Three of the five Linux distributions discussed offer reliable and professional-grade support, all have frequent updates to ensure that security exploits are addressed in a timely manner, and all have at least some level of corporate connectivity baked in. In addition, all of them can run Windows programs through virtual machines or subsystems such as Wine. That ability might appeal to executives, but it raises the question of whether it’s really necessary or even a good idea.
There’s also a big cost difference between deploying Linux and Windows: Linux itself is free, so it’s the distributor’s support that you’ll pay for. And, yes, you will want to do that. The price for proper enterprise-ready support still makes Linux desktop a much less expensive option.
Linux-based operating systems are often used by developers to get their work done and create something new. Their major concerns while choosing a Linux distro for programming are compatibility, power, stability, and flexibility. Distros like Ubuntu and Debian have managed to establish themselves as the top picks. Some of the other great choices are openSUSE, Arch Linux, etc. If you intend to buy a Raspberry Pi and start with it, Raspbian is the perfect way to start.
An open source private cloud platform, Apache CloudStack offers a comprehensive management system that features usage metering and image deployment. It supports hypervisors including VMware ESXi, Microsoft Hyper-V, Citrix XenServer and KVM.
CloudStack also handles features like tiered storage, Active Directory integration and some software-defined networking. As with other open source platforms, it takes a knowledgeable IT staff to install and support CloudStack.
Kubernetes domination
Kubernetes came into its own in 2017 and its popularity will only grow in 2018. Edward Muller, engineering manager at Salesforce, predicts that building tools on top of Kubernetes is going to be more prevalent next year. “Previously, most tooling targeted one or more cloud infrastructure APIs,” says Muller. “Recent announcements of Kubernetes as a Service (KaaS?) from major cloud providers is likely to only hasten the shift.”
On its own, Kubernetes is a great story. What makes it even better is the soaring interoperability movement it’s fueling. An essential part of enabling interoperable cloud-native apps on Kubernetes is the Open Service Broker API. OSBAPI enables portability of cloud services across offerings and vendors. A collaborative project across multiple organizations, including Fujitsu, Google, IBM, Pivotal, Red Hat and SAP, it enables developers, ISVs, and SaaS vendors to deliver services to applications running within cloud-native platforms. In 2017, we saw adoption of the API by Microsoft and Google. Late in the year, Amazon and Pivotal partnered to enable expose Amazon’s services via the broker as well. Red Hat uses it to support the OpenShift marketplace.
Back in November a Google developer proposed HDCP content protection support for the Intel Direct Rendering Manager (DRM) Linux driver that is based upon their code from Chrome OS / Chromium OS. It looks like that High-bandwidth Digital Content Protection support in the i915 DRM driver will come for Linux 4.17.
It's too late to happen for Linux 4.16 considering it would be too tardy for it to be comfortably added to DRM-Next. Google developer Sean Paul who has been spearheading this HDMI/DisplayPort HDCP support for the open-source Intel DRM driver believes the code is now ready for merging.
The Linux Foundation offers many resources for developers, users, and administrators of Linux systems. One of the most important offerings is its Linux Certification Program, which is designed to give you a way to differentiate yourself in a job market that's hungry for your skills.
How well does the certification prepare you for the real world? To illustrate that, we will be highlighting some of those who have recently passed the certification examinations. These testimonials should help you decide if either the Linux Foundation Certified System Administrator or the Linux Foundation Certified Engineer certification is right for you.
Mesa 17.3.2 is a bug fix release which fixes bugs found since the 17.3.1 release.
Mesa 17.3.2 implements the OpenGL 4.5 API, but the version reported by glGetString(GL_VERSION) or glGetIntegerv(GL_MAJOR_VERSION) / glGetIntegerv(GL_MINOR_VERSION) depends on the particular driver being used. Some drivers don't support all the features required in OpenGL 4.5. OpenGL 4.5 is only available if requested at context creation because compatibility contexts are not supported.
While Mesa 18.0 will premiere later this quarter as the first feature update of 2018, Mesa 17.3.2 is now available as the second bug-fix release for last quarter's Mesa 17.3 series.
NVIDIA is sticking to their pledge of being quick with delivering support for new revisions of Vulkan support in their Windows and Linux drivers.
Vulkan 1.0.67 was released on Friday and while it's mostly a mundane maintenance update, it does include one new extension: VK_EXT_conservative_rasterization. This extension adds a conservative rasterization mode to Vulkan and is similar to the GL_NV_conservative_raster OpenGL extension (more details on conservative rasterization here).
The VC5 open-source Gallium3D driver designed to support the next generation of Broadcom VideoCore graphics hardware is onto rendering more triangles, at least with the hardware simulator.
Yesterday Intel landed KPTI page table isolation and Retpoline support in their Clear Linux distribution. Given that one of the pillars of this Intel Open-Source Technology Center platform is on delivering optimal Linux performance, I was curious to see how its performance was impacted. Here are before/after benchmarks on seven different systems ranging from low-end Pentium hardware to Xeon servers.
There comes a time you want to capture an error on your screen and send it to the developers or want help from Stack Overflow, you need the right tools to take that screenshot and save it or send it. There are tools in the form of programs and others as shell extensions for GNOME. Not to worry, here are the best Linux Screenshot taking tools that you can use to take those screenshots or make a screencast.
We have reviewed a good number of ebook apps in the past, most of which have been in development for a long time. Today, we bring you a relatively new app to the application market and it goes by the name of TEA Ebook.
TEA Ebook is a free and cross-platform EPUB and PDF reader with which you can browse and read through your entire digital library wherever you are, and without an internet connection.
Akiee is a cross-platform, AGILE-inspired task manager that helps you to concentrate on your most important tasks by making use of ranks instead of priorities.
It features a simple UI with three main tabs, Todo, Doing, and Done. A "+" button for adding new tasks, an “Editor” button for editing tasks directly, and an “All” button to list all your tasks.
As you can see, now I have nice colors: The hostname is green, the folder is blue, the return value of the last executed command is a green...
I have fond memories of Breakout as a child, my son even has a rather low quality version on his 'kids camera' and Puppet Kings [Steam] is an interesting take on it.
Since releases are always light at the start of a year, I've been able to look over some more titles sent to our Steam Curator. Guppy [Steam, Official Site] is one such game, that sees you become a fish.
GOG are having a little sale yet again, so let's have a look and see what good deals they have going for Linux gamers. It's crazy how often GOG and other stores have sales on, there's opportunities every single month to get good games at a discounted price.
The developers previously announced it would be delayed and that Linux would see support on day-1.
A developer from the studio behind the awesome space shooter EVERSPACE [Steam] has given an update on the status of the Linux port.
For those unaware, EVERSPACE can be downloaded and installed on Linux even though it's not listed as supporting Linux on Steam. This is because it's currently in an unofficial state. Essentially, they want to get it in a good place before properly advertising it.
I love stealth games, so when the chance came to test Turnover [Steam, itch.io, Official Site], where you’re escaping a hostile takeover of your company HQ I couldn’t pass it up.
Many KDE fans –maybe even you– consider the app to be too limited, preferring instead to use an alternative tool like Synaptic or the Muon Software Center to handle package management.
So popular is Muon that Kubuntu 17.10 even re-added it to its install image!
But Discover shouldn’t be forgotten about.
It’s important that Plasma desktop has a vibrant, easy to use, “one-stop-shop” for users to discover, install, update and remove software on their desktops.
KDE Discover Software Center is a key element of our Usability and Productivity initiative because it encompasses the basic experience of discovering, installing, and removing software. Most regular people don’t want to use the command line to do this, and for them, we have Discover.
Coming four months after version 2017_09_05, which was the most successful release to date, Parted Magic 2018_01_08 ships with Linux kernel 4.14.11, a version that includes patches for the newly discovered Meltdown and Spectre security vulnerabilities, as well as better support for newer graphics cards.
"The 2017_09_05 release was our most successful release to date with very little complaints. Instead of changing a bunch of stuff for the sake of changing a bunch of stuff, we basically kept it the way it was," says developer Patrick Verner in the release announcement. "We only addressed the little issues and updated relevant software."
IPFire 2.19 Core Update 117 is now available to download and comes with the latest OpenSSL 1.0.2n TLS/SSL and crypto library, as well as an updated OpenVPN implementation that makes it easier to route OpenVPN Roadwarrior Clients to IPsec VPN networks by allowing users to choose routes in each client’s configuration.
The update also improves the IPsec implementation by allowing users to define the inactivity timeout time of an idle IPsec VPN tunnel that's being closed and updating the strongSwan IPsec-based VPN solution to version 5.6.1. It also disabled the compression by default and removed support for MODP groups with subgroups.
If you're using Chakra GNU/Linux, which is a rolling release computer operating system where you install once and receive updates forever, chances are you can upgrade its components to the recently released KDE Plasma 5.11.5 desktop environment, as well as KDE Applications 17.12.0 and KDE Frameworks 5.41.0 software suits, all built against the latest Qt 5.10.0 application framework.
"You can now upgrade to the latest versions of KDE’s Plasma, Applications and Frameworks series, built against the brand new Qt 5.10.0," says Neofytos Kolokotronis in the forum announcement. "[KDE] Applications 17.12 is the first release of a new series that focuses on introducing enhancements and new features. As always with stability updates, Plasma 5.11.53 and Frameworks 5.41.02 include a month’s worth of bug fixes and improvements."
Changes to YaST are coming and people using openSUSE Tumbleweed will be the first to experience these planned changes in a snapshot that is expected to be released soon.
Those following the YaST Team blog may have been read about the implementation changes expected for libstorage-ng, which have been discussed for nearly two years. Libstorage is the component used by YaST; specially used in the installer, the partitioner and AutoYaST to access disks, partitions, LVM volumes and more.
This relatively low-level component has been a constant source of headaches for YaST developers for years, but all that effort is about to bear fruit. The original design has fundamental flaws that limited YaST in many ways and the YaST Team have been working to write a replacement for it: the libstorage-ng era has begun.
This document offers an incomplete but very illustrative view of the new things that libstorage-ng will allow in the future and the libstorage limitations it will allow to leave behind. For example, it already makes possible to install a fully encrypted system with no LVM using the automatic proposal and to handle much better filesystems placed directly on a disk without any partitioning. In the short future, it will allow to fully manage Btrfs multi-device filesystems, bcache and many other technologies that were impossible to accommodate into the old system.
The biggest change of the new GeckoLinux releases is that they are now built using the KIWI OS image builder instead of the older SUSE Studio, which was merged into SUSE's OBS (Open Build Service) last year. This gives GeckoLinux a smoother and more reliable boot process, better hardware detections, and boot splash screen support.
Additionally, this major change no longer forces users to enter passwords for the default live session user account, provides a much cleaner ISO build process and structure that's up-to-date with OpenSuSE's standards, and introduces persistence support for Live USBs, allowing users to run GeckoLinux as a portable OS.
Users of the openSUSE rolling-release Linux distribution will soon find an improved installer thanks to Libstorage-NG landing soon and improvements to YaST.
Libstorage is a low-level storage library used by SUSE's YaST for dealing with disk / partition / LVM management and other storage device interaction. For over the past two years, libstorage-ng has been in development as the next-generation implementation.
In an alert sent to partners last week, Red Hat, the leading distributor of open source server and cloud operating systems, warned of performance degradation across its environments resulting from patching the Meltdown and Spectre security vulnerabilities.
Red Hat said its major infrastructure products, including the industry's leading distributions of Linux and OpenStack, as well as the OpenShift container-based Platform-as-a-Service, are all affected by the potential exploits. The Raleigh, N.C.-headquartered open source software company said it has developed security updates across its portfolio to address the vulnerabilities, and is working with partners to help protect customers.
Red Hat is telling customers and concerned tech users about the recently discovered Meltdown and Spectre vulnerabilities.
This shouldn't come as much of a surprise as Fedora Linux normally ships with the very latest upstream toolchain components and with Fedora 28 it will be no different.
Proposals have been submitted for shipping Fedora 28 in May with GCC 8, Binutils 2.29.1, and Glibc 2.27.
One of the key features of Debbugs, the bug tracking system Debian uses, is its ability to figure out which bugs apply to which versions of a package by tracking package uploads. This system generally works well, but when a package maintainer's workflow doesn't match the assumptions of Debbugs, unexpected things can happen.
So who is to blame for the corruption of the BIOS?
Ultimately I would put the majority of the blame at the door of the manufacturers and the BIOS developers. You simply should not be able to corrupt the BIOS and there should be a reset option which returns it to factory settings if all else fails. The Ubuntu developers were the unlucky people to instantiate the bug by including a defective driver within the Kernel.
Some of the blame has to go to the users as well. Maybe we need to be a bit smarter when installing operating systems and not necessarily jump at the latest thing.
Work on the second release of Pop!_OS Linux will continue this year with a rebase on Canonical's upcoming Ubuntu 18.04 LTS (Bionic Beaver) operating system, due for release on April 26, 2018. The distro will also be released this spring, after Ubuntu 18.04 LTS, and will feature out-of-the-box support for HiDPI displays.
System76 says that it received great feedback from the community in regards to the HiDPI improvements they are adding into Pop!_OS Linux lately, and, besides the fixing many of the reporting issues, they are also working on better integration of the HiDPI daemon into the desktop, including support for tweaking its behavior.
The purpose of this communication is to provide a status update and highlights for any interesting subjects from the Ubuntu Server Team. If you would like to reach the server team, you can find us at the #ubuntu-server channel on Freenode. Alternatively, you can sign up and use the Ubuntu Server Team mailing list.
And we’re back from the holidays! This “weekly” summary is covering everything that happened the past 3 weeks.
The big highlight was the release of LXD 2.21 on the 19th of December.
During the holidays, we merged quite a number of bugfixes and smaller features in LXC and LXD with the bigger feature development only resuming now.
The end of year was also the deadline for our users to migrate off of the LXD PPAs. Those have now been fully deleted and users looking for newer builds of LXD should use the official basckport packages or the LXD snap.
Linux Mint is on track to becoming the most popular desktop distro available. This isn't to suggest that it's already happened, rather that it's on track to happen if Linux Mint continues to find its fans among Windows converts. By contrast, Debian has received almost no credit for this success whatsoever. Worse, neither does Ubuntu, which uses Debian as a base.
So are Linux Mint and Debian really all that different? After all, Linux Mint is based on Ubuntu, which is based on Debian. One might surmise that the these distros are more similar than different. Fact is stranger than fiction. Linux Mint and Debian may share a common heritage, but that's where the similarities end.
iWave’s “iW-RainboW-G28M” is a SODIMM-style module that runs Linux on a Zynq-7000 FPGA SoC, and offers -40 to 85€°C support, up to 1GB DDR3, 512MB flash, a GbE controller, and optional WiFi/BT.
iWave has produced several Altera FPGA based computer-on-modules including the Cyclone V based IW-RainboW-G17D, but the 67.6 x 37mm, SODIMM form-factor iW-RainboW-G28M appears to be its first Xilinx Zynq based module. Other SODIMM-style Zynq COMs include PLDA’s SoMZ-7045.
Asus announced a “Tinker Board S” SBC that has the same Rockchip RK3288 as the original, but adds 16GB eMMC, HDMI-CEC support, a smart audio jack, and improved power management features.
Asus unveiled a minor upgrade to its open-spec Tinker Board SBC, which was originally unveiled a year ago. Like the original, the Tinker Board S combines a quad-core, Cortex-A53 Rockchip RK3288 SoC with a 40-pin Raspberry Pi-style expansion connector. The upgrade is primarily notable for the addition of 16GB of eMMC storage. No pricing was indicated.
I grew up with console gaming and over the years I have had a number of systems, including Atari, SNES, Sega Genesis, and my all-time-favorite—the Commodore Amiga. I recently found a backup of old games I have been carrying around with me for years and got nostalgic for the glory days of retro gaming. I grabbed some old hardware and started tinkering with it so I could relive my childhood. I was surprised how well these games run on my Raspberry Pi and it's become something of a new hobby.
AT&T Inc. has walked away from a deal to sell smartphones made by Chinese electronics giant Huawei Technologies Co., according to people familiar with the matter.
Honor took a page out of Sony’s open source book in an announcement on Monday when it kicked off the Honor Open Source Program for the Honor View 10. It aims to provide much-needed kernel sources — an essential part of custom ROM development — in a timely fashion, and application programming interfaces (APIs) that allow developers to take advantage of AI capabilities in chips like Huawei’s Kirin processor.
Razer's concept device being shown off at the Consumer Electronics Show this year is an Android-powered laptop/hybrid device.
You may be surprised to read this announcement, but no stress, take a deep breath, nothing big is going to happen, it is just our name that is changing and here are the reasons why.
The OpenShift Commons Gathering will bring together the brightest technical minds to discuss the future of OpenShift and its related upstream open source projects.
We have a lot of things we have to do in Q1 2018, such as the CDN and Django 1.11 update. We postponed a detailed plan for 2018, and instead will spend some of Q1 discussing goals and priorities. During our discussions in December, a few themes came up.
For the MDN Web Docs product, the 2018 theme is Reach. We want to reach more web developers with MDN Web Docs data, and earn a key place in developers’ workflows. Sometimes this means making developer.mozilla.org the best place to find the information, and sometimes it means delivering the data where the developer works. We’re using interviews and surveys to learn more and design the best experience for web developers.
For the technology side, the 2018 theme is Simplicity. There are many seldom-used Kuma features that require a history lesson to explain. These make it more complicated to maintain and improve the web site. We’d like to retire some of these features, simplify others, and make it easier to work on the code and data. We have ideas around zone redirects, asset pipelines, and translations, and we hope to implement these in 2018.
One thing that has gotten more complex in 2017 is code contribution. We’re implementing new features like browser-compat-data and interactive-examples as their own projects. Kuma is usually not the best place to contribute, and it can be challenging to discover where to contribute. We’re thinking through ways to improve this in 2018, and to steer contributor’s effort and enthusiasm where it will have the biggest impact.
As part of the lead up to Firefox Quantum, we added new telemetry to Firefox to help us measure painting performance, and to let us make more informed decisions as to where to direct our efforts. One of these measurements defined a minimum threshold for a ‘slow’ paint (16ms), and recorded percentages of time spent in various paint stages when it occurred. We expected display list building to be significant, but were still surprised with the results: On average, display list building was consuming more than 40% of the total paint time, for work that was largely identical to the previous frame. We’d long been planning on an overhaul of how we built and managed display lists, but with this new data we decided that it needed to be a top priority for our Painting team.
In January 2017, we set the course to get a new localization framework named Fluent into Firefox.
Below is a story of the work performed on the Firefox engine – Gecko – over the last year to make Fluent in Firefox possible. This has been a collaborative effort involving a lot of people from different teams. It’s impossible to document all the work, so keep in mind that the following is just the story of the Gecko refactor, while many other critical pieces were being tackled outside of that range.
Also, the nature of the project does make the following blog post long, text heavy and light on pictures. I apologize for that and hope that the value of the content will offset this inconvenience and make it worth reading.
I have used Hugo, the blog engine this blog runs on top of, more and more lately for less and less typical use cases. Hopefully this post will inspire others in similar ways.
There was another post on twitter recently that inspired me to write this post. The point of that post was that when your blog is just a pile of textfiles generic Unix tools combine to make many things are trivial that wouldn’t be with a more traditional database backed system.
Ford Motor (F) announced new partnerships in self-driving cars Tuesday and said it will develop an open-source, cloud-based platform for new mobility services.
A company that specializes in managed hosting of WordPress sites for the enterprise has found an angel in Silver Lake Partners.
While it took LLVM's Clang C/C++ compiler initially a long time to supporting OpenMP, the code continues to mature in supporting the latest updates to this parallel programming specification.
As it stands now Clang has full support for OpenMP 3.1 and only partial support for OpenMP 4.5, but they continue moving closer to supporting OMP 4.5 on CPUs and eventually to NVIDIA GPUs with their CUDA back-end.
Next month the Vulkan 1.0 API will turn two years old but a goal that has remained elusive to date has been getting SPIR-V -- the intermediate representation shared by Vulkan and OpenCL -- into upstream LLVM.
The goal would be upstream support for going between SPIR-V and LLVM IR. There's been various projects working on this SPIR-V and LLVM IR to/from translation support, but nothing has been upstreamed yet in LLVM itself for easier maintenance and focusing on a concerted effort.
This feature is still in need of testing, so please grab a snapshot and test!
As announced in May 2017, the Broad Institute is making GATK4 available under a fully open-source BSD 3-clause license. Users can download the software on the GATK website or can run the tools via a cloud provider.
In the latest episode of Unprecedented, O’Melveny & Myers partner Heather Meeker talks about license enforcement by major tech companies, security and open source, and the challenges open source projects face in dealing with sexual harassment amid the #MeToo movement.
A group of diabetics in Seattle have developed an artificial pancreas system that they are sharing with other diabetics through 'open source' technology. It's an advance that aims to revolutionise the lives of those with the condition.
The Artificial Pancreas System is made of a simple circuit board with a computer chip, and connects the monitor and pump together for a closed loop system, mimicking a real pancreas.
Quantum computers are still extremely rudimentary, and largely remain intriguing playthings in a few advanced research labs. That hasn’t deterred people from developing new programming languages for them.
The most recent one comes from Microsoft, which has unveiled Q# (pronounced Q sharp) and some associated tools to help developers use it to create software. It joins a growing list of other high-level quantum programming languages such as QCL and Quipper.
As part of #Rust2018, I thought I would try to writeup my own (current) perspective. I’ll try to keep things brief.
First and foremost, I think that this year we have to finish what we started and get the “Rust 2018” release out the door. We did good work in 2017: now we have to make sure the world knows it and can use it. This primarily means we have to do stabilization work, both for the recent features added in 2017 as well as some, ahem, longer-running topics, like SIMD. It also means keeping up our focus on tooling, like IDE support, rustfmt, and debugger integration.
GCC 8 is in development stage 3 currently but that is going to end at the end of Sunday, Jan 14th after which we go into regression and documentation fixes mode similar as if trunk was a release branch.
The GNU Compiler Collection 8 (GCC 8) is currently in "stage three" development whereby general bug fixing can still happen along with allowing new ports to be added. But that is changing next week as it enters its final stage of development prior to release.
SUSE's Richard Biener announced that on 14 January, they will be going into their strict "regression and documentation fixes mode similar as if trunk was a release branch."
A decade ago, smart devices promised to change the way we think and interact, and they have – but not by making us smarter. Eric Andrew-Gee explores the growing body of scientific evidence that digital distraction is damaging our minds
Historically, the English educational system has educated the different social classes for different functions in society. However, in the 21st century, the expectation is that the English state system is providing roughly the same education for all. In my new book I argue that it does not. Even within a comprehensive school, when young people are all being educated in the same building, the working classes are still getting less education than the middle classes, just as they had when my father was educated at the beginning of the 20th century. We are still educating different social classes for different functions in society.
The book is based on a mix of statistics, more than 500 interviews and my personal memoir of growing up as a free school meal child living on a council estate. The book argues that, despite a whole plethora of policy initiatives from testing regimes, league tables, school choice, academies and free schools, the return to traditional models of both primary and secondary curriculum and to a preoccupation with ‘school improvement’ and ‘school effectiveness’, little has changed in relation to how the working classes are valued within education. And despite the incessant focus on social mobility, England is at the bottom of the league table for working class children achieving high academic levels.
Under CEO, the technology giant has been late delivering new devices
The post was made on the Chinese social site Zhihu. It said that the Institute "look forward to the perfect performance of the Surface Phone”.
The Patent Pool, which works with a range of partners to help increase access to HIV, hepatitis C and tuberculosis treatments in developments, negotiates voluntary licences with patent owners and develops patent pooling initiatives, according to the announcement. The Geneva-based agency, spun off from Unitaid several years ago but still funded by it, has saved the international community nearly $400 million, it said.
Marcus Hutchins, a.k.a. MalwareTech, went from internet hero (following his inadvertent shutdown of the WannaCry ransomware) to federal government detainee in a surprisingly short amount of time. Three months after saving the world from rampaging malware built on NSA exploits, Hutchins was arrested at the Las Vegas airport as he waited for his flight home to the UK.
When the indictment was published, many people noted the charges didn't seem to be backed by much evidence. The government accused Hutchins of creating and selling the Kronos malware, but the offered very little to support this claim. While it's true much of the evidence against Hutchins will be produced in court, the indictment appeared to be stretching legal definitions of certain computer crimes to their limits.
The government's case appears to be weak and reliant on dubious legal theories. It's not even 100% clear that creating and selling malware is an illegal act in and of itself. The charges the government brought rely heavily on proving Hutchins constructed malware with the intent to cause damage to computers. This isn't so easily proven, especially when the government itself is buying malware to deploy for its own purposes and has yet to bring charges against any of the vendors it buys from. Anyone selling exploits to governments could be said to be creating malware with intent to cause harm. That it's a government, rather than an individual, causing the harm shouldn't make any difference -- at least not if the government wants to claim selling of malware alone is a federal offense.
Meltdown is a CPU vulnerability. It works by using modern processors' out-of-order execution to read arbitrary kernel-memory location. This can include personal data and passwords. This functionality has been an important performance feature. It's present in many modern processors, moshttps://www.ostechnix.com/check-meltdown-spectre-vulnerabilities-patch-linux/t noticeably in 2010 and later Intel processors. By breaking down the wall between user applications and operating system's memory allocations, it can potentially be used to spy on the memory of other programs and the operating systems.
It was late November and former Intel Corp. engineer Thomas Prescher was enjoying beers and burgers with friends in Dresden, Germany, when the conversation turned, ominously, to semiconductors.
Months earlier, cybersecurity researcher Anders Fogh had posted a blog suggesting a possible way to hack into chips powering most of the world’s computers, and the friends spent part of the evening trying to make sense of it. The idea nagged at Prescher, so when he got home he fired up his desktop computer and set about putting the theory into practice. At 2 a.m., a breakthrough: he’d strung together code that reinforced Fogh’s idea and suggested there was something seriously wrong.
Meltdown and Spectre exploit an architectural flaw with the way processors handle speculative execution, a technique that most modern CPUs use to increase speed. Both classes of vulnerability could expose protected kernel memory, potentially allowing hackers to gain access to the inner workings of any unpatched system or penetrate security measures.
The flaw can't be fixed with a microcode update, meaning that developers for major OSes and platforms have had to devise workarounds that could seriously hurt performance.
In an email to a Linux list this week, Torvalds questioned the competence of Intel engineers and suggested that they were knowingly selling flawed products to the public. He also seemed particularly irritated that users could expect a five to 30 per cent projected performance hit from the fixes.
Microsoft’s fix for the Meltdown and Spectre bugs may be crocking AMD-powered PCs.
A lengthy thread on answers.microsoft.com records numerous instances in which Security Update for Windows KB4056892, Redmond’s Meltdown/Spectre patch, leaves some AMD-powered PCs with the Windows 7 or 10 startup logo and not much more.
We've already seen compatibility issues with some antivirus tools, and now some AMD users are reporting that the KB4056892 patch is rendering their computer unusable. A further issue -- error 0x800f0845 -- means that it is not possible to perform a rollback.
In 2016, I noticed a quirk of the x86 architecture that leads to an interesting side channel. On x86, it is possible for a userland process to detect when it has been interrupted by an interrupt handler, without resorting to timing. This is because the usual mechanism for handling interrupts (without using virtualisation) doesn't always preserve all userland registers across an interrupt handler.
Following backlash and criticism, Twitter banned several Russian organisations including RT and Sputnik from purchasing ads on the platform.
An email campaign, conducted between Dec. 22 and 28 last month, sent infected documents to Olympic associations from an email that was designed to appear as though it came from South Korean authorities, analysts with McAfee’s Advanced Threat Research division found.
The lines between privacy incident, security incident, insider incident, and fraud are blurry at best.
In yet another revelation of severe loopholes, a security researcher James Bercegay from Gulftech has discovered a backdoor in some models of the My Cloud NAS (Network-attached storage) drive family, manufactured by Western Digital.
Microsoft has added a new and very important detail on the support page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches.
According to an update added this week, Microsoft says that Windows users will not receive the January 2018 Patch Tuesday security updates, or any subsequent Patch Tuesday security updates, unless the antivirus program they are using becomes compatible with the Windows Meltdown and Spectre patches.
The way antivirus programs become compatible is by updating their product and then adding a special registry key to the Windows Registry.
News surfaced late last week indicating everything about computing is fucked. Two critical flaws with zero perfect fixes -- affecting millions of processors -- were exposed by security researchers. Patches have been deployed and more are on their way, but even the best fixes seem to guarantee a noticeable slowdown in processing speed.
[...]
These recently-discovered exploits may be the ones that got away -- ones the NSA never uncovered and never used. But this statement portrays the NSA as an honest broker, which it isn't. If the NSA had access to these exploits, it most certainly would have used them before informing affected companies. That's just how this works. As long as exploits are returning intel otherwise inaccessible, the NSA will use the exploits for as long as possible before disclosing this info to US companies. The agency has historically shown little concern about collateral damage and I don't believe putting someone new in charge of the VEP is going to make that much of a difference in the future.
If you haven’t already done so, please read “Meltdown and Spectre“.
These vulnerabilities are critical. They expose all memory data present on the computer to any application running locally (including to scripts run by your web browser).
Note: Meltdown and Spectre also affect smart phones and tablets. Please seek information on how to protect your mobile devices.
Linux Mint developers have published today a statement regarding the recently unearthed Meltdown and Spectre security vulnerabilities, informing users on how to keep their PCs secure.
Last week, two of the most severe security flaws were publicly disclosed as Meltdown and Spectre, affecting billions of devices powered by a modern processor from Intel, AMD, ARM, or Qualcomm. To mitigate these vulnerabilities, OEMs and OS vendors started a two and half months long battle to redesign software and kernels.
Almost all known operating systems are affected, and all web browsers. Linux Mint is one of the most popular GNU/Linux distributions out there with millions of users, but it hasn't yet been patched against Meltdown and Spectre because it still relies on updates from the Ubuntu operating system.
For the popular US cable news network MSNBC, the largest humanitarian catastrophe in the world is apparently not worth much attention—even as the US government has played a key role in creating and maintaining that unparalleled crisis.
An analysis by FAIR has found that the leading liberal cable network did not run a single segment devoted specifically to Yemen in the last nine months of 2017.
And in these latter three-fourths of the year, MSNBC mentioned Russia 3,000 percent more than it mentioned Yemen.
Moreover, in all of 2017, MSNBC did not once report on the US-backed Saudi airstrikes that have killed thousands of Yemeni civilians. Nor did it ever mention the impoverished nation’s colossal cholera epidemic, which infected more than 1 million Yemenis in the largest outbreak in recorded history.
Fifteen months back, when a group of Anglophone lawyers went on strike in Cameroon, few would have predicted how far and how quickly events would escalate.
Back then, in October 2016, the lawyers were objecting to the appointment of French-educated judges to their courts. A few other frustrated groups joined them later in peaceful protest against other government actions they perceived to be discriminating against the country’s English-speaking regions.
Fast-forward to today, however, and that initial modest impetus has spiralled into Cameroon’s most alarming internal conflict since independence. In recent months, scores of civilians have been killed. Armed attacks have led to the deaths of at least sixteen army and police officers. The government has deployed the elite Rapid Intervention Battalion, which is usually found combatting Boko Haram, to the area. And thousands of refugees have fled to Nigeria, with the UN Refugee Agency expecting up to 40,000 more.
Ecuador’s foreign minister has said Julian Assange’s five-and-a-half-year stay in her country’s London embassy is “untenable” and should be ended through international mediation.
The WikiLeaks founder has been holed up in Knightsbridge since the summer of 2012, when he faced the prospect of extradition to Sweden over claims that he sexual assaulted two women. He denies the accusations.
For those not wanting to pay the $18 for a hardcover version of Michael Wolff‘s new book Fire and Fury: Inside the Trump White House, or the $14 dollars for the Kindle version, don’t be tempted by WikiLeaks’ tweet with the full PDF version of the book. Law&Crime consulted several copyright legal experts who all agree that the tweet amounts to copyright infringement, and anyone who downloads the book could be held liable too.
Last night, Wikileaks tweeted a link for people to click if they wanted to download the text of Michael Wolff‘s book Fire and Fury: Inside the Trump White House without paying for it. As Law&Crime Editor-in-Chief Rachel Stockman noted, there are serious legal issues with this, as it looks like a major copyright infringement. On top of legal issues though, it’s also against Twitter’s own policy. Wikileaks deleted their original tweet soon after they posted it, but another one went up later in the evening.
WikiLeaks has shared a link to the tell-all book about Donald Trump’s White House that has made waves in Washington, D.C.
In a move that appeared to have the success of Michael Wolff’s tome Fire and Fury: Inside the Trump White House firmly in its crosshairs, the organization tweeted out a link to a full PDF of the book, which may have constituted copyright infringement.
Lamo also claimed that Manning told him he physicially dropped off classified information to WikiLeaks’ “intermediaries” in Boston—who I’m sure George Webb has shared a glass of wine or two with—and yet, after the chat logs were finally published in their entirety, no where does Manning say he dropped off classified information in Boston. Nor do the chats indicate that Assange helped Manning procure any documents. Yet, despite Lamo’s blatant lies that Kevin Poulsen helped cover up, Poulsen was invited to join the Freedom of the Press Foundation’s Technology Advisory Board in 2014 and although he’s no longer listed as such, an FPF webpage for him still exists. Why FPF board members turned a blind eye to what Lamo and Poulsen did to both Manning and Wikileaks, including Glenn Greenwald who, ironically, was the one who called out Poulsen’s questionable behavior in the first place, is inexplicable.
So, for those of you that missed it because it didn’t grab a lot of headlines let me give you a head’s up on what’s been happening. The Freedom of the Press Foundation (FPF), the brainchild of Julian Assange and John Perry Barlow, decided to part ways with Wikileaks citing a lack of evidence that Wikileaks is suffering from a financial blockade. Assange addressed the FPF’s move in a letter he later released on pastebin.com but it didn’t stop the FPF board from unanimously voting to cut ties with Wikileaks. Unanimously. Micah Lee later stated that they would continue to fight for the First Amendment rights of Wikileaks “when they’re threatened,” which is the most absurd statement of the century seeing that the FPF is now doing literally nothing to support Julian Assange, Wikileaks, and its staff all of whom have been facing threats from more sides than a ShengShou Megaminx over the course of the last seven years.
As I mentioned at the beginning of the post, SecureDrop is a free software which is developed by an active community, the source code is hosted at github. The primary application is written in Flask, and various other Python modules. Feel free to look at the issues, and contribute to the project as you wish.
The Federal Energy Regulatory Commission on Monday unanimously rejected a proposal by Energy Secretary Rick Perry that would have propped up nuclear and coal power plants struggling in competitive electricity markets.
The independent five-member commission includes four people appointed by President Trump, three of them Republicans. Its decision is binding.
China’s government plans to crack down on Bitcoin mining, months after rocking the cryptocurrency world by banning initial coin offerings and shutting down exchanges.
Amazon’s counterfeit problem is well documented, but it’s easy to forget the myriad ways in which it can become your problem, too. After all, your new face mask probably won’t contain arsenic, your off-brand USB cord probably won’t fry your laptop, your made-in-China hoverboard probably won’t burn your house down, and your designer suitcase probably won’t put you on a US Customs and Border Protection blacklist for importing counterfeit goods.
Prices for some of the most popular cryptocurrencies dropped sharply Monday. One apparent reason: an adjustment from a popular website on its digital-currency price quotes.
Australia has always believed that it doesn’t have to choose between its economic relationship with China and its defense alliance with the United States. But 2018 is already shaping up to be the year of the hard choice.
It would be convenient for Australia if it was able to maintain its balancing act, but a confluence of global factors has stripped away the fiction that it can separate the economic benefits it gets from China and its post-World War II position as one of America’s closest strategic allies.
This week we’ve learned two different pieces of information from two different sources which, when put together, paint a truly disturbing picture about what’s left of Donald Trump’s physical and mental competence. First we learned about what time he tends to start the day when he’s in the White House. Then we separately learned what time he ends each day in the White House. Do the math, and we’re looking at something utterly surreal.
Donald Trump’s description of himself as a “very stable genius” sparked new debate this weekend about the 25th Amendment, but invoking the provision to remove a president from office is so difficult that it’s highly unlikely to come into play over concerns about Trump’s mental health, a half-dozen lawyers with expertise on the measure said.
The amendment’s language on what could lead a president to be involuntarily removed from office is spare, saying simply that the vice president and a majority of the Cabinet could take such a step when “the President is unable to discharge the powers and duties of his office.”
“I think it’s both its strength and its weakness,” said Jay Berman, a former chief of staff to Sen. Birch Bayh (D-Ind.), who helped craft the amendment in the 1960s. “The answer is not provided in the 25th Amendment. ... It just does not provide that certainty or specificity. That might be easier in the context of physical incapacity, but it would be a lot harder in the case of mental incapacity.”
Is there any mystery as to what is happening on the domestic front? The tax bill is nothing other than a looting of the nation for the sake of the 1%. It is thinly disguised pillage.
The associated cuts in social programs represent a giant step in the Republican project of the past 40 years to repeal a century of progressive legislation. In case you wonder, the Republicans’ point of reference is not the 1920s, but rather the Gaslight Era of the 1890s – before the federal income tax was introduced.
This is historic — a reactionary revolution without precedent. It is reshaping American society in fundamental ways that will endure.
Late last year, we brought to you the story of Dennis Prager, noted conservative commentator, suing YouTube, noted place where you can watch videos, because the site had put some of his videos into restricted status to keep them from the eyes of younger users. The case is still ongoing and is still strange for many reasons, including Prager asserting his lawsuit on First Amendment grounds, his insisting that YouTube is a public forum and not a private company, and his belief that the Section 230 protections that protect YouTube from every last bit of this somehow don't apply.
As you likely recall, last week, lawyer Charles Harder* sent a letter on behalf of Donald Trump threatening to sue former advisor Steve Bannon, author Michael Wolff, and publisher Henry Holt for defamation having to do with the publication of Wolff's new book about Trump. The full letter to Wolff and Henry Holt & Co. was published by the Hollywood Reporter and does not list out any statements that are claimed to be defamatory -- which is often a hallmark of a totally bumptious defamation threat.
If you spend much time on political Twitter -- or the more fun elements of the self-described "Weird Twitter" -- then you're probably already quite aware of the truly wonderful @pixelatedboat account. That account's biggest claim to fame is Milkshake Duck (the best absurdist encapsulation of how the internet frequently builds up some new internet superstar out of nothing, only then to discover their hero has flaws...), but the account also has a very long (and very amusing) history of posting "fake screenshots."
Radio 4 presenter Laurie Taylor has hit out at ‘timorous’ BBC bosses, accusing them of censoring the Corporation’s output to curry favour with politicians threatening its licence fee.
The sociologist and broadcaster, who has presented the station’s acclaimed Thinking Allowed series for 20 years, told Radio Times that the BBC had become over-cautious.
The #MeToo movement, in which women have bravely come forward to tell their stories of sexual abuse and harassment, has dominated conversation in the United States and much of Europe in recent months. The movement has been slower to catch on in China, though, where social and political movements are often suppressed. However, the tide is slowly beginning to turn, as some women in China are launching their own #MeToo movement, called #WoYeShi, and making history with their activism.
The Centers for Disease Control and Prevention (CDC) says it “has not banned, prohibited, or forbidden” the use of certain words in official documentation, the agency director says in response to concerns from Senate Democrats.
Democrats had been concerned, they said last month, “that the Trump Administration is yet again prioritizing ideology over science” after reports claimed agencies within the Department of Health and Human Services (HHS) had banned employees from using words including “fetus,” “vulnerable” and “science-based.”
CDC Director Brenda Fitzgerald told Sen. Brian Schatz (D-Hawaii) in a letter released Tuesday the HHS style guide does recommend avoiding the use of “vulnerable,” “diversity,” and “entitlement.” Fitzgerald added that CDC recommends substituting the colloquial “ObamaCare” for “Affordable Care Act” or “ACA.”
A new German law designed to prevent, remove and prosecute ‘hate speech’ online has come into full effect, which could set a precedent for the rest of the world.
The law is called Netzwerkdurchsetzungsgesetz, mercifully abbreviated to NetzDG. Germany started to implement it last year, but only unleased its full force at the start of this year. Inevitably some Germans with a position on this law have sought to test its boundaries, with both polemicists and satirists having social media posts taken down according to Politico.
These early anecdotes serve to illustrate the immense challenge faced by anyone looking to legislate supposed hate speech out of the public domain.
Germany has a tough new law, effective on this New Year’s Day, written to curtail “hate speech” on social media. Critics are afraid that it is government overreach, and that its enforcement will also infringe on free speech rights and is akin to censorship. Some argue that at the heart of the measure is the shoring up of Angela Merkel’s reputation, which has been damaged as a result of the erstwhile immigration fiasco which has seen Muslims vilified by speech considered “hateful”.
Senior figures in the rival Free Democratic (FDP), Green and Left parties on Sunday demanded lawmakers replace Germany's recently passed online hate speech law. The call comes after Twitter decided to delete allegedly offensive statements by far-right politicians and suspend the account of a German satirical magazine.
"The last few days have emphatically shown that private companies cannot correctly determine whether a questionable online statement is illegal, satirical or tasteless yet still democratically legitimate," the FDP's general secretary Nicola Beer (pictured above) told Germany weekly Die Welt am Sonntag.
A Toronto-born app has become a go-to tool for millions of Iranians looking to break through Tehran’s repressive internet censorship.
Now just over a decade old, firewall circumvention app Psiphon is arguably the most easy-to-use and effective way to bypass state internet control. In recent weeks, it has become a popular way for protesters in Iran to break through the regime's "filternet," blocking entire websites and apps for the country’s 80 million citizens and sometimes cutting off internet altogether.
Since protests cropped up across Iran at the end of 2017, Psiphon reports that its usage has skyrocketed.
After I’d eaten, I wrote back to the biennale staff member, and he finally informed me that my work had been pulled. The work involved a photo taken a decade earlier in 2007 of a “nail household” [éââ°Ã¥ÂÂæË· dīngzi hù] (I’m just using the common parlance here), and what had been exhibited this time was the image airbrushed onto a piece of plywood propped up by a steel frame. I was astonished: At the opening just the night before, the work sat untouched below the windowsill of the old repurposed building. Moreover, for a decade, this work has been shown many times in China (yes, inside China), and I had assumed it was a work with a high “safety factor.”
This is the end of one contractor's twenty-year run on supposedly ultra-secure systems. Martin cannot possibly be the only contractor whose work has made its way out of the office. The Intelligence Community's oversight has pointed out the half-assed job being done to secure things post-Snowden. Martin is just an embodiment of the IC's ideals: more focused on collecting data than making sure the collected info remains secure.
It is nearly 30 years since the wall separating East and West Berlin came down, and yet work is still going on to deal with the toxic political legacy of East Germany. As Techdirt readers are well aware, one of the defining characteristics of the regime in East Germany was the unprecedented -- for the time, at least -- level of surveillance inflicted on citizens by the Stasi (short for Staatssicherheitsdienst, or State Security Service). This led to the creation of huge archives holding dossiers about millions of people.
As it became clear that East Germany's government would fall, and that its long-suffering citizens would demand to know who had been spying on them over the years, Stasi officers began to destroy the most incriminating documents. But there were so many files -- a 2008 Wired article about them says they occupied 100 miles of shelving -- that the shredding machines they used started to burn out. Eventually, Stasi agents were reduced to tearing pages by hand -- some 45 million of them, ripping them into around 600 million scraps of paper.
Multiple nonprofit organizations and policy think tanks, and one company have recently joined ranks to limit broad NSA surveillance. Though our groups work for many causes— freedom of the press, shared software development, universal access to knowledge, equal justice for all—our voices are responding to the same threat: the possible expansion of Section 702 of the FISA Amendments Act.
On January 5, the Rules Committee for the House of Representatives introduced S. 139. The bill—which you can read here—is the most recent attempt to expand Section 702, a law that the NSA uses to justify the collection of Americans’ electronic communications during foreign intelligence surveillance. The new proposal borrows some of the worst ideas from prior bills meant to reauthorize Section 702, while adding entirely new bad ideas, too.
The Supreme Court announced today that it will not review a lower court’s ruling in United States v. Mohamud, which upheld warrantless surveillance of an American citizen under Section 702 of the Foreign Intelligence Surveillance Act. EFF had urged the Court to take up Mohamud because this surveillance violates core Fourth Amendment protections. The Supreme Court’s refusal to get involved here is disappointing.
Using Section 702, the government warrantlessly collects billions of communications, including those belonging to a large but unknown number of Americans. The Ninth Circuit Court of Appeals upheld this practice only by creating an unprecedented exception to the Fourth Amendment. This exception allows the government to collect Americans’ communications without a warrant by targeting foreigners outside the United States, known as “incidental collection.”
We wish the Supreme Court had stepped in to fix this misguided ruling, but its demurral shouldn’t be taken to mean that Section 702 surveillance is totally fine. Some of the most controversial aspects of these programs have never been reviewed by a public court, let alone the Supreme Court. That includes “backdoor searches,” the practice of searching databases for Americans’ incidentally collected communications. Even in deciding Mohamud, the Ninth Circuit refused to address the constitutionality of backdoor searches.
Google Assistant is seeking a popularity boost by coming to gadgets with screens—a move Amazon already made with Alexa.
In an attention economy, data about what we pay attention to, how much, and for how long, are absolutely crucial predictive behaviors. And in the hands of a government which makes the crucial mistake of using it to predict pre-crime, the results can be disastrous for the individual and plain wrong for the government.
It’s no secret that Amazon wants to crush the voice assistant competition, but now we have a better idea how it plans to do it.
On Friday, a classified memo announcing that Mike Rogers, director of the US National Security Agency (NSA), would be retiring in the spring was leaked to the public.
Though an official announcement of his retirement has not yet been made, the leaked notice suggests that a successor will be nominated and approved by the US Senate by the end of January.
However, Kirk Wiebe, a former NSA senior analyst and renowned national security whistleblower, says his focus is more on the next NSA chief's ability to do what's right.
Multiple nonprofit organizations and policy think tanks, and one company have recently joined ranks to limit broad NSA surveillance. Though our groups work for many causes— freedom of the press, shared software development, universal access to knowledge, equal justice for all—our voices are responding to the same threat: the possible expansion of Section 702 of the FISA Amendments Act.
On January 5, the Rules Committee for the House of Representatives introduced S. 139. The bill—which you can read here—is the most recent attempt to expand Section 702, a law that the NSA uses to justify the collection of Americans’ electronic communications during foreign intelligence surveillance. The new proposal borrows some of the worst ideas from prior bills meant to reauthorize Section 702, while adding entirely new bad ideas, too.
The NSA has been steadily shedding staff ever since the agency introduced draconian internal rules to stop potential new Snowden-inspired whistleblowers, former NSA technical director William Binney told RT.
“The NSA has launched an internal program called ‘See something, say something,’” Binney, said, further explaining that the new internal code of conduct encourages agency employees to actually spy not only on their targets, but also on their fellow colleagues. The aim of this new measures were to prevent employees from becoming “another Edward Snowden,” he said.
However, the new draconian rules actually backfired as employees started leaving the agency in droves, with few people willing to fill the vacant posts. The new rules “create a very hostile, bad working environment,” Binney said. He added that the extreme precautionary measures taken by the NSA to prevent internal leaks after Snowden’s move “destroyed the moral of people doing work there.”
Former NSA analyst Ira Winkler described whistleblower Edward Snowden as a traitor and a sociopath to RT.com, and said the agency needs to seriously revise its staff security training.
Speaking to RT as part of our YouTube ‘Cyber Security Series,’ filmed at the European Cyber Threat Summit in Dublin, Winkler argued that anyone could have pulled off Snowden’s leaking of NSA documents “if they were a sociopath themselves.”
Snowden allegedly accessed classified NSA data on the agency's mass surveillance program, which he later leaked to the world, by persuading up to 25 workers to give him login keys and passwords.
U.S. Customs and Border Protection (CBP) issued a new policy on border searches of electronic devices that's full of loopholes and vague language and that continues to allow agents to violate travelers’ constitutional rights. Although the new policy contains a few improvements over rules first published nine years ago, overall it doesn’t go nearly far enough to protect the privacy of innocent travelers or to recognize how exceptionally intrusive electronic device searches are.
Nothing announced in the policy changes the fact that these device searches are unconstitutional, and EFF will continue to fight for travelers’ rights in our border search lawsuit.
Below is a legal analysis of some of the key features of the new policy.
When the San Diego police targeted black children for DNA collection without their parents' knowledge in 2016, it highlighted a critical loophole in California law. Now, State Assemblymember Gonzalez Fletcher has introduced legislation—A.B. 1584—that would ensure cops cannot stop-and-swab youth without judicial approval or parental consent. EFF strongly supports this move.
A.B. 1584 would require law enforcement to obtain a court order, a search warrant, or the written consent of both the minor and their parent or legal guardian before collecting DNA from the minor, except in a few narrow circumstances when DNA collection is already required under existing law.
Facial recognition is the new hot tech topic in China. Banks, airports, hotels and even public toilets are all trying to verify people's identities by analysing their faces.
Back in the United States, Pacifica Foundation, the owner of radio stations KPFA, KPFK, KPFT, WBAI and WPFW, faces potential asset seizures by New York City landlord Empire State Realty Trust beginning this week. The threat of asset seizures stems from a lawsuit won by Empire State Realty Trust against Pacifica Foundation for $1.8 million in back antenna lease payments owed by the network’s New York City station WBAI. WBAI’s antenna sits on the Empire State Building. Among the assets at risk are California properties that house Pacifica Foundation’s headquarters and its Berkeley station KPFA. Pacifica Foundation is the oldest listener-supported radio network in the country. It was founded in Berkeley, California, in 1949 by war resister Lewis Hill.
Evidence suggests US authorities deliberately conceal the facts about how they found information in a criminal case and may be doing so regularly, Human Rights Watch said in a report released today. Withholding these facts to cover up investigative practices, including potentially illegal ones, harms defendants’ rights and impedes justice for human rights violations.
t's past midnight. Over the whump of the wipers and the screech of the fan belt, we lurch through the side streets of Southeast Portland in a battered white van, double-checking our toolkit: flashlight, binoculars, duct tape, scissors, watch caps, rawhide gloves, vinyl gloves, latex gloves, trash bags, 30-gallon can, tarpaulins, Sharpie, notebook--notebook?
Well, yes. Technically, this is a journalistic exercise--at least, that's what we keep telling ourselves. We're upholding our sacred trust as representatives of the Fourth Estate. Comforting the afflicted, afflicting the comfortable.Pushing the reportorial envelope--by liberating the trash of Portland's top brass.
Prompted by a diverse grassroots movement, much of the country continues to debate important proposed policing reforms at the local level. Many local policing campaigns that EFF supports focus on ending the era of law enforcement agencies acquiring surveillance equipment in secret. The latest campaign to prove successful secured a new law advancing transparency in New York City not only in policy, but also on the ground: the Right to Know Act.
Adopted in a two-part measure, the Right to Know Act responds to the experience of New Yorkers and visitors subjected to law enforcement stops, frisks, and searches of personal possessions including digital devices like cell phones and tablets. The City Council’s passage of the measures comes in spite of fear-mongering and falsehoods promoted by police unions.
We know the right to vote of every American is sacred and should be safeguarded. Why doesn’t the Trump administration?
On Wednesday, the ACLU will be in the Supreme Court, defending a victory that preserved the voting rights of thousands of Ohio voters in the 2016 election.
Along with Dēmos and the ACLU of Ohio, we represent the Ohio A. Philip Randolph Institute, the Northeast Ohio Coalition for the Homeless, and Larry Harmon, an Ohio voter. Together, we’ve challenged a voter purge process in Ohio, under which registered voters who do not vote during a two-year period are targeted for removal from the rolls. Here’s how it works: If you don’t vote for two years, Ohio sends you a nondescript notice in the mail, and if you don’t return it or vote in the next two federal elections cycles, they kick you off the rolls. With respect to your right to vote, Ohio is essentially saying, “Use it or lose it.”
ACLU of Kentucky warns state department of education to set strict standards and guidelines for elective Bible courses.
At Letcher County Central High in Whitesburg, Kentucky, students enrolled in the school’s elective Bible courses are instructed by one worksheet to “[d]o your best to build close relationships with other Christians, so that you may help one another through tough times.”
Another worksheet used in the same class asks students, “What are some promises in the Bible that God gives everyone who believes in him?”
Both curricular materials were sourced through “Teen Sunday School Place,” an online database of Sunday school lessons. Letcher County Bible course students are also encouraged to take part in religious activities, such as Bible Club.
This is flagrantly unconstitutional but, unfortunately, not surprising: While it is technically possible for a public school to offer a course focusing solely on the Bible that complies with the Constitution, it’s very difficult to actually do, even with the best of intentions. And many public schools that offer such courses purposefully use them as vehicles to proselytize students and involve them in religious activities.
It’s easy to think the internet sucks these days. My day job is defending net neutrality and getting people to care about privacy and the like. From that perch, it more often than not feels like things are getting worse on the internet.
So, I thought I’d share an experience that reminded me that the internet doesn’t suck as much as we might think. In fact, in many moments, the internet still delivers all the wonder and empowerment that made me fall in love with it 25 years ago.
The experience in question: my two sons Facetimed me into their concert in Toronto last week, lovingly adding me to a show that I almost missed.
There are a few ways to save net neutrality. Only one has a chance at success in the short term.
Senate Democrats today reached an important milestone in the path to saving net neutrality after the Federal Communications Commission announced last month it would roll back protections from discrimination by internet service providers.
A variety of proposals have been floated at the local and federal level to chip away at the FCC’s giveaway to the big telecommunications companies. But there are really only three ways to fully roll back the rollback. A federal court could rule in favor of the advocacy groups, states, and tech companies who will challenge the FCC action. However, complex legal challenges can take years. The FCC itself could reverse course and undo its decision. But given that the agency just voted along party lines to do away with net neutrality, it’s very unlikely the FCC would do an about-face until the White House changes hands.
Restore Net Neutrality Protections
Only one of the rollback options has a chance of making a difference in the near term. A law called the Congressional Review Act allows Congress to follow special expedited procedures to overturn agency actions with which it disagrees. Congress has 60 legislative days to act once the agency action has been formally posted and presented to the House and Senate. (Given the convoluted way that Congress counts a legislative day, our best guess is that the clock would run out in early to mid-June or so.) While the countdown hasn’t started yet, Democrats announced today that they have succeeded in getting the minimum 30 names necessary to force a vote.
Markey announced his intention to file a resolution of disapproval in December, just after the FCC voted on new rules that killed net neutrality protections from 2015. These new rules were officially published last week, and with 30 sponsors, Markey can make the Senate vote on whether to consider overturning them. If this happens, it would lead to a debate and final vote.
Part of me wonders if the customer support has got worse recently, or if I’ve just been lucky. We had a problem about 6 months ago which was clearly a loss of signal on the line (the modem failed to see anything and I could clearly pinpoint when this had happened as I have collectd monitoring things). Support were insistent they could do a reset and fix things, then said my problem was the modem and I needed a new one (I was on an original v1 hub and the v3 was the current model). I was extremely dubious but they insisted. It didn’t help, and we ended up with an engineer visit - who immediately was able to say they’d been disconnecting noisy lines that should have been unused at the time my signal went down, and then proceeded to confirm my line had been unhooked at the cabinet and then when it was obvious the line was noisy and would have caused problems if hooked back up patched me into the adjacent connection next door. Great service from the engineer, but support should have been aware of work in the area and been able to figure out that might have been a problem rather than me having a 4-day outage and numerous phone calls when the “resets” didn’t fix things.
As we've been tracking, there are several routes net neutrality advocates should support if they want to reverse the FCC's attack on net neutrality. The best path forward remains with the courts, where the FCC will need to explain why it ignored the public, the experts, 1,000 startups, and all objective data as it rushed to give a sloppy kiss to Comcast, AT&T and Verizon. It will also need to explain why it made up a DDOS attack and blocked a law enforcement investigation into rampant comment fraud during the proceeding; both apparently ham-fisted attempts to downplay legitimate public opposition to the plan.
But we've also noted how there's an effort afoot by net neutrality advocates and Senator Ed Markey to use the Congressional Review Act to overturn the FCC's vote. Under the CRA, Congress can overturn a regulatory action with a majority vote if the Act is used within 60 days of said action. It's what the Trump administration and the GOP used early last year to kill broadband privacy protections before they were scheduled to take effect.
I spend a lot of time thinking about the intersection of FDA regulation and intellectual property, and I have been constructing a large dataset relating to the patents claiming different types of FDA-regulated products. Recently, I have also been thinking a great deal about the regulation of food (because Mizzou is now allowing me to teach Food Law & Policy, in addition to Drug & Device Law). These two areas of interest intersected this past week, giving me some modest insights into premarket review of food additives and some very modest data to contribute to discussions about the (in?)efficiency of FDA’s food additive review process.
[...]
It’s hard to reach any grand conclusions from a set of 15 food additive petitions. But based on this review, I am inclined to be concerned about the length of time FDA takes reviewing food additive petitions and about the impact of the entire process on patent life. Some food additives can play an important role furthering the public health (for instance, artificial sweeteners play an important role for diabetics). Without digging further into FDA’s review of these particular food additives, which I have not done, it is hard to say what is causing the delays. But delays in the interest of chasing down vanishingly small chances of harm, when Congress did not mandate absolute harmlessness, would be concerning.
Although non-precedential, the Federal Circuit decision in Aptalis Pharmatech, Inc. v. Apotex Inc. is worth a read to see how the court “tiptoes” the “fine line between reading a claim in light of the specification, and reading a limitation into the claim from the specification.” Here, the court also notes that the prosecution history can inform claim meaning even without clear and unmistakable disclaimer of claim scope.
The drugmaker believed the erectile dysfunction drug might help a rare and deadly muscle-wasting disease that afflicts boys. The drug didn’t work — but under a law that promotes pediatric research, Lilly was able to extend the Cialis patent anyway for six months — and that’s worth a lot when a medication brings in over $2 billion a year.
Critics say the brand-name drugmakers are “gaming” the patent system, finding all sorts of ways to protect monopolies and delay competition from generics. And Alex Azar — the former president of Eli Lilly's U.S. operations, now poised to become the top U.S. health official — professes to oppose such tactics.
But the tension between his past actions as a drug executive and his likely future as the nation’s top health official are evident in both the Cialis story and in Lilly’s tripling of the price of insulin.
A 34-year-old man from the UK has agreed to pay Sky €£5,000 after the broadcaster tracked an illegal Facebook stream of the 2017 Joshua v Klitschko fight to his account. Craig Foster, who was warned of a potential €£85,000 award should the case go to court, claimed that he wasn't responsible. Backtracking, he says he now wants a fight with Sky.
"Artists can't choose to be or not to be on Spotify in reality, because there's nothing else in the end. If Spotify doesn't follow the rules from these companies, they are f**ked as well. The dependence is higher than ever."
Though these allegations have since been proven to be inaccurate, the situation seems far from resolved. A spokesperson on behalf of Radiohead has shared with The Sun that “both teams are trying to thrash it out behind the scenes to prevent going to court.” “It’s understood that Radiohead’s team are hoping for the band to either receive compensation or be credited on the list of songwriters to receive royalties.”
A musician who made a 10-hour long video of continuous white noise - indistinct electronic hissing - has said five copyright infringement claims have been made against him.
Sebastian Tomczak, who is based in Australia, said he made the video in 2015 and uploaded it to YouTube.
The claimants accusing him of infringement include publishers of white noise intended for sleep therapy.
"I will be disputing these claims," he told the BBC.
Under the agreement, users will be able to upload and share videos on Facebook, Instagram and Oculus that contain compositions licensed from Sony/ATV’s catalog as well as personalize their music experiences with songs from the catalog.
Facebook recently inked a similar deal with Universal Music, but Sony is the largest music publisher in the world. With two of the three biggest services signed, it's expected that Zuckerberg & Co. will ink a deal with the last holdout, Warner Music, soon.
These types of partnerships can help Facebook better challenge tech companies like Spotify and YouTube, which has deals with UMG and Warner Music Group.