Language Selection

English French German Italian Portuguese Spanish

Mozilla Censored Through Microsoft GitHub

Filed under
Microsoft
Moz/FF
  • webcompat.com Anonymous Reporting - Some context

    The first week of January, we had to disable anonymous reporting. GitHub in a two steps strike blocked webcompat-bot (which allows us to handle anonymous reporting) and finally the full web-bugs repo (which handles all the issues for webcompat.com). The reason for blocking was illegal content.

    Previous situation

    Anonymous reporting was open to everyone and we would moderate after the fact if the issue was really a liability for both GitHub or us. For the last 5 years, I guess the webcompat.com site was not known enough to not be a target of bots and the issues not regular enough. The situation has evolved.

    The fall: We missed one issue which needed to be moderated and deleted. It was in a public view for quite a long time. We need to review our process about that.

    [...]

    While anonymity or soft-anonymity is an important feature in our society, it also creates challenges in some contexts. Some of these issues are not only tied to anonymous reporting, but anonymous reporting makes it more difficult to have a direct discussion about them.

  • Open Letter to Indian IT Minister by Mozilla, GitHub, and Cloudflare: Release draft intermediary liability rules, assuage concerns voiced during public consultation

    Given the Indian government’s impending commitment to the Supreme Court to notify the intermediary liability amendments by January 15 2020, global internet organizations Mozilla, GitHub, and Cloudflare have penned an open letter to the Union Minister of Electronics & Information Technology, Shri. Ravi Shankar Prasad. The letter highlights significant concerns with the rules and calls for improved transparency by allowing the public an opportunity to see a final version of these amendments prior to their enactment.

More in Tux Machines

Audio/Video: LHS, Going Linux, and DistroTube

  • LHS Episode #388: The Weekender LXIV

    It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

  • Going Linux · Shownotes

    We are pleased to say we are in an excellent place with music streaming on Linux. For the most part all of the services we reviewed worked really well.

  • "Hey, DT. Why LibreOffice Instead Of OpenOffice?" Plus Other Questions.

Security Leftovers

  • Oh, the Irony! Chrome is Blocking Security Tool Nmap Downloads Considering it a Security Threat

    Nmap is a popular open-source tool created by Gordon Lyon used by security experts and network admins to analyze the network, find exploits, and keep it secure. However, it seems that for a day at least, Google Chrome blocked all Nmap downloads using its Safe Browsing service by labelling it as a threat. Even though this has been fixed quickly. For many visitors trying to download the tool, this must have been confusing. A software that’s more than a decade old is now suddenly considered as a threat?

  • Logging as a service isn't SIEM -- so what is it?

    Log management software is often confused or conflated with security information event management (SIEM) software. Both monitor and analyze system and application data, so vendors often blur the lines between the two categories, with many SIEM products including a log management module. Conversely, some log management vendors also have SIEM offerings that work with or supplement their logging products. The primary distinction between log management and SIEM is focus. SIEM tools prioritize data and metrics relevant to security, not the totality of an environment's system, user and application log output. Log management software and services provide a scalable, holistic platform to collect, manage, archive and analyze all of an IT environment's log output -- on premises and in the cloud.

  • Laptops given to British schools came preloaded with malware and talked to Russia when booted [iophk: Windows TCO]

    These devices have shipped over the past three to four weeks, though it is unclear how many of them are infected. One source at a school told The Register that the machines in question seemed to have been manufactured in late 2019 and appeared to have had their DfE-specified software installed last year.

  • Democrats seek answers on impact of Russian cyberattack on Justice Department, Courts [iophk: Windows TCO]

    The senators’ concerns come weeks after both the Justice Department and the U.S. Courts reported that they had been among the federal agencies compromised by the Russian attack on SolarWinds, which was uncovered in December but had been ongoing for more than a year.

    In a statement earlier this month, a DOJ spokesperson said around 3 percent of the agency’s employee email accounts had been “potentially accessed” as part of the breach, but that there was “no indication that any classified systems were accessed.” DOJ has more than 100,000 employees.

    The federal judiciary confirmed it was breached the same week as DOJ, noting in a statement that the AO’s Case Management/Electronic Files system had suffered an “apparent compromise,” with new procedures immediately put in place to file sensitive court documents.

  • Biden inherited one of the worst [cracks] in history. How will his administration respond?

    But that's the easy part. The SolarWinds [attack] — named for the Texas software company that Russia [cracked] in order to gain access to tens of thousands of its customers, many of them American businesses and federal agencies — ran undetected for at least nine months, siphoning off private information before it was discovered in December.

    At least five federal agencies have admitted they were affected. Several others have so far refused to comment. Few private companies have admitted to being victims, but experts say the working assumption is the number is in the hundreds.

    That's left cybersecurity experts with the labor-intensive task of combing through sensitive networks.

Android Leftovers

Schedule appointments with an open source alternative to Doodle

In previous years, this annual series covered individual apps. This year, we are looking at all-in-one solutions in addition to strategies to help in 2021. Welcome to day 13 of 21 Days of Productivity in 2021. Setting appointments with other people is difficult. Most of the time, we guess at a date and time and then start the "is this time bad for you? No, that time is bad for me, how about..." dance. It is easier with co-workers since you can see each others' calendars. You just have to find that magic spot that is good for almost everyone who needs to be on the call. However, for freelancers managing personal calendars, the dance is a routine part of setting up calls and meetings. Read more