Posted in Finance, Free/Libre Software, Microsoft at 7:01 pm by Dr. Roy Schestowitz
Summary: Microsoft is losing money, paying its CFOs a lot of money to shut up after they depart, and now a guy from Microsoft becomes the CFO of Puppet
A COUPLE of years ago Puppet invited me to interview their executives and even sent a signed book. The company also sent many E-mails, hoping to receive some positive coverage from us (we declined because we never do this). I personally work a lot with Puppet and I am thankful for what it does (even at no cost), so the news in [1] troubles me greatly. It basically says that the CFO will be a guy from Microsoft, the company which engaged in serious financial fraud, got caught after an insider blew the whistle, and then paid the Feds to walk away (so basically another Enron, but one that got away with it). According to this new article, “revisiting the SEC filing from late October makes it clear the company [Microsoft] also spent more than it made then.”
Well, the company is said to have lost 18 billion dollars in 1998 alone. It’s seemingly some kind of Ponzi scheme, relying on government protectionism and collusion (e.g. with the NSA, whose secret/black budget may somehow subsidised the acquisition of Skype through familiar proxies). Citing the above article, iophk said, “hence the current noise about revenue… a distraction from the losses.” █
Related/contextual items from the news:
-
New Puppet CFO Bill Koefoed is leaving the executive suites of the world’s largest software company, where he ran Microsoft’s investor relations department for four years before taking over in 2012 as CFO of its Skype subsidiary.
Permalink
Send this to a friend
Posted in FUD, GNU/Linux, Google at 5:33 pm by Dr. Roy Schestowitz
Summary: An overview of some very recent FUD against Android — something that has become extremely common because Android is the world’s leading platform
WE HAVE NEVER been short on Android FUD. We have covered Android FUD for as long as the platform existed, including Ballmer’s disgusting words that spread to the press as soon as Android was first announced (he called it just some words on paper, or something to that effect). Windows insecurity firm Symantec has played a role in some later FUD and it wasn’t alone. Even this weekend we found it claiming [1] — quite arrogantly — that Android is at risk. And why? Because Windows is a security joke, with or without the NSA back doors it is gladly providing. Muktware used an appropriate headline: “New malware uses Windows to infect Android devices” (hence, don’t use Windows, but Android is not to blame here). As the press continues to note in recent days, Android may increasingly replace Windows even on the desktop [2], so Windows insecurity firms must be worried.
What other FUD have we got? Well, a Bill Gates-funded publication continues to slam Google and Android [3], mysteriously never accusing Windows and Microsoft of much worse things (like tax evasion, security issues, high costs, lock-in, etc.) and it’s probably no coincidence. We are not going to feed the FUD; instead we’ll just say that this same publication often quotes and cites a Microsoft lobbyist, not noting his affiliation, in order to boost Android FUD. We gave numerous examples before and also directly challenged the authors. There is a similar flavour of FUD in another Android-hostile publication [4] and numerous other reports that make Android look bad for simply doing the right thing [5,6]. Similar FUD portrays Android as bloated [7] and not secure [8], so we find ourselves having to rely on excellent news sites like Muktware for real coverage [9] of Andorid, not bait and trolling (for hits).
Android is becoming the world’s only dominant platform, replacing Windows in the process. It makes Android an attractive target for FUD, so watch out and be sceptical of Android-hostile coverage. Gather the pertinent facts and decide whether it’s just sensationalism, hypocrisy (like blaming Android for what every other operating system is guilty of) or lobbying for antitrust/competition purposes (labelling Android distribution illegal, anti-competitive, expensive, incompetent and so on). A lot of very large companies really want Android to fail. █
Related/contextual items from the news:
-
As it continues to gain popularity among consumers and developers alike, malware authors now seem to have shifted their target to Android in a not-so-common manner. According to security firm Symantec, a trojan, dubbed Trojan.Droidpak, tries to install mobile banking malware on Android devices via a Windows machine.
-
-
-
-
-
-
Determine where best to free up space. Take a look at the Pictures and Videos space used in particular. Look for the numerical value next to the descriptive label. Video and images, unlike music, often don’t need to be stored on the device and can be moved. HD video is a major memory hog. Photographs and music are other forms of media that take up a lot of space.
-
US surveillance and the end of support for Windows XP played into its creation.
-
It features the same 6.5mm-thick waterproof casing, 8-megapixel camera, Android 4.2 Jelly Bean OS, Snapdragon 800 processor clocked at 2.3GHz, 2GB of RAM and a 3000mAh battery as found on the regular Xperia Z Ultra.
Permalink
Send this to a friend
Posted in Apple, Google, Patents, Samsung at 5:02 pm by Dr. Roy Schestowitz
Summary: Samsung is still playing with software patents and it is now turning Android devices into restrictions devices, similar to Apple’s
APPLE ‘news’ sites are trying to elude the fact that Android is a real headache to Apple. Here is gross spin from pro-Apple sites along with a report from a former Microsoft booster (who worked for a pro-Microsoft site). One pro-Apple site says that “Apple’s smartphone marketshare continues to ease downward despite record sales for the company’s latest handsets, while rival Samsung’s share of the Android ecosystem is being squeezed in key markets, according to new analysis covering the fourth quarter of 2013.”
Samsung is not Android. Pro-Apple sites are desperate for some positive angle for Apple and negative for Android.
Samsung, as we noted in 2007, began supporting Microsoft’s patent assault on Linux and was one of the first companies (for embedded devices at least) to do so. We spent years drawing attention to this problem and here we are 7 years later with Samsung as some kind of “champion” thanks to Android. Samsung — like LG — is not championing Android, it is helping Microsoft assert ‘ownership’ and hence it is endorsing extortion.
This morning we came to discover that Samsung is boosting patents again, this time with Google. To quote the Head of Samsung’s Intellectual Property Center (notice the propagandistic terms): “This agreement with Google is highly significant for the technology industry…Samsung and Google are showing the rest of the industry that there is more to gain from cooperating than engaging in unnecessary patent disputes.”
This is nonsense. We don’t need this kind of public endorsement of patents, with or without so-called “peace” (only for large patent holders, such as IBM and Microsoft, or even Apple and Microsoft).
There are also technical and practical reasons to avoid Samsung, never mind the patent policy. Samsung is hoping to conquer the Android market with lots of new devices, not just phones [1], and based on reports such as [2,3], Samsung is now doing exactly what Apple has done, making devices jails for their users and taking control over people’s devices. This is bad and one way to say “no” to this behaviour is to avoid, as a matter of principle, anything from Samsung. █
References:
-
Samsung has revealed plans to expand its smartphone and tablet portfolio in 2014. At the company’s conference, Executive Director Hyunjoon Kim announced that Samsung will first “create a new tablet category” that will be aimed at businesses with a high-end, “high-resolution,” large screen tablet around 20-inches. He added that the company will produce many variants by modifying their Galaxy Tab series.
-
-
A number of users are claiming that the Galaxy Note 3 KitKat update breaks compatibility with some third-party accessories. The accessories affected are unofficial versions of Samsung’s S-View Flip Cover, a case with a window over the top half of the screen. A working S-View cover will turn the screen on and trigger a special display that shows the time and notifications through its window. In the previous update, Android 4.3, unofficial S-View covers could trigger this special display mode as well, but after the update to 4.4, the phone will only recognize Samsung-made products.
Permalink
Send this to a friend
01.26.14
Posted in Asia, IBM, Servers at 5:22 pm by Dr. Roy Schestowitz
Summary: China refuses to buy from IBM because of its “special relationship” with the NSA and shortly thereafter China takes over IBM’s server business
IBM recently reported a sharp decline in sales, blaming this on a slump/collapse of contracts with China after the NSA leaks. Perhaps realising that trust is impossible to regain now, IBM, which does not exactly support software freedom on its servers [1], is selling its server business — just like the desktop business — to China [2-4]. It shows the ongoing decline of IBM, which added NSA-oriented extensions such as TPM to Linux-centric agenda. IBM claims to be “hardening the Linux server” these days [5], but historically its agenda inside Linux has been even more dubious than Red Hat's or Intel's because it pushed into Linux (the kernel) software patents agenda and artificial limitations, as we have demonstrated here for years. Linux is used extensively for server security [6], but when Linux itself becomes less secure, then we have a real issue in our hands. Air France now turns to HP [7] — not IBM — for its private server farm needs. Knowing that Boeing is the benefactor of industrial espionage (aided by US diplomats and the NSA), Air France would be wise to dodge IBM. HP has back doors too, but suffice to say, this is less obvious than IBM’s publicly-advertised NSA collusion.
“For many years now IBM has been outsourcing its workforce to India and China and now it’s actually selling parts of its business to the East.”Techrights has historically been friendly towards IBM but also highly critical of the company's patent agenda (lobbying for software patents), marketing tactics, and promotion of freedom- and privacy-infringing technology. The impact of the NSA on IBM is not at doubt [8], and it’s far from negligible [9,10]. For many years now IBM has been outsourcing its workforce to India and China and now it’s actually selling parts of its business to the East. Can clever people in the West (perhaps former IBM workers) outdo IBM by providing a freedom-respecting stack and consulting services around GNU/Linux and Free software? The term FUD comes from IBM, as IBM used these tactics to demonise a former employee who had gone independent with IBM expertise.
At this stage, despite deceiving marketing, IBM needs GNU/Linux and Free software more than GNU/Linux and FOSS need IBM. Recently, the President of the Open Source Initiative (OSI) called IBM a patent troll. IBM can carry on openwashing its business with OpenStack [11,12], Hadoop [13] and so on (even OpenOffice.org), but until it stops serving the NSA, the software patents agenda and various other conflicting interests (causes that harm software freedom and GNU/Linux) we are better off nurturing “true” (as in completely) Free software companies.
Going a few months back (as we mentioned at the time), we have reports such as:
IBM found black budget from the military/surveillance industrial complex too intoxicating to refuse. It sure it alluring to many companies and IBM is no exception; in the 1930 IBM famously did business with the Nazis, helping Hitler’s party profile people (before the data was used for imprisonment and genocide).
For those who did not know about the IBM/NSA relationship, here is a quick wakeup call. It’s not news. It was made known even in the NSA’s Web site. IBM boasted about it. To quote the page about TAPO:
What the Trusted Foundries have to offer:
Accreditation of Trusted Suppliers, with the list available at the DMEA website http://www.dmea.osd.mil/trustedic.html. Potential customers should engage directly with the listed suppliers (except IBM) for all services.
Through TAPO, a contractual relationship with IBM to produce leading-edge microelectronics parts in a trusted environment. IBM maintains world-class facilities in both Vermont and New York, providing a broad range of capabilities to the government in support of the Trusted Foundry contract.
Who can use TAPO services?
Any government-sponsored program can use TAPO to access the IBM Trusted Foundry:
DoD Sponsored Programs may qualify for subsidized pricing on specific MPW runs, provided funding is available.
Other government agencies will need to provide full funding for access.
Contractors working on IR&D projects may access the foundry provided they have a government sponsor.
What services are available?
Through industry partnership at IBM, TAPO offers:
Foundry Services including Multi Project Wafer runs, dedicated prototypes, and production in both high- and low-volume models.
Intellectual Property (IP) development, including standard prepurchased IP.
Packaging and test services.
Custom Logic Service: Cu-08, Cu-65HP, Cu-45HP, and Cu-32.
Foundry Services:
TAPO offers several production options in the foundry business area depending on the schedule and the quantity desired. Designs up to the secret level are accepted.
Multi Project Wafer (MPW) Prototyping – MPW prototype runs have multiple designs on a single reticle and are targeted to customers in need of low volume with no production quantities.
Dedicated Prototype is a dedicated single design prototype run that includes the mask build. IBM guarantees a minimum of two wafers will be delivered to the customer.
Production phase produces unlimited chip quantities, following a successful prototype phase.
Custom Logic Services:
TAPO now has a contract in place for IBM’s commercial Custom Logic flow on digital chips. The customer provides a netlist of RTL hand off and IBM will do the physical layout, package, design, and GDSII generation, and provides tested packaged parts. Design submissions are accepted in Cu-08 Cu-65HP, Cu-45HP, and Cu-32. IBM’s Custom Logic methodology is also available for classified designs.
Intellectual Property:
TAPO has bought pre-paid access to certain roadmap IP that it makes available to customers on an as-needed basis. A complete list of available IP can be obtained from TAPO. IP orders can also be placed for existing IBM IP, custom IP, and certain non-IBM IP.
No company should brag about working with above-the-law spies who engage in industrial espionage, lists for assassination, political coups, etc. IBM’s affairs with the NSA are not new; what’s news is public disapproval (even inside the US) of the NSA and its actions. █
Related/contextual items from the news:
-
While there have been questions about IBM’s true commitment to the OpenStack cloud computing platform, the company definitely remains focused on cloud computing. Today IBM announced plans to commit more than $1.2 billion to significantly expand its global cloud footprint. The investment includes a network of cloud centers that clients can apparently leverage, including allowing businesses to run their IT operations in the cloud.
-
-
-
-
-
ACOS is a Linux-based networking operating system.
-
Air France says it has automated and increased the reliability of its 1,500 Linux servers by deploying a private cloud solution.
The deployment is based on HP’s Cloud Service Automation (CSA) software to accelerate deployment times for physical and virtual infrastructures.
-
-
-
-
Todd Moore, director, IBM Standards and Partnerships, discusses his participation as a member of the OpenStack board of directors.
-
In a nod to the need for more efficient resource management for public and private cloud computing, IBM (IBM) has unveiled a new product for its OpenStack platforms. Called the Platform Resource Scheduler, the resource provides a virtualized programmable interface for automating the allocation of cloud resources.
-
IBM has big plans for Watson, but its proprietary, developer-free approach is under-delivering.
Permalink
Send this to a friend
Posted in GNU/Linux, Hardware, Kernel, Security at 2:41 pm by Dr. Roy Schestowitz
Can you read the source code in this microchip?
Summary: Why the hype about “accelerated” cryptology (like polygons rendering, but for cryptographic purposes) is a dangerous trap that should be shunned and perpetually avoided
THE QUICKEST and most convenient way to undermine all encryption is to weaken random number generation, e.g. lower the entropy, making keys more predictable and thus easily crackable by supercomputers (or even standard computers). This is effective against everything, including online financial transactions, simply because it cracks the very core components of today’s security: SSL, PGP, etc. My doctoral degree involved a great deal of work with entropy and my daytime job too sometimes involves it, so the subject is not foreign to me. I have been watching the NSA closely for a number of years, and always with great concern and suspicion. Now we know that the NSA compels (and even bribes) US companies to help undermine privacy, if not by direct handover of data (PRISM) then by making encryption too poor, setting up back doors, forcing companies to obey NSL/subpoenas, network wiretapping/DPI, or even a combination of all those things. No need for hypotheses anymore; there’s plenty of hard proof now.
Intel, a cleverly-named criminal company (serving the intelligence community), whose hardware-level random number generator (hidden in silicon) FreeBSD refuses to trust (OpenBSD too is historically very critical of Intel) is no longer the only x86 player seeking to manufacture consent (blind trust) for encryption with no source code, just minuscule circuits of semiconductors. AMD, another US company, is now following suit with ardware-level cryptology (i.e. cryptic algorithms for cryptology, which is a non-starter). This is bad just because AMD is a US company (FreeBSD did not single out the US); any company from any country should not be trusted with this type of task. It’s no better — and it is probably much worse — than proprietary software for one’s security. To quote Michael Larabel’s article about it: “Back in November was when patches first emerged for an AMD Cryptographic Coprocessor on Linux. This co-processor provides hardware encryption and other hashing functionality for the AES crypto API, AES CMAC, XTS-AES, and SHA cryptographic interfaces within the Linux kernel.
“Not much information is publicly known on this AMD Cryptographic Coprocessor but it’s believed to be part of AMD’s embedded ARM Cortex-A5 processor on upcoming server-class Opterons with TrustZone technology.”
“Have we learned nothing at all from Snowden’s explosive leaks?”So, Linux 3.14 will try to offload something so sensitive to proprietary code concealed in silicon. Bad idea. Very bad idea. Sure, it’s Linux, but it does open itself to some blobs (e.g. Microsoft’s hypervisor and more famously drivers for peripheral cards that handle graphics), firmware, and now peripheral, embedded-in-hardware proprietary algorithms. Have we learned nothing at all from Snowden’s explosive leaks? Just look what Microsoft has done (total complicity with the NSA). A new poll at FOSS Force asks: “Do you think Red Hat is cooperating with the NSA by building back doors into RHEL?”
The responses may surprise you. Only 42% say “No”. 28% say “I don’t know” and 30% say “Yes”. This relates to an article that alludes to Techrights. It was read by thousands and has been linked to by numerous news sites. I rarely ever comment in sites where identity cannot be verified (because of fakers), but this one challenged my claims and I had to respond. Here are my three replies:
It is not purely speculative. If you think that it is, then you must not have paid close enough attention.
I have been spending at least 2 hours per day since 2012 reading about the NSA. I knew what Snowden showed even before it was publicly known and I spoke about it with RMS on numerous occasions (he came to the UK to meet Assange and then myself, focusing on mass surveillance).
The truth of the matter just needs a little digging because the corporate press is not helping the general public find it out, just like it knowingly ‘buried’ a captured agent in Iran for several years (this leaked out in November).
Similarly, GNU/Linux sites did a very poor job covering (if at all) what happened in recent months regarding Linux. Let me summarise some facts (without links, as I don’t want to be put in the moderation queue again):
- Torvalds’ father said that the NSA had approached his son regarding back doors.
- Linux had a back door added to it about a decade ago. It got removed quickly afterwards and it wasn’t known who had added it. There was press coverage about it, but it was scarce.
- RSA received a bribe from the NSA to promote security standards with back doors.
- NIST and others had NSA moles and bogus (corrupt) peer review process to help usher in security standards with back doors.
- NSA is a large Red Hat client.
- The NSA sends patches to Red Hat, which in turn sends those for Linus Torvalds to put in Linux.
(the above two are now confirmed to me by Red Hat staff)
- BSD does not trust hardware-level random number generators, suspecting — quite rightly given the NSA’s track record — that it has too low an entropy.
- Several top-level Linux developers found vulnerabilities in Linux random number generation. They quietly (without much press coverage anywhere) addressed the issue (raising the entropy) a few months back. Only the latest kernel release has the fixes applied AFAIK (I don’t know if Greg K-H backported any of it because coverage is too scarce). To lay out the magnitude of this issue, it compromises SSL, PGP, etc. (pretty much everything with encryption, even passwords) not just at client side (desktop, tablet, smartphone) but also the server side (i.e. the Internet). This is huge! But the media hasn’t covered it.
Suffice to say, Red Hat has not done anything to convince me I was wrong. Instead, I notice that Red Hat staff is stalking me in LinkedIn and I see my article cited in several news sites which wrote about the issue in several languages (3 articles in Google News are in Spanish).
If you found holes in the above statements or if you want links attached, please request them and I will provide citations. I wrote about everything before, even years ago (NSA involvement in SLE* and RHEL I covered around 2007 or 2008).
I am frustrated to see people turning against the messenger rather than the message. I see a lot of the same done to Sam Varghese. We are making ourselves more vulnerable by refusing to listen to what seems uncomfortable.
Another reply:
I was thinking along the same lines — that Edward Snowden’s leaks (by the way, they’re not just his anymore, as anonymous people from the NSA reportedly leak more and more documents to be published under his name for their safety) can at some stage show encryption undermined at more levels (hardware level, or even kernel level). We already know that encryption was undermined at RSA and NIST by NSA moles, using bribes too. We also know that Linux (kernel) developers recently revised random number generators, after they had found a weakness.
Several state officials (in 6 state at the very least) now work to stop the NSA locally. Some call for a ban on companies that facilitate the NSA (that would include Red Hat), under the premise that they are complicit in crime. I am not kidding, watch the news this week (I don’t want to paste links here as the last time I did so my comment took half a day to appear).
Lastly, there are numerous E-mails sent from and to Red Hat. These further validated my suspicions.
I saw a lot of personal attacks (trying to discredit me or even remove links to my analyses). I even heard the usual personal attacks against Sam Varghese (which I expected from Red Hat because he dares to do real journalism, i.e. journalism that companies don’t like).
Trusting Red Hat should be based on its record, not emotional leanings and faith.
Don’t get me wrong. I was not offended by you and you oughtn’t be offended by my response. I am used to this type of divisive treatment (people trying to ostracise me) since the days I criticised Novell — only to be proven right throughout and at the very end (Novell gave its patents to Linux foes).
I hope you will wait patiently for more information and assess the facts based on their merit. Don’t rely purely/solely on what you read in OpenSource.com (Red Hat). I saw Novell doing its self-delusional spiel (IP “peace of mind”) and fortunately, at the end, Novell did not find enough fools to sell its lies to.
I have been frank in my analysis of Red Hat (on patents, build process, etc.) and if you want links for particular bits of my claims, just ask. I have a repository of tens of thousands of links I collect while researching. Sometimes people refuse to accept even a well-sourced claim because of cognitive dissonance — something I’ve had a lot of experience with when dealing with Microsoft spinners.
“Journalism is printing what someone else does not want printed: everything else is public relations.”
― George Orwell
Here is my original reply, challenging the counter-arguments:
This article starts with an incorrect assertion that I accuse “Red Hat of being in cahoots with the NSA.”
No, NSA is a big client of Red Hat (this was not just revealed but also confirmed to me by Red Hat staff some days ago, by E-mail) and it was also confirmed that NSA submits patches to Linux through Red Hat (think of NIST and RSA; we don’t even have NSA E-mail address to keep track of). Back doors can also be added outside the scope of source code, during a build process. My job involves dealing with this risk. I don’t think you read an essential earlier post:
http://techrights.org/2013/11/24/tpm-back-doors-patriot-act-etc/
This, in turn, links to proof that the NSA did try to put back doors in Linux, as noted by Torvalds the father. See:
http://techrights.org/2013/11/17/nils-torvalds-on-back-doors/
http://techrights.org/2013/09/20/linux-backdoor-question/
http://techrights.org/2013/09/25/surveillance-lawlessness/
Defending Red Hat makes sense, but mischaractering my position is a little unfair. I note that trusting Red Hat is not easy and based on articles I read half a decade ago, NSA was involved in the build process of Windows, OS X, SUSE, and Red Hat (only those 4 were mentioned).
The bottom line is this. Do not have blind trust in Linux. Not even access to source code is enough because the build process needs to be carefully checked and validated; moreover, Linux is joined with some proprietary code and even hardware-level code, so trust is seriously harmed. Now that we know about Red Hat’s relationship with the NSA we should ask ourselves if the NSA is once again trying to put back doors in Linux, or worse, maybe it already did. Letting blobs enter the pipeline helps the NSA achieve (but hide) what it already said it wanted to achieve. █
Permalink
Send this to a friend
Content is available under CC-BY-SA