EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

01.28.15

Links 28/1/2015: Ubuntu Touch Windowed Mode, NVIDIA Linux Legacy Drivers Updated

Posted in News Roundup at 8:22 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • These Are the Hottest New Open Source Projects Right Now

    Gobs of new open source projects are released every year, but only a few really capture the imaginations of businesses and developers.

    Open source software management company Black Duck tries to spot these, measuring which projects attract the most contributors, produce the most code, and garner the most attention from the developer world at large.

  • Confessions of a systems librarian

    These are just two examples of serious flagship projects, but even on a day-to-day level there are plenty of opportunities for systems librarians to interact with open source software. A large amount of vendor software runs on Linux, so there’s plenty of systems administration to do. I work in a relatively small library, and even here we run five Drupal websites: one as a portal for library services, one as the primary repository for our archive, another provides the public interface for an aboriginal research center, and one to manage safety information for our bio sciences lab.

  • 7 reasons asynchronous communication is better than synchronous communication in open source

    Traditionally, open source software has relied primarily on asynchronous communication. While there are probably quite a few synchronous conversations on irc, most project discussions and decisions will happen on asynchronous channels like mailing lists, bug tracking tools and blogs.

  • 5 Reasons Your Company Should Open Source More Code

    Given intense competition for the world’s best engineering talent, can your company really afford to lock up its code behind proprietary licenses? Sure, if you’re in the business of selling software, giving it all away may not make sense. But the vast majority of companies don’t sell software, and should be contributing a heck of a lot more as open source.

  • Square tries to make open source “welcoming and inspiring” to women

    What is open source? Simply put, it is source code (used to develop software programs) that is freely available and modifiable on the Internet. Open source developers from all over the world contribute to various projects, which are hosted on various websites—GitHub, a popular code hosting site, has over 8 million users and over 19 million code “repositories.”

  • 7 communities driving open source development

    Not so long ago, the open source model was the rebellious kid on the block, viewed with suspicion by established industry players. Today, open initiatives and foundations are flourishing with long lists of vendor committers who see the model as a key to innovation.

  • Events

    • Embedded Linux Conference hijacked by drones

      The Embedded Linux Conference + Android Builders Summit on Mar. 23-25 in San Jose is about “Drones, Things, and Automobiles,” but drones get the most love.

      Maybe it’s just our imagination, but the Linux Foundation’s Embedded Linux Conference seems to be getting more interesting than ever. The program increasingly reflects new opportunities for Linux in areas such as drones, robots, automotive computers, IoT gizmos, 3D sensing, modular phones, and much more. For those of you worried that ELC North America is skimping on the basics as it explores the more colorful sides of Linux, rest your mind at ease. There are still plenty of sessions on booting, trace analysis, NAND support, PHY frameworks, power management, defragmenting, systemd, device tree, and toolchain. Geeks still rule!

  • Web Browsers

    • Mozilla

      • Get Smart On International Data Privacy Day

        Today is International Data Privacy Day. It is a day designed to raise awareness and promote best practices for privacy and data protection. It is a day that looks to the future and recognizes that we can and should do better as an industry. It reminds us that we need to focus on the importance of having the trust of our users. At Mozilla, we start from the baseline that privacy and security on the Web are fundamental and not optional. We are transparent with our users about our data practices and provide them options for choice and control. We seek to build trust so we can collectively create the Web our users want – the Web we all want. Still, we are working to do better.

      • Deploying tor relays

        On November 11, 2014 Mozilla announced the Polaris Privacy Initiative. One key part of the initiative is us supporting the tor network by deploying tor middle relay nodes. On January 15, 2015 our first proof of concept (POC) went live.

      • mozilla-requestpolicy extension and IceCat

        RequestPolicy is an extension for Mozilla browsers that requestpolicyincreases your browsing privacy, security, and speed by giving you control over cross-site requests.

  • SaaS/Big Data

    • Building a cloud career with OpenStack

      What can OpenStack do for you? How about helping you along your career? OpenStack is a growing space and there are more than enough jobs still to go around for qualified seekers. So how do you go about getting one of those jobs?

      In this video from the Kilo OpenStack Summit in Paris, Niki Acosta, Ryan Yard, Shamail Tahir, Kenneth Hui, Eric Wright, and Aaron Delp offer their perspectives on a variety of topics around creating and building a career in cloud software through the OpenStack community.

    • MapR Delivers Free, On-Demand Hadoop Courses

      When the topic turns to job market opportunities these days, hardly any technology trend is drawing more attention than Big Data. And, when talking Big Data, the subject of Hadoop inevitably comes up, as it remains the star open source framework for drawing insights from large data sets. Big tech companies like Yahoo and eBay use Hadoop extensively, but it’s also used by smaller companies these days, and we’ve reported before that the job market is very healthy for people with Hadoop skills.

    • The earnestness of being important

      Despite all these challenges, exceptions, and subtleties, we’ve made good strides in separating the wheat from the chaff when it comes to identifying important data, in no small part thanks to open source. In particular, gains made in search engine technology like Apache Lucene and Solr have revolutionized our ability to deal with multi-structured content at scale, rank it and return it in a timely manner. Search engines have evolved significantly in recent years to seamlessly collect, collate, and curate data across a wide variety of data types (text, numeric, time-series, spatial, and more) and are no longer about just doing fast keyword lookups. Combined with large scale data processing frameworks (Hadoop, Spark, et. al), R for statistical analysis, machine learning capabilities like Apache Mahout, Vowpal Wabbit, MLlib and NLP libraries like Stanford’s NLP libraries, Apache OpenNLP, NLTK and more, it is now possible to build sophisticated solutions that take in your data, model it, serve it up to your users and then learn from their behavior.

    • VMware OpenStack Customers Growing Faster than Overall Business

      VMware announced its own OpenStack distribution in August of 2014. Gelinsger said that the market will be hearing more this quarter about the VMware OpenStack product and he’s very excited about what’s coming.

  • Oracle/Java/LibreOffice

    • LibreOffice 4.4 the beautiful

      We are very close to release LibreOffice 4.4 and I thought I’d share my thoughts on the work that has been put into this new branch and what the general idea is about it. LibreOffice 4.4 is unusual; as a major release you may expect some important underlying change in its architecture, or the inclusion of a set of major features. The 4.4 does include several important features and improvements, most notably for Impress and the much forgotten HTML editor (the comprehensive release notes may be found here). But the most important details are not to be found in this area. If you want to understand where the 4.4 branch is headed, I think it is useful to keep two fundamental trends in mind.

    • LibreOffice for Android coming soon

      The next major LibreOffice desktop release is just around the corner and now the developers behind the open source productivity suite are preparing to extend it to Android.

    • LibreOffice for Android coming soon

      The Document Foundation on Tuesday announced it had assigned the work necessary to build the Android apps to two companies. The Document Foundation is hoping the result will be a “compelling, elegant and full-featured experience of LibreOffice on Android”, Ital Vignoli, one of its founders, said.

  • BSD

  • FSF/FSFE/GNU/SFLC

    • IceCat 31.4.0 release

      GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the GNU version of the Firefox browser. Its main advantage is an ethical one: it is entirely free software. While the Firefox source code from the Mozilla project is free software, they distribute and recommend non-free software as plug-ins and addons. Also their trademark license restricts distribution in several ways incompatible with freedom 0.

  • Public Services/Government

    • Citizens call on Dortmund to use free software

      Four citizens of the German city of Dortmund have started a citizens’ initiative, asking the city council to seriously consider the use of free and open source software. “The city needs to recognise free software as a topic in the public interest”, the DO-FOSS initiators write.

    • Political parties favour openness to reconstruct Greek productivity

      Ahead of the parliamentary elections in Greece last week, the Greek Free/Open Source Software Society (GFOSS) contacted all political parties to ask about their positions [in Greek] with regard to open software, open data, open hardware and open government. The four parties to respond all came out generally in favour of openness. Some of them were even able to present very detailed planning on how to improve the current institutional and legislative framework and outlined how openness could help reconstruct Greek productivity.

  • Openness/Sharing

  • Standards/Consortia

    • YouTube says HTML5 video ready for primetime, makes it default

      Everyone hates Flash, right? You have to install a plug-in, it’s resource intensive, it doesn’t work on mobile, and it causes all sorts of security problems. YouTube has been working on ridding itself of Adobe’s ancient Web plug-in for several years now, and while the whole site has been slowly transitioning away from Flash, today YouTube announced that it finally serves HTML5 video by default. Users of Chrome, IE 11, Safari 8, and “beta versions of Firefox” will all have a Flash-less experience.

      YouTube’s transition seems to have been pretty straightforward. Four years ago, YouTube laid out a laundry list of problems it had with HTML5, and today it has a blog post explaining how it has worked with the Web community to solve each issue.

    • YouTube dumps Flash for HTML5
    • YouTube Says Goodbye to Flash, HTML5 Is Now Default

      It’s been a long time coming, but YouTube has finally made the switch from Flash to HTML 5 and no one seems to really care about that.

      [...]

      Basically, you can mark this day in the calendar as the official date for the death of Flash, or at least as the culmination of its decline.

Leftovers

  • Philippines moved homeless people to luxury resort for pope’s visit

    The Philippines government came under fire on Friday after admitting that hundreds of homeless people were taken off Manila’s streets and put into luxury accommodation during Pope Francis’s recent visit, when he preached compassion for the poor.

  • Security

    • FTC to Internet of Stuff: Security, motherf****r, do you speak it?

      US regulator the FTC says now is not the time for new laws on the “Internet of Things” – but security needs to be improved as we enter the era of always-on, always-connected gadgets, sensors and machines embedded in homes, streets and pockets.

      In a report [PDF] published today, the commission’s staff make a number of policy recommendations for the wave of new devices that collect and transmit data on our everyday lives.

      From the camera that posts pictures online with a click, to automated home lighting and heating, to FitBits and Apple Watches, the Internet of Things (IoT) was the focus of this year’s Consumer Electronic Show, as well as a speech by FTC chairwoman Edith Ramirez.

    • SE Linux Play Machine Over Tor

      I work on SE Linux to improve security for all computer users. I think that my work has gone reasonably well in that regard in terms of directly improving security of computers and helping developers find and fix certain types of security flaws in apps. But a large part of the security problems we have at the moment are related to subversion of Internet infrastructure. The Tor project is a significant step towards addressing such problems. So to achieve my goals in improving computer security I have to support the Tor project. So I decided to put my latest SE Linux Play Machine online as a Tor hidden service. There is no real need for it to be hidden (for the record it’s in my bedroom), but it’s a learning experience for me and for everyone who logs in.

    • Security advisories for Wednesday
  • Defence/Police/Secrecy/Aggression

    • White House Drone Crash Described as a U.S. Worker’s Drunken Lark

      It was 42 degrees and raining lightly around 3 a.m. on Monday when an inebriated off-duty employee for a government intelligence agency decided it was a good time to fly his friend’s drone, a 2-foot-by-2-foot “quadcopter” that sells for hundreds of dollars and is popular among hobbyists.

      But officials say the plan was foiled, perhaps by wind or a tree, when the employee — who has not been named by the Secret Service or charged with a crime — lost control of the drone as he operated it from an apartment just blocks from the White House.

    • White House Threatened by Drones

      The official said the White House is taking urgent steps to protect itself from its association with the murderous state terror of the drone campaign. “We’re going to be stepping up the number of happy, peppy events we have at the White House,” he said, “and making sure they all have a very prominent ‘White House’ label. In the next few weeks, we’ll be having the ‘White House Sweet Ole Granny Quilting Bee’ featuring photogenic grannies from all over the country, and the ‘White House ‘Smores and More Weekend,’ where the President and Mrs. President will gather with kindergarten kids from across this great land of ours to make some simple, tasty picnic treats.

    • Drone crash at White House hints at worry

      So when a man said he was flying a drone for fun just after 3 a.m. in downtown Washington, D.C., and had an accidental crash-landing into a tree on the wrong side of one of the world’s most highly protected fences, he didn’t merely touch the famous property at 1600 Pennsylvania Ave.

    • Of drone strikes: “Did we just kill a kid?”

      Brandon Bryant’s recent exposé of drone operations killing hundreds of innocent civilians during his service, which led to his post-traumatic stress and retirement, explains the dark side of the CIA led US drone operations in Afghanistan, Pakistan, Yemen and Somalia.

      Adding to Bryant’s shock and surprise, his peers believed that they had killed a dog and not a kid that day, and thus it was nothing to worry about.

      Bryant worked as a drone sensor operator for the USAF from 2006 to 2011, mainly operating from a dark container at a facility in New Mexico. But his oversight of these operations, where he became directly and indirectly responsible for the death of more than 1,000 people, nagged at his conscience forcing him to call it quits.

    • A conference considers the morality of drones

      A Notre Dame University law professor says the legal and moral issues related to the U.S. government’s use of unmanned drones to kill individuals in war zones could be more difficult than similar issues on torture.

    • Trust Reality Rather Than President Obama’s Words on Drones

      A message to President Obama: saying something does not make it so. How does killing people, so many of them innocent of any wrongdoing whatsoever, with missiles launched from drones by “pilots” thousands of miles away, demonstrate respect for human dignity and the application of “proper” constraints?

      Let’s consider all the ways in which Obama’s drone assassination program undermines “human dignity” and lacks proper constraints. To do so, one need only consider the many reports that have been entered into the public record by United Nations Special Rapporteurs, human rights organizations, and academic institutions.

      In May 2010, Philip Alston, UN Special Rapporteur on extrajudicial, summary or arbitrary executions, submitted a report to the UN Human Rights Council. In his report, Alston noted that some states, including the U.S., had adopted targeted killing policies, which they have justified as necessary for fighting terrorism. According to Alston, “In the legitimate struggle against terrorism, too many criminal acts have been re-characterized so as to justify addressing them within the framework of the law of armed conflict.”

    • Drones and the New Ethics of War

      Over the past decade, the United States has manufactured more than 6000 drones of various kinds. 160 of these are Predators, which are used not only in Afghanistan but also in countries officially at peace with the US, such as Yemen, Somalia and Pakistan. In Pakistan, CIA drones carry out on average of one strike every four days. Although exact figures of fatalities are difficult to establish, the estimated number of deaths between 2004 and 2012 vary from 2562 to 3325.

    • Kathy Kelly: My Future In Prison

      The Bureau of Prisons contacted me Friday, assigning me a prison number and a new address: for the next 90 days, beginning Saturday I’ll live at FMC Lexington, in the satellite prison camp for women, adjacent to Lexington’s Federal Medical Center for Men. Very early Saturday morning, Buddy Bell, Cassandra Dixon, and Paco and Silver, two house guests whom we first met in protests on South Korea’s Jeju Island, traveled with me to Kentucky and deliver me to the prison gates.

      In December, 2014, Judge Matt Whitworth sentenced me to three months in federal prison after Georgia Walker and I had attempted to deliver a loaf of bread and a letter to the commander of Whiteman Air Force Base, asking him to stop his troops from piloting lethal drone flights over Afghanistan from within the base. Judge Whitworth allowed me over a month to surrender myself to prison; but whether you are a soldier or a civilian, a target or an unlucky bystander, you can’t surrender to a drone.

    • Jordan Agrees to Prisoner Swap with the Islamic State

      The Jordanian government has agreed to release a female prisoner in exchange for the freeing of an air force pilot captured by militants in Syria a month ago. The Islamic State had threatened to kill the pilot and a kidnapped Japanese journalist if the prisoner, Sajida al-Rishawi, was not released. She had been facing a death sentence for her role in a 2005 attack on three hotels in Amman that killed more than 57 people.

    • Grade 6 student killed by U.S. drone strike in Yemen, rights group says
    • Suspected US Drone Strikes On Al Qaeda In Yemen Continue After President Hadi’s Resignation

      The U.S. reportedly killed three al Qaeda members in a drone strike Monday, the first strike on militants since Yemen’s U.S.-backed president resigned last week, according to Reuters. The strike is a sign that the U.S. air campaign in Yemen will continue without the blessing of President Abed Rabbo Mansour Hadi, who was a leading U.S. partner against the militant group.

    • The Ghastly, Remotely Piloted, Robotic Reaper Drone

      The MQ9 Reaper – now deployed 24/7 over Pakistan, Afghanistan and elsewhere – makes killing too easy. It makes war easier to initiate and perpetuate. US drone wars are started with little or no public awareness or support – and with little apparent stake in the game. The weaponized drone cheapens honor. It cheapens life.

    • Disillusioned by War, Israeli Soldiers Muted in 1967 Are Given Fuller Voice

      A young Israeli soldier, fresh from the front, bluntly recounts the orders from above. “They never said, ‘Leave no one alive,’ but they said, ‘Show no mercy,’ ” he explains. “The brigade commander said to kill as many as possible.”

      Another recalls encountering Arabs on rooftops. “They’re civilians — should I kill them or not?” he asks himself. “I didn’t even think about it. Just kill! Kill everyone you see.” And a third makes it personal: “All of us — Avinoam, Zvika, Yitzhaki — we’re not murderers. In the war, we all became murderers.”

    • Attack on Israeli Soldiers ‘Most Serious Flare-Up in Years’–if Arab Deaths Aren’t Taken Seriously

      More details come in the 12th paragraph: The January 18 airstrike “killed five fighters from Hezbollah, including the son of the group’s slain military commander, Imad Mughniyeh, and an Iranian general.” So that’s a more serious flare-up, right? Assuming that we’re not defining the seriousness of an attack based on the nationality of those killed, that is.

      But the New York Times is seemingly able to forget about the Israeli attack moments after it mentions it: “The flare-up shattered a fragile calm that has mostly held along the frontier since the month-long war between Israel and Hezbollah in 2006.” Mostly–aside from that Israeli airstrike that killed six people ten days ago.

  • Transparency Reporting

    • How to Leak to The Intercept

      People often tell reporters things their employers, or their government, want to keep suppressed. But leaking can serve the public interest, fueling revelatory and important journalism.

    • FBI: Give Me Back My Email to WikiLeaks

      Back in the solidarity movements of the 1980s, activists were encouraged to apply for our FBI files under the Freedom of Information Act.

      Nobody expected the FBI to tell the truth about what it had. It was intended as a protest of the FBI’s spying on activists.

      I applied. Eventually, I got back a letter from the FBI, saying: “We have no records responsive to your request.” Everybody said, that doesn’t mean anything, the FBI lies.

    • Though Feds Allegedly Embarrassed by Wikileaks Case, Ongoing Probe Means Journalism Could Still Be Indicted

      “The US attorney’s office thought the notice and the resulting publicity was a disaster for them,” Gidari said. The Perkins Coie partner added that federal prosecutors at the US Attorney’s Office in Alexandria, Va. “went through the roof” after the name of assistant US Attorney Tracy Doherty-McCormick was published.

      A spokesperson for the federal prosecutor’s office did not respond to The Post’s request for comment because the investigation of Wikileaks is ongoing, the spokesperson said. Gidari said that Google is still fighting gag orders on subpoenas “to the present.”

  • Environment/Energy/Wildlife

    • Good News! US Corporations Won’t Have to Pay for Nuclear Disasters in India

      “US, India Move Forward on Nuclear Energy Deal” read the headline at the top of USA Today’s front page (1/26/15). Moving forward–that sounds good, doesn’t it? The subhead was “Obama makes progress on the 1st day of his 3-day visit”–making progress also generally being seen as a good thing.

    • STUDY: How Broadcast Networks Covered Climate Change In 2014

      Broadcast Networks Provided The Most Climate Coverage In Five Years. During 2014, the major broadcast networks’ evening and Sunday news programs aired a total of 154 minutes of coverage of climate change. This was an increase from the previous year’s 129 minutes and was significantly above the six-year average of about 108 minutes, but remained below the 205 minutes of coverage in 2009.

  • Finance

    • Yanis Varoufakis: Greece’s finance minister is no extremist

      Syriza, a hard left party, that outrightly rejects EU-imposed austerity, has given Greek politics its greatest electoral shake-up in at least 40 years.

      You might expect the man who now occupies the role of finance minister to be a radical zealot, who could throw Greece into the fire.

      He is not.

      Yanis Varoufakis, the man at the core of the coalition Syriza has forged, is obviously a man of the left.

  • PR/AstroTurf/Lobbying

  • Censorship

    • Calls for ISPs to filter content could be illegal, EU council documents suggest

      Last week justice ministers from across the European Union called on ISPs to conduct voluntary censorship of online content—but documents in preparation for a meeting of telecoms ministers suggest such a move could be illegal.

      The documents, prepared by the Latvian presidency of the Council of the EU, note that calls to allow Internet service providers to block or filter content in the “public interest” as part of a proposed net neutrality law could violate privacy laws that protect the confidentiality of communication.

    • Two weeks after Zuckerberg said ‘je suis Charlie,’ Facebook begins censoring images of prophet Muhammad

      Only two weeks after Facebook CEO Mark Zuckerberg released a strongly worded #JeSuisCharlie statement on the importance of free speech, Facebook has agreed to censor images of the prophet Muhammad in Turkey — including the very type of image that precipitated the Charlie Hebdo attack.

    • Facebook Is Said to Block Pages Critical of Muhammad
    • The Petulant Entitlement Syndrome of Journalists

      Blogs, and online political activism generally, changed all of that. Though they tried – hard – these journalists simply could not ignore the endless stream of criticisms directed at them. Everywhere they turned – their email inboxes, the comment sections to their columns, Q-and-A sessions at their public appearances, Google searches of their names, email campaigns to their editors – they were confronted for the first time with aggressive critiques, with evidence that not everyone adored them and some even held them in contempt (Chait’s bizarre belief that “PC” culture thrived in the early 1990s and then disappeared until recently is, like his whole grievance, explained by his personal experience: he heard these critiques while a student at the University of Michigan, then was shielded from all of it during most of the years he wrote at The New Republic, and now hears it again due to blogs and social media).

  • Privacy

    • EU’s ‘Counter-Terrorism Co-ordinator’ Finally Says It: Force Internet Companies To Hand Over Their Crypto Keys

      Although calls to ban or backdoor encryption have been made in the past, David Cameron’s rather vague threats against crypto clearly mark the start of a new, concerted campaign to weaken online privacy. Thanks to a leaked paper, written by the EU Counter-Terrorism Co-ordinator and obtained by Statewatch, we now have a clear statement of what the European authorities really want here (pdf)…

    • Facebook and Instagram are down right now

      A Facebook spokesperson said, “Earlier this evening many people had trouble accessing Facebook and Instagram. This was not the result of a third party attack but instead occurred after we introduced a change that affected our configuration systems. We moved quickly to fix the problem, and both services are back to 100% for everyone.”

    • No, Lizard Squad Was Not Responsible For Facebook Outage

      Contrary to suggestions hacker group Lizard Squad took out Facebook, there was almost certainly no attack on the social network and its photo sharing property Instagram, which both went down late last night. According to a source with knowledge of the matter, the downtime was the result of a technical foul up. Facebook is now confirming this in statements to media.

    • Secret ‘BADASS’ Intelligence Program Spied on Smartphones

      British and Canadian spy agencies accumulated sensitive data on smartphone users, including location, app preferences, and unique device identifiers, by piggybacking on ubiquitous software from advertising and analytics companies, according to a document obtained by NSA whistleblower Edward Snowden.

      The document, included in a trove of Snowden material released by Der Spiegel on January 17, outlines a secret program run by the intelligence agencies called BADASS. The German newsweekly did not write about the BADASS document, attaching it to a broader article on cyberwarfare. According to The Intercept‘s analysis of the document, intelligence agents applied BADASS software filters to streams of intercepted internet traffic, plucking from that traffic unencrypted uploads from smartphones to servers run by advertising and analytics companies.

    • CSE tracks millions of downloads daily: Snowden documents

      Harper government plans to introduce new legislation increasing the powers of Canada’s security agencies.

    • Canada Casts Global Surveillance Dragnet Over File Downloads

      Canada’s leading surveillance agency is monitoring millions of Internet users’ file downloads in a dragnet search to identify extremists, according to top-secret documents.

      The covert operation, revealed Wednesday by CBC News in collaboration with The Intercept, taps into Internet cables and analyzes records of up to 15 million downloads daily from popular websites commonly used to share videos, photographs, music, and other files.

    • Canada’s electronic spy agency takes the lead on internet surveillance

      It’s never been clear exactly how Communications Security Establishment Canada, or CSEC does its work. What kind of information does it gather? Who does it target? CBC’s Dave Seglins joins us to give us a rare glimpse into the operations of a part of the Canadian Government we know little about.

    • Canada Joins World Powers in Spying on Smartphone and Download Data

      In North America, the Canadians have long had to play country mouse to the flashier city mouse of the U.S. It’s the latter that gets all the attention, while the former sits quietly in a corner.

      But recent stories have shown just how big a player the Canadians are becoming—at least in the surveillance realm.

    • European counter-terror plan involves blanket collection of passengers’ data

      A new European commission counter-terror plan will require the blanket collection and storage for up to five years of personal data records of all passengers flying in and out of Europe, the Guardian can reveal.

      Civil liberty campaigners say the revised European passenger name record plan – in the aftermath of the Paris attacks – breaches a recent European court of justice ruling that blanket collection of personal data without detailed safeguards is a severe incursion on personal privacy.

    • BlackPwn: BlackPhone SilentText Type Confusion Vulnerability

      Privacy is a hot topic at the moment – it continues to dominate the headlines as news of new NSA incursions, celebrity phone hacks, and corporate breaches are being reported on an increasingly regular basis. In response to this, a number of products have been brought to market that attempt to provide consumers with a greater level of privacy than typical devices allow for. In the phone market, one of the premier products to be released in recent years is undoubtedly the BlackPhone (http://www.blackphone.ch), which has been cited numerous times in tech publications as being one of the best available defenses against mass surveillance, as it provides full end-to-end encryption facilities for voice calls and text/MMS messaging.

    • Everything we know of NSA and Five Eyes malware

      Several documents released by Der Spiegel and The Intercept in the last year demonstrate that the exploitation and infiltration of computers often complements the “passive” collection by providing entrance into systems and networks that would otherwise be invisible to the mass surveillance infrastructure. The separation between mass and targeted surveillance is becoming blurry as we learn of attacks against Internet Service Providers, of targeting of system administrators and systematic compromise of Internet routers.s

    • Infamous Regin malware linked to spy tools used by NSA, Five Eyes intelligence
    • Experts Unmask ‘Regin’ Trojan as NSA Tool

      Earlier this month, SPIEGEL International published an article based on the trove of documents made available by whistleblower Edward Snowden describing the increasingly complex digital weapons being developed by intelligence services in the US and elsewhere. Concurrently, several documents were published as well as the source code of a sample malware program called QWERTY found in the Snowden archive.

      For most readers, that source code was little more than 11 pages of impenetrable columns of seemingly random characters. But experts with the Russian IT security company Kaspersky compared the code with malware programs they have on file. What they found were clear similarities with an elaborate cyber-weapon that has been making international headlines since November of last year.

    • Report: Mass surveillance is counter-productive and “endangers human rights”
    • Google says it fought gag orders in WikiLeaks investigation

      Google has fought all gag orders preventing it from telling customers that their e-mails and other data were sought by the U.S. government in a long-running investigation of the anti-secrecy group WikiLeaks, which published leaked diplomatic cables and military documents, an attorney representing the tech firm said this week.

    • NSA Was Not the Only Government Agency to Spy on You

      A spokesman for the Justice Department claimed that the DEA’s data collection program was suspended in September 2013, has been terminated, and the data deleted. If true, that is rare good news in the field of civil liberties preservation; however, citizens should still be alert for other unconstitutional or illegal government behavior originating from bureaucratic incentives to exploit people’s excessive fear of being killed by the rare terrorist attack.

    • America’s surveillance state, part 3 – the press versus the NSA

      We begin at The New York Times, widely considered America’s most powerful newspaper. Its office near Manhattan’s Times Square is a symbol of the power of the influential media outlet, which often sets the political agenda and tells us what’s important.

    • Former FBI assistant director: to keep budgets high, we must ‘Keep Fear Alive’

      In the context of an interview about a case in which a paid FBI informant is alleged to have offered destitute men a quarter of a million dollars to execute an attack, a former assistant director of the FBI admits it’s in the bureau’s best interest to inflate the supposed terror threat. That’s remarkably candid, and profoundly disturbing.

    • Source code reveals link between NSA and Regin cyberespionage malware

      Keylogging malware that may have been used by the NSA shares signficant portions of code with a component of Regin, a sophisticated platform that has been used to spy on businesses, government institutions and private individuals for years.

      The keylogger program, likely part of an attack framework used by the U.S. National Security Agency and its intelligence partners, is dubbed QWERTY and was among the files that former NSA contractor Edward Snowden leaked to journalists. It was released by German news magazine Der Spiegel on Jan. 17 along with a larger collection of secret documents about the malware capabilities of the NSA and the other Five Eyes partners—the intelligence agencies of the U.K., Canada, Australia and New Zealand.

    • NSA ‘suspected of spying on European Commission’

      Computer malware used in cyber attacks on European Commission and International Atomic Agency developed by the US National Security Agency, Germany’s Spiegel magazine claims

    • NSA gunning for Google, wants cop-spotting dropped from Waze app

      The US National Sheriffs’ Association wants Google to block its crowd-sourced traffic app Waze from being able to report the position of police officers, saying the information is putting officer’s lives at risk.

      “The police community needs to coordinate an effort to have the owner, Google, act like the responsible corporate citizen they have always been and remove this feature from the application even before any litigation or statutory action,” AP reports Sheriff Mike Brown, the chairman of the NSA’s technology committee, told the association’s winter conference in Washington.

    • EFF details plan to end NSA online surveillance once and for all
    • The EFF outlines how to bring the NSA to its knees
    • Edward Snowden Wins ‘Debate’ With NSA Lawyer

      At a public event last week, Edward Snowden argued that the NSA has developed a “culture of impunity,” that its people “are not villains, but they think they can do anything because it is for a just cause.” John DeLong, an NSA Director, responded that “the idea that NSA activities were unauthorized is wrong, it’s wrong in a magnificent way.”

    • New Rules in China Upset Western Tech Companies

      The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China.

    • Happy Data Privacy Day From The NSA! Twitter Users Respond To Agency’s Wishes
    • Documents Show N.S.A.’s Wiretap Moves Before Congress’s Approval

      A federal judge ruled in 2007 that the U.S.A. Patriot Act empowered the National Security Agency to collect foreigners’ emails and phone calls from domestic networks without prior judicial approval, newly declassified documents show.

      The documents — two rulings of the Foreign Intelligence Surveillance Court — fill in a chapter in the history of the N.S.A.’s warrantless surveillance program. They show the agency’s secret moves in the months before Congress authorized the spying by enacting the Protect America Act in August 2007.

      The disclosure also brought into public view a previously unknown example of how the surveillance court, which hears arguments only from the government before issuing secret rulings, sometimes accepts novel interpretations of the law to bless government requests for spying powers.

    • No, Department of Justice, 80 Percent of Tor Traffic Is Not Child Porn

      “Tor obviously was created with good intentions, but it’s a huge problem for law enforcement,” Caldwell said in comments reported by Motherboard and confirmed to me by others who attended the conference. “We understand 80 percent of traffic on the Tor network involves child pornography.”

      That statistic is horrifying. It’s also baloney.

      In a series of tweets that followed Caldwell’s statement, a Department of Justice flack said Caldwell was citing a University of Portsmouth study WIRED covered in December. He included a link to our story. But I made clear at the time that the study claimed 80 percent of traffic to Tor hidden services related to child pornography, not 80 percent of all Tor traffic.

      That is a huge, and important, distinction. The vast majority of Tor’s users run the free anonymity software while visiting conventional websites, using it to route their traffic through encrypted hops around the globe to avoid censorship and surveillance. But Tor also allows websites to run Tor, something known as a Tor hidden service. This collection of hidden sites, which comprise what’s often referred to as the “dark web,” use Tor to obscure the physical location of the servers that run them. Visits to those dark web sites account for only 1.5 percent of all Tor traffic, according to the software’s creators at the non-profit Tor Project.

    • Marco Rubio Wants to Permanently Extend NSA Mass Surveillance

      Republican Rep. Justin Amash, in reference to this story, tweeted “disqualified.” His office would not clarify what the Michigan libertarian meant by the tweet.

    • Congressman Calls For 24-Hour NSA Surveillance of Marco Rubio

      Colorado Congressman: if Marco Rubio wants to declare permanent surveillance of Americans forever, he should be the first volunteer

    • Sam Adams Award for Integrity in Intelligence, Berlin 2015

      Last week in Ber­lin the 2015 Sam Adams Award for Integ­rity in Intel­li­gence was presen­ted to the former Tech­nical Dir­ector of the NSA, whis­tleblower and tire­less pri­vacy advoc­ate, Wil­liam Bin­ney.

      A 36-year intel­li­gence agency vet­eran, Bill Bin­ney resigned from the NSA in 2001 and became a whis­tleblower after dis­cov­er­ing that ele­ments of a data-monitoring pro­gramme he had helped develop were being used to spy on Amer­ic­ans. He explained that he “could not stay after the NSA began pur­pose­fully viol­at­ing the Constitution”.

  • Civil Rights

    • Five Years After: Long Live Howard Zinn

      Today—Jan. 27—marks five years since the death of the great historian and activist Howard Zinn. Not a day goes by that I don’t wonder what Howard would say about something—the growth of the climate justice movement, #BlackLivesMatter, the new Selma film, the killings at the Charlie Hebdo offices. No doubt, he would be encouraged by how many educators are engaging students in thinking critically about these and other issues.

      Zinn is best known, of course, for his beloved A People’s History of the United States, arguably the most influential U.S. history textbook in print. “That book will knock you on your ass,” as Matt Damon’s character says in the film Good Will Hunting. But Zinn did not merely record history, he made it: as a professor at Spelman College in the 1950s and early 1960s, where he was ultimately fired for his outspoken support of students in the Civil Rights Movement, and specifically the Student Nonviolent Coordinating Committee (SNCC); as a critic of the U.S. war in Vietnam, and author of the first book calling for an immediate U.S. withdrawal; and as author of numerous books on war, peace, and popular struggle. Zinn was speaking and educating new generations of students and activists right up until the day he died.

    • Prosecutors promise thorough probe of police killing of teen

      Jose Castaneda, center, speaks about his cousin who was killed in an incident with Denver Police as activists Rev. Patrick Demmer, left, and Anthony Grimes lsten before heading into a meeting on Tuesday, Jan. 27, 2015, with officials from the office of the Denver District Attorney. The activists are calling for a special prosecutor to be appointed to investigate the fatal shooting of the 17-year-old girl who allegedly hit and injured a Denver Police Department officer while driving a stolen vehicle early Monday in a northeast Denver alleyway. Photo: David Zalubowski, AP

    • Cop who stole nude pics off arrested women’s phones gets no jail time

      A now-former California Highway Patrol (CHP) officer who was charged with criminal felony charges after seizing and distributing racy photos copied from arrestees’ phones has pleaded no contest and will serve no jail time.

      Sean Harrington’s plea deal, which was finalized on Tuesday, means that he receives a 180-day suspended sentence, three years of felony probation, and according to local media accounts “must also speak at a community violence solutions class to tell everyone what he did.” Harrington resigned from the CHP last year after the charges were filed.

    • Police Department Refuses To Release Use Of Force Policies Because ‘Criminals Might Gain An Advantage’

      Last month, dashcam video of a 23-year-old (Victoria) Texas cop throwing a 76-year-old man to the ground and tasing him emerged, leading to plenty of outrage across the web. The imagined “crime” was the lack of an inspection sticker on the vehicle the elderly man was driving. Of course, had the officer known the law, he would have known that inspection stickers aren’t needed on vehicles with dealer plates — something that could have been confirmed by anyone inside the car dealership where the incident occurred.

    • Ecuador recommends Sweden to advance on human rights: Assange case

      The Ecuadorian government recommended Sweden in the second cycle of the Universal Periodic Review (UPR) of Human Rights to advance in the defense and protection of human rights, particularly in the case of Australian computer expert Julian Assange, asylee over two years in his diplomatic mission in London.

    • CIA Whistleblower Jeffrey Sterling Convicted of Espionage

      Investigative journalist Marcy Wheeler says Sterling faces decades in prison for leaking details of a botched CIA operation against Iran’s nuclear program

    • Senator slams CIA panel conclusions on Hill spying

      The former chair of the Senate Intelligence committee excoriated a report on the CIA’s searches of computers used by her staff as riddled with “mistakes and omissions.”

      In a statement Tuesday, Senator Dianne Feinstein rejected the CIA accountability board’s conclusions that five agency personnel shouldn’t be penalized for searching computers used by her staff to compile a scathing report on the torture of detainees.

      “The bottom line is that the CIA accessed a Senate Intelligence Committee computer network without authorization, in clear violation of a signed agreement…,” said Feinstein, reiterating an assertion that the searches violated “the constitutional separation of powers between Congress and the executive branch.”

    • Torture If You Must, But Do Not Under Any Circumstances Call the New York Times

      Monday’s guilty verdict in the trial of former CIA officer Jeffrey Sterling on espionage charges — for talking to a newspaper reporter — is the latest milepost on the dark and dismal path Barack Obama has traveled since his inaugural promises to usher in a “new era of openness.”

      Far from rejecting the authoritarian bent of his presidential predecessor, Obama has simply adjusted it, adding his own personal touches, most notably an enthusiasm for criminally prosecuting the kinds of leaks that are essential to a free press.

      The Sterling case – especially in light of Obama’s complicity in the cover-up of torture during the Bush administration – sends a clear message to people in government service: You won’t get in trouble as long as you do what you’re told (even torture people). But if you talk to a reporter and tell him something we want kept secret, we will spare no effort to destroy you.

      There’s really no sign any more of the former community organizer who joyously declared on his first full day in office that “there’s been too much secrecy in this city… Starting today, every agency and department should know that this administration stands on the side not of those who seek to withhold information but those who seek to make it known.”

    • Horizon scanners cannot save Jeremy Heywood from MPs’ well-aimed flak

      Head of civil service questioned about delays to Chilcot inquiry and accused of letting prime minister pressurise him

    • Noam Chomsky discusses terrifying “American Sniper” mentality

      Noam Chomsky discussed the film “American Sniper” at an event held by the Baffler, last week in Cambridge, Mass. The noted linguist, philosopher and political commentator discussed the film, and drew comparisons with the mentality of Chris Kyle (the American sniper whose memoirs are the basis of the film), that of drone operators, and the American public for ignoring the drone war.

      “In the memoirs he describes what the experience was like, so I’ll quote him,” Chomsky said. “His first kill was a woman, who walked into the street with a grenade in her hand as the Marines attacked her village. Chris Kyle killed her with a single shot, and he explains how he felt about it.”

    • ‘American Sniper’ – Evidence of the Swamp of Moral Depravity in Which America Is Sinking

      The swamp of moral depravity in which America is sinking is illustrated by a movie glorifying the exploits of a racist killer, American Sniper, receiving six Oscar nominations, while a movie depicting the historic struggle against racism led by Martin Luther King, Selma, has been largely overlooked.

      Directed by Clint Eastwood, American Sniper tells the story of Chris Kyle, a US Navy Seal who served four tours of duty in Iraq and was credited with 160 confirmed ‘kills’, earning him the honour of being lauded the most lethal sniper in US military history

    • American Sniper illustrates the west’s morality blind spots

      Say what you like about the film American Sniper, and people have, you have to admire its clarity. It’s about killing. There is no moral arc; no anguish about whether the killing is necessary or whether those who are killed are guilty of anything. “I’m prepared to meet my maker and answer for every shot I took,” says Bradley Cooper, who plays the late Chris Kyle, a navy Seal who was reputedly the deadliest sniper in American history. There is certainly no discursive quandary about whether the Iraq war, in which the killing takes place, is either legal or justified. “I couldn’t give a flying fuck about the Iraqis,” wrote Kyle in his memoir, where he refers to the local people as “savages”.

    • Ventura won’t see ‘American Sniper’; says Kyle is no hero

      Ventura also dismissed the movie as propaganda because it conveys the false idea that Iraq had something to do with the 9/11 attacks. “It’s as authentic as ‘Dirty Harry,’” he said, referring to fictional movie series starring Clint Eastwood, the director of “American Sniper.”

    • Arab-American Group Asks ‘American Sniper’ Star And Director To Denounce Anti-Muslim Rhetoric

      A pro-Islam group says that Clint Eastwood’s new film “American Sniper” is partially responsible for a recent rise in anti-Muslim rhetoric online since the film premiered.

      Members of the Arab-American Anti-Discrimination Committee penned a letter to director Clint Eastwood and the film’s star Bradley Cooper to express their concern that the war film has lead to an increase in threats against Muslim people.

      In the letter, members of the ADC claim that the “majority of the violent threats we have seen over the past few days are result of how Arab and Muslims are depicted in American Sniper.” The organization also says they’ve collected “hundreds of violent messages targeting Arab and Muslim Americans from movie-goers” on social media since the film’s release.

    • Does ‘American Sniper’ take aim at the truth?

      It is easy to understand how these movies were denied any support from the Pentagon. Besides showing the determination of the enemy, they also showed American soldiers committing suicide, fratricide and mass killings of civilians. Aeschylus said, “In war, truth is the first casualty.”

    • Lay down war toys

      No more drones sent to slaughter whoever happens to be the target, and then some.

    • Stop Flipping Out Because Old People Have Sex

      For years now we’ve heard about randy grandparents getting nasty in the old folks home. Yet studies of septuagenarian sex continue to make the news as if it’s weird, shocking or gross.

      It’s blatant ageism against the canasta class.

      Yet another study, reported on by the Huffington Post, confirms what we already know: The elderly continue to have sex. This particular study claims significance because it’s the “first piece of research of its kind to include people over the age of 80.”

  • Intellectual Monopolies

    • TTIP Update XLIX

      New leaks show how transatlantic regulatory bodies will undermine EU and national sovereignty

Breaking: EPO Vice-President Željko Topić Loses Defamation Case in Croatia

Posted in Courtroom, Europe, Patents at 2:28 pm by Dr. Roy Schestowitz

Judge Marijan Bertalanič
Judge Marijan Bertalanič, photo from vecernji.hr

Summary: The EPO’s notorious Vice-President, whose appointment at the EPO is still raising some alarming questions, has just lost his case in Croatia (one of many cases), motivating us to accelerate coverage about the persona known as Željko Topić

“BREAKING NEWS FROM ZAGREB,” heralded a source of ours this afternoon (European time). Željko Topić, who faces many criminal charges in Croatia, is failing to silence those who pursue justice against him.

“We just got news from Zagreb,” said our source, “that judgment has been delivered in Topić’s defamation case against Vesna Stilin.” (see background in the many older articles of ours)

“The case was being heard before Judge Marijan Bertalanič of the Municipal Criminal Court of Zagreb. A photo of the judge can be found here” (along with related photographs)

“It seems that Mr. Bertalaničwas not too impressed by Mr. Topić and according to what we have heard he has dismissed the defamation claim against Ms. Stilin.

“This is a first instance judgment so it remains to be seen whether or not Topić will try to appeal it.

“We expect to get a copy of the judgment (in original Croatian) in the next day or two.”

Techrights and its supporters will try to organise an English translation so that people outside Croatia, including EPO staff, are better able to know what Topić is up to. More details are to follow as they become available, but in the mean time, as Topić likes to silence his critics, we wish to add material that needs preserving for future reference. We still have plenty of material to show which relates to the Topić vs. Vesna case, and vice versa, so this is crucial. It’s no secret that Topić is bullying his critics to silence them. Some more documents, other than the famed article from 45lines.com, need to be added to our server now. These documents are currently looking for a new “home”; The old documents, namely the following PDF documents relating to the Topić case at the EPO, were analysed here before. These are currently “housed” on the server of the Croatian NGO Juris Protecta, but they may not stay there for much longer. We request assistance from our readers who are able to mirror these documents in case we too feel pressured to remove these. The documents are as follows:

“We have been told by Juris Protecta,” said sources of ours, “that they are worried that if they publicise the links to these PDFs, their Croatian provider may be pressurised to shut down their website.

“The PDF documents in question are basically those cited in the letters sent to the Administrative Council in December 2013 by Juris Protecta and Vesna Stilin. Those letters have been reproduced in the Techrights article about Battistelli’s “Balkan standards”.

“Juris Protecta is currently planning to circulate something about its earlier letters to the Administrative Council and wants to include links to the PDFs.
However, it is afraid that if it uses the links to its jurpro.hr server, then the Croatian provider might be put under pressure to shut down its website.

“We don’t think that there is any problem with you publicly explaining that Juris Protecta is nervous about the risk of having its server in Croatia shut down.

“You might recall that there was a “hacking”/”cracking” attempt recently on the Croatian new portal dnevno.hr after they published an article with some comments about Topić.”

As a reminder, we too suffered DDOS attacks around the same time we published important articles about Topić, but we could never prove there was a correlation, only a coincidence in timing. There is also a huge amount of cracking attempts (dozens per minute) attempted against us since the DDOS attacks began half a year ago. When it all started (knocking our site offline at times) the only concurrence we could lay a finger at was EPO articles.

“Dnveno.hr was offline for quite a while (we estimate a couple of weeks),” said our sources, “and only seemed to become accessible again after the Croatian Presidential election was finished on 11 January. So the fears expressed by Juris Protecta are understandable and the issue can be mentioned publicly.”

We are going to write a lot more about Topić in the coming weeks if not months. Our multi-layered servers infrastructure is much better protected from DDOS attacks at the moment.

Qualys Starts Self-Promotional FUD Campaign, Naming a Bug That Was Already Fixed 2 Years Ago and Distros Have Covered With Patches

Posted in FUD, GNU/Linux, Google, Red Hat, Security, Ubuntu at 12:23 pm by Dr. Roy Schestowitz

Ghostwriting a Qualys horror story for maximal FUD (fear, uncertainty, and doubt)

Spooky

Summary: Responding to the media blitz which paints GNU/Linux as insecure despite the fact that bugs were evidently found and fixed

THERE IS something to be said about the “top” news regarding GNU/Linux. It’s not really news. The so-called “GHOST” publicity stunt needn’t be repeated by FOSS sites. It is about a bug which was patched two years ago, but some sites overlook this important fact and stick lots of spooky logos, playing right into the hands of Qualys, an insecurity firm (making money from lack of security or perception of insecurity).

We have watches the ‘news’ unfolding over the past day and a half and now is a good time to explain what we deal with. The so-called “GHOST” (all capital letters!) bug is old. Qualys is going two years ago into bugfixes, giving a name to the bugfixes, then making plenty of noise (all over the news right now). Qualys does not look like a proxy of Microsoft or other GNU/Linux foes, but it is self-serving. Insecurity firms like Qualys probably learned that giving a name to a bug in GNU (SJVN mistakenly calls it “Linux”, but so do many others) would give more publicity and people will pay attention to brands and logos rather than to substance. Just before Christmas an insecurity firm tried to do that with "Grinch" and it turned out to be a farce. SJVN says that this old “vulnerability enables hackers to remotely take control of systems without even knowing any system IDs or passwords.”

Well, it was patched back in 2013. Use of names for marketing is what makes it “news”; the opportunists even prepared a PRESS RELEASE and pushed it into ‘big’ sites like CNN. It has marketing written all over it, just like “Heartbleed” that had strong Microsoft connections behind the disclosure. It is sad that Linux sites fall for this. Phoronix copies the press release as though it’s reliable rather than self-promotional. Michael Larabel writes: “The latest high-profile security vulnerability affecting Linux systems us within Glibc, the GNU C Library.”

It is not “latest”, it is 2 years old. Larabel says that “Qualys found that the bug had actually been patched with a minor bug fix released on May 21, 2013 between the releases of glibc-2.17 and glibc-2.18.”

OK, so it’s not news. FOSS Force cites SJVN to amplify the scare and other FOSS sites are playing along as though this is top news. It oughtn’t be. It is already widely patched (maybe requiring a reboot), so let’s patch and move on (unless it was already patched upstream/downstream years ago). IDG has already published at least three articles about it [1, 2], including one from Swapnil Bhartiya, who is not too alarmist to his credit. He noted that “there was a patch released back on May 21, 2013, between the releases of glibc-2.17 and glibc-2.18. However it was not considered to be a security risk and thus major Linux distributions that offer long term support and get security updates remained vulnerable, including Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7 and Ubuntu 12.04.”

It affects very specific versions, mostly long-term support releases that already have reliable patches available. It should be clear that some headlines such as this or that clarify the limited scope of impact (not bad reporting) unlike the alarmist trolls.

What Techrights generally found was that early coverage came from so-called ‘security’ sites or blogs of insecurity firms that try to sell their services (e.g. [1, 2, 3]). These set the tone for many.

The response to this bug is proportional to the perceived danger (e.g. due to media hype), not the severity of the bug. Some security news sites [1, 2] focus on names and logos while facts remain only a side issue. This so-called “ghost” nonsense (some lines of code basically) was fixed 2 years ago and as the blog post “long term support considered harmful” explains it: “In theory, somebody at glibc should have noticed that fixing a buffer flow in a function that parses network data has security implications. That doesn’t always happen, however, for many reasons. Sometimes the assessment isn’t made; sometimes the assessment fails to consider all possible exploit strategies. Security bugs are “silently” fixed frequently enough (without evil intentions) that we should consider them a fact of life and deal with them accordingly.”

Some of the worst kind of coverage we found came from The Register with its flamebait headlines (scary headlines for maximum effect) and the troll Brian Fagioli. They are only some among many who are using the name to come up with puns and FUD. Jim Finkle is back to his GNU/Linux-hostile ‘reporting’, bringing this to the corporate media (there is some in the UK also) and LWN quickly cited the GNU/Linux-hostile Dan Goodin. He called “Highly critical” a bug that was patched two years ago.

Debunking some of the latest security FUD we had Fedora Magazine which stated “don’t be [worried], on supported Fedora versions.”

For unsupported version there is a lot more than this one bug that one needs to worry about.

Apple fans were quick to take advantage of the news, despite the fact that Apple is leaving systems vulnerable for many months, knowingly (like Microsoft does, until Google steps in).

See, with proprietary systems one knows for a fact that there is no security. With GNU/Linux is an open question and it depends on what measures one takes to keep it secure. For Apple and Microsoft security is not at all the goal; back doors and unpatched flaws are not really as “interesting” and important for them to patch as helping spying agencies. Google is not at fault here, Google just saw that Apple and Microsoft had no plans to plug serious holes — a patch evidently wasn’t going to be made ready before the public finds out about it, owing to Google. Apple chooses to blame Google; same as Microsoft. They should only blame themselves both for the bugs and for negligence after the bugs were highlighted to them. There is no room here for properly comparing GNU/Linux (Free/libre) to OS X or Windows (proprietary) because evidence clearly shows that the latter are not interested in security and not pursuing security when it is trivially possible.

What we find curious amid the latest FUD campaign is that Apple back/bug doors are not as widely publicised as a GNU bug that was patched 2 years ago and mostly affects LTS systems (which already have patches available). “Nothing I can think of,” said a reader of ours about this media hype, “but the LTS model followed by RHEL and Ubuntu have different goals and purposes than the short, fast development cycle like OpenBSD.”

Nobody is forced to use an LTS release and those who choose it must be aware of the potential risk.

Regarding the other FUD that flooded the press in recent weeks, targeting for the most part Google and Android, our reader XFaCE wrote the following:

I assume you want to write about that new Android vulnerability. Basically I can see the narrative being pushed through three points

- Microsoft supported Windows XP/7/etc. for years, why doesn’t Google support old Android versions

- Google told Microsoft about a very old bug in their software, so they are hypocritical

- Heartbleed bug was fixed way back for 4.1.1

For the last point, it’s a bullshit comparison because

a) 4.1.1 was one point release where upgrading to 4.1.2 fixed the issue (it was already fixed back when 4.1.2 was released)

b) The fix was one file, as evident by XDA members patched it themselves on phones manufacturers refused to upgrade to 4.1.2 SOURCE: http://forum.xda-developers.com/showthread.php?t=2712916

c) As shown by the link, a lot of manufacturers DIDN’T update certain 4.1.1 devices to 4.1.2, hence proving Google’s point. The fix there was SIMPLE, but the OEMs didn’t bother to do it

With Webview, not only is webview involved, but so is the webkit rendering engine, so the fix for all those previously releases is much more complicated

As for the second point, Google did catch it, with KitKat, and furthermore made KitKat supported on more low-end devices so theoretically older 512mb or less devices could be updated

For example, HTC said (when Jelly Bean 4.1 came out) that they would not update any device with 512 mb of RAM (SOURCE: http://www.cnet.com/news/htc-one-v-and-desire-c-will-never-get-jelly-bean/ ), so naturally when KitKat came out, they updated those devices because the OS officially was designed for such low ram devices

oh wait

http://www.androidpit.com/android-4-4-kitkat-update-plans

“Later this year, the entry-level smartphone the HTC Desire 500, should also be seeing the KitKat update. However, the One X, One X+, One S, and One V will be left in the dust and will be receiving no more official updates from HTC.”

So the OEMs are at fault for not upgrading the devices, not Google, which leads to point 1 – Google doesn’t control the Android OEMs like Microsoft does OEM pay Microsoft for the support whereby Microsoft controls all updates, Google doesn’t get paid or have the agreemeent in that way

OEMs like HTC could easily fix this by porting Kitkat to those devices, but they won’t cause they want you to buy a new HTC phone or whatever phone brand

Techrights did not cover that (except in daily links) because it should be self-evident that free-of-charge Android upgrades make it inhernetly different from proprietary software and keeping up to data typically ensures security. A lot of the analogies (Android and Windows) were inherently flawed and the FUD rather shallow.

The Openwashing of Microsoft is Now Threatening to Eliminate the Identity of Free Software

Posted in Deception, Free/Libre Software, Microsoft at 11:27 am by Dr. Roy Schestowitz

“If you repeat a lie often enough, it becomes the truth.” ~Joseph Goebbels

Joseph Goebbels

Summary: More openwashing of Microsoft, including in the corporate media, shows just to what great an extent and how quickly the old “Microsoft Open Source” Big Lie grows feet

SEVERAL days ago we wrote about Condé Nast‘s attempt to paint as "open source" a Microsoft takeover which had nothing to do with FOSS (Free/Open Source software). Yesterday we saw Microsoft apologist Adrian Bridgwater doing the same thing. He has lots of conflicts from him are being disclosed this year, the latest being this article about Pentaho where he admits he “has worked on eBook materials for Pentaho.”

We are generally disturbed to see how Microsoft perturbs media coverage to lie so much on its behalf. Consider this latest nonsense article titled “Microsoft Slowly Easing Into Open-source” and the “Microsoft loves Linux” nonsense. This is a shotgun wedding from people whose attempt to paint Microsoft as an “Open Source company” has gone too far. It’s completely detached from facts as the company’s cash cows and crown jewels are all as proprietary as can be. The Microsoft propaganda sites that play along with the Microsoft-Linux angle would go quite far to convince us that Microsoft and GNU/Linux are now in more or less the same camp. It’s designed to confuse outsiders and it is proving quite effective so far. It’s often repeated without any fact-checking.

Black Duck, a Microsoft-connected firm that has worked hard to facilitate Microsoft’s infiltration into FOSS and dubbed Microsoft "Open Source Rookie of the Year" is now coming out with another such list. One article about it says that “Black Duck Open Source Rookies of the Year are selected irrespective of commercial motivations, according to Black Duck officials. Rather, they reflect projects that have demonstrated significant traction through developer contributions and involvement over the past year.”

Complete nonsense. They are saving face. IDG completely gives the company the platform as though it turned author (see author’s name). It says that “Each year sees the start of thousands of new open source projects. Only a handful gets real traction.”

Like Microsoft? Black Duck would have us believe that it is an authority in FOSS in its press release that it paid to spread and Microsoft-friendly (and funded by Microsoft) media rewriting is now the press release to make puff pieces. Black Duck, like Microsoft, is a proprietary software company.

The bottom line is, Microsoft and its allies spent a considerable amount of money and effort trying to push this illusion that Microsoft is now an “Open Source company” or something along those lines. If we don’t refute these lies, then perception may change and legislators for example, may find themselves unable to discern/tell apart Microsoft lock-in (e.g. OOXML) from Free software. That is perhaps the conflation that Microsoft strives to achieve.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts