Raspberry Pi lookalike offers HDMI 2.0 and optional M.2

Geniatech’s “XPI-S905X” is a new Raspberry Pi pseudo clone with a quad -A53 Amlogic S905X plus 2GB RAM, up to 16GB eMMC, 4K-ready HDMI 2.0, LAN, 4x USB, touch-enabled LVDS, and optional M.2. Geniatech, which is known for Qualcomm based SBCs such as the Snapdragon 410 based, 96Boards-like Development Board IV and Snapdragon 820E based Development Board 8, has posted specs for a Raspberry Pi form factor board with a quad -A53, Amlogic S905X with 1/6GHz to 2GHz performance. No pricing is available for the XPI-S905X, which appears to be aimed at the OEM market.

​Linus Torvalds talks about coming back to work on Linux

"'I'm starting the usual merge window activity now," said Torvalds. But it's not going to be kernel development as usual. "We did talk about the fact that now Greg [Kroah-Hartman] has write rights to my kernel tree, and if will be easier to just share the load if we want to, and maybe we'll add another maintainer after further discussion." So, Kroah-Hartman, who runs the stable kernel, will have a say on Linus' cutting-edge kernel. Will someone else get write permission to Torvalds' kernel code tree to help lighten the load? Stay tuned. Also: Linux Foundation Technical Advisory Board election call for nominations

Mozilla: Firefox 65 Plans and Firefox 63 Analysis

• Firefox 65 Will Block Tracking Cookies By Default

  Mozilla today released Firefox 63, which includes an experimental option to block third-party tracking cookies, protecting against cross-site tracking. You can test this out today, but Mozilla wants to enable it for everyone by default in Firefox 65.

• The Path to Enhanced Tracking Protection

  As a leader of Firefox’s product management team, I am often asked how Mozilla decides on which privacy features we will build and launch in Firefox. In this post I’d like to tell you about some key aspects of our process, using our recent Enhanced Tracking Protection functionality as an example.

• Firefox 63 Lets Users Block Tracking Cookies

  As announced in August, Firefox is changing its approach to addressing tracking on the web. As part of that plan, we signaled our intent to prevent cross-site tracking for all Firefox users and made our initial prototype available for testing. Starting with Firefox 63, all desktop versions of Firefox include an experimental cookie policy that blocks cookies and other site data from third-party tracking resources. This new policy provides protection against cross-site tracking while minimizing site breakage associated with traditional cookie blocking.

• Firefox 63 – Tricks and Treats!

• Firefox 63 Released, Red Hat Collaborating with NVIDIA, Virtual Box 6.0 Beta Now Available, ODROID Launching a New Intel-Powered SBC and Richard Stallman Announces the GNU Kind Communication Guidelines

  Firefox 63.0 was released this morning. With this new version, "users can opt to block third-party tracking cookies or block all trackers and create exceptions for trusted sites that don't work correctly with content blocking enabled". In addition, WebExtensions now run in their own process on Linux, and Firefox also now warns if you have multiple windows and tabs open when you quit via the main menu. You can download it from here.

• Changes to how Mozilla Readability extracts article metadata in Firefox 63

  Mozilla Readability will now extract document metadata from Dublin Core and Open Graph Protocol meta tags instead of trying to guess article titles. Earlier this year, I documented how reader mode in web browsers extract metadata about articles. After learning about the messy state of metadata extraction for reader mode, I sought to improve the extraction logic used in Mozilla Readability. Mozilla Readability was one of the first reader mode parsers and it’s used in Firefox as well as other web browsers.

Security: Cross-Hyperthread Spectre V2 Mitigation Ready For Linux, Targeted vs General-Purpose Security and More

• Cross-Hyperthread Spectre V2 Mitigation Ready For Linux With STIBP

  On the Spectre front for the recently-started Linux 4.20~5.0 kernel is STIBP support for cross-hyperthread Spectre Variant Two mitigation. Going back to the end of the summer was the patch work for this cross-hyperthread Spectre V2 mitigation with STIBP while now it's being merged to mainline.

• Targeted vs General purpose security

  There seems to be a lot of questions going around lately about how to best give out simple security advice that is actionable. Goodness knows I’ve talked about this more than I can even remember at this point. The security industry is really bad at giving out actionable advice. It’s common someone will ask what’s good advice. They’ll get a few morsels, them someone will point out whatever corner case makes that advice bad and the conversation will spiral into nonsense where we find ourselves trying to defend someone mostly concerned about cat pictures from being kidnapped by a foreign nation. Eventually whoever asked for help quit listening a long time ago and decided to just keep their passwords written on a sticky note under the keyboard. I’m pretty sure the fundamental flaw in all this thinking is we never differentiate between a targeted attack and general purpose security. They are not the same thing. They’re incredibly different in fact. General purpose advice can be reasonable, simple, and good. If you are a target you’ve already lost, most advice won’t help you. General purpose security is just basic hygiene. These are the really easy concepts. Ideas like using a password manager, multi-factor-auth, install updates on your system. These are the activities anyone and everyone should be doing. One could argue these should be the default settings for any given computer or service (that’s a post for another day though). You don’t need to be a security genius to take these steps. You just have to restrain yourself from acting like a crazy person so whoever asked for help can actually get the advice they need.

• Oracle Moves to Gen 2 Cloud, Promising More Automation and Security [Ed: Ellison wants people to blindly trust proprietary blobs for security (a bad thing to do, never mind the CIA past of Oracle and severe flaws in its DBs)].

  A primary message from Ellison is that the Gen 2 Oracle cloud is more secure, with autonomous capabilities to help protect against attacks. Ellison also emphasized the segmentation and isolation of workloads on the Gen 2 Oracle cloud, providing improved security.

• Reproducible Builds: Weekly report #182

  Here’s what happened in the Reproducible Builds effort between Sunday October 14 and Saturday October 20 2018...