Language Selection

English French German Italian Portuguese Spanish

Legal

Easter egg: DSL router patch merely hides backdoor instead of closing it

Filed under
Hardware
Security
Legal

First, DSL router owners got an unwelcome Christmas present. Now, the same gift is back as an Easter egg. The same security researcher who originally discovered a backdoor in 24 models of wireless DSL routers has found that a patch intended to fix that problem doesn’t actually get rid of the backdoor—it just conceals it. And the nature of the “fix” suggests that the backdoor, which is part of the firmware for wireless DSL routers based on technology from the Taiwanese manufacturer Sercomm, was an intentional feature to begin with.

Back in December, Eloi Vanderbecken of Synacktiv Digital Security was visiting his family for the Christmas holiday, and for various reasons he had the need to gain administrative access to their Linksys WAG200G DSL gateway over Wi-Fi. He discovered that the device was listening on an undocumented Internet Protocol port number, and after analyzing the code in the firmware, he found that the port could be used to send administrative commands to the router without a password.

After Vanderbecken published his results, others confirmed that the same backdoor existed on other systems based on the same Sercomm modem, including home routers from Netgear, Cisco (both under the Cisco and Linksys brands), and Diamond. In January, Netgear and other vendors published a new version of the firmware that was supposed to close the back door.

Read more

History Repeats Itself: Patent Abusers Successfully Stymie Anti-Patent Troll Bill In The Senate

Filed under
Legal

Back in December, we noted that the House Judiciary Committee had approved an unfortunately watered-down, anti-patent troll bill. It was better than nothing, but we hoped that the Senate would approve a much stronger version. For a while it seemed like that was likely to happen, but... those who abuse patents are pretty damn powerful. Even those who have been hit by patent trolls in the past, like Apple and Microsoft, have decided to join forces in lobbying against meaningful patent reform. They've been pushing to water down the Senate's bill, taking out nearly everything that would make the bill useful -- and it appears that they're succeeding.

Read more ►

Here's Hoping The Supreme Court Does Not Blow Another Opportunity To Fix The Software Patent Problem

Filed under
Legal

Four years ago, the Supreme Court had a chance to establish once and for all whether or not software was patentable. The Bilski case got all sorts of attention as various parties lined up to explain why software patents were either evil, innovation-killing monsters or the sole cause of innovation since the cotton gin and everything in between (only slight exaggeration). Rather than actually answer the question everyone was asking, the Supreme Court decided to rule especially narrowly, rejecting the specific patents at stake in the case and saying that the current test used to determine patentability (the so-called "machine-or-transformation" test) need not be the only test for patentability. However, it declined to say what tests should be used, leaving it up to the lower courts to start ruling blindly, making up new tests as they went along. And muddle along blindly they did -- right up to the height of pure absurdism in the CAFC (appeals court that handles patents) ruling in the Alice v. CLS Bank case, in which every single judge disagreed with each other. The ruling was 135 pages of confused mess where all justices only agreed on a single paragraph, which (like Bilski) said this particular patent was invalid, but no one could agree why.

Read more ►

SCO & NSA: The Great Digital Whack-A-Mole Game

Filed under
Legal

Since leaving SCO, McBride’s life has continued with the sort of gangsteresque intrigue that defined him in the days when he was Linux’s public-enemy-number-one. Last May he made news when The Salt Lake Tribune reported that he had turned over a four year old audio recording of a conversation he had with Mark Shurtleff, who had been Utah’s Attorney General when the recording was made.

The conversation turned around a bad debt McBride was trying to collect.

It seems that McBride invested $286,000 with businessman Mark Robbins, who had promised a $5 million return which McBride had hoped to use to cover legal expenses in the SCO vs. IBM case. Unfortunately for McBride, Robbins skipped town to avoid being served a bench warrant in an unrelated civil case and was nowhere to be found. In an attempt to collect the debt, McBride established a website, Skyline Cowboy, which the Tribune described as “a sort of virtual bounty-hunting operation aimed at flushing out Robbins.”

Read more ►

No Licence Needed for Kubuntu Derivative Distributions

Filed under
KDE
Legal

Later last year rumours of this nonsense started appearing in the tech press so instead of writing a grumpy blog post I e-mailed the community council and said they needed to nip it in the bud and state that no licence is needed to make a derivative distribution. Time passed, at some point Canonical changed their licence policy to be called an Intellectual property rights policy and be much more vague about any licences needed for binary packages. Now the community council have put out a Statement on Canonical Package Licensing which is also extremely vague and generally apologetic for Canonical doing this.

Read more ►

How Linux defenders attack bad software patents before they’re approved

Filed under
Linux
Legal

arstechnica.com: Despite the rise in the number of patent trolls launching lawsuits affecting open source software, there are some glimmers of hope. The America Invents Act that was signed into law in September 2011 has provided new ways to prevent the issuance of over-broad software patents that could fuel future lawsuits.

FSF, other groups join EFF to sue NSA over unconstitutional surveillance

Filed under
OSS
Security
Legal

fsf.org: The Free Software Foundation (FSF) today joined eighteen other activist and advocacy organizations in challenging the National Security Agency's (NSA) mass surveillance of telecommunications in the United States with a lawsuit filed by the Electronic Frontier Foundation (EFF).

SCO Finally Shows its Legal Strategy Going Forward

Filed under
Legal

groklaw.net: SCO was ordered by the judge, the Hon. David Nuffer, to tell him what claims it believes survived SCO's massive loss to Novell, in order to go forward in SCO v. IBM, and it has now done so.

Ladies and Gentlemen, SCO v. IBM Is Officially Reopened

Filed under
Legal

groklaw.net: The Hon. David Nuffer has ruled on the SCO v. IBM motions, granting SCO's motion for reconsideration and reopening the case, which IBM did not object to. Judge Nuffer apologizes to the parties for the error in his previous order refusing to reopen the case.

Mark Shuttleworth takes SA government to court

Filed under
Ubuntu
Legal

mybroadband.co.za: Billionaire entrepreneur Mark Shuttleworth has taken the South African government to court to have the country’s exchange control system declared unconstitutional.

Syndicate content

More in Tux Machines

SteamOS A Linux Distribution For Gaming


Picture

SteamOS is a Debian Linux kernel-based operating system in development by Valve Corporation designed to be the primary operating system for the Steam Machine game consoles. It was initially released on December 13, 2013, alongside the start of end-user beta testing of Steam Machines.
 

Read At LinuxAndUbuntu

KDE Applications 14.12.3 Officially Released

KDE Applications 14.12 has been released by its makers, and it’s a regular maintenance update. It comes with a ton of bug fixes and will be soon available in various repositories. Read more

Understanding The Linux Kernel's BPF In-Kernel Virtual Machine

BPF continues marching forward as a universal, in-kernel virtual machine for the Linux kernel. The Berkeley Packet Filter was originally designed for network packet filtering but has since been extended as eBPF to support other non-network subsystems via the bpf syscall. Here's some more details on this in-kernel virtual machine. Alexei Starovoitov presented at last month's Linux Foundation Collaboration Summit in Santa Rosa about BPF as an in-kernel virtual machine. The slides have been published for those wishing to learn more about its state and capabilities. Read more

Calligra 2.9.0 is Out

Packages for the release of KDE's document suite Calligra 2.9 are available for Kubuntu 14.10. You can get it from the Kubuntu Backports PPA. They are also in our development version Vivid. Read more