Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Filed under
Misc
  • The Challenges Facing Privacy Apps

    When we talk about privacy as a concept, we tend to drill into the benefits of privacy and the crucial role that it plays in our lives as individuals. In aggregate, privacy extends its role to protect fundamental freedoms that we all agree are pillars to a free and happy society.

    What we don’t talk about is the challenges that privacy apps face, and how often tools are not designed to fulfill the needs of the needs of the end user.

    [...]

    Using software that is open source is a critical piece of the puzzle, because this allows peer review to verify that the developer isn’t collecting unnecessary data to make the app or service work, and that the developers have considered all of the external privacy threats.

    If the software isn’t open source, there’s no way to verify this. You have to implicitly trust that the developer doesn’t want to grab your data for money, which is always in their interest to do. You are hoping that the developer is principled enough to resist the urge to make more money off of you. This is an even greater concern when the application is free. You have to consider how, if not through your data, is the app developer making money?

  • Spy on your smart home with this open source research tool

    Testing the IoT Inspector tool in their lab the researchers say they found a Chromecast device constantly contacting Google’s servers even when not in active use.

  • How To Enable (UP) And Disable (DOWN) A Network Interface Port (NIC) In Linux?
  • The woes of 520-byte sectors

More in Tux Machines

OSS Leftovers

  • Hideki Yamane: Debian 10 "buster" release party @Tokyo (7/7)

    We ate a delicious cake to celebrate Debian 10 "buster" release, at party in Tokyo (my employer provided the venue, cake and wine. Thanks to SIOS Technology, Inc.! :)

  • First Global Students Open Source Conference to Bring Together Next-Generation Tech Community

    Open-source software is a piece of software whose source code is distributed, modified and reused by the public with a few restrictions. The emphasis of open-source development on freedom, collaboration and community appeals to Silicon Valley companies and student organizations alike.

  • Zstd 1.4.1 Further Improves Decode Speed, Other Optimizations

    Zstd 1.4.1 is out today as a maintenance release to Facebook's Zstandard compression algorithm but with this update comes even more performance optimizations.  [...] This Zstd release also has several bug fixes including for niche use-cases where it could hit a rare data corruption bug. There are also build system updates and documentation improvements. 

  • Kubernetes As A Service On Bare Metal | Boris Renski

    Mirantis is one of those companies that continues to evolve with change times. Mirantis is now upping its Kubernetes game by offering Kubernetes as a service that supports bare metal. Mirantis CMO and co-founder Boris Renski explains the service in this interview.

  • YugaByte Commits to 100 Percent Open Source with Apache 2.0 License

    Version 2.0 Release Candidate of YugaByte Distributed SQL DB Available; First Product Available Under License Created by the Polyform Project.

  • Databases adopt open licenses, JavaScript gets faster on Android, governments use more OSS, and more news

    In the last year, a handful of major open source database vendors have tightened their grip on their code to try to remain competitive. Two vendors have bucked that trend and have gone all in on open source. The first of those is Cloudera, which announced that it's making "closed license components of its products open source" under the AGPL and Apache 2.0 license. While Cloudera's executives said they "had been mulling a modified open source license" like the one adopted by some of their competitors, they decided to go open and to adopt a "licensing/subscription approach" that closely mirrors that of Red Hat. Distributed database vendor YugaByte also adopted an Apache 2.0 license, making its wares fully open source. That move brings "previously commercial-only, closed-source features such as Distributed Backups, Data Encryption, and Read Replicas into the open source core project." That code is available in the project's GitHub repository.

  • Why Carl Malamud's Latest Brilliant Project, To Mine The World's Research Papers, Is Based In India

    Carl Malamud is one of Techdirt's heroes. We've been writing about his campaign to liberate US government documents and information for over ten years now. The journal Nature has a report on a new project of his, which is in quite a different field: academic knowledge. The idea will be familiar to readers of this site: to carry out text and data mining (TDM) on millions of academic articles, in order to discover new knowledge. It's a proven technique with huge potential to produce important discoveries. That raises the obvious question: if large-scale TDM of academic papers is so powerful, why hasn't it been done before? The answer, as is so often the case, is that copyright gets in the way. 

Security Leftovers

  • Researchers Build App That Kills To Highlight Insulin Pump Exploit

    By now the half-baked security in most internet of things (IOT) devices has become a bit of a running joke, leading to amusing Twitter accounts like Internet of Shit that highlight the sordid depth of this particular apathy rabbit hole. And while refrigerators leaking your gmail credentials and tea kettles that expose your home networks are entertaining in their own way, it's easy to lose sight of the fact that the same half-assed security in the IOT space also exists on most home routers, your car, your pacemaker, and countless other essential devices and services your life may depend on. Case in point: just about two years ago, security researchers discovered some major vulnerabilities Medtronic's popular MiniMed and MiniMed Paradigm insulin pumps. At a talk last year, they highlighted how a hacker could trigger the pumps to either withhold insulin doses, or deliver a lethal dose of insulin remotely. But while Medtronic and the FDA warned customers about the vulnerability and issued a recall over time, security researchers Billy Rios and Jonathan Butts found that initially, nobody was doing much to actually fix or replace the existing devices. [...] And of course that's not just a problem in the medical sector, but most internet-connected tech sectors. As security researcher Bruce Schneier often points out, it's part of a cycle of dysfunction where the consumer and the manufacturer of a flawed product have already moved on to the next big purchase, often leaving compromised products, and users, in a lurch. And more often than not, when researchers are forced to get creative to highlight the importance of a particular flaw, the companies in question enjoy shooting the messenger.

  • Desktop Operating Systems: Which is the safest? [Ed: This shallow article does not discuss NSA back doors and blames on "Linux" devices with open ports and laughable passwords -- based on narrative often pushed by corporate media to give illusion of parity. Also pushes the lie of Linux having minuscule usage.]
  • How Open Source Data Can Protect Consumer Credit Card Information
  • Open Source Hacking Tool Grows Up

    An open source white-hat hacking tool that nation-state hacking teams out of China, Iran, and Russia have at times employed to avoid detection....

Games: Dota Underlords and Stadia

  • Dota Underlords has another update out, this one changes the game quite a lot

    Valve continue to tweak Dota Underlords in the hopes of keeping players happy, this mid-Season gameplay update flips quite a few things on their head. I like their sense of humour, with a note about them removing "code that caused crashes and kept code that doesn't cause crashes". There's a few smaller changes like the addition of Loot Round tips to the Season Info tab, the ability to change equipped items from the Battle Pass and some buffs to the amount XP awarded for your placement in matches and for doing the quests. Meaning you will level up the Battle Pass faster.

  • Interested in Google's Stadia game streaming service? We have a few more details now

    With Google's game streaming service Stadia inching closer, we have some more information to share about it. Part of this, is thanks to a recent AMA (Ask Me Anything) they did on Reddit. I've gone over what questions they answered, to give you a little overview. Firstly, a few points about the Stadia Pro subscription: The Pro subscription is not meant to be like a "Netflix for Games", something people seem to think Stadia will end up as. Google said to think of it more like Xbox Live Gold or Playstation Plus. They're aiming to give Pro subscribers one free game a month "give or take". If you cancel Stadia Pro, you will lose access to free games claimed. However, you will get the previously claimed games back when you re-subscribe but not any you missed while not subscribed. As for Stadia Base, as expected there will be no free games included. As already confirmed, both will let you buy games as normal.

LabPlot has got some beautifying and lots of datasets

Hello everyone! The second part of this year's GSoC is almost over, so I was due to let you know the progress made in the last 3 weeks. I can assure you we haven't lazed since then. I think I managed to make quite good progress, so everything is going as planned, or I could say that even better. If you haven't read about this year's project or you just want to go through what has already been accomplished you can check out my previous post. So let's just go through the new things step by step. I'll try to explain the respective feature, and also give examples using videos or screenshots. The first step was to improve the welcome screen and make it easily usable, dynamic, clean and intuitive for users. This step was very important since the welcome screen is what the users will first get in contact with when they start using LabPlot. Read more