08.12.15
Links 12/8/2015: Docker 1.8, Kali Linux 2.0
Contents
GNU/Linux
-
Diversity enriches middle school Linux user group
The Community School of Excellence (CSE) in Saint Paul, Minnesota, provides something unique to the open source world: a Linux club based in a Hmong charter school. One could say that our club, the CSE Asian Penguins, provides a dose of diversity to the Linux community, which does not have many Hmong participants (although we keep looking for them!).
-
Desktop
-
Seven of the best Linux desktops
Choice has always been one of the best things about desktop Linux, but it can also be confusing to newcomers as they try to find the desktop environment that suits them best. Fortunately, PC World has a roundup of seven of the top Linux desktop environments that should be helpful to anyone trying to find the right one for their Linux computer.
-
More Windows 10 Experiences from Linuxland
That’s pretty much “everything you do, say, and write.” Some other tidbits from freemansperspective.com include:
* Windows now has a device encryption feature, but they keep a copy of your recovery key, stored in their (very secure, trust us) “cloud.”
* The also grab “data about the networks you connect to.” I interpret that as, “All your networks are belong to us too.”
* “[W]e will access, disclose, and preserve personal data, including your content (such as the content of your emails, other private communications, or files in private folders), when we have a good faith belief that doing so is necessary.”
-
-
Server
-
Announcing Docker 1.8: Content Trust, Toolbox, and Updates to Registry and Orchestration
You’ve been telling us that you want Docker to be more extensible and composed of smaller, standalone components. We hear you loud and clear. In June, we announced our intention to release runC as a separate piece of plumbing. With this release we’re taking another step towards that goal. The system powering image signing has been implemented as a separate piece of plumbing called Notary, and volume plugins, an experimental feature in 1.7, has now been promoted to the stable release.
-
Docker containers and the next generation of virtualization
This year, LinuxCon and ContainerCon attendees will have the opportunity to hear Jerome Petazzoni speak on Docker, Containers & Security: State Of Union. Jerome works at Docker Inc., where he helps others to containerize all the things. Jerome has worked in miscellaneous technical fields, including VOIP, embedded systems, web hosting, virtualization and cloud computing.
[...]
From a high-level point of view, containers look like lightweight virtual machines. You can install whatever you want in a container, independently from (and without affecting!) other containers or the host environment. Each container has its own network stack, process (PID) space, file system, etc. And their footprint is significantly smaller than VMs: containers start faster, and they require less memory and disk space. This is because from a low-level point of view, containers are just regular processes on the host machine, using kernel features like namespaces and control groups to provide the isolation. Starting a container is just starting a regular UNIX process; creating a container is just cloning a snapshot of a copy-on-write filesystem (which is extremely cheap nowadays, both in time and disk usage).
-
-
Kernel Space
-
Dronecode Foundation keeps drone tech open
Founding Dronecode members include 3D Robotics, Baidu, Box, DroneDeploy, Intel, jDrones, Laser Navigation, Qualcomm, SkyWard, Squadrone System, Walkera, and Yuneec. Dronecode includes the APM/ArduPilot UAV software platform and associated code, which until last year was hosted by 3D Robotics, a world leader in advanced UAV autopilot and autonomous vehicle control. Today the project coordinates and prioritizes funding for five other initiatives with backing from 28 member organizations all committed to collaborating on a de facto standard platform for consumer and commercial drone/robotics open projects.
-
Facebook Just Poached Another Well Known Linux Kernel Engineer
-
Moving on from Akamai.
Today was my last day at Akamai. It’s been brief (Just over seven months), but things weren’t really working out for me there for a number of reasons. I’ve mentioned to a number of people who have known about my decision for a while, that it’s not that it’s a bad place to work, but it never felt like a good fit for me, and I came to realize that I’ve spent most of this last year being in denial of just how unhappy I was, in the hope “things would get better”.
-
Graphics Stack
-
NVIDIA Releases Linux Graphics Debugger For OpenGL 4.2~4.5
NVIDIA announced from SIGGRAPH the release of this NVIDIA Linux Graphics Debugger to profile, optimize, and debug OpenGL 4.2/4.3/4.4/4.5 applications. There’s realtime viewing of draw calls, examining the GPU pipeline state, and identifying performance bottlenecks and GPU utilization.
-
NVIDIA GeForce GTX 980 Ti: Simply The Best For Linux Gamers
The GeForce GTX 980 Ti was launched earlier this summer and then towards the end of July the review sample had finally arrived. The GeForce GTX 980 Ti is a upgrade over the original GeForce GTX 980 that launched last September. The GTX 980 Ti has 6GB of GDDR5 video memory versus 4GB with the original GTX 980, 2816 CUDA cores versus 2048, 384-bit memory bus rather than 256-bit, 176 texture units versus 128, and 96 ROP units versus 64.
-
OpenGL 4.2 Is Now Complete In Core Mesa!
-
-
-
Applications
-
Kartesio 1.0: free best fitting for science labs is now stable
Kartesio is not based on KDElibs anymore. I made this choice basically for two reasons: the main one is that I wanted Kartesio to run easily also on Windows, and KDElibs building is way too much complex for my taste. The second reason is that KDE developers seemed not particularly interested in Kartesio: maybe that’s because this program is designed for science laboratories (in high schools and universities, for example) and this is a way too limited set of users for KDE Edu. Obiously, it’s still a program meant to be used on KDE when possible (I’m using Oxigen icons to give that wonderful KDE feeling). But if you really want to use it without KDE, it’s not a problem anymore.
-
Download Torrents And YouTube Videos With FrostWire
And finally, the last major feature available in FrostWire is the ability to easily share content with your friends or between multiple devices (such as your desktop and Android device) – for how to send files from an Android device to a desktop, see THIS video. It’s important to mention that once you share a file, it’s available to everybody on the BitTorrent network so keep this in mind before using this feature.
-
Subvertion (SVN) 1.8.14 Has Been Released
As you may know, Subversion (SVN) is an open-source versioning and revision control system developed by Apache, similar to Git.
The latest version available is Subvertion (SVN) 1.8.14, which has been released a while ago, coming with changes.
-
Smuxi 1.0 (Open-Source IRC Client) Has Been Released After 10 Years of Development
As you may know, Smuxi is an open-source IRC IRC, Twitter, XMPP and JabbR client developed in GTK+3. Among others, it has support for notifications, integrated spell checking, unified nickname colors, browser mode, word completion, full keyboard control, word wrapping, clickable URLs, intentation and full screen mode.
-
Kodi 15.1 RC Isengard Media Hub Now Ready for Testing with FFmpeg 2.6.4
Kodi, a media player and entertainment hub that used to be named XBMC up until a few months ago, is preparing another major upgrade, and developers have released a Release Candidate for the 15.1 version.
-
Instructionals/Technical
-
c3video for debconf #1
-
How To Install Elasticsearch In Ubuntu 14.04
-
Ansible dynamic inventory
-
Programming the FST-01 (gnuk) with a Bus Pirate + OpenOCD
-
Making an empty RPM
-
How To Install Filezilla 3.13 RC2 On Linux Systems
-
Installing Lighttpd with PHP5 (PHP-FPM) and MySQL on Debian 8 (Jessie)
-
c3video for debconf #2
-
Vagrant and Oh-My-Vagrant on RHEL7
-
How To Install Facebook (And Others) Emoticons In Pidgin [Quick Tip]
-
Setup Local APT Repository Using Installation Media In Debian 8
-
-
Games
-
Making the Switch to Open Source Gaming
There was a time years ago when Linux and gaming weren’t fit to be in the same sentence. I first made the jump to Linux around the late ’90s with a copy of Doom II. There were glitches at times: the occasional crash, loss of sound and lack of some features. The flaws of the Linux version in contrast to its Windows counterpart turned me away from Linux gaming at first.
-
GOG Have Supported Linux For Just Over A Year, Announce New Linux Installer System
GOG have officially supported Linux for just over a year, and to mark the occasion they have worked out new official installers for all their Linux games.
-
Planetary Annihilation Massive Update Released, Please Welcome Asteroids
-
-
-
Desktop Environments/WMs
-
Freedom of choice: 7 top Linux desktop environments compared
Linux is all about choice, and choosing a distribution is only the first step. Linux distros usually have a default desktop environment, but there are a slew of desktop environments available to use. Heck, Ubuntu alone offers nine official alternate “flavors” with different desktop configurations.
-
K Desktop Environment/KDE SC/Qt
-
Plasma 5.4 Beta Adds Shine
This release of Plasma brings many nice touches for our users such as much improved high DPI support, KRunner auto-completion and many new beautiful Breeze icons. It also lays the ground for the future with a tech preview of Wayland session available. We’re shipping a few new components such as an Audio Volume Plasma Widget, monitor calibration tool and the User Manager tool comes out beta.
-
KDE: SHOULD WE TARGET EGL AS THE DEFAULT?
When we started the compositing work in KWin the only way to initialize an OpenGL context was by using GLX. In fact GLX is even part of the OpenGL library on Linux. Being an X11 window manager and an X11 compositor it was not a big problem.
-
AppStream Support Moving Along For Kubuntu/Debian
Work is underway on getting AppStream to work for Kubuntu and is stepping closer to having full AppStream support in Debian.
AppStream is the FreeDesktop.org specification for sharing of meta-data for application installers / packages between distributions. AppStream is handled well by GNOME / GNOME Software and is getting supported well by a number of different Linux distributions. Kubuntu support has been the latest focus as well as upstream Debian.
-
KDE Plasma 5.3.2 and Frameworks 5.12.0 Backported to Kubuntu 15.04
Kubuntu maintainers have put a lot of work into the project and have managed to backport Plasma 5.3.2 and Frameworks 5.12.0 for the latest Kubuntu 15.04 version of the operating system.
-
AppStream/DEP-11 for everyone! (beta!)
-
digiKam at Randa Meeting 2015
The Randa Meetings will benefit everyone who uses KDE software. This year, digiKam team will go to Randa meeting to continue and finalize the KF5/Qt5 port.
-
KDE Ponders Defaulting To EGL Rather Than GLX
-
KDE Plasma 5.4 Beta Now Available
The beta is out today of the KDE Plasma 5.4 update, which brings new desktop features to the modern KDE desktop stack.
-
A comprehensive guide to Dolphin, a KDE file manager
Dolphin has been the default file manager for the KDE desktop since Fedora 10. Other distributions that use KDE as a desktop option also use it as their default file manager. It’s very powerful and provides some very advanced features.
-
KDE Plasma 5.4 Brings a New and Fresh Alternative Launcher
Plasma 5.4 has been revealed by the KDE Community, and the developers have made a series of very important changes and improvements that will soon land in the stable branch of the desktop.
-
-
GNOME Desktop/GTK
-
Guadec 2015 – Topic 1/5 – Owncloud and GNOME – Should we make it our UbuntuOne/OneDrive/iCloud/Google services?
I’m happy that Jan invited me to the Owncloud conference in Berlin on 28 August, and I will probably go to set the base for files integration, which is the first step and the one we already have code working, and to discuss more and settle some design for the other ideas.
-
-
-
Distributions
-
New Releases
-
The Solus Operating System to Arrive on October 1
The Solus operating system now has a release date, and its developers have made a firm commitment to it. So, if you want to get the stable version of Solus, you’ll have to wait until October 1.
-
Kali Linux 2.0 Released
We’re still buzzing and recovering from the Black Hat and DEF CON conferences where we finished presenting our new Kali Linux Dojo, which was a blast. With the help of a few good people, the Dojo rooms were set up ready for the masses – where many generated their very own Kali 2.0 ISOs for the first time. But the excitement doesn’t end for us just yet. With the end of the cons, we now find ourselves smack in the middle of the most significant release of Kali since 2013. Today is the day that Kali 2.0 is officially released.
-
Solus Now Features Linux Kernel 4.1.5 and LibreOffice 5.0
The Solus operating system finally has a launch date, but that’s hardly the most interesting news about the project. Its developers have made a few very important improvements to the OS and a number of relevant package upgrades.
-
Kali Linux 2.0 Is Here With A Redesigned Interface, Easy Updates, And More
-
Kali Linux 2.0 Penetration Testing OS Now Based on Debian Jessie and Linux Kernel 4.0
-
-
Ballnux/SUSE
-
Second milestone expected soon
The second milestone for openSUSE’s newest distribution Leap is scheduled for release Sept. 4.
-
OpenSUSE Leap Chugging Along For Its November Release
The latest information on OpenSUSE Leap is pegging the second milestone on 4 September followed by the beta on 24 September. The freeze is 20 September. The official Leap release is being planned for 4 November at SUSECon Amsterdam.
-
-
Red Hat Family
-
Red Hat to launch DevOps training services
Red Hat is preparing to launch new training services focussed on helping organisations develop DevOps capabilities, according to the company’s director, consulting and training, for Australia and New Zealand
-
Red Hat pays tidy sum to add Deutsche Bank CIO to board
Just after the markets closed Monday, Red Hat (NYSE: RHT) disclosed that it had added Deutsche Bank Chief Information Officer Kim Hammonds to its board of directors.
And she receives a compensation package that includes $550,000 in stock plus cash or stock totaling $92,500 a year.
-
An internship that harnesses the power of community
Little did I know that the openness of the Red Hat employees I met on this journey hinted at the cultural experience I would have throughout my internship at the company. My team welcomed me into the group and asked my opinion of possible assignments so they could play to my interests and strengths while giving me opportunities to learn and add value to the team. From the start, my team encouraged me to offer my ideas and to take on tasks I saw needed to be handled. Overall, I’ve really been blown away by the environment, which was so different than what I’ve experienced with previous employers.
-
Zacks Short Term Rating on Red Hat, Inc. (NYSE:RHT)
-
Red Hat, Inc. (NYSE:RHT) Ratings Update
Wall Street analysts polled by Zacks Research have given Red Hat, Inc. (NYSE:RHT) a rating of 1.5 on a consensus basis. Using a simplified scale where 1 is a Strong Buy and 5 a Strong Sell, this is the average number of the 16 brokerages surveyed. The stock had a rating of 1.5 when analyst ratings were averaged three months ago.
-
Red Hat Satellite 6.1 finally arrives
Red Hat Satellite 6.1 is Red Hat’s systems management solution for managing Red Hat servers and services. It’s not been that long since Red Hat Satellite 6.0 appeared — in September 2014. But, Red Hat’s push into the cloud, DevOps, and containers combined to make the need for an update urgent.
-
Keeping your system secure with SELinux
Few things in the Linux world evoke a strong reaction like SELinux, the security enhancement for Linux. At LinuxCon, Susan Lauber hopes to soften that response and show people the light. In her talk, SELinux—it’s all about the labels, Lauber will teach SELinux basics and describe why it’s a must-run on your systems.
-
Red Hat Satellite 6.1 Upgrades Systems Management to Allow Users to Embrace Container-Based Deployment Strategies
-
Short Interest Update on Red Hat, Inc. (NYSE:RHT)
-
Fedora
-
DNF 1.1.0 and DNF-PLUGINS-CORE 0.1.10 Released
Another crucial release of DNF is out with a lot of new features and over 20 bug fixes.
Basic control mechanism for weak dependencies was added. Now you are able to query for all weak dependencies forward and backward way in repoquery and allow/disallow installing weak dependencies through `install_weak_deps` DNF configuration option.
-
Fedora 23 Alpha Arrives with Devel Version of GNOME 3.18
The Fedora Project has just announced that the first Alpha release of Fedora 23 is here, and it’s ready for testing. The new version has landed right on time, which is something new for the project.
-
The State of Fedora: 2015 Edition
Fedora’s third Flock conference kicked off Wednesday morning with a keynote by Matthew Miller, the Fedora Project Leader (FPL). How’s Fedora doing? Says Miller, “The actual state of Fedora is awesome, we’re doing very well as a project and it’s thanks to all of you.”
Miller says that the project is doing very well, and brought out some stats to prove it – with the caveat that stats can be misinterpreted and “dangerous” if used wrong. After a period of “disconcerting down releases” the Yum connection stats for Fedora 21 and 22 are showing that those releases are back up to the same levels as Fedora 14. Miller also walked through a number of other stats on downloads, and which releases are in use currently.
-
Fedora 23 Alpha released!
-
Announcing the release of Fedora 23 Alpha!
-
Fedora 23 Alpha Released
-
-
-
Debian Family
-
Derivatives
-
Tails 1.5 is out
There are numerous other changes that might not be apparent in the daily operation of a typical user. Technical details of all the changes are listed in the Changelog.
-
Tails 1.5 OS Gets Tor Browser 5.0
Tails, a live system that aims to preserve your privacy and that helps you use the Internet anonymously, has been upgraded to version 1.5 and is now ready for download and testing.
-
Canonical/Ubuntu
-
Ubuntu One file syncing code Open Sourced
Today, we’re happy to be open sourcing the biggest piece of our Ubuntu One file syncing service.
The code we’re releasing is the server side of what desktop clients connected to when syncing local or remote changes.
-
Ubuntu’s shuttered cloud storage system now open source
-
Canonical Releases Source Code for Former Ubuntu One Online Storage Service
-
Canonical Releases Ubuntu One File Syncing Code
-
Canonical Has Open-Sourced Ubuntu One
-
Canonical’s Ubuntu Phones Now On Sale Globally
-
Ubuntu Touch OTA-6 to Land in Two Weeks
Canonical continues to make improvements to Ubuntu Touch, and a new OTA (over the air) update is in the works. If everything goes well, it should be here in the next couple of weeks.
-
Ubuntu Developers Want To Make It Easier To Run The Latest NVIDIA Drivers
Jorge Castro of Canonical has started coordinating some work around providing newer upstream NVIDIA proprietary graphics drivers for users, primarily Ubuntu gamers.
After being dissatisfied with the performance of the NVIDIA Linux driver as currently packaged on Ubuntu 14.04 LTS, he resorted to using PPAs for getting the newer NVIDIA Linux driver. He’s looking to build on that and to do a better job of testing and making available the newer binary blobs.
-
Ubuntu Phone finally goes global
-
Ubuntu Developers Looking To Simplify Getting Latest Nvidia Graphics Drivers
I had a nice email from Jorge Castro of Canonical today, and it seems they are looking at ways for Ubuntu users to get newer Nvidia graphics drivers in an easier fashion.
Currently, if you want to get newer drivers you need to either download them directly from Nvidia, which can get messy and confusing. Or even more annoying is to find a random PPA with more up to date drivers, neither is a very nice option, and it could be made a lot easier for the end user.
-
Ubuntu Devs Finally Thinking of How to Offer Latest Nvidia Drivers
Ubuntu developers are finally considering making some sort of changes that would allow users of their operating system – especially Nvidia fans – to get access to the latest drivers.
-
Firefox 40 Arrives in All Supported Ubuntu OSes in Record Time
Canonical has just announced that Firefox 40.0 is now available in the official repositories for Ubuntu 15.04. Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS.
-
Flavours and Variants
-
Bodhi Linux 3.1.0 Release
This release is a bigger deal for the Bodhi team than our previous update releases have been in the past. The reason for this is because this release is the first to use the Moksha Desktop which we have forked from E17. Because it is built on the rock solid foundation that E17 provides, even this first release of the Moksha Desktop is stable and is something I feel comfortable using in a production environment.
-
-
-
-
-
-
Devices/Embedded
-
Mycroft Raspberry Pi Open Source Artificial Intelligence System (video)
Joshua Montgomery has this week launched Mycroft a Raspberry Pi open source artificial intelligence system that has been created to play media, controls lights and more.
Mycroft is powered by the Raspberry Pi 2 and Arduino platform, allowing the system to be completely open source yet support a wide variety of applications and has launched the project on Kickstarter.
-
Phones
-
Android
-
Google is launching a $50 Android
-
Cherry Mobile Unveils A New Android One Handset, The G1
Google has launched their Android One project last year, but the results were not as good as they expected. What is Android One? Well, that’s basically a program in which Google partners up with OEMs in order for them to manufacture a device which will run stock Android OS. This gives Google the control over software, and it’s also worth mentioning that these devices are extremely affordable, and available in developing markets. The first three Android One handsets were unveiled in India, and a number of additional markets followed. The latest Android One handset to launch is the i-mobile IQ II which launched in Thailand, and Lava Pixel v1 was announced at the end of last month in India.
-
Will Google’s Renewed Push for Android One Succeed in India?
-
Vulkan Status Update: Will Use Feature Sets, Android Support Incoming
-
Google Brings Vulkan To Android: Why Developers Are Excited About This
-
IBM discovers Android serialization vulnerability allows arbitrary code execution
-
Severe deserialization vulnerabilities found in Android and third-party Android SDKs
-
Android Flaw Lets Rogue Apps Hijack Phones
-
Android Stagefright Bug: How can you protect your phone?
-
Is Your Android Phone Still Safe?
-
5 common problems Android users have and how to fix them
Android smartphones and tablets are great for so many reasons. You can navigate, chat, surf, stream, bump and so much more with such ease.
-
Android 5.1.1 Lollipop N910PVPU4COG5 Update For Samsung Galaxy Note 4 Sprint Variant: How To Install It
-
August Nexus 7 Android 5.1.1 Update: 5 Things to Know
-
HTC One M8 Android M update to debut Sense 7 UI, HTC could skip past Android 5.1 Lollipop
-
Snowball for Android is like an adblocker for your notifications
-
Alphabet: what will actually change at new Google? Search, Android and YouTube to stay same, but more experiments ahead
-
Apple Wants To Hire Android Software Engineers: Here’s The Reason Why
-
iOS and Android Retain Loyal Users at Similar Rates
-
Who’s More Loyal — Android Or Apple Users?
-
Android vs. iOS: Mobile OS wars are basically over, suggests new study of smartphone switchers
About 80 percent of Android and iOS users stuck with their respective platforms when upgrading to a new phone, research from CIRP published today found. And that rate has held steady for the past two years, with Android gaining slightly on Apple’s mobile OS.
-
How to find a lost or stolen Android phone
-
Three months with the T-Mobile LG G4: Still the top Android smartphone, priced as low as new competitors
It’s now been over three months since I started using the LG G4, see my first impressions, and it has shared time with my T-Mobile SIM in the iPhone 6 Plus. With new phones launching soon it’s time to consider whether or not any other Android phone can trump the LG G4 functionality and value.
-
Android 5.1.1 Lollipop Update For Samsung Galaxy Note 4 Rolled Out
-
Five things we want from Apple Music on Android
-
Why Google CEO Sundar Pichai Is Good For Android
Google founders Sergey Brin and Larry Page dropped a bomb late Monday with their announcement of Alphabet, a new umbrella company to oversee the organization’s many different business units. Google remains Alphabet’s biggest individual business, and Page appointed rising star Sundar Pichai to run it.
This is good news for Android and other important Google products.
-
Philips Xenium I908, Xenium S309 Android Smartphones Launched in India
Philips on Tuesday launched two Android-based smartphones in India, dubbed Xenium I908 and Xenium S309, priced at Rs. 11,799 and Rs. 4,999 respectively. While both the smartphones are new in the market, the Xenium I908 has been listed on the company website since December last year.
-
Alcatel OneTouch Idol 3 an unlocked Android bargain (Review)
If you’re in the market for a new Android phone or upgrade, this, my friends, is your time. In my six years of covering Android and the mobile space I’ve never seen such incredible phones on offer, at prices that, in many cases, simply seem too low to be true.
-
Motorola Moto G Review: Great, Bargain-Priced Android Smartphone
Moto G has been a joy to test and use. It is lightweight, easy to hold and store in a pocket or purse, and performs nearly as well as many of the premium devices on the market.
Aside from a somewhat beefier processor and a higher-resolution screen, the Moto G could fool many users and experts alike. The new G operates like it is a much more expensive device.
-
Google Launches New Site To Showcase Experimental Open Source Apps For Android And Android Wear
Google launched Android Experiments today, the mobile apps counterpart to its Chrome Experiments site.
Just like with Chrome Experiments, the idea behind Android experiments is to showcase apps that use new and cutting-edge technology, aesthetics and interfaces. All of the apps in the Android Experiments Gallery will be open source so other developers can see how they were made.
-
-
-
Free Software/Open Source
-
HashPlex Exclusive Interview: Lightning Hub Open Source Release
HashPlex is a company that specializes in hosting miner services, allowing home miners access to industry standard electricity rates in order to stay competitive. While their main focus is indeed the mining aspect of Bitcoin, the people over at HashPlex understand the importance of the Bitcoin network, which is especially seen by the debut of their new open source lightning hub. I talked to Bernard Rihn, CEO and founder, as well as Jasper Hugunin, their leading Lightning Dev, over at HashPlex regarding the Lightning Network and Hubs.
-
Pixar open sources Finding Nemo… (digital content software)
-
Pixar will open-source the code for a key movie-making tool
-
Web Browsers
-
Mozilla
-
Firefox 40 for Linux Arrives with Better Video Playback and Graphics Performance
Mozilla has released Firefox 40 for the Linux platform, and it brings better scrolling, graphics, and video playback performance for this particular operating system, among many other changes.
-
‘CVE-2015-4495 and SELinux’, Or why doesn’t SELinux confine Firefox?
That is one of the most often asked questions, especially after a new CVE like CVE-2015-4495, shows up. This vulnerability in firefox allows a remote session to grab any files in your home directory. If you can read the file then firefox can read it and send it back to the website that infected your browser.
-
Firefox 40 Defaults to HTML5 Player on Linux, but There’s No 1080p
Mozilla released Firefox 40.0 yesterday, and it brought a lot of new interesting features for Linux, including a few that haven’t been publicized all that much. One of them is defaulting to the HTML5 video player in YouTube.
-
Firefox 40 is available
-
Firefox 40 brings Windows 10-friendly design and better security for Android users
-
Firefox 42 Will Disable The Support For Unsigned Extensions
As you may know, Firefox 40 has been released today, bringing fixes and new features. Starting with Firefox 41, the users will be able to deactivate the support for unsigned extensions. This features will be enabled by default on FFX42 and newer.
-
Firefox 40 Brings Off-Main-Thread Compositing For Linux
-
-
-
SaaS/Big Data
-
Microservices 101: What To Know, What To Do
One of the organizations working on platform infrastructures to support — create, test, deploy and manage — microservices architectures is the Cloud Foundry Foundation. Started in 2015, as an independent not-for-profit 501(c)6 Linux Foundation Collaborative Project, the Foundry currently consists of more than 185 incubating or active projects and is currently being used in hundreds of production environments, including many in the Global 2000. It’s in use at two of the top U.S. telco carriers, two of the world’s top three insurance companies — like AllState, Chase, JP Morgan, SwissCom and Verizon – and at least six Global 500 manufacturing companies, including GE.
-
-
Oracle/Java/LibreOffice
-
Oracle’s security chief posted a crazy ranting tirade. Then Oracle deleted it.
-
No, You Really Can’t
Writing mysteries is a lot more fun than the other type of writing I’ve been doing. Recently, I have seen a large-ish uptick in customers reverse engineering our code to attempt to find security vulnerabilities in it. [Insert big sigh here.] This is why I’ve been writing a lot of letters to customers that start with “hi, howzit, aloha” but end with “please comply with your license agreement and stop reverse engineering our code, already.”
[...]
But you know, if Oracle’s strongly-worded letters are written in Davidson’s style, I think I’d quite enjoy the entertainment value.
-
No, You Really Can’t (Mary Ann Davidson Blog)
-
Oracle security chief to customers: Stop checking our code for vulnerabilities [Updated]
Perhaps thinking that all the security researchers in the world were busy recovering from Black Hat and DEF CON and would be somehow more pliant to her earnest message, Mary Ann Davidson wrote a stern message to customers entitled “No, You Really Can’t” (here in Google’s Web cache; it’s also been reproduced on SecLists.org in the event that Oracle gets Google to remove the cached copy). Her message: stop scanning Oracle’s code for vulnerabilities or we will come after you. “I’ve been writing a lot of letters to customers that start with ‘hi, howzit, aloha’,” Davidson wrote, “but end with ‘please comply with your license agreement and stop reverse engineering our code, already.’”
-
Oracle pulls CSO’s BONKERS anti-bug bounty and infosec rant
While other IT industry heavyweights have embraced bug bounties and working with security researchers more generally, Oracle has set its face in the opposite direction in a blog post likening reverse engineering to cheating on your spouse.
Mary Ann Davidson, Oracle’s chief security officer (CSO), expressed corporate dislike from the software giant for both reverse engineers and bug bounties in a long blog post on Monday. The post was pulled on Tuesday lunchtime, but its contents remain available via the Internet Archive here.
-
Oracle to ‘sinner’ customers: Reverse engineering is a sin and we know best
Opinion: Stop sending vulnerability reports already. Oracle’s chief security officer wants to go back to writing murder mysteries.
-
-
BSD
-
OpenSSH 7.0
OpenSSH 7.0 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support. OpenSSH also includes
transitional support for the legacy SSH 1.3 and 1.5 protocols
that may be enabled at compile-time. -
OpenSSH 7.0 Released
-
-
Public Services/Government
-
Freiburg hospital pilots open source research kit
The University Hospital of the German city of Freiburg is using open source software for its ‘Cruciate Ligament Rupture Study’, aiming to involve users of smartphones and tablet PCs to share data that will help to improve treatments. The main application is built using ResearchKit, a toolbox for developing medical research software applications.
-
Adullact shares solution to access France’s e-ID services
Adullact, the platform for French civil servants working on free software, in June unveiled i-CLEFS, a solution that builds on France’s e-ID to help municipalities offer eGovernment services.
-
German Interior Ministry seeks open source expertise
Germany’s Minister of the Interior is looking for help with its partly Linux-based IT infrastructure. In July, the Bundesministerium des Innern (BMI) published a request for tender, seeking expertise in SUSE Linux Enterprise Server and prowess in the IT security monitoring using Nagios.
-
Sweden’s Halland region extends KOHA library system
The Regionbibliotek Halland (Halland regional library) in the eponymous region in Sweden is developing features for KOHA, the open source library management system, to meet the needs of Sweden’s public libraries. Halland’s regional library switched to using KOHA earlier this year.
-
-
Openness/Sharing
-
Simple, Cheap Nitrate Tester is Open Source
Too much of a good thing can be a bad thing, and nitrate pollution due to agricultural fertilizer runoff is a major problem for both lakes and coastal waters. Assessing nitrate levels commercially is an expensive process that uses proprietary instruments and toxic reagents such as cadmium. But [Joshua Pearce] has recently developed an open-source photometer for nitrate field measurement that uses an enzyme from spinach and costs a mere $65USD to build.
-
Open source curriculum at Idea Fab Labs
Recently I’ve begun volunteering at Idea Fab Labs here in Santa Cruz, with two specific goals — expanding the space to include free/open source software ethos and hacking, and helping all these awesome makers with questions and reality around the open source way.
-
Leftovers
-
The Top Questions Facing Alphabet, the New Google Conglomerate
-
Why Google is restructuring, why the name Alphabet and how it affects you
-
Google to restructure into new holding company called Alphabet
-
Google and Alphabet: What does this all mean?
-
Google shares leap as investors welcome new era of transparency
-
Eileen Burbidge: Why I got fired by Skype
-
Science
-
For 40 years, computer scientists looked for a solution that doesn’t exist
For 40 years, computer scientists have tried in vain to find a faster way to do an important calculation known as “edit distance.”
-
-
Security
-
Researchers reveal electronic car lock hack after 2-year injunction by Volkswagen
In 2012, researchers at Radboud University in the Netherlands discovered a security flaw in a common automotive security chip used in theft prevention by Volkswagen, Audi, Fiat, Honda, and Volvo vehicles. But after they disclosed their results to the auto manufacturers—a full nine months before they planned to publish them—the automakers sued to keep them quiet.
-
How texting a Corvette could stop it in its tracks
As if recent research on car hacking wasn’t frightening enough, a new study shows yet another danger to increasingly networked vehicles.
This time around, academics with the University of California analyzed small, third-party devices that are sometimes plugged into a car’s dashboard, known as telematic control units (TCUs).
Insurance companies issue the devices to monitor driving metrics in order to meter polices. Other uses include fleet management, automatic crash reporting and tracking stolen vehicles.
-
BlackBerry can’t catch a break: Now it’s fending off Jeep hacking claims
BlackBerry has denied rumors that its software might have played a role in the infamous “Jeep hack,” saying it’s “unequivocally” not true.
In July, security researchers revealed that certain cars built by Fiat Chrysler were vulnerable to potentially life-threatening remote attacks, thanks to a flaw in the automaker’s uConnect in-vehicle infotainment system.
The underlying operating system that powers uConnect is QNX Neutrino, a real-time OS that’s made by a BlackBerry subsidiary. On Friday, investment website Seeking Alpha published an editorial questioning whether some kind of flaw in QNX might be implicated in the Jeep hack.
-
Intel left a fascinating security flaw in its chips for 16 years – here’s how to exploit it
A design flaw in Intel’s processors can be exploited to install malware beneath operating systems and antivirus – making it tough to detect and remove.
“It’s a forgotten patch to a forgotten problem, but opens up an incredible vulnerability,” said Christopher Domas, a security researcher with the Battelle Memorial Institute, who revealed the hardware bug at the Black Hat conference in Vegas last week.
-
Security updates for Tuesday
-
Security advisories for Wednesday
-
Tokenless Keystone
One time paswords (OTPs) in conjunction with Basic Auth or some other way to curry the data to the server provides an interesting alternative. In theory, the user could pass the OTP along at the start of the request, the Horizon server would be responsible for timestamping it, and the password could then be used for the duration. This seems impractical, as we are essentially generating a new bearer token. For all-in-one deployments they would work as well as Basic-Auth.
-
-
Defence/Police/Secrecy/Aggression
-
Four Demonstrably False Claims About The Iran Deal That Are Showing Up On The Opinion Pages
Conservative opposition to the internationally-negotiated deal to limit Iran’s ability to obtain a nuclear weapon has been the subject of numerous editorials and op-eds in U.S. newspapers that have pushed false information about the agreement and warned that it compromises U.S. and Israeli security, despite widespread praise from nuclear arms control experts who say the deal is “excellent compared to where we are today.”
-
The U.S.-Russia “phony war”: How Washington warmongers could bring us from stalemate to catastrophe
The Ukraine crisis and the attendant confrontation with Russia assume a “phony war” feel these days. As in the perversely calm months between the German invasion of Poland in September 1939 and the Blitzkrieg into the Low Countries the following spring, nothing much seems to be happening.
No one took comfort then—a fog of anxiety suffused everything—and no one should now. One almost prefers it when Washington politicians and other temporarily important people are out there grandstanding and warmongering. At least part of what is occurring is visible, even as the whole never is. Now one sees almost nothing, and we get an idea of what the historians mean when they describe the queasiness abroad during the phony war period.
A formidable file of political, diplomatic and military reports has accumulated by drips and drops of late, and it strongly suggests one of two things: Either we are on the near side of open conflict between two great powers, accidental or purposeful and probably but not necessarily on Ukrainian soil, or we are in for a re-rendering of the Cold War that will endure as long as the original.
One cannot look forward to either, the former being dangerous and the latter dreary. But it has to be one or the other, barring the unlikely possibility that Washington is forced to accept a settlement that federalizes Ukraine, as Europe and Moscow assert is sensible.
It is hard to say when this thought came to me, but it has to be since Secretary of State Kerry’s May meeting in Sochi with President Putin and Sergei Lavrov, his foreign minister. That session seemed to mark a dramatic turn toward sense at the time and won much applause, including here. But things have deteriorated ever since.
[...]
A few days ago came news that American soldiers are to begin training the Ukrainian army this autumn. Given the Pentagon has been training the Ukrainian national guard since April, it is not too much to say Americans have assumed de facto control of the Ukrainian defense apparatus. And no wonder, given the well-known problems of corruption and incompetence in Ukraine’s military and a lack of will among troops when ordered to shoot their own countrymen.
This is the new micro picture. In the course of a few months, Pentagon and State have re-upped their effort to encourage the Poroshenko government to resolve its crisis with rebellious citizens in the east of Ukraine on the battlefield—foursquare in opposition to Franco-German efforts to fashion a negotiated settlement in concert with Moscow. Washington thus fights two fronts in the Ukraine crisis, a point not to be missed.
-
How Google Is Helping In The Fight Against ISIS
These Google Earth exchanges began when Y.P.G. fighters sent their coordinates to the U.S. military so they could receive supplies, according to Callimachi’s account. That then evolved into airstrike coordination, which has allowed the group to force ISIS out of multiple Syrian locations including Kobani, Tal Abyad, and Hasaka.
-
Is Lockheed Martin too big to fail?
Lockheed has made itself dominant on Capitol Hill – with defense jobs in virtually every state.
-
-
Transparency Reporting
-
Julian Assange: Sex assault claims may never be investigated due to Swedish statute of limitations
Three of the four allegations of sexual assault against Wikileaks founder Julian Assange may never be investigated as the time limit required to do so will expire in seven days.
Mr Assange, whose Wikileaks website published thousands of US military and diplomatic documents in 2010, has been living in the Ecuadorian embassy in London since 2012.
-
‘Top Secret’ emails found as Clinton probe expands to key aides
As pressure builds on Hillary Clinton to explain her official use of personal email while serving as secretary of state, she faced new complications Tuesday. It was disclosed her top aides are being drawn into a burgeoning federal inquiry and that two emails on her private account have been classified as “Top Secret.”
The inspector general for the Intelligence Community notified senior members of Congress that two of four classified emails discovered on the server Clinton maintained at her New York home contained material deemed to be in one of the highest security classifications – more sensitive than previously known.
-
-
Environment/Energy/Wildlife
-
Op-ed: How Can Engineers Heed Pope Francis’ Challenge on Climate Change?
The engineering deans of Catholic colleges and universities have been meeting annually for the past three years to discuss issues, challenges and trends unique to engineering education in Catholic institutions. As a group of STEM leaders across the country, we use our collective voice to publicly address matters that impact engineering education, or matters in which engineering education may have an impact. As such, our 22-member group feels called to respond to Pope Francis’ “Laudato Si’” encyclical on the environment and human ecology.
-
-
Finance
-
Google’s Alphabet restructure could get boost from Delaware tax loophole
Google’s Street View cameras have photographed locations across the world, allowing armchair tourists a view of anything from the Tower of London to Tiananmen Square. But one address is notable by its absence. The office building at 2711 Centerville Road in Wilmington, Delaware, a small town just south of Philadelphia, has not been captured by the Street View cameras. And yet this is the official address of Google Inc, the holding company of one of the world’s most successful software groups.
-
Fox Hypes Cherry-Picked Data To Attack Seattle Minimum Wage
Fox News is hyping a report from the conservative American Enterprise Institute (AEI) blaming a marginal decline in restaurant employment in the Seattle-Tacoma-Bellevue metropolitan area on Seattle’s recently-increased minimum wage. The think tank and right-wing media outlet both overstated the significance of a roughly 1 percent change in restaurant employment and focused on apparent job losses in one month while ignoring job gains the following month.
-
A $480 Million Mystery: The Saga of Mt. Gox
It is now over a week since Mark Karpelès was arrested in Japan and one-time Mt. Gox quasi-interim CEO Ashley Barr-alias-Adam Turner held a searing reddit AMA session . The Mt. Gox debacle is taking on some nuance, and the revelations about Karpelès’ bizarre personality might make a halfway decent movie some day, a sort of Wolf of Shibuya with an infusion of 4chanian absurdity: anime, cats, lattes, craven flouting of fiduciary duties and the occasional samurai LARP (Live Action Role Play) .
-
-
Politics/PR/AstroTurf/Lobbying
-
Lawrence Lessig wants to run for president — in a most unconventional way
Presidential candidates usually don’t run on promises to vacate the White House once they get in office, but that’s what Lawrence Lessig said he might do as he begins exploring a protest bid for the 2016 Democratic nomination.
-
Lawrence Lessig exploring US presidency bid as a Democrat
Lawrence Lessig, the Harvard professor and cofounder of Creative Commons, announced Tuesday that he is exploring a run for the US presidency as a Democrat. He’s crowdsourcing the campaign, too. “Please give whatever you can,” he said. He wants to raise $1 million by Labor Day.
-
Larry Lessig Goes Even Bigger: May Run For President On The Single Issue Of Money In Politics
-
Why I Want to Run
Today I announced the formation of a committee to explore my entering the Democratic Primary for President. By Labor Day, I will decide whether a run makes sense.
-
NPR’s David Folkenflik Cites Media Matters Study To Show How Fox News Has Boosted Trump
-
-
Censorship
-
Google, Facebook and Twitter Protest Hollywood’s ‘SOPA Resurrection’
A broad coalition of global tech firms including Google, Facebook, Twitter, Tumblr and Yahoo are protesting a broad injunction that would require search engines, ISPs and hosting companies to stop linking to or offering services to MovieTube. The preliminary injunction requested by the MPAA resurrects parts of the controversial SOPA bill, the tech giants warn.
-
-
Privacy
-
The Bot That Cried Wolf: Battery tracking poses no real privacy threat
Am I suggesting that manufactured privacy issues are obscuring real ones? Absolutely. For proof, one needs look no further than last week’s battery brouhaha from a report that noted that websites can track people based on their batteries, skirting opt-in privacy rules that allow battery strength reports to be shared without site visitor permission. For those who bother to read the full report, its details do a wonderful job of establishing that if a site manager wants to invade someone’s privacy, that manager could do far better than peeking at energy levels.
-
The Many Things Wrong With the Anti-Encryption Op-Ed in the New York Times
Manhattan District Attorney Cyrus Vance Jr. and his counterparts in Paris, London, and Madrid took to the New York Times op-ed page Tuesday morning to pose a flawed argument against default encryption of mobile phones, a service being commercialized and implemented gradually by Apple and Google.
The op-ed misstated the extent of the obstacles to law enforcement, understating the many other ways officials bearing warrants can still collect the information they need or want—even when confronted with an encrypted, password protected device.
The authors failed to acknowledge the value to normal people of protecting their private data from thieves, hackers and government dragnets.
-
Twitter Sees 52% Spike In Government And Copyright Info Requests
The company released its latest transparency report, which now also includes trademark notices and email privacy practices.
-
-
Civil Rights
-
Armored Vehicle Request Documents Show Local Law Enforcement Still Looking To Bring The (Drug) War To Your Doorstep
Molly Redden and Mother Jones have acquired a stash of armored vehicle request documents from police departments all over the nation. The requests are tied to the Department of Defense’s 1033 program, in which military hand-me-downs are given to basically any law enforcement agency that asks for them, whether or not these agencies actually need them.
-
Oath Keepers return to Ferguson, fueling racial tension
Four white civilians carrying military-style rifles and sidearms walked a riot-torn street in Ferguson, Missouri, early Tuesday, saying they were there to protect a representative from an anti-government website, but their actions drew swift criticism from protesters in the mostly black neighborhood and from St. Louis County Police Chief Jon Belmar, who called their presence “unncessary and inflammatory.”
The appearance of the four men drew stares in the neighborhood, which was rocked by violence again Sunday night as protesters marked the police killing of Michael Brown, an unarmed black teen whose death one year ago reignited a debate on race relations.
The men identified themselves as members of Oath Keepers, which describes itself as an association of current and former U.S. soldiers and police who aim to protect the U.S. Constitution. The group reports having about 35,000 members nationwide and says there are African-Americans among its ranks.
-
Florida Cop Smashes Disabled Vet’s Cell Phone For Legally Parking in Handicap Space
Florida man Isiah James served his country for 10 years. He survived two trips to Iraq and one to Afganistan.
Riviera Beach cop G. Wilson took less than 10 minutes to decide that the Army veteran Isiah James didn’t deserve a handicapped sticker.
Isiah’s $800 iPhone 6+ didn’t survive a trip to the Walgreens.
James had family in town on vacation, and father doesn’t drive, so he took father to the store. On his way home, the two man stopped at a Walgreen’s liquor store.
-
US Says ‘No’ To EU Plan For New Corporate Sovereignty Courts: So What Happens Now With TAFTA/TTIP?
Back in May, we wrote about the European Commission’s attempt to put lipstick on the corporate sovereignty pig. Its attempt to “reform” the investor-state dispute settlement (ISDS) system was largely driven by the massive rejection of the whole approach by respondents to the Commission’s consultation on the subject last year. Of the 150,000 people who took the trouble to respond, 145,000 said they did not want corporate sovereignty provisions of any kind. Even the European Commission could not spin that as a mandate for business as usual, and so it came up with what it called a “path for reform” (pdf). By promising to solve the all-too evident “problems” of corporate sovereignty by coming up with something it claimed was better, its evident plan was to include this re-branded ISDS as part of the TAFTA/TTIP negotiations with the US.
-
-
Intellectual Monopolies
-
Copyrights
-
Team Prenda Smacked Around Again, Ordered To Pay Another $94,000
It appears that the courts are now just piling on when it comes to Prenda Law. In the case of Lightspeed v. Anthony Smith, the court that was one of the first to call out team Prenda for “flat-out lies” and then blasted their weak attempt to plead poverty — leading, instead, to holding Team Prenda in contempt — has struck again. Having lost badly on appeal, the district court slammed the lawyers again, arguing that Team Prenda lied to the court and obstructed the discovery process concerning where they hid their money. It ordered sanctions of $65,263 and asked Smith’s lawyers at Booth Sweet to submit their costs to be added on to the total. Those costs came out to $94,343.51 — and Prenda lawyers John Steele and Paul Duffy complained that the number was unfair.
-
-