Language Selection

English French German Italian Portuguese Spanish

Proprietary Software and Security

Filed under
Security

                           

  • Facebook Data Leak Scrutinized by Big Tech's Top EU Data Watchdog

                         

                           

    The Irish Data Protection Commission is trying to “establish the full facts” since the weekend and so far “received no proactive communication from Facebook,” the regulator said in a statement on its website on Tuesday. It said the tech company assured it that “it is giving highest priority to providing firm answers” to the authority.

                           

    Personal information on 533 million Facebook users reemerged on a hacker website for free on Saturday. The information included phone numbers and email address of users, the regulator said Tuesday. Facebook has said the data is old and was already reported on in 2019.

  •                    

  • How Facebook will benefit from its massive breach

                         

                           

    Facebook's surveillance data isn't that valuable, so it has to gather a lot of it. Most of its ad-tech advantage is just fraud: lying to advertisers about who saw its ads, lying to publishers about which kinds of content generate the most revenue.

                           

    https://pluralistic.net/2020/12/11/number-eight/#curse-of-bigness

                           

    The data advantage itself is very short-lived; for example, location data is highly prized by advertisers who want to show you an ad for shoes while you're outside a shoe-store. This value is annihilated as soon as you move somewhere else.

    Data isn't the new oil, it's the new oily rag: a low-grade waste-product that is only valuable when it is piled up in such vast quantities that it poses an existential, civilization-ending danger.

  • Are You One of the 533M People Who Got Facebooked?
  • Your Slack DMs aren’t as private as you think

    Is Slack good for actually getting your work done? That’s debatable. But the popular messaging platform — which boasted more than 12 million daily active users as of last year — is definitely a promising medium for employers, regulatory agencies, the government, and even hackers seeking a trove of data about a company and its workers. Even your coworkers could find out more about you than you might expect.

    The number of Slack messages your workplace might be able to access has actually grown as Slack has built out its workplace app. Last year, the company launched a new tool called Slack Connect, which allows different workplaces to share channels on the app. The company announced that the feature was expanded again last month, so anyone could send invitations to direct message to other Slack users — even if they work at another workplace (whether users can actually send and accept these invites depends on whether their workplace has put in restrictions). But just because you’re messaging someone at a different workplace doesn’t mean your boss couldn’t necessarily see the messages you send.

  • Apple Mail Zero-Click Security Vulnerability Allows Email Snooping

    According to Mikko Kenttälä, founder and CEO of SensorFu, exploitation of the bug could lead to unauthorized disclosure of sensitive information to a third party; the ability to modify a victim’s Mail configuration, including mail redirects which enables takeover of victim’s other accounts via password resets; and the ability to change the victim’s configuration so that the attack can propagate to correspondents in a worm-like fashion.

  • The UK Is Trying to Stop Facebook's End-to-End Encryption

    Patel will headline an April 19 roundtable organized by the National Society for the Prevention of Cruelty to Children (NSPCC), according to a draft invitation seen by WIRED. The event is set to be deeply critical of the encryption standard, which makes it harder for investigators and technology companies to monitor communications between people and detect child grooming or illicit content, including terror or child abuse imagery.

    End-to-end encryption works by securing communications between those involved in them—only the sender and receiver of messages can see what they say and platforms providing the technology cannot access the content of messages. The tech has been increasingly made standard in recent years with WhatsApp and Signal using end-to-end encryption by default to protect people’s privacy.

  • UK Politicians Getting Serious About Ending End-To-End Encryption

    Last week we noted that there was some fairly mixed up pressure mounting on UK politicians to block encryption from some confused charities which (falsely) thought that ending encryption would somehow protect children. We also noted that many of the politicians pushing to end encryption... were using encrypted messaging themselves in an effort to dodge public records requests.

  • Australian Government Proposes Stripping Internet Users Of Their Anonymity

    I thought we had put this sort of idiocy behind us, but I see it's back again. In 2011, some German politicians suggested the country's youths be required to obtain some sort of internet driver's license following a party that got out of hand after a private Facebook invite was accidentally made public. Somehow, obtaining an ID to use social media services would prevent this from happening in the future, but officials were extremely light on details.

More in Tux Machines

Best Apps to Install on Linux Mint in 2021

Linux Mint is a popular Linux distro alongside Ubuntu. There is not much difference between the functionalities and features of the two. Hence, the various app that is compatible with Ubuntu also works effortlessly on Linux Mint. The advantage of using Linux distros and apps is that most are free and open-source. As Linux Mint is an alternative to Ubuntu, you can find an alternative to every popular and widely used app. Thus, there is no scarcity of apps in each category. However, finding a reliable app is not an easy task because of so many options. Read more

KDE Frameworks 5.81 Released with KHamburgerMenu, Various Improvements

The biggest new feature in the KDE Frameworks 5.81 release is the implementation of a new, custom hamburger menu called KHamburgerMenu, which will be shown on QWidgets-based apps whenever the main menubar is hidden. The KDE Project plans to adopt the KHamburgerMenu for all KDE apps as it offers several advantages, including an alternative app menu in case you hide the default menubar by accident, more freedom when you want to take full advantage of the maximum vertical space, more compact design with only relevant menu items, as well as support for relocating, renaming, removing, or even changing its icon. Read more

today's leftovers

  • Radeon Vulkan Driver Adds Option Of Rendering Less For ~30% Greater Performance - Phoronix

    If your current Vulkan-based Radeon Linux gaming performance isn't cutting it and a new GPU is out of your budget or you have been unable to find a desired GPU upgrade in stock, the Mesa RADV driver has added an option likely of interest to you... Well, at least moving forward with this feature being limited to RDNA2 GPUs for now. RADV as Mesa's Radeon Vulkan driver has added an option to allow Variable Rate Shading (VRS) via an environment variable override. This RADV addition is inspired by the likes of NVIDIA DLSS for trading rendering quality for better performance but in its current form is a "baby step" before being comparable to DLSS quality and functionality.

  • Bas Nieuwenhuizen: A First Foray into Rendering Less

    In RADV we just added an option to speed up rendering by rendering less pixels. These kinds of techniques have become more common over the past decade with techniques such as checkerboarding, TAA based upscaling and recently DLSS. Fundamentally all they do is trading off rendering quality for rendering cost and many of them include some amount of postprocessing to try to change the curve of that tradeoff. Most notably DLSS has been widly successful at that to the point many people claim it is barely a quality regression. Of course increasing GPU performance by up to 50% or so with barely any quality regression seems like must have and I think it would be pretty cool if we could have the same improvements on Linux. I think it has the potential to be a game changer, making games playable on APUs or playing with really high resolution or framerates on desktops. [...] VRS is by far the easiest thing to make work in almost all games. Most alternatives like checkerboarding, TAA and DLSS need modified render target size, significant shader fixups, or even a proprietary integration with games. Making changes that deeply is getting more complicated the more advanced the game is. If we want to reduce render resolution (which would be a key thing in e.g. checkerboarding or DLSS) it is very hard to confidently tie all resolution dependent things together. For example a big cost for some modern games is raytracing, but the information flow to the main render targets can be very hard to track automatically and hence such a thing would require a lot of investigation or a bunch of per game customizations.

  • Dota 2 version 7.29 is out with the new Dawnbreaker melee hero

    Valve has put out a major upgrade for their popular free to play MOBA with Dota 2 getting Dawnbreaker. This brand new hero is focused on melee, with a low-skill entry level so it should be suitable for a lot of players. You can see a dedicated hero page for Dawnbreaker here. "Dawnbreaker shines in the heart of battle, happily crushing enemies with her celestial hammer and healing nearby allies. She revels in hurling her hammer through multiple foes and then converging with it in a blazing wake, always waiting to tap her true cosmic power to fly to the aid of her teammates — eager to rout her enemies on the battlefield no matter where they are."

  • Grape times ahead with the release of Wine 6.6 noting plenty of fixes

    No wine-ing about the puns please. Jokes aside, the tasty compatibility tech that is Wine has a new development release available today with Wine 6.6. For newer readers and Linux users here's a refresher - Wine is a compatibility layer built for operating systems like Linux, macOS and BSD. The idea is to allow other platforms to run games and applications only built and supported for Windows. It's also part of what makes up Steam Play Proton. Once a year or so, a new stable release is made.

  • Friday’s Fedora Facts: 2021-14

    Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)! The Final freeze is underway. The F34 Final Go/No-Go meeting is Thursday. I have weekly office hours on Wednesdays in the morning and afternoon (US/Eastern time) in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. See the upcoming meetings for more information.

  • A developer goes to the Masters: Day 1 inside the digital ops center [Ed: IBM is OK with the word "Master" again, contrary to spin]
  • Rancher Platform Partner, Weka delivers Stateful Storage for Containers at Scale

    Containers rose to the mainstream primarily due to workload portability and immutability advantages. Kubernetes became the primary orchestration tool and was initially supporting stateless applications, commonly referred to as the cattle vs. pets approach. However, data-centric applications need stateful-ness while still leveraging the cattle vs. pet approach. Microservices, Containers, and Kubernetes are now moving mainstream as increasingly more stateful applications are adopting them.

  • SUSE for your agile data platform, featuring Microsoft SQL Server[Ed: SUSE is just a worthless proprietary software reseller for SAP and Microsoft (their salesperson from SAP signing anti-RMS petition makes perfect sense and proves us correct about SUSE's motivations)]
  • What's the point of open source without contributors? Turns out, there are several [Ed: Mac Asay isn't even using it himself, just lecturing others what to do while working for Jeff Bezos]
  • Am I FLoCed? A New Site to Test Google's Invasive Experiment

    FLoC is a terrible idea that should not be implemented. Google’s experimentation with FLoC is also deeply flawed . We hope that this site raises awareness about where the future of Chrome seems to be heading, and why it shouldn't.

    FLoC takes most of your browsing history in Chrome, and analyzes it to assign you to a category or “cohort.” This identification is then sent to any website you visit that requests it, in essence telling them what kind of person Google thinks you are. For the time being, this ID changes every week, hence leaking new information about you as your browsing habits change. You can read a more detailed explanation here .

    Because this ID changes, you will want to visit https://amifloced.org often to see those changes.

  • The Brave browser basics: what it does, how it differs from rivals

    Boutique browsers try to scratch out a living by finding a niche underserved by the usual suspects. Brave is one of those browsers.

    Brave has gotten more attention than most alternate browsers, partly because a co-founder was one of those who kick-started Mozilla's Firefox, partly because of its very unusual — some say parasitical — business model.

Devices/Embedded Hardware

  • 3.5-inch SBC features Comet Lake-S

    Aaeon’s 3.5-inch Linux-ready “GENE-CML5” SBC supplies an up to octa-core 10th Gen Core CPU plus up to 64GB DDR4, 2x SATA, 2x GbE, 2x USB 3.2 Gen2, DP, VGA, M.2 M-key, and PCIe x4. Aaeon has posted a preliminary product page for what appears to be the first 3.5-inch SBC built around Intel’s 10th Gen Comet Lake-S. In fact, this is one of the first Comet Lake SBCs of any kind, following a few early entries like Portwell’s WADE-8212 Mini-ITX board.

  • Play your retro console on a modern TV
  • Olimex RP2040-PICO-PC “computer” to feature RP2040-Py Raspberry Pi Pico compatible module

    We previously wrote it was possible to create a Raspberry Pi RP2040 board with HDMI using DVI and programmable IOs to output video up to 640×480 at 60 Hz with the microcontroller’s Cortex-M0+ cores clocked at 252 MHz. At the time, we also noted Olimex was working on such a board with RP2040-PICO-PC designed to create a small Raspberry Pi RP2040 computer with HDMI/DVI video output. The Bulgarian company has now manufactured the first prototype, but due to supply issues with the Raspberry Pi Pico board, they also designed their own RP2040-PICO module since they’ve got a reel of Raspberry Pi RP2040 microcontrollers.

  • Our most complex Open Source Hardware board made with KiCad – the octa core iMX8 Quad Max – Tukhla is completely routed and now on prototype production

    We started this project June-July 2020. Due to the Covid19 the development took 10 months although only 6 month of active work was done, due to lock downs, ill developers and so on troubles.

    Now the board is completely routed and has these features: [...]