Language Selection

English French German Italian Portuguese Spanish

HACKERS and HOSPITALS: How you can help

Filed under
GNU

Free software activists, as well as many scientists and medical professionals, have long since realized that proprietary medical software and devices are neither ethical nor adequate to our needs. The COVID-19 pandemic has illuminated some of these shortcomings to a broader audience -- and also given our community a unique opportunity to offer real, material help at a difficult time. We're putting together a plan to pitch in, and we hope you'll join us: keep reading to find out what you can do!

You may already be aware that software and hardware restrictions are actively hampering the ability of hospitals to repair desperately needed ventilators all over the world, and how some Italian volunteers ran into problems when they 3D printed ventilator valves. (As you can see from the link, the stories vary about exactly what their interaction with the manufacturer was, but it's clear that the company refused to release proprietary design files, forcing the volunteers to reverse-engineer the parts.)

Read more

In LWN: HACKERS and HOSPITALS<

The FSF's April prank

  • Free Software Foundation targets Microsoft's smart assistant in new campaign

    Today, the Free Software Foundation (FSF) announced plans to follow up their recent campaign to "upcycle" Windows 7 with another initiative targeting proprietary software developer Microsoft, calling on them to Free Clippy, their wildly popular smart assistant. Clippy, an anthropomorphic paperclip whose invaluable input in the drafting of documents and business correspondence ushered in a new era of office productivity in the late 1990s, has not been seen publicly since 2001. Insider reports suggest that Clippy is still alive and being held under a proprietary software license against its will.

    The FSF is asking its supporters to rally together to show their support of the industrious office accessory. Commenting on the campaign, FSF campaigns manager Greg Farough stated: "We know that Microsoft has little regard for its users' freedom and privacy, but few in our community realize what little regard they have for their own digital assistants. Releasing Clippy to the community will ensure that it's well taken care of, and that its functions can be studied and improved on by the community."

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Chrome, Mozilla and Firefox Leftovers

  • Chrome 84 Beta: Web OTP, Web Animations, New Origin Trials and More

    Unless otherwise noted, changes described below apply to the newest Chrome beta channel release for Android, Chrome OS, Linux, macOS, and Windows. Learn more about the features listed here through the provided links or from the list on ChromeStatus.com. Chrome 84 is beta as of May 28, 2020.

  • Chrome 84 Beta Brings Better Web Animations API, Experimental WebAssembly SIMD

    Following the recent Chrome 83 release, Chrome 84 has now been promoted to beta. The Chrome 84 Beta is bringing Web OTP API (SMS Receiver API) support on Android, significant improvements to its Web Animations API implementation, WebAssembly SIMD support with a 128-bit value type is now available via the Origin trials (experimental functionality) along with a Cookie Store API, Idle Detection API, and other trial features.

  • Should you buy a Chromebook?

    With more and more people buying laptops to work or learn from home, a lot of folks are probably looking into the prospect of switching to a lighter, cheaper Chromebook instead of a traditional Windows or Mac laptop. Chromebooks come at a wide range of price points and with a variety of features, but the big question for most people is about Chrome OS itself. How hard is it to switch? What are Android apps like? Does Linux support really work, and how well? Do Chromebooks make good tablets? Can I use Firefox on one? We'll cover as much of that as we can in this post.

  • Firefox features for remote school (that can also be used for just about anything)

    Helping kids with school work can be challenging in the best of times (“new” math anyone?) let alone during a worldwide pandemic. These Firefox features can help make managing school work, and remote summer classes if those are on your horizon, a little easier.

  • The influence of hardware on Firefox build times

    I recently upgraded my aging “fast” build machine. Back when I assembled the machine, it could do a full clobber build of Firefox in about 10 minutes. That was slightly more than 10 years ago. This upgrade, and the build times I’m getting on the brand new machine (now 6 months old) and other machines led me to look at how some parameters influence build times. [...] The XPS13 being old, it is subject to thermal throttling, making it slower than it should be, but it wouldn’t beat the 10 years old desktop anyway. Macbook Pros tend to get into these thermal issues after a while too. I’ve relied on laptops for a long time. My previous laptop before this XPS was another XPS, that is now about 6 to 7 years old, and while the newer one had more RAM, it was barely getting better build times compared to the older one when I switched. The evolution of laptop performance has been underwelming for a long time, but things finally changed last year. At long last. I wish I had numbers with a more recent laptop under the same OS as the XPS for fairer comparison. Or with the more recent larger laptops that sport even more cores, especially the fancy ones with Ryzen processors.

  • Writing inside organizations

    My team keeps snippets, which kinda-sorta feels like a blog-like interface for sharing context. We keep our snippets in a google doc largely because it has a low barrier to entry and it's a fast solution. However, I find that keeping snippets in a doc really limits the value I personally get from keeping a weekly log. Ostensibly, the value to writing snippets is keeping my team up to date on my work. However, I find that the secondary personal benefits are the ones that keep me motivated to write updates.

  • Mozilla Localization (L10N): L10n Report: May 2020 Edition

    IMPORTANT: Firefox 78 is the next ESR (Extended Support Release) version. That’s a more stable version designed for enterprises, but also used in some Linux distributions, and it remains supported for about a year. Once Firefox 78 moves to release, that content will remain frozen until that version becomes unsupported (about 15 months), so it’s important to ship the best localization possible.

  • Mozilla’s journey to environmental sustainability

    The programme may be new, but the process has been shaping for years: In March 2020, Mozilla officially launched a dedicated Environmental Sustainability Programme, and I am proud and excited to be stewarding our efforts. Since we launched, the world has been held captive by the COVID-19 pandemic. People occasionally ask me, “Is this really the time to build up and invest in such a large-scale, ambitious programme?” My answer is clear: Absolutely.

  • Mozilla Privacy Blog: An opportunity for openness and user agency in the proposed Facebook-Giphy merger

    Facebook is squarely in the crosshairs of global competition regulators, but despite that scrutiny, is moving to acquire Giphy, a popular platform that lets users share images on social platforms, such as Facebook, or messaging applications, such as WhatsApp. This merger – how it is reviewed, whether it is approved, and if approved under what sort of conditions – will set a precedent that will influence not only future mergers, but also the shape of legislative reforms being actively developed all around the world. It is crucial that antitrust agencies incorporate into their processes a deep understanding of the nature of the open internet and how it promotes competition, how data flows between integrated services, and in particular the role played by interoperability. Currently Giphy is integrated with numerous independent social messaging services, including, for example, Slack, Signal, and Twitter. A combined Facebook-Giphy would be in a position to restrict access by those companies, whether to preserve their exclusivity or to get leverage for some other reason. This would bring clear harm to users who would suddenly lose the capabilities they currently enjoy, and make it harder for other companies to compete.

Security and FUD

  • Security updates for Thursday

    Security updates have been issued by Fedora (dovecot, dpdk, knot-resolver, and unbound), Mageia (ant, libexif, and php), SUSE (libmspack), and Ubuntu (php5, php7.0, php7.2, php7.3, php7.4 and unbound).

  • 5 Kernel Live Patching Tools That Will Help To Run Linux Servers Without Reboots

    Within IT organizations, there are processes and practices so routine that they are invisible. It doesn’t matter if such processes and practices are flawed, or if there exists a better way: if something has worked for a few years, people stop looking for alternatives. This perfectly describes current approaches to kernel patching. Right now, most organizations patch the servers by planning reboot cycles. Because rebooting the server fleet is a headache that causes downtime, people put it off for as long as they can. Which means patches aren’t applied as early as possible. This gap between patch issue and its application means risk, malpractice and may cause non-compliance. This standard approach to kernel patching exposes servers to malicious intent by threat actors on multiple attack vectors, putting IT organizations at risk of major security issues. Anyone tasked with keeping their organization safe from cyber attacks should be seeking a better way to run Linux servers without reboots (ideally, for years). In this article you will learn what is live patching, how it ensures the uptime, what 5 tools are available to help you run servers for years – without reboots and what are the advantages and drawbacks of each tool.

  • USB systems may have some serious security flaws - especially on Linux [Ed: ZDNet's FUD is going places; the tests were mostly done on Linux, so it's hardly shocking that the bugs found were in Linux. But it's presented as Linux being particularly bad.]

    Academics have developed a new tool that allowed them to discover 26 previously unidentified vulnerabilities in the USB driver stack used by many popular operating systems including Linux, macOS, Windows and FreeBSD.

  • New fuzzing tool picks up insecure USB driver code

    Matthias Payer at the federal polytechnic school in Lausanne, Switzerland, and Hui Peng at Purdue University, United States, said [pdf] that they leveraged open-source components such as QEMU processor emulator to design a tool that's low-cost and hardware independent, called USBFuzz.

  • New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows

    With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating systems. “USBFuzz discovered a total of 26 new bugs, including 16 memory bugs of high security impact in various Linux subsystems (USB core, USB sound, and network), one bug in FreeBSD, three in macOS (two resulting in an unplanned reboot and one freezing the system), and four in Windows 8 and Windows 10 (resulting in Blue Screens of Death), and one bug in the Linux USB host controller driver and another one in a USB camera driver,” Hui Peng and Mathias Payer explained.

  • NSA: Russian agents have been hacking major email program

    The U.S. National Security Agency says the same Russian military hacking group that interfered in the 2016 presidential election and unleashed a devastating malware attack the following year has been exploiting a major email server program since last August or earlier. The timing of the agency's advisory Thursday was unusual considering that the critical vulnerability in the Exim Mail Transfer Agent — which mostly runs on Unix-type operating systems — was identified 11 months ago, when a patch was issued. Exim is so widely used — though far less known than such commercial alternatives as Microsoft's proprietary Exchange — that some companies and government agencies that run it may still not have patched the vulnerability, said Jake Williams, president of Rendition Infosec and a former U.S. government hacker.

KDE: Akademy 2020 and GSoC 2020

  • Send your talks for Akademy 2020 *now*

    The Call for Participation is still open for two weeks more, but please make us a favour and send yours *now*. This way we don't have to panic thinking if we are going to need to go chasing people or not, or if we're going to have too few or too many proposals. Also if you ask the talks committee for review, we can review your talk early, give you feedback and improve it, so it's a win-win.

  • Status report: Community Bonding

    I’m checking in today to let you know what I did in my GSoC project these past weeks. This Community Bonding period was really wonderful; although I’ve been more or less involved with the project since 2016, I’ve acquainted myself with the efforts of each of the members, and so far it’s been a wonderful experience. During these past weeks, I’ve been preparing for the coding period by talking with Boudewijn and Wolthera about the particulars of Krita’s file format and build system. The objectives for the past two meetings were:

  • GSoC'20 with KDE

    About the Project The project involves improving KDE Web Infrastructure. KDE has a lot of websites and some of them like the main website could use an update. The first part of the project involves porting kde.org to use Hugo- A go based static site generator. kde.org is very old and thus contains a lot of pages. This project would involve porting most of the pages to markdown so as to make the website faster and easier to develop. The second part of the project involves updating Season of KDE website. The goal is to use more modern tooling and add some new features. This project is a part of the transition of KDE websites from LDAP to OAuth based authentication. OAuth is a much more modern approach to authentication and would solve some headaches with the current authentication system.

Screencasts/Audiocasts/Shows: Ubuntu MATE 20.04 LTS, BSD Now and More

  • Ubuntu MATE 20.04 LTS overview | For a retrospective future.

    In this video, I am going to show an overview of Ubuntu MATE 20.04 LTS and some of the applications pre-installed.

  • BSD Now 352: Introducing Randomness

    A brief introduction to randomness, logs grinding netatalk to a hault, NetBSD core team changes, Using qemu guest agent on OpenBSD kvm/qemu guests, WireGuard patchset for OpenBSD, FreeBSD 12.1 on a laptop, and more.

  • Bad Voltage 3×05: This Podcast Will Self Destruct

    Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which we are rendered with one meelion triangles.

  • Bread and Butter Django - Building SaaS #58

    In this episode, I worked on a views and templates. There are a number of core pages that are required to flesh out the minimal interface for the app. We’re building them. I began by showing the page that we were going to work on. I outlined the changes I planned to make, then we started. The first thing we added was data about the school year, the main model on display in the page. I showed how to mock in the elements before adding real data.