Hypervisors present a smaller attack surface than containers. This is somewhat mitigated in containers by using seccomp, selinux and restricting capabilities in order to reduce the number of kernel entry points that untrusted code can touch, but even so there is simply a greater quantity of privileged code available to untrusted apps in a container environment when compared to a hypervisor environment[1].
If we thought your Dad’s GNU/Linux desktop was a threat to Wintel, ChromeOS is Armageddon. It took a decade for Wintel to ship as many PCs as ChromeOS is shipping in one year and it’s still just starting out. Wintel’s huge installed base is only 6-8 years’ production… Further, it’s not just about price.
Case in point: Samsung's new Chromebook 2, announced Friday, which has Intel's Bay Trail M Celeron N2840—not one of Samsung’s own Exynos dual-core ARM chips. Earlier Chromebook 2 versions shipped with ARM processors and will continue to do so, but in a briefing with PCWorld, Samsung product manager David Ng said Chromebooks are quickly trending toward Intel components. "More than 50% of Chromebooks sold these days have Intel processors," Ng said.
Sales of Chromebook computers have soared over the past few months as manufacturers and consumer begin to embrace the low-cost portable devices, new research has found.
Whether it’s because of their very affordable prices or an aversion to Windows 8ââ¬Â²s complexity, more and more shoppers are buying Chromebooks. There are some valid reasons to choose a Chromebook over a Windows machine, including a very intuitive interface (it’s largely browser based), a lack of upgrade headaches, and less worrying about malware. And while Chromebooks have limited offline capability, there’s a growing number of apps that work without a Wi-Fi connection.
Emil Velikov, the new Mesa release manager, has issued a straw-man proposal to release Mesa 10.4 in early December.
In sticking to the three month release cadence of Mesa, Emil is proposing the Mesa 10.4 feature freeze and release candidate for 14 November with new release candidates to come weekly until the official release. Emil is tentatively thinking about the Mesa 10.4 release for 5 December.
With Ubuntu 14.10 "Utopic Unicorn" due for release today, here's some benchmarks showing how the standard Unity 7 desktop on Ubuntu 14.10 is comparing to the still-experimental Unity System Compositor and using XMir for running traditional Linux OpenGL games.
From a standard Intel Core i7 Haswell system with HD Graphics I ran benchmarks with the development snapshot of Ubuntu Utopic as of yesterday to see how well the stock Unity 7.3.1 environment is comparing to when it's run with unity-system-compositor installed and using Mir support with XMir for running a variety of standard OpenGL benchmarks as well as some 2D X11 benchmarks.
At Phoronix.com and with the Phoronix Test Suite / OpenBenchmarking.org we're always looking to cater to the interests of more parties and as such are interested to see what other benchmarks you'd like to see incorporated.
In celebration of Ubuntu 14.10's Utopic Unicorn release today, here's some fresh benchmarks of one of the most requested topics: 2D/3D benchmarks of different desktop environments. In this article is a look at six of the popular desktop offerings found in Ubuntu 14.10.
CodeWeavers, the software company behind Wine, has released CrossOver 14, a software for easy running Windows applications on Linux and Mac OS X. The new version is full of new features and comes in time to the 10th anniversary of Ubuntu, as 10 years ago Mark Shuttleworth announced Ubuntu 4.10 "Warty Warthog", the first version of Ubuntu.
A user on the Steam forum has come up with a concept for a new UI for SteamOS, and it looks slick!
The first alpha release for the 1.12 version of the Enlightenment Foundation Libraries (EFL) was released this week.
Many Linux users have a set of applications – browser, file manager, image viewer – that they’re loyal to. In most cases, these applications correspond to the default setup of a Linux distribution. If you’re a KDE user, you’ve probably heard of Konqueror. It’s a powerful application that has been a part of KDE for years, but it’s often unfairly neglected in favor of newer apps. Did you know you can use Konqueror not only as a file manager, but also as a web browser, PDF viewer and document editor?
One type of bug I see very often comes down to syntax errors in QML and JavaScript files. Most of the time these errors are simple typos; however, they creep in, go unnoticed by continuous integration and sometimes reach production — especially on delayed loaded components.
In a recent informal meeting of KDE users in Seattle, Andrew Lake from the KDE Visual Design Group gave me some ideas he had for KDE Connect. Since I think that we all have a different vision and different ideas that are possible to implement on top of KDE Connect, I decided to write this post asking for your ideas, in some kind of community brainstorming.
In an application that already use GAction and a normal GMenu for everything is quite easy.
But Nautilus is not using GAction neither GMenu for its menus. Not only that, Nautilus use GtkUIManager for managing the menus and GtkActions. And not only that, Nautilus merge parts of menus along all the code.
Cairo-Dock 3.4 is finally released! One year after the 3.3 version.
Cairo-Dock is a pretty, fast and customizable desktop interface. You can see it as a good alternative/addition to Unity, Gnome-Shell, Xfce-panel, KDE-panel, etc.
Even after settling on a Linux distribution to use, you still have to decide on a desktop environment. There are tons to choose from, and last week we asked you for your favorites. Then we looked at the five best Linux desktop environments. Now we're back to highlight your favorite, 11,000 votes later.
We’ve had long-standing feature requests to turn scrollbars into overlayed indicators, for touch systems. An implementation of this idea has been merged now. We show traditional scrollbars when a mouse is detected, otherwise we fade in narrow, translucent indicators. The indicators are rendered on top of the content and don’t take up extra space. When you move the pointer over the indicator, it turns into a full-width scrollbar that can be used as such.
My talk at GUADEC this year was titled Continuous Performance Testing on Actual Hardware, and covered a project that I’ve been spending some time on for the last 6 months or so. I tackled this project because of accumulated frustration that we weren’t making consistent progress on performance with GNOME. For one thing, the same problems seemed to recur. For another thing, we would get anecdotal reports of performance problems that were very hard to put a finger on. Was the problem specific to some particular piece of hardware? Was it a new problem? Was it an a problems that we have already addressed? I wrote some performance tests for gnome-shell a few years ago – but running them sporadically wasn’t that useful. Running a test once doesn’t tell you how fast something should be, just how fast it is at the moment. And if you run the tests again in 6 months, even if you remember what numbers you got last time, even if you still have the same development hardware, how can you possibly figure out what what change is responsible? There will have been thousands of changes to dozens of different software modules.
GTK+ apps now run not only on X11 and Wayland under Linux with native support but the mainline GTK+ Git code now also supports running Ubuntu's Mir Display Server. That's right, there's now mainline Mir support in GTK for the GNOME/GTK 3.16 release.
ROSA is a Russian company developing a variety of Linux-based solutions. Its flagship product, ROSA Desktop, is a Linux distribution featuring a highly customized KDE desktop and a number of modifications designed to enhance the user-friendliness of the working environment. The company also develops an "Enterprise Server" edition of ROSA which is based on Red Hat Enterprise Linux. On 9th October 2014, Ekaterina Lopukhova has announced the release of ROSA R4 "Desktop Fresh" edition, a desktop Linux distribution featuring a customized and user-friendly KDE 4.13.3 desktop: "The ROSA company is happy to present the long-awaited ROSA Desktop Fresh R4, the number 4 in the "R" lineup of the free ROSA distros with the KDE desktop as the main graphical environment. The distro presents a vast collection of games and emulators, as well as the Steam platform package along with standard suite of audio and video communications software, including the newest version of Skype. All modern video formats are supported. The distribution includes the fresh LibreOffice 4.3.1, the full TeX suite for true nerds, along with the best Linux desktop publishing, text editing and polygraphy WYSISYG software. The LAMP/C++/ development environments are waiting to be installed by true hackers." The present version is supported for 2 years. ROSA was previously based on Mandriva but now independent like many of the formerly Mandriva based distros, e.g. PCLinuxOS, Mageia, OpenMandriva Lx (based on ROSA), to name a few. Mandriva in turn was based on Red Hat Linux and a lot of programs which work for Fedora or OpenSUSE, worked on ROSA as well.
In today's open source roundup: Gentoo has much to offer experienced Linux users. Plus: Is it easy to avoid systemd in Debian? And Civilization: Beyond Earth is coming to Linux for the holidays
It has been a while since I have done a review (almost 3 months, in fact). It has been significantly longer since I have looked at Scientific Linux (over 3 years, in fact). Given that, I figured it might be worthwhile to make this review about Scientific Linux 7.0. I'm just glad that I did it before the time elapsed for something else to come up (around 3 minutes, in fact — OK, I just made that one up to match the other statements).
One of the IT industry's quiet successes of the last 20 years has been Red Hat (some stories say it was named for the red caps favoured by 18th and 19th century revolutionaries). In 2012 the vendor reported revenues of $1B+ for the first time and this has increased to $1.5B+ in its most recent full financial year (ending Feb 2014). 26% of Red Hat’s revenue is generated in Europe and more than 20% its 7,000 employees are based in the EU, including those at its Bruno-based development in the Czech Republic.
Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced that FICO, the predictive analytics and decision management software company, has built and rapidly scaled the FICO€® Analytic Cloud on OpenShift Enterprise, Red Hat's award-winning private platform-as-a-service (PaaS) offering.
Today in Linux news, Jamie Watson is back with a look at the "coming attractions" of Makulu, openSUSE, and Fedora. Lifehacker has the winner of their "best desktop" survey and there are public builds of upcoming Unreal Tournament available. IT-Director.com published an article on "The rise of Red Hat" and Red Hat's Jackie Yeaney talks marketing with Advertising Age. Blogged reviews include Scientific Linux and ROSA R4 and Make Tech Easier discovers "the power of Konqueror."
Once of the many things I do for the Fedora Project is Tagging, it’s something any one can do and it’s a quick/easy way to give back to Fedora.
The latest chapter in the ongoing furor over the software known as systemd threatens to split the Debian community, after a splinter group stated that it would create a fork of the well-known Linux distribution if systemd is included in an upcoming release.
Don't listen to trolls. They lie.
Debian was and continues to be about choice. Previously, you could configure Debian to use other init systems, and you can continue to do so in the future.
In October of 2004, a new Linux distro appeared on the scene with a curious name—Ubuntu. Even then there were hundreds, today if not thousands, of different Linux distros available. A new one wasn't particularly unusual, and for some time after its quiet preview announcement, Ubuntu went largely unnoticed. It was yet another Debian derivative.
Canonical's latest Linux, Ubuntu 14.10, saves the biggest improvements for its cloud and server versions.
Ubuntu 14.10, code named “Utopic Unicorn” has been released just now. And, the Ubuntu official flavours such as Edubuntu, Lubuntu, Kubuntu, Xubuntu, Mythbuntu, Ubuntu studio, Ubuntu Gnome and Ubuntu Kylin are also available for download.
Ubuntu 14.10 is now available for download. This release doesn't ship with any new Unity features and it includes mostly bug fixes. Still, there are some under the hood changes and of course, updated applications.
Ubuntu 14.10 (Utopic Unicorn), the latest operating system released by Canonical, is here right on time, six months after the previous version. We now take a closer look at the new OS and we'll try to see what has been changed and how it compares with previous iterations.
Along with the other flavors, Ubuntu MATE 14.10 was released today. This is an unofficial (it will most probably become an official Ubuntu flavor in the near future) MATE-based Ubuntu flavor, "ideal for those who want the most out of their desktops, laptops and netbooks and prefer a traditional desktop metaphor", which had its very first stable release today.
A member of the ownCloud security team has sent a request to Canonical asking them to remove all the packages from their repositories regarding this software stack. The problem is that things are not that simple.
Kubuntu 14.10 (Utopic Unicorn) has been made available and users are now able to download the latest version of this KDE-powered operating system.
Xubuntu 14.10 (Utopic Unicorn) is now available for download, along with its Ubuntu GNOME, Kubuntu, Xubuntu, and other flavors. The developers have made a few important changes that will definitely set this release apart.
The GNOME flavor of Ubuntu is a newer one, although the devs have already made a few releases. It uses the stock GNOME stack and it’s had great success until now, despite the fact that it doesn't pack the latest version of the desktop environment. The developer has explained more than once why that is happening, but the good news is that people will be able to install GNOME 3.14 packages nonetheless.
Back in 2002, one Dutch small business with just 38 employees took part in their first of several EU-funded research projects: developing new digital services for people on the move. That "small business" was TomTom: which since 2002 has grown to over 4000 employees in 37 countries, now a globally recognised brand leader.
Laforge is prepping a $399 beta version of its Linux-based Icis eyewear, as well as a $549 Bold model due in 2015 that adds a camera and higher resolution.
Relatively few of the smart eyewear products now coming to market compete directly with Google Glass as a general-purpose consumer device. Most are vertical-market helmets for industrial or field service use (Vuzix M100), or are designed for specific activities such as skiing (Recon’s Snow 2) or motorcycle riding (Skully AR-1.) Laforge Optical’s Icis stands out from the pack with its consumer focus and its foundation in embedded Linux rather than the stripped-down Android stacks used by most smart eyewear.
While some Android apps are important, some truly are must have Android apps. I’ve learned to tell the difference. Over the past couple of years, I've been a very happy Android fan. Being a refugee from the iOS platform, I cannot express just how much more full-featured Android is when compared to my old iPhone.
In the wake of former NSA contractor Edward Snowden's big reveal on government spying, there's been a concerted effort by companies big and small to try and make our lives truly private. One seemingly promising solution was Anonabox, a little plug-and-play device that routes traffic through Tor to keep our online activities anonymous. Unfortunately, we were all misled on a number of levels, prompting Kickstarter to remove the project forever. Hot on its heels is Project Sierra, a network encryption device that's supposedly the real deal.
How do you feel when you learn that someone has been watching, reading every incoming-outgoing message from your phone and computer? Quite freaked out, probably. Millions felt the same in June 2013 when ex-NSA computer geek Edward Snowden exposed the US Government’s snooping and logging activities.
Google promised that it would consistently improve Android Wear with a number of updates, and now the first major update is here. Announced today in a blog post, the update unlocks some key fitness functionality. It now supports watches with built-in GPS sensors, providing new tools to track your distance and speed independent of your phone. Additionally, with the new software, you'll be able to pair Bluetooth headphones, and offline music playback will also be enabled. And, of course, we're sure the Android Wear team has squashed some bugs along the way.
Boardcon launched a 92 x 65mm “Compact A31S” SBC that runs Android 4.2.2 on a quad-core Allwinner A31s SoC backed up with 2GB of soldered RAM and 4GB flash.
Let’s start off by taking a look at the open source application that rivals Google Analytics for functions: Piwik. Piwik does most of what Google Analytics does, and chances are it packs the features that you need.
Those features include metrics on the number of visitors hitting your site, data on where they come from (both on the web and geographically), from what pages they leave your site, and the ability to track search engine referrals. Piwik also has a number of reports and you can customize the dashboard to view the metrics that you want to see.
To make your life easier, Piwik integrates with over 65 content management, ecommerce, and online forum systems like WordPress, Magneto, Joomla!, and vBulletin using plugins. With anything else, you just need to add a tracking code to a page on your site.
The Knight-Mozilla Fellowships bring together developers, technologists, civic hackers, and data crunchers to spend 10 months working on open source code with partner newsrooms around the world. The Fellowships are part of the Knight-Mozilla OpenNews project, supported by the John S. and James L. Knight Foundation. During their fellowship year, the Fellows collaborate with journalists to build the tools news organizations need to thrive on the open web.
Mozilla continues to push ahead with its Firefox OS mobile operating system, which is arriving on phones in many markets around the world. In fact, the company has aligned its whole strategy around the mobile platform. The OS is gaining enough traction that many observers see it as eventually being competitive with iOS and Android phones, but I've made the point that If Firefox OS is to be a resounding success, it's going to need a very healthy ecosystem of apps to attract users. Apps count for a lot in the mobile game.
The Apache CloudStack project announced the immediate availability of Apache CloudStack v4.4.1, the latest version of the turnkey Open Source cloud computing software platform used for creating private-, public-, and hybrid cloud environments.
Last Friday Wilhelm Tux, a Swiss community group, reached their €8,000 (CHF 10.000) crowdfunding target for LibreOffice. The money will be used to add support for digital signatures in PDF documents in a secure and compliant way. From announcement to completion took four days.Once implemented,
The third RC build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures.
LibreJS 6.0.3 contains a few bugfixes.
I am happy to announce the release of OASIS v0.4.5.
The open-source Asterisk project first emerged with a 1.0 stable release back in 2004, providing users with a feature-rich IP PBX platform. Today, ten years after that 1.0 release, Asterisk 13 is now out, providing users with improved security and stability for the long term.
The Greens/European Free Alliance in the European Parliament want to find out for once and for all if the use of free and open source software is essential for the democratic institution. The political group is asking for comments on a study linking the use of free software to the European Parliament’s principles of openness and right to information.
Why do government agencies turn to open source software? FutureGov has interviewed 12 senior officials to find out.
Australia’s Chief Technology Officer, John Sheridan, has moved his country’s citizen-facing portal onto open source software, and is offering to help agencies migrate too. “Open source licence arrangements enable the development of some sort of public good, where people contribute or benefit from it,” he says.
Other agencies clearly agree. Hong Kong’s Office of the GCIO is notably enthusiastic, with Victor Lam telling FutureGov that “We recognise the fact that it is the kind of technology [where] we need to be ahead of the curve”.
What was their experience of migrating to open source, and how does it match with others?
Not quite sure what that last bit means, but it's nonetheless good to have news from other countries grappling with the same issues as those in the UK. The fact that similar problems are found elsewhere suggests that maybe more could be done for those seeking to introduce open source in central government to meet up and swap their experiences - both good and bad.
Rajan attends a school in a small village located around 140 kilometers from my hometown of Amritsar, India. Otherwise an active boy who is adept in handling numbers in the ledger book at his father’s convenience store and who loves playing flute, he falls into the depths of apathy and indifference the moment he enters his classroom. Rajan is not at fault for the abrupt change in his behavior at the school. He attends a school that has one teacher for all its students from classes starting from the first standard through the fifth standard, that has no proper infrastructure, a dilapidated library, and an obsolete teaching methodology.
Digital textbooks with open-licensed content -- and sometimes even complete open source textbooks -- are two publishing models that are starting to change the way students and teachers interact with subject material.
The budget-busting prices of traditional printed textbooks and the ubiquity of mobile devices in schools have provided textbook authors and educational leaders with convincing reasons to give students an alternative. Textbook publishers are offering digital alternatives to traditional printed books with copyright protection against reproducing or altering their content.
An effort to increase immediate access to research results is in full swing at Cal State Fullerton through Open Access Week this week.
These days, there is big demand for strong web and application development skills in the job market. The good news is that there are many open source tools to help you with your web project or application, and given the costs of proprietary development environments, they can save you a lot of money. Here are many good examples of development tools and tutorials, with some unsung choices that you may not have considered.
After talking about how Europe used to dominate in innovation, it's since fallen behind both the US and Asia.
The company this week filed charges against members of huge law firms Milberg LLP and DLA Piper for representing a man who previously claimed that he owns a major stake in Facebook. The social networking site simply stated in its complaint that those lawyers should have known better than support a ‘scam’ artist.
In my previous post Forward Secrecy Encryption for Apache, I’ve described an Apache SSLCipherSuite setup to support forward secrecy which allowed TLS 1.0 and up, avoided SSLv2 but included SSLv3.
Rwanda’s parliament has accused the BBC of genocide denial, claiming their documentary film “Rwanda: The Untold Story” allegedly misinterpreted historical facts and distorted real states of affairs, BBC reported on Thursday.
The U.S. military’s combat mission in Afghanistan is scheduled to end this year, presumably closing the chapter there on 13 years of war. But the covert drone war in that country and neighboring Pakistan could continue long after most American troops return home, according to a White House spokesperson.
John Kerry says all those fired at by drones in Pakistan are “confirmed terrorist targets” – but with 1,675 unnamed dead how do we know?
Responding to a question about drone strikes on BBC’s Hard Talk last year, US Secretary of State John Kerry laid out a clear message. “The only people we fire a drone at are confirmed terrorist targets at the highest level,” he said. “We don’t just fire a drone at somebody and think they’re a terrorist.”
Earlier this month, the US completed its 400th drone strike in Pakistan, a significant milestone in the covert anti-terrorism programme that has been going since 2004 and has claimed 2379 lives, according to available figures.
Pakistan has called for pre-emptive ban on the development of Lethal Autonomous Weapon Systems (LAWS), known as killer robots that are capable of making their own combat decisions without human intervention, saying such devices would undermine world peace.
Four private security guards working for the Blackwater Worldwide firm who were charged in the 2007 shootings of more than 30 Iraqis have been found guilty by a federal jury.
Nicholas Slatten was found guilty of first-degree murder, and three others — Paul Slough, Evan Liberty and Dustin Heard — were found guilty of multiple counts of voluntary manslaughter.
Nicholas Slatten, Paul Slough, Evan Liberty, and Dustin Heard were among the Blackwater guards riding in a convoy of armored vehicles through downtown Baghdad in September 2007 who abruptly began firing machine guns and throwing grenades at unarmed Iraqis in a busy traffic circle, killing 14 and wounding at least 17 others. During the trial, the men's lawyers maintained they were responding to gunfire at Nisour Square and acted in self-defense, while the prosecution said the shootings were unprovoked. Jurors in Washington sided with the government, convicting Slatten of first-degree murder, a charge that carries a life sentence, and the three others of voluntary manslaughter, attempted manslaughter, and using military firearms while committing a felony, which means they each face a mandatory minimum of 30 years in prison. All four men are military veterans.
Commercial drones could be invading the UK within 20 years, used by everyone from terrorists to burglars, an ex-GCHQ boss warns. It found the growing use of drones raises “significant safety, security and privacy concerns.”
In a report released by the University of Birmingham Policy Commission, led by the former head of GCHQ Sir David Omand, it was found that the greater civil and military use of drones is inevitable.
The Pentagon says it will investigate a video released by the self-declared Islamic State showing its fighters purportedly rifling through crates of U.S. arms intended for Kurdish forces fighting the extremist group.
Michael Zehaf-Bibeau, armed with a high-powered rifle, drove to Parliament Hill, left his car running, shot a ceremonial guard at the nearby National War Memorial, before heading to the seat of Canada’s democracy, where he was gunned down by the head of security for the building.
In a room just a few metres from where the gunman fell, prime minister Stephen Harper was discussing how to respond to the increased threat of homegrown terrorism with members of his party. That response will be even more treacherous now.
WikiLeaks founder Julian Assange says he is "confident" his asylum status will be resolved, as he awaits an imminent ruling on his case by a Swedish court.
But Morrell's Politico Magazine article was misleading. Wildlife in the region is still experiencing the consequences of the spill, according to a recent report from the National Wildlife Federation (NWF). The NWF studied 14 species that have suffered effects from the spill, including the ongoing illness of bottlenose dolphins and a "dramatic increase" in sea turtle deaths. The report concluded that more needs to be done to speed up the region's recovery. CBS reported of its findings: "No matter how much money is exchanged and what efforts are done, there remains no guarantee that the Gulf Coast regions will fully recover to pre-spill conditions."
A group of Southern Florida politicians are tired of being left out to sea when it comes to addressing climate change concerns for the southern part of the state.
Birth is a fundamental feminist issue right now - women’s bodies should not be sanitised. Facebook should let us see it as it is
Citing a case revealed by BuzzFeed News, the chairman of the Senate Judiciary Committee said it’s “appalling” that a Drug Enforcement Administration agent created a fake Facebook page using a real woman’s name and photos — without her knowledge.
Bratton says the companies' new operating systems, which can block law enforcement access, 'does a terrible disservice to the public.'
That's some mighty fine spin by Bratton. Something that will make a vast majority of the public's data less susceptible to hackers' attacks is a "disservice to the public" because in a very small number of cases, this encryption could hamper an investigation. Because some criminals might use this encryption, no one should be allowed to have it.
James Clapper, the Director of National Intelligence, has issued an interim report on the intelligence community's minimal progress towards minimal compliance with the minimal reforms ordered by the administration last year in response to the Snowden leaks. Presidential Policy Directive 28 (PPD-28) was issued in January and Jame Clapper's office is proud to announce that it's still in the process of thinking about complying with the stuff the President asked them to do so many months ago.
[...]
The EFF asks if the NSA has ever used this reading to its own advantage. Certainly no answer is expected, but the agency has long been a fan of fluid terms and malleable definitions. Which brings us to the ultimate show of executive branch deference, albeit one that implies the administration will help the agency do the things it really wants to, Presidential Policy Directive or no.
Meanwhile, if doing things that might lead to more soldiers getting hurt or killed makes you guilty of murder, shouldn't Rogers be talking about getting himself and other members of Congress charged with murder? After all, remember it was Congress that failed to equip soldiers with proper body armor.
There has been a lot of online comment recently about a dataset released by the New York City Taxi and Limousine Commission. It contains details about every taxi ride (yellow cabs) in New York in 2013, including the pickup and drop off times, locations, fare and tip amounts, as well as anonymized (hashed) versions of the taxi’s license and medallion numbers. It was obtained via a FOIL (Freedom of Information Law) request earlier this year and has been making waves in the hacker community ever since.
The release of this data in this unalloyed format raises several privacy concerns. The most well-documented of these deals with the hash function used to “anonymize” the license and medallion numbers. A bit of lateral thinking from one civic hacker and the data was completely de-anonymized. This data can now be used to calculate, for example, any driver’s annual income. More disquieting, though, in my opinion, is the privacy risk to passengers. With only a small amount of auxiliary knowledge, using this dataset an attacker could identify where an individual went, how much they paid, weekly habits, etc. I will demonstrate how easy this is to do in the following section.
A newly publicized document shows that five local police departments in southeastern Virginia have been secretly and automatically sharing criminal suspects’ telephone metadata and compiling it into a large database for nearly two years.
Marketers are using beacons to see who sees what in their ad networks.
The Democrat from Oregon, who has served on the Senate Select Committee on Intelligence since 2001, thought he knew the nature of the National Security Agency’s surveillance activities. As a committee member with a classified clearance, he received regular briefings to conduct oversight.
The crypto wars have returned to the United States. Apple’s announcement of their intent to provide better encryption for their customers launched the latest battle. With this new, higher-level of encryption, iPhone users would allegedly be able to better secure their private communication data from law enforcement.
Imagine if Bob Woodward's clandestine meetings in a Washington D.C. parking garage with Deep Throat had been documented — or, better yet, filmed by Woodward, himself.
The analogy isn't perfect, but that's about the closest equivalent to Laura Poitras' one-of-a-kind documentary "Citizenfour," which captures former National Security Agency contractor Edward Snowden during his leak of NSA documents to Poitras (a documentarian and reporter) and journalist Glenn Greenwald.
U.S. documentary maker Laura Poitras has found herself in many a risky situation in Iraq and Yemen. But she never felt in as much danger as when she was filming Edward Snowden in a Hong Kong hotel while he prepared to blow the whistle on massive secret surveillance programs run by the U.S. government.
Almost a quarter of all internet users in Germany use password manager programmes to manage the access to computers or online services, according to a recent survey conducted by technology association Bitkom.
The drug war not only ushered in the era of state-federal task forces, it also turned on the funding spigot. Suddenly, state and local law enforcement agencies found themselves flush with cash flowing from federal grants to fight the War on Drugs. It also flung open the door to militarizing state and local police, as the feds began arming Mayberry with tanks, body armor and automatic weapons.
Scroll through our video timeline to see all of our coverage of whistleblower Edward Snowden, and the reporting he fueled that exposed the National Security Agency’s massive surveillance state. See our archive of interviews with Glenn Greenwald and Laura Poitras.
Certain local police departments are stockpiling and sharing consumer cellphone data, including call logs and the contents of seized devices, under a program established nearly two years ago.
While he was running the National Security Agency, former director Keith Alexander owned and traded commodities firms linked to China and Russia, according to a report.
A new report by Foreign Policy Magazine shows that Alexander’s financial disclosure forms show Alexander was involved in commodities trades that have been called an “opaque” by experts. The report, which cited forms first disclosed in Vice Magazine, noted that Alexander’s activity was cleared by ethics officials.
It’s been 16 months since The Guardian published its first story on the National Security Agency’s bulk collection program, launching a series of reports that would introduce the public to cryptic terms like PRISM and Boundless Informant.
Out in Colorado, Democrat Mark Udall, the state's first-term U.S. senator, is finding himself financially outmatched by his Republican opponent: Rep. Cory Gardner raised some $1.3 million in the first half of this month, reports the Associated Press. Udall raised just more than half that. Udall has far less cash on hand than Gardner, too. Yet the race is quite close. Udall is polling at 43 percent to Gardner's 46 percent, which just barely puts the Republican's lead beyond the margin of error.
And that presents an intriguing angle on the race for those of us who obsess over tech policy. Udall is known as one of Congress's most vociferous advocates for reforming how government, and the National Security Agency in particular, conducts its surveillance programs. He has been for years. And changing how the NSA works is one of the technology world's top priorities. So while Udall's political future is up to Colorado's voters, of course, how is it that Udall is hurting for cash when tech is one of the country's wealthiest industries?
In the past, we've noted how unfortunate it was that the Senator who fought strongest for our civil liberties in Congress, Russ Feingold, got voted out of office back in 2010 -- in favor of a "Tea Party" candidate who has consistently voted in favor of the intelligence community since replacing Feingold. Since then, plenty of attention has gone to Senator Ron Wyden for picking up where Feingold left off, but with him on issues of civil liberties as it relates to the intelligence community has always been Senator Mark Udall -- who has been perhaps even more vocal than Senator Wyden on these issues.
Mark Udall can win, but it`ll be a tough fight! I`m examining some of the sources this morning, and after a modicum of focused analysis, I believe Udall will be able to retain his senate seat. It`s a little scary when you see that Cory Gardner has a 3.8% lead over Mark Udall, according to the Real Clear Politics site (which averages the last 4 polls-those are stale bread after about 24 hours).
Three SURVEILLE teams of EU-funded experts studied NSA mass surveillance techniques for the purpose of a counter-terrorism investigation and basically found the surveillance 'failed drastically in striking the correct balance between security and privacy.'
Wireless carrier T-Mobile US has been quietly upgrading its network in a way that makes it harder for surveillance equipment to eavesdrop on calls and monitor texts, even on the company’s legacy system.
[...]
Tests by the Post in New York, Washington, and Boulder, Colorado showed that AT&T calls used the older A5/1 encryption, making them more vulnerable to interception by law enforcement officials or criminals with access to advanced surveillance technology. The tests were performed using a custom application called Darshak which was released at the Black Hat security conference in August.
John Kerry’s visit to Berlin 25 years after the Wall fell highlighted the crucial role transatlantic ties played earlier and can still play today. But to fulfill that promise, controversial issues can't be glossed over.
[...]
In his remarks, Kerry - as has become almost customary for US officials since the NSA scandal - heaped plenty of praise on his German hosts. He extolled Chancellor Angela Merkel and Foreign Minister Steinmeier for their leadership not only in the Ukraine crisis and within NATO, but also for their role in all other major global issues mentioned above.
To be sure, it is essential to keep the example of the successful and historic transatlantic cooperation that culminated in the fall of the Wall 25 years ago alive for a younger generation that did not experience it. And it is also important that the United States and Germany work together closely and responsibly on today's global crises despite the still remaining underlying tensions over the fallout from the NSA scandal and disagreements over the transatlantic trade deal TTIP.
FBI Director James B. Comey said the agency is not happy with Apple (AAPL) and Google's (GOOG) new encryption on phones, and may have to go through legal routes to make sure the FBI can access criminals' smartphones.
The NSA will still sweep up data en masse from every electronic platform, and law enforcement will still be able to get a warrant, provided they have probable cause, to search online records or request information from online companies.
On Tuesday, Students for Liberty (SFL) announced its 2015 Alumnus of the Year Award will be given to former National Security Agency (NSA) contractor Edward Snowden.
According to a statement by SFL President and Cofounder Alexander McCobin, the organization has decided to honor Snowden for “initiating a global conversation on the balance of power between governments and peoples that has led to and continues to bring about meaningful reforms to intrusive, abusive, and unjust government surveillance programs.”
In a chilling move toward an all-knowing police state, FBI Director James Comey is making the news rounds to equate data encryption with letting child pornographers, kidnappers, and terrorists roam unchecked. The assertion: Law enforcement will have no tools to catch bad guys if encryption works as designed. So all of a sudden other advances in law enforcement technology are trumped? Let's get real.
The CIA is still fighting for creative control of its most anticipated 21st century work: the Torture Report. Long before it got involved in the ongoing redaction battle, it was spying on those putting the report together, namely Senators and Senate staffers. Hands were wrung, apologies were made and it was medically determined that Sen. Dianne Feinstein doesn't have an ironic bone in her body.
White House Chief of Staff Denis McDonough is personally negotiating how much of the Senate's so-called torture report, a probe into the CIA’s post-9/11 detention and interrogation program, will be redacted, according to sources involved in the negotiations.
McDonough's leading role in the redaction discussion has raised eyebrows in the Senate, given that his position comes with a broad array of urgent responsibilities and that the Obama White House has a team of qualified national security advisers.
Hating on Congress is basically a national past time here in the US. Other than a brief moment of probably misguided solidarity after September 11th, the public's view towards Congress tends to be pretty negative, and it's been getting worse lately. Here's a historical look from Gallup at the public's approval ratings of Congress.
In what appears to be an unprecedented decision, a New York trial court has allowed the New York Police Department (“NYPD”) to issue a “Glomar” response to a state open records request, meaning the government refuses to confirm or deny whether responsive records exist.
A New York City court has given the NYPD one of the few things separating it from the "big boys" (CIA, FBI and NSA): the permission to issue "Glomar responses" (the infamous "we can neither confirm nor deny...") to FOIL (Freedom of Information Law) requests. Like the audacity of the department itself in pursuing this additional method of keeping the public separated from public documents, the decision is unprecedented.
The cover-up of the CIA’s secret surveillance on the US Senate Intelligence Committee is only getting deeper. As the Huffington Post’s Ali Watkins and Ryan Grim reported on Tuesday afternoon, a still-classified Inspector General report alleges CIA officials “impersonated Senate staffers in order to gain access to Senate communications and drafts of the Intelligence Committee investigation” while Senate staffers were completing their now infamous – but still somehow unreleased – report on the CIA’s Bush-era torture program.
You would think the White House might be aghast at such revelations, given that it’s the Senate Intelligence Committee’s job to oversee the CIA. But instead of worrying about the Constitution or legal violations, all the Obama administration seems to care about is saving CIA director John Brennan’s ass. There have already been multiple calls for Brennan to resign since he lied to the public about spying on the Senate. And now the White House seems intent on siding with the CIA director beyond all reason.
No single review or interview can do justice to Pay Any Price, the new book by James Risen that is the antithesis of what routinely passes for journalism about the "war on terror." Instead of evasive tunnel vision, the book offers big-picture acuity, focusing on realities that are pervasive and vastly destructive.
The government is worried about speech. Big deal. Speech is none of the government’s business.
Weisman also errs in giving too much screen time to Weev, who speaks intelligently about hacktivism in some scenes, but his main function—as far as I can tell—is to celebrate the troll's role in internet culture. That leaves Jeremy Hammond as the one true hacktivist out of the film's central characters.
Is Washington spending too much of its time trying to call out countries that carry out cyber attacks?
That’s what one top industry official argued Wednesday at a conference hosted by the Atlantic Council.
Dmitri Alperovitch, CTO of Crowdstrike, which is accredited by the National Security Agency to respond to cyber attacks, said Congress should put more of its focus on punishing foreign entities that carry out cyber attacks, even if the government can’t pinpoint exactly who ordered the attack.
Malala Yousafzai is extraordinary. She is the embodiment of the determination, fearlessness and power possessed by thousands of children in Pakistan and across the Indian subcontinent who struggle for a fair education. After being singled out and shot in the head by the Taliban two years ago, the miracle of her full recovery garnered international attention and catapulted her into the spotlight. She has always been a fierce advocate for girls’ education — only now, she has a global platform.
[...]
Yes, the Taliban is seriously hindering opportunities for education and progress in many areas in Pakistan, but not any more than the American drones that are taking the lives of innocent men, women and children in the same areas. The incessant bombing of Pakistan by the U.S., supposedly an intervention that is meant to aid in the counterattack, has produced the same results. Here’s the difference: The Taliban is strongly and rightfully demonized by the entire world, while Obama’s well-funded drone program continues murdering innocent people, supported by our very own tax dollars.
Yousafzai is a champion of women’s rights and education in Pakistan, but she is also an outspoken critic of U.S. foreign policy. How often do we hear about that?
Israel’s seven weeks of attacks this summer on heavily populated civilian neighborhoods in Gaza has led to unprecedented concern among Americans who, while still broadly supportive of Israel, found the attacks to be disproportionate and unnecessary.
There then follow 14 digital rights, including things like basic human rights; right to access the Net; Net neutrality; control of personal data online; protection against surveillance without the approval of a judge; right to online anonymity; and the right to be forgotten.
How is it possible that someone could face years in prison for sharing an academic paper online? How did we arrive at such extreme criminal punishments for accessing knowledge and information? Well, this has been long in the making. We got here because Big Content interests have dominated secretive, back-room copyright negotiations over several decades, resulting in laws that are increasingly restricting our speech, and our ability to comment, control, re-use, and access knowledge, culture, and the devices that we own.
The Department of Justice (DOJ) and Immigration and Customs Enforcement (ICE) appear to be continuing with Operation in Our Sites. In recent days two large music sharing sites, RockDizFile.com and RockDizMusic.com, were taken offline. Their domain names are now pointing to a prominent seizure banner.
George Mason University -- which not too long ago put out an entire book about the need for copyright reform -- apparently also wants to present "the other side." It recently held a conference entitled "Common Ground: How Intellectual Property Unites Creators and Innovators." You might assume that this would be along the lines of the point we've been making for years that content creators and entrepreneurs are really on the same side, creating new content and tools that better serve the public. But it was actually a conference that appears to have only invited copyright and patent maximalists, to talk about how oppressed both of them are by efforts to reform those two bodies of law away from the maximalist positions. It was a laugh riot, I'm sure.
Pacific Standard Magazine has a really great article by Noah Berlatsky, looking at how copyright is stifling artistic criticism. Much of it focuses on a recent paper by John Tehranian, whom we've written about before. The paper is called Dangerous Undertakings: Sacred Texts and Copyright's Myth of Aesthetic Neutrality -- and focuses on how aesthetic judgments about the value of works almost always applies in copyright cases, which is a bit dangerous when it comes to art, criticism and free speech. Berlatsky's piece focuses on the famous case of The Wind Done Gone, the famous "unauthorized retelling" of Gone With The Wind from the perspective of another character. The lower court said it was infringing, and the appeals court overturned it -- but both were based, at least in part, on aesthetics, rather than underlying legal issues...