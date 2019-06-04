Security Leftovers
The Australian National University in Canberra has suffered a massive data breach with personal details of staff, students and visitors over the past 19 years exposed.
Quest said in a securities filing that it had been informed of the breach by American Medical Collection Agency, an Elmsford, New York-based collections firm. For eight months, an unauthorized user had access to personal information including credit card numbers and bank accounts, medical information, and personal information such as Social Security numbers.
The account was shut down after its operator posted a profanity and racist-tinged final warning to Baltimore City Mayor Bernard "Jack" Young that he had until June 7 to pay for keys to decrypt files on city computers. "In 7 Jun 2019 that's your dead line," the post stated. "We'll remove all of things we've had about your city and you can tell other [expletives] to help you for getting back... That's final dead line." The same messages have been posted to the Web "panel" associated with the Baltimore ransomware, according to Joe Stewart, independent security consultant working on behalf of the cloud security firm Armor, and Eric Sifford, security researcher with Armor’s Threat Resistance Unit (TRU).
Open Hardware Boost for Libre RISC-V
The application for funding from NLnet and the Next Generation Internet initiative from the European Commission, from back in November of last year, has been approved. It means that we have EUR $50,000 to pay for full-time engineering work to be carried out over the next year, and to pay for bounty-style tasks. For the right people, with the right skills, there is money now available.
More plans from our community are in the pipeline. We can apply for additional grants (also up to EUR $50,000). In the next couple of days, we will put in an application for “Formal Mathematical Proofs” of the processor design.
There are several reasons for doing so. The primary one is down to the fact that we anticipate this (commercial, libre) product to be closely and independently examined by third parties, to verify for themselves that it does not contain spying backdoor co-processors, as well as the usual security and correctness guarantees. If there exist formal mathematical proofs that the processor and its sub-components operate correctly, that independent third-party verification task is a lot easier.
In addition, it turns out that when writing unit tests, using formal mathematical proofs makes for complete code coverage - far better than any other “comprehensive” multiple unit test technique could ever hope to achieve - with less code and not just better accuracy but 100% provable accuracy. Additional, much simpler unit tests can then be written which are more along the lines of “HOWTOs” - examples on how to use the unit.
In case you haven't followed the previous articles on Libre RISC-V, this is the latest open-source GPU hardware effort that is taking the approach of using a RISC-V chip running a Rust-written Vulkan software renderer (similar to what LLVMpipe is to OpenGL on CPUs) for providing libre 3D graphics. They hope to have something ready in 2020 but their goal is just 1280 x 720 25 fps, 100 Mpixels/sec, 30 Mtriangles/sec, 5-6 GFLOPs and they think they can accomplish that with just about a 2.5 Watt power draw. But less than 30 FPS for 720p content really isn't much especially in 2020, but they are trumpeting it for its open-source/libre hardware potential.
Events: Mini-DebConf Marseille 2019, Flock Talks and UK Open Source Awards
We’ve had the idea to organize a mini-DebConf in Marseille when we were in Toulouse in 2017. After participating in many DebConfs (mini or not), getting into organizing such an event seemed a good way to give back and contribute to the Debian project.
Fast-forward to end of 2018. We’ve gathered a few motivated people and settled for a 50/70 participants event on May 25th/26th. We’ve chosen an appropriate venue in down-town Marseille. I won’t dwelve into organization details (call for speakers, sessions recording, scheduling…) since we plan to share our experience in a rather detailed “Howto organize a mini-DebConf” in the coming days/weeks.
It’s hard for me to believe, but it’s been more than five years since we launched the “Fedora.next” initiative. At the end of Fedora’s first decade, we knew it would be important to think, plan, and adjust so the project could continue successfully in the decades to come. Now we’re halfway into the next one, and this Flock conference will be an important time for reflecting on our progress and charting our path for the next five years and beyond.
Because Flock is focused specifically at our contributors and developers, this is a unique conference and we’re looking for talks and sessions that reflect that.
We want to see your talk proposals on any topic relevant to Fedora contributors working to shape Fedora. What are you working on and how will you help shape the next five years of Fedora’s future?
The UK Open Source Awards is an event in Edinburgh next Wednesday (June 12 2019) to celebrate and recognise freedom and collaborative software. If you’ve not got your ticket book on now. Keynote speaker is Frank Karlitschek the former KDE e.V. board member, then there’s quality selection of other speakers and panelists before the award ceremony to close the day.
I’m the head judge and together with Allison Randal and Dawn Foster we have picked a short list of 4 names for each of the awards.
This is a new series of reviews highlighting best-of-breed utilities. We’re covering a wide range of utilities including tools that boost your productivity, help you manage your workflow, and lots more besides. For this article, we’ll put Abricotine under the spotlight.
Abricotine is an open source, cross-platform Markdown editor built for the desktop with inline preview functionality. Let’s recap about Markdown.
Markdown is a plain text formatting syntax created by John Gruber in 2004. It’s designed to be easy-to-read and easy-to-write.
Readability is at the very heart of Markdown. It offers the advantages of plain text, provides a convenient format for writing for the web, but it’s not intended to be a replacement for HTML. Markdown is a writing format, not a publishing format. You control the display of the document; formatting words as bold or italic, adding images, and creating lists are just a few of the things we can do with Markdown. Mostly, Markdown is just regular text with a few non-alphabetic characters included, such as # or *.
Markdown has a much more basic syntax than HTML, leaving aside things like opening and closing tags, and instead uses punctuation and characters that all users will already use in daily writing. The punctuation characters have been carefully chosen to resemble what they mean. The intention is to ensure that the syntax does not stop the flow of writing, allowing the author to focus on content, rather than how it looks. In this way, Markdown shares a common bond with LaTeX, a document preparation system for high quality typesetting, which also encourages authors not to focus too much on the appearance, but to concentrate on the right content.
We worked hard on fixing bugs in the weeks before we shipped curl 7.65.0. We really did. Yet, several annoying glitches managed to creep in, remain unnoticed and cause problems to users when they first eagerly tried out the new release. Those were glitches that none in the development team had experienced or discovered but only took a few hours for users to detect and report.
The initial bad sign was that it didn’t even take a full hour from the release announcement until the first bug on 7.65.0 was reported. And it didn’t stop with that issue. We obviously had a whole handful of small bugs that caused friction to users who just wanted to get the latest curl to play with. The bugs were significant and notable enough that I quickly decided we should patch them up and release an update that has them fixed: 7.65.1. So here it is!
This patch release even got delayed. Just the day before the release we started seeing weird crashes in one of the CI builds on macOS and they still remained on the morning of the release. That made me take the unusual call to postpone the release until we better understood what was going on. That’s the reason why this comes 14 days after 7.65.0 instead of a mere 7 days.
Let’s look into the list of some of the useful and best Windows emulators for Linux based operating systems.
The Document Foundation has released the first beta of LibreOffice 6.3, with new features including a redaction tool and a Fourier Analysis spreadsheet function.
LibreOffice was forked from OpenOffice in 2010, which is when The Document Foundation was formed, including a team of OpenOffice contributors. OpenOffice has also continued and is now Apache OpenOffice. The default format of both suites is OpenDocument, an ISO standard.
Version 6.3 is planned for full release in mid August. There are new features of which the most notable is the built-in redaction tool. Existing proprietary tools do not support open document formats, the release notes explained.
The new tool works by converting the target document to a LibreOffice drawing. You then blank out parts of the document by placing shapes over the offending words. Finally, the redaction tool offers a "Redacted Export" option, which creates a PDF in which the document becomes a bitmap with no selectable text.
iTunes—a program for managing your media library, listening to songs, and buying new content—played a key part in the digital revolution of the 2000s after it first launched in 2001. Its impact started with music. iTunes was partly credited with slowing the severe bleeding to piracy the recording industry faced amid the popularity of the MP3 boom on peer-to-peer file-sharing applications like Napster. And the program was also the home base for the iPod, one of the first of many products CEO Steve Jobs oversaw when steering the company back to success after he returned to his leadership position in 1998.
Google Chrome team has released Chrome 75 (75.0.3770.80) on June 4, 2019.
Chrome 75 stable channel was released for Windows, Mac, Linux and Android.
This release contains a number of fixes (42 Security Fixes) and few minor improvements.
There’s an experimental reader mode available via the chrome://flags page.
Google has released today version 75 of its Chrome browser, available for Android, Chrome OS, Linux, Mac, and Windows.
