EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

06.26.15

Operating Systems Usage Based on Technical Site Statistics

Posted in Site News at 8:12 pm by Dr. Roy Schestowitz

Summary: Some numbers to show what goes on in sites that do not share information about their visitors (unlike Windows-centric sites which target non-technical audiences)

THE common perception of GNU/Linux is that it is scarcely used, based on statistics gathered from privacy-hostile Web sites that share (or sell) access log data, embed spyware in all of their pages, and so on. Our sites are inherently different because of a reasonable — if not sometimes fanatic — appreciation of privacy at both ends (server and client). People who read technical sites know how to block ads, impede spurious scripts etc. These sites also actively avoid anything which is privacy-infringing, such as interactive ‘social’ media buttons (these let third parties spy on all visitors in all pages).

Techrights and Tux Machines attract the lion’s share our traffic (and server capacity). They both have dedicated servers. These are truly popular and some of the leaders in their respective areas. Techrights deals with threats to software freedom, whereas Tux Machines is about real-time news discovery and organisation (pertaining to Free software and GNU/Linux).

The Varnish layer, which protects both of these large sites (nearly 100,000 pages in each, necessitating a very large cache pool), handles somewhere between a gigabyte to 2.5 gigabytes of data per hour (depending on the time of day, usually somewhere in the middle of this range, on average).

The Apache layer, which now boasts 32 GB of RAM and sports many CPU cores, handled 1,324,232 hits for Techrights (ranked 6636th for traffic in Netcraft) in this past week and 1,065,606 for Tux Machines (ranked 6214th for traffic in Netcraft).

Based on VISITORS Web Log Analyzer, this is what we’ve had in Techrights:

Windows: (36.2%)
Linux: (31.8%)
Unknown: (e.g. bots/spiders): (23.0%)
Macintosh: (8.8%)
FreeBSD: (0.1%)

As a graph (charted with LibreOffice):

Techrights stats

Tux Machines reveals a somewhat different pattern. Based on grepping/filtering the of past month’s log at the Apache back end (not Varnish, which would have been a more sensible but harder thing to do), presenting the top 3 only:

Tuxmachines stats

One month is as far as retention goes, so it’s not possible to show long-term trends (as before, based on Susan’s summary of data). Logs older than that are automatically deleted, as promised, for both sites — forever! We just need a small tail of data (temporarily) for DDOS prevention.

Links 27/6/2015: Wine 1.7.46, SparkyLinux 4.0

Posted in News Roundup at 7:34 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • Coreboot Adds Intel Braswell SoC Support
  • OSI Welcomes Summer Interns

    Recognizing successful open source projects need a variety of “developers” to create everything from code to community, the OSI Internship Program seeks participants from across academic disciplines–Business, Communications, Sociology, Informatics, and of course Computer Science to name a few–the program seeks to provide real life experiences common across open source projects and the communities that support them, giving students first hand experiences as well as opportunities to work with some of the most influential projects and people in open source software and the technology sector.

  • Events

  • Web Browsers

  • SaaS/Big Data

    • BlueData Massages Data for Hadoop and Spark to Leverage

      BlueData Software Inc., an infrastructure startup focused on Big Data, is working on solutions to the problem. The company recently announced that it is adding support for Docker containers on its BlueData EPIC platform. BlueData was founded by VMware veterans, and is focused on making Hadoop and Spark easy to deploy in a lightweight container environment.

  • BSD

    • Open Source History: Why Didn’t BSD Beat Out GNU and Linux?

      If you use a free and open source operating system, it’s almost certainly based on the Linux kernel and GNU software. But these were not the first freely redistributable platforms, nor were they the most professional or widely commercialized. The Berkeley Software Distribution, or BSD, beat GNU/Linux on all of these counts. So why has BSD been consigned to the margins of the open source ecosystem, while GNU/Linux distributions rose to fantastic prominence? Read on for some historical perspective.

    • out with the old, in with the less

      Notes and thoughts on various OpenBSD replacements and reductions. Existing functionality and programs are frequently rewritten and replaced for the sake of simplicity or security or whatever it is that OpenBSD is all about. This process has been going on for some time, of course, but some recent activity is worth highlighting.

  • Project Releases

    • Oz 0.14.0 Release

      Oz is a program for doing automated installation of guest operating systems with limited input from the user.

  • Public Services/Government

    • Why the government needs to renew its public commitment to open source software

      The government has played an important role as champion of open source in the public sector and this has been essential to the great progress that has been made to date. As the new government lays out its strategy, it should publicly reaffirm its commitment to open source software. This will add impetus to those in the public sector considering open source if the government acknowledges its value in relation to its agile vision.

    • NRO jumps on open source bandwagon

      Given the growing need for advanced databases with multiple levels of security to store geospatial intelligence, NRO contractor Lockheed Martin along with partners like Red Hat and Crunchy Data Solutions rolled out an open source relational database at a geospatial intelligence symposium in Washington this week that is billed as supporting multilevel security.

  • Openness/Sharing

    • Open Hardware

      • Introducing Felfil: An Italian Open Source 3D Printing Filament Extruder

        It’s an open source project designed for home use, and Felfil is an extruder for plastic 3D printing filament, designed by a team of young makers from the Politecnico of Turin.

        They say the device was built in answer to a desire by users of 3D printers to produce their own plastic filament. It’s all about reducing the cost of printing, saving on materials, and being able to experience the potential of 3D printing.

  • Programming

    • Google creates cloud code cache

      With an uncharacteristic lack of fanfare, Google has decided to hang around the kitchen at the code repository party.

    • 6 time-consuming tasks you can automate with code

      Literacy used to be the domain of scribes and priests. Then the world became more complicated and demanded that everyone read and write. Computing is also a form of literacy, but having it only understood by a priesthood of programmers is not going to be enough for our complex, online world. “Learn to code” has become a mantra for education at all ages. But after clearing away the hype, why do people need to learn to code? What does it get us exactly?

      Not everyone needs to become a software engineer, but almost every office worker uses a laptop as a daily tool. Computers are such a huge productivity booster because they support a large market of programs and apps designed for these workers. But commercial and open source software have a “last mile” problem: that they don’t automate every conceivable task. There are still computing chores that require a lot of repetitive (and fairly mindless) typing and clicking. Even if you have an intern to push these tasks on, they’re tasks that require a human because there’s no software to automate it. These tasks are too small-scale or specific to your organization’s workflow for it to be economical for a software company to create a custom solution.

    • libnice is now mirrored on GitHub

      libnice, everyone’s favourite ICE networking library, is now mirrored on GitHub (and GitLab), to make contributing to it easier — just submit a pull request. The canonical git repository is still on freedesktop.org.

Leftovers

  • Security

  • Defence/Police/Secrecy/Aggression

    • Terror Attacks in France, Kuwait and Tunisia

      Friday’s attacks in France, Tunisia and Kuwait came at roughly the same time, and days after the Islamic State terror group called for such operations during the Muslim holy month of Ramadan. But there was no immediate indication that they had been coordinated.

  • Privacy

    • Hated Care.data scheme now ‘unachievable’, howls UK.gov watchdog

      The hated Care.data programme is one of four government IT projects progressing so poorly its delivery has been deemed “unachievable”, according to a government watchdog report.

      The scheme has been flagged with the highest “red” risk rating by the Major Projects Authority, along with the NHS choices website, the Health and Social Care Network, and the Ministry of Justice’s National Offender Management Services ICT programme.

      The scheme has encountered serious delays, following an outcry from the public who largely objected to the idea of their personal information being shared with world+dog without their consent.

      So far, 700,000 individuals have requested to opt out of having their data shared with third parties. However, concerns have been raised that the Health and Social Care Information Centre has been unable to implement those objections.

    • Yet Another Leaker — with the NSA’s French Intercepts

      Wikileaks has published some NSA SIGINT documents describing intercepted French government communications. This seems not be from the Snowden documents. It could be one of the other NSA leakers, or it could be someone else entirely.

      As leaks go, this isn’t much. As I’ve said before, spying on foreign leaders is the kind of thing we want the NSA to do. I’m sure French Intelligence does the same to us.

  • Internet/Net Neutrality

    • Europe: The Next Front in the Battle for Net Neutrality

      Americans won big on net neutrality in February, when the FCC voted to adopt new rules that would allow it to rein in the abusive and discriminatory practices of big telecommunications operators, such as blocking or throttling of Internet data, and charging content providers for access to an Internet “fast lane.”

  • Intellectual Monopolies

    • Copyrights

      • Freedom of panorama: what is going on at the EU level?

        It is the so called freedom of panorama, which of course has its roots in a beloved piece of EU legislation, the InfoSoc Directive, more specifically its Article 5(3(h). This provision allows Member States to introduce into their own national copyright laws an exception to the rights of reproduction, communication/making available to the public and distribution to allow “use of works, such as works of architecture or sculpture, made to be located permanently in public places”.

Proprietary Software on Top of Proprietary Software (AV on Windows) Only an Illusion of Security

Posted in Free/Libre Software, Microsoft, Windows at 11:21 am by Dr. Roy Schestowitz

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Summary: Remarks on the recent revelations about code and communication interceptions targeting insecurity firms and Microsoft’s claim that ‘transparency’ alone would be enough to assure security

RECENT reports about state surveillance on anti-malware/virus software (which could not detect Stuxnet, for example, making this more like snake oil) have led to the claim that Microsoft Windows cannot be made secure, not even with additional ‘security’ software. “Security by obscurity” does not work when the state can see everything and also sponsors the world’s biggest (and best funded) cybercrime operations. Windows is simply not designed to be secure and security is not the goal as the underlying design serves to prove. As Pogson put it this week:

Given That Other OS is just about everywhere and is helpless without anti-malware software, the NSA and others have studied the anti-malware software to exploit it as a back door to TOOS… Ironic, isn’t it?

Microsoft and security don’t belong in the same sentence. As FOSS Force reminds us, this NSA ally with worst of spyware uses the “transparency centers” [1] sham that we wrote about earlier this month. They are replacing software freedom with “transparency” nonsense. They pretend that “transparency” somehow improves security. It doesn’t.

The only way to perpetually and universally verify (by audit) the security of software, or pressure its maker/distributor to pursue genuine security at all times, is to ensure the software is Free software. Microsoft’s longtime employee (on and off for years at a time) and occasional mole inside FOSS [1, 2, 3, 4] says that Free software has not won and even uses a picture of a pig to prove it or at least make his case (crass, but typical of him). Don’t let these people shape the consensus; after the NSA leaks a lot of semi-technical people can easily understand that Free software is the only way to go. Secrecy, like secret (proprietary) code, is as trustworthy as politicians. It’s time for proprietary software to go. Backbone infrastructure sure is heading towards Free software-only (as a matter of policy), as several consortia already serve to demonstrate. It’s going to be a harsh reality for Microsoft.

Related/contextual items from the news:

  1. The NSA, Windows & Antivirus

    Poor Microsoft. The beleaguered company just can’t catch a break. We’ve already told you about how Snowden’s revelations have forced the pride of Redmond to spend who knows how many millions opening two “transparency centers” to allow government IT experts to pore through source code to prove there’s no back doors baked into Windows or other Microsoft products. Trouble is, while its engineers have been busy plastering over all traces of old back doors, they’ve left a side door standing wide open, waiting to be exploited.

    [...]

    The spooks have been reverse engineering. They’ve been dismantling Karpersky’s software, searching for weaknesses. They’ve been mining sensitive data by monitoring the email chatter between Kaspersky client and server software. In other words, while IT security folks outside the U.S. have been keeping a wary eye on their Windows servers while trusting their antivirus to be a tool to help them secure the unsecurable…well, their antivirus software has been being a Trojan in the truly Homeric sense of the word.

    [...]

    In the meantime, Windows becomes less safe by the minute for corporations and governments hoping to keep private data private. I’m certain that Red Hat, SUSE, and even Ubuntu are taking advantage.

The EPO’s Circus of Nepotism, Corporatism and Gross Abuse is Promoting the Unitary Patent

Posted in Europe, Patents at 6:55 am by Dr. Roy Schestowitz

Corporations now run the European Patent Office (EPO)

Ray of light

Summary: The shameful management of the EPO, which Benoît Battistelli constructed based on his nefarious self-serving agenda, keeps pushing forth in a direction that greatly harms European citizens while mistreating the EPO’s technical staff (scientists and examiners)

THE EPO scandals continue and there is no denying that there is trouble when a huge proportion of the staff goes out to demonstrate right in front of the employer. Only a shameless liar would try to blame some “disgruntled employee” or “defamation”. The EPO, more so these days than ever before, is not a public service. It just sucks in public money. It is essentially a corporate entity masquerading as a public institution because it provides benefits like legal immunity, welfare (“too big to fail”), etc.

The EPO Administrative Council (AC), which has become Benoît Battistelli’s number one fan after some entryism, is trying to destroy the European industry with more patent monopolies and fees. According to patent lawyers’ media, Mr Kongstad’s office is at the forefront of this atrocious move:

The Select Committee of the EPO Administrative Council, which represents the 25 EU states expected to be covered by the Unitary Patent, adopted the so-called true top 4 proposal by a three-quarter majority yesterday.

One of the selling points of the planned Unitary Patent is that a single annual renewal fee payable to the EPO will maintain the right in the participating EU member states, meaning that national fees will no longer have to be paid.

The above says that the AC “represents the 25 EU states”, but in reality it seems to represent Battistelli and his rich friends, who want to become even richer.

The AC’s Kongstad is finding himself under fire again, this time from his own staff. SUEPO’s Web site says that “Ms Bergot, Principal Director of Human Resources of the EPO, has scheduled new meetings of the working group on “union recognition” between the administration and union officials. However, Mr Kongstad (Chairman of the Administrative Council) has still not reacted to the letter sent by SUEPO Central concerning the investigation of staff representatives and/or union executives during trilateral talks.

“Pending Mr Kongstad’s written answer, as also reiteratered in the Council meeting of 24/25 June 2015, SUEPO regrets it must decline the invitation at present. Of course, SUEPO is looking forward to developments making the resumption of meaningful discussions possible.”

SUEPO has this PDF reply letter, sent to Ms Bergot:

Dear Ms Bergot,

You have scheduled new meetings of the working group on “unions recognition” between the administration and union officials.

You must be aware of the letter sent by SUEPO Central to the Chairman of the Administrative Council, Mr Kongstad, which was made public on 10 June 2015 (*).

Pending Mr Kongstad’s written answer to our requests, as also reiteratered in the Council, we regret we must decline your invitation at present. Of course, we look forward to developments making the resumption of meaningful discussions possible.

Recall that Gilles Requena, the EPO’s Administrator (Presidential Office), is the spouse of Ms Bergot [PDF]. Bergot, the Principal Director of Human Resources, is clearly there because of connections, not skills. She’s far from the only such instance. Battistelli has quickly turned the EPO into an international laughing stock. It’s time to reclaim the EPO or reboot it.

Links 26/6/2015: Ardour 4.1, GNOME 3.17.3 Released

Posted in News Roundup at 6:03 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

Leftovers

  • BMW: ‘Our competitor is not Audi, Jaguar Land Rover or Mercedes but consumer electronics players’

    BMW is bringing software back in-house so it can deliver seamless digital experiences for its customers – something more valued than horsepower or engines in today’s market, its digital business models lead said.

  • Science

    • 10 Reasons Tape Backup Remains Important to the Enterprise

      Digital tape is about the hardest-to-kill storage IT there is, unless you count carving out data onto rocks, the way it was done hundreds of thousands of years ago. Tape technology celebrated its 63rd birthday on May 21; IBM first made available its IBM 726 Magnetic tape reader/recorder in 1952. Strangely, unlike later IBM tape drives, the original 726 could read tape backward and forward. Tape has managed to get better with age. When tape first went to market, the media itself weighed 935 pounds and held 2.3MB of data. In 2015, that much tape weighs closer to 12 pounds, and 2.3MB would comprise one large photo or a short pop song. Tape storage densities are broken regularly; IBM’s tape team recently demonstrated an areal recording density of 123 billion bits of uncompressed data per square inch on low-cost, particulate magnetic tape. The breakthrough represents the equivalent of a 220TB tape cartridge that could fit in the palm of your hand. Companies such as Iron Mountain, Spectra Logic, IBM and others maintain large installed bases of tape storage around the world. Here are some key facts about tape storage.

  • Security

  • Defence/Police/Secrecy/Aggression

    • Charleston Massacre Media Coverage: Recognizing the Crime, Downplaying the Causes

      When a white male kills people in a mass shooting in the US, the corporate media follow an algorithm not unlike the Kübler-Ross model of the five stages of grief.

      First, media deny that the attack constitutes terrorism. In their view, acts of political violence carried out against civilians are indisputably terrorism when they are committed by a Muslim, but this is not necessarily the case when they are committed by a white person.

      This is the stage in which most media coverage of shootings by white Americans remains stuck. When Elliot Rodger massacred six people and injured 14 more in May 2014, he was not classified as a terrorist–even though he explicitly stated that his attack was motivated by an intense hatred of women, and that he sought to “punish” women, collectively, for “rejecting” him in the past.

      Yet because of mounting pressure and criticism from independent media, activists and social media, in the wake of mass shooting after mass shooting carried out disproportionately by white men, corporate media are no longer able to remain in a state of such denial.

    • That Most Terrorists Aren’t Muslim May ‘Come as a Surprise’–if You Get Your News From Corporate Media

      The “surprise” is that more people are killed by “white supremacists, antigovernment fanatics and other non-Muslim extremists than by radical Muslims”: 48 vs. 26 since 9/11, according to a study by the New America Foundation. (More comprehensive studies cited in a recent New York Times op-ed–6/16/15–show an even greater gap, with 254 killed in far-right violence since 9/11, according to West Point’s Combating Terrorism Center, compared to 50 killed in jihadist-related terrorism.)

      The Times suggests that “such numbers are new to the public”–but they won’t come as much of a surprise to those familiar with FAIR’s work. In articles like “More Terror, Less Coverage” (Extra!, 5/11) and “A Media Microscope on Islam-Linked Violence” (Extra!, 8/13), FAIR’s Steve Rendall has debunked the claim that terrorism is mostly or exclusively a Muslim phenomenon, pointing out that white, right-wing Christians are responsible for the bulk of political violence in the United States.

  • Transparency Reporting

    • With Its French NSA Leak, WikiLeaks Is Back

      Classified documents appear on WikiLeaks.org, revealing that the American government is spying on its allies. American officials rush to deal with a sudden diplomatic crisis while publicly refusing to comment on leaked materials. And WikiLeaks proclaims that it’s just getting started.

  • Environment/Energy/Wildlife

    • What’s Killing the Babies of Vernal, Utah?

      Every night, Donna Young goes to bed with her pistol, a .45 Taurus Judge with laser attachment. Last fall, she says, someone stole onto her ranch to poison her livestock, or tried to; happily, her son found the d-CON wrapper and dumped all the feed from the troughs. Strangers phoned the house to wish her dead or run out of town on a rail. Local nurses and doctors went them one better, she says, warning pregnant women that Young’s incompetence had killed babies and would surely kill theirs too, if given the chance.

      [...]

      Then there’s pollution of the eight-wheeled sort: untold truck trips to service each fracking site. Per a recent report from Colorado, it takes 1,400 truck trips just to frack a well — and many hundreds more to haul the wastewater away and dump it into evaporation ponds. That’s a lot of diesel soot per cubic foot of gas, all in the name of a “cleaner-burning” fuel, which is how the industry is labeling natural gas.

  • Finance

    • Unregulated Capitalism Is Destroying the Planet

      We are in the middle of the first great mass extinction since the end of the age of the dinosaurs.

      That’s the conclusion of a shocking new study published Friday in a journal called Science Advances.

      The study, which was conducted by a group of scientists from some of the United States’ leading universities, found that over the past century-plus, vertebrate species have gone extinct at a rate almost 114 times faster than average.

      See more news and opinion from Thom Hartmann at Truthout here.

      That’s right – not one, not two, not 50, but 114 times faster than average!

      The study also found that as many 477 different vertebrate species have disappeared since 1900, a mind-boggling statistic because it usually takes between 800 to 10,000 years for that many species to disappear.

    • The Senate Passes Fast Track—But We Can Still Prevent the TPP Train Wreck

      The U.S. Senate has paved the way for the passage of Fast Track legislation, to give the White House and the U.S. Trade Representative almost unilateral power to negotiate and finalize secret anti-user trade deals like the Trans-Pacific Partnership (TPP). Yesterday a “cloture” vote was held—this was a vote to end debate on Fast Track and break any possibility for a filibuster, and it passed by the minimum votes needed—60 to 37. Today, the Senate voted to pass the legislation itself. TPP proponents only needed 51 votes, a simple majority, to actually pass the bill, and they got it in a 60 to 38 vote. Following months and months of campaigning, Congress has ultimately caved to corporate demands to hand away its own constitutional mandate over trade, and the President is expected to the sign the bill into law as early as tonight or later this week.

    • Senate approves fast-track, sending trade bill to White House

      he Senate voted Wednesday to approve fast-track authority, securing a big second-term legislative win for President Obama after a months-long struggle.

      The 60-38 Senate vote capped weeks of fighting over the trade bill, which pitted Obama against most of his party — including Senate Democratic Leader Harry Reid (Nev.) and House Minority Leader Nancy Pelosi (D-Calif.).

      Passage of the bill is also a big victory for GOP leaders in Congress, including Senate Majority Leader Mitch McConnell (R-Ky.) and Speaker John Boehner (R-Ohio). The Republican leaders worked closely with an administration they have more frequently opposed to nudge the trade bill over the goal line.

    • Network Rail upgrade delayed by government

      The government says it will delay or cut back a number of modernisation projects planned for Network Rail.

      Transport Secretary Patrick McLoughlin says rising costs and missed targets make the £38.5bn plan untenable.

      He blamed Network Rail, saying it should have foreseen the improvements would cost more and take longer.

      Labour said it had warned the government needed to change how the railways were run but had “dithered” over taking action.

      Network Rail said the plan, which was launched last year as the “largest modernisation of the railways since Victorian times”, was too ambitious.

      Network Rail controls 2,500 stations as well as tracks, tunnels and level crossings.

    • Why Catholic Americans are rejecting the Pope: They worship the free market now

      Pope Francis’ much-anticipated climate change encyclical, released last week, is every bit as strong as environmentalists and other proponents of dramatic action on climate change had hoped. The pontiff affirms the scientific consensus that climate change is largely the result of human activity, calls for “urgent action” to develop renewable energy alternatives, and slams global development paradigms that create an “ecological debt” between the Global South and the wealthier North.

      Many are predicting that the encyclical will be a game changer that will mobilize religious groups and galvanize lagging western nations, particularly the United States, to address climate change. And the encyclical will undoubtedly give the cause a huge moral push, especially at the upcoming international climate negotiations. But there are ominous warning signs already that a significant percentage of American Catholics — the very faith constituency that should be most receptive to the pope’s message — may turn a deaf ear to Francis. This means that not only are they unlikely to give up their SUVs, but also to support policies to address climate change or the candidates that back them.

    • Divide-and-Conquer Walker Thinks Equal Pay Is Divisive

      Scott Walker is taking heat for claiming that supporting equal pay for women “pit[s] one group of Americans versus another.”

      Here in Wisconsin, howls of laughter could be heard echoing through the marble walls of the state capitol: after all, this is a governor whose divisive approach has helped make his state one of the most bitterly polarized in the country.

  • PR/AstroTurf/Lobbying

    • Federal Documents Debunk Baltimore ‘Gang Threat’ Narrative

      This fact—that there are always young kids at Mondawmin (it’s a major transportation hub, and the only way thousands of kids can get home)—is erased entirely from the equation. The use of the term “juveniles” is meant to prejudice the reader and criminalize otherwise legal and peaceful assembly. From the beginning of the Baltimore Uprising, in other words, it’s been evident the Baltimore Police Department was far more interested in manipulating the press and hyping the threat than they were protecting First Amendment activity and people’s property.

  • Censorship

  • Privacy

    • Dropbox Is Struggling and Competitors Are Catching Up

      Dropbox made itself a household name by giving away cloud storage. The eight-year-old company, valued at $10 billion, had 300 million registered users a year ago; now it’s got 400 million. Its two-year-old effort to make money from business users has been less impressive. While Dropbox led the $904 million global market for business file-sharing last year with about a 24 percent share, No. 2 Box and No. 3 Microsoft each took about 21 percent and doubled their slice of the pie, growing almost twice as fast, according to researcher IDC.

    • The NSA, Windows & Antivirus

      Poor Microsoft. The beleaguered company just can’t catch a break. We’ve already told you about how Snowden’s revelations have forced the pride of Redmond to spend who knows how many millions opening two “transparency centers” to allow government IT experts to pore through source code to prove there’s no back doors baked into Windows or other Microsoft products. Trouble is, while its engineers have been busy plastering over all traces of old back doors, they’ve left a side door standing wide open, waiting to be exploited.

      [...]

      The spooks have been reverse engineering. They’ve been dismantling Karpersky’s software, searching for weaknesses. They’ve been mining sensitive data by monitoring the email chatter between Kaspersky client and server software. In other words, while IT security folks outside the U.S. have been keeping a wary eye on their Windows servers while trusting their antivirus to be a tool to help them secure the unsecurable…well, their antivirus software has been being a Trojan in the truly Homeric sense of the word.

      [...]

      In the meantime, Windows becomes less safe by the minute for corporations and governments hoping to keep private data private. I’m certain that Red Hat, SUSE, and even Ubuntu are taking advantage.

    • Norway needs more digital border surveillance, spy agency says
    • Commission proposal on new data protection rules to boost EU Digital Single Market supported by Justice Ministers

      On the 16 of June, Ministers in the Justice Council have sealed a general approach on the Commission proposal on the Data Protection Regulation. Modern, harmonised data protection rules will contribute to making Europe fit for the digital age and are a step forward to the EU Digital Single Market. Trilogue negotiations with the Parliament and the Council will start in June; the shared ambition is to reach a final agreement by the end of 2015.

    • French Surveillance Bill: LQDN Files an Amicus Brief to the Constitutional Court

      La Quadrature du Net, French Data Network and the FDN Federation are publishing an essay to accompany their legal action before the French Constitutional Court against the French Surveillance Bill. The three associations, opposed to the French Surveillance Bill since its introduction in the Council of Ministers on 19 March, continue their mobilisation against this unjust law, in spite of its adoption in the National Assembly1 and the Senate2. Citizens are invited to support this approach by sharing and commenting on this essay by Thursday 7am to bring their thoughts or suggestions for improvement before sending it to the Constitutional Council.

    • Secure Server Deployments in Hostile Territory

      Would you change what you said on the phone, if you knew someone malicious was listening? Whether or not you view the NSA as malicious, I imagine that after reading the NSA coverage on Linux Journal, some of you found yourselves modifying your behavior. The same thing happened to me when I started deploying servers into a public cloud (EC2 in my case).

      Although I always have tried to build secure environments, EC2 presents a number of additional challenges both to your fault-tolerance systems and your overall security. Deploying a server on EC2 is like dropping it out of a helicopter behind enemy lines without so much as an IP address.

      In this article, I discuss some of the techniques I use to secure servers when they are in hostile territory. Although some of these techniques are specific to EC2, most are adaptable to just about any environment.

  • Civil Rights

    • France proposes empty ISDS reforms

      The French proposal would grant for-profit arbitrators, working in a system that creates perverse incentives, vast discretionary powers. This creates a serious risk on expansionist interpretations. Foreign investors would be able to use this biased system to challenge governments. As it is practically impossible to withdraw from trade agreements, the EU would be locked in.

  • Internet/Net Neutrality

    • BT aims to shut down traditional phone network to help it battle US tech giants

      BT is calling on the communications watchdog to let it scrap the traditional telephone network, as part of a campaign to loosen regulations that it says will help telecoms companies compete better with US internet companies such as Apple and Facebook.

      The telecoms giant is planning to move all domestic and business customers to internet-based voice calls within a decade, but under current Ofcom rules must continue to provide a traditional phone service.

    • Major internet providers slowing traffic speeds for thousands across US

      Study finds significant degradations of networks for five largest ISPs, including AT&T and Time Warner, representing 75% of all wireline households in US

  • Intellectual Monopolies

    • Copyrights

      • Cox Wants Rightscorp’s Piracy Tracking Source Code

        Cox Communications, one of the largest Internet providers in the United States, has asked the court to order anti-piracy firm Rightscorp to hand over its tracking source code. The ISP describes the company’s settlement scheme as extortion and hopes to punch a hole in its evidence gathering techniques.

06.25.15

An Estimated 1,000 EPO Staff in Munich Demonstrated Against EPO Management Yesterday Afternoon

Posted in Europe, Patents at 7:01 am by Dr. Roy Schestowitz

Summary: Earliest coverage of yesterday’s protest against EPO corruption and abuses

THE EPOlike Microsoft — spies on people for business reasons, not for security reasons. Staff of the EPO decided to protest again, as we wrote earlier this week, and Microsoft Florian was there to document it.

Florian Müller, who used to lobby against software patents before defecting (Microsoft and other companies paid him for this), was there at the scene to cover the protest. “Yesterday,” he wrote early this morning, “the Staff Union of the European Patent Office (SUEPO) held a demonstration in front of the EPO’s main building in Munich. While there have already been various other SUEPO demonstrations in Munich, a couple of which I reported on, yesterday’s protest had a new (though not exclusive) focus: surveillance by means of hidden cameras and keyloggers. Participants in the demonstration carried signs showing surveillance cameras…”

There is an estimate of the number of staff in attendance. “It appears credible to me,” he said, that “approximately 1,000 EPO employees participated — a fairly high percentage of all Munich-based EPO staff.”

There are some photos there to prove it (without people’s faces, obviously for their own protection, knowing Benoît Battistelli’s modus operandi).

Separately, the London-based patent lawyers’ blog IP Kat warns us of the threat of UPC looming over the UK:

But first, a digression, which may be of more general interest than the specifics of the particular consultation. The IPKat, ever eager to seek news for his dear readers, took the opportunity to ask whether there was any truth in the speculation that has appeared repeatedly in comments on this blog and elsewhere that the current UK Government might delay ratification of the UPC Agreement until after the UK Referendum on membership of the EU, which is not scheduled until 2017. The Intellectual Property Office, as it turns out, has an answer prepared for this question, and the IPKat is delighted to share it with you.

The horrible UPC (making patents even worse and more wide-reaching) is trying to creep into Europe as quickly as possible (while the public is mostly asleep). The EPO is largely responsible for this and more scrutiny is needed. It’s similar to those awful ‘trade’ agreements, but awareness among the public is severely lacking.

“Staff at the European Patent Office went on strike accusing the organization of corruption: specifically, stretching the standards for patents in order to make more money.

“One of the ways that the EPO has done this is by issuing software patents in defiance of the treaty that set it up.”

Richard Stallman

Microsoft Windows So Insecure That Even Fonts Are Remotely Exploitable

Posted in Microsoft, Security, Windows at 5:28 am by Dr. Roy Schestowitz

Turning the alphabet into a security nightmare

Alphabet

Summary: Windows userbase is once again under serious threat and high risk because something as simple as fonts (rendering of text/pixels on the screen) isn’t done securely in Windows

THERE IS plenty evidence which shows that Microsoft is not interested in security, maybe because there are commitments to the NSA (the motivations are hard to reason about, but Microsoft’s reluctant to patch known holes is easily demonstrable).

Now we are being reminded that even fonts are a security risk in Windows. Yes, Microsoft continues to put users under remote execution threat because of fonts. As the British media put it:

Get patching: Google Project Zero hacker Mateusz Jurczyk has dropped 15 remote code execution vulnerabilities, including a single devastating hack against Adobe Reader and Windows he reckons beats all exploit defences.

The accomplished offensive security researcher (@j00ru) presented findings at the Recon security conference this month under the title One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation [PDF ] without much fanfare and published a video demonstration of the exploit overnight.

As one commenter (found by Robert Pogson) put it, “Adobe (and I guess MS as well) put font handling in the kernel from NT 4.0 to gain speed at the expense of having privileged-based protection, and against Dave Cutler’s original micro kernel plans. What could possibly go wrong?”

Proprietary software is so bad that even fonts are a huge risk. This isn’t the first such incident. It serves also as a reminder for GNU/Linux users because some users continues to install proprietary software from Adobe, despite Free/libre alternatives being equally potent.

To quote the part which shows why Windows makes things even worse: “The nastiest vulnerabilities for 32-bit (CVE-2015-3052) and 64-bit (CVE-2015-0093) systems exist in the Adobe Type Manager Font Driver (ATMFD.dll) module which has supported Type 1 and Type 2 fonts in the Windows kernel since Windows NT 4.0.”

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Microsoft is ‘Buying’ the Media Ahead of Vista 10 Launch

Posted in Microsoft at 5:13 am by Dr. Roy Schestowitz

Ghostwriting and PR disguised as ‘news’

Typewriting machine

Summary: Signs serve to indicate that Microsoft is already tightening its grip on technology news sites, ensuring that they give Microsoft disproportionate levels of coverage

“Welcome to the Microsoft Slashdot,” wrote a reader to us, alluding to the recent bias (more extreme than before) of that once-upon-a-time-decent news site. This reader is obviously concerned about Slashdot AstroTurfing, especially after what we saw recently, in part because of Microsoft Nick, who had joined as "Senior Editor".

We are already seeing puff pieces about Vista 10, basically Microsoft marketing framed as ‘news’. Microsoft AstroTurfing must have officially begun for Windows, for several sites such as Ars Technica UK (launched with aid from Microsoft ads, conditional upon them appearing in every page and editors thus unable to fearlessly criticise Microsoft), Slashdot, and The Register are truly stuffed.

“Microsoft is now trying to save its biggest cash cow by making Android essentially a Microsoft Office platform.”“Currently on the Slashdot front page,” wrote the reader, “9 mentions of Microsoft and 11 mentions of Windows. They’re getting almost as bad as the Register and this (arstechnica.co.uk) shower. It’s all fake adverts being pushed by a Microsoft still desperately trying to be relevant. [At] arstechnica.co.uk 8 mentions of Windows and 4 mentions of Microsoft…”

Microsoft is a company that shrinks (with layoffs), but it doesn’t mean it can no longer control the media through its extensive network of unethical PR agencies (Microsoft has copywriters). Over time Microsoft may be less able to bribe officials, journalists and hire/commission assault teams (euphemistically called "compete teams" because they are inherently anti-competitive). It’s going to be increasingly hard or challenging because the budget is smaller. Microsoft fired many of its marketing staff last year. Nevertheless, we need to keep watching. Microsoft is a master of manipulation of the media. It has decades of experience and it has no ethical constraints, as we have demonstrated over the years.

Microsoft is now trying to save its biggest cash cow by making Android essentially a Office Microsoft platform. Data is being transmitted to Microsoft, but does anyone care? Even Linux sites carry water for Microsoft right now (regarding Android), not just Microsoft media moles (former staff) like Sarah Perez at AOL (seeding further coverage). Don’t think that Microsoft isn’t playing dirty games behind the scenes to make it so.

“Working behind the scenes to orchestrate “independent” praise of our technology, and damnation of the enemy’s, is a key evangelism function during the Slog.”

Microsoft, internal document [PDF]

« Previous Page« Previous entries « Previous Page · Next Page » Next entries »Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts