ELI5: Leah Rowe made this commit to the Libreboot website earlier today with the comment "typofix". In fact, it was more than a typo-fix as it shows that the FSF employee either no longer or never did give permission for the opposition against the FSF.
Leah Rowe is still libreboot's maintainer, and the GNU project has zero right to keep libreboot under its umbrella. If the maintainer of a GNU project steps down without intending for that project to leave GNU, then fine. But if a maintainer stays on as that projects maintainer while stating the projects intention to leave GNU, then GNU should honour that request.
A new experimental package is now on the ghrr drat. It is named tint which stands for Tint Is Not Tufte. It provides an alternative for Tufte-style html presentation. I wrote a bit more on the package page and the README in the repo -- so go read this.
Krebs on Security in record DDOS attack: Everybody’s go-to site for news and views of security issues, has been temporarily knocked offline in a DDOS attack for the record books. We first heard about the attack on Thursday morning after Brian Krebs reported that his site was being hit by as much as 620 Gbs, more than double the previous record which was considered to be a mind-blower back in 2013 when the anti-spam site Spamhaus was brought to its knees.
Security sites such as Krebs’ that perform investigative research into security issues are often targets of the bad guys. In this latest case, Ars Technica reported the attack came after Krebs published the identity of people connected with vDOS, Israeli black hats who launched DDOS attacks for pay and took in $600,000 in two years doing so. Akamai had been donating DDoS mitigation services to Krebs, but by 4 p.m. on the day the attack began they withdrew the service, motivated by the high cost of defending against such a massive attack. At this point, Krebs decided to shut down his site.
When generating the keypair, you're asked for a passphrase to encrypt the private key with. If you will ever lose your private key it should protect others from impersonating you because it will be encrypted with the passphrase. To actually prevent this, one should make sure to prevent easy brute-forcing of the passphrase.
OpenSSH key generator offers two options to resistance to brute-force password cracking: using the new OpenSSH key format and increasing the amount of key derivation function rounds. It slows down the process of unlocking the key, but this is what prevents efficient brute-forcing by a malicious user too. I'd say experiment with the amount of rounds on your system. Start at about 100 rounds. On my system it takes about one second to decrypt and load the key once per day using an agent. Very much acceptable, imo.
Today we’d like to explain what it costs to run Let’s Encrypt. We’re doing this because we strive to be a transparent organization, we want people to have some context for their contributions to the project, and because it’s interesting.
Let’s Encrypt will require about $2.9M USD to operate in 2017. We believe this is an incredible value for a secure and reliable service that is capable of issuing certificates globally, to every server on the Web free of charge.
We’re currently working to raise the money we need to operate through the next year. Please consider donating or becoming a sponsor if you’re able to do so! In the event that we end up being able to raise more money than we need to just keep Let’s Encrypt running we can look into adding other services to improve access to a more secure and privacy-respecting Web.
One of North Korea’s top level DNS servers was mis-configured today (20th September 2016) accidentally allowing global DNS zone transfers. This allowed anyone who makes a zone transfer request (AXFR) to retrieve a copy of the nation’s top level DNS data.
This data showed there are 28 domains configured inside North Korea, here is the list:
As a number of outlets have reported, Yahoo has announced that 500 million of its users’ accounts got hacked in 2014 by a suspected state actor.
But that massive hack is actually one of three interesting hacks of Yahoo in recent years.
Italian Military's LibreOffice Migration Underway; 100,000+ PCs To Be Migrated
As we reported exactly an year ago, Italian Military's plans to migrate its entire fleet of desktop PCs to LibreOffice is well underway and has reached its first milestone. Since the project got started about an year ago, the Italian military have switched over 8000 PC workstations to LibreOffice.
The Ubuntu Phone is getting better, and with every new iteration of the OTA, my little BQ Aquaris E4.5 is gaining more speed and functionality. Like in the air force, with an avionics upgrade, which transforms ancient wings into a powerful and modern bird of prey. Only the pace of advancement is lagging behind the market. See what Android and iOS can do, even Windows Phone, and you realize how late and insufficiently meaningful the Ubuntu Phone really is. This has to change, massively.
This latest round does bring some fine goods to the table - more speed and stability, better icons, more overall visual polish, incremental improvements in the applications and the scopes. But that's not enough to win the heart of the average user. A more radical, app-centric effort is required. More focus on delivering the mobile experience, be it as it may. Ubuntu cannot revolutionalize that which is already considered the past. It can only join the club and enjoy the benefits of a well-established reality. And that is a kickass app stack that makes the touch device worth using in the first place.
Still, it's not all gloomy. E4.5 is a better product now than it was a year ago, fact. Ubuntu Phone is a better operating system than it was even this spring, fact. So maybe one day we will see Ubuntu become an important if not dominant player in the phone and tablet space. It sure is heading in the right direction, my only fear is the availability of resources to pull off this massive rehaul that is needed to make it stand up to the old and proven giants. And that's it really.
If you're keen on Linux (not Android) making it in the mobile world, do not forget to check my Ubuntu tablet review! Especially the convergence piece. On that merry note, you do remember that I'm running a wicked contest this year, too? He/she who reads my books might get a chance to win an M10 tablet. Indeed. Off you go, dear readers. Whereas I will now run the same set of tests we did here on the Aquaris tablet, and see how it likes the OTA-12 upgrade. The end.
In this post, we shall cover a few of the top, open-source artificial intelligence (AI) tools for the Linux ecosystem. Currently, AI is one of the ever advancing fields in science and technology, with a major focus geared towards building software and hardware to solve every day life challenges in areas such as health care, education, security, manufacturing, banking and so much more.
Climate change has many components — rising sea levels, alterations in rainfall patterns, and an increase in severe storm activity, among others. Communities around the world are faced with the need to plan for climate change but don’t have the information available to do so effectively.
It’s been a long, drawn-out battle, beginning in 2013 when Cody Wilson, founder of Defense Distributed, published the open source files for his 3D printed handgun, the Liberator, online. The State Department ordered that he take the files down, and Wilson complied, but not before thousands had downloaded them and spread them elsewhere on the Internet. In 2015, with the help of gun rights organization The Second Amendment Foundation, Wilson filed a federal lawsuit claiming that the State Department had violated not only his Second Amendment but his First Amendment rights. By suppressing his right to share information online, Wilson argued, the State Department was violating his right to free speech.
With Oracle now trying to get back on track with advancing enterprise Java, the company is seeking rapprochement with factions that had sought to advance the platform on their own. The two groups involved are mostly amenable to patching up the relationship.
Oracle's Anil Gaur, group vice president of engineering, said this week he had already been in touch with some of the concerned parties. The two factions include Java EE Guardians, led by former Oracle Java EE evangelist Reza Rahman, and Microprofile.io, which has included participation from Red Hat and IBM.