Microsoft stopped offering Windows 10’s October 2018 Update on October 6, as it was deleting some people’s files. Now, another ugly data loss bug has reared its head, and it won’t be fixed until November.
As Bleeping Computer notes, the vulnerability, which affects all the Windows 10 versions, can be used to exploit system data, and it can also lead to privilege escalation (an exploitation technique to gain access to protected resources on the computer).
According to the SandboxEscaper, the problem pertains the Microsoft Data Sharing Service which provides data brokering between applications. In the tweet, the research shared a GitHub link as a proof-of-concept.
Proof-of-concept code for a new zero-day vulnerability in Windows has been released by a security researcher before Microsoft was able to release a fix.
The code exploits a vulnerability that allows deleting without permission any files on a machine, including system data, and it has the potential to lead to privilege escalation.
At a time when many companies are rushing to internationalize their products and services to appeal to the broadest possible market, the Linux kernel is actively resisting that trend, although it already has taken over the broadest possible market—the infrastructure of the entire world.
David Howells recently created some sample code for a new kernel library, with some complex English-language error messages that were generated from several sources within the code. Pavel Machek objected that it would be difficult to automate any sort of translations for those messages, and that it would be preferable simply to output an error code and let something in userspace interpret the error at its leisure and translate it if needed.
In this case, however, the possible number of errors was truly vast, based on a variety of possible variables. David argued that representing each and every one with a single error code would use a prohibitively large number of error codes.
Ordinarily, I might expect Pavel to be on the winning side of this debate, with Linus Torvalds or some other top developer insisting that support for internationalization was necessary in order to give the best and most useful possible experience to all users.
GNU Linux-libre 4.19-gnu sources and tarballs are now available at http://www.fsfla.org/selibre/linux-libre/download/releases/4.19-gnu/. It didn't require any deblobbing changes since -rc7-gnu (that was never released; when it was ready, rc8 was nearly out, and I decided to start over and save the disk space).
Freesh binaries are already in place, Freed-ora f30 ones are building.
Freeloong ones may take longer: the yeeloong hosted at the FSF needs a reboot to get builds going again, and 4.19-gnu builds will require a (chroot) system upgrade to get the newer GCC it requires. My first attempt at such an upgrade failed part-way, after bringing network down.
Building off Monday's release of Linux 4.19 is now the downstream GNU Linux-libre 4.19-gnu kernel that strips away code contingent upon closed-source microcode/firmware images as well as removing the ability to load closed-source kernel modules.
At this week's Open-Source Summit in Edinburgh there was a kernel internship panel discussion focused on the work done by Outreachy participants, the program paying women and other under-represented groups $5,500 USD for contributing to various open-source projects over a three month period.
[...]
Applications for qualified participants for the winter round of Outreachy are currently being accepted through early November.
The Linux kernel 4.19 series is out, so Collabora informs us today through Mark Filion on the contribution they made to this fresh new kernel during its entire development cycle.
Linux kernel 4.19's development cycle was a long one, with no less than eight RCs (Release Candidates), but it resulted in a more powerful kernel that brings lots of goodies. For Linux kernel 4.19, nine Collabora developers contributed a total of 87 patches, as well as 125 signed-off-by tags, 14 reviewed-by tags, and 8 tested-by tags.
"As the curtains rose on opening day of Embedded Linux Conference Europe & Open Source Summit Europe in Edinburgh, the latest release of the Linux Kernel, 4.19, was made available by Greg Kroah-Hartman. Collaborans were once again very active, so here's a look at their contributions," writes Helen Koike.
Overnight the networking subsystem changes were merged into the mainline kernel for the Linux 4.20~5.0. Sadly not part of this pull request is the much sought after WireGuard secure VPN tunnel but it does bring one of the other features we've been monitoring: the new Intel 2.5G Ethernet driver.
While WireGuard wasn't part of this net-next pull request, we'll see if it gets into a secondary pull request or is staved off entirely until Linux 4.21~5.1. WireGuard lead developer Jason Donenfeld does believe it's ready for the mainline kernel.
The recently covered PCI peer-to-peer memory support for the Linux kernel has indeed landed for the 4.20~5.0 kernel cycle. This is about PCI Express devices supporting peer-to-peer DMA that can bypass the system memory and processor via a standardized interface.
The use-case this Linux PCIe P2P memory support was developed for is for copy offloading for NVMe fabrics so data can go directly from an RDMA NIC and copied to the PCIe NVMe SSD storage. There are also implications for multi-GPU systems with this code -- more on the multi-GPU peer-to-peer memory support was discussed in the comments.
Originally attempted for the Linux 4.19 kernel but not merged that cycle was the STACKLEAK GCC plug-in that was ported for the mainline code-base from the Linux GrSecurity patch-set. That plug-in is now trying to get into the Linux 4.20 (or perhaps relabeled as 5.0) kernel.
The STACKLEAK GCC plug-in provides efficient stack content poisoning on system call exits. This functionality can fend off possible attacks around uninitialized stack usage and stack content exposure.
The latest commits to Linux kernel version 5.20 point to out-of-the-box support for the Hygon Dhyana system on a chip (SoC). Hygon is a joint venture between AMD and Chinese company Tianjin Haiguang Advanced Technology Investment Co., Ltd (THATIC), which was formed to create processors for the Chinese server market using AMD IP soon after the U.S. government banned the sale of Intel Xeon processors to China.
Block I/O performance can be one of the determining factors for the performance of a system as a whole, especially on systems with slower drives. The need to optimize I/O patterns has led to the development of a long series of I/O schedulers over the years; one of the most recent of those is BFQ, which was merged during the 4.12 development cycle. BFQ incorporates an impressive set of heuristics designed to improve interactive performance, but it has, thus far, seen relatively little uptake in deployed systems. An attempt to make BFQ the default I/O scheduler for some types of storage devices has raised some interesting questions, though, on how such decisions should be made.
A bit of review for those who haven't been following the block layer closely may be in order. There are two generations of the internal API used between the block layer and the underlying device drivers, which we can call "legacy" and "multiqueue". Unsurprisingly, the legacy API is older, while the multiqueue API was first merged in 3.13. The conversion of block drivers to the multiqueue API has been ongoing since then, with the SCSI subsystem only switching over, after a false start, in the upcoming 4.19 release. Most of the remaining holdout legacy drivers will be converted to multiqueue in the near future, at which point the legacy API can be expected to go away.
David Airlie has submitted the main feature pull request of the plethora of Direct Rendering Manager (DRM) enhancements for the next kernel release that includes a lot of Intel and AMD Radeon graphics driver work.
Ahead of the Zen 2 processors expected in 2019, it appears AMD developers have begun working on their Linux kernel support patches for these next-generation CPUs. In particular, it appears the flow of Linux kernel code for supporting EPYC 2 "Rome" processors has begun.
Sent into the mainline Linux kernel this morning were the EDAC updates for Linux 4.20~5.0. EDAC in this context is for Error Detection And Correction - error reporting functionality mostly useful for server/workstation platforms. Usually the EDAC changes aren't worth writing about on Phoronix, but I did notice one of the changes standing out: "Add Family 17h, models 10h-2fh support."
SUSE's Takashi Iwai has sent in the big batch of sound/audio hardware improvements for the in-development Linux 4.20~5.0 kernel.
There are some notable hardware additions to this sound pull, including:
- Creative Sound Blaster ZxR sound card support, a high-end gamer/enthusiast oriented PCIe sound card with 5.1 channel support.
The initial round of Kernel-based Virtual Machine (KVM) updates has been sent in for the in-development Linux 4.20/5.0 kernel.
Notable on the KVM x86 front is that nested virtualization is enabled by default for running a KVM guest within a KVM guest. This support for allowing KVM guests to use VMX (VT-x) instructions is being enabled by default now that live migration support is squared away and other functionality that ensures for a stable user-space ABI. The capability has of nested KVM on x86_64 has been available for years but required the module parameter to enable the functionality.
It's not all sunshine and roses at the Cloud Native Computing Foundation (CNCF), the Linux Foundation offshoot responsible for supporting cloud native open source projects such as Kubernetes, but it's pretty close, according to executive director Dan Kohn.
Speaking with Computerworld UK this week during the Linux Foundation's Open Source Summit in Edinburgh, he gave a potted history of the three-year-old CNCF, and the tremendous growth that it has seen during that time, particularly around Kubernetes adoption, and why China has proved such a success story.
The vendor-neutral organisation had just 28 members when it began, and with the three-year anniversary looming this December, it is now up to 322 members.
[...]
The really fascinating developments for the foundation are happening regionally though. Although Kubernetes absolutely has its roots with Google (though contributions are declining) there seems to have been little fuss about the open source container orchestration platform's enthusiastic reception in China - unlike Google's efforts to reportedly re-open consumer channels in China.
The CNCF's Devstats project - which looks through every Git commit in the four-year history of the project, and then carries out classification work - rates China as the third largest contributor contingent, after the US in first and Germany in second.
Graphical applications are always pushing the limits of what the hardware can do and recent developments in the graphics world have caused Intel to rethink its 3D graphics driver. In particular, the lower CPU overhead that the Vulkan driver on Intel hardware can provide is becoming more attractive for OpenGL as well. At the 2018 X.Org Developers Conference Kenneth Graunke talked about an experimental re-architecting of the i965 driver using Gallium3D—a development that came as something of a surprise to many, including him.
Graunke has been working on the Mesa project for eight years or so; most of that time, he has focused on the Intel 3D drivers. There are some "exciting changes" in the Intel world that he wanted to present to the attendees, he said.
CPU overhead has become more of a problem over the last few years. Any time that the driver spends doing its work is time that is taken away from the application. There has been a lot of Vulkan adoption, with its lower CPU overhead, but there are still lots of OpenGL applications out there. So he wondered if the CPU overhead for OpenGL could be reduced.
Another motivation is virtual reality (VR). Presenting VR content is a race against time, so there is no time to waste on driver overhead. In addition, Intel has integrated graphics, where the CPU and GPU share the same power envelope; if the CPU needs more power, the GPU cannot be clocked as high as it could be. Using less CPU leads to more watts available for GPU processing.
For the Intel drivers, profilers show that "draw-time has always been [...] the volcanically hot path" and, in particular, state upload (sending the state of the OpenGL context to the GPU) is the major component of that. There are three different approaches to handling state upload in an OpenGL driver that he wanted to compare, he said. OpenGL is often seen as a "mutable state machine"; it has a context that has a "million different settings that you can tweak". He likens it to an audio mixing board, which has lots of different knobs that each do something different. At its heart, OpenGL programs are setting these knobs, drawing, then setting them and drawing again—over and over.
Primarily for Linux workstation customers, AMD today released Radeon Software 18.40 as the collection of their closed-source Vulkan/OpenGL components as well as PAL OpenCL driver plus the option of using their packaged "All-Open" driver stack that is a snapshot of their Mesa-based driver components.
The vast majority of Phoronix readers are best off using their distribution-supplied Mesa-based Radeon graphics drivers or the third-party PPAs / package archives for riding the bleeding-edge Mesa, if you aren't building the code yourself already. But for those needing the (now slower) proprietary OpenGL driver for specific workstation needs or just wanting to use the officially AMD blessed graphics driver, that's the (small) void Radeon Software on Linux fills today.
With just one week of feature development remaining for the in-development Mesa 18.3, the race is on for landing the remaining feature work ahead of this next quarterly Mesa3D stable version.
Landing overnight is a small addition from Feral Interactive's Alex Smith to allow the Intel "ANV" Vulkan driver to present via a different GPU. With a simple two-line patch, Vulkan rendering can happen with an Intel GPU while the contents then presented to a display connected via a Radeon graphics card. Granted, the use-case of rendering with slower Intel graphics hardware and then presenting it on a display connected via a discrete Radeon GPU will be rare, but can be useful for game developers in testing the Intel graphics without having to change display connections.
We are currently an estimated 2-3 weeks away from releasing a 2.80 Beta version, which will have all the main features that will be in the 2.80 stable release.
Blender 2.80 development had been running a few months behind schedule but coming out in the next few weeks will be their beta milestone.
Blender 2.80 is the next big feature release for this widely-used, cross-platform 3D open-source modeling software. Blender 2.80 has been working on many GPU handling improvements, EEVEE integration, Pixar OpenSubdiv functionality, better Cycles renderer, user-interface refinements, and other accomplishments.
Flameshot is an open-source command line-based screenshotting tool that lets you capture whole or specific screen areas and immediately make annotations before saving them locally or online to Imgur. If you choose to save the shots online the link is automatically copied to your clipboard for sharing.
Using Flameshot gives you access to freehand drawing, lines, arrows, circles, boxes, highlighting, blur, text, and pin annotation options.
You can customize Flameshot’s colour and size, and use of its on-screen buttons for quick tasks like Undo, Copy to clipboard, Save file, Upload to Imgur, Move screen selection.
Wondershaper is a small bash script that enables you to limit the network bandwidth in Linux. It employs the tc command line program as the backend for configuring traffic control. It is a handy tool for controlling bandwidth on a Linux server.
It allows you to set the maximum download rate and/or maximum upload rate. In addition, it also allows you to clear the limits that you have set and can display the current status of an interface from the command line. Instead of using the CLI options, you can run it persistently as a service under systemd.
In this article, we will show how to install and use wondershaper for limiting network bandwidth on Linux systems.
Log files are a record of important events and transactions from all your IT equipment, applications, and networks that helps in identifying and troubleshooting problems that arise.
Logging is something that application developers, system administrators, and IT security teams cannot do without for a variety of IT tasks. With the development of new IT movements like DevOps, it has become increasingly cumbersome to retrieve logs from different locations like servers, applications, network devices and other peripherals for merging them into a single file that can be looked at.
This problem is overcome by centralization of logs which involves sending all logs to a single server for easy aggregation and access.
FontBase is a beautiful font manager for designers, available on Windows, macOS and Linux. The application features built-in Google fonts, with the ability to preview and easily use them in desktop applications like GIMP, Photoshop, Sketch, etc.
Advertised as "the font manager of the new generation, built by designers, for designers", the tool uses Electron, and is free to use but not free and open source software. A subscription is available ($3 / month, $29 / year or $180 as a one time payment) which adds a few extra features like full glyphs preview (and copy), multiple views, and font auto-activation for Creative Cloud.
Find and fix outlier events that create issues before they trigger severe production problems.
Game Dev Studio, another game to let you attempt to rise to greatness in the games industry just recently added a Linux version.
Gravel [Steam], the "ultimate off-road experience" is a racing game from Milestone (MXGP, MotoGP and many more) and it's showing signs of coming to Linux.
From the creator of Out There, Sigma Theory is a very promising looking take on the espionage game genre and it's coming to Linux.
Set in the near-future, this single-player espionage strategy game takes place during a new cold war. It asks an interesting question. How far will you go to control the future? The game is centred around a discovery called "The Sigma Theory", which the worlds superpowers are determined to achieve that could enable them to "destroy the global financial system, wipe out entire countries or even gain access to immortality".
Over the weekend, Soul Calibur 6 Linux players discovered that the game will ban their account if they try to go online. Not even going back to Windows will let them play networked multiplayer. While Soul Calibur 6 doesn’t have an official port to Linux, it is supported through Steam’s Steam Play program using Proton. Added by Valve earlier this year, this compatibility layer enables Windows games on the platform.
While some initially blamed the Denovo DRM for the issue, the problem seems to be with the game’s anti-cheat system. As noted on Reddit, Tekken 7 also supports Denovo and Proton and has not run into any issues with Linux players. Since both games come from the same publisher, it’s safe to assume that something else is at work here. Neither Bandai Namco or Valve have come out with a statement regarding the issue at this time.
Linux historically hasn’t been a robust gaming platform, though Valve’s Steam Play features aim to change that. But Soulcalibur VI shows some unfortunate side-effects from those measures, as players are getting banned from online play if they launch the game using those built-in Linux compatibility features. Worse yet, the ban is account-wide – so you’re still out of luck even if you switch to Windows.
If you launch Soulcalibur VI using Steam Play on Linux, you won’t be able to play online. Reinstalling won’t help, nor will installing the game on separate PC, or switching to Windows. The ban appears to be linked directly to your Steam account, so your online recourse would be to repurchase the game on a separate account.
If you use Linux and enjoy playing video games, life has been pretty good lately. Valve, Unity, Unreal Engine, and other big-name forces have pulled the video game industry into Linux compatibility so thoroughly that if you use Steam, you likely own more Linux-compatible games than you have time to play (and with Proton and Steam Play, that number's about to increase).
If you're a fan of indie games, Itch.io and a wide variety of game sprints such as the Open Jam are making it easy to find truly excellent games for Linux. Vendors like GOG.com and Humble Bundle offer lots of games new and old. And finally, you can find plenty of games in your distribution's repositories, game emulators for old consoles, and online games.
For those who love your rather retro looking RPG experiences, Afelhem entered Early Access recently with Linux support.
Slime Rancher, the delightfully sweet game about adventure, exploration and capturing funny little (and sometimes not so little) Slimes just had a good optimisation update.
It always ran pretty well for me, although on the highest settings it definitely feels quite a bit smoother after this update. The developer said they upgraded the game engine version (Unity) as well as "all game data has been reorganized to optimize the way we store data and manage certain game states".
When asking the developer to confirm it will support Linux, since the Steam store page does have a Linux system requirements tab they simply said "We'll make it soon ;)".
Wannabe mermaids of the world can now take down evil sirens in the dungeon crawler Serenade of the Sirens, now in Early Access.
Qt Design Studio is a UI design and development environment that enables designers and developers to rapidly prototype and develop complex and scalable UIs.
Qt Design Studio is a tool used by both designers and developers and that makes collaboration between the two a lot simpler and more streamlined: Designers can look the graphical view, while developers can look at the QML code. With this workflow, designers can have their Photoshop designs running on real devices in minutes! As an aside, I say Photoshop designs, but we are planning to support other graphic design tools in the future.
KDAB is proud to announce that for the first time ever we will be present at Embedded Technology outside of Tokyo in Japan.
Every year more than 25000 visitors attend over 3 days!
The event takes place in the Pacifico Yokohama exhibition center and focuses on Embedded AI, IoT Wireless Technology, Smart Sensing and Safety & Security.
KDAB will present Automotive and Industrial customers’ showcases and tools around Modern C++, Qt and 3D.
LaKademy, or Latin American Akademy, is the annual meeting of the Latin American KDE community - one of the biggest Free software communities in the world. The event takes place since 2012, and is open to all developers, artists, users, and everyone who wants to contribute in any way to the software created or maintained by the community.
Not every USB-C port is a Thunderbolt 3 port. Watch out for the logos!
[...]
In related news: bolt 0.5 is out (since about a month now) and will be shipped with Fedora 29. Have a look at the release notes for a complete list of changes, but the most important one I want to highlight here is the new force power D-Bus API. What is it and why do we need it? The Thunderbolt controller can be in two different modes: one in which it is constantly powered (native enumeration mode) and one in which it is controlled by the BIOS. In the latter mode, if nothing is plugged into the Thunderbolt port the controller is completely powered down and it looks as if there is no Thunderbolt hardware present at all. This is great because it saves battery, but there are two problems: 1) boltd wants to know what security level the Thunderbolt controller is in, and more importantly 2) the firmware update daemon (fwupd) wants to know the firmware version of the Thunderbolt controller, so that it can check if there are updates available (and if so, show them in GNOME Software). Luckily, newer kernel versions have (on supported platforms) a sysfs interface that can be used to "force-power" the Thunderbolt controller. Both boltd and fwupd have support for that, which is great, but also the root of a race: the force-power interface is not reference counted and also write only (you cannot ask for the current status). Now if boltd force-powers the controller, uevents will be generated which, in turn, will be processed by fwupd and it will try to read the firmware version. If, in the meantime, boltd is done with its thing and powers the controller down again but fwupd is not yet done reading the firmware, then that read will fail. Or the other way around: fwupd powers the controller, boltd gets started due to the uevents, but meanwhile fwupd is powering the controller down again, boltd might e.g. hang reading the boot-acl.
We are pleased to announce the immediate availability of Red Hat Developer Toolset 8 beta for Red Hat Enterprise Linux 6 and 7.
Several financial institutions across the Asia Pacific have adopted Red Hat hybrid cloud architectures and practices, in a concerted effort to become more agile while reducing costs and more effectively managing risks. The regional banks that have adopted the open source vendor’s technology include Malaysia’s AmBank Group, Indonesia’s PT Bank Tabungan Pensiunan Nasional Tbk, Indonesia’s Bank BRI, China’s China Merchants Bank, Taiwan’s Cathay United Bank, and Japan’s Fukuoka Financial Group.
Red Hat announced on Tuesday that it is collaborating with NVIDIA to bring a new wave of open innovation around emerging workloads like artificial intelligence (AI), deep learning and data science to enterprise data centers around the world.
Driving this effort is the certification of enterprise Linux platform, Red Hat Enterprise Linux, on NVIDIA DGX-1 systems. This certification provides a foundation for the rest of the Red Hat portfolio, including Red Hat OpenShift Container Platform, to be deployed and jointly supported on NVIDIA’s AI supercomputers.
As NVIDIA DGX-1 systems enter the datacenter to provide powerful AI platforms, IT teams will often want to manage and maintain these systems within their existing operations, which frequently are Red Hat Enterprise Linux-based.
Red Hat cozied up even further with NVIDIA yesterday, certifying its Enterprise Linux platform on the GPU vendor’s DGX-1 machine learning boxes.
The announcement makes it easier for enterprises to manage their machine learning training on their own premises, the Linux vendor said.
Under the deal, existing Red Hat Enterprise Linux subscriptions are eligible for use on DGX-1 systems. It also opens up certified applications developed for Red Hat’s Linux system to DGX-1 users. Red Hat is going beyond certification by optimizing its Linux for DGX-1 using tuned profiles for the NVIDIA platform. This draws on the tuned package that it released in Red Hat Enterprise Linux 6. The company has said in the past that tuned profiles can boost performance in the double-digit percent range.
COPR is a collection of personal repositories for software that isn’t carried in the standard Fedora repositories. Some software doesn’t conform to standards that allow easy packaging. Or it may not meet other Fedora standards, despite being free and open source. COPR can offer these projects outside the standard set of Fedora Fedora packages. Software in COPR isn’t supported by Fedora infrastructure or signed by the project. However, it can be a neat way to try new or experimental software.
RaspEX developer Arne Exton released a new version of his RaspEX Linux operating system for Raspberry Pi devices based on the recently released Ubuntu 18.10 operating system.
What's special about this new RaspEX version is that while it's based on Ubuntu 18.10 (Cosmic Cuttlefish), it uses the older LXDE (Lightweight X11 Desktop Environment) desktop instead of the new LXQt variant, which probably consumes more CPU and RAM on the tiny Raspberry Pi single-board computers.
RaspEX LXDE Build 181022 is powered by the Linux 4.14.76 LTS kernel built for the ARMv8 architecture, which means that it supports the original Raspberry Pi 3 Model B single-board computer, as well as the latest Raspberry Pi 3 Model B+ variant. However, you can also use a 32-bit kernel, Linux 4.14.74 LTS.
Following the demise of Ubuntu Phone, Purism’s Librem 5 seems like the next big thing in the budding world of Linux smartphones. Purism has already partnered with big names like GNOME and KDE, and we can expect the device to start shipping in April 2019.
It seems like another hardware vendor is looking to develop its own Linux smartphone. As reported by It’s FOSS, Pine64 is working to create inexpensive Linux-based smartphones and tablets.
Pine64 is making a Linux smartphone that runs KDE Plasma. According to the FOSSBYTES post, the devices will be called PinePhone and PineTab, and Pine64 will begin sending the first PinePhone developer kits to selected devs for free in November. The open-source Linux smartphone is expected to start at around $100.
You might remember Pine64 as the manufacturer and retailer behind the Pinebook, a US $99 Linux-based laptop. The company is planning to continue its journey into the world of budget-tier Linux mobile devices by working on a smartphone, dubbed the PinePhone.
Like the cheap laptops Pine sells, the PinePhone isn’t likely to be a specs monster. According to the Pine team, they’re planning on basing the PinePhone around their Pine A64 single-board computer. That means the PinePhone is likely to have a mere 2 GB of RAM and a quad-core ARM Cortex A53 SoC. The phone will also likely only have 16 GB of onboard storage.
Most of the details are still up in the air, especially concerning the final design. However, Pine64 is planning on releasing a dev kit for the phone on November 1. This will include the Pine A64 baseboard, an SOPine module, a 7-inch touchscreen, a camera, a WiFi/Bluetooth card, a battery case, and an LTE Cat4 USB dongle. The final device may use a 5.45” 1440x720 display, but since the design isn’t planned on being final until mid-2019, this could change.
Pine64 sells a handful of single-board computers and low-cost laptops designed to run Linux. Now it looks like the company wants to build a Linux smartphone.
According to a report from It’s FOSS, the upcoming PinePhone will feature a 5.45 inch, 1440 x 720 pixel display and it will be powered by the same PINE A64 board that the company uses for its Linux-powered Pinebook laptops.
IEI unveiled a “Hyper-RK39” Pico-ITX SBC that runs Ubuntu or Android on a Rockchip RK3399 and supplies 2GB RAM, 16B eMMC, dual and 4K display support, GbE, WiFi/BT, and optional LTE.
The hexa-core Rockchip RK3399 continues to be popular on community hacker boards such as the recent NanoPi Neo4. Now, commercial board vendors are giving the somewhat x86-like Arm SoC a try. First, there was Aaeon’s RICO-3399 and now IEI has answered with the similarly Pico-ITX form factor (100 x 72mm) Hyper-RK39.
d revenue business is dependent on automated processes for buying and selling of advertisements as they pay out on the basis of views and clicks. But this system is also vulnerable to abuse, and this is exactly what happened.
Fighting invalid traffic is essential for the long-term sustainability of the digital advertising ecosystem. We have an extensive internal system to filter out invalid traffic – from simple filters to large-scale machine learning models – and we collaborate with advertisers, agencies, publishers, ad tech companies, research institutions, law enforcement and other third party organizations to identify potential threats. We take all reports of questionable activity seriously, and when we find invalid traffic, we act quickly to remove it from our systems.
Role-Playing games act as a bridge to jump from intricacies of real-life to the world of powerful characters and stories.
In this edition of The Daily, we look at Square’s recent decision to open-source its Subzero cold storage solution. We also focus on Bitcurate’s new cryptocurrency market intelligence service, as well as the chat platform that Coin Stats is launching for cryptocurrency investors and coin teams.
Enhanced Tracking Protection is the name of the new feature and its aim is to protect you from those niggling little third-party cookies that monitor your data. It's not a new idea, but a massive leap forward.
Mozilla has been talking about different types of anti-tracking capabilities for seven years. In 2011, Firefox 4 implemented Do Not Track, a feature that enables users to notify sites if they do not want to be tracked. That method relied on sites honoring user requests and had limited success. With Firefox 42, which was released in November 2015, Mozilla first added its Tracking Protection feature, restricting the ability of third-party technologies from tracking a user.
Databases create enough metrics to keep us all busy for a long time, and while the internal performance databases are full of useful information, it’s not always clear which metrics you should care about. Start with throughput, execution time, concurrency, and utilization, which provide enough information for you to start understanding the patterns in your database.
There are many rudimentary Microsoft-style themes for Linux, but Chicago95 fastidiously recreates the ineffable beauty of Windows '95 right down to the finest details. It's a perfect melding of the historical Windows and modern Linux experiences.
At the Broadband World Forum in Berlin, Plume jointly announced, along with Samsung, that it was rendering open-source the Plume Middle Layer software it uses for gateways, modems, routers, access points, extenders, set-top boxes, IoT hubs, smart speaker and other Wi-Fi-connected devices.
The software will now be called OpenSync.
Aequatus - a new bioinformatics tool developed at Earlham Institute (EI) - is helping to give an in-depth view of syntenic information between different species, providing a system to better identify important, positively-selected, and evolutionarily-conserved regions of DNA.
Generally, organisms that are closely related show a high degree of synteny i.e. they possess similar sequences along their chromosomes, where closely related genes that are presumed to have the same function are clustered in a similar organisation between species. Thus, many human genes have high synteny with mammals, from chimpanzees to mice.
Studying the synteny between organisms can help us to identify how genetic regions change through evolution, and has far-reaching applications - including better understanding evolution and how we came to be, aiding studies into human health, as well as in breeding better crops.
The free-software community was built on email, a distributed technology that allows people worldwide to communicate regardless of their particular software environment. While email remains at the core of many projects' workflow, others are increasingly trying to move away from it. A couple of recent examples show what is driving this move and where it may be headed. Email is certainly not without its problems. For many of us, plowing through the daily email stream is an ongoing chore. Development lists like linux-kernel can easily exceed 1,000 messages per day; it is thus unsurprising that the number of kernel developers who actually follow such lists has been dropping over time. Email is based on a trust model from a simpler time; now it is overwhelmed by spam, trolls, sock puppets, and more. Dealing with the spam problem alone is a constant headache for mailing-list administrators. Interacting productively via email requires acquiring a set of habits and disciplines that many find counterintuitive and tiresome. Your editor's offspring see email as something to use to communicate with their grandparents, and not much more.
It is thus not surprising that some projects are thinking about alternative ways of communicating. Even projects like the kernel, which remains resolutely tied to email, are seeing some experimentation around the edges. Some, though, are diving in more seriously, with a couple of recent experiments being found in the Fedora and Python projects.
Far away from greedy music execs and pop stars, in realms like Mystara and Eberron, or the sprawling cosmic expanse of Planescape, things aren’t any less complicated. In recent months, Dungeons and Dragons, the 44-year-old role-playing game in which players conjure entire fantasy universes through pen and paper, has become an unlikely symbol of the compromises demanded by digital services. A culture once known for DIY adventures is changing, and it’s all the [I]nternet’s fault.
Taplin is very angry about a lot of things that I'm also very angry about: the redefinition of monopoly to conveniently exclude the largest and most powerful modern companies...
Apple and Samsung are being fined €10m and €5m respectively in Italy for the “planned obsolescence” of their smartphones.
An investigation launched in January by the nation’s competition authority found that certain smartphone software updates had a negative effect on the performance of the devices.
Believed to be the first ruling of its kind against smartphone manufacturers, the investigation followed accusations operating system updates for older phones slowed them down, thereby encouraging the purchase of new phones.
In a statement the antitrust watchdog said “Apple and Samsung implemented dishonest commercial practices” and that operating system updates “caused serious malfunctions and significantly reduced performance, thus accelerating phones’ substitution”.
Italian authorities have fined Apple and Samsung for pushing the latest software updates that led to device malfunctions, and ultimately forced users to buy new phones.
Back in January this year, Italy’s antitrust organization conducted separate investigations on Apple and Samsung to find if they were deliberately using software updates to slow down phones.
Generics industry group Medicines for Europe has declared United States interference in the European Union legislative process on the supplementary protection certificate (SPC) manufacturing waiver “unacceptable,” and an attempt to “influence the outcome of this EU legislative proposal.”
The statement was made in a Medicines for Europe press release available here.
The US Patent and Trademark Office, the US Trade Representative and the US Department of Commerce held a closed-door meeting with EU government officials in Brussels yesterday, 23 October, “to convey the position of the US commercial bodies and representatives to EU officials on the introduction of an SPC manufacturing waiver in Europe,” according to the release.
Monopoly prices of diagnostic tools and lack of competition in the market constitute a barrier to treatment for people with hepatitis C virus (HCV), but the increased use of “open” diagnostic platforms could reduce prices, a health advocacy research study has found.
This is Wilson.* His mother, Aline, took the picture to mark a happy and hopeful moment following a traumatic period when Wilson participated in a University of Illinois at Chicago clinical trial that tested whether lithium was effective in treating children with bipolar disorder.
ProPublica Illinois reported in April that the UIC psychiatrist who oversaw several federally funded studies, Dr. Mani Pavuluri, violated research rules, failed to alert parents of risks and falsified data to cover up misconduct, and that UIC didn’t properly oversee her work. The National Institute of Mental Health forced UIC to return $3.1 million in grant money in December and, not long after, Pavuluri left the university. Pavuluri, who had founded a UIC pediatric mood disorders clinic in 2000 and treated children from around the country, opened a private practice.
Hundreds of children participated in Pavuluri’s studies. After UIC provided only limited information about how they were affected, we put out a call for families who took part to tell us about their experiences.
Trusted Computing has not had the best reputation over the years — Richard Stallman dubbing it "Treacherous Computing" probably hasn't helped — though those fears of taking away users' control of their computers have not proven to be founded, at least yet. But the Trusted Platform Module, or TPM, inside your computer can do more than just potentially enable lockdown. In our second report from Kernel Recipes 2018, we look at a talk from James Bottomley about how the TPM works, how to talk to it, and how he's using it to improve his key handling.
Everyone wants to protect their secrets and, in a modern cryptographic context, this means protecting private keys. In the most common use of asymmetric cryptography, private keys are used to prove identity online, so control of a private key means control of that online identity. How damaging this can be depends on how much trust is placed in a particular key: in some cases those keys are used to sign contracts, in which case someone who absconds with a private key can impersonate someone on legal documents — this is bad.
The usual solution to this is hardware security modules, nearly all of which are USB dongles or smart cards accessed via USB. Bottomley sees the problem with these as capacity: most USB devices can only cope with one or two key pairs, and smart cards tend to only hold three. His poster child in this regard is Ted Ts'o, whose physical keyring apparently has about eleven YubiKeys on it. Bottomley's laptop has two VPN keys, four SSH keys, three GPG keys (because of the way he uses subkeys) and about three other keys. Twelve keys is beyond the capacity of any USB device that he knows of.
Beyond just encrypting messages, and thus providing secrecy, the OpenPGP standard also enables digitally signing messages to authenticate the sender. Email applications and plugins usually verify these signatures automatically and will show whether an email contains a valid signature. However, with a surprisingly simple attack, it's often possible to fool users by faking — or spoofing — the indication of a valid signature using HTML email.
For example, until version 2.0.7, the Enigmail plugin for Mozilla Thunderbird displayed a correct and fully trusted signature as a green bar above the actual mail content. The problem: when HTML mails are enabled this part of the user interface can be fully controlled by the mail sender.
One of the more difficult aspects of the Spectre hardware vulnerability is finding all of the locations in the code that might be exploitable. There are many locations that look vulnerable that aren't, and others that are exploitable without being obvious. It has long been clear that finding all of the exploitable spots is a long-term task, and keeping new ones from being introduced will not be easy. But there may be a simple technique that can block a large subset of the possible exploits with a minimal cost.
Speculative-execution vulnerabilities are only exploitable if they leave a sign somewhere else in the system. As a general rule, that "somewhere else" is the CPU's memory cache. Speculative execution can be used to load data into the cache (or not) depending on the value of the data the attacker is trying to exfiltrate; timing attacks can then be employed to query the state of the cache and complete the attack. This side channel is a necessary part of any speculative-execution exploit.
It has thus been clear from the beginning that one way of blocking these attacks is to flush the memory caches at well-chosen times, clearing out the exfiltrated information before the attacker can get to it. That is, unfortunately, an expensive thing to do. Flushing the cache after every system call would likely block a wide range of speculative attacks, but it would also slow the system to the point that users would be looking for ways to turn the mechanism off. Security is all-important — except when you have to get some work done.
Kristen Carlson Accardi recently posted a patch that is based on an interesting observation. Attacks using speculative execution involve convincing the processor to speculate down a path that non-speculative execution will not follow. For example, a kernel function may contain a bounds check that will prevent the code from accessing beyond the end of an array, causing an error to be returned instead. An attack using the Spectre vulnerability will bypass that check speculatively, accessing data that the code was specifically (and correctly) written not to access.
Mr Hogg said stolen [sic] data also included 403 expired credit card numbers and 27 credit card numbers with no CVV.
"The following personal data was accessed: passenger name; nationality; date of birth; phone number; email; address; passport number; identity card number; frequent flyer programme membership number; customer service remarks and historical travel information."
It's unclear why it took nearly six months to notify the public. Cathay Pacific didn't immediately respond to a request for comment.
In addition, about 860,000 passport numbers and 245,000 Hong Kong identity card numbers were accessed without authorisation.
Unauthorised access known about since May.
It booked its first back-to-back annual loss in its seven-decade history in March, and has previously pledged to cut 600 staff including a quarter of its management as part of its biggest overhaul in years.
The answer to the question in the title is most likely “no.” While the OPAQUE protocol is a fascinating approach to authentication, for web applications it doesn’t provide any security advantages.
I read an interesting post by Matthew Green where he presents ways to authenticate users by password without actually transmitting the password to the server, in particular a protocol called OPAQUE. It works roughly like that:
The server has the user’s salt and public key, the client knows the password. Through application of some highly advanced magic, a private key materializes in the client, matching the public key known to the server. This only works if the password known to the client is correct, yet the client doesn’t learn the salt and the server doesn’t learn the password in the process. From that point on, the client can sign any requests sent to the server, and the server can verify them as belonging to this user.
The fact that you can do it like this is amazing. Yet the blog post seems to suggest that websites should adopt this approach. I wrote a comment mentioning this being pointless. The resulting discussion with another commenter made obvious that the fundamental issues of browser-based cryptography that I first saw mentioned in Javascript Cryptography Considered Harmful (2011) still aren’t widely known.
We've known that the X.Org Server security has been a "disaster" (according to security researchers) and while many bugs have been fixed in recent years, not all of the security bugs date back so far in the decades old code-base. Out today is X.Org Server 1.20.3 to fix a new CVE issued for X.Org Server 1.19 and newer.
In X.Org Server 1.19 through X.Org Server 1.20.2 there was incorrect command-line parameter validation that could lead to privilege escalation and files being arbitrarily overwritten.
Given US and Russian presidential capacity for springing surprises, we risk losing the degree of safety we gained with the end of the Cold War and have enjoyed since then.
[...]
Even while the numbers continued to drop, problems were emerging. Not least, in 2002 the US unilaterally withdrew from the ABM Treaty. That did not stop the US and Russia signing the Strategic Offensive Reductions Treaty in 2002 or New START in 2010 but perhaps it presaged later developments.
Trump’s announcement brings towards its conclusion a process that has been going on for several years. The US declared Russia to be violating the Treaty in July 2014. That, of course, was during the Obama administration. The allegation that Russia has breached the INF Treaty, in other words, is not new. This year the USA’s NATO allies also aligned themselves with the US accusation, albeit somewhat guardedly (cf the careful wording in paragraph 46 of the July Summit Declaration).
The charge is that Russia has developed a ground-launched cruise missile with a range over 500 kilometres. Many details have not been clearly stated publicly but it seems Russia may have modified a sea-launched missile (the Kalibr) and combined it with a mobile ground-based launcher (the Iskander K system). The modified system is known sometimes as the 9M729, or the SSC-8, or the SSC-X-8.
He is, of course, saying this to shore up support among white nationalists. The Nazi sites on the web were all having wet dreams in the aftermath.
From the 1990s, polling has found that about 10% of Americans support far right militias. These are the white nationalists. Trump came to power by mobilizing that 10% and combining it with Republicans and independents
It is not an accident that Benito Mussolini called his party “Nationalist Fascism.” The two go together. Trump performs the “fascist” part of this two-part term every time he does a rally, so he doesn’t have to say “I am a Nationalist Fascist,” i.e. a Mussolini-ist. But that is what he is.
Somehow Benito Mussolini is not often brought up in contemporary American political debates. His armies slaughtered 330,000 Allied troops during World War II, including large numbers of Americans. Two of my uncles fought in World War II in the European theater, and I’m not willing to let Mussolini skate. Of 45,000 Italian Jews, 8,000 were delivered to Nazi death camps and a similar number were forced to flee abroad. Some $1 billion was stolen from them as a community. I’m not sure how Trump’s Rasputin, Steve Bannon, gets away with praising this mass murderer and then being invited to major cultural and political gatherings in the West.
Many Cambodians born after the short but violent period of the Khmer Rouge, which lasted from mid-April 1975 to December-January 1978, cannot believe the horror stories of the previous generation. “My parents tell me their stories, but I did not believe them,” says Uon Silot, a fiction writer and farmer, who adds: “They said to me – the reason we are telling you is so that the same does not happen again, this time to you.”
How difficult should it be for those parents to tell their traumatic stories? And how painful is it to be faced with disbelief? The idea that it might be impossibile to pass the story of mass violence even to one’s own children poses further, existential questions. Are we as a human civilisation capable of learning “lessons” from history? And consequently, can we immunise the next generation from human violence and self-destruction?
“Genocide has become the identity of Cambodia,” Youk Chhang, director of the Documentation Centre of Cambodia, tells me. “Everyone in this country has been affected by genocide. There is no way to escape it. All the kids of this country are born either from victims or perpetrators” of the genocide, he concludes.
Turkey's government has already locked up more than 70 journalists -- most of them in the wake of a failed coup. President Recep Erdogan says the imprisoned journalists are terrorists and criminals, but rather than offer evidence of wrongdoing, Erdogan just keeps throwing more of them in jail.
The notoriously thin-skinned president has been eliminating dissent and criticism since he took power, so there's no reason to give his accusations of criminal activity credence. Erdogan has leaned on favorable laws elsewhere in the world to press for criminal charges and extradition of citizens of other nations who've offended his delicate sensibilities.
Journalism in Turkey has come under renewed scrutiny after an Istanbul court issued an international arrest warrant for two prominent writers living overseas.
In a hearing against journalists linked to the Cumhuriyet newspaper, the 27th High Criminal Court said it would request the issuance of Interpol “red notices” for Can Dundar and Ilhan Tanir. The order notifies all Interpol member states that the individual has pending arrest warrants.
Mr Dundar, the newspaper’s former editor-in-chief, and Mr Tanir, its ex-Washington correspondent, currently live in Germany and the US respectively.
In April, more than a dozen Cumhuriyet staff were convicted of supporting groups such as the Kurdistan Workers’ Party (PKK), the far-left Revolutionary People’s Liberation Party-Front and the Gulenist movement, which Ankara holds responsible for a 2016 coup attempt. All three are listed as terrorist organisations in Turkey.
Here – apart from sniffing and a runny nose – from a treatment website is a list of some of the mental symptoms of cocaine abuse. An interesting take on the reckless Khashoggi assassination?
In these times of so much civil strife, internecine wars, and racial and political intolerance, it is good to remember an episode involving Turkey, Australia, and New Zealand. It shows the power of words to console the grieving and to bring closure to a painful history.
Usually, in April, Turks, as well as people from Australia and New Zealand gather in northwestern Turkey to render homage to their ancestors, brave young soldiers, who lost their lives on the fields of Ãâ¡anakkale in what is known as the Gallipoli Campaign during World War I.
The Gallipoli Campaign took place on the Gallipoli Peninsula in Turkey, between April 1915 and January 1916. A joint British and French operation had been conducted to capture the Ottoman capital of Istanbul and secure a sea route to Russia. The Australian and New Zealand Army Corps, or Anzac, formed the foundation of a 200,000 British-led army that landed at Gallipoli. The operation failed, with thousands of casualties on both sides.
One year ago this month, the best-known and most feared journalist in Malta, Daphne Caruana Galizia, was assassinated by a car bomb as she left her house on the tiny Mediterranean island. Her violent murder, still unsolved, might have stayed the stuff of local news. But on Malta, local news turns out to be global.
Caruana Galizia’s murder has always been a test for Malta and for Europe, one that neither has yet passed. The year since her death may have shown the failure—or at least the resistance—of institutions to solve the crime, reining in corruption, upholding the rule of law, and protecting journalists. But it has also served as a triumph of investigative journalism.
[...]
After Caruana Galizia’s assassination, three men, all with existing criminal records on Malta, were arrested last December, and are facing trial on charges of detonating the bomb that killed her. But her family, along with Members of the European Parliament and international organizations, suspect that the three men were mere foot soldiers. This month, Caruana Galizia’s family and some MEPs called on the European Commission to monitor the investigation, fearing Maltese authorities lacked the independence and political will to solve the crime. (The Maltese government refutes these claims.)
After Caruana Galizia’s death, one inevitable question arose: What was she working on before she was killed? Here, there has been some progress. With the assistance of Caruana Galizia’s family, a small army of investigative reporters from 18 publications around the world, including The Guardian, La Repubblica, and Le Monde, were given access to the dead journalist’s files. In April, they began publishing dozens of stories based on Caruana Galizia’s leads, as well as reports on the investigation into her assassination. The undertaking has been dubbed The Daphne Project and is coordinated by Forbidden Stories, a consortium that seeks to continue the work of journalists “facing threats, prison or murder.” For their efforts, this week Caruana Galizia was posthumously awarded Transparency International’s Anti-Corruption award, and last week the founder of Forbidden Stories, the French journalist Laurent Richard, was given the Prix Europa award for European Journalist of the Year.
Below are highlights of an internal Stratfor email dated Aug. 12, 2010, one of 5 million emails published by Wikileaks with this preface:
“On Monday, February 27th, 2012, WikiLeaks began publishing The Global Intelligence Files, over five million e-mails from the Texas headquartered ‘global intelligence’ company Stratfor. The e-mails date between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defence Intelligence Agency. The emails show Stratfor’s web of informers, pay-off structure, payment laundering techniques and psychological methods.”
Stratfor’s internal emails are freewheeling, colloquial, unfettered by political niceties, as in the title of this one, “Re: DISCUSSION – RWANDA/SOUTH AFRICA – Rwandans are cold ass mofos,” and a later remark that “while they [Rwandan assassins] may not be the black version of Mossad, they’re still good enough to get a shot off.” Others are blatantly racist.
“I believe they are going to turn over Assange to the US government,” Correa, who was leading the Latin American country at the time when it granted the WikiLeaks co-founder asylum, told RT, calling the policy of the current Ecuadorian government “a shame.”
“The Ecuadorian state has to protect Assange’s rights, he is not just an asylum [seeker]; he is a citizen,” Correa said. Granted Ecuadorian citizenship back in 2017, Assange is now supposed to be protected by the Ecuadorian constitution. But the current government is too desperate for Washington's favor, Correa believes.
The WikiLeaks co-founder might be a bargaining chip in an agreement between the Ecuadorian authorities and US Vice President Mike Pence, who visited the Latin American country and met with President Lenin Moreno earlier this year.
Quito’s behavior shows that it has “absolutely submitted” to Washington without actually earning any favor, Correa said.
His comments came a week after two US lawmakers called on Moreno to “hand Assange over to the proper authorities,” calling him “a dangerous criminal and a threat to global security.”
A tragic fourth straight year of record-breaking grizzly bear mortality in the Greater Yellowstone Ecosystem (GYE) has been compounded by the concurrent tragedy of increasingly frequent human maulings and deaths.
Most of these injuries, fatal or otherwise, have involved big game hunters and outfitters involved in close encounters with bears. The rash of resulting media coverage has duly given ample space for quotes from wildlife managers.
According to their narrative, human deaths and injuries during recent years are directly attributable to a burgeoning population of fearless aggressive grizzlies that have expanded into “unsuitable” habitat.
The only remedy is to kill more bears, including essentially all that currently occupy the ecosystem periphery, preferably through a trophy hunt. End of story.
Except it isn’t the end of the story. Nor is it even particularly accurate. Most importantly, this official rendering assiduously ignores emerging dynamics that are more likely to be the true cause of escalating bear deaths and human injuries.
Brexit is expected to have a major impact on the UK economy with the effect being markedly different in various parts of the UK (1). While there is much debate and disagreement regarding the medium to long term economic impact of Brexit a useful exercise is to look at the current state of the UK economy and how the picture differs across the nations and regions. Such an analysis offers a good starting point for consideration of the fiscal strategy that should be pursued by the UK Government post Brexit.
The poppy hasn't suddenly been co-opted. It's always been a little piece of propaganda.
Since the British voted to leave the EU, corporate lobbyists have been working to ensure any future EU-UK trade deal delivers maximum benefits and as little disruption to them as possible. Not least financial sector lobbyists, who have been lobbying hard to influence a future EU-UK trade deal that serves the sector, not just in London but across Europe as well.
Their proposals include plans that would lead to weakened regulations and specific threats to the public interest, such as ‘special courts’ that allow banks to sue governments if they adopt rules the financial sector finds unfair, such as attempts to introduce a small tax on financial transactions.
Ten years after the financial crisis, a major cause of which was the lack of robust regulations, any weakening of rules, or mechanisms that privilege corporations, would not be in the public interest. It is imperative, then, that negotiations between the EU and UK are open, so that the public can see who is influencing the talks and what is being proposed.
Despite GDP growth averaging 6% over the last decade, signs that not all is well with the economy have become increasingly visible. Youth unemployment in excess of 10%, well above the national average of 3%, can no longer be ignored or wished away. The trajectory of good GDP growth is under threat by the introduction of Goods and Services Tax in India last year (most of the landlocked Bhutan’s trade goes through India), aggravated by delays of several hydropower projects which are crucial to expansion in export earnings and government revenue from sale of electricity to India.
External debts at 121% of GDP are excessive by international standards. Indian loans to Bhutan to build hydro dams account for 90% of GDP. Of course, few outside Bhutan have a clue because India gets a free pass from western corporate media which chose not to report it. New Delhi charges 9 to 10% interest on the hydropower loans made to Thimphu. It’s sheer hypocrisy for India to go round denouncing China’s funding of Belt and Road projects in Pakistan, Maldives, Sri Lanka and Myanmar as debt traps when Bhutan’s debt situation is far more perilous and unsustainable than that of Maldives and others.
Trump, Wednesday’s article reported, has two official iPhones that have been altered by the National Security Agency to limit the types of hacks they’re susceptible to. The president has a third iPhone with no modifications that he uses as personal device, because unlike the official iPhones, he can store personal contacts on it. What’s more, while Trump is supposed to swap out his two official phones every 30 days for new ones, he rarely does. Trump did agree to give up his Android phone, which most security experts believe is more vulnerable than Apple’s iOS, and Trump has also agreed to the more cumbersome arrangement of having the two official iPhones. One is for Twitter and other apps, while the other handles calls.
Mr. Trump typically relies on his cellphones when he does not want a call going through the White House switchboard and logged for senior aides to see, his aides said. Many of those Mr. Trump speaks with most often on one of his cellphones, such as hosts at Fox News, share the president’s political views, or simply enable his sense of grievance about any number of subjects.
Congress’ approval ratings over the past decade have been at their lowest in polling history. But when people say the legislative branch is “broken” and can’t get anything done, they are often imagining a “Schoolhouse Rock” model of legislation, with a friendly bill waiting to become a law. A series of two live events, in partnership with the New York Public Library and The Washington Post, will show how that legislative model no longer reflects the actual, radically altered mechanics of Congress.
[...]
Speakers will also share tangible advice on how constituents can effectively get their representatives to hear their concerns and take action, based on their experience from the halls of Capitol Hill.
A quarter of voters in Adams County — a key 2018 battleground in Colorado — have yet to receive their ballots because one of four trucks carrying them to be mailed didn’t make it to a postal processing center last week.
About 61,000 Adams County ballots — mostly for residents in Thornton, Brighton and Aurora — had yet to be sent as of Tuesday afternoon.
“We’re waiting on the truck to pull up,” U.S. Postal Service spokesman David Rupert said.
Julie Jackson, spokeswoman for Adams County Clerk and Recorder Stan Martin, said it was unclear why the ballots on the truck weren’t unloaded and ended up being returned to a secure location.
As with any breaking news story, the conversation you see online may not always represent the truth. Here's what we know so far.
In a new interview with The Hill, "Fox & Friends" host Brian Kilmeade revealed that he donated to President Donald Trump's campaign in 2016 — a donation, he says, that was completely unintentional.
He made the mistake, he said, when he bought $600 worth of Trump campaign Christmas ornaments.
"I had no idea that this would be considered a donation," Kilmeade told The Hill. "I'm looking for something cool and unique for Christmas for adults after this historic election."
A new investigation has found Georgia secretary of state and Republican gubernatorial candidate Brian Kemp has overseen the removal of more than 340,000 current Georgia residents from voting rolls. We speak with Greg Palast, a journalist who has been investigating Brian Kemp and voter suppression in Georgia. He has joined a lawsuit against Kemp over the purge.
A current State Department official helped a top fundraiser for Donald Trump arrange meetings with U.S. senators and Angolan officials in early 2017, according to emails obtained by ProPublica. Neither the official nor the fundraiser registered as a foreign agent.
Aryeh Lightstone helped plan the January 2017 meetings with U.S. senators, high-ranking Angolan government officials and the Trump fundraiser Elliott Broidy, the emails show. Several months later, Lightstone was appointed by the Trump administration to a top position in the U.S. Embassy in Israel. The involvement of a now-sitting Trump administration official in Broidy’s work has not previously been reported.
Broidy has since been embroiled in scandal, stepping down from his Republican National Committee deputy finance chair post after the revelation that he agreed to pay $1.6 million in a settlement with a Playboy model he reportedly impregnated. (Broidy has said it was just to help her financially, and he stopped paying her after the arrangement became public.)
Trump likes to project a tough guy image that he tries to enhance by celebrating such atrocities as U.S. Rep. Greg Gianforte’s unwarranted assault on a reporter last year. But there is no great pride in body-slamming a defenseless and unsuspecting reporter with a recorder in his hand. It’s about as much to crow about as kicking someone’s crutches out from under them and claiming it was a brave and noble deed.
One has to wonder if Trump has ever actually been in a real fight in his entire lifetime. As the pampered child of a New York real estate scammer, he was raised far from the realities of normal life and protected from ever having to face the consequences of his words or actions.
The main reason this election is so important is that Donald Trump has demonstrated an unprecedented level of disrespect for basic norms of democracy and the rule of law.
It has been a disorienting experience for veterans of the stable and prosperous early postwar decades in western Europe and north America, recalling instead the charged and polarised politics of the 1930s whose ending is well known. Some on the centre right have already made their peace with the populists: the whole Republican Party in the US and the bulk of the feuding British Tories, as well as the Austrian Christian democrats, whose acceptance of the far right into government has occasioned none of the European Union sanctions a similar episode precipitated in 2000.
Moreover, should anyone on the centre left be complacent, one recent study has shown that social democrats too have been so sucked into the wake of the rising – and rightward-veering – populists that as a political family they generally occupy more authoritarian positions today than the radical right felt able to endorse in 1980.
Many despair, given a choice between going with the xenophobic flow and standing, Canute-like, against the tide, which has resolved itself, across Europe, into ‘cracking down’ on ‘illegal immigration’ – although refugees are, by definition, not illegal and all states party to the Geneva convention are obliged to entertain their individual claims.
Less than 12 hours after praising himself for being on his best behavior as bombs were found in the mail of several targets of his incendiary and conspiratorial ravings — including Congresswomen Maxine Waters, CNN, former President Barack Obama, and former Secretary of State Hillary Clinton — President Donald Trump cast aside his temporarily subdued facade Thursday morning and fired off a tweet blaming the media for the explosives sent to at least nine separate locations and warning that the press must “clean up its act, fast.”
This Thursday, October 25, the second trilogue negotiation on the EU copyright reform takes place, in which the European Parliament and the Council (representing the member state governments) try to reach a compromise between their positions. You can find the trilogue’s draft agenda and the new compromise proposals here.
Ahead of this, the member state governments have been debating their stance. Here’s where the different countries currently stand on the main controversial articles – the “link tax” and upload filter proposals: [...]
The Electronic Frontier Foundation has sent several recommendations to the EU bodies negotiating copyright reform proposals. If there is no way to stop the EU's controversial 'upload filters' from being implemented, the group suggest to at least add measures to prevent abuse, including repercussions for false and abusive takedown requests.
Back in August, I wrote a big post about the impossible choices that large internet platforms have to make concerning content moderation. A large part of the point of that post is that there is no perfect content moderation, and especially at scale, there are going to be large swaths of people who disagree with any choice (leaving content up, taking it down, demonetizing it, putting a flag on it, whatever). And expecting these platforms to magically get things right is going to end in serious disappointment for everyone.
In its own hamfisted way, Google has now proven that point (and, no, they're not doing this on purpose). About a month after that post went up, we got a notification from Google, telling us that this article violated Google's AdSense policies (we use AdSense to backfill ads when we don't have a better solution -- it pays us close to nothing) and therefore they were restricting AdSense from appearing on that page. The only details we received were that it was "dangerous or derogatory."
A government has decided to handle "fake news" in about the only way it should be handled. FINALLY. While most governments appear willing to treat "fake news" legislation as a gateway drug to censorship, the UK government -- a government that certainly isn't known for its rational handling of speech issues -- is going the other way.
[...]
This is a remarkable turnaround, considering only a few months ago DCMS members were going after Facebook for contributing to the "fake news that threatens our democracy." Included in this package of adopted recommendations is (surprise!) the abandonment of a social media tax targeting Facebook and Twitter -- two companies routinely blamed for the incredible amount of stupidity and misleading content posted by their users.
Fake court orders have landed a businessman real jail time. Michael Arnstein, CEO of Natural Sapphire Company, pled guilty last year to forging court orders he sent to Google to delist negative reviews. This was apparently the lesson Arnstein learned from his single, successful defamation suit: it's cheaper and easier to forge documents than jump through judicial hoops for several months to achieve the same ends.
[...]
Sure, but in this case, the criminal might have wanted to run his reputation management plan past a competent lawyer first and saved himself the trouble. Arnstein wanted to clean up his company's reputation but only managed to destroy his. Whatever nasty things online reviewers said about Natural Sapphire Company, they're always going to pale in comparison to its CEO's federal prison sentence.
The reason behind the Lilliputian fine is the fact that the company has been fined as per the Data Protection Act 1998 that were in motion when the scandal happened. Had Facebook been fined according to the newly implemented GDPR law, they would have to part ways with as much as 4% of their annual revenue which could have been a huge and worthy sum.
The UK declined to cooperate with the investigation into the alleged spying incident on the network of Belgacom, now Proximus, in 2013, De Standaard reported, citing a confidential report from the federal prosecutor's office which was discussed this week by the National Security Council.The public prosecutor's office said there is proof that the UK secret service GCHQ was behind the hack, because it wanted to tap communication. The report also states that the UK has made no preparations so far to cooperate with the Belgian judicial investigation. According to the prosecutor's office, this is “exceptional between EU countries and could lead to a diplomatic incident.”
The judicial investigation is now almost closed, with investigators saying there is little chance of prosecutions.
A survey from Oxford University suggests that nearly all free apps in the Google Play Store are sharing data with Google's parent company, Alphabet.
The report, which first appeared in the Financial Times (paywalled) suggests that nearly 90 per cent of free apps are leaking data back to Alphabet which can then be used in the increasingly cut-throat world of online advertising.
Here’s how it works: cops send Google specific coordinates and timezones within which crimes were committed. Then Google is asked to provide information on all users within those locations at those times, most likely including data on many innocent people. Those users could be Android phone owners, anyone running Google Maps or any individual running Google services on their cell, not just criminal suspects.
The government has raised the prospect of using so-called decryption laws to simply get a provider to turn over a user’s PIN or password to get access to a target’s encrypted communications.
While much of the debate on the Assistance and Access Bill so far has concentrated on the prospect of encryption being weakened, the Department of Home Affairs indicated today encryption may not even be its primary target.
In other words, Netflix cares about keeping you hooked, rather than your race. Yet the focus on explicit questions about race is something of a dodge, allowing the company to distance itself from an outcome that researchers say was easily predictable. “If you personalize based on viewing history, targeting by race/gender/ethnicity is a natural emergent effect,” Princeton professor Arvind Narayanan tweeted in response to Netflix’s statement. “But a narrowly worded denial allows companies to deflect concerns.”
What is clear is that the Trump White House wants what it wants, decades of carefully forged law and tradition be damned. One of the things it wants is the eradication of public expressions of dissent. Donald Trump has said that protest (against him and his friends) should be illegal, that those who engage in it should lose their jobs and/or have violence visited upon them.
If the White House can’t achieve that, well, they’ll get as close to as it they can, which brings us to the latest: The National Parks Service, under Interior Secretary Ryan Zinke, seeking to rewrite the rules on free speech and demonstrations on those public lands that are under federal jurisdiction in Washington, DC. That would be the parks, sidewalks and streets in the country’s capital, that have seen some of the most significant public protests in US history.
Federal authorities announced riot charges against four members of the Rise Above Movement, a violent white supremacist group based in California. The charges relate to assaults carried out at protest rallies in California and Charlottesville, Virginia.
The charges against four men — Robert Rundo, Robert Boman, Tyler Laube and Aaron Eason — come weeks after four other Rise Above Movement members or associates were indicted on riot charges in Virginia, accused of engaging in violent assaults during the infamous “Unite the Right” rally in the summer of 2017. Only Rundo, Boman and Laube had been arrested as of Wednesday afternoon.
The four men indicted in Virginia have not entered pleas in the case.
[...]
Rundo, one of the men arrested this week, had been identified by ProPublica and Frontline as the founder of the group. He is a native of New York City who had deepened his white supremacist leanings during a stint in state prison in New York.
The complaint asserts that investigators used the men’s social media and private communications, as well as videos and other material created by the group itself, to document specific acts of violence in Huntington Beach, San Bernardino and Berkeley, all in California, as well as Charlottesville.
A shocking new investigation by immigrant rights groups reveals how corporations like Amazon, Palantir and Microsoft are profiting from and expediting Trump’s incarceration and deportation operations. Some 10 percent of the Department of Homeland Security’s $44 billion budget is dedicated to data management. The report was published as new documents obtained by the Project on Government Oversight show Amazon is pushing Immigration and Customs Enforcement to start using its controversial facial recognition technology that could identify immigrants in real time by scanning faces in a video feed. We speak with Jacinta González, organizer with Mijente, a national political hub for Latinx organizing. The group partnered with the Immigrant Defense Project and the National Immigration Project of the National Lawyers Guild on the new report titled “Who’s Behind ICE? The Tech and Data Companies Fueling Deportations.”
Jair Bolsonaro, now far ahead in the polls, approves military dictatorship and has called for violent destruction of the left—and investors seem to approve.
The Ninth Circuit Court of Appeals is the latest appeals court to find the FBI's warrant for malware deployment during a child porn investigation to be invalid, but still close enough for government work. The FBI's NIT (Network Investigative Technique) was sent to visitors of a dark web child porn site called Playpen. The hitchhiking software then traveled out of the district the server was housed in (Virginia) to send back identifying info from computers and devices all over the world.
At the time the warrant was sought, warrants were only valid in the district they were issued. Multiple courts found the FBI's malware was a search under the Fourth Amendment. A smaller subset found the extrajurisdictional search unsupported by current law and the underlying warrant invalid from the moment it was issued. Challenges to the extrajurisdictional searches have all run into dead ends at the appellate level.
[...]
With four circuits weighing in and reaching the same conclusions, it seems unlikely any further appellate challenges will upset the FBI's malware apple cart. And if the same conclusions continue to be reached, there will no compelling reason for the Supreme Court to weigh in. Add to that the post-facto codification of the tactics used by the FBI in this investigation and you've got dozens of unconstitutional searches being laundered into Fourth Amendment compliance by courts unwilling to penalize the FBI for overstepping its bounds.
Because his crimes were committed so long ago, Gardner is not subject to the community notification provisions that apply to more recent offenders under the state’s Megan’s Law. But the police leaked his address to public officials, and a media circus ensued. The result has been raucous nightly protests in front of his house by dozens of people calling on him to leave the neighborhood.
This scenario is troubling for many reasons. First, rather than act responsibly, Providence Mayor Jorge Elorza helped fuel the angry gatherings in front of Gardner’s home by stating at a community meeting immediately preceding the first protest that Gardner “has given up his right to be here in the community.” Other city officials have also encouraged a mob mentality that statements like these promote.
That should be corrected if anyone invents a time machine. :P
Back in January, 23 state attorneys general sued the FCC over its net neutrality repeal, claiming it ignored the public, ignored the experts, and was little more than a glorified handout to uncompetitive, predatory telecom monopolies. That trial will also determined whether the FCC ignored rules like the Administrative Procedure Act, which requires you, oh, actually have data to support a major, wholesale reversal of such a major policy (if you're just tuning in, they didn't). The suit, which is also backed by a few companies (including Mozilla), could result in the FCC's repeal being overturned and the FCC's 2015 net neutrality rules being restored.
This week three additional state AGs (Texas, Arkansas, and Nebraska) decided to take the opposite tack, and filed a brief (pdf) last Friday in the US Court of Appeals for the District of Columbia Circuit, insisting that judges reject the lawsuit against the FCC.
Observers say the Unwired Planet ruling sets out a blueprint for licensing standard essential patents, cements the UK’s position as an attractive forum to enforce SEPs and has implications for 5G
The UK Court of Appeal upheld the first instance judgment on Unwired Planet v Huawei today, in a ruling that will have profound implications for the telecommunications sector and other industries investing in connected technologies.
The case at issue was whether Ice-World's patent for a mobile ice rink cooling member EP (UK) 1462755, was valid and infringed by Icescape. Mobile ice rinks are formed from an arrangement of manifolds and longitudinal pipes. Coolant pumped through the pipes freezes surrounding water to form the skating surface. The apparatus of pipes and manifolds has to be assembled each time the mobile ice rink is installed.
IP practitioners in China are concerned about the high volume of cases the proposed court would need to handle
A draft proposal for a national appeals IP court is being considered by China’s National People’s Congress Standing Committee, according to a Xinhua news report.
Fan translations of movies and video games, while wildly popular in many different countries, have also come under recent attack. Claims of copyright infringement have been leveled against many sites and groups that put these translations together, with the theory being that it violates copyright to make works understandable to fans in countries where, often times, a translated version of the work isn't even on offer. If that sounds stupid and protectionist to you, ding ding ding, you're right.
But it's somewhat interesting to see this scenario happen in reverse, and note how different the reaction from fans are when they find their hard work in official releases, without credit. Meet Francesco, an Italian game developer with a particular affinity for a game that I've honestly never heard of.
Welcome to a brand new kind of whodunnit. This one has everything: an extremely popular game, a short-lived takedown, and so very many memes. The ways of the DMCA and YouTube are unknown and unknowable.
Trailers are a time-tested and proven way of getting attention for a new piece of media—movies, television, video games, whatever. If it’s a highly-anticipated or very popular title, you can get a whole bunch of free press with a trailer as everyone shares and analyzes it. And so it is unusual, in that situation, for a trailer to be officially released without every bit of it being vetted and approved. (Unusual, but not unheard of.)
And even if a company uploaded the wrong trailer to YouTube or Twitter or wherever, they could always delete it from their own account. And then, sure, use the DMCA to keep people from uploading copies. That’s what makes what happened with Fortnite so weird.
The US government filed an amicus brief on October 18 urging the Supreme Court to affirm the lower courts’ decision in support of the registration approach in copyright infringement litigation.