07.29.15

Contents

• GNU/Linux
  • Distributions
  • Devices/Embedded
• Free Software/Open Source
• Leftovers

GNU/Linux

• New FCC Rules May Prevent Installing OpenWRT on WiFi Routers

  Many cheap WiFi routers are sold with the vendor firmware, but the most popular ones likely also support OpenWRT, which some users may prefer as it is much more customizable. However, this may soon become more difficult according to a talk at the upcoming “Wireless Battle of the Mesh” which will take place on August 3-8 in Maribor, Slovenia.

• Kernel Space

  • Graphics Stack

    • Nvidia 352.30 Stable Driver for Linux Has Lots of Fixes and GeForce 910M Support

      Nvidia has released a new Linux driver in the stable branch and has fixed a few outstanding issues. The company also provides support for the latest GeForce 910M chipset.

• Applications

  • Git 2.5.0 Released

  • Git 2.5 Has Been Officially Released with Numerous New Features, over 60 Bugfixes

    On July 27, the developers of the famous Git open-source version control system were more than proud to announce the immediate availability for download of version 2.5.0 of Git.

  • Manipulating data in 3D with LidarViewer

    The software that I decided to use is called LidarViewer. It’s open source, which means that anyone can use and modify LidarViewer for free as long as they give credit to the creator. LidarViewer is Linux specific. As a Linux user, that made me really happy, but I could only use a Windows machine while at NASA. That meant that I had to create a Linux virtual machine on top of a Windows computer. I had a lot of options for the operating system that I was going to use for the virtual machine.

  • Pydio – An Open Source Alternative To Dropbox

  • Proprietary

    • Google Promotes Chrome 45 Web Browser to the Beta Channel with Cool New Features

      On July 27, the Google Chrome developers, through Alex Mineer, were excited to announce the promotion of the Google Chrome 45 web browser to the Beta channel for all supported computer operating systems, including Linux, Mac OS X, and Microsoft Windows.

    • Chromium 45 Beta Adds New ES2015 Features

      Google today rolled out the first beta of Chrome 45, their next major web browser version.

  • Instructionals/Technical

    • Solution for crashing KDE applications on Linux Mint 17.1 Cinnamon

    • Wajig – An Alternative To APT Package Manager

    • Golang parallelism issues causing “too many open files” error

    • Setup Genymotion Android Emulator In Ubuntu

    • Higher gross margins are more profitable: Red Hat (RHT), HomeAway, Inc. (AWAY), Raptor Pharmaceutical (RPTP), Adobe Systems (ADBE)

    • How To Install LibreOffice 5.0 RC4 On Fedora, CentOS, OpenSUSE, Mageia And OpenMandriva Systems

    • How To Install NVIDIA 352.30 On Ubuntu 15.04, Ubuntu 14.04 And Derivatives

    • How to install a Raspberry Pi SMS Server

    • Hacking a Safe with Bash

      Through the years, I have settled on maintaining my sensitive data in plain-text files that I then encrypt asymmetrically. Although I take care to harden my system and encrypt partitions with LUKS wherever possible, I want to secure my most important data using higher-level tools, thereby lessening dependence on the underlying system configuration. Many powerful tools and utilities exist in this space, but some introduce unacceptable levels of “bloat” in one way or another. Being a minimalist, I have little interest in dealing with GUI applications that slow down my work flow or application-specific solutions (such as browser password vaults) that are applicable only toward a subset of my sensitive data. Working with text files affords greater flexibility over how my data is structured and provides the ability to leverage standard tools I can expect to find most anywhere.

  • Wine or Emulation

    • Wine Announcement

      The Wine development release 1.7.48 is now available.

      What’s new in this release (see below for details):
      - Fleshed out OpenMP implementation.
      - I/O stream support in the MSVCIRT C++ runtime.
      - Support for pixel snapping in DirectWrite.
      - More support for OpenGL core contexts.
      - Various bug fixes.

    • Wine 1.7.48 Brings Better Support for Numerous Windows Games and Apps

  • Games

    • The Open Source Project ‘Xoreos’ Released 0.0.2 ‘Aribeth’

      xoreos is a FLOSS project aiming to reimplement BioWare’s Aurora engine (and derivatives), covering their games starting with Neverwinter Nights and potentially up to Dragon Age II. This post gives a short update on the current progress.

    • Submerged, A Third-person Combat-free Adventure Game May Get Linux Support

      Submerged was pointed out to us in our forum, and it seems the developers are considering a Linux version, and even testing it right now. The game looks beautiful, so I hope it does come.

    • The Raven – Legacy Of A Master Thief Now Available On GOG For Linux

      The Raven – Legacy of a Master Thief is reasonably well rated crime adventure game, and GOG have now published it in their DRM free library.

    • Starship Rubicon, A Space Combat Roguelike Updated With A Linux Port, Some Thoughts

      Starship Rubicon instantly captured my interest with its mix of space combat, visuals from NASA, and the promise of gameplay like FTL, only you pilot your ship directly.

    • BioShock Infinite Is Almost Working Fine For Mesa Drivers

      With Mesa quickly finishing up OpenGL 4.0~4.2 support and even some OpenGL 4.5 extensions, more Steam Linux games are becoming playable on the open-source drivers.

      Open-source Mesa/Gallium3D driver users into Linux gaming can soon rejoice for another playable title: BioShock Infinite. BioShock Infinite was released for Linux back in March and required OpenGL 4.1~4.2 support, thereby making it off-limits to the Mesa/Gallium3D drivers of the time.

    • Are Open-Source GPU Drivers Sufficient For 4K Linux Gaming?

      Last week I published the results of a 15-way AMD/NVIDIA GPU comparison for 4K Linux gaming that was centered around the proprietary AMD/NVIDIA graphics drivers. However, if you stick to using open-source Mesa/Gallium3D drivers and are a Linux gamer, here are some benchmark results comparing the open to closed-source driver performance at 3840 x 2160.

    • OlliOlli2 Grinding to PC, Mac and Linux this August

      OlliOlli is one of the surprise success franchises of the past few years, finding a way to make skateboarding fun again (and in 2D no less). After a successful stint as a PS+ game earlier in the year, publisher Devolver Digital has announced today that OlliOlli2: Welcome to Olliwood will be released for PC, Mac and Linux via Steam, GOG and Humble on August 11 for $14.99.

    • OlliOlli 2 Brings The Tricks To PC, Mac & Linux On August 11th

    • OlliOlli2: Welcome to Olliwood Grinds Onto PC, Mac and Linux on August 11

• Desktop Environments/WMs

  • What’s your favorite Linux desktop?

  • What is your favorite desktop environment?

    When you install a Linux distribution, a set of programs comes along with it. It’s easy to add and delete elements of the programs that don’t fit your needs, says Meine in his article How to choose the best Linux desktop for you. But what about altering the look and feel?

  • K Desktop Environment/KDE SC/Qt

    • KDE unveils Plasma Mobile, a free and open Linux OS for phones

      Move over, Ubuntu Touch and Android. There’s new competition in town. The KDE community just unveiled Plasma Mobile, a free and open-source mobile operating system.

      This is nothing new for the KDE project. Before Ubuntu Touch was ever announced, the KDE community had a long-term vision of convergence. Plasma 5 on the desktop has a “converged shell” that can switch between different interfaces for different device types. KDE even attempted to release tablets with their Plasma software preinstalled, but this never worked out.

    • Keeping Up With Akademy 2015 In A Coruña

      For KDE fans interested in the Akademy conference that started on Saturday in A Coruña, Galicia, Spain, there are a lot of daily reports coming out of the event.

    • Akademy A Coruña Photos

    • Akademy 2015 videos available

      Video recordings of the Akademy talks are now available in a low quality version to enable them to be released quickly. Higher quality version will be available later.

    • Akademy Day 4

      For most of the year, KDE—one of the largest free and open software communities in the world—works online by email, IRC, forums and mailing lists. Akademy provides all KDE contributors the opportunity to meet in person to foster social bonds, work on concrete technology issues, consider new ideas, and reinforce the innovative, dynamic culture of KDE. Akademy brings together artists, designers, developers, translators, users, writers, sponsors and many other types of KDE contributors to celebrate the achievements of the past year and help determine the direction for the next year. Hands-on sessions offer the opportunity for intense work bringing those plans to reality. The KDE Community welcomes companies building on KDE technology, and those that are looking for opportunities.

    • KDE Reveals Plasma Mobile

      There are a lot of interesting developments occurring in the field of Linux smartphones right now. With so many different options popping up, fragmentation is a risk, as apps built on one platform fail to migrate to another. KDE’s new offering may help to make those apps available to a broader audience.

    • PSA: Plasma Mobile forums have moved

  • GNOME Desktop/GTK

    • GNOME’s LaTeXila TeX/LaTeX Editor App Gets New Features, Prepares for GNOME 3.18

      The GNOME Project has released a new development milestone for the LaTeXila software, an open-source TeX and LaTeX editor used by default in the GNOME desktop environment.

• Distributions

  • Solus Linux OS Boots in 1.2 Seconds

    The Solus operating system is getting closer to a stable release and its developers are showing off some of the capabilities of the distro, including the boot time, which has got to be the most impressive result out there.

  • New Releases

    • Vector Light Linux 7.1 Is Based on Slackware and IceWM

      Vector Light Linux, a distribution based on Slackware that uses the IceWM window manager by default, has been released and is now available for download.

  • Gentoo Family

    • Gentoo-Based Sabayon Linux Gets Its Monthly Update for August 2015

      The developers of the Sabayon Linux distribution based on the well-known Gentoo operating system have released new Live ISO images for the supported editions of the Sabayon distro.

  • Red Hat Family

    • Higher gross margins are more profitable: Red Hat (RHT), HomeAway, Inc. (AWAY), Raptor Pharmaceutical (RPTP), Adobe Systems (ADBE)

    • Red Hat, Inc. (NYSE:RHT) Short Interest Update

    • Red Hat Inc (RHT) Discloses Form 4 Insider Selling : Exec. Delisa Alexander Sells 2,928 Shares

    • Fedora

      • Fedora 23 will feature a Cinnamon Spin

        The Cinnamon desktop is the only popular desktop environment that Fedora does not have a Spin for.

        But that should change, unless something really bad happens, starting from Fedora 23, which is scheduled for release later this October.

      • Growth of Fedora Repository Has Almost Stalled

        I went across statistics from Fedora Package Database and what caught my attention is that the increase of number of packages in the official Fedora repository has almost stalled:

      • New home storage box with Fedora and ARM

        I was looking forward to setup a new storage box at home. The biggest two points were about being able to run Fedora, and to be in the cheaper side. After looking at the available hardware prices for the desktops, I thought I should look into something else.

  • Debian Family

    • Debian Project holds Sparc port’s hand, switches off life support

      Following years of waning popularity, the Debian GNU/Linux Project has dropped support for the Sparc architecture, effective immediately.

      “As Sparc isn’t exactly the most alive architecture anymore,” Debian maintainer Joerg Jaspert wrote in a mailing list post last week, “not in [Debian 8.x] jessie and unlikely to be in [Debian 9] stretch, I am going to remove it from the archive this weekend.”

    • Reproducible builds: week 13 in Stretch cycle

    • Derivatives

      • Canonical/Ubuntu

        • Entroware Now Sells the Ubuntu-Powered Proteus with a New Card

          Proteus is a powerful laptop from Entroware that ships only with Ubuntu and Ubuntu MATE. Its makers have just announced that they are now equipping the Proteus model with a video card at no extra cost for new users.

        • Canonical Closes QEMU Vulnerabilities in Ubuntu 15.04 and Ubuntu 14.04 LTS

          Three QEMU vulnerabilities have been found and corrected in Ubuntu 15.04 and Ubuntu 14.04 LTS operating systems by Canonical.

        • Canonical Patches Two BIND Vulnerabilities in All Supported Ubuntu OSes, Update Now

          On July 28, Canonical, through Marc Deslauriers, published details about the availability of a new important update for the BIND packages in the Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems.

        • Apache HTTP Server Vulnerabilities Fixes in Ubuntu OSes

          Details about a couple of Apache HTTP Server vulnerabilities that have been found and fixed in Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS have now been published by Canonical in a security notification.

        • Canonical Patches Four Linux Kernel Vulnerabilities in Ubuntu 15.04 and Ubuntu 14.04

          Today, July 28, Canonical published details about new Linux kernel updates for its Ubuntu 15.04 (Vivid Vervet) and Ubuntu 14.04 LTS (Trusty Tahr) operating systems, urging users to update the installations as soon as possible.

        • Ubuntu Software Center Is Really Hated by the Community, but Why?

          Ubuntu MATE recently decided to drop the Ubuntu Software Center and it will not longer be available with the upcoming 15.10 Alpha 2 release. This is interesting in itself, but this editorial is about another aspect. From the looks of it, a very large part of the Ubuntu and Linux community really hates the Ubuntu Software Center.

        • Ubuntu’s Mir 0.14 Display Server Officially Released, Here’s What’s Coming in Mir 0.15

          On July 28, Canonical, through Cemil Azizoglu, published the changelog of the recently released Mir 0.14 next-generation display server for Ubuntu Touch and Ubuntu Desktop Next operating system.

        • It’s Easy to Port Mobile HTML5 Games to Ubuntu Phone, Says the Community Manager

          On July 28, Alan Pope, the Community Manager of Ubuntu Engineering at Canonical, published a comprehensive tutorial showing users how easy it is to port online games written in the HTML5 language to the Ubuntu Touch mobile operating system that powers several known Ubuntu phone devices.

        • Famous Wunderground Weather Service Gets a Webapp on Ubuntu Touch

          The Ubuntu Touch platform might not have a lot of apps, but it’s making up by having a handy framework that can be used for webapps. In this case, it’s about a webapp for the famous wunderground.com weather service.

        • Canonical Throws In 10,000 Euro Rewards for New Ubuntu Phone Ad Campaign

          On July 27, Canonical, the company behind the world’s most popular free operating system, Ubuntu Linux, announced on one of their Twitter accounts that they launched a new campaign targeted towards movie directors.

        • A Wunderground.com Webapp Has Been Created For Ubuntu Touch

        • 3D printing Poe

          The MakerWare I run on Ubuntu works well. I wish they were correctly signing their repositories. Even if I use non-SSL to fetch their key, as their Ubuntu/Debian instructions recommend, it still doesn’t match the packages:

        • Flavours and Variants

          • Watch: Ubuntu MATE 15.04 Linux Running on the MK808B Plus Quad-Core Mini TV Box

            It was recently brought to our attention that someone made use of the generic Ubuntu MATE 15.04 root file system for aarch32 (ARMv7) based devices introduced a while ago, to run the famous Linux distribution on a MK808B Plus Quad-Core mini TV box device.

          • Ubuntu MATE Is Dropping The Ubuntu Software Center

            Ubuntu MATE developer Martin Wimpress announced this weekend that they’ll be removing the Ubuntu Software Center from their default install of Ubuntu MATE 15.10.

• Devices/Embedded

  • Raspberry Pi gains $35 HAT-based touchscreen

    4D Systems and Newark Element14 launched a 2.4-inch, QVGA “4DPi-24-HAT” resistive touchscreen for the Pi for $35, said to be the first to use a HAT design.

    Last October, the Raspberry Pi Foundation’s Eben Upton briefly demonstrated an upcoming official Raspberry Pi touchscreen. It’s unclear whether that 7-inch, VGA capacitive touchscreen is still on course, but in the meantime, there are a variety of RPi touchscreen options to choose from. The latest is a 4DPi-24-HAT screen from 4D Systems and distributor Newark Element14. It’s claimed to be the first to offer full compatibility with the Pi’s HAT (Hardware Attached on Top) add-on card standard.

  • i.MX6 module and Pico-ITX sized carrier run Buildroot Linux

    F&S has launched an 80 x 50mm COM that runs Linux on a Freescale i.MX6, and offers optional industrial temperature support and a Pico-ITX sized baseboard.

  • Phones

    • Android

      • Lava Pixel V1 Android One Smartphone With 32GB Internal Storage Launched at Rs. 11,350

        Lava, in partnership with Google, has launched its first Android One smartphone in India, the Pixel V1. Priced at Rs. 11,350, the smartphone will be exclusively available online via Flipkart starting Monday. Lava reveals that the Pixel V1 Android One smartphone will be also available via retail stores in the country.

      • Lava Pixel V1 Android One device specs and pricing leaked

      • What to expect from the OnePlus 2, the most hyped Android phone of the year

      • LG’s Flip Phone Runs a Newer Version of Android Than Your Fancy, Modern Handset

        The LG Gentle Android flip phone is a classic story of old meets new, with the odd twist here being that probably not even your new phone is up to par with this 1999-ish phone’s cutting-edge version of Android.

        This clamshell handset with a 3.2-inch screen comes with Lollipop 5.1 installed — making it among the 1 percent of Android devices running Google’s latest iteration of Android.

      • LG Gentle flip phone with Android 5.1 unveiled in Korea

      • Android Auto secrets hint at vehicle diagnostic app, expanded car integration

      • App marketers: How to adapt to Android’s new data-sharing rules

      • Lava Pixel V1 to launch as the second-gen Android One smartphone

      • 5 Android games we’re playing right now

      • Fallout Shelter goes Android in about two weeks

      • Fallout Shelter for Android to Be Released on August 13

      • Instagram tries a faster, sleeker Android photo editor

      • One Edge Android May Have Over Apple’s iOS: Entree Into the X-Rated Adult Market

      • Samsung Galaxy S6 Gets Mystery Software Update After Android 5.1.1 Lollipop: What Could It Be?

      • Razer Confirms Acquiring OUYA Software

      • Razer Buys Android-Based Game Console Maker Ouya

      • Razer hopes Ouya acquistion will fuel an Android-powered revolution

      • Game over, Ouya, the Android gaming console

      • Razer buys open-source console-maker Ouya

      • Razer confirms Ouya purchase in bid to take over Android TV gaming

        Razer has confirmed its acquisition of Ouya, maker of the Android-based game console that started as one of Kickstarter’s biggest hits before fizzling out when it came to market with few games, limited functionality, and a bad controller. Razer has purchased Ouya’s software assets and hired its technical and developer relations teams in order to further work on its own Android TV gaming initiatives, including Forge TV and a version of Cortex designed for Android TV. Polygon reports that the deal includes about over 1,000 games that will be able to run on Razer’s device, making the purchase a quick way to prime it with content. The acquisition was made in all cash, according to TechCrunch; Ouya’s hardware was not included.

      • Lock it down: Google shows off Android’s boot verification warning system

        Google is taking steps to make Android phones safer by including a verified boot system that checks for irregularities in the platform code. And device owners will know that their phone or tablet is safe based on startup messages from the system check.

      • Google Posts Details Of User-Facing Verified Boot System, Probably Coming In Android M

      • Has Android growth come to a screeching halt?

        Earlier this year, data from Strategy Analytics revealed that Android’s share of the worldwide smartphone market checked in at 81.2%. Again, an impressive figure that’s hard to improve upon.

Free Software/Open Source

• Open Technology Week looks at potential of open-source tech

  Experts from industry and academia gathered in Cambridge at the weekend to discuss just that as part of the city’s first Open Technology Week.

  Open technology refers to items for which the source code or designs are available free of charge for users to use and modify.

• Intel to shift Hillsboro engineers to Texas for open source project

  Intel Corp. engineers from Portland will play a role in the development in a new tech development center that’s opening in San Antonio.

  As the San Antonio Business Journal reports, Intel announced a significant investment with Rackspace in a new OpenStack Innovation Center that will be based at Rackspace’s headquarters in San Antonio.

• 10 tips for better documentation

  Last July, after a full week at OKFestival, I managed to find enough energy to attend the Write the Docs EU Berlin Unconference. I only managed to attend one day of the event, but it was worth it because Paul Adams, a free software advocate and Director of Engineering at KDAB, led a discussion in which we came up with rules for helping documentation teams be more productive:

• This is why your open source project is failing

  At OSCON this year, Red Hat’s Tom Callaway gave a talk entitled “This is Why You Fail: The Avoidable Mistakes Open Source Projects STILL Make.” In 2009, Callaway was starting to work on the Chromium project—and to say it wasn’t a pleasant experience was the biggest understatement Callaway made in his talk.

• NPR releases open source social media tools for newsrooms

  The helpful folks at NPR have released a collection of fully customisable, open source tools to help journalists create visually engaging images for social media.

  The tools – called Quotable, Factlist and Waterbug – were announced last night by Brian Boyer, editor of the NPR visuals team, as an easy way “for you to create those fashionable social graphics for your news organisation”.

• Growing pains: Open source ubiquity raises ownership, governance issues

  Overlapping scope and membership can confuse users, Miniman warns. Unlike the rules produced by standards committees, foundations don’t guarantee interoperability between implementations. IT organizations need to develop an understanding of how open communities operate, how different licensing models work and how they can become actively involved in shaping open source software.

• Open source software is the only way to keep up

  Between 2005 and 2010, software development accelerated so quickly that some said open source had won the corporate market. But it didn’t stop there. In 2015, surveys showed that companies were using, supporting, and creating more open source software.

  If we look at this pattern, then we can see open source will just keep growing. It’s not going anywhere. If you’re not using, contributing, or supporting it, then you’re going to be left behind.

• DHI Group plans to sell off Slashdot and Sourceforge

  DHI Group—formerly known as Dice Holdings Incorporated prior to this April—announced plans this morning to sell the combination of Slashdot and SourceForge. The announcement was made as part of DHI’s 2Q15 financial results, which were mostly positive, with DHI showing an increase in revenue over the same period last year (totaling $65.8 million) and a net income of $5.7 million.

• Move over Skype, Facetime, Hangouts. Here comes Spreedbox, a fully open source, secure videoconferencing solution

  Following the trend of privacy-respecting products and projects coming out of Europe (e.g., ownCloud, Kolab, and Plasma Mobile), German firm struktur AG has started a Kickstarter project called Spreedbox, which aims to offer a secure audio video conferencing service. According to the project page, “The Spreedbox is a unique device for secure audio/video conferencing, text and video messaging and file sharing. The Spreedbox is your own conferencing, meeting and file exchange service on the Internet and puts the control and security of your data into your own hands.”

• Open Source Is Going Even More Open—Because It Has To

  Open source foundations are nothing new. Linux Foundation has been around since 2007, and other major projects like the Eclipse code editing tool and the Apache web server have been governed this way for even longer. Many of the most important open source projects in recent years, such as the Hadoop big data crunching platform and the database system Cassandra, are managed by the Apache Foundation. But it’s unusual to see so many new foundations created so quickly.

• Student researchers collaborate virtually with help of open-source software

  A typical summer research program—the institute’s Nanobio Research Experience for Undergraduates, for example—brings students together to one host university, where they work in different laboratories on various projects. In the new pilot training program on Computational Biomolecular, students use an open-source software called Rosetta to work together on problems in computational biology and are mentored by faculty who are part of a global collaborative team known as the Rossetta Commons. The software gives users the ability to analyze massive amounts of data to predict the structure of real and imagined proteins, enzymes, and other molecular structures.

• Dice Selling Slashdot and Sourceforge

  FS tells me that Ars Technica reports that Dice is selling the Slashdot and Sourceforge sites. The company in their second quarter earnings announcements stated they have “not successfully leveraged the Slashdot user base to further Dice’s digital recruitment business”, and are planning to divest this business.

• Events

  • Tips for how to plan an open source event

    Step 1 is very clear: Document your event. This way you have shared document that all organizers can refer to as the event progresses. We started with a sample document Kara and Francesca provided. The document is broken down is to several sections and you’re free to copy the document and use it to plan your own event. I’ll review some of the sections in more detail below.

• SaaS/Big Data

  • DreamHost CEO Details OpenStack Customer Use Cases [VIDEO]

    DreamHost has made a name for itself over the years as being a friendly, yet low-cost hosting provider, offering both shared hosting as well as virtual private servers (VPS). DreamHost is also a major backer of the open source OpenStack cloud platform and now offers the DreamCompute cloud server as well.

• Databases

  • Amazon’s MySQL database challenger Aurora exits preview

    Following three years of development and nine months of testing, Amazon Web Services (AWS) on Tuesday announced that its Aurora database engine is now generally available to customers.

    AWS first debuted Aurora during its re:Invent conference in November 2014, positioning the database as a lower cost, higher performance alternative to the widely used open source MySQL database and other similar commercial offerings.

• Oracle/Java/LibreOffice

  • LibreOffice 5.0 to Bring Better Support for Special Scientific Formats

    The fourth Release Candidate for LibreOffice 5.0 has been released by The Document Foundation and it looks like the development cycle is coming to an end.

• BSD

  • pfSense 2.2.4 BSD Firewall Fixes Multiple Stored XSS Vulnerabilities in the WebGUI

    Electric Sheep Fencing LLC., through Chris Buechler, has announced the immediate availability for download of the fourth maintenance release of the pfSense 2.2 FreeBSD-based firewall software.

  • Second Release Candidate of NetBSD 7.0 Brings Latest OpenSSL and BIND Updates

    On July 28, the NetBSD Project, through Soren Jacobsen, announced the immediate availability for download and testing of the second RC (Release Candidate) version of the anticipated NetBSD 7.0 distribution.

  • Using OpenBSD as a FreeBSD Router

    In 2004, whilst at Netsight, I started looking at using OpenBSD for routing. We were using big Cisco 5505 switches with Route Switch Modules in to provide routing. The problem was, they soon became quite slow. They were great if you wanted to do very simple routing, and they could do Layer 3 switching in silicon on the linecards. But as soon as you started to do access lists then they had to route the packets on the main CPU. Not only that, but Cisco’s ACL syntax quickly became very cumbersome as you had no way of doing any kind of macros or variables in the language.

  • FreeBSD Quarterly Status Report – Second Quarter 2015

• FSF/FSFE/GNU/SFLC

  • loop optimizations in guile

    Sup peeps. So, after the slog to update Guile’s intermediate language, I wanted to land some new optimizations before moving on to the next thing. For years I’ve been meaning to do some loop optimizations, and I was finally able to land a few of them.

• Public Services/Government

  • Open source runs Croatia’s geospatial services platforms

    Croatia’s Ministry of Environment and Nature Protection has become one of the country’s major users of open source solutions. The software is making possible two geospatial service platforms on biodiversity and environmental protection, unveiled in May.

  • Western Greece switches to using open source GIS

    The Decentralized Administration of Peloponnese, Western Greece and the Ionian is recommending the use of open source software solutions for its Geographic Information Systems. A memo from the IT department wants all public administrations to start using Qgis.

• Standards/Consortia

  • Standardisation process should be open, study shows

    Organisations setting ICT standards should be open, as this improves their standards and contributes to their implementation in software, concludes a group of Swedish researchers. “Standards get better with contributions coming from individuals and organisations,” says Jonas Gamalielsson, lead author of a paper published in June.

  • Snippets – ODF 1.2, Meteor 1.2 and NodeMCU customised

Leftovers

• Amazon proposes drones-only airspace to facilitate high-speed delivery

  Amazon is proposing that a pristine slice of airspace above the world’s cities and suburbs should be set aside for the deployment of high-speed aerial drones capable of flying robotically with virtually no human interference.

  The retail giant has taken the next step in its ambition to deliver packages via drone within 30 minutes by setting out in greater detail than ever before its vision for the future of robotic flight. It envisages that within the next 10 years hundreds of thousands of small drones – not all of them Amazon’s or devoted to delivery – will be tearing across the skies every day largely under their own automated control.

• Science

  • New study into lack of women in Tech: It’s NOT the men’s fault

    A new study into causes of the scarcity of women in technical and scientific fields says that it is not discrimination by men in the field keeping the ladies away. Nor is it a repugnance felt by women for possibly dishevelled or unhygienic male nerds.

    No, the reason that young women don’t train in Science, Technology, Engineering and Maths (STEM) areas – and thus, don’t find themselves with jobs at tech companies, in IT etc – is quite simply that they mostly don’t know enough maths to do those courses.

    “It is all about the mathematical content of the field. Girls not taking math coursework early on in middle school and high school are set on a different college trajectory than boys,” says economics prof Donna Ginther.

• Security

  • Security advisories for Monday

  • QEMU Vulnerability Exposes The Host Through Emulated CD-ROM Drive

    Back in May was the big “VENOM” security vulnerability affect QEMU whereby VM security could be escaped through QEMU’s virtual floppy disk drive. In June was a PCNET controller buffer overflow allowing a guest to escape to have host access. Today there’s a similar security vulnerability going public about its virtual CD-ROM drive.

  • Websites, Please Stop Blocking Password Managers. It’s 2015

    Rather than fancy zero-day exploits, or cutting-edge malware, what you mostly need to worry about when it comes to security is using strong, unique passwords on all the sites and services you visit.

    You know that. But what’s crazy is that, in 2015, some websites are intentionally disabling a feature that would allow you to use stronger passwords more easily—and many are doing so because they wrongly argue it makes you safer.

  • The Ashley Madison hack — this time it’s personal

    Last week I argued that requiring backdoors in strong encryption would result in the effective end of encryption and provide a veritable buffet of sensitive data to both the government and those with malicious intents. Encryption with backdoors is not encryption at all.

  • Malware on Linux – When Penguins Attack

    Regular Naked Security readers will know that some security topics cause more friction that others.

    Lately, artificial intelligence has provoked its fair share of excitement.

    Surveillance and privacy are other topics that draw out some very varied viewpoints.

• Defence/Police/Secrecy/Aggression

  • US Drone Pilots Are As Skeptical of Autonomy As Are Stephen Hawking and Elon Musk

    There are many reasons to be cautious about greater autonomy in weapons like drones, according to the men and women at the joystick.

• Environment/Energy/Wildlife

  • Zimbabwean officials: American man wanted in killing of Cecil the lion

    The man suspected in Cecil’s death is Walter James Palmer of Eden Prairie, Minnesota, according to Johnny Rodrigues, head of the Zimbabwe Conservation Task Force.

  • Dentist who killed Zimbabwe’s Cecil the lion hires PR firm amid global backlash

    A picture of Palmer posing with another lion he had killed on a previous hunting trip was widely circulated in the media yesterday after it emerged that he paid £32,000 to take part in a big game hunt in Zimbabwe.

  • Zimbabwe: American being sought for killing of protected lion named Cecil

    Zimbabwean police said Tuesday they are searching for an American who allegedly shot a well-known, protected lion with a crossbow in a killing that has outraged conservationists and others.

    The American allegedly paid $50,000 to kill the lion named Cecil, Zimbabwean conservationists said. Authorities on Tuesday said two Zimbabwean men will appear in court for allegedly helping with the hunt. The American faces poaching charges, according to police spokeswoman Charity Charamba.

    [...]

    Palmer, 55, pleaded guilty in 2008 to making false statements to the U.S. Fish and Wildlife Service about a black bear he fatally shot in western Wisconsin outside of the authorized hunting zone, according to court documents.

    [...]

    If convicted, the men face up to 15 years in prison.

  • Cecil the lion’s killer revealed as American dentist

  • Cambridge professor ‘claims three leading climate scientists may have been assassinated’

    A Cambridge professor has reportedly claimed three scientists investigating the effect of global warming upon melting Arctic ice may have been assassinated.

    According to The Times, Peter Wadhams, a professor of ocean physics, said Seymour Laxon of University College London, Katherine Giles also at UCL and Tim Boyd of the Scottish Association for Marine Science had been murdered, after all three died within a few months of each other in 2013.

• Finance

  • Trillion-dollar world trade deal aims to make IT products cheaper

    A new global trade agreement that eliminates tariffs on more than 200 kinds of IT products should result in lower prices to technology buyers around the world as it is implemented over the next three years.

  • Trillion euro technology trade deal could cut the cost of consoles

    A EUROPEAN TECHNOLOGY TRADE DEAL worth trillions of euros has been agreed between Europe, China and the World Trade Organisation (WTO).

    The deal follows negotiations between the above parties and sees an accord reached on things like customs duties on items including games consoles, semiconductors and digital media.

  • TPP Undermines User Control and That’s Disastrous for Accessibility

    The Trans-Pacific Partnership (TPP) threatens all users’ ability to access information and participate in culture and innovation online, but it’s especially severe for those with disabilities or who otherwise depend on content in accessible formats. That’s because it doubles down on broken policies that were heavily lobbied for by Hollywood and other major publishers that impede the distribution of accessible works.

  • The creepy reason banks want us all to have ‘tap and pay’ cards… even though they’re a godsend to fraudsters

    Are any words in the English language more abused than ‘for your convenience’? As soon as you read them you know that it’s not your convenience an organisation has in mind, but its own.

    Last week, my bank sent me a contactless debit card. If you don’t have one yet, the chances are you soon will have.

    It looks like any other credit or debit card, but contains a tiny radio receiver which – when it is waved within a couple of inches of a ticket machine or terminal at a shop checkout – can be used to make a payment.

• Censorship

  • Lifting jokes on Twitter: no laughing matter?

    An example is a tweet by freelance writer Olga Lexell (whose Twitter account is now private) – “saw someone spill their high end juice cleanse all over the sidewalk and now I know god is on my side” – which a number of Twitter users have republished without any attribution to her as the author of the original tweet.

    Ms Lexell decided to submit a DMCA takedown request. Apparently not just God, but also Twitter was on her side. The micro-blogging platform decided in fact to withhold the allegedly infringing tweets. However (and incidentally), as IPKat readers can see here there is still a number of tweets that reproduce her joke in its entirety.

  • Donald Trump’s Clueless Lawyer Threatens Press, Says It’s Ok To Rape Your Spouse

    A few weeks ago, we wrote about the absolute ridiculousness of Donald Trump’s “lawsuit” against Univision, which made some bizarre claims about the First Amendment and defamation that clearly did not apply. While there may be a legitimate contractual dispute hidden somewhere in all that mess, there was so much fluff that it made you wonder who is actually advising the entertainer (pretending to be a politician) on legal issues. Apparently, it’s some guy named Michael Cohen, who isn’t just out of his depth on stuff, but he appears to be actively making things worse. In an astounding article over at The Daily Beast, which was initially over claims of “rape” by Donald Trump’s ex-wife Ivana during their divorce proceedings, Cohen not only claimed that you can’t rape a spouse, but also threatened to ruin The Daily Beast if they published an article. Lawyering by bullshit threats, apparently.

• Privacy

  • Internet Australia and EFA support ALP call for Data Retention Act review

    Internet Australia and EFA have given their support to the Labor Party’s call for a review of the Data Retention Act legislation which it helped bring into law.

  • LinkedIn Just Changed This Very Popular Feature — and People Are Complaining

    LinkedIn is dealing with some very unhappy users after making it more difficult for them to export contacts.

    Business Insider reports that users can still download their contacts for the site, but it now takes longer. As of Thursday, LinkedIn users had to get an archive of their data to do the procedure, and that can reportedly can take up to 72 hours. Before, users could download user contact information immediately.

  • LinkedIn brings back contact export feature after user backlash

  • A simple developer error is exposing private information on thousands of websites

    Git is a developer’s best friend… except when it’s not used properly and exposes a site’s security.

    The tool is used for version control. It tracks changes to code over time, so that multiple developers can work together efficiently and roll back if they need to.

    Git is also the core tool used to contribute to social coding site GitHub, though they aren’t the same thing.

    It’s a glorious tool and fairly straightforward to use, but has a steep learning curve, as most of the interactions you’ll have with it are through the command line.

  • NSA ordered to destroy phone records it collected illegally

    In case you were worried the National Security Agency was still probing around your phone records, soon enough they will be deleted.

    The Office of the Director of National Intelligence announced that the “bulk collection” of phone data the NSA illegally collected under Section 215 of the Patriot act will be locked away starting November 29, 2015.

    The data will effectively be out of reach from agency employees ad infinitum, effectively making it unusable in anti-terrorism or national security investigations. The only exception will be a three-month period, in which “technical personal” can check the data for the sole purpose of verifying records produced under the new USA Freedom Act.

  • Peru Adopts Data Retention Decree: Declares Location Data No Longer Protected

    The Peruvian President today adopted a legislative decree that will grant the police warrantless access to real time user location data on a 24/7 basis. But that’s not the worst part of the decree: it compels telecom providers to retain, for one year, data on who communicates with whom, for how long, and from where. It also allows the authorities access to the data in real time and online after seven days of the delivery of the court order. Moreover, it compels telecom providers to continue to retain the data for 24 more months in electronic storage. Adding insult to injury, the decree expressly states that location data is excluded from the privacy of communication guaranteed by the Peruvian Constitution.

  • Michael Chertoff Makes the Case against Back Doors

    One of the more interesting comments at the Aspen Security Forum (one that has, as far as I’ve seen, gone unreported) came on Friday when Michael Chertoff was asked about whether the government should be able to require back doors. He provided this response (his response starts at 16:26).

  • Jim Comey Finally Has a Dastardly Criminal Who Made His Texts Unavailable

  • Nope, White House won’t pardon Snowden

    Unsurprisingly, the White House formally announced Tuesday that it will not be granting a pardon to Edward Snowden anytime soon.

    Immediately after Snowden was formally charged in 2013 with espionage, theft, and conversion of government property, supporters began petitioning the White House to pardon the famed former National Security Agency contractor.

  • Is it possible to permanently delete a social media profile?

    Put it online and it will live forever (Image: Aldo Sperber/picturetank)

    They thought they could get away with it. The 37 million people who put nude photos and intimate details of their sexual fantasies on the Ashley Madison website (which has the slogan “Life is short. Have an affair”) had a get-out clause.

    Ashley Madison, like some other sites, offers a hard delete – a guarantee that for a certain amount of money, your data will be scrubbed from all of its internal records. To permanently destroy all traces of your affiliation with the adultery social network costs £15 in the UK.

    However, a hacker collective called Impact Team has revealed that customers’ details aren’t entirely deleted. Compliance with auditing requirements means that the credit card details and name used to scrub the account remain in Ashley Madison’s database, rather defeating the point.

  • DOJ To Court: Hey, We’re Shutting Down Section 215, So We Can Probably Stop Arguing About The Legality Of Bulk Collection

    Just as James Clapper’s office was officially announcing the death of the bulk phone metadata program (ending November 29th, with three months of post-wind-down wind-down for data analysts), the DOJ was filing a motion in the Second Circuit Court of Appeals basically arguing that its finding that the program was illegal really doesn’t matter anymore.

• Civil Rights

  • Amal Clooney launches Supreme Court appeal on behalf of Chagos islanders

    Almost a decade ago, Britain’s High Court and Court of Appeal ruled that they and their descendants could return to some of the 65 islands, though not to Diego Garcia. Those decisions were challenged by the government and overturned in 2008 by the Law Lords, then Britain’s highest court.

  • Letter to the Telegraph: End “distressing” exile of Chagossians

    In 1985, I called at Saloman Atoll, which is about 100 miles north of Diego, when crossing by yacht from Darwin to Aden. The abandoned houses and roofless church, together with the overgrown pathways were distressing to see. It is to our shame that we treated these islanders so cruelly and it is high time we made amends and repatriated them.

  • In Iraq, I raided insurgents. In Virginia, the police raided me.

    I got home from the bar and fell into bed soon after Saturday night bled into Sunday morning. I didn’t wake up until three police officers barged into my apartment, barking their presence at my door. They sped down the hallway to my bedroom, their service pistols drawn and leveled at me.

    It was just past 9 a.m., and I was still under the covers. The only visible target was my head.

    In the shouting and commotion, I felt an instant familiarity. I’d been here before. This was a raid.

  • Eight Years After Bogus Expulsion Over Supposed ‘Threat,’ Former Student Obtains $900k Settlement From University

    It’s taken former Valdosta State University (VSU) student Hayden Barnes most of a decade and two trips to the 11th Circuit Appeals Court, but his efforts to hold the school accountable for its abusive behavior have finally paid off.

  • The Wheels of Justice Turn Slowly

    On the evening March 14, 2013, a heavily-armed police force surrounded my home in Annandale, Va., after responding to a phony hostage situation that someone had alerted authorities to at our address. I’ve recently received a notice from the U.S. Justice Department stating that one of the individuals involving in that “swatting” incident had pleaded guilty to a felony conspiracy charge.

  • White House Finally Answers Snowden Pardon Petition: The Only Good Whistleblowing Is Punished Whistleblowing

    The White House has finally responded — more than two years later — to a petition asking for a pardon of Edward Snowden. The petition surfaced soon after Snowden went public with his identity. Less than three weeks later — June 25, 2013 — it had passed the 100,000-signature threshold.

• Intellectual Monopolies

  • Copyrights

    • RIAA Wants Domain Registrar to Expose ‘Pirate Site’ Owner

      The RIAA has obtained subpoenas from a federal court in Columbia ordering domain name registrar Dynadot to hand over the IP and email addresses and all other identifying information related to the operator of the unauthorized music service Soundpiff. In addition, the RIAA notes that the registrar may want to disconnect the site due to its repeated infringements.

    • Happy Birthday Copyright Bombshell: New Evidence Warner Music Previously Hid Shows Song Is Public Domain

      Last minute evidence that completely turns a legal case on its head doesn’t come about all that often — despite what you see in Hollywood movies and TV shows. The discovery process in a lawsuit generally reveals most of the evidence revealed to everyone pretty early on. And yet… in the high profile lawsuit over the copyright status of the song “Happy Birthday,” the plaintiffs “Good Morning to You Productions” (who are making a documentary about the song and are arguing that the song is in the public domain) have popped up with a last minute filing, saying they have just come across evidence that the song is absolutely in the public domain.

      And, here’s the real kicker: they discovered this bit of evidence after two questionable things happened. (1) Warner/Chappell Music (who claims to hold the copyright for the publishing, if it exists) suddenly “found” a bunch of relevant documents that it was supposed to hand over in discovery last year, but didn’t until just a few weeks ago, and (2) a rather important bit of information in one of those new documents was somewhat bizarrely “blurred out.” This led the plaintiffs go searching for the original, and discover that it undermines Warner Music’s arguments, to the point of showing that the company was almost certainly misleading the court. Furthermore, it definitively shows that the work was and is in the public domain.

    • Filmmakers fighting “Happy Birthday” copyright find their “smoking gun”

      The “smoking gun” is a 1927 version of the “Happy Birthday” lyrics, predating Warner/Chappell’s 1935 copyright by eight years. That 1927 songbook, along with other versions located through the plaintiffs’ investigations, “conclusively prove that any copyright that may have existed for the song itself… expired decades ago.”

    • WordPress Rejects 43% Of All ‘Piracy’ Takedown Notices

      WordPress has published new data on the number of piracy takedown notices the company receives. During the first half of the year copyright holders sent close to 5,000 requests to the blogging platform. Of these takedown notices a surprisingly high percentage was rejected due to inaccuracies or plain abuse.

    • So far, WordPress denied 43% of DMCA takedown requests in 2015

      This week WordPress released the latest edition of its recurring transparency report, revealing 43 percent of the Digital Millennium Copyright Act (DMCA) takedown requests it received have been rejected in the first six months of 2015. It’s the lowest six-month period shown in the report, though it only dates back to 2014. However, WordPress said this headline figure would be even higher if it “counted suspended sites as rejected notices.” That change in calculation would bump the WordPress DMCA denial rate to 67 percent between January 1 and June 30, 2015.