Iran, Birkar sought and obtained political asylum in the UK while finishing his undergraduate degree in Iran.
When I started my modern journey into photography, I simply shot in JPG. I was happy with the results, and the images I was able to produce. It was only later that I was introduced to a now good friend and he said: “You should always shoot RAW! You can edit so much more if you do.”. It’s not hard to find many ‘beginner’ videos all touting the value of RAW for post editing, and how it’s the step from beginner to serious photographer (and editor).
Today, I would like to explore why I have turned off RAW on my camera bodies for good. This is a deeply personal decision, and I hope that my experience helps you to think about your own creative choices. If you want to stay shooting RAW and editing - good on you. If this encourages you to try turning back to JPG - good on you too.
But the iFixit team has slightly different criteria. Is it self-repairable? The answer is a big wet sloppy ‘no'.
The kernel space is the environment in which full and unlimited access to all the hardware and devices exists; other security systems don't apply in kernel space. Kernel layer access is limited to the root user, but the Linux root user is not an admin with a lot of permissions. The root user account has unlimited access to the kernel space and is secured with a very complex password
Permissions determine how admins can access files, but they don't decide how admins can access the system. The Linux permission system only applies to IT administrators who are not the root user or end users.
Originally, there were just three permissions: read, write and execute. Administrators can apply these permissions to admin accounts, group owners and other users. However, computing needs have changed and rendered these permissions too limited, so Linux OS developers added a second set of permissions to address specific use cases. This set includes various combinations of the original read, write and execute permissions.
Josh and Kurt talk about the latest attack on bluetooth and discuss phishing in the modern world. U2F is a great way to stop phishing, training is not. We also discuss airgaps in response to attacks on airgapped power utilities.
pf-badhost is simple and powerful. The blocklists are pulled from quality, trusted sources. The 'Firehol', 'Emerging Threats' and 'Binary Defense' block lists are used as they are popular, regularly updated lists of the internet's most egregious offenders. The pf-badhost.sh script can easily be expanded to use additional or alternate blocklists.
A flaw in a US bank's computer software led to 625 customers not receiving government loan assistance to which they were entitled - and 400 of those went on to lose their homes.
Hundreds of people had their homes foreclosed on after software used by Wells Fargo incorrectly denied them mortgage modifications.
The sole maker of the iPhone’s main processor said a number of its fabrication tools had been infected, and while it had contained the problem and resumed some production, several of its factories won’t restart till at least Sunday. The virus wasn’t introduced by a hacker [sic], the company added in a statement.
The ransomware, which only infects systems running Microsoft's Windows operating system, hit a number of Taiwan Semiconductor Manufacturing Co's fabrication plants on 3 August, it said, with the degree of infection varying from plant to plant.
Now they've gone all in: according to Geoffrey MacDougall, Consumer Reports' head of partnership and strategy, they've broken new ground by explicitly factoring privacy and security into a product category roundup, which led them to give top marks to Apple Pay as the top-rated P2P payment service.
Bob Lord, the DNC's chief security officer, wrote in a warning: "It's very important that party and campaign workers not use ZTE or Huawei devices, even if the price is low or free.
In a security advisory, the CRM company says it became aware of the issue on the 18t July. The error impacted "a subset" of Marketing Cloud customers using the Marketing Cloud Email Studio and Predictive Intelligence products.
In a quest for perfect security, the perfect is the enemy of the good. People are criticizing SMS-based two-factor authentication in the wake of the Reddit hack, but using SMS-based two factor is still much better than not using two-factor authentication at all.
Wars are no longer won—they just continue forever, taking generations of American soldiers with them.
A failed assassination attempt against Venezuelan President Nicolas Maduro on Saturday was mounted with explosive-armed drones, according to news reports.
Nine days earlier, and on the other side of the world, a group claimed to have sent an armed drone to attack the international airport in Abu Dhabi.
Venezuelan President Nicolas Madura survived an apparent assassination attempt carried out by drones on Saturday, Aug. 4 while speaking to a crowd in the capital city of Caracas.
Sarah Kreps, professor of government and international relations at Cornell University, is the author of two books on drone warfare, Drones: What Everyone Needs to Know and Drone Warfare. She says that drones like those Venezuelan authorities say were used to target Maduro are less lethal than other assassination methods, but are accessible and effective at terrorizing both civilians and political leaders.
The former president was named a Robert F. Kennedy Human Rights Ripple of Hope laureate Monday. The award honors those who “work toward a more just and peaceful world.” The RFK nonprofit tweeted that it is “honored to present Barack Obama” with the award.
MuckRock has previously written about some of the surprising photographic finds in the Central Intelligence Agency’s archives, including a stray cat that was considered a state secret for 50 years. Proving that they’re equal opportunity creature classifiers, records recently uncovered in CREST show photos of World War II military working dogs which weren’t made public until 2013 - nearly 70 years after they were taken.
According to accompanying dispatches, the photos date from mid-1945 and were part of a plan by the CIA’s wartime predecessor, the Office of Strategic Services, to train a dog unit for Chinese allies to use against the Japanese.
Pamela Anderson is opening up about her relationship with WikiLeaks founder Julian Assange, who has been holed up in the Ecuadorian embassy in London since 2012, granted political asylum by Ecuador while he faces charges of sex crimes in Sweden.
While the 51-year-old model, actress and animal-rights activist is currently dating French soccer star Adil Rami, she told TMZ’s Harvey Levin about her eyebrow-raising relationship with Assange in an interview with Levin’s Fox News series “OBJECTified”.
Former Baywatch star Pamela Anderson and WikiLeaks founder Julian Assange have been romantically linked for some time now, which is funny because Assange has been living in London’s Ecuadorian Embassy since the country granted him political asylum back in 2012. Per a report by Glenn Greenwald, Assange may leave the embassy soon, though that may lead to him being arrested “for breaching his bail conditions.”
Pamela Anderson has spoken of her 'romantic' connection with WikiLeaks founder Julian Assange.
The Canadian-American actress, 51, said Assange is one of her favorite people in an interview with Harvey Levin that aired on Fox News on Sunday night.
Describing him as 'imperfect', the former Baywatch star said: 'He's definitely an interesting person and there's definitely a romantic kind of connection 'cause it's a romantic struggle.
June 19th was the sixth anniversary of WikiLeaks Editor-in-Chief Julian Assange entering the Ecuadorian embassy in London. He was granted asylum in 2012 by then President of Ecuador, Rafael Correa. Mr. Correa’s successor, Lenin Moreno, has made his hostility to Mr. Assange clear, calling him a “hacker,” “stone in the shoe” and an “inherited problem,” among other things. Ecuador recently cut off Mr. Assange’s Internet access and has restricted phone calls and visitors, rendering him practically incommunicado. In contrast to the fierce anti-Americanism of Mr. Correa, Mr. Moreno is keen to normalise trade relations with the U.S. and attract foreign investment from American businesses.
Julian Assange's six-year stay in the Ecuadorian embassy in London is drawing to a close, with Ecuador's President Lenin Moreno signalling progress on a deal with the United Kingdom to evict the Australian-born hacker.
Mr Assange has been living in the embassy in the Knightsbridge neighbourhood of London since 2012, when he first sought asylum there while on bail awaiting a possible extradition to Sweden to face an investigation into rape claims.
The Swedish investigation was dropped in May of last year, but Mr Assange has remained in the embassy building, fearing a possible eventual extradition to the US on yet-to-be-laid spying charges.
But amid reports his eviction is imminent, the ABC's daily news podcast The Signal has been investigating what will happen when Mr Assange's time in the embassy runs out.
According to the Agency Bloomberg, the recent scandalous journalist and Creator of WikiLeaks Julian Assange was experiencing serious problems with health. In late July, the network appeared information that the authorities of South American state and British authorities started negotiations on further questioning Julian in the Embassy, and on July 27 the President of Ecuador made an official statement that Assange still leaves the UK. It is worth noting that now on the agenda is the issue of security of Assange.
In a tweet and television interview, Ecuadorian President Lenín Moreno has declared he will “take measures” against WikiLeaks editor Julian Assange unless he stops “intervening” in the politics and affairs of countries.
Moreno’s tweet yesterday stated: “To Mr. Assange we have put a condition: That he stop intervening in politics and self-determination of the country. Otherwise, measures will be taken.”
These “measures” can only mean forcing Assange out of Ecuador’s London embassy, to be immediately arrested by the British police and imprisoned, pending extradition proceedings by the Trump administration.
For six years, WikiLeaks editor Julian Assange has been effectively imprisoned without charges at Ecuador’s London embassy. In that time, two international courts and dozens of respected legal and human rights organizations have decried actions of the UK, US and Swedish governments that confine the journalist in what now amounts to torturous isolation, deprived of space, sunlight, visitors, communication with the outside and necessary medical care.
The country had, in March, cut off his internet access because his "behaviour, with his messages on social media, is putting at risk [Ecuador's] good relations with the United Kingdom, with the other members of the European Union and other nations". In the days before the ban, he had tweeted about the poisoning of a former Russian spy in the UK and had criticised the arrest of Carles Puigdemont in Germany.
Wikileaks quickly came out in support of its founder, saying that "reporting is not a crime". It criticises them for saying measures will be taken for what they say is him doing his job.
Many zoos have an exhibit like this: a wall with a hatch, and under the hatch words like “Do you want to see the most dangerous animal in the world?”. Of course everyone does, and before they open the hatch they speculate as to what the animal behind the hatch will be. A lion? A crocodile? However, when you open the hatch there is a mirror, and you see yourself staring back. You are the most dangerous animal in the world.
Of course this is nonsense. Not everyone who opens that hatch and sees themselves looking back is equally dangerous. We are not all equally responsible for destruction of the world’s ecosystems. Some humans who open the hatch probably are responsible for a great deal of destruction. Other are not. Many people bear the brunt of someone else's destruction.
Most craft businesses fail. It’s not surprising. Being an expert knitter doesn’t mean you should open a yarn shop. Lots of those hobbyist stores go broke in the first year because the excited, enthusiastic storekeeper doesn’t know how to pay himself and the landlord. In business, cashflow is king.
[...]
This is roughly how I do it, in both my long-gone consulting career and as a professional writer. I did not invent this method; rather, I accumulated it over decades of largely involuntary exposure to business. It covers how I decided I could afford to become a full-time writer, because that decision is an utterly critical part of cash flow management. There are other methods; I am not offering you the One Word of Truth here.
A Wall Street Journal column by Greg Ip (3/28/18) gave us another rendition of this old scare story. The argument is that the interest paid on US government debt will soon impose an enormous burden on the federal government, choking off spending on important government programs.
The key part of this story is that interest rates will jump at some point in the not-too-distant future. While this is in fact what the Congressional Budget Office predicts, it is also what it has been predicting ever since the Great Recession, and it has consistently been shown wrong.
That could help him in a general election in a Republican-leaning district. Gupta told me he thinks it could help him even in the primary, though that’s less clear. Democrats don’t have as strong of an attraction towards inexperienced candidates — take Greimel’s lead in the primary as an example. But to Gupta, the real fight in American politics isn’t between Democrats and Republicans, it’s between average voters and the powerful special interests that professional politicians represent. In his vision, science and evidence are a thing the warring parties can agree on, and then use to fight the real enemy.
Since publishing the urine-soaked "Steele Dossier," BuzzFeed has been targeted with multiple defamation lawsuits. Trump's former lawyer, Michael Cohen, ultimately dropped his lawsuit against the website after his own legal problems pretty much demanded he focus his legal attention elsewhere. Oh, and it was a lawsuit he was likely to lose, what with a lot of the alleged defamation being factual statements and any remaining defamation having been penned by the author of the dossier, not BuzzFeed itself.
Another doomed lawsuit is still active -- this one brought by Aleksej Gubarev and a couple of his companies (XBT Holdings and Webzilla, Inc.). Gubarev claims the next-to-last paragraph of the Steele Dossier defames him and his by linking Gubarv to Russian hacking attempts targeting the Democratic National Committee.
This lawsuit is likely doomed to fail as well, what with the alleged defamation having been penned by Steele, not BuzzFeed. But while it rolls towards this seemingly inevitable conclusion, the process continues with the subpoenaing of witnesses for both sides. BuzzFeed wants to depose people with knowledge of the events depicted in the dossier -- high-powered people like former FBI Director James Comey and other DOJ/FBI officials.
This updates my last blog post where I said that we’re getting a flood of spambots. Summary: if you’re an admin affected by this, you must act now. I’ll cut to the chase.
Amanda Biela was campaigning door to door in north suburban Glenview one afternoon last week when she stopped to talk with a senior watering his front lawn.
“I’m running for 15th District state rep,” Biela told him, “and I’m basically running against the Madigan machine.”
Biela explained that she’s challenging incumbent Rep. John D’Amico, which means she’s also taking on his ally Michael Madigan, the long-serving state House Speaker and Democratic Party leader. Biela, a former Chicago Public Schools teacher and mother of three, added that her top priority is lowering property taxes.
She didn’t mention that she’s a Republican. Why bring it up right away in a Democrat-dominated district?
Emmerson Mnangagwa has ruled out the possibility of an inclusive Government when he appoints his new Cabinet after inauguration expected in the next few days.
Mnangagwa is of the view that though a coalition government was not bad, it is not necessary at the moment.
Emmerson Mnangagwa has ruled out the possibility of an inclusive Government when he appoints his new Cabinet after inauguration expected in the next few days.
Outspoken Geto Boys member Willie D accuses YouTube of racism and censorship of his show Willie D, which has recently been reinstated and the Houston legend held a press conference to address the issues he’s faced with his own platform.
Google has since reposted the icon’s ‘Willie D Live” YouTube Channel after it was taken down on July 26th with no reason given.
On Monday, tech giant Apple joined in on the censorship fun by removing five of six podcasts of Alex Jones and Infowars from their iTunes and Podcasts apps. Apple’s move was draconian, completely removing all of the shows on those five podcasts instead of singling out the more “offensive” ones.
“Apple does not tolerate hate speech, and we have clear guidelines that creators and developers must follow to ensure we provide a safe environment for all of our users,” a company statement said. “Podcasts that violate these guidelines are removed from our directory making them no longer searchable or available for download or streaming. We believe in representing a wide range of views, so long as people are respectful to those with differing opinions.”
Talk about a rough Monday morning. Pundit Alex Jones found his radio and video show, and other content produced by the far-right site Infowars, removed from Apple, Facebook, Spotify and YouTube.
The cumulative actions represent the largest efforts yet against Jones, a conspiracy theorist who most famously promoted the idea that the 2012 Sandy Hook elementary school shooting never happened and was staged. Several families affected by the shooting, and an FBI agent who responded to the attack, have sued Jones for defamation. He is seeking to have the cases dismissed.
Twitter is on fire with debate over almost simultaneous decisions by Facebook, Apple, YouTube and Spotify to take action against controversial right-wing YouTube host Alex Jones’ and his InfoWars channel citing “hate speech”.
InfoWars Editor-at-large Paul Joseph Watson tweeted on Monday that Facebook had “permanently banned” the outlets page for “unspecified” hate speech and described the move as setting a “chilling precedent for free speech”.
Top technology companies erased most of the posts and videos on their services from Alex Jones, the internet’s notorious conspiracy theorist, thrusting themselves into a fraught debate over their role in regulating what can be said online.
Apple, Google, Facebook and Spotify severely restricted the reach of Mr. Jones and Infowars, his right-wing site that has been a leading peddler of false information online. Mr. Jones and Infowars have used social media for years to spread dark and bizarre theories, such as that the Sandy Hook school shooting was a hoax and that Democrats run a global child-sex ring. Apple made its move on Sunday and the others followed on Monday.
Here at Techdirt we've been slow to switch: so dug in were we for so long against the legislative scourge known as SESTA that we've been reluctant to call it anything else. Even after its ghastly provisions became law – in some ways, because its ghastly provisions became law – we've been reluctant to change what we called this vehicle of censoring doom. After all, we said for months that SESTA would be awful, and now here it is, being awful. If we called it something else people might be confused about what we had been complaining about.
The problem is, it's not technically correct to continue to call this legislative outrage SESTA, and doing so threatens to create its own confusion. SESTA didn't become law; FOSTA did. When we react to those legislative changes, and cite to their source, we are citing to the bill called FOSTA, not the bill called SESTA. SESTA itself no longer exists in legislative form – FOSTA's enactment mooted it – and it's confusing to complain about a law that isn't actually one, or ever going to be one, because even if you can convince someone that it's terrible, they'll never be able to find in any law book what it is they should be upset about.
It's FOSTA that now haunts us from the U.S. Code. But what's confusing is that while FOSTA is the enacted legislation now hurting us, SESTA was the proposed bill we had warned would. All the legislative history is with SESTA (well, most of it anyway), but all the legislative power is with FOSTA.
In a ruling that leaves unanswered questions about right holders’ future ability to enforce online, ICANN’S request for a preliminary injunction to make one of its registrars collect data on new registrants has been denied
I'm also with Williamson on being against firing people after some mob has done an archeological dig through their social media.
The story of Uganda fighting pornography dates back to 2014 when the government passed the Anti-Pornography Law, which stated that anyone found guilty of the offence of pornography, they would be fined $3,000 or up to 10 years in prison or both.
This fight was taken a notch higher when in 2016, the government ordered for a “porn detecting machine” that was said to have the capability of detecting pornographic material, both current and deleted, on computers and phones. The machine, which was set to arrive sometime in September 2016, never saw the light of day but in August if 2017, the government was still insisted that it was on its way.
Well, one more year and it seems the government has decided to turn into a more realistic method of threatening ISPs to block any website with pornographic content. The Ugandan Communication Commission (UCC) has ordered ISPs and telcos to block a total of 17 websites that the government has identified to be streaming pornography into the country.
A Democratic candidate for Congress in Central New York, Anthony Brindisi, accused Charter Spectrum, the national cable company, of trying to “censor” his campaign by refusing to air a television ad that criticizes the company’s record — along with his Republican opponent.
“If you’re watching this ad on Spectrum cable, you’re getting ripped off,” Mr. Brindisi, a state assemblyman, says to the camera at the start of the ad.
But Spectrum, which is the name under which Charter Communications operates in New York, has refused to air the campaign commercial, Mr. Brindisi said in an interview. He said that his campaign has successfully aired other ads on Spectrum in recent weeks, but the cable operator rejected this one over the weekend.
Chinese citizens are outraged over revelations that a major drug company was supplying low-quality vaccines, the latest in a decade-long series of scandals to have plagued China’s pharmaceutical companies.
The drug watchdog of the Jilin province announced on July 18 that the company Changchun Changsheng Bio-technology has sold over 252,600 sub-standard DPT (diphtheria, whooping cough, and tetanus) vaccines to Shandong Centre for Disease Control and Prevention, the agency in charge of public health in a province of about 100 million people.
Colin Kaepernick’s name was removed from a song featured on Madden 19, and it didn’t take long for the Internet to notice the not-so-subliminal snub.
On YG’s “Big Bank,” which features Nicki Minaj, 2 Chainz and Big Sean, Sean raps “You boys all cap, I’m more Colin Kaepernick,” but when the song appeared on the popular video game, the former San Fransisco 49ers’ name was removed.
During a concert over the weekend, Big Sean, with YG and 2 Chainz on stage spoke to the crowd about the erasure of Kaepernick’s name and proved he and all of Kaepernick’s supporters would not be deterred.
Well-known charity founder Lei Chuang was on a hike to raise funds for his organisation in 2015 when he sexually assaulted one of the participants in a hotel room.
Word that Google is crafting a search engine to meet China's draconian censorship rules has sparked widespread employee anger at the company which has responded by limiting workers' access to documents about the project, a report said Friday, August 3.
[...]
Google withdrew its search engine from China 8 years ago due to censorship and hacking but it is now working on a project for the country codenamed "Dragonfly," an employee told AFP on condition of anonymity.
The search project – which works like a filter that sorts out certain topics – can be tested within the company's internal networks, according to the worker.
"There's a lot of angst internally. Some people are very mad we're doing it," the source told AFP.
A Chinese drama series based on a popular gay-themed sci-fi novel has been pulled from one of the country’s top video-streaming platforms barely two months after its release, sparking fury among its fans.
All episodes of Guardian (Zhenhun in Chinese) were completely removed from video-hosting service Youku on Thursday.
The show – based on a novel published online by an author using the pen name “Priest” – is the latest in a string of Chinese productions recently pulled or delayed since an official directive was issued last month to “clean up TV programmes of harmful and vulgar content”.
Nina Tomasieski logs on to Twitter before the sun rises. Seated at her dining room table with a nearby TV constantly tuned to Fox News, the 70-year-old grandmother spends up to 14 hours a day tweeting the praises of President Trump and his political allies, particularly those on the ballot this fall, and deriding their opponents.
Twitter is having trouble distinguishing between bots trying to meddle in U.S. politics and fervent supporters of President Trump who tweet very often.
The micro-blogging company — which has purged fake or suspicious accounts at a rate of 1 million per day for the past three months, including 70 million accounts in May and June alone — has come under fire along with Facebook for sweeping up ordinary and non-robotic accounts in their efforts to prevent Russian disinformation.
Mere hours after defending Holocaust deniers on a Recode podcast last month, Mark Zuckerberg seemed to realize he’d made a mistake. “I don’t believe that our platform should take that down because I think there are things that different people get wrong,” he said of people who post things on Facebook claiming the Holocaust never took place. “I don’t think that they’re intentionally getting it wrong.” The Facebook C.E.O. quickly released an amendment to his comments, clarifying that in no way did he endorse the point of view of Holocaust deniers. But his gaffe revealed one of the fundamental flaws in Facebook’s quest to crack down on misinformation: when it came to bad actors’ intention to mislead, the company was all too willing to give them the benefit of the doubt.
Betty Miles, a writer whose books for children and young adults addressed issues like sexism, racism and censorship after she had emerged from the 1950s to become a feminist, died July 19 at her home in Shelburne, Vermont. She was 90.
Her death was confirmed by her daughter Ellen Miles.
In many of her more than two dozen books, Miles aimed to entertain young people while also helping them navigate the complex realities of society.
Kushner requested the removal of a 2010 story about a settlement between then-New York attorney general Andrew Cuomo and real estate firm Vantage Properties regarding allegations that the company had illegally forced tenants out of their apartments to raise rents. Kushner also ordered another 2010 article deleted about Vantage’s top executive Neil Rubler. That story’s URL suggests that Rubler had appeared on some sort of "10 worst landlords" list.
The disappearing act included more mundane fare: a 2012 story about NBA Commissioner Adam Silver purchasing a $6.75 million apartment in a tony New York City building, the kind of item that privacy-conscious famous people often try to keep out of the real estate press. Silver and Kushner are friends, and the NBA commissioner praised Kushner in a 2016 New Yorker article for helping the league find space for a retail store.
Controversy about Google's possible plan to reenter China. Concern about election rigging in Pakistan. Australia parched by severe drought. The Vietnam War in photos. The brain's natural barrier, and 3D knitting.
John Oliver in his satirical news show Last Week Tonight compared Chinese President Xi Jinping’s resemblance to Winnie the Pooh, and got himself banned in China. The country, known for controlling what people post and talk about online, took offence on Oliver’s joke and popular Chinese social media and micro blogging platforms like Weibo banned the usage of the words ‘John Oliver’. Whenever someone tried to type the name, an alert popped up that it could mean violations of rules and regulations.
Filmmaker Anurag Kashyap on Thursday said it is not impossible to make a political cinema in India, but the process of fighting the system scares many filmmakers, including him.
Participating in "Neta Abhineta" session of an international media forum at the Media Rumble here, Kashyap said: "It's not that if I wanted to make political cinema, I wouldn't do it because of the fear for censorship, but it's the process of fighting it which scares me.
American tech companies don't want to give up their cut of a $20 billion Russian software/hardware market, so they've been allowing purchasers to examine devices and vet source code before shelling out for new products. This isn't exactly ideal for American companies, but Russia is as concerned as anyone else products might be shipping with adversaries' backdoors pre-installed. American companies don't necessarily like having entities linked to Russia's government vetting source code, but the market is too big to be ignored.
Russia has every right to suspect government backdoors may be unlisted features. Checking products and source code before purchase just makes sense, what with leaked documents showing the NSA intercepts foreign-bound hardware to install backdoors and other leaks exposing a fair bit of the agency's exploit collection. But now that Russia appears to have engaged in cyberwarfare efforts during the 2016 election, legislators are demanding US companies let the US government know who's been poking around in their products.
Last week, very quietly, the National Security Agency's Office of the Inspector General released a report on the agency that should concern us all. In it, the IG finds that the NSA routinely fails to keep data safe. Just prior to the report’s publication, the world learned that Russian hackers infiltrated hundreds of power grids. “They got to the point they could have thrown switches,” a Homeland Security official told the Wall Street Journal.
A fight has begun over another of the US government's mass surveillance systems – with two Senators raising questions about an unusual data deletion by the National Security Agency (NSA).
Senators Ron Wyden (D-OR) and Rand Paul (R-KY) have sent a letter [PDF] to the NSA's inspector general asking him to look into the agency's torching of metadata for hundreds of millions of phone calls.
"We write to request that you conduct an investigation into the circumstances surrounding, and any systemic problems that may have led to, the deletion by the National Security Agency (NSA) of certain call detail records (CDRs) collected from telecommunications service providers pursuant to Title V of the Foreign Intelligence Surveillance Act (FISA)," the letter begins.
Senators from both sides of the aisle sought answers from the ’s internal watchdog Thursday involving the “technical irregularities” that resulted in the recently deleting several years’ worth of call records collected outside the scope of its authority.
Sen. Ron Wyden, Oregon Democrat, and Sen. Rand Paul, Kentucky Republican, wrote the ’s inspector general in response to the stating recently that it was erasing call records that it had obtained from telecommunications providers but “was not authorized to receive.”
It’s been more than a couple of months since GDPR (the EU General Data Protection Regulation) came into force. The promise of giving the citizens back control of their personal data was brash and resonated with many of us, but apart from emboldening few data protection activists, the GDPR has not meaningfully changed the privacy...
New court documents suggest that the BBC has yet to find the source of the leaked 'Doctor Who' footage that previously appeared online. The British company is hoping that Microsoft can help. At a federal court in Washington, the BBC requested a DMCA subpoena targeted at a OneDrive user who shared the infringing material online late June.
Connecting to a public Wi-Fi network can put you at risk. Here's how to minimize the damage.
Not every VPN is created equal. In fact, most of them aren’t worth their salt. Truth be told, it’s increasingly important to conduct in-depth tech reviews of VPN (virtual private network) services before you simply subscribe to one. Credible VPN providers are out there, but you’ve got to know what to look for. A VPN client encrypts your traffic through a VPN gateway. Simply put, it’s as if your online activity is masked by an invisible shroud.
Move to HTTPS; lose the Chinese. That's the revised internet maxim. China's Great Firewall has gradually reduced the number of foreign sites accessible by Chinese citizens... "gradually" only in the sense that it's been a continuous rollout steadily decreasing web access. The government blocked an entire content delivery network at one point, so even this gradual rollout has seen its share of spikes.
[...]
The BBC recommends a VPN to bypass Chinese web filtering, but that suggestion only goes so far in country where VPN use has been banned for the most part. Businesses still rely on VPNs for securing their communications and content, so the capitalist heart of the authoritarian government has granted exceptions. But the exceptions are limited to VPNs registered with the government, which presumably contain government backdoors.
Undeterred by its recent travails, social media giant Facebook has started asking large American banks to share detailed information about their customers in order that it can offer new services to its two billion-plus users.
The Wall Street Journal reported that among the information sought were credit and debit car[d] transactions and account balances for those who held cheque accounts.
Diana further explained that account linking is already live with PayPal, Citi in Singapore, and American Express in the United States.
A report published today on The Wall Street Journal says that Facebook wants customers’ bank details on their platform to bolster user engagement. As per the report, Facebook wants to come to a mutual arrangement with banks to share data to improve the quality of services offered to the users.
Facebook Inc. wants your financial data.
The social-media giant has asked large U.S. banks to share detailed financial information about their customers, including card transactions and checking-account balances, as part of an effort to offer new services to users.
As tech companies like Facebook Inc. and Google vacuum up billions of dollars in online advertising, they’re pouring their own marketing dollars into billboards and other forms of outdoor signage. That’s driving growth in one of the oldest forms of marketing and is one reason why the category is the only traditional channel expected to grow this year.
Whoever criticizes the far-right or rejects the brutal and inhumane refugee policy of the grand coalition in the Bundestag (parliament), is, according to the definition of the secret service, a “left-wing extremist” and a threat to the Constitution. Still more reprehensible, according to the report, is the collection of “information on alleged or actual right-wing extremists and their institutions.”
Of course, a lot of the risk assumption is based on another assumption: that the TSA actually prevents terrorist attacks. There's a lot of evidence indicating it doesn't. Screeners miss explosives and other dangerous objects at an alarming rate. And for all the bragging the TSA does about taking harmless objects away from passengers, attempted terrorist attacks have always been thwarted in the air by passengers, rather than by TSA agents on the ground or air marshals on the targeted planes.
Police in New Mexico were ignoring the state’s law against civil asset forfeiture until a federal ruling last week.
Anybody who has watched at least one episode of Law & Order knows that in America, anyone accused of a crime is considered “innocent until proven guilty.” That’s the way it should be, at least. When a person is accused of a crime, the burden of proof belongs to the accuser.
But what most people don’t realize is that police routinely use a constitutionally dubious form of legal jiu-jitsu called “civil asset forfeiture” to flip this basic principle of fairness on its head. With civil asset forfeiture, police literally accuse your stuff of a crime, and you as the owner have to prove that your stuff is innocent.
Here’s an example: In 2010 Stephen Skinner and his son Jonathan, both African-American, were on a road trip to Las Vegas, Nevada, for a vacation when they were pulled over by New Mexico State Police for going 5 mph over the speed limit. The trooper searched their rental car and found several thousand dollars in cash and coins in their luggage that the two men had set aside for gaming at the casinos. The trooper called Skinner, then in his late 50s, “boy” and released him with a warning that “it’s not over.”
And sure enough, it wasn’t.
Jurors in a South Dakota death penalty case thought a gay man might enjoy being sentenced to life in prison with other men, so they voted for death.
Last week, civil rights groups, including the ACLU and Lambda Legal, urged the Eighth Circuit Court of Appeals to accept the case of Charles Rhines, a gay man in South Dakota whose sexual orientation may have played a role in his death sentence in 1993.
In a related appeal, the Eighth Circuit denied relief on many of Mr. Rhines’s claims the day after the friend-of-the-court filing. But the federal appeals court didn’t address whether Mr. Rhines will be allowed to present evidence of anti-gay bias, as the groups had asked in their friend-of-the-court brief. The Eighth Circuit can still take the case, and it should. Here’s why.
It comes after Canada called for the release of women's rights activists, including Samar Badawi.
Today we’re debuting a documentary with Frontline that chronicles some of our reporting on hate groups over the past year.
Reporters A.C. Thompson and Ali Winston have been investigating the rise of white supremacist groups in the U.S. after the violent August 2017 Unite the Right rally in Charlottesville. Their work is part of a project at ProPublica called Documenting Hate.
The project, which started shortly after Election Day in 2016, has an ambitious goal: collect as much data as we can to make up for the wholly inadequate records collected by the government.
On Aug. 2, 2017, Charlottesville Mayor Michael Signer convened a closed meeting of the City Council. The Unite the Right rally was days off, and Signer was concerned about how to manage the potential for trouble. The Virginia State Police were there. So, too, was the chief of the Charlottesville Police Department.
Signer and the council members asked the law enforcement officers present directly: Was there a “specific, credible threat” of violence?
There was none, the elected officials said they were told.
Mayhem, of course, ensued some 10 days later, as marches by white supremacists turned bloody and left a 32-year-old woman dead. The violence set off a national political firestorm, and also a great deal of soul-searching by the city of Charlottesville.
Months later, a 200-page independent review of law enforcement’s handling of the rally excoriated the local and state police for failing to intervene earlier and more effectively to limit the bloodshed.
On June 26th, National Security Agency (NSA) whistleblower Reality Winner pleaded guilty in federal court, agreeing to 63 months in prison in plea agreement for a single charge of espionage. Winner’s case has made national headlines throughout the past year after she was arrested in June 2017 for leaking NSA documents regarding a Russian hack in the 2016 election to a news outlet. Ms. Winner was arrested under the Espionage Act, a federal law that was created for spies, not whistleblowers.
Ms. Winner, 26, was the first person to be accused of leaking classified information by the Trump administration. Ms. Winner, who is also a decorated Air Force veteran, has served over a year in jail in Lincoln County, Georgia, under harsh conditions.
So you'll recall that before Comcast, AT&T, Verizon and friends convinced the Trump FCC to ignore the public and kill net neutrality, they had attempted to dismantle the rules legally. That effort didn't go very well, with the U.S. Court of Appeals for the D.C. Circuit upholding the FCC's Open Internet Order in June of 2016, and ISPs losing a subsequent en banc appeal. More specifically, the courts found that the former Wheeler-run FCC was well within its legal right to reclassify ISPs as common carriers under the Telecom Act.
The 2016 FCC victory made sense, especially if you recall that the agency lost its 2014 legal fight with Verizon in part because it tried to implement net neutrality without first putting itself on legal footing by classifying ISPs as common carriers under Title II. You might also recall that Wheeler at the time initially wasn't sure about the Title II route, but changed his mind based on available facts and evidence, back when people, you know, actually still did that.
But that was then and this is now. Lawyers for the FCC and Department of Justice filed a brief (pdf) with the Supreme Court last Friday, urging it to vacate the 2016 court ruling that upheld the Wheeler-era net neutrality rules.
The Decentralized Web Summit played host to a gathering of web luminaries such as Sir Tim Berners-Lee, Brewster Kahle and Vint Cerf. On top of that, activists and authors and screenwriters such as Jennifer Stisa Granick, Emili Jacobi, Mike Judge and Corey Doctorow put in an appearance, as did cryptocurrency pioneers like Zooko Wilcox, blockchain developers, and academics.
There’s a movement to reclaim blogging as a vibrant, vital space in academia. Dan Cohen, Kathleen Fitzpatrick, and Alan Jacobs have written about their renewed efforts to have smart exchanges of ideas take place on blogs of their own. Rather than taking place on, say Twitter, where well-intentioned discussions are easily derailed by trolls, bots, or careless €¯\_(ãÆâ)_/€¯. Or on Facebook, where Good Conversations Go to Dieââ¢.
The CJEU attempted to clarify the meaning of “protected by a basic patent” in Teva v Gilead, but practitioners and in-house counsel say it raises more questions than it has answered including a new test that is not clear
A new academic article about patenting in the BRICS countries makes fascinating reading for life sciences IP professionals interested in gauging the development and current state of China’s biotechnology patent landscape. On the one hand, it highlights the drastic increases achieved in the number of biotech patent applications made by China-based innovators over recent years – a surge that far exceeds that in other emerging economies. But, on the other hand, the study casts doubt on the commercial value of the resultant grants. Life sciences patent professionals have strong reason to be interested in the development of China’s IP landscape
Even this Chinese Kat who is currently located in The Netherlands did not find Pinduoduo (or PDD) and its advertisements unfamiliar -- simply no escape is possible from its brain-washing marketing campaigns launched everywhere in the Chinese media.
On July 19, days ahead of its IPO on the Nasdaq, PDD was sued by a Chinese diaper manufacturer, Beijing Daddy's Choice Science and Technology Co., Ltd. (hereinafter referred to as Daddy’s Choice or the plaintiff), for trade mark infringements before the New York Federal Court. See the document here.
In a nutshell, based on the two trade mark registrations in the U.S. (No. 5463121 and No. 5238282), the plaintiff accused PDD of knowingly allowing the sale of counterfeited and unauthorized products bearing the Daddy’s Choice name.
The infringement lawsuit itself, in this Kat’s viewpoint, is quite straightforward. What seems more intriguing is the nation-wide discussions triggered by PDD and its IPO in China, on which from this Kat’s observation are mostly one-sided criticism.
Ericsson (NASDAQ: ERIC) and LG Electronics have renewed a global patent license agreement on FRAND terms and conditions between the two companies. Ericsson and LG Electronics are two of the leading contributors to the GSM (2G), UMTS (3G), and LTE (4G) cellular communication standards and both companies are making significant investments in the development of the NR (5G) standard. The agreement includes a cross license that covers patents relating to both companies’ 2G, 3G, and 4G standard-essential patents. The terms of the agreement are confidential.
On 13 April 2018, the Barcelona Court of Appeal (Section 15) wrote a decision highly illustrative of the challenges that an “added matter” objection may raise in Spain, particularly in the context of preliminary injunction proceedings. The decision confirmed a ruling of 18 July 2017 from Barcelona Commercial Court number 4, which had lifted a preliminary injunction ordered against a manufacturer of generic medicaments, for considering that the patent was unlikely to overcome an “added matter” objection in the main proceedings.
The first question addressed by the Barcelona Court of Appeal (Section 15) was to what extent “nullity” may be raised as a defence in preliminary injunction proceedings, where life is very short. The Court reiterated, citing the case law stemming from its decisions of 4 January 2006 (amlodipine), that in the context of preliminary injunction proceedings the validity of a patent cannot be examined in depth. The patent will be deemed to be valid unless the defendant alleges “very clear and evident indicia” supporting nullity. After clarifying that the burden of proving these “very clear and evident indicia” lies with the defendant, the Court examined whether or not the arguments alleged to found the “added matter” objection in the case at hand were sufficiently robust as to lift the preliminary injunction, as the Court of First Instance had done.
Intellectual properties must be guarded if the country wants to push towards an innovation economy.
Getting a patent is like buying insurance – it’s not something people think they need until it’s too late.
Australian patent attorney Leon Allen enjoys drawing parallels between the two.
Running with the metaphor, he says it’s like an insurance policy – there are good and bad ones. In the case of patents, the quality of the initial application defines how likely it will hold up to challenges in the future.
Earlier this year, we wrote about a thought-provoking article by Zeynep Tufecki discussing how some people were deliberately trying to use the open "marketplace of ideas" to effectively attempt to poison the marketplace of ideas. Also mentioned in that article was an excellent Yale Journal Article called Real Talk About Fake News by Nabiha Syed, which raised similar issues, and wondered if we needed a new framework for thinking about free speech online. We later had Syed on our podcast to discuss this further. Both Tufecki and Syed were raising important, thought-provoking issues that were not at all like the usual attacks on free speech -- because neither was an attack on free speech. Instead, they were attempting to protect free speech by pointing out that the way we often frame these discussions may not be the most effective way of thinking about these issues -- and that might actually lead to the silencing of voices.
This has certainly spurred many more thoughtful discussions on these topics. But... it won't surprise you that some are now looking to exploit this open discussion in their own way. The MPAA recently filed some comments with the NTIA, and what's striking about them, is how they appear to be co-opting the language of Tufecki to attack free speech online, and push for legal changes that would lead to massive censorship. But, in doing so, they claim these changes are necessary to "protect" free speech. The MPAA's VP Neil Fried also put out a somewhat snarky blog post about the filing, in which the MPAA insists that CDA 230 and DMCA 512 must be changed because "the status quo does not seem to be working."
The theory that piracy enforcement is a far inferior method for combating copyright infringement when compared with better and innovative business models and offerings is certainly old hat for us here. And, while there have certainly been studies going back years showing that to be the case, it seems notable that the past few months have seen a wave of these studies all coming on top of each other. We had MUSO, of all organizations, essentially concluding a survey it did in the UK showing how much content "pirates" actually buy legitimately by saying, "Hey, content industries, get your shit together!" That was followed quite recently by a study performed by Dutch researchers that did an amazing and large-sampled survey that concluded quite clearly that user-friendly legal alternatives depressed piracy rates at a far greater clip than enforcement measures.
And, now, because good things always come in threes, yet another study in the UK has shown that once-pirates of music are morphing into very real customers due to convenient and user-friendly streaming services.
Major labels including Universal, Warner Bros, Sony, and others have teamed up to sue two more YouTube-ripping sites. FLVTO.biz and 2conv.com are reportedly operated out of Russia, but according to information provided to the US Trade Representative by rightsholders earlier this year, the sites provide MP3 downloads to users from servers hosted in Germany.