Feed aggregator

[$] Kernel support for HDCP

LWN Headlines -

High-bandwidth Digital Content Protection (or HDCP) is an Intel-designed copy-protection mechanism for video and audio streams. It is a digital rights management (DRM) system of the type disliked by many in the Linux community. But does that antipathy mean that Linux should not support HDCP? That question is being answered — probably in favor of support — in a conversation underway on the kernel mailing lists.

Apple Has Ruined Its Podcasts App

Slashdot -

Mike Pesca, host of Slate's daily podcast The Gist, writes about the recent interface changes to Apple's Podcasts app (condensed): Up until two months ago, the Apple Podcasts app was the only podcasting app I used. It gave me a nice, workable list of the shows I liked; let me know when those shows were updated; played the shows easily and without glitches; and offered the option of listening in double speed. I knew where everything was, and I thought of its shortcomings not as features the app was lacking but more like things one simply could not do with a podcast. If the Apple Podcast app wasn't great for sharing podcasts via email or text -- and it was not -- I told myself, "That just must be something that's hard for a podcast app to execute." I figured the best a podcasting app could do was to facilitate sharing the feed of a show, rather than the specific episode I was listening to. I never dared dream I could send a specific time within that episode. What sorcery is that? But sometime in the past few months, the Apple app began to fail me. Of my four basic requirements, three suffered. The list of the shows I listened to was now incomplete. There was no longer a number denoting how many episodes of each show I had on the app. The list of unplayed episodes had melded into the list of played episodes. I was offered the opportunity to browse my "Library," but access to any "card catalog" or "Dewey Decimal System" proved elusive. Apple kept pushing me toward my "recently updated" shows, but these weren't the offerings most useful to me every time I checked back in.

Read more of this story at Slashdot.

Tesla Could Be Hogging Batteries and Causing a Global Shortage, Says Report

Slashdot -

According to a report from the Korea news outlet ETNews, Tesla's solution to fixing a manufacturing bottleneck responsible for a $619 million loss last quarter could be causing a global battery shortage. Panasonic reportedly gave most of its cache of batteries in Japan to Tesla so that the automaker and Gigafactory 1 energy-storage company could keep up with its ambitious production schedule. Gizmodo reports: In early October, Tesla struggled with a "production bottleneck," but by the end of the month, Panasonic stated it would increase battery output at the Gigafactory, now that it understood the issues that led to the bottleneck and could automate some of the processes that had been done by hand. But this likely did not help Tesla fix any immediate shortage issues. ETNews claims that Panasonic is coping with the shortage by shipping batteries in from Japan. And many Japanese companies in need of cylinder batteries have turned to other suppliers like LG, Murata, and Samsung -- but those companies have not been able to meet the demands. Reportedly, companies that had contracts before 2017 aren't affected by the shortage, but several other manufacturers have not been able to place orders for batteries, and won't be able to order more batteries until the middle of next year.

Read more of this story at Slashdot.

Is blockchain a security topic? (Opensource.com)

LWN Headlines -

At Opensource.com, Mike Bursell looks at blockchain security from the angle of trust. Unlike cryptocurrencies, which are pseudonymous typically, other kinds of blockchains will require mapping users to real-life identities; that raises the trust issue. "What's really interesting is that, if you're thinking about moving to a permissioned blockchain or distributed ledger with permissioned actors, then you're going to have to spend some time thinking about trust. You're unlikely to be using a proof-of-work system for making blocks—there's little point in a permissioned system—so who decides what comprises a "valid" block that the rest of the system should agree on? Well, you can rotate around some (or all) of the entities, or you can have a random choice, or you can elect a small number of über-trusted entities. Combinations of these schemes may also work. If these entities all exist within one trust domain, which you control, then fine, but what if they're distributors, or customers, or partners, or other banks, or manufacturers, or semi-autonomous drones, or vehicles in a commercial fleet? You really need to ensure that the trust relationships that you're encoding into your implementation/deployment truly reflect the legal and IRL [in real life] trust relationships that you have with the entities that are being represented in your system. And the problem is that, once you've deployed that system, it's likely to be very difficult to backtrack, adjust, or reset the trust relationships that you've designed."

Volkswagen Executive Sentenced To Maximum Prison Term For His Role In Dieselgate

Slashdot -

An anonymous reader quotes a report from Ars Technica: On Wednesday, a U.S. District judge in Detroit sentenced Oliver Schmidt, a former Volkswagen executive, to seven years in prison for his role in the Volkswagen diesel emissions scandal of 2015. Schmidt was also ordered to pay a criminal penalty of $400,000, according to a U.S. Department of Justice (DOJ) press release. The prison term and the fine together represent the maximum sentence that Schmidt could have received under the plea deal he signed in August. Schmidt, a German citizen who lived in Detroit as an emissions compliance executive for VW, was arrested in Miami on vacation last January. In August, he pleaded guilty to conspiracy and to making a false statement under the Clean Air Act. Schmidt's plea deal stated that the former executive could face up to seven years in prison and between $40,000 and $400,000 in fines. Last week, Schmidt's attorneys made a last-minute bid requesting a lighter sentence for Schmidt: 40 months of supervised release and a $100,000 fine. Schmidt also wrote a letter to the judge, which surfaced over the weekend, in which the executive said he felt "misused" by his own company and claimed that higher-ranked VW executives coached him on a script to help him lie to a California Air Resources Board (CARB) official. Instead, Schmidt was sentenced to the maximum penalties outlined in the plea deal. Only one other VW employee has been sentenced in connection with the emissions scandal: former engineer James Liang, who received 40 months in prison and two years of supervised release as the result of his plea deal. Although six other VW Group executives have been indicted, none is in U.S. custody.

Read more of this story at Slashdot.

Colan Schwartz: Aegir: Your open-source hosting platform for Drupal sites

Drupal Planet -

Topics: 

If you need an open-source solution for hosting and managing Drupal sites, there's only one option: the Aegir Hosting System. While it's possible to find a company that will host Drupal sites for you, Aegir helps you maintain control whether you want to use your own infrastructure or manage your own software-as-a-service (SaaS) product. Plus, you get all the benefits of open source.

Aegir turns ten (10) today. The first commit occurred on December 7th, 2007. We've actually produced a timeline including all major historical events. While Aegir had a slow uptake (the usability wasn't great in the early days), it's now being used by all kinds of organizations, including NASA.

I got involved in the project a couple of years ago, when I needed a hosting solution for a project I was working on. I started by improving the documentation, working on contributed modules, and then eventually the core system. I've been using it ever since for all of my SaaS projects, and have been taking the lead on Drupal 8 e-commerce integration. I became a core maintainer of the project about a year and a half ago.

So what's new with the project? We've got several initiatives on the go. While Aegir 3 is stable and usable now (Download it!), we've started moving away from Drush, which traditionally handles the heavy lifting (see Provision: Drupal 8.4 support for details), and into a couple of different directions. We've got an Aegir 4 branch based on Symfony, which is also included in Drupal core. This is intended to be a medium-term solution until Aegir 5 (codenamed AegirNG), a complete rewrite for hosting any application, is ready. Neither of these initiatives are stable yet, but development is on-going. Feel free to peruse the AegirNG architecture document, which is publicly available.

Please watch this space for future articles on the subject. I plan on writing about the following Aegir-related topics:

  • Managing your development workflow across Aegir environments
  • Automatic HTTPS-enabled sites with Aegir
  • Remote site management with Aegir Services
  • Preventing clients from changing Aegir site configurations

Happy Birthday Aegir! It's been a great ten years.

This article, Aegir: Your open-source hosting platform for Drupal sites, appeared first on the Colan Schwartz Consulting Services blog.

Aegir Dispatch: Aegir: Your open-source hosting platform for Drupal sites

Drupal Planet -

If you need an open-source solution for hosting and managing Drupal sites, there’s only one option: the Aegir Hosting System. While it’s possible to find a company that will host Drupal sites for you, Aegir helps you maintain control whether you want to use your own infrastructure or manage your own software-as-a-service (SaaS) product. Plus, you get all the benefits of open source. Aegir turns ten (10) today. The first commit occurred on December 7th, 2007.

Cryptocurrency Miners Are Using Old Tires to Power Their Rigs

Slashdot -

Christopher Malmo, writing for Motherboard: An entrepreneurial cryptocurrency mining company has just announced an unusual deal: it has partnered with a tire-based waste-to-energy company in the United States to power its mining computers. Standard American Mining and PRTI, a tire "thermal demanufacturing" company based in North Carolina, are powering graphics cards-based mining equipment to earn a range of alternative cryptocurrencies like Ethereum. Basically, they take used tires and heat them to a precise temperature, resulting in components like steel (from belted tires), carbon black, and a burnable fuel. That fuel is the energy source driving turbines to make electricity, which powers an onsite cryptocurrency mining farm. Taking advantage of an underutilized electricity source to run computers isn't groundbreaking, but the unusual set-up shows that cryptocurrency mining is now profitable enough to justify finding quite unconventional sources of cheap or new energy generation.

Read more of this story at Slashdot.

No One Makes a Living on Crowdfunding Website Patreon

Slashdot -

Brent Knepper, writing for The Outline (condensed): Patreon is basically a payments processor designed like a social network. Every creator sets up a profile where they fill out a prompt about what they're making: "Oliver Babish is creating cooking videos," or "Hannah Alexander is creating Art and Costume Designs inspired by pop culture and Art Nouveau." Patreon encourages creators to provide a description of themselves and their work and strongly suggests uploading a video. [...] Today, successful Patreon creators include Chapo Trap House, a lefty podcast with 19,837 patrons at the time of writing paying $88,074 a month; the new commentator and YouTuber Philip DeFranco (13,823 patrons paying an amount that is undisclosed, but is enough to put him in the top 20 creators on the site); and the gaming YouTuber Nerd (4,494 patrons, $8,003 per month). But despite the revolutionary rhetoric, the success stories, and the goodwill that Patreon has generated, the numbers tell a different story. Patreon now has 79,420 creators, according to Tom Boruta, a developer who tracks Patreon statistics under the name Graphtreon. Patreon lets creators hide the amount of money they are actually making, although the number of patrons is still public. Boruta's numbers are based on the roughly 80 percent of creators who publicly share what they earn. Of those creators, only 1,393 -- 2 percent -- make the equivalent of federal minimum wage of $7.25 an hour, or $1,160 a month, in October 2017. Worse, if we change it to $15 per hour, a minimum wage slowly being adopted by states, that's only .8 percent of all creators. In this small network designed to save struggling creatives, the money has still concentrated at the top.

Read more of this story at Slashdot.

Inside Oracle's Cloak-and-dagger Political War With Google

Slashdot -

schwit1 shares a Recode report: The story that appeared in Quartz this November seemed shocking enough on its own: Google had quietly tracked the location of its Android users, even those who had turned off such monitoring on their smartphones. But missing from the news site's report was another eyebrow-raising detail: Some of its evidence, while accurate, appears to have been furnished by one of Google's fiercest foes: Oracle. For the past year, the software and cloud computing giant has mounted a cloak-and-dagger, take-no-prisoners lobbying campaign against Google, perhaps hoping to cause the company intense political and financial pain at a time when the two tech giants are also warring in federal court over allegations of stolen computer code. Since 2010, Oracle has accused Google of copying Java and using key portions of it in the making of Android. Google, for its part, has fought those claims vigorously. More recently, though, their standoff has intensified. And as a sign of the worsening rift between them, this summer Oracle tried to sell reporters on a story about the privacy pitfalls of Android, two sources confirmed to Recode.

Read more of this story at Slashdot.

Google's Mobile Search Results Now Include Videos Of Celebrities Answering Your Questions

Slashdot -

Google is testing a new feature that will allow celebrities and other notable figures to answer users' search queries directly in the form of "selfie" videos posted in the Google Search results. From a report: The company says this program is initially being piloted on mobile with a handful of people for now, including Priyanka Chopra, Will Ferrell, Tracee Ellis Ross, Gina Rodriguez, Kenan Thompson, Allison Williams, Nick Jonas, Mark Wahlberg, James Franco, Seth MacFarlane, Jonathan Yeo and Dominique Ansel. Of course, the celebs aren't answering users' queries in real-time. Instead, Google has had them pre-record their videos in response to what it already knows are some of fans' most-asked questions typed into the Google search box.

Read more of this story at Slashdot.

Aegir Dispatch: Ægir Turns 10!

Drupal Planet -

My tenure with the Ægir Project only dates back about 7 or 8 years. I can’t speak first-hand about its inception and those early days. So, I’ll leave that to some of the previous core team members, many of whom are publishing blog posts of their own. I’ll try to maintain an up-to-date list of links to blog posts about Ægir’s 10-year anniversary here: Aegir is ten! from Steven Jones at ComputerMinds.

Amazon Opens Registration For<nobr> <wbr></nobr>.BOT Domain Name

Slashdot -

Amazon began accepting registration requests for .BOT domain name from the public this week as the e-commerce giant comes to realize the potential of the top level domain name it secured rights for two years ago. For now, Amazon is keeping the registration for .BOT domains limited. "Creators with published bots who use Amazon Lex, Microsoft Bot Framework and Dialogflow can validate a bot and register a .BOT domain name," the company said, noting that the limited registration phase would end on March 30, 2018. At the time of registration, Amazon requires users to sign into their Amazon account and validate their published bot.

Read more of this story at Slashdot.

Kaspersky To Close Washington Office But Expand Non-State Sales

Slashdot -

An anonymous reader shares a report: A Russian software-maker, whose products are banned for use in federal information systems by the U.S. government, is seeking to remain in the North American market and prove its products have no hidden capabilities. Kaspersky Lab Inc. will close its Washington D.C. office that was selling to the government and will keep working with non-federal customers in the U.S. via its remaining offices in the country, vice-president Anton Shingarev said in an interview in Moscow. The company also committed in October to open its product's source code to an independent third-party review and plans to open new offices in Chicago, Los Angeles and Toronto next year. "This allows independent experts to verify that our software has no hidden functionality, that it doesn't send your files to third parties, doesn't spy on you and fully complies with the end-user agreement," Shingarev said. The U.S. banned government use of Kaspersky software in September, citing founder Eugene Kaspersky's alleged ties to Russian intelligence and the possibility its products could function as "malicious actors" to compromise federal information systems. The move caused concern about the company's products in other markets, including the U.K.

Read more of this story at Slashdot.

San Francisco To Restrict Goods Delivery Robots

Slashdot -

San Francisco officials have voted to restrict where delivery robots can go in the city, in a blow for the burgeoning industry. From a report: Start-ups will have to get permits to use such bots, which will be restricted to less crowded urban areas. Opponents are concerned about the safety of pedestrians, particularly elderly people and children. Walk San Francisco, a group that campaigns for pedestrian safety, wanted a complete ban. A range of companies have begun trialling small robots that can deliver food and other goods. They use sensors and lasers in a similar way to self-driving cars in order to navigate their routes. Robotics company Marble - which describes its machines as "friendly, neighbourhood robots" - began testing in San Francisco earlier this year.

Read more of this story at Slashdot.

Bitcoin Nears $17,000 After Climbing About $4,000 in Less Than a Day

Slashdot -

As economists attempt to make sense of Bitcoin, the cryptocurrency rocketed above $17,000 for the first time moments ago, adding about $4,000 to its price in fewer than 24 hours. Security reporter Brian Krebs tweeted on Thursday, "Closing in on $17k per bitcoin now (mind you, it was almost at $16k less than an hour ago. This is totally fine." Late Wednesday, finance author Ben Carlson wrote: Bitcoin has achieved something I've always wanted to see in the stock mkt - a reverse 1987 (20% gain in a single day)

Read more of this story at Slashdot.

Uber Paid 20-year-old Florida Man To Keep Data Breach Secret

Slashdot -

A 20-year-old Florida man was responsible for the large data breach at Uber last year and he was paid by the company to destroy the data through a so-called "bug bounty" program, three people familiar with the events have told Reuters. From the report: Uber announced on Nov. 21 that the personal data of 57 million users, including 600,000 drivers in the United States, were stolen in a breach that occurred in October 2016, and that it paid the hacker $100,000 to destroy the information. But the company did not reveal any information about the hacker or how it paid him the money. Uber made the payment last year through a program designed to reward security researchers who report flaws in a company's software, these people said. Uber's bug bounty service -- as such a program is known in the industry -- is hosted by a company called HackerOne, which offers its platform to a number of tech companies.

Read more of this story at Slashdot.

Keylogger Found On Nearly 5,500 WordPress Sites

Slashdot -

An anonymous reader writes: Nearly 5,500 WordPress sites are infected with a malicious script that logs keystrokes and sometimes loads an in-browser cryptocurrency miner. The malicious script is being loaded from the "cloudflare.solutions" domain, which is not affiliated with Cloudflare in any way, and logs anything that users type inside form fields as soon as the user switches away from an input field. The script is included on both the sites' frontends and backends, meaning it can steal both admin account credentials and credit card data from WP sites running e-commerce stores. According to site source code search engine PublicWWW, there are 5,496 sites running this keylogger. The attacker has been active since April.

Read more of this story at Slashdot.

The Firestorm This Time: Why Los Angeles Is Burning

Slashdot -

The Thomas Fire spread through the hills above Ventura, in the northern greater Los Angeles megalopolis, with the speed of a hurricane. Driven by 50 mph Santa Ana winds -- bone-dry katabatic air moving at freeway speeds out of the Mojave desert -- the fire transformed overnight from a 5,000-acre burn in a charming chaparral-lined canyon to an inferno the size of Orlando, Florida, that only stopped spreading because it reached the Pacific. Several readers have shared a Wired report: Tens of thousands of people evacuated their homes in Ventura; 150 buildings burned and thousands more along the hillside and into downtown are threatened. That isn't the only part of Southern California on fire. The hills above Valencia, where Interstate 5 drops down out of the hills into the city, are burning. Same for a hillside of the San Gabriel Mountains, overlooking the San Fernando Valley. And the same, too, near the Mount Wilson Observatory, and on a hillside overlooking Interstate 405 -- the flames in view of the Getty Center and destroying homes in the rich-people neighborhoods of Bel-Air and Holmby Hills. And it's all horribly normal. [...] Before humans, wildfires happened maybe once or twice a century, long enough for fire-adapted plant species like chapparal to build up a bank of seeds that could come back after a burn. Now, with fires more frequent, native plants can't keep up. Exotic weeds take root. Fires don't burn like this in Northern California. That's one of the things that makes the island on the land an island. Most wildfires in the Sierra Nevadas and northern boreal forests are slower, smaller, and more easily put out, relative to the south. Trees buffer the wind and burn less easily than undergrowth. Keeley says northern mountains and forests are "flammability-limited ecosystems," where fires only get big if the climate allows it -- higher temperatures and dryer conditions providing more fuel. Climate change makes fires there more frequent and more severe.

Read more of this story at Slashdot.

Pages

Subscribe to Heydon Consulting aggregator