Bonum Certa Men Certa

Links 24/2/2017: Ubuntu 17.04 Beta, OpenBSD Foundation Nets $573,000 in Donations





GNOME bluefish

Contents





GNU/Linux



Free Software/Open Source



  • Google Rolling Out New Ignition + TurboFan V8 Compiler Architecture
    The JavaScript engine performance wars are not over with Google preparing to make some significant changes to their V8 JavaScript engine used by Chrome and friends.

    The V8 JavaScript engine will be switching to a new compiler architecture following their 5.8 branching. Their current compiler architecture of FullCodeGen + Crankshaft as their optimizing compiler will be replaced by the Ignition interpreter and a new optimizing compiler called TurboFan.


  • Using Open Source Software to Speed Development and Gain Business Advantage


    Last week, we started by defining “Open Source” in common terms -- the first step for any organization that wants to realize, and optimize, the advantages of using open source software (OSS) in their products or services. In the next few articles, we will provide more details about each of the ways OSS adds up to a business advantage for organizations that use and contribute to open source. First, we’ll discuss why many organizations use OSS to speed up the delivery of software and hardware solutions.


  • Tying together the many open source projects in networking
    There are a lot of pieces to the ongoing network transformation going up and down the stack. There's the shift away from proprietary hardware. There's the to need to manage complex network configurations. Add subscriber management and a wide range of other necessary functions. Add customer-facing services. All of those pieces need to fit together, integrate with each other, and interoperate.

    This was the topic of my conversation with Heather Kirksey, who heads up the Open Platform for Network Functions Virtualization (OPNFV) project when we caught up at the Open Source Leadership Summit in mid-February. OPNFV is a Linux Foundation Collaborative Project which focuses on the system integration effort needed to tie together the many other open source projects in this space, such as OpenDaylight.

    As Heather puts it: "Telecom operators are looking to rethink, reimagine, and transform their networks from things being built on proprietary boxes to dynamic cloud applications with a lot more being in software. [This lets them] provision services more quickly, allocate bandwidth more dynamically, and scale out and scale in more effectively."


  • Your future boss? An employee-interrogating bot – it's an open-source gift from Dropbox
    Dropbox has released the code for the chatbot it uses to question employees about interactions with corporate systems, in the hope that it can help other organizations automate security processes and improve employee awareness of security concerns.

    "One of the hardest, most time-consuming parts of security monitoring is manually reaching out to employees to confirm their actions," said Alex Bertsch, formerly a Dropbox intern and now a teaching assistant at Brown University, in a blog post. "Despite already spending a significant amount of time on reach-outs, there were still alerts that we didn't have time to follow up on."


  • SaaS/Back End



    • Master the Open Cloud with Free, Community-Driven Guides
      One of the common criticisms of open source in general, especially when it comes to open cloud platforms such as OpenStack and ownCloud, is lack of truly top-notch documentation and training resources. The criticism is partly deserved, but there are some free documentation resources that benefit from lots of contributors.

      Community documentation and training contributors really can make a difference. In fact, in a recent interview, ClusterHQ’s Mohit Bhatnagar said: “Documentation is a classic example of where crowdsourcing wins. You just can’t beat the enthusiasm of hobbyist developers fixing a set of documentation resources because they are passionate about the topic.”


    • OpenStack Ocata Nova Cells Set to Improve Cloud Scalability
      Among the biggest things to land in the OpenStack Ocata cloud platform release this week is the Cells v2 code, which will help enable more scale and manageability in the core Nova compute project.

      Nova is one of the two original projects (along with Swift storage) that helped launch OpenStack in June 2010. The original Nova code, which was written by NASA, enables the management of virtualized server resources.





  • BSD



  • Public Services/Government



  • Licensing/Legal



  • Openness/Sharing/Collaboration



  • Programming/Development



    • Which is the best programming language for beginners?
      What is the best language for a budding programmer to get their start with? There are probably as many opinions about which language is best for beginners as there are languages to choose from. And the options change all of the time. When we asked this question two years ago, Python came out on top as the clear winner. But is it still the best choice today?


    • Top 3 machine learning libraries for Python
      You don't have to be a data scientist to be fascinated by the world of machine learning, but a few travel guides might help you navigate the vast universe that also includes big data, artificial intelligence, and deep learning, along with a large dose of statistics and analytics. ("Deep learning" and "machine learning" are often used interchangeably, so for a quick terminology primer that might help you understand the difference, read Nvidia's blog post, What's the Difference Between Artificial Intelligence, Machine Learning, and Deep Learning?)

      In this article, I'll look at three of the most popular machine learning libraries for Python.


    • Is your AI being handed to you by Google? Try Apache open source – Amazon's AWS did
      Surprisingly, the MXNet Machine Learning project was this month accepted by the Apache Software Foundation as an open-source project.

      What's surprising about the announcement isn't so much that the ASF is accepting this face in the crowd to its ranks – it's hard to turn around in the software world these days without tripping over ML tools – but rather that MXNet developers, most of whom are from Amazon, believe ASF is relevant.


    • Current Trends in Tools for Large-Scale Machine Learning
      During the past decade, enterprises have begun using machine learning (ML) to collect and analyze large amounts of data to obtain a competitive advantage. Now some are looking to go even deeper – using a subset of machine learning techniques called deep learning (DL), they are seeking to delve into the more esoteric properties hidden in the data. The goal is to create predictive applications for such areas as fraud detection, demand forecasting, click prediction, and other data-intensive analyses.


    • Your IDE won't change, but YOU will: HELLO! Machine learning
      Machine learning has become a buzzword. A branch of Artificial Intelligence, it adds marketing sparkle to everything from intrusion detection tools to business analytics. What is it, exactly, and how can you code it?


    • Artificial intelligence: Understanding how machines learn
      Learning the inner workings of artificial intelligence is an antidote to these worries. And this knowledge can facilitate both responsible and carefree engagement.






Leftovers



  • Health/Nutrition



    • Flint water crisis doctor invited to President Trump's address to Congress
      U.S. Rep. Dan Kildee had one guest ticket for President Trump's address to a joint session of Congress, and he's given it to the Flint pediatrician who helped to expose the Flint water crisis.

      Kildee said in a news release Thursday, Feb. 23, that Dr. Mona Hanna-Attisha will be his guest at next week's joint session.

      Hanna-Attisha played a critical role in the water crisis having been declared a national emergency after her work revealed the percentage of Flint children with elevated blood lead levels doubled after the city changed its water source to the Flint River in April 2014.

      MLive-The Flint Journal could not immediately reach Hanna-Attisha, who last month spoke out against Trump's executive order that attempted to bar immigrants from seven majority-Muslim countries.


    • More Transparency In Medical Product Prices Discussed At Event
      The lack of access to medical products has spread from being a developing country problem to a global one as prices are now too high even for developed country patients and health systems for some medicines. An event at the Graduate Institute Global Public Health Centre yesterday was an opportunity to explore these issues.




  • Security



    • Change all the passwords (again)
      Looks like it is time to change all the passwords again. There’s a tiny little flaw in a CDN used … everywhere, it seems.


    • Cloudflare’s Cloudbleed is the worst privacy leak in recent Internet history
      Cloudflare revealed today that, for months, all of its protected websites were potentially leaking private information across the Internet. Specifically, Cloudflare’s reverse proxies were dumping uninitialized memory; that is to say, bleeding private data. The issue, termed Cloudbleed by some (but not its discoverer Tavis Ormandy of Google Project Zero), is the greatest privacy leak of 2017 and the year has just started.

      For months, since 2016-09-22 by their own admission, CloudFlare has been leaking private information through Cloudbleed. Basically, random data from random sites (again, it’s worth mentioning that every site that used CloudFlare in the last half year should be considered to having fallen victim to this) would be randomly distributed across the open Internet, and then indefinitely cached along the way.
    • Serious Cloudflare bug exposed a potpourri of secret customer data
      Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug exposed a range of sensitive information that could have included passwords and cookies and tokens used to authenticate users.

      A combination of factors made the bug particularly severe. First, the leakage may have been active since September 22, nearly five months before it was discovered, although the greatest period of impact was from February 13 and February 18. Second, some of the highly sensitive data that was leaked was cached by Google and other search engines. The result was that for the entire time the bug was active, hackers had the ability to access the data in real-time by making Web requests to affected websites and to access some of the leaked data later by crafting queries on search engines.

      "The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare CTO John Graham-Cumming wrote in a blog post published Thursday. "We are disclosing this problem now as we are satisfied that search engine caches have now been cleared of sensitive information. We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."


    • Today's leading causes of DDoS attacks [Ed: The so-called 'Internet of things' (crappy devices with identical passwords) is a mess; programmers to blame, not Linux]
      Of the most recent mega 100Gbps attacks in the last quarter, most of them were directly attributed to the Mirai botnet. The Mirai botnet works by exploiting the weak security on many Internet of Things (IoT) devices. The program finds its victims by constantly scanning the internet for IoT devices, which use factory default or hard-coded usernames and passwords.


    • How to Set Up An SSL Certificate on Your Website [via "Steps To Secure Your Website With An SSL Certificate"]


    • SHA-1 is dead, long live SHA-1!
      Unless you’ve been living under a rock, you heard that some researchers managed to create a SHA-1 collision. The short story as to why this matters is the whole purpose of a hashing algorithm is to make it impossible to generate collisions on purpose. Unfortunately though impossible things are usually also impossible so in reality we just make sure it’s really really hard to generate a collision. Thanks to Moore’s Law, hard things don’t stay hard forever. This is why MD5 had to go live on a farm out in the country, and we’re not allowed to see it anymore … because it’s having too much fun. SHA-1 will get to join it soon.


    • Stop using SHA1 encryption: It’s now completely unsafe, Google proves
      Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm's use for security-sensitive functions should be discontinued as soon as possible.

      SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made.

      However, despite these efforts to phase out the use of SHA-1 in some areas, the algorithm is still fairly widely used to validate credit card transactions, electronic documents, email PGP/GPG signatures, open-source software repositories, backups and software updates.


    • on pgp


      First and foremost I have to pay respect to PGP, it was an important weapon in the first cryptowar. It has helped many whistleblowers and dissidents. It is software with quite interesting history, if all the cryptograms could tell... PGP is also deeply misunderstood, it is a highly successful political tool. It was essential in getting crypto out to the people. In my view PGP is not dead, it's just old and misunderstood and needs to be retired in honor.

      However the world has changed from the internet happy times of the '90s, from a passive adversary to many active ones - with cheap commercially available malware as turn-key-solutions, intrusive apps, malware, NSLs, gag orders, etc.


    • SHA1 collision via ASCII art
      Happy SHA1 collision day everybody!

      If you extract the differences between the good.pdf and bad.pdf attached to the paper, you'll find it all comes down to a small ~128 byte chunk of random-looking binary data that varies between the files.


    • PayThink Knowledge is power in fighting new Android attack bot
      Android users and apps have become a major part of payments and financial services, carrying an increased risk for web crime.

      It is estimated that there are 107.7 million Android Smartphone users in the U.S. who have downloaded more than 65 million apps from the Google App Store, and each one of them represents a smorgasbord of opportunity for hackers to steal user credentials and other information.


    • Red Hat: 'use after free' vulnerability found in Linux kernel's DCCP protocol IPV6 implementation
      Red Hat Product Security has published details of an "important" security vulnerability in the Linux kernel. The IPv6 implementation of the DCCP protocol means that it is possible for a local, unprivileged user to alter kernel memory and escalate their privileges.

      Known as the "use-after-free" flaw, CVE-2017-6074 affects a number of Red Hat products including Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7 and Red Hat Openshift Online v2. Mitigating factors include the requirement for a potential attacker to have access to a local account on a machine, and for IPV6 to be enabled, but it is still something that will be of concern to Linux users.

      Describing the vulnerability, Red Hat says: "This flaw allows an attacker with an account on the local system to potentially elevate privileges. This class of flaw is commonly referred to as UAF (Use After Free.) Flaws of this nature are generally exploited by exercising a code path that accesses memory via a pointer that no longer references an in use allocation due to an earlier free() operation. In this specific issue, the flaw exists in the DCCP networking code and can be reached by a malicious actor with sufficient access to initiate a DCCP network connection on any local interface. Successful exploitation may result in crashing of the host kernel, potential execution of code in the context of the host kernel or other escalation of privilege by modifying kernel memory structures."




  • Transparency/Investigative Reporting



    • Ecuador President blasts plans to kick out Wikileaks’ Julian Assange as BUTTERING UP USA
      The Australian hacker has been living at the Ecuadorian embassy in Knightsbridge, London, for nearly five years in an attempt to avoid being deported to Sweden over allegations of rape and sexual assault, allegations he has denied.

      But the 45-year-old could find himself being booted out should the right-wing candidate Guillermo Lasso, 61, get elected in the country’s presidential election, when the second round of voting takes place on April 2.




  • Environment/Energy/Wildlife/Nature



    • Red, rural America acts on climate change – without calling it climate change [Ed: Oil giants spread their religion]
      President Donald Trump has the environmental community understandably concerned. He and members of his Cabinet have questioned the established science of climate change, and his choice to head the Environmental Protection Agency, former Oklahoma Attorney General Scott Pruitt, has sued the EPA many times and regularly sided with the fossil fuel industry.

      Even if the Trump administration withdraws from all international climate negotiations and reduces the EPA to bare bones, the effects of climate change are happening and will continue to build.

      In response to real threats and public demand, cities across the United States and around the world are taking action to address climate change. We might think this is happening only in large, coastal cities that are threatened by sea-level rise or hurricanes, like Amsterdam or New York.

      Research shows, however, that even in the fly-over red states of the U.S. Great Plains, local leaders in small- to medium-size communities are already grappling with the issue. Although their actions are not always couched in terms of addressing climate change, their strategies can provide insights into how to make progress on climate policy under a Trump administration.


    • Police Begin Making More Arrests At DAPL Protest Camp
      Police in full riot gear began arresting Dakota Access pipeline opponents who remained in a protest camp in North Dakota on Thursday in defiance of orders to leave.

      Most protesters left peacefully Wednesday, when authorities closed the camp on Army Corps of Engineers land in advance of spring flooding, but some refused to go.

      Eighteen National Guardsmen and dozens of law officers entered the camp from two directions shortly before midday Thursday, along with several law enforcement and military vehicles. A helicopter and airplane flew overhead.


    • We Have to Keep Fighting: Water Protectors Vow Continued Resistance to #DAPL as Main Camp Is Evicted
      In North Dakota, the main resistance camp set up by Lakota water protectors fighting the $3.8 billion Dakota Access pipeline has been largely vacated after protesters were ordered to leave the camp on Wednesday. Police arrested around 10 people. The U.S. Army Corps of Engineers and the North Dakota governor had imposed a noon eviction deadline for the hundreds of water protectors still living at the resistance camp. Prayers ceremonies were held on Wednesday, and part of the camp was set on fire before the eviction began. Water protectors say the resistance camp sits on unceded Sioux territory under the 1851 Treaty of Fort Laramie and that they have a right to remain on their ancestral land. A couple dozen people remain at the camp. The ongoing encampments in North Dakota were the largest gathering of Native Americans in decades. At its peak, more than 10,000 people were at the resistance camp. Earlier this month, construction crews resumed work on the final section of the pipeline, after the Trump administration granted an easement to allow Energy Transfer Partners to drill beneath the Missouri River. We go to Standing Rock to speak with LaDonna Brave Bull Allard and Linda Black Elk.


    • Standing Rock is burning in the snow and departing water protectors grieve DAPL progress
      Wednesday marked a last stand of sorts at Standing Rock, North Dakota, where about 200 to 300 “water protectors” have remained for months to protest completion of the Dakota Access pipeline, which would transport 470,000 barrels of oil a day across four states. The Army Corps of Engineers has ordered that the Oceti Sakowin camp near the Standing Rock Sioux reservation be closed at 2 p.m. local time on Wednesday, citing the potential for spring flooding.

      Like the Indian warrior in the iconic Old West image “The End of the Trail” (a late 1800s sculpture by South Dakota artist James Earle Fraser) who slumps over his horse’s back, weary after a long and difficult battle, those left at Standing Rock remained, prayed and burned the teepees that had housed so many over the past 10 months. They also burned wooden structures central to the camp’s function, so that government engineers could not touch what they made and found sacred. The smoke that rose to the heavens was symbolic, as were the prayers: This was a ceremony of leaving.






  • Finance



    • In Latest Twist To The Global Trade Deal Saga, EU Now Looking To Fill The Gap Left By US In Exiting TPP
      Remember the good old days, when trade deals were so boring nobody even cared they were happening? That started to change with the Anti-Counterfeiting Trade Agreement, (ACTA), where the copyright industries rather foolishly tried to slip in some proposals that would have had big impacts on the online world. As Techdirt reported at the time, that led to an unprecedented awareness of, and resistance to, ACTA that ultimately caused its defeat in the European Parliament.

      After that, things were never the same again in the world of trade deals, because digital activists were now on the lookout for the bad stuff hidden in the stultifyingly dull language. They soon found it in TPP, which people realized was basically "Son of ACTA," but worse. Then came TAFTA/TTIP, which publicly dropped its ACTA-like elements in a desperate attempt to stave off criticisms and mass protests. That didn't work, of course; TTIP soon ground to a halt, and remains in limbo. Even though TPP was eventually concluded after years of delays, it was derailed by the election of Donald Trump as US President, who promptly withdrew from the deal. But if you thought things had finally quieted down for a while -- TISA too has dropped off the radar recently -- think again.


    • How Much Does it Cost to Run a Full Bitcoin Node?
      Bitcoin nodes commonly use 200 gigabytes upload or more a month and download around 20 gigabytes per month.


    • Did You #DeleteUber? Your Account Lives On
      As social media erupted with outrage over a sexism scandal at the app-based ride service Uber over the weekend, consumers in Seattle and around the country vowed to "delete the app" in protest.

      But unless people followed that up with a tweet or Facebook post -- or entirely deleted their account with the company -- the message might not have been received.

      "A developer is not notified when an application is deleted,'' said Morgan Reed, executive director of The App Association, a Washington, D.C.-based trade association that represents more than 5,000 app and information-technology companies.

      "They may notice a decrease in information flowing from an app or reconnecting to their services,'' he said. "All it knows is that your application is dormant."

      That's due to privacy concerns, and practical considerations that take into account multiple devices, new devices and user error, Reed said.




  • AstroTurf/Lobbying/Politics



    • Study reveals bot-on-bot editing wars raging on Wikipedia's pages
      For many it is no more than the first port of call when a niggling question raises its head. Found on its pages are answers to mysteries from the fate of male anglerfish, the joys of dorodango, and the improbable death of Aeschylus.

      But beneath the surface of Wikipedia lies a murky world of enduring conflict. A new study from computer scientists has found that the online encyclopedia is a battleground where silent wars have raged for years.

      Since Wikipedia launched in 2001, its millions of articles have been ranged over by software robots, or simply “bots”, that are built to mend errors, add links to other pages, and perform other basic housekeeping tasks.


    • Hah, Hah, Hah...They Think Trump Is A Republican
      Trump, who has rarely held a position that he didn't once hold the other side on, is a crony capitalist ME! ME! ME!-publican and/or a ME! ME! ME!-ocrat, depending on who's listening and what his whim happens to be at a particular moment.

      Adorably, we've got a free-market think tank dude who seems a little confused about this.


    • Protecting Trump Tower cost New York $300,000 every day between November and January


      New York City spent $308,000 (€£248,000) every day protecting Donald Trump's Trump Tower residence between his election and his inauguration.

      Police commissioner James O'Neill said the city spent $24m (€£19.3m) to provide security at the skyscraper over the three-month period, and he foresees spending up to $145,000 (€£117,000) a day when only First Lady Melania Trump and her son Barron are in town as the 10-year-old attends school.

      "We are seeking full federal reimbursement for all costs incurred related to security for President Trump and his family at Trump Tower," Freddi Goldstein, a spokeswoman for mayor Bill de Blasio, said.




  • Censorship/Free Speech



  • Privacy/Surveillance



    • NSA Deputy Director: Why I Spent the Last 40 Years In National Security [Ed: Time for NSA hagiography]
      In 1977 I was finishing my sophomore year of college, working two jobs to put myself through school, and thought, “There has to be a better way.” So I enlisted in the U.S. Army as a Signals Intelligence/Electronic Warfare Morse Intercept Operator, which didn’t tell me much but would let me earn money toward college through the GI Bill. My plan was to do my 3 years, get out, and finish college. That plan didn’t work out; I ended up staying in the Army almost eleven years and then transitioned to the National Security Agency as a civilian for 29 more, and am retiring this April after 40 years in the business. I did end up finishing my degree after hours, and went on to get a master’s degree, just not in the way I’d planned. What happened along the way was that I discovered the fulfillment that comes from serving the nation and its allies, working with some of the most amazing people on the planet, on the most challenging problems we face.


    • Social Media Are Driving Americans Insane
      If you pull out your phone to check Twitter while waiting for the light to change, or read e-mails while brushing your teeth, you might be what the American Psychological Association calls a “constant checker.” And chances are, it’s hurting your mental health.
    • How Will the REAL ID Act Impact You?
      There's already plenty for travelers to consider when flying: strategies for packing light, tricks for dealing with long security lines and sanity savers when seated next to obnoxious passengers. The reality is you must take plenty of precautions for smooth, hassle-free travel, beyond picking the right seat or securing affordable plane tickets. And in case you haven't heard (or noticed the signage at select U.S. airports), there's a big new rule coming down the pike on Jan. 22, 2018, when the the REAL ID Act will be enforced and driver's licenses in nine states will no longer be a valid form of identification at TSA checkpoints. If you live in Kentucky, Maine, Minnesota, Missouri, Montana, Oklahoma, Pennsylvania, South Carolina and Washington, you'll need to pack another accepted form of identification to travel domestically.


    • Threat via Whisper prompts FBI to show up: “holy f**k I’m… going to get raided”
      If we’ve said it once, we’ve said it 1,000 times: these so-called "anonymous" messaging apps simply aren’t anonymous. To put it another way, if you’re dumb enough to make violent threats on them, you’ll get caught.

      According to a newly released federal criminal complaint, Garrett Grimsley of Cary, North Carolina, allegedly used the Whisper app to make such remarks on February 19. Hours later, local police and the FBI arrived at his door to search his apartment.
    • That Health Tracker Could Cost You
      Using big data to improve health might seem like a great idea. The way private insurance works, though, it could end up making sick people -- or even those perceived as likely to become sick -- a lot poorer.

      Suppose a company offers you an insurance discount and a free FitBit if you agree to share your data and submit to a yearly physical. You're assured that the data will be used only in aggregate, never tied back to specific identities.

      If that makes you feel safe, it shouldn’t. The way machine learning works, data can be used against individuals without being connected directly to names.


    • Wearing an activity tracker gives insurance companies the data they need to discriminate against people like you
      Many insurers offer breaks to people who wear activity trackers that gather data on them; as Cathy "Mathbabe" O'Neil points out, the allegedly "anonymized' data-collection is trivial to re-identify (so this data might be used against you), and, more broadly, the real business model for this data isn't improving your health outcomes -- it's dividing the world into high-risk and low-risk people, so insurers can charge people more.

      That means that if your fitbit-a-like shows that left-handed vegetarians like you are at higher risk for expensive medical treatments, then people like you will end up paying higher premiums -- and you'll have helped make that possible.
    • Netherlands Looks To Join The Super-Snooper Club With New Mass Surveillance Law
      The mention of the safeguards of European law is significant. As we reported in December, the Court of Justice of the European Union (CJEU) confirmed that general and indiscriminate data retention is illegal in the EU. Assuming the Dutch law is passed as expected, a legal challenge at the CJEU could follow, and would seem to stand a good chance of getting the law struck down in its present form.


    • [NSA (SIGNAL):] Cybersecurity Must Take Front and Center National Attention, Experts Say
      “It must be viewed more broadly and must be tackled from a national security perspective,” Adm. Rogers said during a morning West 2017 conference presentation Thursday with Adm. James Stavridis, USN (Ret.), former NATO commander and dean of Tufts University’s Fletcher School of Law and Diplomacy.
    • NSA Head: Russian Interference in U.S. Election, ‘Hey, This Happened’ [Ed: NSA does not need evidence, it needs innuendo]
      The head of the National Security Agency reiterated that Russia engaged in cyber actions to influence the result of the U.S. presidential election and said the Moscow-directed interference is changing the way the NSA thinks about U.S. critical infrastructure.


    • German Regulators Urge Parents To Destroy WiFi Connected Doll Over Surveillance Fears
      For a while now, we've discussed how your children's toys are quickly becoming the latest and greatest privacy threat courtesy of cryptic or half-cooked privacy policies and the treatment of device security as an afterthought; rather part and parcel now for the privacy dumpster fire that is the internet of not-so-smart things era. Numerous privacy groups have complained that smart Barbies and other toys not only now hoover up and monetize childrens' prattle, but leave the door open to the devices' being used nefariously by third parties.

      The problems culminated in a lawsuit last December here in the States against Genesis Toys, maker of "smart" toys like the My Friend Cayla doll and the i-Que Intelligent Robot. The lawsuit accuses the company of violating COPPA (the Childrens' Online Privacy Protection Act of 1998) by failing to adequately inform parents that their kids' conversations and personal data collected by the toys are being shipped off to servers and third-party companies.




  • Civil Rights/Policing



    • Amos Yee allegedly in solitary confinement in the USA for insulting Muslims in jail[Ed: Mentally tortures a teenage asylum seeker (not a crime) for insulting Islam; torture and Sharia law imposed in immigration purposes detention facilities?]
      According to a Facebook post which has since been deleted, teen blogger Amos Yee is currently in solitary confinement for criticising Muslims and Islam during their Muslim Studies in jail; and that he is feeling terrible about it.

      [...]

      “He attended a Muslim Studies class, in order to “disagree”. There was a “Muslim pastor” from outside (not a prisoner) and about 18 Muslim prisoners in attendance. Amos called Allah a “sky wizard”. He said that if the religion is 5,000 years old then it’s “complete fucking garbage”. (He said “fuck” a lot). He said that the Quran has passages instructing the devout to kill non-Muslims; the pastor handed him the Quran and challenged him to show such passages, and when Amos said “Ok, I will”, the pastor took the Quran back.


    • The Responsibility to Leak, and Leaking Responsibly
      I know you’re out there, and this is for you. What you’re weighing, it’s not as easy as you think. But it can matter more than anything else you do with your professional life.

      Washington is awash with leaks; if they were real water we’d all drown. The American people feel they are seeing the inner most workings of government, and it is not pretty. Powerful people are falling. Our democracy may be at risk. President Trump and his team have no intention of watching from the sidelines. There is a struggle going on, and people are taking sides.


    • This Keralite ‘Rape Jihadi’ who spoiled over 30 Hindu girls thinks it’s sin to molest Muslim women.
      Devout Quran follower Muhammad Shafi from Kerala posed as Hindu NRI doctor raped over 30 Hindu women under Love Jihad and job placement racket, but never molested a Muslim woman even.


    • Manipur’s Muslim woman jumps into fray despite ‘fatwa'
      Despite a fatwa being issued against her for contesting election, Manipur's first Muslim woman candidate Najima Bibi said she wants to continue her fight against domestic violence and work for uplift of Muslim women.

      "I am not bothered about my life, but as long as I live I will continue my fight against domestic violence and in favour of social uplift of the Muslim women in the society. My life has been a struggle since childhood, I am not afraid of any threats," Najima Bibi told PTI.


    • They won't admit it in Stockholm, but Donald Trump is right about immigration in Sweden
      I was in Stockholm last Friday, an eyewitness on the great night that nothing happened. Donald Trump gave a speech in Florida the next day, asking his audience to look at what had occurred “last night in Sweden”. Something appalling, apparently, involving asylum seekers. The Swedes “took in large numbers,” he said. And now “they’re having problems like they never thought possible”. But he was wrong: nothing of note had happened that night. His mistake was used by much of the Swedish media (and politicians) to slate him, as if he concocted the whole idea of an immigration problem.


    • Divided federal appeals court rules you have the right to film the police
      A divided federal appeals court is ruling for the First Amendment, saying the public has a right to film the police. But the 5th US Circuit Court of Appeals, in upholding the bulk of a lower court's decision against an activist who was conducting what he called a "First Amendment audit" outside a Texas police station, noted that this right is not absolute and is not applicable everywhere.

      The facts of the dispute are simple. Phillip Turner was 25 in September 2015 when he decided to go outside the Fort Worth police department to test officers' knowledge of the right to film the police. While filming, he was arrested for failing to identify himself to the police. Officers handcuffed and briefly held Turner before releasing him without charges. Turner sued, alleging violations of his Fourth Amendment right against unlawful arrest and detention and his First Amendment right of speech.

      The 2-1 decision Thursday by Judge Jacques Wiener is among a slew of rulings on the topic, and it provides fresh legal backing for the so-called YouTube society where people are constantly using their mobile phones to film themselves and the police. The American Civil Liberties Union says, "there is a widespread, continuing pattern of law enforcement officers ordering people to stop taking photographs or video in public places and harassing, detaining and arresting those who fail to comply."


    • White House Promises 'Greater Enforcement' of Federal Marijuana Laws
      The Trump Administration will step up enforcement of federal laws barring recreational marijuana in states where its use is legalized, the White House said Thursday.

      Asked about the conflict between federal laws barring recreational marijuana and the handful of states that allow it, White House spokesman Sean Spicer said the Administration would change direction from the more permissive approach under President Obama.

      "I do believe you'll see greater enforcement of it," Spicer told reporters Thursday during the White House briefing.




  • Internet Policy/Net Neutrality

    • FCC votes to lift net neutrality transparency rules for smaller internet providers
      The newly Republican-controlled FCC took its first steps to scale back net neutrality today by voting to lift transparency requirements from smaller internet providers.

      Internet providers with fewer than 250,000 subscribers will not be required to disclose information on network performance, fees, and data caps, thanks to this rule change. The commission had initially exempted internet providers with fewer than 100,000 subscribers with the intention of revisiting the issue later to determine whether a higher or lower figure was appropriate.


    • Comcast's Decision To Charge Roku Users A Bogus Fee Highlights Its Uncanny Ability To Shoot Innovation In The Foot
      So when we last checked in with Comcast, the company was whining about a now deceased FCC plan to bring some much-needed openness and competition to your dusty old cable box. The FCC had proposed requiring that cable providers let users pick the cable box of their choice, later modifying the plan (after endless industry pearl-clutching) to simply requiring that cable providers bring their existing content in app form to existing streaming boxes. Granted, Comcast was at the heart of a massive, bizarre disinformation effort claiming the plan would end civilization as we know it.

      Of course, what it would have ended was not only $21 billion in cable box monopoly rental fees, but a cornerstone of the closed, locked down walled garden that helps prop up the cable industry's gatekeeper power. Comcast, for what it's worth, claimed that bringing its content to third-party devices would harm copyright, increase piracy, hinder cable industry "innovation," and was technically impossible anyway. Regardless, the FCC's plan is dead, and it's not coming back any time soon.




  • Intellectual Monopolies



    • Lindsay Lohan Won't Put Her GTA5 Lawsuit Out Of Its Misery
      Here is something you, the dear Techdirt reader, may not have known about me: I had always thought that there was only one proper spelling for the name "Lindsey." I'm not sure why I thought that, but I was certain that name was only spelled with an "e" before the "y." But, it turns out, spelling it as "Lindsay" is a perfectly common and accepted alternate spelling for the name. And the only reason that I now know that is because Linsday, with an "a," Lohan will not let her lawsuit against Take-Two Interactive -- for appropriating her likeness for several characters, which didn't actually happen -- die its final death.

      First, a refresher. Lohan decided that a side quest character in Grand Theft Auto 5, which was actually an amalgam of several Hollywood starlet tropes, violated her publicity rights. She also claimed that an entirely different character that was used on some of the game's marketing and packaging was also her and also violated her publicity rights. The case wove its way through the past half-decade, largely with the court and Take-Two casting narrow eyes at the mountains of paperwork Lohan's legal team was able to produce while somehow maintaining an inability to come up with claims that were in any way credible, before the court finally tossed the lawsuit entirely. The court at the time made it clear that Take-Two's characters weren't direct appropriations of Lohan's likeness and that the parody amalgam starlet it had created was clearly protected by the First Amendment.


    • WIPO Committee On Protection Of Folklore: Shall We Dance? [Ed: When people of one nation 'copy' (inspiration) a dance of another it isn't theft but sharing. Who 'owns' folklore? Maximalists help rich privateers.]
      The United States tabled a document for discussion next week, listing a number of what they consider examples of traditional cultural expressions (TCEs). The European Union proposed a study on the protection of TCEs in WIPO members, and if and how TCEs benefit from intellectual property protection in those countries. The United States and the European Union countries are generally opposed to a binding instrument to protect TCEs.

      [...]

      According to WIPO, TCEs may include music, dance, art, designs, names, signs and symbols, performances, ceremonies, architectural forms, handicraft and narratives.

      Next week is the first meeting on TCEs of the biennium. The last formal meeting on TCEs dates back to April 2014, due to a one-year hiatus in the work of the committee and the order in which the topics of the IGC have been addressed in this biennium.


    • Copyrights



      • Google: With No Fair Use, It’s More Difficult to Innovate


        Unlike the United States where 'fair use' exemptions are entrenched in law, Australia has only a limited "fair dealing" arrangement. As a result, Google's head of copyright William Patry says that Australia wouldn't be a safe place for his company to store certain data, a clear hindrance to innovation and productivity.








Recent Techrights' Posts

[Meme] Driver Issues
Where do you want to drive today?
Another Dose of Fake 'Articles' About Linux
Don't give visibility to the nonsense of Microsoft
 
Dr. Andy Farnell's Article on Why Passwords Still Rock
"Seven for a secret never to be told"
The Problem Isn't That New Cars Use Electricity But That They Use Too Many Bits of Electronics
"...and proprietary software wrapped in proprietary APIs and protocols all without a modicum of compartmentalisation," an associate adds
We're Turning 18 in 30 Days
30 days from now the site turns 18
GNOME Foundation Says It's Nearly Broke (Again), It's Getting Rid of More People (Only Women Get the Boot), and It Will Improve Communications and Transparency Even Though It Secretly Ousts People From the GNOME Foundation Board (for Secret Reasons)
It only talks about this months later (under strict gag orders, only public shaming of a person)
Links 08/10/2024: Australian Fines for Twitter (X), Fake Patent Courts Still Not Scuttled
Links for the day
Gemini Links 08/10/2024: Guilt by Association, Workers vs Owners
Links for the day
Links 08/10/2024: War Updates, Samsung's Layoffs, and Gemini
Links for the day
Links 08/10/2024: Microsoft Deleting Office Documents Instead of Saving Them, "Threads Still Sucks"
Links for the day
gemini.techrights.org and techrights.org (Same Server, Not the Same Protocol)
We're reminding readers that everything in this site is fully accessible via gemini.techrights.org in Gemini Protocol
X Has Axed Itself. This is Great News and Further Affirmation of Everything We've Said About Social Control Media.
Don't waste any more time on social control media
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, October 07, 2024
IRC logs for Monday, October 07, 2024
Gemini Links 08/10/2024: Contingency Begets Complexity, Playing With Bezier Curves
Links for the day
Almost Half the Web Users Connecting to Your Site Are Using Linux
almost 1 in 2 Web-connected devices runs Android and about 2% run "proper" GNU/Linux
The Web Has Severe Amnesia Problems, But We Still Remember How Gilberto Gil Promoted Free Software in Brazil
The Digital Tipping Point (DTP) is years behind us now
Synthesised Voices Aren't a New Technology (the Hype Might Be, They Call It "Hey Hi" Now)
I still consider this an extension of the "hey hi" (AI) hype
LLM Hype is Already Descending, Apple Stopped Investing in the Money Furnace
Wall Street is a perverse force in the technology market, incentivising the most harmful (and mostly useless) things
Change Control and What Will Come After Git (If That's Still Possible at All)
It would be wrong to believe (at least misguided) Git can be a "standard" skill 30 or 50 years from now.
On the Web, HTTPS Has Actually Become a Privacy Problem (Broadcasting Usage/Access to the All-Seeing CA Eye). Geminispace Doesn't Have This Problem.
Down to 23 capsules: the rapid demise of Certificate Authority (CA) Let's Encrypt in Geminispace
Links 07/10/2024: Politics, Education, Wars, Financial Crunch
Links for the day
Munich Was Having Real Difficulties Moving From GNU/Linux to Windows
How many are still using GNU/Linux?
Links 07/10/2024:China’s 'Deflation' (Price Decreases), Brazil Still Bars Twitter ("X")
Links for the day
Links 07/10/2024: "Creative Computing" Turns 50, Long War in Middle East Turns 1
Links for the day
Gemini Links 07/10/2024: Luck and Dishonesty, Gaming Getting Worse
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 06, 2024
IRC logs for Sunday, October 06, 2024
EPO: We Give Recognition to Frauds
Good to see some frank recognition right there in the EPO's own Web site
Even Though We Don't Focus on statCounter for Now (Not Our Top Priority) GNU/Linux Reaches New Highs This Month:
We caught GNU/Linux at 4.86% before, but only temporarily
Links 06/10/2024: Ham Radio for Recovery, Health Problems Worldwide
Links for the day
Gemini Links 06/10/2024: Special Interest Galore and Religion
Links for the day
Keeping Control Out of Dictators' Hands
When people are just "numbers"...
Links 06/10/2024: Misinformation Growing on the Web, "Hey Hi" Hype Waning for Lack of RoI
Links for the day
[Meme] Years Have Passed and EPO Management Still Isn't Obeying a Ruling From a Court Regarding Communications Between Staff
Representatives talking to their staff is "privacy violation"?
Presentations of the Staff Union of the European Patent Office in Its Headquarters Tomorrow After Work
Annual General Meeting and reports
Gemini Links 06/10/2024: SSH Keys and Hobby Game Development
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 05, 2024
IRC logs for Saturday, October 05, 2024