03.08.14

Links 8/3/2014: Distros

Posted in News Roundup at 1:42 pm by Dr. Roy Schestowitz

Permalink Leave Your Comment      Send this to a friend

Links 8/3/2014: Games

Posted in News Roundup at 1:37 pm by Dr. Roy Schestowitz

Permalink Leave Your Comment      Send this to a friend

Links 8/3/2014: Instructionals

Posted in News Roundup at 1:34 pm by Dr. Roy Schestowitz

Permalink Leave Your Comment      Send this to a friend

03.07.14

Political News That Matters

Posted in News Roundup at 12:42 pm by Dr. Roy Schestowitz

Privacy

• US wants to undermine privacy in TTIP negotiations

  In the EU – US trade negotiations (TTIP / TAFTA) the US tabled a proposal that would prohibit to require local data storage. If the EU accepts this proposal, the EU would give away an instrument essential to protect privacy.

  On 5 March 2014 the Greens/EFA group in the European Parliament organised a meeting on the complex relationship between data protection, the Transatlantic Trade and Investment Partnership (TTIP), and the general context of EU-US relations after the Snowden revelations. (Stream available)

• Microsoft’s OneDrive For Business Throws Down Gauntlet For Box, Dropbox [More PRISM]

• Dropbox erects sueball shield with new T&C and privacy legalese [PRISM class action]

  Grumpy with Dropbox? Forget sueing the company, which is trying to keep you from your lawyers with its new Terms of Service document effective as of March 24th, 2014.

NSA

• Edward Snowden testifies to the European Parliament about the NSA

  SURVEILLANCE WHISTLEBLOWER Edward Snowden has responded to the European Parliament’s questions about PRISM and data privacy.

• Edward Snowden tells European Parliament how local spies aid NSA surveillance

  The NSA whistleblower has given extensive evidence to an inquiry into the surveillance of European citizens, describing what he calls a “bazaar” of EU intelligence agencies allowing the U.S. to spy on pretty much everyone.

• Why the NSA undermines national security

  But this zero-sum framework ignores the significant damage that the NSA’s practices have done to U.S. national security. In a global digital world, national security depends on many factors beyond surveillance capacities, and over-reliance on global data collection can create unintended security vulnerabilities.

• Senator Walsh introduces bill to restrict NSA and FBI snooping

  Sen. John Walsh, D-Mont., introduced his first bill Thursday, to restrict the ability of federal security agencies to secretly collect phone records and other personal data on U.S. citizens.

  Walsh’s bill, titled the Civil Liberties Defense Act, also would require the National Security Agency to purge records of already collected data that don’t comply with standards established by the act.

• NSA might farm out spying on Americans

  The NSA is forbidden to spy on American citizens. But the GCHQ is not so forbidden. So has the NSA farmed out its surveillance of Americans to GCHQ? The NSA would then be following the letter of the law, but, through its association with the GCHQ, would have immediate access to surveillance of Americans.

• NSA Chief Wants To Silence The Press

• What Is Google’s Relationship With the NSA?

• Gen. Dempsey: NSA leaks will cost billions

• Snowden leaks cost billions to NSA, CIA – top US military official

  The National Security Agency leaker will speak with Christopher Soghoian, the principal technologist of the American Civil Liberties Union, about NSA’s spying techniques and “the ways in which technology can help to protect us from mass surveillance.” The event will take place Monday and be moderated by Ben Wizner, director of the ACLU’s Speech, Privacy & Technology Project (who is also a legal advisor for Snowden). Snowden will take audience questions.

Torture

• CIA: We Only Spied On Senate Intelligence Committee Because They Took Classified Documents That Prove We’re Liars

  Earlier this week, we wrote about the accusations that the CIA was spying on Senate staffers on the Senate Intelligence Committee as they were working on a massive $40 million 6,300 pages report condemning the CIA’s torture program. The DOJ is apparently already investigating if the CIA violated computer hacking laws in spying on the Senate Intelligence Committee computers. The issue revolved around a draft of an internal review by the CIA, which apparently corroborates many of the Senate report’s findings — but which the CIA did not hand over to the Senate. This internal report not only support’s the Senate report’s findings, but also shows that the CIA has been lying in response to questions about the terror program.

• FBI probing alleged removal of documents from CIA by Senate staffers

• FBI investigating Senate staffers’ unauthorized removal of documents about CIA interrogations

• Colorado Sen. Udall asks the White House (again) to declassify a special report on CIA spying

• Heinrich: CIA Not Acting In “Good Faith”

  “The Senate Intelligence Committee oversees the CIA, not the other way around. Since I joined the Committee, the CIA has refused to engage in good faith on the Committee’s study of the CIA’s detention and interrogation program. Instead, the CIA has consistently tried to cast doubt on the accuracy and quality of this report by publicly making false representations about what is and is not in it.

Militarism

• Navy will deploy first ship with laser weapon this summer

  After successful testing last year, the Navy is preparing to deploy its first directed energy weapon to the fleet. When it puts to sea this summer, the afloat forward staging base ship USS Ponce will be equipped with the Navy’s Laser Weapon System (LaWS).

Drones

• Friendly Fire: US Drone Strike Kills Five Afghan Soldiers

  The Pentagon has confirmed launching a drone strike against the Logar Province of Afghanistan today, hitting their allies in a case of mistaken identity. The strike kill five Afghan National Army soldiers, and wounded eight others.

• The Drone Debate: Has President Obama Stretched the Limits of Constitutional Power?

  In order to frame last night’s Intelligence Squared U.S. Debate, moderator John Donvan invited Georgetown University constitutional law professor Nick Rosenkranz on stage to give the audience a jumpstart on their thinking as to why this event was distinct from the previous debate on drones. He explained that while the first debate looked at policy–which invariably brings politics into the equation–this argument, “The President Has the Constitutional Power to Target and Kill Americans,” focuses solely on the question of constitutionality.

• America’s Longest, Dirtiest War

  This past week, I had to write a paper on the psychological determinants of the United States’ response to the attacks on September 11, 2001. I clarify the year because if y’all never noticed, the Benghazi attacks happened on the same exact day ten years later … eerie. Like most political science papers I write, I dove headfirst into the topic and justified my watching of movies before bedtime because I chose ones that had to do with 9/11. First, it was United 93. Very bad choice. Quite similar to the night I came home from going out and thought “I’ll just watch a short rom com and fall asleep while it’s playing.” I chose Hotel Rwanda. Three hours later, I was alone in bed bawling my eyes out because why is the world such a horrible place?!

  [...]

  In 2011, a so-called terrorist threat, Anwar al-Aulaqi, was targeted and successfully removed from the picture, much like many other covert operations led out by top American military forces. The only thing that made this different from the assassination of Osama bin Ladin was that Anwar al-Aulaqi was an American citizen, as was his 16-year-old son Abdulrahman al-Aulaqi, whose death was officially stated as a “mistake” by the United States government. There were outcries from journalists and social justice groups following the two separate incidents; what happened to innocent until proven guilty? The response of the government was that the reasons for assassinating these two men — well, really one boy and one man — were too dangerous to let the public in on. So basically, we should really just trust the military and let them kill whomever they want, regardless of citizenship. Because the government is always looking out for the people, right? Except when they unlawfully assassinate us … it’s a cycle of complete bullshit.

Ukraine

• EU freezes Ukraine’s missing billions, but if it was corrupt why did the banks accept it in first place?

  The EU has just announced that it’s going to freeze the suspect assets of 18 Ukrainian politicians, including former president Viktor Yanukovych. This comes after Switzerland and Austria froze assets earlier in the week. Quite apart from the criticism that the EU’s delay gives plenty of time for Ukraine’s missing billions to be shifted further afield, there is a bigger problem here.

  If there are concerns that this money is corrupt, why did any of the EU’s banks accept it in the first place? Banks are supposed to obey anti-money laundering laws that require them to check out their customers and their source of funds. Then they’re supposed to turn down money that has been earned through crime – including the sort of state looting that seems to have been happening in Ukraine. And governments are supposed to hold banks that fail to do all this to account.

• The 160-Year Christian History Behind What’s Happening in Ukraine

  In recent days, the Crimean peninsula has been at the heart of what some have described as the greatest international crisis of the 21st century. But this is not the first time the region has been so critical to international affairs. Many educated people have at least heard of the great struggle known as the Crimean War (1853-56), although its causes and events remain mysterious to most non-specialists.

• US, European Union impose sanctions against Russia

• Cyberwar hits Ukraine

  While the Kremlin denied any involvement, Georgian officials accused Russia of being behind the attacks.

Permalink Leave Your Comment      Send this to a friend

MDV News: OpenMandriva Lx 2014 on Its Way, Mageia Has Issue, PCLinuxOS Has New Magazine

Posted in Mandriva at 11:12 am by Dr. Roy Schestowitz

• Winter ended!

  Today is a good day in many senses: winter ended and OpenMandriva Lx 2014 Alpha2 is here!

  To keep up to high standards we decided to move Beta to RC1 date, and have Alpha2 today, to deliver you new fun according to the promise. This change does not affect the final release date.

• Oh No, Mageia has Lost its Magic

  Mageia has been one of my favorite projects and distributions since its inception, but Jesse Smith said today that the spell is broken for him. Smith had issues with his network connection upon first boot, but continued to have installation and updating of software issues. He complained of poor performance, missing packages, and a seriously annoying task switcher too. All in all, he wasn’t pleased. He concluded (in part)…

• March 2014 Issue of The PCLinuxOS Magazine Released

  The PCLinuxOS Magazine staff is pleased to announce the release of the March 2014
  issue. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published
  by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor,
  and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative
  Commons Attribution-NonCommercial-Share-Alike 3.0 Unported license, and some
  rights are reserved.

Permalink Leave Your Comment      Send this to a friend

Secret Deals — Not GnuTLS — a Threat to GNU/Linux Security

Posted in GNU/Linux, Security at 10:53 am by Dr. Roy Schestowitz

Summary: Shifted focus (diversion towards non-issues like the GnuTLS flaw) and what we really need to watch out for when it comes to surveillance on GNU/Linux users

Cryptology is a funny thing. It’s an instrument of control (through predictive information. espionage, blackmail and so on). That’s more or less the thesis of a popular book from Wikileaks folks, titled “Cypherpunks”. Held in the hands of ordinary citizens, cryptology gives citizens power. Abused in the hands of freelance thugs [1] or state-sanctioned thugs like the NSA, cryptology helps guard the thugs (secrecy) and expose citizens who are only ever ‘enjoying’ fake cryptology, such as Microsoft’s and RSA’s. Now that Apple is receiving horrible publicity for breaking cryptology around the same time Apple joined PRISM there is some dodgy attempt to divert attention towards GNU/Linux, even if GnuTLS flaws are already patched and GnuTLS is not so widely adopted, not to mention the fact that is not used for very sensitive transactions such as banking [2]. The Linux Foundation was also quick to rebut the FUD [3], stating that “some were quick to point out that Linux distributions were not vulnerable to this particular issue” (contrary to corporate media reports).

What remains much bigger an issue, other than weak passwords (human error), is closed-sourced and proprietary hardware that may or may not incorporate Linux [4], such as my Home Hub from BT (which is rumoured to have back doors, based on some British press). A lot of what we’ve learned from the NSA leaks is that secret deals and collusion with companies is what’s responsible for back doors, not something which is visible at source code level. It is also what makes Red Hat, an NSA partner, difficult to trust these days [1, 2, 3]. The NSA reportedly asked Torvalds for back doors in Linux [1, 2, 3, 4]. Social engineering, bribes from the CIA in exchange for access (as reported in mainstream media) and even cracking is how spies get their way. They need not rely on programmers’ errors. █

Related/contextual items from the news:

1. Two in five Brits cough up for CryptoLocker ransomware’s demands

   Researchers from the University of Kent quizzed a total of 48 people who had been affected by CryptoLocker. Of the sample, 17 said they paid the ransom and 31 said they did not.

2. GnuTLS: Big internal bugs, few real-world problems

3. What is the GnuTLS Bug and How to Protect Your Linux System From It

   It seems that it’s only been a few weeks since we all heard of a nasty certificate validation error in Apple’s software, a.k.a. the infamous “double goto fail” bug. While some were quick to point out that Linux distributions were not vulnerable to this particular issue, wiser heads cautioned that a similar bug could be potentially lurking in software used on Linux.

4. More than 300,000 routers in homes and small businesses hacked

   Team Cymru, the US-based security outfit which published the report, said that the network of hacked routers is one of the biggest of its kind that has been discovered, with most of the hacked routers in Columbia, India, Italy, Thailand, and Vietnam.

Permalink Leave Your Comment      Send this to a friend

Leaving Windows to Rot

Posted in Microsoft, Windows at 10:26 am by Dr. Roy Schestowitz

Summary: Windows XP is almost officially dead now, so rather than cling onto it (as parts of China reportedly do) one needs to move to GNU/Linux

Microsoft is leaving Windows to rot (even where there is a large userbase [1]), so we should too. Sometimes in my job people who are mentally dependent on Windows (fearful of change) try to cling onto Microsoft APIs [2], Windows applications, server protocols etc. without quite realising that they only make their life more difficult, especially if they try to rely on GNU/Linux for the rest (especially on the desktop, not just the server). The right thing to do right now is to find alternatives to Windows which are based on GNU/Linux [3], protecting freedom [4] and dodging incarceration that proprietary software so gleefully promotes [5].

Some people said that 2014 would be the year of GNU/Linux on the desktop and based on what I see at work this is actually very probable. █

Related/contextual items from the news:

1. Microsoft’s Attempt To Convert Users From Windows XP Backfires Thanks To Low Loyalty, Limited Benefits

   Windows XP is 13 years old and Microsoft has no obligation to continue supporting it — but failing to support it means that many of the most vulnerable or cash-strapped customers could end up playing host to an avalanche of malware or security exploits.

2. Wine Support On Chrome OS Is Unlikely

   If you were hoping to eventually be able to run Windows applications within Google’s Chrome OS environment via Wine, the possibilities of that working out well are very slim.

3. Best Linux distros to replace Windows XP?

   Microsoft will soon no longer support Windows XP so current XP users will need to migrate to a newer version of Windows or possibly Linux. If they don’t migrate, they run the risk of serious security problems once Microsoft stops issuing updates for Windows XP.

4. Our Assignment

   We need to protect the freedoms in which Linux was born and grew up.

5. Totally Legal Computer

   The OS is the core of your computing experience. There’s no point trying to run a fully legal setup if the base of it is illegal. Windows and Mac OS are the most known operating systems, however they aren’t free.

Permalink Leave Your Comment      Send this to a friend

Red Hat Joins the Joke Which is Amazon’s ‘Secure’ Federal ‘Cloud’

Posted in Red Hat, Servers at 10:15 am by Dr. Roy Schestowitz

Summary: Another Red Hat move which puts citizens’ data in the hands of unaccountable spies and their corporate partners/accomplices

Amazon, which is a very special partner of the CIA^* (we gave dozens of references before in order to highlight this), has already earned Ubuntu some tough words and a snub from the EFF, FSF, as well as many others (nongroups). For Red Hat to play buddies with Amazon makes little or no sense. Amazon not only does many disgusting things (to customers, staff, externalities) but it also pays Microsoft for GNU/Linux, including RHEL. Like with Azure (as we explained repeatedly before), putting any computational resource on Amazon ‘clouds’ is like handing it all over to the NSA (for surveillance, interception, interference, censorship, modification leading to framing, and so on). Red Hat is said to have joined some nonsense programme that involves AWS [1-4], marketed as “secure” and “federal”. Who is this secure from? The Federal government of the United States? Surely not, unless of course you happen to be the government itself. The whole thing sounds so dodgy and it won’t give Red Hat much credibility now that Red Hat’s relationship with the NSA [1, 2, 3] is debated in some circles (it was last mentioned in an article from Sam Varghese earlier this week).

Making things even worse, Red Hat makes an approach [5] towards something which resembles Mono and promotes Microsoft APIs. This is not a wise move, for reasons that we are going to deal with in the next post.

Red Hat’s CEO speaking of himself as a “great leader” (without saying so directly) in Red Hat’s self-serving Web site that’s now treated as a news site by Google News [6]. Some say that Red Hat is a one-of-a-kind [7], but if Red Hat leans towards the NSA, puts customers’ data on Microsoft-taxed and NSA-eavesdropped ‘clouds’, hires executive staff from Microsoft and even promotes/spreads .NET and Hyper-V (which provides an NSA back door into GNU/Linux guests through Windows hosts^**), then maybe it’s better to promote alternatives to Red Hat as a flag bearer and GNU/Linux leader. Red Hat recently found itself in somewhat of a scandal involving OpenStack [8-10] while it also formed OpenStack partnerships [11-15]. Red Hat really can do and should do more to embrace and disseminate freedom, not cages like AWS. Red Hat’s middleware business is a good example of this [16,17] as business (as in revenue/sales [18], like IBM's) becomes the top priority, even when Red Hat makes public appearances [19,20].

Perhaps what we need now is more strength for community projects like Arch and Debian. They, unlike Red Hat, don’t share a bed with malicious companies that violate users’ rights. █
____
^* The CIA was, just earlier this week, found to be illegally spying on government officials that act as watchdogs.

^** Proprietary virtualisation software is the issue here. VMware is not much better because it’s run by former Microsoft executives (Microsoft is the top NSA partner) and is owned by EMC, which also runs RSA, the NSA’s notorious back doors partner.

Related/contextual items from the news:

1. AWS launches Red Hat Enterprise GNU/Linux in AWS GovCloud (US)

2. Red Hat Enterprise GNU/Linux now on Amazon’s GovCloud

3. Red Hat Courts Government Customers with GNU/Linux for AWS GovCloud

4. Red Hat GNU/Linux now available on Amazon’s secure federal cloud

   If you’re a government worker and have been wanting to run Red Hat Enterprise Linux securely on your Amazon cloud, it’s your lucky day. The popular open-source operating system is finally available on Amazon Web Services.

5. Red Hat brings Microsoft .NET Apps to its OpenShift cloud

   Uhuru was founded just over two years ago by veteran ex-Microsoft executives: former vice president Jawad Khaki and former general manager Jawaid Ekram. They are self-proclaimed experts in bringing Windows to Open Source PaaS.

6. Great leaders are comfortable with who they are

   Over the last 25 years of my career—from serving as a partner at the Boston Consulting Group (BCG), to my time at Delta Air Lines, to my current role as president and CEO of Red Hat—I’ve been exposed to my fair share of leaders. I’ve learned that leaders and leadership styles can vary greatly depending on the company culture, industry and size, but there’s one commonality I’ve noticed among all of them: to be effective, leaders must be respected.

7. A Formula for Launching the RedHats of the Future

   The bottom line, therefore, is that in order for the model promoted by Levine to succeed, it’s predicated on the existence of underlying projects that achieve the balance of benefits that I alluded to above. Without the right scope of opportunity, sufficient success in recruitment, and abundant skill in execution, there will be no more RedHats emerging from this new model than the last. But where this methodology is understood and followed, not only will such opportunities emerge, but they will do so with far greater predictability than in the past.

8. Piston OpenStack 3.0 Arrives, Focused on Private Clouds

9. GNU/Linux Ebb & Flow, Red Hat Oops, and Chakra Reviewed

   There’s rarely a dull moment when looking through Linux newsfeeds. Today we find Jesse Smith has reviewed Chakra GNU/Linux 2014.02. LinuxInsider.com looks at why distributions gain popularity then disappear. And finally, The Register covers a bit of convention confusion between Red Hat and cloud newcomer Piston.

10. The importance of a community-focused mindset

    Piston, an Openstack-in-a-box vendor[1] are a sponsor of the Red Hat[2] Summit this year. Last week they briefly ceased to be for no publicly stated reason, although it’s been sugggested that this was in response to Piston winning a contract that Red Hat was also bidding on. This situation didn’t last for long – Red Hat’s CTO tweeted that this was an error and that Red Hat would pay Piston’s sponsorship fee for them.

11. Red Hat Increases its Focus on OpenStack Partnerships

    Red Hat originally made a name for itself as the only U.S.-based public company exclusively focused on open source, as it has proved that its Linux-focused strategy could be very profitable. But the company’s future is increasingly being tied to cloud computing and OpenStack in particular. This week, Red Hat marks two years of collaborating with contributors and developers on key OpenStack.org projects “to bring OpenStack from a project to a product.”

12. Red Hat Enterprise GNU/Linux OpenStack Platform Leveraged by Alcatel-Lucent, CloudBand ™ as Part of Its Network Functions Virtualization (NFV) Platform

13. Alcatel-Lucent to deploy Red Hat Enterprise GNU/Linux OpenStack Platform

14. Alcatel-Lucent deploys Red Hat Enterprise GNU/Linux platform

    Red Hat, a provider of open source solutions announced that Alcatel-Lucent deployed Red Hat Enterprise GNU/Linux OpenStack platform based on Red Hat Enterprise Linux and Kernel-based Virtual Machine (KVM), as the common platform for its Network Functions Virtualization (NFV) solution, CloudBand.

    “Alcatel-Lucent specifically chose Red Hat Enterprise GNU/Linux OpenStack Platform for use in managing CloudBand Nodes, the turn-key, all-in-one compute, storage and network node system that interfaces with the CloudBand Management System, along with any other OpenStack-enabled nodes,” the company said.

15. Alcatel-Lucent Embraces OpenStack, as Network Function Virtualization Efforts Expand

    A key part of the overall solution is Alcatel-Lucent’s Cloudband technology which is the company’s NFV platform that provides the server, storage and networking infrastructure with the Cloudband Node. Cloudband also includes management and orchestration functionality to deploy and manage network functions deployed on the infrastructure.

16. Red Hat Launches a 3-fer for Enterprise BPM Users

    Red Hat’s new JBoss BPM Suite is in part the result of its 2012 acquisition of Polymita, noted 451 Research analyst Carl Lehmann. The addition of that technology and other new features brings Red Hat’s BPM offering on par with other BPM suites and “gives Red Hat some competitive differentiation in the market,” he said. “I think they did a pretty good job there.”

17. Red Hat’s Polymita acquisition to spawn new products

    That’s according to a Red Hat spokesperson who gave me some additional insight into a press conference that the Raleigh-based open source software company will hold on Tuesday at 11 a.m. to announce new products in middleware.

18. Red Hat Executives Named 2014 CRN Channel Chiefs

19. Red Hat to Webcast Middleware Press Conference on March 4

20. Videos From Red Hat’s DevConf.cz Conference Now Online

    Videos from the DevConf.cz conference that happened earlier this month in Brno, Czech Republic, are now available online from the Red Hat focused event.

Permalink Leave Your Comment      Send this to a friend