Another Reason to Boycott UEFI and Proprietary Software From Microsoft: Insecurity

Posted in Microsoft, Security at 12:27 pm by Dr. Roy Schestowitz

Summary: Some blobs like Microsoft’s Windows patches and the binary-level UEFI ‘validation’ do not and cannot provide real security, only insecurity in disguise

THE ‘PROMISE’ of UEFI ‘secure’ boot is as ludicrous as Microsoft's claims that it pursues security. UEFI does nothing real for security; in fact, it once again does the very opposite. Quoting the news:

A pair of security researchers have found a buffer overflow vulnerability within the implementation of the unified extensible firmware interface (UEFI) within the EDK1 project used in firmware development.

Bromium researcher Rafal Wojtczuk and MITRE Corp’s Corey Kallenberg said the bug in the FSVariable.c source file was linked to a variable used to reclaim empty space on SPI flash chips.

According to other news, as told (spun) by a Microsoft booster.,”Microsoft’s advance security notification service no longer publicly available”. The booster says that “Microsoft is taking its Advance Notification Service private, claiming the change is due to changes in the way users want their advance security notifications.” Microsoft sure
tells the NSA about ways to hijack/wiretap Microsoft software, so it’s a matter of privilege, not some company-wide policy.

How does the above serve users? It doesn’t. This is about Microsoft, not users. Users will be left even more vulnerable. As Pogson correctly points out, “There are no Patch Tuesdays with Debian GNU/Linux so the bad guys are no further ahead. We can all get Debian’s patches as soon as they generate them and we can usually install the updates on running systems with no adverse consequences, like a re-re-reboot.”

Moreover, in large corporations in particular, patching code internally is possible or even relying on third parties. Don’t ever trust security at binary level, such as large blobs being sent that are supposedly ‘patched’ or some opaque board giving ‘approval’ before the running of a binary blob, mostly likely based on some cryptic signature approved by unknown people for unknown reasons (usually employees of companies that work with the NSA). Real security emanates from transparency, which breeds trust and provides to ability for one to study and patch one’s own programs (or rely on others to do so using their specialised skills).

“Anyone wonder why the Microsoft SQL server is called the sequel server? Is that because no matter what version it’s at there’s always going to be a sequel needed to fix the major bugs and security flaws in the last version?”


Dear Microsoft: Windows-Only With DirectX is Not ‘Open Source’

Posted in Deception, Microsoft, Windows at 12:12 pm by Dr. Roy Schestowitz

Summary: Another misleading piece (a puff piece) from Beta News helps Microsoft openwash itself and promote proprietary software, proprietary APIs, etc.

AN OCCASIONAL Microsoft boosting site, Beta News, published a misleading PR piece that reads like it was ghostwritten by Microsoft (not just embedding Microsoft quotes).

Suffice to say, when Microsoft talks about “open source” one need to take a boulder of salt; in this particular case, as in many other cases, it is Windows only, DirectX-dependent, etc. It is more like openwashing than “open source” because without proprietary software this code just won’t run. In other words, you have to be a paying client of Microsoft (paying a bunch of thugs) to use the code and you have to support Microsoft APIs. To quote right from the source: “Version 5.1 Gold runs on Windows 7 or Windows 8, in either 32- or 64-bit mode, depending on your operating system. It also supports native DirectX 11, DirectX 10, and has some support for down-level DirectX 9 hardware running through the DirectX 11 API.”

Yeah, that has “open source” all over it!

Perhaps it’s time for Beta News to give coverage to some real Free software projects rather than drive Microsoft’s agenda.

Links 9/1/2015: Firefox OS in TVs, Manjaro Linux 0.8.11

Posted in News Roundup at 11:51 am by Dr. Roy Schestowitz

GNOME bluefish



  • Linuxy Hopes and Dreams for an Inferno-Free 2015

    In 2015, “I predict that an avalanche of governments using FLOSS and GNU/Linux will take place in Europe,” said blogger Robert Pogson. “FLOSS is widely accepted there, and with adoption of ODF becoming widespread, FLOSS and GNU/Linux are poised for a breakthrough.” China, India and Russia, meanwhile, will “make major moves to adopt GNU/Linux for general governmental purposes including education.”

  • Server

    • Inside HP’s NFV Strategy [VIDEO]

      HP is active in many areas where NFV will fit, including the OpenStack cloud and the Linux Foundation’s OPNFV effort. In a video interview with Enterprise Networking Planet, Gillai explains how the various pieces of HP’s NFV strategy fit together.

    • The power of Docker and open source ecosystems

      Reading through the latest list of top 10 open source projects on Opensource.com has been a reminder of what a great year 2014 has been for open source. Established projects like OpenStack and Mongo have continued to break new records in adoption and usage. We’ve seen incredible momentum from newer projects like Apache Mesos, Kubernetes, and Deis. And we’ve also seen that open source companies like Cloudera, Hortonworks, and Ceph can reach meaningful business milestones while remaining true to their open source roots. Virtually everywhere you look in the IT stack—from storage to networking, compute, mobile, and virtualization—the most exciting innovations are being led by open source.

    • Is Rocket Strictly a Competitor to Docker?

      Container technology was major news last year, and if you bring up the container arena to most people, Docker is what they think of. OStatic has highlighted some of Docker’s instabilities, though, and, as noted in this post, significant competition is coming in Docker’s direction.

  • Kernel Space

    • Microchip Backs AGL’s Connected Car Plan with Linux Driver
    • Linux Foundation Adds SDN, Storage and Managed Hosting Members

      The Linux Foundation’s membership continues to expand. This week, three new companies joined the open source consortium, bringing strengths in software-defined networking, storage and managed hosting to the organization.

    • diff -u: What’s New in Kernel Development

      Given the ongoing controversy within the Capsicum developer community and the corresponding lack of specification of key features, and given the existence of capabilities that already perform a similar function in the kernel and the invasiveness of Capsicum patches, Eric was opposed to David implementing Capsicum in Linux.

    • The Companies That Support Linux: IIX Inc.

      2015 will be the year that software-defined networking goes mainstream, according to Network World. And new Linux Foundation corporate member IIX is helping data centers, Internet service providers and telecommunications companies through that transition with its Linux-based software-defined interconnection (SDI) platform.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Locking the screen before system suspends

        Our Plasma workspace has offered the feature to lock the screen when resuming from suspend for a long time. Ideally the screen gets locked right before the system goes to suspend to ensure that the screen is properly locked when the system wakes up.

    • GNOME Desktop/GTK

      • Streams API in WebKit at the Web Engines Hackfest

        First of course I would like to thank Igalia for allowing me to use the company time to attend the hackfest and meeting such a group of amazing programmers! It was quite intense and I tried to give my best though for different reasons (coordination, personal and so on) I missed some session.

  • Distributions

    • Test Your Linux Savvy

      Our top story on this bit of a slow new day is the closing of one of our Linux blogs. In other news Phoronix.com has noted the latest Fedora changes and Jon Gold has posted a name-the-distro quiz. And finally today, Intel showed off a new computer-on-a-stick at CES that comes in a Linux version.

    • New Releases

    • PCLinuxOS/Mageia/Mandriva Family

      • ROSA Desktop Fresh R5 KDE Offers a Different and Cool KDE Experience

        The ROSA OS doesn’t have too many releases in a year, but this is the second major version in the space of just a few months. The developers have been making a lot of changes and improvements to it, and they’ve done a number of refinements to the KDE desktop that really sets it apart from everything else.

    • Arch Family

      • Hands-on with Manjaro Linux 0.8.11

        I have heard a lot of good things about Manjaro Linux, most importantly that it is one of the easiest Arch Linux derivatives to install, so I decided to give that a try.

        If you are not familiar with Manjaro Linux (or Arch Linux), there are a couple of things you need to understand before we go on. Arch Linux is well known in the Linux community, with a reputation of being compact, fast, flexible, and very well maintained and supported by a dedicated community.

      • Manjaro GNOME Community Edition Arrives with GNOME 3.14 Vanilla Desktop – Gallery

        Manjaro GNOME Community Edition, a Linux distribution based on Arch Linux and fully compatible with the Arch repositories, has reached version 0.8.11 and is now ready for download.

    • Ballnux/SUSE

      • SUSECon 14 report

        It’s been a big year for SUSE. Last year at SUSECon 13 the team announced new development versions of SUSE Cloud and a service pack for SUSE Linux Enterprise 11. Since then they’ve turned SUSE Cloud into a real product and SLE 12 has finally been released. New technology and new products were the items SUSE went into the convention with, leading with a theme of ‘Always Open’ to remind everyone that even though SUSE are developing new tech, it’s always open source.

    • Red Hat Family

      • Red Hat Certification Caps Big SDN Year for Big Switch Networks

        Big Switch Networks Inc. capped off a big year in the software-defined networking (SDN) industry by announcing its flagship networking fabric was awarded certification for Red Hat Enterprise Linux OpenStack Platform 5, laying the groundwork for OpenStack cloud computing implementations.

        Big Switch is a leader in the “bare-metal” SDN arena, targeting its Big Cloud Fabric for building out new datacenter pods with low-cost networking devices controlled by open source software in a disaggregated approach that moves network “intelligence” from expensive, proprietary equipment to the software management layer.

      • The role of Linux in data centre modernisation
      • Fedora

        • Speech compressor and limiter for your headset in Fedora

          Last couple of months I’ve been using Google Hangouts and Bluejeans conferencing technologies more than my VoIP phone. I got used to crisp and clear voice from my Polycom and Platronics headset so I had a question.

        • continuity of various projects

          The biggest change of all.

          I’m just not going to have to maintain packages, read mail etc for Fedora, so those all got orphaned yesterday.

          Josh & Justin pretty much handled all of the Fedora kernel work for the last year or so, so me walking away is not going to make a huge difference there.

          I might still occasionally take a peek at Fedora bugzilla to see if there’s anything similar to a particular bug, but don’t expect to be doing triage work.

          I’ll still keep a Fedora box or two at home for a while, but work-wise, I’m expecting a lot more Debian in my life. It’s been over a decade since I last used it seriously. That should prove to be fun.

        • rpm packages of vmod-ipcast
    • Debian Family

      • Marvell donation accelerates Debian ARM package builds

        Starting in April, several Debian ARM port builder machines have been upgraded to substantially faster Marvell Armada XP based servers. Marvell has donated eight Marvell MV78460 SoC development boards using Marvell Armada 370/XP CPUs running at 1.6GHz.

        “Debian’s distributed build cluster requires high performance and high reliability from the machines used.” Explains Riku Voipio, Debian ARM port maintainer “We are confident the new machines will serve us as well as the previous Marvell Discovery Innovation-based builders which have been operating 24/7 since 2009″.

      • Derivatives

        • Is SteamOS Ready for the Possible Steam Machines Launch in March?

          Valve has been working on its Steam Machines console for more than a year, but things have been very silent in the past few months. Rumors are now saying that in fact the Steam Machines will launch in 2015, but is SteamOS ready?

        • Canonical/Ubuntu

          • Ubuntu to add multi-touch to Linux touchscreen laptops and desktops

            Imagine multi-touch on touchscreen laptops and even desktop PCs. True multi-touch is coming to Linux devices in Ubuntu 10.10 (code name Maverick Meerkat), according to Mark Shuttleworth, founder of Canonical. But what about Linux on tablets?

          • Unity 8 And Mir Have Received Interesting Updates

            In the last month, Canonical has updated both Unity 8 and Mir a lot, the final scope being to achieve a full mobile-desktop convergence (to make an unique system for both the computers and mobile devices, with an intelligent “responsive” interface).

  • Devices/Embedded

    • Good news, Some Samsung 2014 TVs to be upgradeable to Tizen

      Samsung’s new 2015 lineup of TVs will run Tizen and the company does not have any plans to make any Google Android TVs, which is great news for the OS and its ecosystem as its far better to focus all your resources in one direction, and Tizen is a good direction for that. Tizen TV brings some great features to users including the ability to watch live TV on their mobile devices whilst connected to their home network, even if the TV if OFF.

    • Wearing LG’s webOS smartwatch made me happy

      I don’t know what to say. What I just experienced was inexplicable. After Android Central revealed the news that Audi’s car-unlocking smartwatch (built by LG) runs webOS, I made an immediate dash to the nearby stand of TTs and asked the friendly German demo dude if I could borrow his watch for a moment. More surprising than his consent was the actual software running on this watch: it’s webOS with a level of maturity and polish that betrays the fact LG has been working on the UI for quite a while. The animations are smooth and fast, and the look is tailored to fit a round watch face.

    • 3D printer dev kit runs Linux on new Marvell ARMv7 SoC

      Marvell announced the first Linux-based hardware/software development kit for 3D printers, built around a new, 533MHz “88PA6120″ ARMv7 SoC.

      Marvell’s 3D Printer SoC Solution, also known as the Marvell 88PA6120 3D Printer Development Kit, provides a complete reference kit for turnkey development of 3D printers, says Marvell. The hardware platform is built around a new Marvell 88PA6120 SoC clocked to 533MHz. The company did not offer processor details, but said it is an ARMv7 compatible processor.

    • Intel’s HDMI Compute Stick slaps Windows or Linux on your TV
    • CES 2015: Intel announces $149 Compute Stick which runs Windows and Linux
    • Intel Compute Stick will run Linux
    • Intel’s “Compute Stick” is a full Windows or Linux PC in an HDMI dongle
    • Intel HDMI stick runs Linux or Windows on quad-core Bay Trail
    • CES: Smart TVs on Linux; SCALE prep underway

      First things first: Thanks to Christine Hall for standing in for me last Friday for the weekly wrap-up. As some of you know, I was pretty much in the dark for the first five days of the year after a fire in my building (nowhere near me) early on New Year’s Day morning caused the power to be shut down.

      As we start 2015, with the Consumer Electronic Show in full swing in Lost Wages (more on this in a bit), let’s take a look at some of the happenings in the FOSS realm.

    • Harman brings Linux based IVI to entry-level cars

      Harman’s Linux-based IVI system for entry-level cars integrates Aha Analytics, and supports Android Auto, Apple CarPlay, and MirrorLink connectivity.

    • LG May Be Dropping Google’s Android For Its Next Generation Of Smartwatches

      The Wall Street Journal is reporting that LG is planning on dropping Android Wear–Google’s operating system for smartwatches–in favor of WebOS, its own operating systems found in its smart TVs. According to an anonymous source speaking to the Journal, WebOS will be used in a new line of LG smartwatches released sometime in early 2016. LG already has two smartwatches operating on Android Wear: G Watch and G Watch R.

    • Linux Shines at CES with Smart TVs and Home Automation Gizmos

      Each year, as I search through CES product launches to see which run Linux, I get the feeling I’m looking at an iceberg. There are probably a lot more tuxified devices out there than I’ll ever have time to track down. At this year’s Internet of Things-laden show, the list of potentially Linux based gizmos has grown even larger.

      Certainly, there are plenty of vendors that openly proclaim their products’ Linux roots (see farther below), but more often vendors keep mum, implying they created the secret sauce all by themselves. Even when you ask, they often don’t tell. It’s easier to identify technology using the Linux-based Android, but now that Android’s cool factor has waned due to its overwhelming success, some vendors even obscure their Android foundations.

    • Phones

      • Android

        • The powerful Saygus V2 supports up to 256GB of external storage

          You may not be familiar with the company behind the V2 phone, and that is no surprise as Saygus is hardly a household brand. However, their new multimedia phone may just put them on your radar, with up to 320GB of internal storage and all the right specs to make a splash in the market.

          Saygus is showing off their V2 Android powered smartphone at CES 2015, and we are on site to check it out. Stay tuned for a full video rundown to see how we feel about this 5-inch device.

        • Razer Cortex Lets You Stream PC Games to any Android Microconsole

          Plus, those without an Android device can pick up the new $99 quad-core Razer Forge TV microconsole.

        • How to get married with Android Auto

          It’s been a year since the launch of the Open Automotive Alliance, which happened here in Las Vegas at CES 2014. Now, 12 months later, Android Auto is real. It’s not out, exactly — you can’t buy any cars or head units that have it installed quite yet — but it’s coming in a matter of weeks, and that means that Google partners are out in force showing Android Auto devices you’ll be able to own in 2015.

        • Volunteers add mobile to Norway’s FixMyStreet

          Norway’s Unix User Group (NUUG) has updated FiksGataMi, a localised version of the FixMyStreet website. The new site is tailored for mobile computing devices, and there also is a custom app for Android devices.

        • ​Android Lollipop is out, but almost no one is using it

          Android 5.0 Lollipop has had its troubles. First, it stumbled out of the gate. It was briefly available over-the-air (OTA) for Nexus 4, Nexus 5, Nexus 7 (both first and second generation), and Nexus 10 in early November, but then Google pulled the upgrade for two weeks. Today, almost two months after the re-release on Google Nexus 5, 10, and Nexus 7 Wi-Fi devices, as well as Moto X and G phones, Lollipop still has only a handful of users, never mind a mass audience.

        • Sony’s $1200 Walkman ZX2 runs Android 4.2 Jelly Bean

          Remember Sony’s Walkman from back in the 80s? Sony never stopped making them but they were eclipsed in later years first by iPods then by mobile phones. Now it looks like the Walkman is about to be reborn in a big and rather expensive way. Sony showed off its new Walkman ZX2 at CES 2015, and it’s going to cost $1200.

        • HTC One M8 Android 5.0 Update Release Rumored

          In November following the global release date of Android 5.0 Lollipop by Google, HTC and many manufacturers promised quick Android 5.0 Lollipop update for many key smartphones. Among those promises was the HTC One M8 Android 5.0 update within 90 days of November 3rd.

        • HTC One M8 owners get ready – Android 5.0 will arrive in next two weeks
        • Nexus 9 ssh on the go

          The Nexus 9 is an odd, compromised tablet, and way too expensive, but combined with the folio keyboard & pocketwifi it makes a nice ssh terminal for use on the road.

          Various ssh apps like ConnectBot have terrible external keyboard support. So I compiled a static dropbear binary and static busybox, and I’m using those with Android Terminal Emulator.

        • CyanogenMod Adds Official Support For Android One, Nexus 6, International LG G3 (D855)

          Just a day after pushing Lollipop nightlies to over 30 devices for the first time, CyanogenMod has now added more devices to the fray: the gambit of Android One phones, the LG G3 D855 (international), and the Nexus 6. Android One devices, owing to the control over software and hardware that Google has in that program, share a single ROM under codename “sprout.”

        • CES 2015: BlackBerry announces BBM for Android Wear

          BlackBerry continues to try to get non-BlackBerry users hooked on BBM. Today they announced that BBM for Android Wear is coming soon.

        • CES 2015: An Android smartphone with 320GB storage

          At the ongoing Consumer Electronics Show (CES) 2015 tech expo, little-known brand Saygus announced a smartphone that will blow the competition out of the water.

        • This Microsoft Surface lookalike runs a productive version of Android instead

          At first glance on the CES show floor, the Remix Ultra-Tablet seems like a cheap Surface knock-off. It has a two-stage kickstand similar to that of the Surface Pro 2—albeit one that feels flimsier than Microsoft’s model—and a magnetic keyboard cover with traveling keys and a felt material over the trackpad.

        • Galaxy S5 Android 5.0 Lollipop Update: 10 Things We Expect

          With a Samsung Galaxy S5 Android 5.0 Lollipop release ongoing and new details swirling, we’ve been taking a look at Samsung’s first Lollipop update. Yesterday, we broke down what we currently know and today, we want to take look at what we expect as Samsung moves forward with its Galaxy S5 Android 5.0 Lollipop release in the United States and elsewhere.

Free Software/Open Source

  • Pono Is Here, High Def Open Source Codec (Sort of) & All

    Neil Young’s long promised high def music device, Pono, is out and I am jammed. Not that I’m ever going to be able to buy one, mind you. But if I were entrenched middle class, the type of person who can shell out 500 bucks for a new Coach purse, I’d have one of these babies in a Texas heartbeat, which should be quicker than a regular heartbeat given the Lone Star State’s rate of high blook pressure and all. The latest news is that they’ll be available in your not-so-friendly neighborhood electronics store on Monday for $399. The Pono Music Store already went online a few days back.

  • Open Source Is Data Science’s Missing Ingredient
  • Cheap cloud + open source = a great time for startups

    While the rest of the world binges on IoT goodies from CES 2015, we thought we’d focus on (what else?) enterprise-grade infrastructure. This week’s guest, Steve Herrod was formerly CTO of VMware, and so knows a little something, something about that topic. Now he’s managing director of General Catalyst where he’s looking for the next VMwares of the world.

  • OSSmosis at Infosys

    I had to end my involvement in a hurry after that since I had to return to the airport in time for my return flight. As it turned out, Spicejet decided it was in no hurry and delayed by flight by over an hour; I guess I am lucky that it did not get cancelled. However, despite that, it felt worthwhile to attend the event and see a serious effort by one of the major driving forces in IT in India to encourage adoption of Open Source technologies and more importantly to encourage contribution to Open Source within its organization.

  • How to explain open source to the in-laws

    No, I said, though some community people can and will do that. My job is to make it easier for people to use the software (how to read the book best) and write the software (by helping with getting procedures and tools together to write books more efficiently). Because there needs to be some sort of organization about the creation of the software. So, I get people with an interest in building the software well together with people who have an interest in running the software. And, because there is commercial interest in the software, someone pays me to do this.

  • Web Browsers

    • Mozilla

      • Firefox OS to fuel Panasonic TVs, Chromecast-like devices

        Panasonic will embed Firefox OS in its 2015 smart TVs, and Matchstick announced a Chromecast-like Firefox OS platform, to be used by Philips/AOC and TCL.

      • A Device Blind Users Will Love

        In Firefox OS we have a suite of core apps called Gaia that is the foundation for Firefox OS’s user interface. It is really one giant web app, perhaps one of the biggest out there. Since our mission dictates that we make our products accessible, we have embarked on that journey, we created a screen reader for Firefox OS, and we got to work in making Gaia screen-reader friendly. It has been a long and sisyphean process, where we would arrive at one module in gaia, learn the code, fix some issues, and move on to the next module. It feels something like this:

      • Scale13x and Mozilla
  • SaaS/Big Data

  • Databases

    • Metanautix Promises Data-Agnostic SQL Queries with Quest

      Making SQL, NoSQL, Hadoop and other big data frameworks play nicely with one another is a major challenge that vendors are only now beginning to overcome. But a startup named Metanautix is taking data-agnosticism even further through a new platform that can turn any kind of data—even images—into SQL tables.

  • Business

    • Semi-Open Source

      • Community-developed Open Source solutions in a corporate environment

        To deliver a value, every infrastructure needs applications. If you review the Open Source business solutions market, community-developed Open Source solutions are often among the very best solutions. Examples are Redmine (project and process management), WordPress (publishing and blogging), DokuWiki (wiki), Subversion & Git (version control), Discourse (forum) and many more. Also, some renown companies like SugarCRM, NetSuite, and Suse have grown out of community-developed Open Source projects.

  • BSD


    • FreeIPMI 1.4.8 Released
    • PRICE 1.3.0

      This version improve Mac support quite a bit, Apple made several changes since 10.6 which caused malfunctions and weird symptoms (and which fix occasional stuff on 10.4 too). Both PowerPC and x86 work fine!

    • GNU Guix ported to ARM and other niceties of the new year

      A new port of GNU Guix to ARM using the “hard float” ABI has just landed, thanks to the hard work of Mark H Weaver and John Darrington. This makes it the fourth supported architecture after x86_64, i686, and mips64el. We are looking for ARM hardware donations that would allow us to add this architecture to our continuous integration build farm; your help is welcome!

  • Public Services/Government

    • France’s environmental agency deployed Pydio to increase collaboration

      France’s Environment and Energy Management ADEME (Agence de l’Environnement et de la maîtrise de l’énergie), has deployed the open source file sharing solution Pydio (Put Your Data in Orbit ) for its one thousand employees. Implemented in March 2013, the solution now serves as a basis of the Partage ADEME Portal. The agency is also contributing to the project some of the specific developments that were made for integrating Pydio to the existing agency’s system.


  • Health/Nutrition

  • Security

    • FBI Director Comey’s Single Point Of Failure on Sony

      However the easiest way to compromise a node on North Korea’s Internet is to go through its ISP – Star Joint Venture. Star JV is a joint venture between North Korea Post and Telecommunications Corporation and another joint venture – Loxley Pacific (Loxpac). Loxpac is a joint venture with Charring Thai Wire Beta, Loxley, Teltech (Finland), and Jarungthai (Taiwan).

      I explored the Loxley connection as soon as this story broke, knowing that the FBI and the NSA was most likely relying on the myth of a “closed” North Korean Internet to base their attribution findings upon. Loxley is owned by one of Thailand’s most well-connected families and just 4 kilometers away is the five star St. Regis hotel where one of the hackers first dumped Sony’s files over the hotel’s WiFi. It would be a simple matter to gain access to Loxley’s or Loxpac’s network via an insider or through a spear phishing attack and then browse through NK’s intranet with trusted Loxpac credentials.

      Once there, how hard would it be to compromise a server? According to HP’s North Korea Security Briefing (August 2014) it would be like stealing candy from a baby. HP scanned the IP blocks involved in the Dark Seoul attacks (175.45.178.xx and 175.45.179.xx) and detected “dated technology that is potentially susceptible to multiple vulnerabilities and consistently showed the same open ports and active devices on scanned hosts.” Apparently the North Korean government worries more about controlling Internet access among its population then it does about hardening its Internet-facing systems. Did the FBI’s Red Team rule that out? Did they even consider it?

    • North Korea and Sony: James Clapper Describes His Trip

      I’m still not convinced that North Korea did the hack. But if they did, then there’s more of a backstory, precisely where Clapper is pointing to it: in his trip to North Korea just weeks before the hack.

      Alternately, Clapper’s fixation on his trip may suggest his meeting with Kin Youn(g) Chol has influenced analysis of the hack, leading Clapper’s subordinates to ascribe more importance to heated meetings while their boss was in North Korea than they logically should.

      Either way, Clapper’s giving a very partial description of that trip. But now that he has returned to doing so, it ought to be a much more significant focus for reporting on the alleged North Korea hack.

    • Thursday’s security updates
    • Security advisories for Wednesday
    • Stealthy ‘XOR.DDoS’ trojan infects Linux systems, installs rootkit

      The new threat, XOR.DDoS, alters its installation depending on the victim’s Linux environment and then later runs a rootkit to avoid detection. Although a similar trojan has been spotted in Windows systems, Peter Kálnai, malware analyst at Avast, said in a Wednesday interview with SCMagazine.com that this trojan ventures into relatively untapped territory by targeting Linux systems.

    • World’s first (known) bootkit for OS X can permanently backdoor Macs

      Securing Macs against stealthy malware infections could get more complicated thanks to a new proof-of-concept exploit that allows attackers with brief physical access to covertly replace the firmware of most machines built since 2011.

    • Religion is a “medieval form of unreason”: Salman Rushdie responds to Paris attacks

      In the statement, published on the website for English PEN, an organization that promotes freedom of speech, Rushdie not only condemns the shooting, but religion as a whole.

      “Religion, a mediaeval form of unreason, when combined with modern weaponry becomes a real threat to our freedoms,” he wrote. “This religious totalitarianism has caused a deadly mutation in the heart of Islam and we see the tragic consequences in Paris today.”

      Rushdie expresses his support for the publication and calls for the defense of satire, “which has always been a force for liberty and against tyranny, dishonesty and stupidity.”

    • Helpful, low-FUD information security sites, mailing lists, and blogs

      Keeping current with the latest trends and technologies in the realm of information security is critical and there are many options to choose from. However, as with any content on the internet, it takes some effort to find sites with a good signal-to-noise ratio. Information security is a heavily FUD-laden industry and I’ve taken some time to compile a list of helpful sites.

  • Defence/Police/Secrecy/Aggression

    • Terrorism and Nuance

      In fact the only terrorist in the last year convicted in the UK, who possessed an actual bomb – a very viable explosive device indeed, was not charged with terrorism. He was a fascist named Ryan McGee who had a swastika on his wall and hated Muslims. Hundreds of Muslims with no weapons are locked up for terrorism. A fanatical anti-Muslim with a bomb is by definition not a terrorist.

    • Shooters in Paris terror attack still free as ties to Syria fighting probed

      Europe has been on high alert as anti-terror experts voiced alarm at the thousands of Europeans who’ve gone to Syria and Iraq to fight on behalf of the Islamic State and other terror organizations, and who security experts warned would return to their home countries trained and radicalized.

    • Remembering Victims of Terror–and Forgetting Some Others

      So apparently Morell doesn’t remember the bloodbath in Norway in July 2011, when Anders Breivik killed eight people by bombing government buildings in Oslo and then murdered 59 others, mostly teenagers, at a youth camp associated with the Labour Party. This was actually a deadlier attack then the London bombings, which killed 56.

    • Fox Host Brian Kilmeade On Xenophobic Element To Anti-Islamic Movement In Germany: “So What?”
    • Fox Host: How Do We Spot ‘Bad Guys’ If We Don’t Know ‘Tone Of Their Skin’?
    • After Paris Attack, Fox Anchor Suggests Skin Color Can Help Identify “Typical Bad Guys”

      Fox News anchor and Supreme Court correspondent Shannon Bream reacted to a Paris terror attack by suggesting certain skin tones are more typical of “bad guys” than others.

    • Police officer killed as France hunts Charlie Hebdo killers

      A woman police officer was killed and a street cleaner wounded on the edge of Paris this morning in an attack by a man who was reported to have fired an assault rifle of the kind used in yesterday’s murder of 12 people at Charlie Hebdo magazine.

    • Grenades Thrown at Mosque in France, Day After Charlie Hebdo Attack: Officials

      A day after deadly attack at a French satirical magazine in Paris, a mosque was attacked in Le Mans, west of the French capital.

      Three blank grenades were thrown at the mosque shortly after midnight in the city of Le Mans, west of Paris; shots were also fired in the direction of a Muslim prayer hall shortly after evening prayers in the Port-la-Nouvelle district near Narbonne in southern France.

    • Charlie Hebdo: Google France Displays Black Ribbon On Home Page As Country Mourns 12 Killed

      Google France has marked its home page with a small black ribbon as a tribute to the 12 people killed in the brutal shooting attack on the Paris offices of Charlie Hebdo magazine.

    • Dispatches: An Overshadowed Atrocity

      In the capital of Yemen, Sanaa, at least 37 people were killed and 66 others injured by a bomb blast outside a police academy that was clearly targeting prospective cadets who had lined up in readiness to enroll. As yet, no one has claimed responsibility for the Sanaa attack but it bears the hallmarks of many others that Al-Qaeda in the Arabian Peninsula (AQAP) has carried out in Yemen in recent years.

    • Pentagon Misfires in Stealth Jet Scandal

      The Pentagon and the world’s biggest arms-dealer are hitting back at criticisms of their $400 billion stealth jet, the F-35 Joint Strike Fighter.

      On Tuesday, Lockheed Martin, and the military’s F-35 Joint Program Office (JPO) condemned two Daily Beast reports highlighting issues with the jet’s currently inoperable 25mm cannon and sensor package—while confirming many of those stories’ central assertions.

    • US to close major airbase in Britain – Pentagon

      The Pentagon has decided to end operations at an airbase in Britain and 14 other sites in Europe in a bid to save $500 million annually due to tight budgets and a shrinking military.

      The US said on Thursday that it would end operations at RAF Mildenhall, located northeast of London. The base is home to tanker, reconnaissance, and special operations aircraft.

      RAF Mildenhall was used as a transport hub for US troops. The US will withdraw 3,200 military personnel and their families over the next few years. The net loss of US troops in Britain will be around 2,000, the Pentagon said.

      Its 352nd special operations group will reportedly move to Germany, while RC-135 reconnaissance planes will stay in the UK.

    • Paris Attack Suspects Said to Take Hostage; 2nd Hostage-Taking Also Reported

      Hundreds of French security forces have converged on an industrial park in a town northeast of Paris where two suspects in Wednesday’s terrorist attack in central Paris appear to be barricaded with at least one hostage at a printing business, the authorities said. A police official said the suspects told negotiators they intended to “die as martyrs.”

      As that drama was playing out about 30 miles northeast of Paris, the police responded in force to reports of a shooting and possible hostage-taking at a kosher supermarket near the Porte de Vincennes, on the eastern edge of Paris.

    • Charlie Hebdo attack: shooting at Paris kosher grocery

      A SECOND shootout is happening at a kosher grocery in eastern Paris with reports suggesting that a gunman has as many as five hostages.

      The gunman is reportedly the same man who shot and killed police officer Clarissa Jean-Philippe, 27, who was killed when she was on patrol in the suburb of Montrouge following the Charlie Hebdo attack.

    • Charlie Hebdo manhunt: LIVE REPORT

      Police have released photos of a man and a woman wanted in connection with the fatal shooting Thursday at Montrouge.

    • Police surround kosher Paris supermarket

      Police in France have surrounded a kosher supermarket in south-east Paris amid reports of a shooting.

      A gunman, believed to be the killer of a policewoman in the capital on Thursday, has taken a hostage at the store, a source told France’s AFP news agency.

    • BREAKING NEWS: Third shooting in Paris as two dead & ‘at least five people’ taken hostage

      An armed gunman is with the hostages in the Jewish grocery store in Vincennes in the east of Paris and there are unconfirmed reports that two people have died.

      He has been named as Amedy Coulibaly, 32, the man who shot and killed cop Clarissa Jean-Philippe, 27, yesterday, just one day after the Charlie Hebdo massacre.

    • French Police Are Dealing With Two Linked Hostage Situations

      Authorities in northern France are closing in on two brothers who allegedly carried out an attack against a satirical magazine in Paris on Wednesday.

      Simultaneously, a man thought to be connected to the suspects has taken hostages in eastern Paris.

      In eastern Paris, there has been a shootout at a kosher supermarket involving a man suspected of killing a policewoman on Thursday.

    • This Facebook Page Appears To Belong To One Of The Charlie Hebdo Suspects

      BuzzFeed News has found a Facebook page that appears to have belonged to the elder Kouachi brother. BuzzFeed could not independently verify that the page did belong to the same Said Kouachi, the individual wanted in the Charlie Hebdo attacks.

    • Gunman threatens to kill hostages at Paris market if suspects in Charlie Hebdo shooting are attacked

      A gunman holding at least five hostages in a Paris kosher market has threatened to kill them if French authorities launch an assault on two cornered al-Qaida-linked brothers suspected in a newspaper massacre, a police official said Friday.

      Terrorists linked to each other seized hostages at two locations around Paris on Friday, facing off against thousands of French security forces as the city shut down a famed Jewish neighborhood and scrambled to protect residents and tourists from further attacks.

  • Transparency Reporting

    • Guarding Assange has cost British taxpayers almost £10mn

      British taxpayers have spent almost £10 million safeguarding WikiLeaks founder Julian Assange because Swedish officials refuse to interview him on UK soil.

      The besieged Ecuadorian embassy, where Assange currently resides, has been surrounded by police 24/7 for over two years.

  • Finance

    • Saxby Chambliss Transforms From Senator To Lobbyist In Less Than A Week

      It’s good to know that Saxby won’t have to worry about trying to survive on that six-figure Senate pension.

    • Obama to propose free community college

      President Obama will unveil a new proposal to make the first two years of community college free for students during an event Friday in Tennessee previewing his State of the Union address.

      But White House officials aren’t saying how much the program — which one aide described as “significant” in scope — will cost. Nor has the administration shared details of the initiative with lawmakers on Capitol Hill, who would be necessary to approve the estimated billions of dollars necessary to provide free tuition.

  • PR/AstroTurf/Lobbying

    • How Clint Eastwood Ignores History in ‘American Sniper’

      They should know better. In 2012, “Zero Dark Thirty,” about the hunt for Osama bin Laden, was lavishly praised by most reviewers, and it wasn’t until criticism emerged from political reporters like Jane Mayer and others (I wrote about it too) that the tide turned against the pro-torture fantasy at its core. The backlash, coming after the film made “best of the year” lists, was probably responsible for it (fortunately) being all but shut out of the Academy Awards. Hopefully the praise-and-reconsider scenario will recur with “American Sniper.”

    • Fox News Gives Paris Massacre the Benghazi Treatment

      On Wednesday afternoon, Fox News’s Gretchen Carlson focused on portraying the Obama administration as weak-kneed and out of touch in its response to the massacre in Paris. After interviewing pundit Ari Fleischer, who served as a principal spokesman for President George W. Bush’s global war on terror, Carlson went with a familiar script:

      “It is what it is. It, meaning terrorism. Terrorism is what it is,” Carlson said. “So why does the administration continue to have such a problem telling the American people and the rest of the world just that? Is that a disservice to all of us? In some way giving us a false sense of security? That since our own leaders don’t see any of these attacks as terrorism right away, neither should we?”

    • Charlie Hebdo hunt: Police storm siege north of Paris

      Gunshots and explosions have been heard at the site where suspects of the Charlie Hebdo shootings are holding a hostage north of Paris.

  • Censorship

    • Mumbai Police blocks over 650 social media posts featuring Charlie Hebdo cartoons

      Mumbai Police has blocked over 650 posts and pages “on a popular social networking site” for allegedly uploading the controversial cartoons featured in the French magazine Charlie Hebdo, reports The Hindustan Times. Mumbai police spokesperson Dhananjay Kulkarni told the publication that they are blocking every controversial post that “they come across”.

    • ‘Hacktivist’ group Anonymous says it will avenge Charlie Hebdo attacks by shutting down jihadist websites

      Hacker group Anonymous have released a video and a statement via Twitter condemning the attacks on Charlie Hebdo, in which 12 people, including eight journalists, were murdered.

      The video description says that it is “a message for al-Qaeda, the Islamic State and other terrorists”, and was uploaded to the group’s Belgian account.

    • Saudi Arabia: online activist to be flogged in a public square tomorrow

      Badawi was sentenced to ten years in prison, 1,000 lashes and a fine of one million Saudi Arabian riyals (approximately £175,000) last year for creating an online forum for public debate as well as accusations that he insulted Islam. According to information obtained by Amnesty, Badawi will receive up to 50 lashes tomorrow, while the rest of the 1,000 lashes will be carried out over a period of 20 weeks.

    • Monitoring and Criminalizing Online Speech and Social Media
    • Charlie Hebdo survivors defiant in the face of terror

      In the aftermath of the fatal terrorist attack on the Paris offices of satirical newspaper ‘Charlie Hebdo’, Hélène Hofman spoke to former employee Caroline Fourest. The award-winning French journalist remained defiant, and promised that the next issue of ‘Charlie Hebdo’ will still be published next week, writes Alex McClintock.

    • Stephen Fry: We have to make a stand over Charlie Hebdo

      Stephen Fry has told ITV News why he thinks it’s important for the media and individuals to publish cartoons by Charlie Hebdo, explaining that he holds freedom of expression “sacred”.

    • Swede calls for more controversial cartoons

      Despite Wednesday’s deadly attack on a Paris magazine that published controversial pictures of the prophet Mohammed, Swedish cartoonist Lars Vilks argues that European media should not censor satirical pictures in the future.

    • “Ur head will be cut”: The story of the porn star who is getting death threats for performing in hijab

      After only a couple of months in the adult industry, 21-year-old Lebanese-American Mia Khalifa took the crown for most-searched-for star on PornHub from the legendary Lisa Ann of “Nailin’ Paylin” fame. It was a surprise win for the newcomer, who took to Instagram to humbly celebrate with a blushing emoji and caption reading, “nothing but respect for the almighty queen, though!”

    • A Close Call on Publication of Charlie Hebdo Cartoons

      Was The Times cowardly and lacking in journalistic solidarity when it decided not to publish the images from the French satirical newspaper Charlie Hebdo that precipitated the execution of French journalists?

      Some readers I’ve heard from certainly think so. Evan Levine of New York City wrote: “I just wanted to register my extreme disappointment at what can only be described as a dereliction of leadership and responsibility by the New York Times in deciding not to publish the Charlie Hebdo cartoons after today’s massacre.”

    • The Saudi Role in Sept. 11 and the Hidden 9/11 Report Pages

      Since the early days after the Sept. 11 attacks, when news emerged that most of the airline hijackers came from Saudi Arabia, dark allegations have lingered about official Saudi ties to the terrorists. Fueling the suspicions: 28 still-classified pages in a congressional inquiry on 9/11 that raise questions about Saudi financial support to the hijackers in the United States prior to the attacks.

      Both the administrations of George W. Bush and Barack Obama have refused to declassify the pages on grounds of national security. But critics, including members of Congress who have read the pages in the tightly guarded, underground room in the Capitol where they are held, say national security has nothing to do with it. U.S. officials, they charge, are trying to hide the double game that Saudi Arabia has long played with Washington, as both a close ally and petri dish for the world’s most toxic brand of Islamic extremism.

    • US gag order on EU police agency stirs controversy

      The European Commission on Thursday (8 January) defended a US gag order imposed on the EU’s police agency Europol.

      It means EU lawmakers and most officials are not allowed to scrutinise a document – on implementation of the EU-US Terrorist Finance Tracking Program (TFTP) – written by Europol’s own internal data protection committee, the joint-supervisory body (JSB).

  • Privacy

    • Browsing in privacy mode? Super Cookies can track you anyway

      For years, Chrome, Firefox, and virtually all other browsers have offered a setting that doesn’t save or refer to website cookies, browsing history, or temporary files. Privacy-conscious people rely on it to help cloak their identities and prevent websites from tracking their previous steps. Now, a software consultant has devised a simple way websites can in many cases bypass these privacy modes unless users take special care.

      Ironically, the chink that allows websites to uniquely track people’s incognito browsing is a much-needed and relatively new security mechanism known as HTTP Strict Transport Security. Websites use it to ensure that an end user interacts with their servers only when using secure HTTPS connections. By appending a flag to the header a browser receives when making a request to a server, HSTS ensures that all later connections to a website are encrypted using one of the widely used HTTPS protocols. By requiring all subsequent connections to be encrypted, HSTS protects users against downgrade attacks, in which hackers convert an encrypted connection back into plain-text HTTP.

    • FBI says it can use fake phone masts to listen in on phone calls without warrant

      The US Federal Bureau of Investigation has argued that it should be able to listen in on phone calls using technology that tricks phones into thinking they’re connecting to normal masts. The tools, called “Stingrays”, allow users to intercepts calls and texts.

    • China police reportedly buy virus to monitor phones

      A screenshot purportedly showing that Chinese police were purchasing viruses for the iPhone and Android in order to monitor calls is stirring controversy in China.

      The image in question was from the official site of the government of Wenzhou, an eastern city, and is dated Dec. 15. It contained a notice saying the local police department had spent around 150,000 yuan ($24,000) on mobile-phone viruses and a device to insert the malware into phones, “specifically against jailbroken iPhones and Android phones for real-time monitoring of calls, text messages and photos.”

    • Privacy is not terrorism

      On Tuesday 16th December, a large police operation took place in the Spanish State. Fourteen houses and social centres were raided in Barcelona, Sabadell, Manresa and Madrid; books, leaflets and IT material were seized; and eleven people were arrested and sent to the Audiència Nacional, a special court handling issues of “national interest”, in Madrid. They are accused of incorporation, promotion, management and membership of a terrorist organisation. However, lawyers for the defence denounce a lack of transparency, saying that their clients have had to make statements without knowing what they are accused of [2]. “[They] speak of terrorism without specifying concrete criminal acts, or concrete individualised facts attributed to each of them.” [1] When challenged on this, Judge Bermúdez responded: “I am not investigating specific acts, I am investigating the organization, and the threat they might pose in the future” [1]; making this yet another case of apparently preventative arrests. Four of the detainees have been released, but the remaining seven have been jailed pending trial. The reasons given by the judge for their continued detention include the posession of certain books, “the production of publications and forms of communication”, and the fact that the defendants “used emails with extreme security measures, such as the server RISE UP.”[2]

    • EU Legal Study: All EU Data Retention Laws May be Dodgy

      DRIPA likely to be struck down

    • Lies and revelations: Why mass surveillance is not about catching the “bad guys”

      In response to the Snowden revelations, many governments have argued that we need surveillance to safeguard national security – and this is not a new rhetoric. Ever since 9/11, governments across the globe which have, directly or indirectly, aligned with U.S foreign policy have argued that there is a trade-off between civil liberties and security. This implies that it is acceptable for intelligence agencies to spy on our communications so that they can detect criminals and terrorists – otherwise known as the “bad guys”.

      However, if we look a bit closer at the classified documents leaked by Snowden, it is evident that targeted surveillance is largely used to enhance the political and economic advantage of those in power, while mass surveillance is directed at spying on almost everyone – regardless of whether they have engaged in criminal activity or not.

    • European Parliament Study Likely To Boost Legal Challenges To Blanket Data Retention In Europe

      Back in April last year, we wrote about a surprising and hugely important ruling by Europe’s top court that the framework for data retention in Europe — the Data Retention Directive — was “invalid”. That was largely because it allowed data retention on a scale that was disproportionate. But an interesting question that arises from that decision is: if the Directive itself is invalid, where does that leave all the EU agreements and laws that require data to be retained? What exactly is their legal status now that the Directive has been struck down? Are they invalid too?

    • Finland gets tough on privacy, with new law to give Apple, Facebook messages total security

      On 1 January, the ‘Information Society Code’ passed into law. The Code is a major new umbrella act revising the country’s electronic communications legislation, which has four main goals: simplifying existing rules; improving consumer protection; boosting information security; and creating more equal telecoms markets.

    • The response to the Charlie Hebdo murders is not more untargeted surveillance

      We know that the Hebdo offices were already a target, having been firebombed in 2011, over the publication of a caricature of the prophet Mohammed. We know that the suspects Cherif and Said Kouachi were already known to the security services. We know that France, like the UK has powers to surveill its citizens and, unlike the UK, also has ID cards and an armed police force. But none of this prevented the murder of those 12 people. Despite this, the Head of MI5, Andrew Parker, has indicated that our security services need more powers to prevent similar attacks occuring in the UK.

  • Civil Rights

    • After a long delay, Obama declines to fire U.S. attorneys over Aaron Swartz’s suicide

      The White House is declining to fire two Justice Department officials over their handling of a controversial court case involving Aaron Swartz, an Internet activist who committed suicide in 2013 after being accused of hacking into a university network.

    • MI5 chief seeks new powers after Paris magazine attack

      The head of MI5, Andrew Parker, has called for new powers to help fight Islamist extremism, warning of a dangerous imbalance between increasing numbers of terrorist plots against the UK and a drop in the capabilities of intelligence services to snoop on communications.

    • Britain warned about ‘grave and relentless’ terror threat as French manhunt goes on

      Last night anti-terrorism police and a paramilitary special ops unit were scouring the 50 square miles of woodland near Abbaye de Longpont, Aisne, for Said Kouachi, 34, and his brother Cherif 33.

    • Risen Deflects Queries in Leak-Case Testimony

      After years of pressuring New York Times national security correspondent James Risen to testify in the leak – or “Espionage Act” – case against ex-CIA official Jeffrey Sterling, the prosecutors never directly asked Risen to name Sterling as his source, as Sam Husseini describes.

    • CIA’s Hidden Hand in ‘Democracy’ Groups

      The importance of the CIA and White House secretly arranging private funds was that these supposedly independent voices would then reinforce and validate the administration’s foreign policy arguments with a public that would assume the endorsements were based on the merits of the White House positions, not influenced by money changing hands.

    • NYT Still Pretends No Coup in Ukraine

      The New York Times keeps insisting that last year’s Ukrainian coup wasn’t a coup and anyone who thinks so lives inside “the Russian propaganda bubble.” But a slanted Times “investigation” shows that the newspaper remains lost inside the U.S. government’s “propaganda bubble,” writes Robert Parry.

    • If America wants to make sure it never tortures again, it must choose law over secrecy

      In theory, Obama’s December 2009 executive order on national security classification should prevent the CIA from using secrecy to place itself beyond the rule of law, since the order specifically forbids classifying information to “conceal violations of law”. In practice, though, the prohibition is virtually never enforced. The Obama administration – like the Bush administration before it – takes the position that the CIA’s criminal actions can be legitimately classified if they are “intelligence sources and methods”. And neither Congress, nor the president, nor the courts have imposed any legal limit on what counts as an intelligence source or method. In practice, the phrase has come to mean “anything the intelligence community doesn’t want you to know.” Congress needs to write a legal definition of “intelligence sources and methods” that imposes real limits, and makes clear that it excludes torture and other crimes.

    • It’s Critics of ‘Selma’ Who Are Distorting Civil Rights History

      Johnson is the character most clearly intended for white audience members to identify with; no doubt like many of them, he starts out admiring King but not really understanding him, and over the course of the film he comes to realize on an emotional level why King says he cannot wait for political justice. In other words, he’s a white man who has something to learn from a black man. Fifty years after the events portrayed in Selma, that’s still evidently something some people don’t want to see.

    • Tell the DOJ Whistleblowing Is a Public Service, Not a Crime

      Former CIA officer Jeffrey Sterling is set to go on trial soon for allegedly giving classified information to New York Times reporter James Risen — about a CIA operation that provided flawed nuclear weapon blueprints to Iran in 2000. Along with CMD, the Nation, the Progressive and Roots Action, you took action in support of Risen, now is the time to come to the aid of whistleblower Sterling.

    • Looking Away From Police Killings

      USA Today (11/24/14) reported on the fatal shooting of a 12-year-old boy on a Cleveland playground. Tamir Rice, holding a BB gun, was shot twice in the chest by a rookie cop. Police came to the playground in response to a 911 call in which a man said he was reporting someone, “probably a juvenile,” with a gun that was “probably a fake.”

    • Hate Crime Experts Skeptical of Call for Cops to be Covered by Federal Law

      The largest police union is urging Congress to expand hate crime protections to include law enforcement.

    • The War on Drugs Is Burning Out

      The conservative wave of 2014 featured an unlikely, progressive undercurrent: In two states, plus the nation’s capital, Americans voted convincingly to pull the plug on marijuana prohibition. Even more striking were the results in California, where voters overwhelmingly passed one of the broadest sentencing reforms in the nation, de-felonizing possession of hard drugs. One week later, New York Mayor Bill de Blasio and the NYPD announced an end to arrests for marijuana possession. It’s all part of the most significant story in American drug policy since the passage of the 21st Amendment legalized alcohol in 1933: The people of this country are leading a dramatic de-escalation in the War on Drugs.

    • Michel Houellebecq stops promotion of new novel after Charlie Hebdo attack

      The French novelist Michel Houellebecq, whose latest book featured on the cover of the satirical magazine Charlie Hebdo on the day of the massacre at its offices, has stopped its promotion as the victims were being mourned.

    • Norway’s Christians didn’t have to apologise for Anders Breivik, and it’s the same for Muslims now

      When Newcastle gunman Raoul Moat went crazy, I’m sure I remember interviewers, callers on phone-in shows and website forums insisting it was up to so-called moderate Geordies to denounce these atrocities, and X Factor started that week with Louis Walsh saying he wouldn’t take part unless Cheryl Cole condemned this “foul evil act of pure foul evil, carried out by her own people”.

  • Internet/Net Neutrality

    • FCC Chairman Moves Toward Real Net Neutrality Protections
    • FCC Chairman Hints at Utility-Style Rules for Internet

      FCC Chairman Tom Wheeler appears poised to propose new rules that would classify Internet service providers as public utilities in a move designed to ensure everyone has the same access to free content online.

      Wheeler strongly indicated Wednesday that he favors the shift to tougher regulations, describing it as “just and reasonable” during an appearance in Las Vegas at the International CES, a technology industry gadget show.

    • Net neutrality vote of 26 February could see Class II after all

      THE US Federal Communications Commission (FCC) will vote on net neutrality legislation at its next meeting on 26 February, it has emerged.


      Meanwhile, just in case Wheeler speak with forked tongue, Democrat senator Al Franken has reintroduced a bill before the Senate which would force the FCC to ban paid-for priority on the internet, regardless of its status.

    • Net Neutrality Might Be a Step Closer to Reality

      The best solution to the problem of net neutrality would be the introduction of genuine competition among ISPs. Your local cable company might still want to discriminate against rivals in the video business—or maybe team up with one of them and degrade the others—but they’d have a hard time doing that if Google was providing great quality for every video service and customers could easily switch if they got tired of poor Netflix streaming. More generally, competition would put a ceiling on all sorts of bad behavior. If your prices are high, or your service is poor, or you have a habit of playing favorites with certain sites, then you’re going to lose customers unless you get your act together. True competition would make heavy regulation of broadband mostly unnecessary.

  • DRM

    • GOG To Remove Archive Protection From Their Windows Installers

      After hearing plenty of heated feedback, GOG.com has now backtracked from their use of encrypted RAR files in their Windows installers, something which has raised concerns about the potential for encroaching DRM on their service as well as causing technical problems for some Linux users.

  • Intellectual Monopolies

    • Copyrights

      • Canadian Piracy Notices: From Benign to Ridiculous

        Canada’s new piracy warning notice scheme is young but already controversial. With one relatively small ISP sending more than 3,000 notices every day, copyright trolls have quickly jumped on the bandwagon with their own brand of crazy. Other notices are much more benign – and users know it.

      • How Copyright Forced A Filmmaker To Rewrite Martin Luther King’s Historic Words

        Among the most powerful moments of Selma, the new film about the march Martin Luther King, Jr. led in 1965 in support of voting rights for African Americans, are the speeches, sermons, and eulogies King delivered during that tumultuous period. However, the speeches performed by actor David Oyelowo in the film do not contain the actual words spoken by King. This is because the King estate would not license the copyright in the speeches to filmmaker Ava DuVernay. Thus, the King estate’s aggressive stance on copyright has literally forced the re-writing of history.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts