Linux fans enthusiastic about Google’s effort to bring desktop Linux apps on Chrome OS owe to themselves to watch the following video.
In it, technology YouTuber Lon Seidman demos the current state of the Crostini project (‘Crostini’ is the codename for the “run desktop and CLI Linux apps on Chrome OS” feature we keep gushing about) on both an Intel Chromebox and an ARM-based Chromebook.
This latter demo, of ARM support, is of particular interest.
I had (wrongly, it turns out) assumed Google would restrict Crostini to running on its higher-end Chromebooks, like the pricey Google Pixelbook and the ‘spensive Samsung Chromebook Plus.
When Google first launched Chrome OS, the operating system was basically a glorified web browser designed to run web apps. Over time Google added support for running some applications offline and built in tools that let you do things like watch videos without an internet connection, making the platform a little more useful.
A few years ago the company kicked things up a notch by adding support for Android applications, allowing users to choose from millions of apps and games.
And this year Google started to build support for desktop Linux applications into Chrome OS. Initially the feature was only available for the Google Pixelbook running Chrome OS in the developer channel. But over the past few months Google has added support for a bunch of additional devices… including the Acer Chromebook Tab 10, which is the first Chrome OS tablet to ship without a keyboard.
Queued into the staging code for introduction with the Linux 4.19 kernel is the Gasket driver framework and the first driver based upon it, Apex.
Gasket in this context is short for Google ASIC Software, Kernel Extensions, and Tools. The Gasket framework aims to make it easier to develop thin kernel drivers that provide the basic functionality in kernel-space but any extra functionality is to be achieved in user-space code.
A key goal in my career is growing the understanding and best practice of how communities, and open source communities in particular, can work well together. There is a lot of nuance to this work, and the best way to build a corpus of best practice is to bring people together to share ideas and experience.
In service of this, last year I reached out to The Linux Foundation about putting together an event focused on these "people" elements of Open Source such as community management, collaborative workflow, governance, managing conflict, and more. It was called the Open Community Conference, which took place at the Open Source Summit events in Los Angeles and Prague, and everything went swimmingly.
A new pull request has been submitted to MoltenVK, the open-source project for mapping the Vulkan graphics/compute API over Apple's Metal to run on iOS/macOS. This pull request is working to address the issue that caused at least one MoltenVK-using iPhone/iPad game to be rejected from the Apple App Store.
Samuel Pitoiset of Valve's open-source Linux GPU driver team has been particularly busy in recent days with "RADV" Radeon Vulkan driver enhancements.
Pitoiset this weekend sent out patches for enabling the new VK_KHR_create_renderpass2 extension, which was introduced in Saturday's release of Vulkan 1.1.80. RenderPass2 allows for render passes to be easily extended.
It's an exciting day in RADV land as in addition to work on the new Vulkan 1.1.80 extensions, David Airlie landed a patch he's been baking for speeding up the shader compilation performance for this open-source Radeon Vulkan driver within Mesa.
I really like Linux Mint, but for most of its life, you couldn't upgrade directly from one version to another. Then, starting with Mint 18.1 in 2016, you could easily upgrade Mint. Now, after the initial release of Linux Mint 19, you can upgrade from the last version, Linux Mint 18.3, to Linux Mint 19.
However, it's not as easy as it was in the 18.x series.
The Wine development release 3.12 is now available.
Grab a glass or two as Wine is flowing. Today we have the release of Wine 3.12 as the latest development release.
The belated Wine 3.12 development release is now available for testing, the first release following WineConf 2018.
You don’t have to spend money to play the best Linux games. Here is a list of awesome free Linux games so that you can enjoy gaming on your Linux system without worrying about your wallet.
The day after my birthday like a fashionably late present, Chasm is to launch with same-day Linux support on July 31st.
You can't link directly to comments on Steam news posts, but the developer clearly replied to a user asking about Linux support with "Win/Mac/Linux on launch!". You can't get better than that!
Everything in this repo is 100% legal. Games, firmware, or BIOS dumps are NOT included and will never be (unless someone makes a legal reimplementation of those). Some emulators are still highly experimental (such as Decaf) and don’t even work for anything but simple homebrew stuff.
It’s not always possible but I try to target the current and the last Fedora releases, the current and the last openSUSE Leap releases, as well as openSUSE Tumbleweed. I build for x86-64 only. Some of the packages would also build for CentOS, Mageia, and 32bit x86 but I decided not not enable these build targets to reduce strain on OBS servers – I’d be happy to accept tweaks and fixes, should anyone of you fork a package into your OBS home repo and build it there.
Taking place last week in The Hague, Netherlands, was the WineConf 2018 conference. This year's WineConf -- on top of the usual annual discussions about this open-source project for running Windows games/applications on Linux/macOS -- took the time to celebrate the project's 25th anniversary.
In 2000, my brother, a computer programmer, made me try OpenSuse. I used Gimp, and I felt good because I could draw what I wanted and how I wanted. Since then, I have abandoned Windows for Linux and I have discovered a series of wonderful programs which allow me to work professionally, giving me the advantage of digital.
Since the last blogpost, the import of JSON files has been significantly improved, now this code is merged into the master branch. Previously, you could import data only from the field of the root object, whose name was specified manually. But then there was implemented the feature to overview the structure of JSON file that lets you import data by selecting an item in the file structure. To implement this, a QTreeView has been added to the ImportFileWidget. To fill it I used QJsonModel, which I and my mentor Alexander Semke improved a little for our needs:we made a display of icons for objects and arrays in the structure, added a display of the root element of the document and more.
Surprisingly, the castle tour featured an exciting belly dance and a bonus theater show starring GNOME’s legendary actors.
Today, my first GUADEC experience has come to an end, and it was great! Kudos to the organizers for a very well-planned and executed event. Being a part of the volunteer team was a fantastic experience and thanks for the nice t-shirt!
It was wonderful to meet the GNOME community in person, quite a surreal experience to say the least. The talks were a great opportunity to learn about everything going on at GNOME. I had amazing discussions with my mentors on various topics ranging from “Integrating AI in gnome applications” to “The big dilemma: Is a PhD really worth it?” and finally, some stuff about the GSoC project too.
Fulfilling a 6+ year desire, GNOME's GLib library now has a generic memory reference counting API.
If one judges Linux Mint 19 Tara on its own, it's a pretty decent release. But one must also gaze wider, and cast their eyes on Mints That Came Before, and realize that the status quo is actually a regression. It's not enough to keep the same errors or be consistent in comparison to the sea of mediocre releases out there. Errors that might have been acceptable in 2008 are not acceptable in 2018. Normalizing toward the lowest common denominator is sad. And this is exactly what's been happening across the distroscape, and Mint has also fallen victim to this disease. The 'all-you-need-to-do' disease.
So yes, in many aspects, Tara works better than the competition. But the competition is awful. Network, font and codec problems, to name a few of the big issues. Unnecessary, pointless. Even more so because we didn't have them in the past. These are regressions. Horrible, life- and will-sapping regressions.
While your mind processes that, let's recap what we saw. In overall terms, Mint 19 is a good choice for people looking for a stable everyday distro. Mostly covers most of the basics, and can be tamed without too much fuss. The package manager is really good, performance and stability are decent. If only I had no memory. But I do, and so Tara warrants only about 7/10 by default, about 8.5 after all my post-pimping. Sylvia is a better overall choice sans any user changes, and there are some other distros with a higher overall grade, ergo friendlier defaults and functionality for the ordinary user. In this regard, Tara is consistent with the 18.X family, which started low and improved. Perhaps 19.1 will be a blast. Take care.
An OpenStack€®Ã¯Â¸Â-based cloud environment can help you digitally transform to succeed in fast-paced, competitive markets. However, for many organizations, deploying open source software supported only by the community can be intimidating. Red Hat€®Ã¯Â¸Â OpenStack Platform combines community-powered innovation with enterprise-grade features and support to help your organization build a production-ready private cloud.
Through an open source development model, community leadership, and production-grade life-cycle options, Red Hat makes open source software more accessible for production use across industries and organizations of any size and type.
Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.
Meet CIMON (Crew Interactive Mobile CompanioN). This free-floating Ubuntu-based cyber colleague has been designed to “mitigate” the stresses of, and share the work during, long-term spaceflight.
And to do that he’s had to boldly go where no AI assistant has gone before: space.
Snaps are containerised software packages easily managed through Snapcraft, a platform for building and publishing applications to an audience of millions of Linux users. Snapcraft enables authors to push software updates that install automatically and roll back in the event of failure. The likelihood of an errant update breaking a device or degrading the end user experience is, as a result, greatly reduced. If a security vulnerability is discovered in the libraries used by an application, the app publisher is notified so the app can be rebuilt quickly with the supplied fix and pushed out.
As application packages bundle their runtime dependencies, they work without modification on all major Linux distributions as well as being tamper-proof and easily confined. A snap cannot modify or be modified by another app, and access to the system beyond its confinement must be explicitly granted. Precision definition, therefore, brings simpler documentation for installing and managing applications. Taking into account the automatic updates, which eliminate a long tail of releases, applications perform more intuitively for both the publisher and end-user.
Snapcraft also gives managers the tools to organise releases into different release grades, or channels. One set of tools can be used to push app updates from automatic CI builds, to QA, beta testers, and finally all users. It visualises updates as they flow through these channels and helps developers track user base growth and retention. In short, they can simplify a developer’s route, and that of their company’s, to engaging with a vast number of Linux users. Streamlining a route to market not only maximises developer worth, it also opens up new revenue drivers in the process.
A bug filed on Ubuntu Launchpad in the middle of June has just been made public. The bug in question appears to allow anyone with physical access to the computer bypass the lock screen by just removing the hard drive. The bug was tested on Ubuntu 16.04.4 and it’s unclear whether it affects other versions of Ubuntu or other distributions but there’s an almost certain chance it affects other distributions based on Ubuntu 16.04, such as Linux Mint 18.
Welcome to the Ubuntu Weekly Newsletter, Issue 535 for the week of July 1 – 7, 2018. The full version of this issue is available here.
By default, Linux comes with a lot of extras. Usually, that's a good thing. But, sometimes you want just the bare necessities of Linux life for your server, containers, and clouds. That's where Canonical's latest Ubuntu release, Minimal Ubuntu, comes in.
When Canonical says "Minimal", they mean minimal. Weighing in at a mere 29MB for the Ubuntu 18.04 Docker image, Minimal Ubuntu could fit on a CD with hundreds of Megabytes to spare.
This is far from the first time Canonical has offered a small-footprint Ubuntu. The minimal Ubuntu ISO image, about 40 MB, is meant for people who download packages from online archives at installation time.
Today we are delighted to introduce the new Minimal Ubuntu, optimized for automated use at scale, with a tiny package set and minimal security cross-section. Speed, performance and stability are primary concerns for cloud developers and ops.
Canonical today released new Ubuntu Minimal images for cloud computing. The new images are half the size of the traditional Ubuntu Server and are said to boot up to 40% faster, so I decided to run a quick Amazon EC2 Linux distribution boot time comparison today...
Using a t2.micro instance type in the EC2 US-WEST2 region, I ran the systemd boot time benchmark on various Linux distributions... Ubuntu 16.04, Minimal Ubuntu 16.04, Ubuntu 18.04, Minimal Ubuntu 18.04, SUSE Linux Enterprise 12 SP3, Red Hat Enterprise Linux 7.5, Amazon Linux 2 AMI, and Clear Linux 23550.
Canonical today announced the new Minimal Ubuntu, which is a "tiny" package set focused for speed, performance, and stability of Ubuntu in cloud deployments.
OPEN SOURCE OS Ubuntu has a bug that allows anyone to bypass a machine's lock screen, providing they have physical access to the computer's hard drive.
Real-world hackers can simply remove the hard drive of a machine they want access to providing it's running Ubuntu 16.04.4 and then skip straight past the lock screen.
It's a simple-sounding hack and works by exploiting a bug in how the system stores data when Ubuntu it's suspended in low-power mode.
VIA has released a Yocto Project based Linux BSP for its previously Android-only SOM-9X20 module, which is sold along with a carrier board for $569. The module features a Snapdragon 820 with 4GB LPDDR4, 64GB eMMC, WiFi, BT, and GPS.
If you skipped over last October’s announcement of the “edge AI” focused SOM-9X20 module due to its lack of Linux support, you may want to give it another chance. VIA Technologies announced a Linux board support package (BSP) based on Yocto Project 2.0.3 for the module and has boosted its Android support to 8.0. VIA also announced a $569 price for the evaluation kit package, which combines the Snapdragon 820 based module with its SOMDB2 Carrier Board.
While all desktops (and most laptops) have video outputs, having a video input is much more rare. The reason why is simple -- most people don't need such a thing. Quite frankly, outside of some business use, home users never really had much of a need. With the invent of video gameplay streaming on platforms like Twitch, however, this changed. Now, more and more home users want video capture devices to connect a game console to their PC.
Sapphire has launched a Linux-friendly “FS-FP5V” SBC starting at $325 that features an AMD Ryzen V1000 SoC, as well as SATA III, 2x M.2, 4x DP++, 2x GbE, and 4x USB ports including a USB 3.1 Type-C.
Sapphire, which makes AMD-based graphics cards and motherboards, has launched a 147.3 x 139.7mm Mini-STX (5Ãâ5-inch) form factor SBC that runs Ubuntu 16.04 or Windows on AMD’s new Ryzen Embedded V1000 SoC. AMD’s Ryzen V1000 is highly competitive on CPU performance with the latest Intel Core chips, and the Radeon Vega graphics are superior, enabling four 4K displays to run at once.
Google wants to make it easier for Java developers to containerize their applications.
The company this week announced Jib, an open-source Java tool that it says will enable developers to build Java containers more easily using tools with which they are already familiar.
In a blog post July 9, Google software engineers Appu Goundan and Qingyang Chen described Jib as a container image builder designed to handle all the steps involved in packaging a Java application into a container.
"Containerizing a Java application is no simple task," Goundan and Chen wrote. "You have to write a Dockerfile, run a Docker daemon as root, wait for builds to complete, and finally push the image to a remote registry."
Open source has been a tech mainstay for decades in large part, as Tilde co-founder and JavaScript veteran Yehuda Katz has argued, because it "gives engineers the power to collaborate across ...companies without involving [business development]."
"The benefits of this workaround are extraordinary and underappreciated," Katz continued. But open source offers something just as extraordinary and even more underappreciated, something that edX community lead John Mark Walker recently pointed out on Twitter.
When someone calls out Linux and Hadoop as two multi-vendor open source communities that have "made commercialization of the technology extremely competitive and difficult," it would be reasonable to wonder what planet they live on. After all, as MongoDB's Henrik Ingo challenged, "Surely those are the two biggest and most successful ecosystems???"
Joseph Jacks, who made the first statement, is active with the Cloud Native Computing Foundation. He's not a newbie to open source. In arguing for single-vendor open source "communities" and their allegedly superior economics, he has perhaps unwittingly argued for (one) winner-takes-all when far more money is available in (many) winners-take-much markets.
But first, here's what we're not talking about.
Privacy is important in the cryptocurrency ecosystem to a large number of individuals, and people believe private transactions are needed badly these days in a society watched by the ‘deep state.’ Because people find privacy to be extremely important, some developers have designed bitcoin mixers and tumblers that help obfuscate cryptocurrency transactions recorded on public blockchains. One specific project in the works called Bob Wallet offers a privacy-centric client that enables users to move BTC and BCH from a public wallet to a private wallet in a secretive fashion.
Privacy-centric Bob Wallet recently added Bitcoin Cash (BCH) support so BCH users can use BCH Testnet coins and experiment with the mixing service. The Wallet was created to help preserve Bitcoins fungibility. Today it is easy to trace bitcoin transactions from address to address by simply using any public Block Explorer. Bob Wallet helps fix this.
The open source project doesn’t allow you to make payments to others as its only purpose is to allow the movement of funds from your public wallet to a private wallet in an isolated manner. The project, which is currently in Beta should only be used in Testnet for now until the software is thoroughly tested. Users can visit the Bob Wallet website or drag and drop the ‘bobwallet.html’ into a browser to create a new Bob Wallet.
Without crypto wallets, cryptocurrencies like Bitcoin and Ethereum would just be another pie-in-the-sky idea. These wallets are essential for keeping, sending, and receiving cryptocurrencies.
The revolutionary growth of cryptocurrencies is attributed to the idea of decentralization, where a central authority is absent from the network and everyone has a level playing field. Open source technology is at the heart of cryptocurrencies and blockchain networks. It has enabled the vibrant, nascent industry to reap the benefits of decentralization—such as immutability, transparency, and security.
While the road to virtualization has included potholes and bad signage, open source can provide the right roadmap, according to Windstream executives.
Although some service providers are still on the fence when it comes to using open source, Windstream Enterprise's Arthur Nichols, vice president of network architecture and technology, and Mike Frane, vice president of product development and portal, are believers.
Windstream is using open source technologies or applications from OpenStack, ONOS, Kafka, Message Bus and RabbitMQ, to name just a few. It's also a member of the Open Network Automation Platform (ONAP) open source community.
Expect to hear a lot more about Istio, an emerging open source technology for orchestrating microservices networking. The buzz is already building, says Kip Compton, senior vice president of Cisco's cloud platform and solutions group.
If you would like to contribute some data about the governance on an open source project which is not listed there or you have more details about one which is already listed please don't hesitate to contribute. Create a pull request or an open an issue and I'll get the information added.
This is a nice small fun project. SUSE Hack Week gives me a bit of time to work on it. If you would like to join, please get in touch.
The blockchain revolution is coming, but you might not see it. That’s the view of Brian Behlendorf, executive director of the Linux Foundation’s Hyperledger Project.
Speaking at the TC Sessions: Blockchain event in Zug, Switzerland, Behlendorf explained that much of the innovation that the introduction of blockchains are primed to happen behind this the scenes unbeknownst to most.
“For a lot of consumers, you’re not going to realize when the bank or a web form at a government website or when you go to LinkedIn and start seeing green check marks against people’s claims that they attended this university — which are all behind-the-scenes that will likely involve blockchain,” Behlendorf told interviewer John Biggs.
The Open Source Initiative (OSI), in conjunction with OSCON, will be celebrating 20 years of Open Source next week at the Oregon Convention Center, Portland.
The Seattle GNU/Linux Conference (November 9–10) is this year again going to take place at Seattle Central College (Maps).
I'm going to DebConf18 later this month, and since I had some free time and I speak a somewhat understandable mandarin, I decided to take a full month of vacation in Taiwan.
I'm not sure if I'll keep blogging about this trip, but so far it's been very interesting and I felt the urge to share the beauty I've seen with the world.
This was the first proper day I spent in Taiwan. I arrived on the 8th during the afternoon, but the time I had left was all spent traveling to Hualien County (花èâ®ç¸£) were I intent to spend the rest of my time before DebConf.
I was looking forward to this year's Debconf in Taiwan, the first in Asia, and the perspective of attending it with no jet lag, but I happen to be moving to Okinawa and changing jobs on August 1st, right at the middle of it...
I’m thrilled to welcome Sunil Abraham as Mozilla Foundation’s new VP, Leadership Programs. Sunil joins us from The Center for Internet and Society, the most recent chapter in a 20 year career of developing free and open source software and an open internet agenda.
Firefox now supports the macOS share menu. This means you can send the current page you are viewing to another application. For instance, you can add a link to your Things 3 or Omnifocus inbox, add a page to Apple Notes, send a link to Evernote, send a link to someone using messages, or share a link to a social network.
I'm sure everyone remembers this super great blog post from 2010 about changes in the Firefox 4 user agent string. In terms of "blog posts about UA string changes", it's, well, one of them.
We are happy to let you know that Friday, July 13th, we are organizing Firefox 62 Beta 8 Testday. We’ll be focusing our testing on 3-Pane Inspector and React animation inspector features.
Many open source enthusiasts (practitioners, paragons, partisans, preachers and protagonists) will have heard of Drupal.
For those that haven’t, Drupal is an open source content management framework, as well as an extended community of developers, maintainers and business supporters.
Rainmeter is a free, open-source platform that enables skins to run on the desktop. Rainmeter allows you to display customizable skins on your desktop, from hardware usage meters to fully functional audio visualizers. You are only limited by your imagination and creativity.
Rainmeter is the best known and most popular desktop customization program for Windows. Enhance your Windows computer at home or work with skins; handy, compact applets that float freely on your desktop. Rainmeter skins provide you with useful information at a glance. It's easy to keep an eye on your system resources, like memory and battery power, or your online data streams, including email, RSS feeds, and weather forecasts.
The Unitary Fund, which was created with "personal donations from founder of security firm Lookout, John Hering, and developer of quantum integrated circuits Rigetti Computing product manager Nima Alidoust", recently launched. The fund is offering $2000 grants to projects developing open-source quantum software. According to ComputerWorld, "Any project that 'will benefit humanity that leverages near-term quantum computing' qualifies to apply for the fund.
A new program to support the development of open source projects in quantum computing has been launched. The Unitary Fund will offer six grants of $2,000 to fund open source quantum computing projects.
The fund was created by William Zeng, head of quantum cloud services for the quantum computing company Rigetti. According to Zeng, in order for quantum computing hardware and platforms to advance, they need smart software
We are pleased to announce the general availability of FreeNAS 11.2-BETA1. This initial version of the 11.2 series is considered to be feature-complete and ready for testing. Users, especially those who use Plugins, Jails, or VMs, are encouraged to update to this release in order to take advantage of the many improvements and bug fixes to those subsystems. Please report any bugs to https://redmine.ixsystems.com/projects/freenas/.
To update to this release, select the 11.2-STABLE train in System ââ â Update. Should you need to return to the 11.1 series after updating, reboot and select that boot environment from the boot menu.
The folks at iX Systems have announced their first public beta of FreeNAS 11.2, their downstream of FreeBSD 11.2 focused on supporting network-attached storage (NAS) systems.
After converting the GNU Emacs repository to Git a few years back, Eric S Raymond has been working on the massive undertaking of transferring the GCC (GNU Compiler Collection) repository in full over to Git. But the transition to GCC Git is being hampered since due to the massive size of the repository, Raymond's system is running under extreme memory pressure with 64GB of RAM.
ESR provided an update on the GCC repository conversion process. He has managed to solve the only known remaining technical bug that's been blocking the repository, but now he can't get the process completed since he's over-running memory capacity. His primary workstation has 64GB of DDR4 memory and that's turned out to not be enough for the GNU Compiler Collection repository with more than a quarter million commits over the past three decades.
I avoided using GNU Make in my data journalism work for a long time, partly because the documentation was so obtuse that I couldn’t see how Make, one of many extract-transform-load (ETL) processes, could help my day-to-day data reporting. But this year, to build The Money Game, I needed to load 1.4GB of Illinois political contribution and spending data every day, and the ETL process was taking hours, so I gave Make another chance.
Now the same process takes less than 30 minutes.
Here’s how it all works, but if you want to skip directly to the code, we’ve open-sourced it here.
[...]
GNU Make is well-suited to this task. Make’s model is built around describing the output files your ETL process should produce and the operations required to go from a set of original source files to a set of output files.
As with any ETL process, the goal is to preserve your original data, keep operations atomic and provide a simple and repeatable process that can be run over and over.
In February 2018, the Department of Defense (DOD) Defense Digital Service (DDS) relaunched Code.mil to expand the use of open source code. In short, Code.mil aims to enable the migration of some of the department’s custom-developed code into a central repository for other agency developers to reduce work redundancy and save costs in software development. This move to open source makes sense considering that much of the innovation and technological advancements we are seeing are happening in the open source space.
Since its launch, Code.mil has, according to the DDS, helped spur many open source-enabled projects, including the creation of eMCM last March—an easily accessible web-based version of the Manual for Courts-Martial (MCM) that outlines the official conduct guide to the courts-martial in the U.S. military. Before the digital relaunch of MCM, the process for updating the Manual for Courts-Martial was tedious and involved approvals from a handful of government offices, resulting in delayed and outdated releases of guidance that occurred only once every several years. In its open version, the MCM is periodically updated allowing for a live version to be widely accessible across the U.S. military.
In other words, one of the core metrics that Elsevier will be applying as part of the Open Science Monitor appears to show bias in favor of Elsevier's own titles. One result of that bias could be that when the Open Science Monitor publishes its results based on Elsevier's metrics, the European Commission and other institutions will start using Elsevier's academic journals in preference to its competitors. The use of CiteScore creates yet another conflict of interest for Elsevier.
It looks like Arm Limited is going on the offensive against the RISC-V open-source processor instruction set architecture.
ARM has launched RISCV-Basics.com as a site to "understanding the facts" about the RISC-V architecture.
Their five points they try to make before designing a SoC is that the ISA accounts for only a small portion of the total investment to creating a commercial processor, RISC-V doesn't yet have an a large developer ecosystem, there is the risk of fragmentation with this open-source ISA, RISC-V is new and thus not yet as mature in terms of being a proven architecture around security, and greater design costs with RISC-V due to potential re-validation if modifying the ISA.
On June 7, an AUR package was modified with some malicious code, reminding Arch Linux users (and Linux users in general) that all user-generated packages should be checked (when possible) before installation.
AUR, or the Arch (Linux) User Repository contains package descriptions, also known as PKGBUILDs, which make compiling packages from source easier. While these packages are very useful, they should never be treated as safe, and users should always check their contents before using them, when possible. After all, the AUR webpage states in bold that "AUR packages are user produced content. Any use of the provided files is at your own risk."
The discovery of an AUR package containing malicious code proves this. acrored was modified on June 7 (it appears it was previously "orphaned", meaning it had no maintainer) by an user named "xeactor" to include a curl command that downloaded a script from a pastebin. The script then downloaded another script and installed a systemd unit to run that script periodically.
Claranet, a managed service provider with services focused on western Europe and Brazil, has purchased NotSoSecure, a firm specializing in penetration testing and ethical hacker training.
The purchase follows Claranet's 2017 acquisition of SEC-1, a security firm based in the United Kingdom. According to a Claranet statement announcing the purchase, the security acquisitions, together with the opening of a security operations center in Portugal, are part of the company's intention to increase their overall security services capabilities.
Advanced Protection for Google Accounts uses a legacy web technology that is only partially supported in Firefox. Here is how you get started with physical security keys and extra protections for your Google Account in Firefox.
[...]
Before you can enroll in the Google Advanced Protection program, you must have at least two security keys at the ready. You can use the same keys for multiple Google Accounts, and even reuse the same keys with different U2F-enabled web services.
You should keep a record of which of your keys are registered with which websites. If you loose a key or want to decommission one, you’ll need this record to know all the accounts you’ll need to update.
You can use any FIDO U2F security keys as long as they’re compatible with your devices. Google recommend you get one regular key with USB as your backup token, and one mobile-capable with wireless Bluetooth and NFC as the primary key you carry around with you. Specifically, Google recommends the YubiKey U2F (USB) and either the Feitan Multipass (Bluetooth/NFC/USB) or YubiKey Neo (NFC/USB). Bluetooth is more compatible with a wider range of devices, but the Bluetooth capabilities requires you to charge the key. NFC is less compatible with cheaper smartphones and other devices. However, neither NFC nor USB modes require you to charge the keys for them to operate.
Used by developers around the world, open source components makes up 60%-80% of the codebase in modern applications. Open source components are downloaded thousands of times per day to create applications for organizations of varying sizes and across all industries.
But despite the continuously growing adoption there are still myths to dispel and concerns to mitigate around the usage of open source components in commercial software. The following is a list of the top concerns associated with open source usage and how to overcome each one of these stumbling blocks:
Across the United States, thousands of migrant children remain detained alone after the Trump administration forcibly separated them from their parents at the border. Yet, despite the news about the United States’ human rights abuses of migrants, asylum seekers keep risking the dangerous journey to the United States. Texas-based human rights lawyer Jennifer Harbury has lived in the Rio Grande Valley in Texas for more than 40 years and has long worked with people fleeing violence in Guatemala, El Salvador and Honduras. She also knows intimately the U.S. roots of this conflict. Her husband, Efraín Bámaca Velásquez, was a Mayan comandante and guerrilla who was disappeared after he was captured by the U.S.-backed Guatemalan army in the 1980s. After a long campaign, she found there was U.S. involvement in the cover-up of her husband’s murder and torture. We speak with Jennifer Harbury in Brownsville, Texas, about this history and this U.S. involvement in today’s conflicts in Central America.
A major U.S. military and CIA contractor has been detaining dozens of migrant children inside a vacant Phoenix office building with dark windows, no kitchen and only a few toilets, according to a new investigation by Reveal from the Center for Investigative Reporting. Reveal learned about what some are calling the “black site” for migrant children after one local resident filmed children in sweatsuits being led into the building. The building was leased in March by MVM, a defense contractor that Reveal reports has received nearly $250 million in contracts to transport immigrant children since 2014. We speak with the lead reporter on this story, Aura Bogado, in Oakland, California. She is the immigration reporter for Reveal from the Center for Investigative Reporting.
A federal judge will hold a hearing today on whether to delay Tuesday’s deadline that mandated the reunification of all children under the age of 5 whom the Trump administration separated from their parents at the border. The Trump administration is claiming it needs more time to match children with their parents, including at least 19 parents who have already been deported. The American Civil Liberties Union says less than half of separated children under the age of 5 will be reunited by the Tuesday deadline. As Trump’s “zero tolerance” policy crackdown continues, we speak with human rights lawyer Jennifer Harbury about how U.S. foreign policy has led to the violence that Central Americans are fleeing, and what happens when people follow the U.S. government’s instructions and attempt to apply for political asylum at a legal port of entry. Jennifer Harbury has lived in the Rio Grande Valley in Texas for more than 40 years. She works with people fleeing violence in Guatemala, El Salvador and Honduras, and has been active in the response to the Trump administration’s “zero tolerance” policy.
The RAF risks falling behind in the government's obsession over the cyber threat, a former Chief of the Defence Staff warns.
Defence cuts have left the RAF struggling to meet its operational commitments and as celebrations for the centenary year of the RAF continue, the government is once again pressed on funding for Britain's armed forces.
The ongoing case of WikiLeaks founder Julian Assange has affected the relationship between the United Kingdom and Ecuador, according to Ecuador's Foreign Minister Jose Valencia.
Assange, an Australian national, sought asylum in Ecuador's embassy in London in 2012 and has been there ever since.
"It would be unrealistic to say the Assange issue has not affected our relationship with the United Kingdom. It has been affected. However, it has not completely collapsed. We still have contact on a variety of issues," Valencia told Ecuador's Radio Sucesos.
China is considering a further reduction in electric-vehicle subsidies next year as the government pushes automakers to innovate rather than rely on fiscal policy to spur demand for alternative-energy cars, people familiar with the plan said.
The average purchase incentive per electric vehicle may be lowered by more than a third from the 2018 levels, said the people, who asked not to be identified disclosing information that isn’t public. Vehicles may be required to be able to go at least 200 kilometers (125 miles) on a single charge to be eligible for incentives, up from 150 kilometers currently, said the people. The plan is still under discussion and subject to changes, they said.
Subsidies have been key to making plug-in hybrids and EVs of companies such as BYD Co., backed by Warren Buffett, more affordable to Chinese consumers and helping the country surpass the U.S. as the world’s biggest in 2015. The central government spent 6.64 billion yuan ($1 billion) last year funding consumers’ purchases of such autos. On top of what the federal government spends, Chinese cities and provinces separately offer incentives to make electric cars more appealing in a country where automakers from Volkswagen AG to Ford Motor Co. are planning to increase EV offerings.
Every government knows if you want people to do something, give them free money. Norway leads the world in the percentage of electric cars sold because it offers its citizens the highest EV incentives. China is not far behind. Last year it doled out over a billion dollars in EV incentives to encourage its citizens to buy electric cars. Local authorities also offer additional incentives. But its leaders are rethinking their priorities
Congress should look beyond the flawed New York Times coverage of alleged state-sponsored Russian Olympic doping, which relied on a discredited informant and then largely ignored a respectable court.
To protect the investigation, I will not disclose this person’s true identity or the identity and/or role I believe he played in the attack. Nor will I disclose when I went to the FBI. I did so on my own, without subpoena; I did that in an effort to protect people who have spoken to me in confidence and other journalists. Largely because this effort involved a number of last minute trips to other cities, I spent around $6K of my own money traveling to meet with lawyers and for the meeting with the FBI.
With ICE doing increased business everywhere in the US, the need to place detainees somewhere has never been greater. The president may have rescinded his demand families be separated and tossed into "foster care or whatever," but that just means detainee housing now has to cater to the needs of the young and old alike.
The government has a duty of care for every person it locks up. The duty is still there. The care isn't. The way prisoners are routinely treated shows the government thinks of arrestees and prisoners as something less than human. The way it treats people who aren't even citizens is bound to be worse. The only mitigating factor is there are fewer immigrants to keep track of. But that shouldn't be taken to mean the average amount of "care" is slightly higher.
Prior to the passage of SESTA/FOSTA, we pointed out that -- contrary to the claims of the bill's suppporters -- it would almost certainly make law enforcement's job much more difficult, and thus actually would help human traffickers. The key: no matter what you thought of Backpage, it cooperated with law enforcement. And, law enforcement was able to use it to track down traffickers using online services like Backpage. Back in May we noted that police were starting to realize there was a problem here, and it appears that's continuing.
Over in Indianapolis, the police have just arrested their first pimp in 2018, and it involved an undercover cop being approached by the pimp.
We rightly expect our police to be thick-skinned because their job is, by definition, dealing with people at their worst.
When reporter Joshua Vaughn of The Appeal told me that some Pennsylvania police have charged people with “ethnic intimidation” — the state’s version of a hate crime — for saying offensive things to the officers who arrest them, I thought, “Not again!”
No, really. This is another version of “contempt of cop,” the police practice of punishing people who defy them with criminal charges. So now, amidst a rising tide of actual hate crimes, we have police officers using hate crime laws to punish people who get angry when they are being arrested.
In June, I reviewed the affidavits of probable cause that four officers used to justify hate crimes charges against four suspects in 2016. Two people were being arrested for minor crimes. The third was arrested for getting upset when the police would not take her complaint, and the fourth was being picked up for a psychiatric check.
Yet, all of them ended up charged with hate crimes.
This has resulted in many, many calls for WhatsApp (and its parent company, Facebook) to "do something" about this. Indeed, the Indian government has more or less demanded that WhatsApp stop "false messages" from being spread on its app. Of course, that's... not easy. It's not easy for a variety of reasons, both technical and cultural. On the technical side, WhatsApp is (famously, and for very good and helpful reasons) using end-to-end encryption. So no one at WhatsApp/Facebook can see what's in those messages. That's a good thing (especially for everyone whining about how Facebook sucks up too much data about us). No one should want WhatsApp to backdoor that encryption in any way, because that just creates even more problems.
And then of course, there's the cultural side of this. Even if WhatsApp could read the messages, how could it possibly know what was legit and what was not. And how could it determine that fast enough to stop a mob from going nuts.
WhatsApp has tried to explain all of this to the Indian government -- and rather than understanding these issues, many people seem to be screaming about how this is Facebook/WhatsApp "ignoring" its responsibility.
Were Enid Blyton and Roald Dahl racists and should we stop our children from reading their books?
That may seem ridiculous and unthinkable, but if we follow in the footsteps of America we could find ourselves seriously asking those questions.
On the other side of the pond a once highly respected children’s author has had her name removed from a literary prize more than 60 years after her death because of her ‘stereotypical attitudes’ towards African Americans and Native Americans.
Universities visited by the higher education minister, Sam Gyimah, have denied that his recent comments about a “culture of censorship” could refer to them. Gyimah said: “At one institution when I turned up to speak to students they read the safeââ¬âspace policy and it took 20 minutes.”
Yet all eight universities he had visited said this was not the case, according to the website Research Professional. A spokeswoman for the Department for Education explained: “I don’t believe he means someone actually read the policy out at one of the meetings, he means a student said it to him anecdotally.”
"One Man's Vulgarity" is the name of a report being issued today by the Foundation for Individual Rights in Education on censorship of art on campus. The report documents numerous cases and urges those concerned with free expression in higher education to protect artistic freedom in higher education. "The artwork described here expresses a multitude of ideological viewpoints and depicts subjects ranging from critical illustrations of the Confederate flag to theater productions about Lenny Bruce to posters of beloved television characters. The one thing they all have in common is not the message they send, but the censorship their messages provoked," the report says.
When Facebook rolled out facial recognition tools in the European Union this year, it promoted the technology as a way to help people safeguard their online identities.
“Face recognition technology allows us to help protect you from a stranger using your photo to impersonate you,” Facebook told its users in Europe.
It was a risky move by the social network. Six years earlier, it had deactivated the technology in Europe after regulators there raised questions about its facial recognition consent system. Now, Facebook was reintroducing the service as part of an update of its user permission process in Europe.
The Supreme Court's ruling in the Carpenter case came as something of a surprise. The nation's courts seemed unwilling to start paring back the Third Party Doctrine, but the expansion of people's digital footprints following the widespread adoption of smartphones proved to be too big to ignore. The ruling was narrow -- finding only that the acquisition of historical cell site location info (CSLI) was a search under the Fourth Amendment -- but it possibly contains broader applications.
The way it stands now, law enforcement needs a warrant to collect CSLI from cell service providers -- the first hole that's been poked in the Third Party Doctrine since its inception almost 40 years ago. If not for the Riley decision -- the one that recognized phones no longer resembled "containers" or "pockets," but rather contained a detailed depiction of a person's entire life -- the Supreme Court may not have arrived at this conclusion. But it was that decision that first conjured up the image of the government happily discovering people were carrying around personal tracking devices loaded with info 24 hours a day. Grabbing large quantities of CSLI -- 127 days in Carpenter's case -- turned cellphones into ad hoc ankle bracelets, allowing the government to reconstruct someone's movements over a period of months using only a subpoena.
We've talked a little about the rush job to pass a California privacy bill -- the California Consumer Privacy Act of 2018 (CCPA) -- and a little about how California's silly ballot initiatives effort forced this mad dash. But a few people have asked us about the law itself and whether or not it's any good. Indeed, some people have assumed that so many lobbyists freaking out about the bill is actually a good sign. But, that is not the case. The bill is a disaster, and it's unclear if the fixes that are expected over the next year and a half will be able to do much to improve it.
First, let's state the obvious: protecting our privacy is important. But that does not mean that any random "privacy regulation" will be good. In a future post, I'll discuss why "regulating privacy" is a difficult task to tackle without massive negative consequences. Hell, over in the EU, they spent years debating the GDPR, and it's still been a disaster that will have a huge negative impact for years to come. But in California they rushed through a massive bill in seven days. A big part of the problem is that people don't really know what "privacy" is. What exactly do we need to keep private? Some stuff may be obvious, but much of it actually depends quite heavily on context.
Most of the activity takes place in Western countries. Elsewhere, where there are few Strava users, the map is largely empty. But here and there, sometimes smack dab in the middle of a desert or other inhospitable spot, there’s a burst of rich color.
A few clever investigators soon discover the source of this activity: military bases, some of which are meant to stay hidden. Western military personnel using Strava have unwittingly drawn global attention to themselves and their colleagues.
President Trump on Monday night nominated Judge Brett Kavanaugh to the seat on the U.S. Supreme Court that Justice Anthony Kennedy will vacate at the end of the month. Kavanaugh is a judge on the powerful U.S. Court of Appeals for the D.C. Circuit. Below, we’ve gathered some of the best reporting on Kavanaugh.
But while the U.S. Senate braces for what is certain to be an all-consuming, months-long confirmation battle over a new justice, we must not lose sight of the fact that there are things Congress can and must do now to safeguard the rights and dignity of the most vulnerable, regardless of who sits on the highest court in the country. One major thing that Congress could do is pass the Do No Harm Act, which would prevent religion from being used as a license to discriminate.
When it was signed into law 25 years ago, the Religious Freedom Restoration Act (RFRA) was intended to protect religious freedom, especially for religious minorities. In recent years, however, individuals and businesses have worked to distort RFRA into a blank check to license discrimination or to impose their religious beliefs on others.
The Supreme Court’s 2014 Hobby Lobby ruling marked the first time that the court said that business owners could use RFRA to deny their employees a benefit that they are guaranteed by law: insurance coverage for contraception. In her dissenting opinion, Justice Ruth Bader Ginsburg expressed concern that the decision could open the door for RFRA to be used to engage in a wide range of discrimination.
We cannot take the 14th Amendment guarantee of equal protection under the law for granted, especially today.
Few times in recent memory have demanded a more careful examination of our nation's history than now — the year we celebrate the 150th anniversary of the 14th Amendment’s passage. At a time when the Trump administration is throwing asylum seekers in jail without due process and undermining efforts to desegregate schools, it is critical to remember that the “pervading purpose” of the 14th Amendment was to eliminate the oppression of historically subjugated minorities and to provide equality of opportunity.
The amendment's ratification in 1868, shortly after African-Americans were emancipated from slavery, represented a turning point in the country’s history. Its passage was an effort to provide substance to the Declaration of Independence’s promises of freedom and equality, which from the beginning had not applied to significant parts of the population, including Black people and women. And though those promises were continually reneged upon, the 14th Amendment remained a source of aspiration and hope.
Although the 14th Amendment is frequently invoked now, particularly by conservative judges and commentators, to attack affirmative action and efforts to desegregate schools under the guise of “colorblindness,” the Fourteenth Amendment was never a colorblind document. The amendment was enacted specifically for purposes of assisting newly freed Black people. Although the 13th Amendment ended slavery, it left uncertain the status of those who had been kept in bondage. The infamous Dred Scott case had held that Blacks had no rights that whites were bound to respect and denied them citizenship. The 14th Amendment was necessary to make clear that Black people, as well as anyone born in the country or naturalized, were American citizens.
From victory at the Supreme Court to success in the EU Parliament and the launching of a new data rights service, it has been a busy summer for Open Rights Group. We would like to thanks all our members and supporters who made these achievements possible.
One of the major benefits of cutting the traditional TV cord and switching to streaming video services was supposed to be the lower cost of service. But because broadcasters dictate the licensing cost of content for both services, it was inevitable that the sector would increasingly mimic its traditional cable counterparts. As a result, numerous streaming video services used the July 4th holiday to obfuscate an industry wide price hike, driving up the monthly subscription costs of services like AT&T's DirecTV Now, Sony's Playstation Vue, and Dish Network's Sling TV.
AT&T's price hike, a $5 bump for all of the company's DirecTV Now streaming TV tiers, is likely getting the most attention because it's the precise type of hike AT&T repeatedly stated wouldn't be happening if regulators signed off on the company's $86 billion merger with Time Warner.
Figure 4 shows that 65% of respondents see patent filings increasing, compared to 1% who believe they are decreasing. "The ecosystem is developing rapidly … Our patent portfolio is six times the size it was three years ago," an in-house counsel for one tier one supplier says, adding: "If you have valuable patents early in development with broad application, then you are well positioned … Everybody entering the field is heavily engaged in patenting activity." Another says: "Since 2015 we have dramatically increased patent applications and geographical coverage, and 50% of our filings are in new technical areas."
The applicant, Teva, sought an order for the revocation of the Irish designation of European Patent No. (IE) 1379220 entitled “Inhalation Capsules” (the “220 Patent”) on the grounds of (i) obviousness, (ii) an “AgrEvo” challenge and (iii) insufficiency. The Court ruled in Boehringer’s favour by upholding the validity of the 220 Patent and rejecting all of Teva’s grounds of challenge.
The World Intellectual Property Organization has published a guide to access and benefit-sharing agreements for use of genetic resources.
MEPs rejected a controversial committee proposal to begin negotiations to update copyright laws for the digital age
A proposed EU Copyright Directive has been rejected by the European Parliament.