In 2017, DevOps darling Docker decided to start calling the Docker open-source project by a new name, Moby – a decision the containerization upstart knew would be confusing and in fact baffled many developers at the time.
The rebranding effort, initiated as a GitHub pull request by company co-founder and then-CTO Solomon Hykes, has now been answered with a GitHub issues post to undo the name change, as if it were a vulnerability.
For developer Asim Aslam, who proposed the name reversion earlier this week, the switch to Moby harmed the project and its developer community and represents a liability.
"Moby was a confusing rename that largely did not contribute any value to the ecosystem and I'd argue actually hurt Docker adoption since it moved this project to something that was supposed to be a neutral home but perhaps on reflection was not as effective as assumed," he said in his post.
**/usr/bin/u*** of the util-linux package, plus listener feedback.
Linux Founder Linus Torvalds announced the Linux 5.4 release on the Linux Kernel Mailing List (lkml) saying: “Not a lot happened this last week, which is just how I like it.”
With 5.4 out the merge window for Linux 5.5 is now open. But Linus cautions that the American tradition of Thanksgiving may get in the way.
But what are the changes in this latest kernel update? Read on for a summary of key Linux 5.4 features and changes.
Just hours after Linus Torvalds released Linux 5.4, the GNU folks maintaining "GNU Linux-libre" released their v5.4 kernel that continues "deblobbing" the kernel for ensuring no proprietary firmware/microcode can be loaded by the drivers nor support for loading closed-source kernel modules.
Besides the deblobbing activities, there isn't any other kernel changes but just striving for a 100% free software Linux kernel downstream. Linux 5.4 itself does bring a long list of new features.
GNU Linux-libre 5.4-gnu sources and tarballs are now available at <http://www.fsfla.org/selibre/linux-libre/download/releases/5.4-gnu/>. It didn't require any deblobbing changes since -rc7-gnu, the first published rc-gnu. Binaries are on the way.
The bulk of the changes in deblob-check this cycle have to do with an attempted broadening of the potential firmware name patterns, that led to the addition of matchers for many false positives. I couldn't complete it in this cycle, but I left the new false positives in place, and a WIP comment next to the potential firmware name pattern indicating what I was getting at. Contributions are welcome ;-)
There was only one new driver that required deblobbing, or rather disabling of blob loading: an ethernet driver for Intel Ethernet Connection E800 Series. Various other drivers needed adjustments to account mostly for updated blob names, but also occasional code movement: safexcel, amdgpu, i915, i2400m, i1480u, nitrox, r8169, touchscreen_dmi, and skylake sound. The last remnants of the netx driver were removed, and so the corresponding deblobbing could be dropped as well.
I noticed that cleaned-up scripts were losing the executable bit, and arranged for it to be retained.
The one decision I wasn't so sure about in this cycle was in a new driver in drivers/net/wireless/ath/ath9k, namely ath9k_pci_owl_loader.c, activated by ATH9K_PCI_NO_EEPROM. IIUC, it's initialization data, such as the MAC address, for ath9k cards that have had the EEPROM chip holding it removed. If there's any actual code there, since it's ath9k, I assumed it would be Free Software, though I couldn't quite find any evidence that there's any code whatsoever in there. Even if there is, the firmware image, with MAC address and all, is specific to an individual card, presumably extracted from it or custom-designed for it, so I conclude there's no harm done in enabling it to be loaded.
Please let me know if you find that I've based my reasoning on incorrect information.
For up-to-the-minute news, join us on #linux-libre of irc.gnu.org (Freenode), or follow me (@lxoliva) on Twister <http://twister.net.co/>, Secure Scuttlebutt, GNU social at social.libreplanet.org, Diaspora* at pod.libreplanetbr.org or pump.io at identi.ca. Check my web page (link in the signature) for direct links.
Be Free! with GNU Linux-libre.
What is GNU Linux-libre? ------------------------
GNU Linux-libre is a Free version of the kernel Linux (see below), suitable for use with the GNU Operating System in 100% Free GNU/Linux-libre System Distributions. http://www.gnu.org/distros/
It removes non-Free components from Linux, that are disguised as source code or distributed in separate files. It also disables run-time requests for non-Free components, shipped separately or as part of Linux, and documentation pointing to them, so as to avoid (Free-)baiting users into the trap of non-Free Software. http://www.fsfla.org/anuncio/2010-11-Linux-2.6.36-libre-debait
Linux-libre started within the gNewSense GNU/Linux distribution. It was later adopted by Jeff Moe, who coined its name, and in 2008 it became a project maintained by FSF Latin America. In 2012, it became part of the GNU Project.
The GNU Linux-libre project takes a minimal-changes approach to cleaning up Linux, making no effort to substitute components that need to be removed with functionally equivalent Free ones. Nevertheless, we encourage and support efforts towards doing so. http://libreplanet.org/wiki/LinuxLibre:Devices_that_require_non-free_firmware
Our mascot is Freedo, a light-blue penguin that has just come out of the shower. Although we like penguins, GNU is a much greater contribution to the entire system, so its mascot deserves more promotion. See our web page for their images. http://linux-libre.fsfla.org/
What is Linux? --------------
Linux is a clone of the Unix kernel [...]
(snipped from Documentation/admin-guide/README.rst)
-- Alexandre Oliva, freedom fighter he/him https://FSFLA.org/blogs/lxo Free Software Evangelist Stallman was right, but he's left :( GNU Toolchain Engineer FSMatrix: It was he who freed the first of us FSF & FSFLA board member The Savior shall return (true);
The GNU Linux-libre community announced today the release and general availability of the GNU Linux-libre 5.4 kernel for those seeking 100% freedom for their personal computers. Based on the recently released Linux 5.4 kernel series, the GNU Linux-libre 5.4 kernel is here to remove any proprietary drivers and code that's present in the upstream kernel, those providing a 100% libre, free Linux 5.4 kernel for those who don't want to run any proprietary software on their PCs.
Fortunately, for the GNU Linux-libre 5.4 kernel, only one new driver required deblobbing, namely an Ethernet driver for the Intel Ethernet Connection E800 Series networking cards, but several other drivers required updated blob names and there's also some cleaning as well for the amdgpu, i915, i1480u, i2400m, nitrox, r8169, safexcel, and touchscreen_dmi drivers.
"The one decision I wasn't so sure about in this cycle was in a new driver in drivers/net/wireless/ath/ath9k, namely ath9k_pci_owl_loader.c, activated by ATH9K_PCI_NO_EEPROM," said developer Alexandre Oliva. "If there's any actual code there, since it's ath9k, I assumed it would be Free Software, [...] so I conclude there's no harm done in enabling it to be loaded."
Following up on our report for our contributions to Linux 5.3, here’s a list of Purism’s contributions to the Linux kernel for the 5.4 cycle. We contributed 20 patches including improving the devkit’s IMU and panel drivers, made more preparation for a mailine display stack and the submitted the first fixes for bugs that cropped up during the Librem 5 Aspen board bringup:
Months ago we reported on vendors and cloud providers being interested in restoring parallel CPU microcode updates on Linux for helping large core count servers. With Linux 5.5 that change is coming.
Oracle and other cloud providers have been wanting late CPU microcode updates to be applied in parallel in order to reduce the downtime of systems on servers with many cores. The parallel microcode updating had been dropped in Linux following the Spectre vulnerabilities with a shift to sequential CPU microcode updating. With this revised implementation, updating microcode on multiple CPU cores is done concurrently so as long as only the first thread of each CPU core is updated while any sibling thread waits for the update to complete.
Penguin is a free and open source subtitle player. It is available for Linux, macOS and Windows.
If you are using Ubuntu-based distribution, you can use this PPA to easily install Penguin subtitle player.
There are a few things to keep in mind while using Penguin subtitle player.
Not all video files and subtitle files are made for each other. Subtitle synchronization is a common problem so you’ll have to make sure that the subtitle you downloaded is best suited for the video you want to play.
Most video players, even the one embedded on the websites, allow to pause and play the video with the space key. Unfortunately, there is no keyboard shortcut to pause the Penguin subtitle player. In other words, you cannot pause the video and the subtitle player in one keystroke.
Ahead of the release next month, Urban Games have now put out an actual gameplay trailer for Transport Fever 2. Releasing on December 11, Transport Fever 2 is looking like it takes all the good bits from the first game and added a whole lot more.
It will have over 200 vehicles to manage including trains, buses, streetcars, trucks, aircraft and ships from 1850 to the present day. There's also three different campaigns with "20 hours" play time, a free play mode to do whatever you want and a map editor with modding and Steam Workshop support.
Ready for another great point and click adventure game? LUNA The Shadow Dust looks awesome, it has an amazing soundtrack and it's going to release for Linux in February 2020.
From the all-Chinese developer Lantern Studio, they're getting a helping hand from Application Systems to bring it to Western audiences and it sounds like development has been going well. A bit of a delay though, as publishing games in China has become increasingly difficult and the queue to get an official license is long. Their Chinese publisher, Coconut Island, started the procedure a year ago but they finally have what they need.
If you’re a gamer, you’re probably unsatisfied with the performance of many PC games. Although you might be a fan of them, you could do without a few things. Thankfully, you can achieve this if you decide to use a gaming server. Below, we’ll be discussing how beneficial it can be, along with its disadvantages. If you’re interested, be sure to keep reading.
Android and iOS may currently dominate the smartphone operating system space, but a one-time rival is still alive and kicking. It’s just not designed to run on phones anymore.
Last year LG released webOS Open Source Edition in an effort to bring the software to new platforms. And a series of recent updates have added support for new hardware and laid the groundwork for webOS OSE to be used in automotive systems as well as other types of products,
It’s always interesting to look into mainline Linux changelog either to find out about new software features, but also new hardware platform.
Google has updated its Mendel Linux release for its high-performance Coral developer board and its add-on Coral system-on-module (SoM).
Google's Coral hardware came out of beta last month and at the time it promised to deliver a new version of Mendel based on Debian 10 Buster — the same version of Debian that the Raspberry Pi Foundation built on for the latest version of its standard Raspbian OS. Coral developers can now test version 4.0 of Google's customized Debian OS.
The new Mendel Linux 4.0 Day also comes with upgraded GStreamer pipelines and support for Python 3.7, OpenCV, and OpenCL. And it's updated the Linux kernel to version 4.14 and U-Boot to version 2017.03.3.
This week’s open-source project of the week is Sourcetrail, a cross-platform source explorer that helps users get productive on unfamiliar source code.
It uses static analysis on C, C++, Java and Python source code and lets users navigate the collected information within a user interface that interactively combines graph visualization and code display.
With the drop of its commercial license, the developers behind Sourcetrail said that they will continue their quarterly release cycle and will provide customer support as long as the user’s “Sourcetrail – Commercial User License” qualifies for it.
Open source software — that is, software that is licensed with its source code so anyone can freely modify, share and distribute their enhancements — is nearly as old as the computer industry itself. In 1953, Remington Rand’s UNIVAC division released its A-2 system with source code and invited its customers to send back improvements. That practice of sharing code to make software better has not only survived through to the present day, but it thrives on the modern internet, where a significant portion of the internet’s own infrastructure is built on open source software.
There’s no shortage of proprietary software in the marketplace, but open source software continues to flourish. The collaborative spirit of open source — the idea that everyone can and should be able to contribute to making a good thing better — is what allows it to endure. WordPress, for example, is one of the biggest success stories in open source, and today powers a whopping 34% of internet websites.
Mobile connectivity is at the heart of the digital economy. Its evolution has touched virtually every industry and technologies that lie over the horizon will be driven by it. Consumers have an insatiable appetite for data. They want blazing-fast data in remote areas and a host of functionality. Only more evolved mobile connectivity can meet their demands.
Recently, Xrpgen.com announced that XAG code has been open source. It is reported that XAG project was launched on July 18, 2019. It is a public chain group developed based on the underlying technology of XRP blockchain network, with multiple sub chains. XRP currently ranks the third in the global mainstream digital asset circulation market value. Its network system is mainly used to provide financial institutions with safe and fast cross-border payment tools, so that the asset value can be transmitted and exchanged on the Internet as information.
Ever wanted a note taking tool that supports Markdown? QOwnNotes may be worth a look (or two) if that is the case.
QOwnNotes is a cross-platform open source note taking program for Windows, Linux and Mac Os X that saves notes locally and optionally in the cloud using ownCloud or NextCloud.
An organization based on donations will face austerity at times. Wisely allocating volunteers demands a constant reshuffling of the deck of priorities. That takes rapid communication that isn’t always easy within large, monolithic structures — organizational or technological.
The American Red Cross knows that all too well. It has found that less monolithic open-source models are the answer in both cases. “We try to be good stewards of donor dollars,” said Matthew Cascio (pictured), executive director of enterprise web systems marketing technology at the Red Cross.
Village Roadshow is spearheading a new effort to obtain Federal Court orders directing major Australian ISPs to block their customers from accessing eighty-seven online services accused of facilitating piracy. The effort is backed by Netflix Studios, the production arm of the streaming leviathan, as well as a group of US movie studios, Hong Kong’s Television Broadcasts Limited (TVB), and Australian distributor Madman Anime Group.
In addition to sites that offer illicit streaming, BitTorrent or direct downloads, and links to sites that provide search or index services for pirate material, the application, which seeks orders under Section 115a of the Copyright Act, also targets services offering unauthorised subtitle downloads and the home page of the Popcorn Time software.
On Thursday, Japan-based BOOSTRY launched the website of its open-source initiative, ibet. Through ibet, the blockchain bonds firm plans to release its token templates, smart contracts, and trading code to the public.
Huawei has launched a new data platform that aims to handle the explosion of data from video and IoT devices, while removing the technical complexity of data infrastructure. The Chinese firm also teased an open source data virtualisation engine, OpenHetu, that’s due to be released in 2020.
Data virtualisation is an approach to data management that lets an application retrieve and manipulate data, while abstracting away the technical details of how that data is stored. OpenHetu will come with an open-source kernel, Huawei said, meaning developers can add “data source extensions and SQL execution policies, to allow fast interoperability and development.”
For many, open source software has a certain “Wild West” image associated with it. In contrast to proprietary software, which can be viewed as stodgy, expensive, and confining, open source software seems to let you do whatever you want at little or no cost, providing the ultimate in technological freedom. Both of these viewpoints are gross oversimplifications. Nevertheless, the idea of open source as an unconventional solution persists.
The reality, on the other hand, is that open source is all around us and is currently used in many popular and well-known software applications that are either fully open source or built on open source components.
The Fusion Foundation, the overseers of the Fusion blockchain, announced that the latest version of its DCRM (Distributed Control Rights Management System) will be released next week as an open-source implementation. DCRM is a cryptographic technology that enables various digital assets to be mapped on and off the Fusion blockchain seamlessly and securely. DCRM is a complete interoperability and bridge solution that is decentralized, efficient and secure.
The Fintech Open Source Foundation (FINOS) announced Wednesday that it's Platinum member investment bank Goldman Sachs would make its visual modeling software "Alloy" open source. "Alloy" is based on a modeling language known as "PURE," which will also be open-sourced.
The announcement was made during the Open Source Strategy Forum in New York City.
"Open source technology is setting us on a path to greater collaboration and building mutual understanding," co-chief data officer at Goldman Sachs Neema Raphael said. "PURE and Alloy have grown to become critical tools within our firm across the trade lifecycle that help us price; assess and evaluate risk; clear transactions; and perform regulatory reporting. We've only scratched the surface though -- we'll unlock tremendous value for the industry when we co-develop and share models."
Monitoring a live network and ensuring that it stays up can be a taxing job, which is why systems administrators need network monitoring tools. These tools can give them a clear idea of how well the systems, applications, and devices on their networks are performing in real-time, and even how they perform across time. Instead of waiting for an error to occur or for the network to experience downtime, systems administrators can employ network monitoring tools to ensure that they spot issues and address them before they cascade across the entire network. By automatically assessing traffic and response times, these tools help administrators work more efficiently.
The key reason to look for an open-source option for network monitoring is that the world is now moving toward open source. The large communities, active development, lack of vendor lock-in, and more control over costs are factors that drive organizations to look to open source tools for network monitoring. Commercially available tools offer the benefits of reliability and round-the-clock support for technical issues, and they also employ teams to constantly upgrade the tools’ security and functioning. However, they don’t offer as much flexibility and freedom as an open-source solution would. If you’re looking for cost-effective alternatives, open-source networking monitoring tools are a great option as they are not only constantly updated by developers who often provide support through online forums, but they are also easily customizable to the needs of users. They offer a degree of flexibility and adaptability that many closed-source tools lack. Here are some of the best open-source network monitoring tools you can download today.
Globally, Linux-based expenditure is forecast to grow at a CAGR of 12.9 per cent over the next five years. This is concurrent to enterprises’ needs for cost-effectiveness, flexibility, reliability, agility, and security. Surprisingly, only 37 per cent of companies globally have open source programmes to establish organisational processes, best practices, and toolsets for how open source is adopted.
Red Hat, Inc., the world's leading provider of open source solutions, has successfully completed Women in Tech tour of universities in the United Arab Emirates (UAE).
Driven by a four-strong team of female Red Hatters, the tour was predominately tailored towards female university students. It presented discussions focused on open source, and what skills, both technical and non-technical, are required for successful careers in the world of IT and open source. The Red Hat team also engaged with faculty members to understand procurement pathways in the region as well as how universities are driving student progression and development for the future job landscape.
The most eagerly awaited event in the open source software-defined storage calendar is without a doubt Cephalocon. In 2019, the Ceph community came to Barcelona, but it was recently announced that in March 2020, Cephalocon is coming to Seoul, South Korea!
Firefox 70, released in October, contains a new feature called the Protection Report. It contains a graph of all the things Firefox protected you from in the last seven days. Here’s how I made that screen reader accessible.
Originally, the data shown in the protection report was only presented visually. Well, for sighted people, that is still the case. However, if you’re a screen reader user, you get a nice tabular representation of the data, so you also get the full picture.
Today, Mozilla and the German Ministry for Economic Cooperation and Development (BMZ) have announced to join forces in the collection of open speech data in local languages, as well as the development of local innovation ecosystems for voice-enabled products and technologies. The initiative builds on the pilot project, which our Open Innovation team and the Machine Learning Group started together with the organization “Digital Umuganda” earlier this year. The Rwandan start-up collects language data in Kinyarwanda, an African language spoken by over 12 million people. Further languages in Africa and Asia are going to be added.
As you may already know, last Friday November 22nd – we held a new Testday event, for Firefox 71 Beta 12.
Thank you all for helping us make Mozilla a better place: gaby2300 and Joanna Droà ¼dà ¼.
Mozilla and the African Union Commission (AUC) released a new study examining the misconceptions, challenges and real-life impact of additional taxes on Over the Top Services (OTTs) imposed by governments across the African continent. The Regulatory Treatment of OTTs in Africa study found that these taxation regimes – often imposed without public consultation and impact assessments – have increased barriers to access, pushed people offline, and limited access to information, and access to services. The study conducted the analysis based on the available evidence and a select number of case studies.
These regressive regulatory measures are taking place as governments rush to introduce digital transformation initiatives, and instead of focusing on how to connect more people to the internet, the region is building barriers that keep them off it.
LF Energy, a project housed at the Linux Foundation, aims to use open-source technology in much the same way it was used to build the modern-day internet.
“The value of open source is to create a shared, commodity layer of software that can accelerate innovation while dramatically shifting the economics of energy,” said Shuli Goodman, executive director of LF Energy. “This is similar to what has happened in other industries, it’s time for no more black boxes (proprietary technology). That’s over.”
The CDU's party convention resolution states:
"The open and jointly developed standards of the Internet and open interfaces are the principles from which we advance the digitisation of Germany. It is only through openness that competition can be created; only through openness can new players in competition challenge the top dogs. This is why the following will apply to all (public) digitisation projects in Germany in the future: the awarding of contracts and funding will be subject to compliance with the principles of open source and open standards. Software financed by public funds should serve all citizens. In addition, free and open APIs should facilitate access for independent developments." (Translation provided by FSFE)
Further background information can be found on the campaign website. The video and other content found there are available for free distribution under a CC BY SA 4.0 license.
At 33MHz System 7.1 flies, and it has Connectix Compact Virtual (the direct ancestor of RAM Doubler), which at the cost of disabling the Silicon Disk gives me a 16MB addressing space. At some point I'll get around to configuring it for SCSI Ethernet, another fun thing you can do over SCSI that people have forgotten about.
Besides the case, floppy drive and trackbar, the keyboard was also in excellent condition. Let's compare it with what I think is the best keyboard on any Apple laptop past or present, the PowerBook 1400:
Every appliance business wants to be the one that invents the patented, license-able, and profitable standard that all the other companies have to use. Open Source Kitchen wants to beat them to it.
Every beginning standard needs a test case, and OSK’s is a simple one. A bowl that tracks what you eat. While a simple concept, the way in which the data is shared, tracked, logged, and communicated is the real goal.
A U.S.-based foundation overseeing promising semiconductor technology developed with Pentagon support will soon move to Switzerland after several of the group’s foreign members raised concerns about potential U.S. trade curbs.
The nonprofit RISC-V Foundation (pronounced risk-five) wants to ensure that universities, governments and companies outside the United States can help develop its open-source technology, its Chief Executive Calista Redmond said in an interview with Reuters.
Continuing to prepare for a PyOpenGL 3.1.4 release. I've worked through getting the auto-generated reference documentation updated. We now use the upstream git repository for the docbook base files (gl, glu and glx) while still using the legacy files for glut and gle. I've had to disable the sample-source projects still using SourceForge CVS, as SourceForge doesn't provide web-based viewing of the CVS repositories any more. If you know of projects that should be added to the set of sample-code projects, let me know.
This week we welcome Miguel Grinberg (@miguelgrinberg) as our PyDev of the Week! Miguel is the author of Flask Web Development and the very popular Flask Mega-Tutorial. You can find out more about Miguel by checking out his blog or his Github profile. Let’s spend some time getting to know Miguel better!
[...]
The open source project that takes most of my time these days is my Socket.IO client and server, which is split in two repositories, python-socketio and python-engineio. Socket.IO is a standard communication protocol built on top of HTTP and WebSocket that allows clients and servers to establish long lived bi-directional connections, avoiding some of the limitations of HTTP, and also with very low latency. My project allows Python to act as a client or as a server and connect to Socket.IO applications built in other languages, or of course, you can also use Python on both ends if that’s what you like. My Socket.IO server is commonly paired with the JavaScript client running on web browsers to build highly dynamic applications that are an alternative to the more traditional option of building the server as a REST or HTTP API.
Looking back 4-5 years ago, the sentiment around microservices architecture has changed quite a bit. First, it was in the hype phase when after seeing the success stories of companies like Netflix, Amazon, and Gilt.com developers thought that microservices are the de facto of application development. Cut to now, we have realized that microservices is yet another architectural style which when applied to the right problem in the right way works amazingly well but comes with its own pros and cons.
To get an understanding of what exactly microservices are, when we should use them, when not to use them, we sat with Jaime Buelta, the author of Hands-On Docker for Microservices with Python. Along with explaining microservices and their benefits, Buelta shared some best practices developers should keep in mind if they decide to migrate their monoliths to microservices.
With great pleasure, we announce Steven Wilson as the winner of “Perl Weekly Challenge - 035”. Congratulations Steven, you should soon hear from Perl Careers about your reward. For rest of the participants, I would say Good Luck for next time. Keep sending in your solutions and share your knowledge with each other.
This is derived in part from my blog post made in answer to the Week 34 of the Perl Weekly Challenge organized by Mohammad S. Anwar as well as answers made by others to the same challenge.
Continues from previous week.
Today, Monday 25th Nov, 2019, we have completed 8 months of successfull run of The Weekly Challenge. Over the period, I came across many smart hackers. I have lots of personal favourites that I always look forward to their solutions. It always brings a big smile on my face every time I look at their solutions. Sometimes, I find it difficult to grasp in first reading. But then once it settles down, the feeling is out of this world.
Cloudflare has open sourced a “lightweight” network vulnerability scanner that it uses in-house to help identify vulnerable services running in its vast network. Early reactions suggest that it shouldn’t be the sole vulnerability management tool being used in the network.
Actually a "thin wrapper" around Nmap, Flan Scan combines network mapping with vulnerability scanning, Cloudflare said. The company developed Flan Scan after “unsuccessful attempts” to use existing scanners, wrote Nadin El-Yabroudi, a security engineer at Cloudflare. One of the scanners Cloudflare was using was extremely expensive—"one of our highest security costs"—and it wasn't using many of the features to justify the price tag. Another was an open source one which was difficult to deploy throughout Cloudflare's infrastructure, which extends to more than 190 data centers.
The clock was ticking, because the company had to finish an internal scan to meet a compliance deadline.
CloudFlare announced the first major release of their implementation of the Network Time Security (NTS) protocol. This builds on their previous release of time.cloudflare.com, their free time service that supports both Network Time Protocol (NTP) and NTS.
CloudFlare's free time service, time.cloudflare.com, supports both NTP and the emerging NTS protocols. However, at the time of its release there were not many NTS clients available. With the release of their new CFNTS project, CloudFlare is hoping to encourage adoption of the NTS protocol. NTPSec has also recently released support for NTS.
We all know the scenario. The one relative we never see except for holiday family gatherings is holding forth, blasting on high volume political opinions delivered straight from Fox News.€ Let’s say it’s Uncle Joe at Thanksgiving dinner. He turns to you and says, “Please tell me you are not supporting that socialist Medicare for All garbage that is going to bankrupt us all, and
Australia’s health and aged care ministers should immediately revise an aged care regulation to prohibit chemical restraint.€
The Gavin Newsom Administration today announced two separate but related€ actions€ that will have a big impact on€ protections for Delta smelt, Sacramento River winter-run Chinook salmon and other endangered fish species.
Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system.
VNC (virtual network computing) is an open source graphical desktop sharing protocol based on RFB (Remote FrameBuffer) that allows users to remotely control another computer, similar to Microsoft's RDP service.
Kaspersky’s web protection feature will block ads and trackers, warn you about malicious search results and much more. The complication here: this functionality runs in the browser and needs to communicate with the main application. For this communication to be secure, an important question had to be answered: under which doormat does one put the keys to the kingdom?
[...]
In December 2018 I could prove that websites can hijack the communication between Kaspersky browser scripts and their main application in all possible configurations. This allowed websites to manipulate the application in a number of ways, including disabling ad blocking and tracking protection functionality.
Kaspersky reported these issues to be resolved as of July 2019. Yet further investigation revealed that merely the more powerful API calls have been restricted, the bulk of them still being accessible to any website. Worse yet, the new version leaked a considerable amount of data about user’s system, including a unique identifier of the Kaspersky installation. It also introduced an issue which allowed any website to trigger a crash in the application, leaving the user without antivirus protection.
This year, China as Intimidating Monster has become the popular motif in Canberra circles. Australian government members Andrew Hastie and Senator James Paterson have become vigorous moral, if hollow enthusiasts. Their criticism of China has led to the revocation of visas to the country, something that has given reason to flash their plumage for the Australian electorate. How dare China do what Australia has done a countless number of times to those they do not regard as passing a character test?
There is some incongruity between my role as an editor of a book about the costs of America’s wars and my identity as a military spouse. I’m deeply disturbed at the scale of human suffering caused by those conflicts and yet I’ve unintentionally contributed to the war effort through the life I’ve chosen.
The Senate, by a voice vote with no opposition yesterday passed a bill condemning the Hong Kong government and Hong Kong police for their brutal treatment of students in the supposedly autonomous Chinese city protesting threats to Hong Kong’s freedoms and it’s promise from China of self rule until 2047. The bill, if signed into law, would assess trade and other penalties on Hong Kong for its treatment of Hong Kong protesters.
Machine gun fire answers rock-throwing protesters. Motorcycle-riding Revolutionary Guard volunteers chase after demonstrators. Plainclothes security forces grab, beat and drag a man off the street to an uncertain fate.
In 2001 and in 2002 Congress passed authorizations for war. While not declarations of war, these mandates, each titled an Authorization for Use of Military Force (AUMF) provided the legal framework for attacks against al-Qaeda in 2001 and in 2002 for the Iraq War. Both AUMFs are still in effect today. As Congress considers its annual authorization to fund the Pentagon our current members of Congress, both in the House and the Senate, are in positions of responsibility and ability to repeal these AUMFs.
On Tuesday, the US secretary of state, Mike Pompeo, announced a reversal in decades of US policy towards Israel's illegal settlements in the West Bank, stating that: "the establishment of Israeli civilian settlements in the West Bank is not, per se, inconsistent with international law."
We may be months away from ending the US military draft, once and for all. After a court ruled that the male-only draft was unconstitutional, a Congress-appointed Commission has been studying whether or not to draft women into the US military. They make their report in March, and will likely either advocate for expanding draft registration to women or abolishing the draft, once and for all.
Today the Fourth Review Conference of the international Mine Ban Treaty opens in Oslo, Norway. A total of 164 states have joined the treaty, committing to cease production, use, and transfer of antipersonnel mines, to destroy their stockpiles, clear mine-affected areas, and assist mine survivors. €
When Turkish President Recep Tayyip Erdogan told an economic meeting in the city of Sivas this September that Turkey was considering building nuclear weapons, he was responding to a broken promise.
The democratically elected president of Bolivia, Evo Morales, the very first indigenous president of the Americas, has been forced, at gunpoint, to flee the country.€ There have been on a 5-day stretch since October 20th, 23 deaths, 715 injured, total arrests of 1112 and the number of wounded are unknown (data from the Defensoría del Pueblo de La Paz). The victims are overwhelmingly indigenous people.
"What is happening in Bolivia is highly undemocratic and we are witnessing some of the worst human rights violations at the hands of the military and the police since the transition to civilian government in the early 1980s."
The goal, Horner continued, was “to construct explicit procedural hurdles the agency must follow in issuing scientific reports,” and to avoid any case-by-case consideration of public health threats by “focusing on the process by which EPA arrived at its scientific conclusions, avoiding to the extent possible specific scientific issues, contaminants, or industries.” He proposed several criteria the EPA should be forced to add to its scientific processes, including “transparency.” This approach, Horner suggested, could help the industry weaken regulations on mercury, hazardous waste, and air pollution.
Two years later, a lobbying firm working for R.J. Reynolds created a “Secret Science” working group. The group’s goal, according to a memo obtained by the Union of Concerned Scientists, was to “focus public attention on the importance of requiring the disclosure of taxpayer-funded analytical data upon which federal and state rules and regulations are based.”
Colgate-Palmolive has begun the switch to a first-of-its-kind recyclable toothpaste tube and will share the technology.
THE DETAILS The company’s Tom’s of Maine has unveiled the first tube recognized by the Association of Plastic Recyclers. The brand will debut the tube for its Antiplaque & Whitening toothpaste and complete the switch across all of its toothpastes in 2020, when the Colgate brand will initiate the transition in Europe and North America.
The company will complete modifications to tube-making equipment at more than a dozen of its facilities worldwide by 2025 and will share the innovative technology freely with its competitors in a bid to up recycling rates for ‘one of the most widely used forms of plastic packaging’.
“Colgate wants to make tubes a part of the circular economy by keeping this plastic productive and eliminating waste,” said Noel Wallace, Chief Executive Officer and President of Colgate-Palmolive. “This advancement can make a significant difference in the marketplace today as we test new packaging materials, product formats and refillable models to reduce our use of plastic.
Four European development banks are financing a palm oil company in the Democratic Republic of Congo that is violating workers’ rights and dumping untreated waste.
The freedom to dissent was tested as the US closed out the twentieth century with a demonstration that grabbed the world’s attention. Forty thousand citizens marched through Seattle’s downtown on November 30, 1999, to protest a meeting of the World Trade Organization Ministerial (WTO.)
A long overdue tax on the wealth of the wealthy is finally being put forward as a means to fund government services and reduce economic inequality.[1] At this point, among Democrats, the Sander’s proposal goes the furthest and is estimated to raise $4.35 trillion over the next 10 years.
Years ago, a Texas legislator who was occasionally known to take lobbyists' cash in exchange for a vote, explained his ethical framework as opportunistic: "I seen my chances, and I took 'em."
"We can see why Mike Pompeo has refused to release this information to Congress. The evidence is only going to get worse."
Chaos is a pit, the all-knowing eunuch Lord Varys warns in Game of Thrones, “a gaping pit waiting to swallow us all.”The conniving Peter Baelish, known as Littlefinger, disagrees: “Chaos isn't a pit,” he replies. Too few realize, he says, that, “Chaos is a ladder… Only the ladder is real. The climb is all there is.”
Bruce Fein, a former senior official in the Department of Justice and a constitutional scholar, has identified 12 impeachable offenses committed by Donald Trump. But, as he notes, many of these constitutional violations are not unique to the Trump administration. They have been normalized by Democratic and Republican administrations. These long-standing violations are, for this reason, ignored by Democratic Party leaders seeking to impeach the president. They have chosen to focus exclusively on Trump’s attempt to get the Ukrainian president to open an investigation of Joe Biden and his son, Hunter, in exchange for $400 million in U.S. military aid and a visit by the Ukrainian leader to the White House. Ignoring these institutionalized violations during the impeachment inquiry, Fein fears, would legitimate them and lead to the death of democracy.
Billionaire and former New York City Mayor Michael Bloomberg, one of the world’s richest men, has formally launched a Democratic bid for president.
The former New York City mayor launched a $30 million ad campaign presenting himself as a "middle class kid who made good."
Billionaire businessman and former New York City Mayor Michael Bloomberg on Sunday officially announced he is entering the 2020 Democratic presidential primary, launching a $30 million ad blitz in which he presents himself as “jobs creator” and a “middle class kid who made good.”
I wish I could be there in person, but I appreciate this opportunity to summarize for you my letter to the court that ordered me to be confined, explaining why grand juries are so dangerous. I am not alone in objecting to the grand jury as a dangerous relic that has evolved in ways that increase its power without increasing its protections. I refuse to participate in a process that has clearly transformed into something that violates the spirit, if not the letter of the law.
I can explain the art and purpose behind throwing a Purple Heart veteran under the Fox News bus. First, we must talk about narratives. In my time at Fox News, narratives were weapons of mass emotional manipulation, what the Nobel laureate Robert J. Shiller defines in “Narrative Economics” as “contagious stories” — as he put it in a paper of the same name, “a simple story or easily expressed explanation of events that many people want to bring up in conversation or on news or social media because it can be used to stimulate the concerns or emotions of others, and/or because it appears to advance self-interest.” One recent report said that we find information or misinformation “22 times more memorable in narrative form.”
There’s little in this world that has the emotional manipulative power of a good tribalized — us versus them — narrative. It’s a contagion, and thanks to social media, or “participatory propaganda,” highly viral.
The Trump administration is pushing a proposal that could change how much untraceable “dark money” corporations pour into future elections.
The draft rule change was unveiled by the Securities and Exchange Commission this month. It would limit shareholder proposals, which are one of the ways that the stockowners of publicly traded companies get them to change their behavior.
Nintendo is structurally wiping piracy-enabling sites from search results. Instead of regular DMCA notices, the gaming company is using anti-circumvention complaints to have Google remove links to console jailbreaking software and flash card adapters from its search engine. The infamous Team-Xecuter is a prime target, but the company also targets legitimate stores such as Newegg.
Popular VPN provider Private Internet Access (PIA) is set to be acquired by Kape Technologies. This will transform the company into a major player in the VPN industry. The deal has sparked a lively debate about Kape’s intentions and PIA’s future, but the company stresses that it remains committed to protecting the privacy of its users.
Until now, if users wanted to enable 2FA for their Twitter account, they had to register a phone number and enable SMS-based 2FA, which is known to be inherently insecure; back in October, for example, Twitter admitted that "unintentionally" fed advertisers users' 2FA phone numbers for targeted ad purposes.
The company is finally giving users the option to bypass SMS-based 2FA, and even disable it completely. Instead, users can now enable 2FA on Twitter using a mobile security app, such as Authy or Google Authenticator, without supplying Twitter with a phone number. Previous to this you still had to add a phone number if you chose to use a security app with your account.
The report explains that the test allows drivers to request cameras for a fee of $5 per month through a partnership with Nauto - a company that uses AI to analyse video from vehicles. Amongst the software's party tricks is the ability to spot when drivers are distracted, at which point it tells them to watch the road.
For Uber drivers, though, the idea is to look into disputes inside the car. The footage is stored by Nauto, but becomes available to Uber if the camera detects a crash, a safety incident is reported or - alarmingly - if the driver requests footage. Apparently faces are blurred if sent to the driver, but fully visible to Uber employees analysing safety footage externally.
That's not all, either. The Washington Post reports that Uber is planning on recording audio of journeys soon, too. [...]
The rules state that there must be Russian alternatives to the stock software - but it remains up to the individual as to which ones they use.
However, that has raised the eternal question of back doors and other rogue payloads being included, effectively leaving the Western software as sitting ducks for nation-state hacking attempts.
The new rules won't just affect phones and laptops, but all smart devices including Smart TVs and audio streaming devices.
For well over a decade, identity thieves, phishers, and other online scammers have created a black market of stolen and aggregated consumer data that they used to break into people's accounts, steal their money, or impersonate them. In October, dark web researcher Vinny Troia found one such trove sitting exposed and easily accessible on an unsecured server, comprising 4 terabytes of personal information—about 1.2 billion records in all.
While the collection is impressive for its sheer volume, the data doesn't include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scraped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses.
They're totally right about one thing: once you gather and sell this data, you can't control it -- it's pluripotent, omnitoxic, and immortal. It's nuclear waste.
The thing they're wrong about is the wisdom of selling that pluripotent, omnitoxic, immortal toxic waste, given that they can't control it. The fact that they cheerfully admit that there's no way for them to ensure that the nonconsensual dossiers they've assembled won't be weaponized against their subjects (and the commonsense conclusion that these dossiers will be weaponized against their subjects) means that it is incredibly reckless, even sociopathic for these privacy profiteers to be in the business that they're in.
Australia is investigating allegations that China tried to install an agent in a parliamentary seat in Canberra, the Australian Security Intelligence Organization said in a rare statement, adding it was taking the matter seriously.
The spy agency issued the statement late on Sunday after allegations were aired on Australian television that a suspected Chinese espionage ring offered A$1 million ($679,000) to pay for a Melbourne luxury car dealer, Bo “Nick” Zhao, to run for a seat in Australia’s federal parliament.
“The reporting on Nine’s Sixty Minutes contains allegations that ASIO takes seriously,” ASIO Director-General of Security Mike Burgess said in the statement.
Newspapers and other media in the United States, Britain and Australia have recently declared a passion for freedom of speech, especially their right to publish freely. They are worried by the "Assange effect". €
The watch towers, double-locked doors and video surveillance in the Chinese camps are there “to prevent escapes.” Uighurs and other minorities held inside are scored on how well they speak the dominant Mandarin language and follow strict rules on everything down to bathing and using the toilet, scores that determine if they can leave.
There’s probably no bigger sin in American politics than to imagine a world without war, inequality, and capitalism. Actually, imagining just a kinder, more equitable version of capitalism, one in which the existence of elite wealth is tempered by the peoples’ right to health care, a college education, affordable housing, strong workplace unions, full reproductive rights for women, and an end to racial discrimination is enough to be dismissed as a utopian ideologue by the high priests of the corporate media and political establishment.
Opposition candidates won nearly 90 percent of contested seats, according to public broadcaster RTHK. The democrats will now control 17 of 18 district councils, after having previously controlled zero.
The vote was a major symbolic blow to pro-China forces that dominate Hong Kong politics, and the latest evidence of continued public support for a five-month-old pro-democracy movement that has become increasingly aggressive.
In the early hours of February 20, 2019, Náhuatl activist Samir Flores was gunned down in front of his house in the Mexican state of Morelos.
Since 2011, Flores had been a vocal opponent of the Morelos Integral Project — a government-backed development plan to construct new energy infrastructure, including two thermoelectric plants and a massive gas pipeline running directly through his hometown of Amilcingo.
The day before he was killed, Flores attended a public forum organized by Hugo Eric Flores Cervantes (no relation), a hyper-conservative federal representative for Morelos. Poised before the podium where Flores Cervantes stood, Samir Flores confronted him about the social impact of the megaprojects. In a video circulated widely on social media, Samir Flores is heard exclaiming, “The [multinational] companies first usually think about their capital, their money, and then later about the communities [their projects affect]. I don’t know if this is a project in which they are thinking about us, our children, our grandchildren.”
Ten years ago this week, Opera 10.10 shipped with a web server built-in into the web browser. The Unite server came with webapps like Web Server, Photo and File Sharing, and a Fridge. Yes, I will get back to that last one later.
Contrary to what the name might suggest, Opera Unite was intended to decentralize the web rather than unite it. It was intended to “reinvent the web” by making everyone host their own internet content and communications. Two and a half years later, Opera discontinued it entirely.
To understand the importance of gating, you have to remember that Amazon.com is both a store that sells you stuff and a marketplace where other businesses sell you stuff. When you click on a given product listing, there will likely be several merchants competing to make the sale. Overwhelmingly, the one who wins that competition is the one who wins the “Buy Box”—meaning the one who gets chosen by an algorithm to sell the item when you click “Add to Cart” or “Buy Now.” The other sellers are still there, but you’d have to scroll down to affirmatively choose one. Winning the Buy Box, which usually means offering the best price, is life or death for businesses that sell on Amazon. “If you can’t earn the Buy Box, for all intents and purposes, you’re not going to earn the sale,” said James Thomson, a former Amazon employee and a partner at Buy Box Experts, a brand consultancy for Amazon sellers.
