Contents

• GNU/Linux
  • Distributions
  • Devices/Embedded
• Free Software/Open Source
• Leftovers

GNU/Linux

• Linux Users v Windows Users, Debian Mourns Another

  The Debian project today shared the news of the passing of a long time contributor on September 17. In other news, the Linux Journal offered a free digital copy of their September 2016 magazine. Bruce Byfield compared Linux users to Windows users and My Linux Rig spoke to elementary OS founder Daniel Foré about his “Linux Setup.”

• Asian Penguins turn failed program into a Linux success

  The Community School of Excellence (CSE) Asian Penguins are the world’s first and only Linux user group based in a Hmong charter school. A failed Windows laptop program at the school was turned by the Asian Penguins into a Linux success.

  Stu Keroff is the technology coordinator at the Community School of Excellence, a middle school located in St. Paul, Minnesota. He is a licensed elementary education and middle school social studies teacher, and a long-time Linux enthusiast. Stu founded and advises the Asian Penguins.

• Free Today: September Issue of Linux Journal (Retail value: $5.99)

• Desktop

  • 7 Ways Linux Users Differ from Windows Users

    To casual users, one person at a keyboard looks much the same as any other. Watch for a while, however, and the differences start to emerge — and whether they are using Linux or Windows is the least of them.

    The fact is, Linux users are different from Windows users in attitude as much as their choice of operating system. Originating as a Unix-type operating system and in opposition to Windows, Linux has developed an expectation and a philosophy in direct opposition to those promoted by Windows. Although many new Linux users have come directly from Windows, average Linux users simply do not react in the same way as Windows users.

  • Microsoft paid me $650 to scrub Windows 10 from my grandpa’s PC, says man

    Microsoft has paid the relative of an Alzheimer’s patient for having to scrub his PC clean of Windows 10.

    Jesse Worley said he’d received a cheque for $650 from Microsoft – seen by The Register – which he told us he’d received after threatening the giant with court action over an unwanted Windows 10 upgrade.

    Tech consultant Worley sought payment from the vendor for the 10 hours it took to rebuild his grandfather’s custom-build PC, re-installing Windows 7 to resemble Windows XP, in order to banish Windows 10.

    However, Worley – inspired by the case of a Californian woman over the unauthorised upgrade of her PC to Windows 10 – told The Reg he wasn’t interested in the money.

    He’d wanted to Microsoft to acknowledge it had slipped up with its notorious Get Windows 10 (GWX) nagware notifications, which he branded “deliberately misleading”.

    “Had Microsoft not gone out of their way to be deceptive, my grandfather pretty clearly wouldn’t have been updated to Windows 10,” he said.

  • Why kid hackers should have a Linux computer

    Kids these days are quite amazing in how fast they learn how to use computers. And what better system for a young hacker than a Linux computer? A writer at Medium recently shared the story of how his young nephew got his very own Linux computer.

• Server

  • ​Kubernetes 1.4: One DevOps tool to rule all the containers

  • Kubernetes 1.4 promises to make container orchestration easier, more powerful

  • Canonical Releases ‘Core’ Kubernetes Container Distribution

  • Canonical launches Kubernetes public beta distribution

  • Canonical steps up enterprise courtship with Kubernetes bundle

  • Kubernetes 1.4 makes container orchestration bigger — and simpler

  • Canonical Expands Enterprise Container Portfolio with Commercially Supported Distribution of Kubernetes

  • Strategies for Running Stateful Applications in Kubernetes: Volumes

    Mesosphere DC/OS emphasizes running transactional workloads alongside cloud-native applications. Robin Systems, one of the container management companies, is aiming to containerize Oracle and other enterprise databases. The Kubernetes container orchestration engine is gearing up to run stateful workloads through a new concept called Pet Sets, which is a pod of stateful containers. Pet Sets was introduced as an alpha feature in Kubernetes 1.3, released in July.

    Kubernetes abstracts the underlying infrastructure building blocks into compute, storage and networking. When developers and operations teams get started with Kubernetes, they typically get exposed to objects such as pods, labels, services, deployments and replica sets, which provide a mechanism to deal with compute and networking. When it comes to persistence in Kubernetes, users should get familiar with the concepts of volumes, persistent volumes, persistent volume claims (PVC) and the upcoming Pet Sets.

    This article will be a first in a series that discusses the strategies and use cases for each of the storage choices available in Kubernetes. In this chapter, we will take a closer look at volumes, that provide the easiest migration path to Kubernetes.

  • Docker Doubles Down on Microsoft Windows Server [Ed: recall “DockerCon 2015 Infiltrated by Microsoft”]

    Docker for Windows debuts alongside a new commercial support relationship with Microsoft.
    For the most part, the Docker container phenomenon has been about Linux, with the majority of all deployments on Linux servers. But that could soon be changing as Docker Inc. today is announcing the general availability of Docker Engine on Windows Server 2016, alongside a new commercial support and distribution agreement with Microsoft.

    Docker containers rely on the host operating system for certain isolation and process elements in order to run. On Linux, those elements have always been present as part of the operating system, but the same was not true for Windows, which has required several years of joint engineering effort between Docker Inc. and Microsoft.

  • Hadoop Sandboxes and Trials Spread Out

    We all know that there is a skills gap when it comes to Hadoop in the Big Data market. In fact, Gartner Inc.’s 2015 Hadoop Adoption Study, involving 284 Gartner Research Circle members, found that only 125 respondents who completed the whole survey had already invested in Hadoop or had plans to do so within the next two years. The study found that there are difficulties in implementing Hadoop, including hardship in finding skilled Hadoop professionals.

  • Use models to measure cloud performance

    When I was young, I made three plastic models. One was of a car—a ’57 Chevy. Another was of a plane—a Spitfire. And a third was of the Darth Vader TIE Fighter. I was so proud of them. Each one was just like the real thing. The wheels turned on the car, and the plane’s propeller moved when you blew on it. And of course, the TIE Fighter had Darth Vader inside.

    When I went to work on the internet, I had to measure things. As I discussed in my last post, Measure cloud performance like a customer, when you measure on the internet you need to measure in ways that are representative of your customers’ experiences. This affects how you measure in two ways. The first is the perspective you take when measuring, which I talked about last time. The second way is the techniques you use to perform those measurements. And those techniques are, in effect, how you make a model of what you want to know. Those childhood plastic models turn out to offer some solid guidance after all.

  • ODPi Adds Apache Hive to Runtime Specification 2.0

    Today, ODPi announced that the ODPi Runtime Specification 2.0 will add Apache Hive and Hadoop Compatible File System support (HCFS). These components join YARN, MapReduce and HDFS from ODPi Runtime Specification 1.0

    With the addition of Apache Hive to the Runtime specification, I thought it would be a good time to share why we added Apache Hive and how we are strategically expanding the Runtime specification.

  • Ubuntu’s OpenStack on IBM’s Big Iron

    If I were Red Hat I would be looking over my shoulder right now; it appears that Ubuntu might be gaining. In just a few years the Linux distribution has gone from being non-existent in the enterprise to being a powerhouse. This is especially true in the cloud, where it’s a dominant force on both sides of the aisle. Not only is it the most deployed operating system on public clouds, its version of OpenStack accounts for over half of OpenStack cloud deployments, used by the likes of Deutsche Telekom, Bloomberg and Time Warner Cable.

• Kernel Space

  • Soramitsu Open Sources Blockchain Platform “Iroha” – Offers Code to Linux Foundation’s Hyperledger Project

  • Soramitsu contributes code to Hyperledger

    Soramitsu Co., Ltd. (CEOs : Makoto Takemiya and Ryu Okada; hereafter, “Soramitsu”) has announced today the open sourcing and proposal of a distributed ledger technology (blockchain) platform called “Iroha” to the Hyperledger Project, an open source Linux Foundation collaborative project for the enhancement of blockchain and distributed ledger technology.

  • Congressional Blockchain Caucus Formed

  • The US is looking to formalise policy around blockchain technology

  • U.S. Congress Sees a Bipartisan Caucus for Bitcoin and Blockchain

  • Lawmakers announce new bipartisan Congressional Blockchain Caucus

  • SC Republican among founders of congressional Bitcoin caucus

  • US forms caucus to shape policies related to digital currency

  • Blockchain Now Has Own Congressional Caucus

  • Lawmakers announce blockchain technology caucus

  • New Congressional Caucus Seeks Favorable Laws for Blockchain

  • Polis, Mulvaney Launch ‘Blockchain Caucus’

  • Blockchain gains congressional support

  • Tech-savvy lawmakers found blockchain caucus

  • US Politicians Form Blockchain Caucus to Create Sound Bitcoin Policies

  • The US Congress now has a caucus dedicated to bitcoin and blockchain

  • Blockchain Just Made Some New Friends in Congress

    Boy, has blockchain become respectable. It wasn’t long ago that the face of the technology, which powers the crypto-currency bitcoin, was libertarians and drug dealers. Today, it’s the banking industry and members of Congress.

    On Monday, Rep. Jared Polis (D-Co) and Rep. Mick Mulvaney (R-SC) announced the creation of a “Blockchain Caucus” to promote laws and policies to encourage the development of crypto-currencies and other blockchain-related tools.

  • Unsafe at any clock speed: Linux kernel security needs a rethink

    The Linux kernel today faces an unprecedented safety crisis. Much like when Ralph Nader famously told the American public that their cars were “unsafe at any speed” back in 1965, numerous security developers told the 2016 Linux Security Summit in Toronto that the operating system needs a total rethink to keep it fit for purpose.

    No longer the niche concern of years past, Linux today underpins the server farms that run the cloud, more than a billion Android phones, and not to mention the coming tsunami of grossly insecure devices that will be hitched to the Internet of Things. Today’s world runs on Linux, and the security of its kernel is a single point of failure that will affect the safety and well-being of almost every human being on the planet in one way or another.

  • Is the Linux kernel a security problem?

    Security is an ongoing issue for all operating systems, including Linux. While Linux has generally had a good reputation compared to Windows when it comes to security, no operating system is perfect. A writer at Ars Technica recently examined the issue of security and the Linux kernel.

  • security things in Linux v4.4

    Continuing with interesting security things in the Linux kernel, here’s v4.4. As before, if you think there’s stuff I missed that should get some attention, please let me know.

  • Graphics Stack

    • Mesa Preps For Landing The On-Disk Shader Cache

    • Performance-Boosting HiZ Patches Revised For Intel’s Vulkan Linux Driver

  • Benchmarks

    • Testing The BCache SSD Cache For HDDs On Linux 4.8

      It has been over one year since last testing the mainline Linux kernel’s BCache support for this block cache that allows solid-state drives to act as a cache for slower hard disk drives. Here are some fresh benchmarks of a SATA 3.0 SSD+HDD with BCache from the Linux 4.8 Git kernel.

• Applications

  • Linux and Open Source Hardware for IoT

    Most of the new 21 open source software projects for IoT that we examined last week listed Linux hacker boards as their prime development platforms. This week, we’ll look at open source and developer-friendly Linux hardware for building Internet of Things devices, from simple microcontroller-based technology to Linux-based boards.

    In recent years, it’s become hard to find an embedded board that isn’t marketing with the IoT label. Yet, the overused term is best suited for boards with low prices, small footprints, low power consumption, and support for wireless communications and industrial interfaces. Camera support is useful for some IoT applications, but high-end multimedia is usually counterproductive to attributes like low cost and power consumption.

  • nginx

    Case in point: I’ve been using the Apache HTTP server for many years now. Indeed, you could say that I’ve been using Apache since before it was even called “Apache”—what started as the original NCSA HTTP server, and then the patched server that some enterprising open-source developers distributed, and finally the Apache Foundation-backed open-source colossus that everyone recognizes, and even relies on, today—doing much more than just producing HTTP servers.

    Apache’s genius was its modularity. You could, with minimal effort, configure Apache to use a custom configuration of modules. If you wanted to have a full-featured server with tons of debugging and diagnostics, you could do that. If you wanted to have high-level languages, such as Perl and Tcl, embedded inside your server for high-speed Web applications, you could do that. If you needed the ability to match, analyze and rewrite every part of an HTTP transaction, you could do that, with mod_rewrite. And of course, there were third-party modules as well.

  • Etcher Image Writer Is Now Better Than Ever

    Back in may we spotlighted Etcher, a stylish open-source USB image writer app for Windows, macOS and Linux.

    In the months since our feature the app has released a over 10 small beta updates, with Etcher 1.5 Beta being the most recent release at the time of writing.

  • Audacious 3.8 released

    Audacious 3.8 was released on September 21, 2016.

  • New Version of Audacious Music Player Released

    A new version of Audacious, a popular lightweight audio player, is now available for download.

    Audacious 3.8 introduces a small set of features, including the ability to run more than one instance of the app at the same time. Quite why… no idea.

    New audtool commands have been added, including stream recording toggles, and cue sheet support is said to be “more seamless”.

  • Rambox Puts All Your Favorite Messaging Services In One App

    Rambox is a free, open-source messaging and email app that groups all your favourite web apps into one easy-to-manage window.

    Sound familiar?

    We’ve highlighted apps like Rambox before, with Franz and the Gmail-specific Wmail being but two.

  • Stylish Markdown Editor ‘Typora’ Is Now Available for Ubuntu

    In the market for a desktop markdown editor for Linux? You may have helped but notice that you’re rather spoilt for choice. From Abricotine and Scratch to Simplenote, Springseed and Remarkable. Even Gedit can render markdown with the right plugin! With so much choice it can be difficult to know which app to pick.

  • YoutPlayer Floats Your Fave YouTube Videos on The Desktop [Ed: just an Electron app]

    Looking for a neat-o way to play YouTube playlists on your desktop, outside your browser? Take a looksie at Yout, an Electron app that lets you add and watch YouTube playlists on your desktop, floating window stylee. Yout is not the most user-friendly of apps.

  • Instructionals/Technical

    • Learn How to Speed Up Websites Using Nginx and Gzip Module

    • How to install WooCommerce plugin on an Ubuntu 16.04 VPS

    • 10 tips for DIY IoT home automation

    • How to Set Legacy Bios in HP ProLiant GEN9 Server

    • Setup Docker storage to use LVM thin pool

    • Deploy an OpenShift test cluster

    • Deploying Kubernetes using Ansible

  • Games

    • Avoid the pile-up in ‘Clustertruck’, a first-person platformer with day-1 Linux support, it’s great

      We have been steadily getting more 3D “beat the timer” games where you’re up against others times, which is great because they really can be fun. I do love getting competitive in certain games, especially with some of my Steam friends and friends in the wider community. Games like this recently have been something I’ve been repeatedly going back to for a break from life.

      Clustertruck is not only about beating the times of other people, but it’s also a “the floor is lava” game, so if you touch the floor you have to start again. The really funny thing is that the safe pads are moving trucks you have to keep up with. You can at least grab onto the back of a truck if you just about touch it, so it’s not always instant death.

    • Fusion 3, the next generation game engine and editor from Clickteam will support Linux

      The difference between their tools and others, is the event system. Instead of needing to program every single line, you can stack up events and link them together to create a game. It works quite well and I’m pretty excited to give Fusion 3 a go on Linux myself to see what random games I can create for fun.

    • SteamOS 2.93 Brewmaster Beta Adds New Security Fixes from Debian GNU/Linux 8.6

      Valve’s SteamOS 2 gaming operating system is still getting goodies, and it looks like a new Beta update has been pushed on September 26, 2016, to the brewmaster_beta channel for public beta testers.

      That’s right, SteamOS 2.93 Brewmaster Beta is here to replace the previous build announced earlier this month, SteamOS 2.91 Brewmaster Beta, and add the latest security fixes and updates from upstream. This means that SteamOS is now officially based on the recently released Debian GNU/Linux 8.6 “Jessie” operating system.

      “SteamOS brewmaster update 2.93 pushed to brewmaster_beta. Corrects a build issue where the last kernel updates were not actually included. Also updates from the Debian 8.6 release[www.debian.org] and the usual security fixes,” says John Vert, Valve engineer, in the release announcement.

    • There Are Around 2,000 Steam Linux Games Available

    • Steam now has above 2,500 Linux & SteamOS games available

      I’ve seen some posts on reddit and across the wider net about Steam hitting around 2,000 games for Linux. The truth is the number is actually quite a lot higher.

      People seem to be using SteamDB numbers which aren’t up to date. The problem here is that SteamDB is unofficial and a manual process for people to let them know a game works. So you need to own the game and manually tell them, which makes their numbers rather different to the reality.
      Note: SteamDB do truly excellent work, this isn’t a bash attempt, but to let people know how they work and how their list is different.

      The other problem is that the Steam Search when filtering only for Games and only for Linux is still incorrect. It actually lists games that are due soon, or due this month and haven’t released yet. It also still lists games that haven’t updated their release date that were supposed to release before today, but didn’t actually release yet.

    • ‘Farabel’, a turn based strategy game is officially coming to Linux after a days work

      The developers of Farabel [Official Site, Steam, itch] sent word that their game is now officially coming to Linux. They asked for testers and in a single day got the game working properly on Linux and it’s now official.

    • RADV Vulkan Driver Can Now Correctly Render Talos Principle

    • The Talos Principle now renders correctly in ‘radv’, the open source AMD Vulkan driver

      Good news for Vulkan and AMD GPU fans, as David Airlie has put up a new blog post letting us know that The Talos Principle now renders correctly in this new open source AMD Vulkan driver.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • KDE’s Kirigami UI Framework for Mobile and Convergent Apps Hits 1.1 Milestone

      On September 26, 2016, the KDE developers proudly announced the availability of the first point release for their recently introduced Kirigami UI framework to create mobile and convergent applications.

    • KDE Kirigami 1.1 UI Framework Released

  • GNOME Desktop/GTK

    • GNOME 3.22 Supports Flatpak Cross-Linux Distribution Framework

      GNOME 3.22, the second major update this year to the GNOME desktop environment, debuted Sept. 21—and since then, has made its way into the repositories of Linux distributions, including Fedora and openSUSE. Much as was the case with the GNOME 3.20 update earlier this year, many of the changes in the latest iteration of the popular open-source desktop environment are incremental. Among the most significant capabilities in GNOME 3.22 is support for the Flatpak framework, which is designed to allow an application to be installed on various Linux distributions. The GNOME Builder integrated development environment (IDE) can now also be used by developers to build Flatpak-compatible applications. Flatpak is an alternative approach to Snappy, which provides similar capabilities and was originally developed by Ubuntu. The GNOME Files application continues to evolve and, in this release, adds new capabilities that enable users to open compressed files automatically. Files also enables users to compress files easily in common compression formats. Additionally, Files gained the ability to batch rename files and folders on a user’s system. Here’s a look at the key features of the GNOME 3.20 desktop update.

    • [GNOME Maps:] Planning a trip

• Distributions

  • The Linux Setup – Daniel Foré, elementary OS

    Daniel is the founder of elementary OS, the distribution that’s famous for its own look. Daniel came to Linux through a love of customizing Windows XP, so it’s no surprise he also came to appreciate the flexibility of Linux. Interestingly, especially given the strong visual aesthetic of elementary, Daniel’s favorite app is the Scratch text editor!

  • New Releases

    • Solus Gets MATE 1.16 Desktop Environment and Linux Kernel 4.7.5, Up-to-Date Apps

      Joshua Strobl from the Solus Project published a new installation of the distribution’s weekly newsletter, This Week in Solus 36, to inform Solus users about the latest software updates and other important changes in the Linux OS.

    • Proxmox VE 4.3 released

      Proxmox Server Solutions GmbH today announced the general availability of Proxmox Virtual Environment 4.3. The hyper-converged open source server virtualization solution enables users to create and manage LXC containers and KVM virtual machines on the same host, and makes it easy to set up highly available clusters as well as to manage network and storage via an integrated web-based management interface.

      The new version of Proxmox VE 4.3 comes with a completely new comprehensive reference documentation. The new docu framework allows a global as well as contextual help function. Proxmox users can access and download the technical documentation via the central help-button (available in various formats like html, pdf and epub). A main asset of the new documentation is that it is always version specific to the current user’s software version. Opposed to the global help, the contextual help-button shows the user the documentation part he currently needs.

    • Proxmox VE 4.3 Officially Released with New Reference Documentation, Updated GUI

      Today, September 27, 2016, Proxmox Server Solutions GmbH proudly announced the immediate availability of the Proxmox VE (Virtual Environment) 4.3 open source, Linux-based hyper-converged server virtualization solution.

      The biggest new feature of the Proxmox VE 4.3 release appears to be a new reference documentation that users can download in various formats, including as EPUB, PDF or HTML, helping newcomers get started with Proxmox much faster. However, it looks like it is based on the Debian GNU/Linux 8.6 “Jessie” and Ubuntu 16.04 LTS (Xenial Xerus) operating systems, running LXC 2.0 and Linux kernel 4.4 LTS.

  • OpenSUSE/SUSE

    • SUSE among those choosing to enhance partner programmes

    • New SUSE program focuses on enterprise Linux, software-defined storage, OpenStack cloud for channel partners

    • Suse scraps revenue targets in partner shake-up

    • SUSE Helps Channel Better Meet Customer Needs with Open Source Technology

    • SUSE Overhauls Partner Program for Linux, Storage, OpenStack Cloud, Management

      SUSE is launching an overhauled channel partner program to address four key customer needs: Enterprise Linux, software-defined storage (SDS), OpenStack cloud and systems management. The bolstered partner efforts comes only a few weeks after HP Enterprise (HPE) named SUSE as its preferred Linux distribution.

  • Red Hat Family

    • How Red Hat is making money on the public cloud with a hybrid approach

      Red Hat hasn’t traditionally played much of a part in public clouds, a fact its CEO Jim Whitehurst underscored in Red Hat’s recent earnings call. Though the company is now dabbling in a true elastic/consumption-based delivery and pricing model via OpenShift, Red Hat remains a primarily on-premises business that only feints toward a true cloud model in terms of service delivery.

      Ironically, the hybrid cloud may be the trend that gets Red Hat fully planted in the public cloud.

    • Red Hat Software Adding Fort Point Offices

      The new location will include an immersive briefing center for visiting executives, the first East Coast location for the company’s innovation labs and a new engineering lab, which will augment Red Hat’s 175,000-square-foot engineering and product headquarters in Westford. The engineering lab will provide collaborative space to take advantage of Boston’s tech ecosystem, Raleigh, North Carolina-based Red Hat said in a statement.

    • Finance

      • Red Hat Inc. (RHT) Receives “Buy” Rating from Credit Agricole SA

      • Red Hat Inc. (RHT) Rating Reiterated by William Blair

      • Drexel Hamilton Reiterates Buy Rating for Red Hat Inc. (RHT)

      • Red Hat Inc. (RHT) Stock Rating Reaffirmed by Credit Agricole SA

      • Red Hat Inc (NYSE:RHT) approaching 52-week high, short interest down

      • Raymond James Financial Inc. Reiterates Outperform Rating for Red Hat Inc. (RHT)

    • Fedora

      • Fedora Join meetings to begin this week

        We’ve had the Fedora Join SIG around for a bit now, but we haven’t been very active. Recently we’ve seen an increase in community members willing to participate in the SIG, and in combination with the work that CommOps is doing to improve the “joining experience” for newbies, we thought that it’s a good time to gain some traction.

      • Fedora 25 Alpha and processing.

        Is simple to use. You can used with java also with python and android mode.
        Come with many examples and tutorials.
        Today I tested with Fedora 25 alpha.

      • Fedora 24 — The Best Distro for DevOps?

        If you have been to any DevOps-focused conferences — whether it’s OpenStack Summit or DockerCon — you will see a sea of MacBooks. Thanks to its UNIX base, availability of Terminal app and Homebrew, Apple hardware is extremely popular among DevOps professionals.

        What about Linux? Can it be used as a platform by developers, operations, and DevOps pros? Absolutely, says Major Hayden, Principal Architect at Rackspace, who used to be a Mac OS user and has switched to Fedora. Hayden used Mac OS for everything: software development and operations. Mac OS has all the bells and whistles that you need on a consumer operating system; it also allows software professionals to get the job done. But developers are not the target audience of Mac OS. They have to make compromises. “It seemed like I had to have one app that would do one little thing and this other app would do another little thing,” said Hayden.

      • Fedora 25 Goes Into Beta Freeze Today, New Features Need To Be Completed

        Today is a big day along the Fedora 25 schedule and stepping towards its official debut in November.

        The Fedora 25 Beta freeze is today ahead of the planned beta release on 11 October. Also very important is today’s the 100% code complete deadline for Fedora 25 changes.

      • Fedora 25 Beta Freeze

      • Fedora 25 Linux Beta Might Land on October 11, 2016, Beta Freeze Now in Effect

        Fedora Project’s Mohan Boddu announced on September 26, 2016, that the upcoming Fedora 25 Beta milestone, which is scheduled for release next month on the 11th, is now officially in freeze stage.

        Fedora 25 is the next major release of the Red Hat-sponsored computer operating system for power users and anyone else who wants a well-designed Linux-based OS. It has been in development since July 2016, and the Alpha snapshot has hit the streets on August 30, after being delayed by a week due to some nasty regressions and bugs that have been patched quickly.

        The next stop in the Fedora 25 Linux development cycle is the Beta, which, according to the official release schedule, is now in freeze state. The Beta Freeze stage means that developers won’t be allowed to add any other features to the upcoming Beta release, but only to fix blockers and other annoyances that might not offer users a quality product.

  • Debian Family

    • Debian Project mourns the loss of Kristoffer H. Rose

      Kristoffer was a Debian contributor from the very early days of the project, and the upstream author of several packages that are still in the Debian archive nowadays, such as the LaTeX package Xy-pic and FlexML. On his return to the project after several years’ absence, many of us had the pleasure of meeting Kristoffer during DebConf15 in Heidelberg.

    • Derivatives

      • Parsix GNU/Linux 8.5 “Atticus” to Reach End of Life on September 30, 2016

        The Parsix GNU/Linux developers announced that the end-of-life status is approaching fast for the Parsix GNU/Linux 8.5 “Atticus” operating system, urging users to upgrade to the latest release immediately.

        Dubbed Atticus and based on the Debian GNU/Linux 8.5 “Jessie” operating system, Parsix GNU/Linux 8.5 was unveiled seven months ago, on February 14, 2016. Running the long-term supported Linux 4.1.17 kernel injected with TuxOnIce 3.3 and BFS patches, it was built around the GNOME 3.18 desktop environment with the GNOME Shell 3.18.3 user interface.

        The end of life (EOL) will be officially reached on September 30, 2016, which means that users of the Parsix GNU/Linux 8.5 “Atticus” operating system will no longer receive security and software updates. Therefore, they are urged today to upgrade to the latest, most recent version of the Debian-based distribution, Parsix GNU/Linux 8.10 “Erik.”

      • Canonical/Ubuntu

        • Ubuntu 16.10 Final Beta Officially Released with Linux Kernel 4.8, Download Now

          Delayed six days, the Final Beta release of the upcoming Ubuntu 16.10 (Yakkety Yak) operating system launched today, September 28, 2016, as the final development snapshot in the series.

          Today’s Final Beta is in fact the first Beta pre-release version of Ubuntu 16.10, and the only development milestone that you’ll be able to test if you want to see what’s coming to the next major release of Ubuntu Linux. However, we can tell you that it is powered by Linux kernel 4.8, contains up-to-date applications, and still uses the Unity 7 UI.

          “The Ubuntu team is pleased to announce the final beta release of Ubuntu 16.10 Desktop, Server, and Cloud products. Codenamed “Yakkety Yak”, 16.10 continues Ubuntu’s proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, introducing new features and fixing bugs,” reads the announcement.

• Devices/Embedded

  • Ofcom blesses Linux-powered, open source DIY radio ‘revolution’

    Small scale DAB radio was (quite literally) conceived in an Ofcom engineer’s garden shed in Brighton, on a Raspberry Pi, running a full open source stack, in his spare time. Four years later, Ofcom has given the thumbs up to small scale DAB after concluding that trials in 10 UK cities were judged to be a hit.

    We gave you an exclusive glimpse into the trials last year, where you could compare the specialised proprietary encoders with the Raspberry Pi-powered encoders.

    “We believe that there is a significant level of demand from smaller radio stations for small scale DAB, and that a wider roll-out of additional small scale services into more geographic areas would be both technically possible and commercially sustainable,” notes Ofcom.

  • 96Boards.org goes Cortex-M4 with IoT Edition and Carbon SBC

    Linaro, 96Boards.org, and SeeedStudio have launched the first 96Boards IoT Edition SBC — a $28 BLE-ready “BLE Carbon” that runs Zephyr on an ST Cortex-M4.

    Linaro Ltd and its 96Boards.org open hardware standardization group announced the first non-Linux and MCU based 96Boards single board computer, and the first to comply with a new 96Boards IoT Edition (IE) spec. Built by SeeedStudio, and designed with the help of Linaro, the flagship IE board is called “Carbon” by Linaro and 96Boards, and is called “BLE Carbon” by SeeedStudio. This suggests there might be other Carbon variants in the offing that could feature other radios in addition to, or in place of, the Carbon BLE’s Bluetooth Low Energy function.

  • Onion Creates a $5 Linux Computer with Wi-Fi, Designed for IoT Applications

    Onion has produced a $5 tiny Linux computer that supports JavaScript, Python, PHP and more. In its KickStarter campaign, Onion calls the Omega2 the “World’s smallest Linux server, with Wi-Fi built-in.”

  • Phones

    • Android

      • Andromeda? Making sense of an Android-Chrome OS marriage

      • Chromebooks get stable Android apps as Andromeda rumors swirl

        Andromeda may be the future, but Android and Chrome OS are already merging. Google just made Android apps available on the stable version of Chrome OS for the first time, and organizations can now centrally manage Android apps on their Chromebooks.

      • Mediatek’s developer board features a 10-core chip and Android 6.0

        Like PCs, developer boards like Raspberry Pi are getting more horsepower to run faster applications and 4K graphics.

        Take the Mediatek X20 Development Board, which started shipping for US$199 this week. It is crammed with the latest mobile chips that give the developer board PC-like computing power.

      • Motorola Android 7.0 Nougat Update Details

        Just as expected Google released Android 7.0 Nougat on August 22nd and quickly delivered it to Nexus devices. Now, other smartphone owners are now wondering when they’ll get the update. Motorola has always been quick to release the latest version of Android, and here’s what we know about Motorola Android 7.0 Nougat updates.

      • Chromebook Pixel 2 gets Android apps on the Chrome OS stable channel

        A few days ago, Google released Android apps to two Chromebooks: the Acer Chromebook R11 and the ASUS Chromebook Flip. These arrived version 53 of Chrome OS, on the stable channel. However, the Chromebook Pixel 2, which has had Android apps in beta up until now, has been waiting for the stable release. This painful period is over, Pixel 2 owners, because you too can now join in on the Android fun with the release of stable Chrome OS 53 to last year’s flagship Chromebook.

      • New Galaxy Note 7 sales begin October 28 in Europe

      • BlackBerry’s next rumored Android phone, the DTEK60, passed through the FCC

      • Android 7.0 Nougat Crashes Way More Than iOS 10

      • Google News & Weather 2.8 adds Lite mode, optimizes pages for slow connections

      • [Update: Pixel XL too] Google Pixel press shot leaked, shows new home button and round icons

      • Lenovo lays off hundreds of Motorola employees

        Lenovo has announced a new round of layoffs. Globally, the layoffs impact “less than 2 percent of its 55,000 employees,” with a majority of the job cuts targeted at Motorola employees in the U.S. According to Droid-Life, over 50% of Motorola’s workforce in the U.S. is being let go, affecting over 700 jobs out of the remaining 1,200. That’s a reduction of over 95% from the 20,000 employees Motorola had when Google acquired the company in 2011.

      • Chrome for Android will let you download entire web pages and use less data for video

      • BlackBerry’s Unannounced DTEK60 Android Smartphone Surfaced In FCC Filing

      • Telegram adds photo masks, GIF creation, and trending stickers

      • Images of Chromecast Ultra leak ahead of October 4th unveiling

Free Software/Open Source

• GitHub open-sources internal load-balancing software

  GitHub will release as open source the GitHub Load Balancer (GLB), its internally developed load balancer.

  GLB was originally built to accommodate GitHub’s need to serve billions of HTTP, Git, and SSH connections daily. Now the company will release components of GLB via open source, and it will share design details.

• GE, Bosch and open source could bring more IoT tools

  Partnerships that could shape the internet of things for years are being forged just as enterprises fit IoT into their long-term plans.

  A majority of organizations have included IoT as part of their strategic plans for the next two to three years, IDC said last week. No one vendor can meet the diverse IoT needs of all those users, so they’re joining forces and also trying to foster broader ecosystems. General Electric and Germany’s Bosch did both on Monday.

  The two companies, both big players in industrial IoT, said they will establish a core IoT software stack based on open-source software. They plan to integrate parts of GE’s Predix operating system with the Bosch IoT Suite in ways that will make complementary software services from each available on the other.

• Industrial IoT leaders work towards interoperability and open source collaboration

• GE and Bosch Sign Agreement for Interoperability and Open Source Collaboration

• Free PPMP from Bosch makes Industry 4.0 open for all

• Open source tools can help small businesses cut costs and save time

  Imagine if there was a global community of tech experts who were independently building and improving digital tools that you could use for free. Tools that could help you provide a service for, and communicate with, your customers.

  Well, there is. The open source community is made up of amateur and professional computer coders who work on publicly available computer code. Businesses can then take these lines of code from websites such as Github, to use in their software, products and services.

  Open source projects are helping small businesses all over the world to save time and money.

• OPNFV Colorado platform bolsters open source NFV efforts

  The Linux Foundation’s Open Platform for NFV project claims its third platform release targets accelerating development of NFV apps and services

  The telecom market’s continued move towards integrating network functions virtualization received a boost as the Linux Foundation’s Open Platform for NFV project released its latest Colorado platform release, the third from the open source-based organization.

• Open-source NFV Project delivers third platform release

  The OPNFV Project, an open source project that facilitates the development and evolution of Network Functions Virtualization (NFV) components across various open source ecosystems through integration, deployment, and testing today announced the availability of OPNFV Colorado, the project’s third platform release.

• Inocybe Technologies Launches Community Version of their Open Networking Platform

• Open Source Getting on My Nerves

  Open source people are generally not dirt dishers, however. Take Phil Robb of OpenDaylight , where he is senior technical director. Robb was on that MANO panel in Denver, and he spoke to me shortly afterward in an interview on ODL’s new Boron software release. I specifically asked him about the “messy MANO situation” right now.

  His response was frustratingly calm. “I would equate the MANO space with where the controller space was three years ago,” he says. “One of the great things about open source is that real code is going to be up, going to be used, stuff will work or it will fall over. But we’ll fail fast and move on.” (See Carriers Driving ODL’s Boron Release.)

  So having multiple versions in process isn’t a bad thing, Robb says, because it might be that one approach works better for a set of use cases than another. What the industry will come around to “sooner rather than later” is that one approach likely addresses the broadest set of use cases and will be more widely adopted, while others address niches and either are used alongside the major approach or incorporated into it.

• GENIVI Alliance launches new open source vehicle simulator project

• Choosing the right metrics for your project

  Last month we discussed setting goals for your community metrics program. These goals serve as a constant reminder of what you want to achieve in the program and should be used as metrics themselves when deciding exactly what you are going to measure.

  This month we’ll document a basic strategy for deciding what to measure, and give examples of specific community metrics we’ve used in practice. Using our knowledge of our community and the goals we previously came up with, we’ll make sure the metrics we choose are relevant.

• An Open Source Shopping Cart Can Boost Your Online Commerce Efforts

• Open Source Projects Must Work Together to Survive

  Open source software is in danger of being beaten at its own game by upstart services that are tightly integrated, less complex, and easier to use. That message was at the heart of the cautionary tale told by Stephen O’Grady in his keynote at this year’s ApacheCon North America in May.

  O’Grady, Principal Analyst & Cofounder of RedMonk, recalled his years as a systems integrator, pointing out that open source software took a big bite out of the enterprise software market when it became more accessible and easier to use.

• Contributing to an Open Source Project

  If you’re interested gaining some tips and insights into how to contribute to open source, this video of a presentation given on September 19 at the JavaOne conference in San Francisco by Gunnar Wagenknecht, a software engineer at Salesforce, and Wayne Beaton, director at the Eclipse Foundation, might be useful to you.

• Facebook Debuts Open Source Detection Tool for Windows

  Facebook debuted the open source tool in 2014 as cross-platform, but for the last two years it was only supported on Ubuntu, CentOS, and Mac OS X operating systems. Facebook isn’t the biggest Windows shop, but the company confirmed in March that because so many users were asking for it, it was building a version of the tool for Windows 10.

• Events

  • Report for Software Freedom Day 2016 – China Academy Science

    This year I am asked to present SFD in China Academy Science by the company, so unlucky I am not proper to deliver a Fedora talk then. I bring some DVDs and stickers there, as well as a roll up poster. However there are people asking questions about Fedora so finally I still do some Q&A after the event.

    SFD in China Academy Science this year is hold in Huairou Campus, suburbs of Beijing. So with another Red Hatter, Shiyang, we took train there. Their campus is not easy to find and by the time we arrived at the event it’s 10 minutes before the start of the event.

    Talks started on 2:00 PM. After the hostess introduced the event, Shiyang is the first to talk. He introduces the basic usage of Git and Github. During the Q&A part of his talk, I found that in fact most students not paying much attention to distributions already. They are just users of Linux.

  • OpenDaylight Symposium 2016

  • Keynote: Join or Die! – Stephen O’Grady, Principal Analyst & Cofounder, RedMonk

• Web Browsers

  • Mozilla

    • B2G OS and Gecko Annoucement from Ari Jaaksi & David Bryant

      In the spring and summer of 2016 the Connected Devices team dug deeper into opportunities for Firefox OS. They concluded that Firefox OS TV was a project to be run by our commercial partner and not a project to be led by Mozilla. Further, Firefox OS was determined to not be sufficiently useful for ongoing Connected Devices work to justify the effort to maintain it. This meant that development of the Firefox OS stack was no longer a part of Connected Devices, or Mozilla at all. Firefox OS 2.6 would be the last release from Mozilla. Today we are announcing the next phase in that evolution. While work at Mozilla on Firefox OS has ceased, we very much need to continue to evolve the underlying code that comprises Gecko, our web platform engine, as part of the ongoing development of Firefox. In order to evolve quickly and enable substantial new architectural changes in Gecko, Mozilla’s Platform Engineering organization needs to remove all B2G-related code from mozilla-central. This certainly has consequences for B2G OS. For the community to continue working on B2G OS they will have to maintain a code base that includes a full version of Gecko, so will need to fork Gecko and proceed with development on their own, separate branch.

    • Firefox 53 Will Drop Support for Windows XP and Windows Vista

      Software companies are one by one giving up on Windows XP support for their products, and now it appears that it’s Mozilla’s turn to switch the focus to newer versions of Windows.

      Firefox 53 will be the first version of the browser which will no longer support Windows XP and Windows Vista, so users who haven’t yet upgraded to Windows 7 or newer will have to either stick with Firefox 52 or move to a different browser.

    • Boot 2 Gecko Being Stripped From Mozilla’s Codebase

      At the end of 2015 Mozilla effectively put an end to Firefox OS / Boot 2 Gecko by concluding things weren’t working out for Mozilla Corp and their commercial partners to ship Firefox OS smartphones. All commercial development around it has since stopped and they are now preparing to strip B2G from the mozilla-central code-base.

      The news to report on now is that Ari Jaaksi and David Bryant have announced, “Today we are announcing the next phase in that evolution. While work at Mozilla on Firefox OS has ceased, we very much need to continue to evolve the underlying code that comprises Gecko, our web platform engine, as part of the ongoing development of Firefox. In order to evolve quickly and enable substantial new architectural changes in Gecko, Mozilla’s Platform Engineering organization needs to remove all B2G-related code from mozilla-central. This certainly has consequences for B2G OS. For the community to continue working on B2G OS they will have to maintain a code base that includes a full version of Gecko, so will need to fork Gecko and proceed with development on their own, separate branch.”

• SaaS/Back End

  • Pentaho aims to alleviate big data pains

    Seemingly retaining its original name, technology stack and altogether vibe-ness with competancy over a year now since being acquired by Hitachi Data Systems, Pentaho is putting out the ‘data developer/analyst’ messages and tuning up its own integration prowess in the process.

  • The broken promise of open-source Big Data software – and what might fix it

• CMS

  • Open source application portal adds new ITS applications for download

    The Open Source Application Development Portal (OSADP) web-based portal provides access to and supports the collaboration, development, and use of open-source ITS-related applications. The OSADP has added a number of new ITS-related applications that are available free to the public, including:

• Public Services/Government

  • Wyoming’s open source enterprise code library a secret no more

    Wyoming’s 250-person Enterprise Technology Services (ETS) group knew it had a good thing in its Enterprise Extensible Code Library, but it chose to keep things under wraps outside of the state until last week when members of that team attended an annual confab for state government CIOs.

    It was at the National Association of State Chief Information Officers (NASCIO) convention in Orlando that the ETS code library project was honored with a Recognition Award for Enterprise IT Management Initiatives, and the inquiries from other states and organizations started streaming in.

• Openness/Sharing/Collaboration

  • Inside the Drone Journalism Lab’s open source operations manual

    Across the world, journalists are increasingly using drone technology to augment their reporting at a fairly inexpensive price.

    In order to help journalists become more adept drone users, the University of Nebraska-Lincoln’s Drone Journalism Lab recently released a free operations manual online.

    The manual, produced by Matt Waite, founder of the Drone Journalism Lab, is open source and Creative Commons licensed.

  • Open Source Malaria’s First Paper

    Open Source Malaria (OSM) publishes its first paper today. The project was a real thrill, because of the contributors. I’d like to thank them.

    Skepticism about open source research is often based on assumptions: that people will be too busy or insufficiently motivated to participate, or that there will be a cacophony of garbage contributions if a project is open to anyone. I’m not sure where such assumptions come from – perhaps people look first for ways that things might fail. We can draw upon many experiences of the open source software movement that would suggest such assumptions are poor. We can draw on successful examples of open collaboration in other areas of science, such as the Human Genome Project and the projects it has spawned, as well as examples in mathematics and astrophysics. This OSM paper addresses open source as applied to drug discovery, i.e. experimental, wet lab science in an area where we normally expect to need secrecy, for patents. It is based on the experience of 4-5 years of work and describes the first series examined by OSM.

  • Open Access/Content

    • The crazy price of college textbooks is pushing more US universities to adopt an “open-source” solution

      Seven Rhode Island universities, including Brown and Rhode Island College, will move to open-license textbooks in a bid to save students $5 million over the next five years, the governor announced Tuesday (Sept. 27).

      The initiative is meant to put a dent in the exorbitant cost of college and, more specifically, college textbooks. Mark Perry, a professor of economics and finance at the University of Michigan Flint, and a writer at the American Enterprise Institute, estimated last year that college textbook prices rose 945% between 1978 and 2014, compared to an overall inflation rate of 262% and a 604% rise in the cost of medical care.

    • Gov. Raimondo announces plan to ease college textbook burden

    • Textbook plan hopes to save RI college students $5 million

    • Governor says open-text initiative will save RI college students $5 million each year

    • Rhode Island aims to put $5 million in textbooks savings back in students’ pockets

Leftovers

• Video claiming drilling into iPhone 7 will reveal hidden headphone port goes viral

  A video claiming that users can add a headphone socket to the iPhone 7, which only has a Lightning port, by drilling into the bottom of their phone has been watched almost 10m times.

  The prank video shows a man drilling a 3.5mm hole into the bottom left edge of the iPhone 7 held in a vice. It points to the row of small holes on the left side that replaced the headphone socket present on the iPhone 6S and claims that drilling into the second hole on the left reveals a hidden socket.

  Once the hole has been drilled the video shows an iPhone 7 playing music, although the sound comes out of the speakers, not the white headphones now inserted in the DIY hole.

• Tempers flare in Venice as angry protesters block cruise ships

  Hundreds of demonstrators have taken to the water in Venice to protest against visiting cruise ships, as relations between tourists and locals reach a new nadir.

  Flare-waving protestors used gondolas and small boats to prevent cruise ships, including a vessel belonging to Thomson, from passing through the lagoon on Sunday.

  During peak season some 30,000 cruise ship passengers disembark in Venice every day, which locals claim is ruining their city, both environmentally and culturally.

• Disney Is Working With an Adviser on Potential Twitter Bid

  Walt Disney Co. is working with a financial adviser to evaluate a possible bid for Twitter Inc., according to people familiar with the matter.

  After receiving interest in discussing a deal, Twitter has started a process to evaluate a potential sale. Salesforce.com Inc. is also considering a bid and is working with Bank of America on the process, according to other people, who asked not to be named because the matter is private.

  Representatives for Twitter and Disney didn’t respond to requests for comment.

  Speculation that Twitter will be sold has been gathering steam in recent months, including last week’s news of Salesforce’s interest, given the social-media company’s slumping stock and difficulties in attracting new users and advertising revenue. Disney, the owner of ABC and ESPN, could obtain a new online outlet for entertainment, sports and news. Jack Dorsey, chief executive officer of Twitter, is on the board of Disney.

• Science

  • Archaelogists discover 200-year-old underground pub in Manchester

    Archaelogists have discovered a 200-year-old underground pub during building work on a office building in central Manchester.

    Excavators discovered untouched bottles full of of brandy and crockery branded with the 18th-century landlord of the Astley Arms.

    Archaelogists were brought to the site of a future 13-storey skyscraper as part the planning process and found the remains of houses as well as the pub.

• Security

  • Tuesday’s security updates

  • New Open Source Linux Ransomware Divides Infosec Community

    Following our investigation into this matter, and seeing the vitriol-filled reaction from some people in the infosec community, Zaitsev has told Softpedia that he decided to remove the project from GitHub, shortly after this article’s publication. The original, unedited article is below.

  • Fax machines’ custom Linux allows dial-up hack

    Party like it’s 1999, phreakers: a bug in Epson multifunction printer firmware creates a vector to networks that don’t have their own Internet connection.

    The exploit requirements are that an attacker can trick the victim into installing malicious firmware, and that the victim is using the device’s fax line.

    The firmware is custom Linux, giving the printers a familiar networking environment for bad actors looking to exploit the fax line as an attack vector. Once they’re in that ancient environment, it’s possible to then move onto the network to which the the printer’s connected.

    Yves-Noel Weweler, Ralf Spenneberg and Hendrik Schwartke of Open Source Training in Germany discovered the bug, which occurs because Epson WorkForce multifunction printers don’t demand signed firmware images.

  • Google just saved the journalist who was hit by a ‘record’ cyberattack

    Google just stepped in with its massive server infrastructure to run interference for journalist Brian Krebs.

    Last week, Krebs’ site, Krebs On Security, was hit by a massive distributed denial-of-service (DDoS) attack that took it offline, the likes of which was a “record” that was nearly double the traffic his host Akamai had previously seen in cyberattacks.

    Now just days later, Krebs is back online behind the protection of Google, which offers a little-known program called Project Shield to help protect independent journalists and activists’ websites from censorship. And in the case of Krebs, the DDoS attack was certainly that: The attempt to take his site down was in response to his recent reporting on a website called vDOS, a service allegedly created by two Israeli men that would carry out cyberattacks on behalf of paying customers.

  • Krebs DDoS aftermath: industry in shock at size, depth and complexity of attack

    “This attack didn’t stop, it came in wave after wave, hundreds of millions of packets per second,” says Josh Shaul, Akamai’s vice president of product management, when Techworld spoke to him.

    “This was different from anything we’ve ever seen before in our history of DDoS attacks. They hit our systems pretty hard.”

    Clearly still a bit stunned, Shaul describes the Krebs DDoS as unprecedented. Unlike previous large DDoS attacks such as the infamous one carried out on cyber-campaign group Spamhaus in 2013, this one did not use fancy amplification or reflection to muster its traffic. It was straight packet assault from the old school.

  • iOS 10 makes it easier to crack iPhone back-ups, says security firm

    INSECURITY FIRM Elcomsoft has measured the security of iOS 10 and found that the software is easier to hack than ever before.

    Elcomsoft is not doing Apple any favours here. The fruity firm has just launched the iPhone 7, which has as many problems as it has good things. Of course, there are no circumstances when vulnerable software is a good thing, but when you have just launched that version of the software, it is really bad timing.

    Don’t hate the player, though, as this is what Elcomsoft, and what Apple, are supposed to be doing right.

    “We discovered a major security flaw in the iOS 10 back-up protection mechanism. This security flaw allowed us to develop a new attack that is able to bypass certain security checks when enumerating passwords protecting local (iTunes) back-ups made by iOS 10 devices,” said Elcomsoft’s Oleg Afonin in a blog post.

  • After Tesla: why cybersecurity is central to the car industry’s future

    The news that a Tesla car was hacked from 12 miles away tells us that the explosive growth in automotive connectivity may be rapidly outpacing automotive security.

    This story is illustrative of two persistent problems afflicting many connected industries: the continuing proliferation of vulnerabilities in new software, and the misguided view that cybersecurity is separate from concept, design, engineering and production.

    This leads to a ‘fire brigade approach’ to cybersecurity where security is not baked in at the design stage for either hardware or software but added in after vulnerabilities are discovered by cybersecurity specialists once the product is already on the market.

  • Sloppy programming leads to OpenSSL woes

  • OpenSSL Fixes Critical Bug Introduced by Latest Update

    OpenSSL today released an emergency security update after a patch in its most recent update issued last week introduced a critical vulnerability in the cryptographic library.

  • The Internet Of Poorly Secured Things Is Fueling Unprecedented, Massive New DDoS Attacks

    Last week, an absolutely mammoth distributed denial of service (DDoS) attack brought down the website of security researcher Brian Krebs. His website, hosted by Akamai pro bono, was pulled offline after it was inundated with 620Gbps of malicious traffic, nearly double the size of the biggest attack Akamai (which tracks such things via their quarterly state of the internet report) has ever recorded. Krebs was ultimately able to get his website back online after Google stepped in to provide DDoS mitigation through its Project Shield service.

  • Trump Offers More Insight On His Cybersecurity Plans: 10-Year-Old Relatives Vs. 400-lb Bedroom Dwellers

    Look, anyone who refers to cybersecurity or cyberwarfare as “the cyber” is probably better off not discussing this. But Donald Trump, in last night’s debate, felt compelled to further prove why he’s in no position to be offering guidance on technological issues. And anyone who feels compelled to portray hackers as 400-lb bedroom dwellers probably shouldn’t be opening their mouth in public at all.

    With this mindset, discussions about what “the Google” and “the Facebook” are doing about trimming back ISIS’s social media presence can’t be far behind. Trump did note that ISIS is “beating us at our game” when it comes to utilizing social media. Fair enough.

  • New, stronger crypto standard lacks backward compatibility

    The Internet Engineering Task Force is on the verge of approving a new standard for encrypted internet traffic that will make the web a safer place to shop, bank and browse — but it could also break a lot of stuff for people who don’t update their browsers. Transport Layer Security, or TLS, is an encryption protocol that works with web browsers. It’s the math, and the shared standards, that underlie the green padlock users see — the symbol which gives users the confidence that they are connected to the right site and is private enough to share personal or financial data. TLS supersedes SSL, or Secure Sockets Layer — a protocol dating back to 1995 that has proven to be thoroughly broken. But the latest TLS version was finalized in 2008 and in recent years has been the subject of many high profile attacks and newly discovered bugs.

• Defence/Aggression

  • Duterte ‘about to cross the Rubicon’ with US, wants alliances with Russia & China

    Philippines President Rodrigo Duterte has reiterated his intention to distance his country from the US, its former colonial master, saying he is about to pass “the point of no return” with the US.

    “I am about to cross the Rubicon between me and the US,” the controversial Pacific leader told reporters, without elaborating.

    Duterte reiterated that the Philippines would seek closer ties with Russia and China, the two nations that challenged American ambition for global leadership. But, he added, the ties with the US would not be broken completely, only driven to a point that would allow Manila to have an independent policy.

  • Carter: Afghanistan War Supplemental Request Coming in November

    Defense Secretary Ash Carter plans to present Congress with a request for a supplemental spending measure to fund US troops in Afghanistan come November, he said Monday.

    However, Carter would not give a sense of how large the monetary request may be, saying only that there is a “range” that the department’s budgetary experts are considering.

  • Jordanian writer on trial for ‘anti-Islam’ cartoon shot dead outside court

    A gunman on Sunday killed prominent Jordanian writer Nahed Hattar outside a court where he was facing charges for sharing a cartoon deemed offensive to Islam, state news agency Petra reported.

    Hattar was struck by three bullets before the assailant was arrested, said Petra. Witnesses told AFP that a man had opened fire in front of the court in Amman’s Abdali district.

    The 56-year-old Christian was arrested on August 13 after posting a cartoon mocking jihadists on his Facebook account.

    He was charged with inciting sectarian strife and insulting Islam before being released on bail in early September.

  • Writer Charged With Insulting Islam Is Killed as Extremism Boils Over in Jordan

    Some of the most extreme elements in Jordan made clear in recent weeks that Nahed Hattar should pay for a provocative cartoon he posted online depicting a bearded man in bed with two women ordering God to bring him cashews and wine.

    So when Mr. Hattar, 56, a prominent writer from a Christian family, showed up at a court on Sunday to face criminal charges of insulting Islam, at least one man with a gun decided a trial was not enough. As three bullets ripped through the writer in front of the courthouse, Jordan’s simmering tensions boiled over.

  • France: What Is Hidden Behind the “Burkini Ban”

    In Sisco, Corsica, on August 13, a group of Muslim men arrived on a beach in the company of women wearing “burkinis” (full-body bathing costumes). The Muslim men firmly asked the tourists on the beach to leave and posted signs saying “No Entry”. When a few teenagers resisted, the Muslim men responded with a harpoon and baseball bats. The police intervened — but it was just the beginning.

    In the following days, on beaches all over France, Muslim men showed up, accompanied by women in burkinis, and asking beachgoers to leave. Tourists packed up and fled. Several mayors of seaside resorts decided to ban the bathing costume, and the “burkini ban” scandal was born.

    Some politicians said that banning the burkini “stigmatized” Muslims and infringed on their “human rights” to wear whatever they liked. Other politicians, including Prime Minister Manuel Valls and former President Nicolas Sarkozy, called the burkini a “provocation”, and asked for a law to ban it. The Council of State, the highest legal institution, eventually declared that banning the burkini was against the law; the ban was lifted.

    What is important to explain is what lies behind the “burkini ban.”

    Thirty years ago, France was a country where Islam was present but where Islamic demands were virtually absent and Islamic veils were rare.

    Then, in September, 1989, in a northern suburb of Paris, three female students decided to attend high school with their heads covered by a scarf. When the dean refused, the parents, with the support of newly created Muslim associations, filed a complaint. The parents won.

  • One dead and three injured in Malmo shooting as bomb found outside primary school

    Witnesses reported hearing 20 gunshots fired in bursts of three during a football derby at around 7pm local time between Malmö FF and Helsingborgs IF on Sunday.

    One eyewitness claimed the shots were fired by people in an Audi which drove off at high speed.

    Police found shell casings at the scene in Censorgatan and say the suspects may have escaped by moped – four people were injured, including one who was shot in the head.

  • Liberals’ MP hit by hate messages

  • India Says Pakistan Believes Terror Will Bring Territory

    Pakistan continues to believe terrorist attacks will allow it to obtain territory it covets in Jammu and Kashmir, India’s foreign minister said Monday.

    In her speech before the U.N. General Assembly, Sushma Swaraj also rejected accusations made by Pakistan’s prime minister from the same podium last week that India violates human rights, calling them “baseless.”

    She said India has a man in custody “whose confession is a living proof of Pakistan’s complicity in cross-border terror. But when confronted with such evidence, Pakistan remains in denial.”

    “It persists in the belief that such attacks will enable it to obtain the territory it covets,” Swaraj said. “My firm advice to Pakistan is: abandon this dream. Let me state unequivocally that Jammu and Kashmir is an integral part of India and will always remain so.”

  • Pakistani journalist suing US for killing his son, brother in drone attack

    A Pakistani journalist has sued the United States government in Pakistani courts alleging that the Central Intelligence Agency (CIA) had killed his brother and a son in a drone strike in the tribal region of the country in 2009.

    According to Karim Khan, his brother and the son were innocent and had no terror links at all. His brother Asif Iqbal had Masters degree in Modern Languages and was a teacher at a local school. The 16-year-old son, Zahinullah, was a student of grade 10.

    In an interview with Al Jazeera, Khan vowed to pursue the case against the CIA and the US government. “We would show their tyrannous face to the whole world…that’s all. They cannot bring back my brother or my son…but I will fight against them as far as I can,” he said.

    Since 2004, the Central Intelligence Agency has conducted over 400 drone attacks in Pakistan, killing about 3,000 people. The London-based Bureau of Investigative Journalism claims that at least 966 civilians, including 207 children were also among those killed by the drones.

• Environment/Energy/Wildlife/Nature

  • Evolution of global temperature over the past two million years

    Reconstructions of Earth’s past climate strongly influence our understanding of the dynamics and sensitivity of the climate system. Yet global temperature has been reconstructed for only a few isolated windows of time, and continuous reconstructions across glacial cycles remain elusive. Here I present a spatially weighted proxy reconstruction of global temperature over the past 2 million years estimated from a multi-proxy database of over 20,000 sea surface temperature point reconstructions. Global temperature gradually cooled until roughly 1.2 million years ago and cooling then stalled until the present. The cooling trend probably stalled before the beginning of the mid-Pleistocene transition3, and pre-dated the increase in the maximum size of ice sheets around 0.9 million years ago. Thus, global cooling may have been a pre-condition for, but probably is not the sole causal mechanism of, the shift to quasi-100,000-year glacial cycles at the mid-Pleistocene transition. Over the past 800,000 years, polar amplification (the amplification of temperature change at the poles relative to global temperature change) has been stable over time, and global temperature and atmospheric greenhouse gas concentrations have been closely coupled across glacial cycles. A comparison of the new temperature reconstruction with radiative forcing from greenhouse gases estimates an Earth system sensitivity of 9 degrees Celsius (range 7 to 13 degrees Celsius, 95 per cent credible interval) change in global average surface temperature per doubling of atmospheric carbon dioxide over millennium timescales. This result suggests that stabilization at today’s greenhouse gas levels may already commit Earth to an eventual total warming of 5 degrees Celsius (range 3 to 7 degrees Celsius, 95 per cent credible interval) over the next few millennia as ice sheets, vegetation and atmospheric dust continue to respond to global warming.

  • Singaporeans are choking on smoke floating over from Indonesia – here’s why this is happening

    Every year, forest fires from Indonesia choke a swathe of Southeast Asia with a smoky haze for weeks. This phenomenon harms the planet and angers neighbors. It is also a health hazard.

    So what is fueling this? The world’s desire for palm oil.

    The edible oil is used in cookies, noodles and other packaged foods as well as soaps, shampoos, lipsticks and many other consumer goods.

    Farmers in Indonesia, the world’s biggest supplier of the commodity, often illegally burn the world’s oldest rainforest or use fire to clear old oil palms on existing plantations, and the smoke from the flames drifts across Singapore and Malaysia.

• Finance

  • Dingell seeks transparency in trade deal negotiations

    Automakers such as Ford Motor Co. and Fiat Chrysler oppose the deal, in part because it doesn’t go far enough in addressing currency manipulation by other nations. Michigan lawmakers have suggested the state has lost tens of thousands of jobs in part because of currency manipulation by China, Japan and other countries.

    The office of U.S. Trade Representative Michael Froman declined to comment on Dingell’s bill.

    Froman’s office has highlighted its transparency efforts regarding TPP, including the publication of detailed summaries of U.S. objectives in negotiating the agreement; the solicitation of public input on negotiating priorities; and the holding of public hearings to gather input on the negotiations.

  • TTIP: Negotiations ‘in the void’

    Negotiations on the Transatlantic Trade and Investment Partnership (TTIP) are forging ahead, despite opposition from a number of countries. And the American elections are almost certain to compromise the deal. EurActiv France reports.

    Despite attempts by citizens and several governments to derail TTIP, EU member states have confirmed their aim of finalising the free trade deal with Canada (CETA) and pushing ahead with talks with the United States, despite the approaching elections.

  • Ministers aim to wrap up services trade deal in early December

    Countries negotiating an international agreement on trade in services plan to meet in early December to try to finalize the deal, U.S. Ambassador to the World Trade Organization Michael Punke told reporters on Monday.

    The Trade in Services Agreement (TiSA), which would provide stronger international rules for sectors such as communications and banking, is being negotiated among 23 WTO members, including the 28-country European Union, that account for 70 percent of global services trade.

    “The TiSA ambassadors met today and agreed to a ministers’ meeting on Dec. 5 and 6 in Geneva to conclude TiSA,” Punke said, adding: “Establishing 21st century trade rules for services, for 70 percent of the globe’s services economy, is a big deal.”

• AstroTurf/Lobbying/Politics

  • Asymmetry between the major parties fries the circuits of the mainstream press

    On the eve of the first debate between Donald Trump and Hillary Clinton, I thought I would write down some of the precepts and maxims I have used to understand press behavior during this long and startling campaign season. If I have done this right, you should be able to test the usefulness of my list in the final six weeks of the U.S. election. (And during coverage of the debates!)

    A word on how I came up with this list. I’ve been a close reader and critic of campaign coverage American-style since 1988. That’s eight “cycles,” as people in the industry say. After I started PressThink in 2003, I could write about the gatekeepers without their permission — hurray for blogging! — and so my pace increased during the 2004, 2008, and 2012 elections. This year I have done a little less at my blog (eight pieces since May 2015, plus one for the Washington Post) and put more into the real time conversation on Twitter, which includes most of the people doing campaign coverage, as well as the heaviest users of it.

  • Fact Check: Has Trump declared bankruptcy four or six times?

    Trump’s companies have filed for Chapter 11 bankruptcy protection, which means a company can remain in business while wiping away many of its debts. The bankruptcy court ultimately approves a corporate budget and a plan to repay remaining debts; often shareholders lose much of their equity.

    Trump’s Taj Mahal opened in April 1990 in Atlantic City, but six months later, “defaulted on interest payments to bondholders as his finances went into a tailspin,” The Washington Post’s Robert O’Harrow found. In July 1991, Trump’s Taj Mahal filed for bankruptcy. He could not keep up with debts on two other Atlantic City casinos, and those two properties declared bankruptcy in 1992. A fourth property, the Plaza Hotel in New York, declared bankruptcy in 1992 after amassing debt.

    PolitiFact uncovered two more bankruptcies filed after 1992, totaling six. Trump Hotels and Casinos Resorts filed for bankruptcy again in 2004, after accruing about $1.8 billion in debt. Trump Entertainment Resorts also declared bankruptcy in 2009, after being hit hard during the 2008 recession.

  • 24 Arrested Outside Hofstra University While Demanding An Open Presidential Debate

    Hundreds protested the exclusion of alternative ideas and candidates from the first presidential debate

  • Colin Kaepernick: ‘Embarrassing’ that Donald Trump, Hillary Clinton are candidates

    Colin Kaepernick watched “a little bit” of Monday’s presidential debate, and he didn’t come away impressed with either candidate.

    [...]

    “It was embarrassing to watch that these are our two candidates,” Kaepernick told reporters Tuesday. “Both are proven liars and it almost seems like they’re trying to debate who’s less racist.

    “And at this point … you have to pick the lesser of two evils. But in the end, it’s still evil.”

• Censorship/Free Speech

  • Nude Portraits Without Nipples Challenge Sexist Censorship Policies

    Artist Sasha Frolova’s dreamlike series “Busts” was inspired by an occurrence familiar to many women online: the internet tried to police her body.

    Around a year and a half ago, Frolova took a self-portrait in the bathtub shortly after suffering a panic attack. Although the image wasn’t in any way sexual or suggestive ― to Frolova, the image was one of vulnerability and strength ― Facebook (and Instagram) censored it. Because Frolova’s nipples were visible, the platforms deemed the photo inappropriate and promptly took it down.

    After taking a hiatus from photography, Frolova wanted to address the complex network of eroticization, judgement, censorship and disempowerment women face simply for living in the bodies they were born with. The resulting images combine photography and painting to challenge social media’s loaded censorship policy, which, according to Frolova, “does not delineate pornography from anatomy.”

  • #Zuxit: 100 Facebook meme pages are going dark tomorrow to protest censorship

    Facebook could be about to get a bit less, well, dank this week – as a meme shortage strikes the network.

    From Wednesday, at least 100 of Facebook’s biggest meme artistes are going ‘on strike’ – with a three-day blackout in protest at random censorship on the platform.

    It’s called #Zuxit (and in other news, calling things -xit, seems to be the new -gate).

    Facebook has recently faced controversy over its censorship policies – including deleting a Pulitzer-prize winning Vietnam war photo for being ‘child porn’.

  • Nigerian Government Officials Abusing Cybercrime Law To Silence Critical Journalists

    There’s just something about adding the word “cyber” to “crime” that brings out the worst in legislators. A host a badly-written laws have been crafted to address everything from cyberbullying to hacking. These tend to be abused first by those in positions of power.

    Nigeria’s government recently enacted a cybercrime law which is, of course, being wielded by thin-skinned government officials to silence critics. The cyberstalking provision is the preferred attack vector, placing those targeted by unhappy government leaders at risk of being hit with a $22,000 fine and three years in prison.

  • Some content on TV needs censorship: HC

    The High Court on Tuesday said there are certain programmes and advertisements aired on television channels which need serious censorship.

  • Michael Savage is censored during LIVE show after questioning Hillary’s health. Censorship is alive and well in America

  • Michael Savage Shut Down From Radio Nationwide For Discussing Hillary Clinton Health

  • Michael Savage Cut From Airwaves For Controversial Hillary Statements

  • Was Michael Savage Censored For Discussing Hillary’s Health?

  • EXCLUSIVE – Michael Savage Reacts to Being Pulled From Radio Following Hillary Health Segment: ‘Pure Sabotage’

  • Savage Says Show Pulled For Hillary Supporters

  • Famed Talk Show Host Michael Savage Removed From Most Listened To Station In Country; Minutes Later Pulled From 400 Stations

  • Filmmakers cry hoarse over censorship

  • Change Cinematograph Act, 1952: Benegal

  • Rights to ‘cut’ a film should belong to the makers: Benegal

  • Theatre & Censorship: Challenges Playwrights Face in Maharashtra

    The biggest concern of any playwright is to find a producer who would embrace his play. But when renowned writer Premanand Gajvi finished writing his play in May 2015, little did he know that dealing with the censor board would consume most of his energy.

    He submitted the script on 5 May last year, and received a clearance only in September this year – 15 months after submission, which means nine months more than what the board can legally take.

    On 20 September, veteran actor and filmmaker Amol Palekar filed a petition in the Bombay High Court, challenging the censorship of theatre performances, conducted by the Maharashtra State Performance Scrutiny Board under various provisions of the Bombay Police Act, 1951. A procedure theatre artists have to undergo only in Maharashtra and Gujarat.

  • Banned Books Week sheds light on freedom of speech, censorship

  • ‘Stand up to censorship’ at VU read-out

  • Libraries raise awareness of Banned Books Week

  • The big bad book

    Granted, not all books that get removed from library shelves are classics. E.L. James’s softcore porn novel, “Fifty Shades of Grey,” has been on and off the ALA’s “most frequently challenged” list ever since it was published. But that’s the other problem with censorship: it doesn’t work. Most of the books on the list are bestsellers, and will probably continue to be so. Many people, especially children and teenagers, are more likely to read a book they’ve been told is “forbidden” than otherwise. And some books, like “Fifty Shades,” frankly don’t deserve that kind of attention.

• Privacy/Surveillance

  • When cyber gets physical: why we need the NSA [Ed: This shallow article (must enable JS) conflates cyberdefence with mass surveillance (which is what NSA does)]

  • Kuwait lawyers fight world’s first mandatory DNA sampling law

    Lawyers in Kuwait have issued a legal challenge to the only law in the world forcing citizens and visitors to give samples of their DNA to the government.

    The Kuwait government has said that the law is needed to combat terrorism. DNA testing is reportedly due to begin within weeks.

    When the law was passed in July last year, Adel AbdulHadi of the Kuwaiti law firm Adel AbdulHadi & Partners and his colleagues began researching and drafting their challenge to it. Their principal argument is that the law violates privacy and human rights provisions in the country’s own constitution, as well as those enshrined in international treaties to which Kuwait is a signatory.

  • Local Lawyers Challenge New Kuwaiti Law Creating Mandatory DNA Database Of All Citizens And Visitors

  • Snowden movie ‘preposterous’, says former NSA deputy director

    The former deputy director of the National Security Agency has taken issue with Oliver Stone’s biopic of one-time NSA employee Edward Snowden.

    Speaking to National Public Radio, Chris Inglis, who retired in 2014 after 28 years at the agency, said the film’s narrative “was a gross mischaracterisation of what NSA’s purposes are. And a gross exaggeration of Edward Snowden’s own particular role in that. To the point where you could come away from looking at that movie, saying, ‘Why are 50,000 people at the NSA dead wrong? And one is absolutely correct?’”

    An NSA deputy director does feature in the film, played by Patrick Joseph Byrnes, and commissions Snowden to lead an important project in Hawaii.

  • Military pressing for broader surveillance mandate

    New legislation is being prepared at the Ministry of Defense for inclusion in a broader package of laws aimed at upgrading surveillance by security officials that would include the possibility of monitoring data carried by cables crossing the country.

    At present, Finland does not have a law providing the military with a mandate to carry out these kinds of intelligence operations. The new legislation in the works will include this, and spell out oversight of intelligence gathering and the division of duties among various officials and agencies.

    The Finnish military has a signals intelligence unit known as the Finnish Intelligence Research Establishment which organizationally falls under the Air Force.

    The head of Finnish military intelligence services, Major General Harri Ohra-aho told Yle that operations are not only concerned with information gathering about the military picture in the region, but also with assessing social developments.

    “We don’t count tanks, rather create a broad analysis of the situation in our vicinity. Technological advances are changing the security environment,” said Ohra-aho.

  • Swiss endorse new surveillance powers

    Swiss voters have given a strong approval to a law on new surveillance powers for the intelligence agencies.

    The new law would allow the authorities to tap phones, snoop on email and deploy hidden cameras and bugs.

    It would help Switzerland catch up with other countries, supporters say.

    Opponents have feared it could erode civil liberties and put Swiss neutrality at risk by requiring closer co-operation with foreign intelligence agencies.

    Some 65.5% of voters agreed to accept the proposal. It will allow the Federal Intelligence Service and other agencies to put suspects under electronic surveillance if authorised by a court, the defence ministry and the cabinet.

  • Microsoft goes AI crazy: Now Office 365 can track what you really get up to in meetings

    At its annual Ignite conference this week in Atlanta, GA, Microsoft is showing off new AI features across its core products for the enterprise. According to CEO Satya Nadella, this AI-everywhere strategy amounts to Microsoft “democratizing AI” for everyone to solve the world’s most pressing challenges.

    “To do this, we’re infusing intelligence into everything we deliver, from the agent to applications, services and infrastructure,” said Nadella.

• Civil Rights/Policing

  • A New Intelligence Award for “Reporting Wrongdoing” [Ed: this is a trap]

    Professional integrity may be welcome everywhere, but “speaking truth to power” is rarely welcomed by “power.” Often it is not even acknowledged as “truth.” (Apparently, the IC envisions itself here as the domain of truth, and not of power. Or will those who challenge the IC leadership itself be eligible for the new award?) Meanwhile, “reporting wrongdoing” often seems to end badly for the reporter, as the frequency of whistleblower reprisal claims indicates.

  • House Intelligence Panel Gets Dozens of Whistleblower Complaints Every Year

    Critics of leakers have often argued that whistleblowers have legitimate channels through which they can report their grievances, but in the murky world of intelligence, it’s hard to know how many complaints are filed, and what, if anything, happens as a result. Now, the House Permanent Select Committee on Intelligence says it sees “dozens” of such complaints every year.

    The committee will not disclose details on individual cases, however.

    “We receive whistleblower-type complaints both through the [Intelligence Community inspector general] — which includes complaints filed through the Intelligence Community Whistleblower Protection Act — and via individuals who approach the committee directly,” said Jack Langer, communications director for Committee Chair Rep. Devin Nunes, R-Calif. Those complaints number in the “dozens” each year, he added.

    The legal process for whistleblowing has been at the center of renewed debate following public disclosures made by Edward Snowden in 2013. Snowden, who worked as an NSA contractor, insists he tried to raise complaints internally, but eventually gave up on the system, for fear of reprisal or dismissal.

  • Torture and False Testimony Leaves Mexico on a Journey to Nowhere

    For many in Mexico, the disappearance of 43 young students from the Ayotzinapa teaching college two years ago remains a painful emblem of a profound national failure—the failure of the state to protect its own people. Among other things, the case highlighted collusion among drug gangs, local politicians, and police, the failure of federal authorities to carry out a credible investigation, and—glaringly—the degree to which torture remains part of the standard operating procedure of criminal investigation.

    Take the case of Patricio Reyes Landa, an alleged member of the Guerrero Unidos criminal gang. Two years ago, Mexico’s attorney general called a press conference and showed a video in which Reyes Landa and three other suspects demonstrated how they supposedly threw the students’ ashes in a river, after incinerating their bodies at a garbage dump. Now, Reyes Landa and some 90 other suspects detained during the investigation say they were tortured into making false confessions about what they did or saw.

• Internet Policy/Net Neutrality

  • Verizon Claims Nobody Wants Unlimited Data, Wouldn’t Be Profitable Anyway

    Back in 2011, Verizon and AT&T eliminated unlimited wireless data plans, instead pushing users toward share data allotments and overage fees as high as $15 per gigabyte. And while the companies did “grandfather” many of these unlimited users at the time, both companies have made at art form out of harassing or otherwise annoying these customers until they convert to costlier shared plans. And despite the fact that such overage-fee-based plans confuse the living hell out of most customers (who have no idea what a gigabyte is), both companies continue to insist that customers don’t actually want unlimited data.

• DRM

  • EFF calls on HP to disable printer ink self-destruct sequence

    HP Inc. should apologize to customers and restore the ability of printers to use third-party ink cartridges, the Electronic Frontier Foundation (EFF) said in a letter to the company’s CEO yesterday.

    HP has been sabotaging OfficeJet printers with firmware that prevents use of non-HP ink cartridges and even HP cartridges that have been refilled, forcing customers to buy more expensive ink directly from HP. The self-destruct mechanism informs customers that their ink cartridges are “damaged” and must be replaced.

  • Demand that HP make amends for its self-destructing printers [SIGN AND SHARE!]

    I’ve written an open letter to HP CEO Dion Weisler on behalf of the Electronic Frontier Foundation, asking him to make amends for his company’s bizarre decision to hide a self-destruct sequence in a printer update that went off earlier this month, breaking them so that they would no longer use third-party ink cartridges.

    The letter points out that this is bad business — and it’s also bad for security. HP printers have previously been shown to be vulnerable to malware that spreads through sneaky codes in documents you print, that can steal your private data, raid your network, and become part of website-killing botnets.

    HP hid its self-destruct sequence in a software update, making future updates — like those that patch this kind of defect — suspect, and decreasing the likelihood that HP’s customers will install them.

    Worse still: HP can use Section 1201 of the DMCA to threaten security researchers who reveal similar defects, and to attack competitors who restore full functionality to your printer.

  • Capcom Releases DRM For Street Fighter 5, Promptly Rolls It Back When It Screws Legitimate Customers

    It should be quite clear by now that DRM is a fantastic way for video game makers to keep people from playing their games. Not pirates, though. No, those folks can play games with DRM just fine, because DRM doesn’t actually keep piracy from being a thing. No, I’m talking about legitimate buyers of games, who in example after example after example suddenly find that the games they bought are unplayable thanks to DRM tools that work about as well as the American political system. And yet DRM still exists for some reason, as game makers look for some kind of holy grail piece of software that will turn every past pirate into a future dollar sign.

    This search for the perfect DRM continues, as we have just the latest story of DRM gone wrong. This story of the Street Fighter V DRM, though, is a special kind of stupid because it was put in place via a software update release, meaning that a game that worked perfectly one day was bricked the next.

• Intellectual Monopolies

  • Copyrights

    • Copyright Theft Is Grounds For Deportation, Board Says

    • Immigration Board Says You Can Be Deported For Copyright Infringement

      While we still wait to see if Kim Dotcom can be taken against his will from another country into the US for “copyright infringement” claims, apparently the DOJ has also decided that it can work the other way. The Justice Department’s Board of Immigration Appeals has said that people can be deported for copyright infringement. Apparently the law (the Immigration and Nationality Act) says that non-citizens can be deported if they commit crimes “involving moral turpitude” but had never weighed in on whether or not copyright infringement counted.

      [...]

      To be fair, this was a case of criminal copyright infringement, and not civil copyright infringement — and the board noted that because criminal copyright infringement requires the showing of “willfulness,” it suffices for the “moral turpitude” question. The person in question, Raul Zaragoza-Vaquero, had been arrested for selling 800 copied CDs to an RIAA investigator. He received 33 months in prison and had to pay $36,000… and was then told he had to leave the country.

    • EFF White Paper Hopes To Educate Cops On The Difference Between An IP Address And A Person

      Judges have pointed out to copyright trolls on multiple occasions that an IP address is not a person. Trolls still labor under this convenient misconception because they have little else in the way of “proof” of someone’s alleged infringement.

      Unfortunately, law enforcement agencies also seem to feel an IP address is a person — or at least a good indicator of where this person might be found. This assumption leads to blunders like ICE raiding a Tor exit node because it thought an IP address was some sort of unique identifier. After having IP addresses explained to it by the EFF, ICE returned the seized hard drives and promised to make the same mistake in the future.

      In another case, the Seattle PD raided a Tor exit node in search of a person downloading child porn. It didn’t find the target it was looking for, but went ahead and demanded passwords so it could search files and logs at the unfortunate citizen’s home before realizing it had the wrong person.

      The EFF is kind of sick of having to explain the difference between an IP address and a person to government entities. It has put together a white paper [PDF] that should be required reading anywhere government employees feel compelled to act on “evidence” as useless as IP addresses.

    • The EU’s Proposed Copyright Directive Is Likely To Be A Wonderful Gift — For US Internet Giants

      Even if the Copyright Directive manages to pass through the EU legislative system without any changes — which seems unlikely — Google would be in a strong position, because it already has the content ID technology in place that will allow it to comply. Although McNamee suggests that as a result Google would be “uniquely placed to license such software to European internet providers,” it’s more likely that it would keep it for its own exclusive use. However, the US company Audible Magic would doubtless be more than happy to license its widely-used content identification system as an alternative. And irrespective of whether it’s based on technology from Google or from Audible Magic, it’s hard to see how this outcome helps the European tech industry.