Monday 16 July 2018

Chromium OS for Raspberry Pi SBCs Is Making a Comeback Soon, Better Than Ever

Chromium OS for Raspberry Pi SBCs Is Making a Comeback Soon, Better Than Ever

Jul 13, 2018, 14:00 (0 Talkback[s]) (Other stories by Marius Nestor)

Now that Flint OS is "gone," and there's still no feasible way of getting pure Chromium OS running on your tiny single-board computer, Keith Callahan announced today that he is reviving the Chromium OS for SBCs project in an attempt to offer the community an easy way of installing the open-source Chromium OS operating system on Raspberry Pi SBCs. Callahan told Softpedia that he is currently working hard on the new Chromium OS for SBCs 1.0 (Codename Weinreich) release, which should hit the streets near the Christmas holidays, with initial support for Raspberry Pi 2, Raspberry Pi 3 Model B, and the new Raspberry Pi 3 Model B+ boards.

Complete Story



Read the full article here by Linux Today

Guido van Rossum retires as Python's BDFL 😱

[python-committers] Transfer of power

Guido van Rossum guido at python.org
Thu Jul 12 10:57:35 EDT 2018
Now that PEP 572 is done, I don't ever want to have to fight so hard for a
PEP and find that so many people despise my decisions.

I would like to remove myself entirely from the decision process. I'll
still be there for a while as an ordinary core dev, and I'll still be
available to mentor people -- possibly more available. But I'm basically
giving myself a permanent vacation from being BDFL, and you all will be on
your own.

After all that's eventually going to happen regardless -- there's still
that bus lurking around the corner, and I'm not getting younger... (I'll
spare you the list of medical issues.)

I am not going to appoint a successor.

So what are you all going to do? Create a democracy? Anarchy? A
dictatorship? A federation?

I'm not worried about the day to day decisions in the issue tracker or on
GitHub. Very rarely I get asked for an opinion, and usually it's not
actually important. So this can just be dealt with as it has always been.

The decisions that most matter are probably
- How are PEPs decided
- How are new core devs inducted

We may be able to write up processes for these things as PEPs (maybe those
PEPs will form a kind of constitution). But here's the catch. I'm going to
try and let you all (the current committers) figure it out for yourselves.

Note that there's still the CoC -- if you don't like that document your
only option might be to leave this group voluntarily. Perhaps there are
issues to decide like when should someone be kicked out (this could be
banning people from python-dev or python-ideas too, since those are also
covered by the CoC).

Finally. A reminder that the archives of this list are public (
https://mail.python.org/pipermail/python-committers/) although membership
is closed (limited to core devs).

I'll still be here, but I'm trying to let you all figure something out for
yourselves. I'm tired, and need a very long break.

-- 
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-committers/attachments/20180712/30a41d64/attachment-0001.html>


More information about the python-committers mailing list


Read the full article here by Changelog

Live Twitch • Gros défis sur The Crew 2

Retour sur The Crew 2 ce soir, à la demande générale. la suite d'un mouvement initié par l'équipe de modération de la chaîne, cette soirée sera placée sous le signe du challenge, un nouveau signe zodiacal de notre invention... [Tout lire]

Read the full article here by Le comptoir du hardware

Monday 2 July 2018

Install And Play Overwatch With Lutris On Ubuntu 18.04

Linuxconfig: Overwatch is one of the most popular PC games right now. It has a thriving esports scene and a community of millions playing it regularly worldwide.



Read the full article here by Linux Today

Friday 29 June 2018

MindForger - More Than A Notebook and Markdown IDE

MindForger - More Than A Notebook and Markdown IDE

Jun 29, 2018, 06:00 (0 Talkback[s]) (Other stories by FossMint)

MindForger is a modern, free, open-source, privacy-focused and performance-driven Markdown IDE for creating, editing, and managing all types of notes.

Complete Story



Read the full article here by Linux Today

Thursday 28 June 2018

Google Doubles Down on Linux and Open Source

Steven J. Vaughan-Nichols, writing for ZDNet: Google couldn't exist without Linux and open-source software. While you may not think of Google as a Linux company in the same way as you do Canonical, Red Hat, or SUSE, it wouldn't be the search and advertising giant it is today without Linux. So, it makes sense that Google is moving up from its Silver membership in The Linux Foundation, to the Platinum level. With this jump in status, Google gets a seat on the Foundation's board of directors. This position will be filled by Sarah Novotny, the head of open source strategy for Google Cloud Platform. Earlier this week, Chinese tech giant Tencent joined the Linux Foundation as a platinum member.
Share on Google+

Read more of this story at Slashdot.



Read the full article here by Slashdot

Wednesday 27 June 2018

Google Opens Its Human-Sounding Duplex AI To Public Testing

Google is moving ahead with Duplex, the stunningly human-sounding artificial intelligence software behind its new automated system that places phone calls on your behalf with a natural-sounding voice instead of a robotic one. From a report: The search giant said Wednesday it's beginning public testing of the software, which debuted in May and which is designed to make calls to businesses and book appointments. Duplex instantly raised questions over the ethics and privacy implications of using an AI assistant to hold lifelike conversations for you. Google says its plan is to start its public trial with a small group of "trusted testers" and businesses that have opted into receiving calls from Duplex. Over the "coming weeks," the software will only call businesses to confirm business and holiday hours, such as open and close times for the Fourth of July. People will be able to start booking reservations at restaurants and hair salons starting "later this summer."
Share on Google+

Read more of this story at Slashdot.



Read the full article here by Slashdot

Saturday 23 June 2018

Leclerc: “L’ottavo tempo è magico, non ci posso credere”

Grande prestazione da parte del monegasco al volante della Sauber, con il pilota della FDA in grado di centrare per la prima volta in carriera il Q3.

Read the full article here by FormulaPassion.it

Wednesday 20 June 2018

AMD trolle joliement Intel et son 8086K


Test • Intel Z370 / Core i7-8700K / i5-8400 / i3-8350K

Coffee Lake, l'anti Ryzen d'Intel ?   Durant les années 2000 et consécutivement à l'échec de Netburst, Intel a mis en place la stratégie du Tick Tock, co...


Read the full article here by Le comptoir du hardware

Microsoft ports Windows 10, Linux to homegrown CPU design

Icon

Microsoft has ported Windows 10 and Linux to E2, its homegrown processor architecture it has spent years working on mostly in secret.

As well as the two operating systems, the US giant's researchers say they have also ported Busybox and FreeRTOS, plus a collection of toolkits for developing and building applications for the processor: the standard C/C++ and .NET Core runtime libraries, the Windows kernel debugger, Visual C++ 2017's command line tools, and .NET's just-in-time compiler RyuJIT.

Microsoft has also ported the widely used LLVM C/C++ compiler and debugger, and related C/C++ runtime libraries. The team wanted to demonstrate that programmers do not need to rewrite their software for the experimental chipset, and that instead programs just need to be recompiled - then they are ready to roll on the new technology.

I had no idea Microsoft was working on its own instruction set - even if only for research purposes. The Register has some more information on what E2 is like.

The Register understands from people familiar with its development that prototype E2 processors exist in the form of FPGAs - chips with reprogrammable circuitry that are typically used during the development of chips. For example, a dual-core implementation on Xilinx FPGAs exists, clocked at 50MHz. The team has also developed a cycle-accurate simulator capable of booting Windows and Linux, and running applications.

Qualcomm researchers were evaluating two EDGE chip designs with Microsoft: a small R0 core, and an R1 core running up to 2GHz fabricated using a 10nm process. The project, we must stress, is very much a work in progress.

It seems to be a radical departure from the norm, and I'm very interested to see where this will lead.



Read the full article here by OSNews

Please Oliver

Tuesday 19 June 2018

Monday 18 June 2018

EXT4 fscrypt vs. eCryptfs vs. LUKS dm-crypt Benchmarks

Given the recent advancements of the EXT4 file-system with its native file-system encryption support provided by the fscrypt framework, here are benchmarks comparing the performance of an EXT4 file-system with no encryption, fscrypt-based encryption, eCryptfs-based encryption, and a LUKS dm-crypt encrypted volume.

For those wondering how these different file-system encryption options compare for performance, I ran some fresh benchmarks using a Linux 4.18 development kernel as of 14 June from the Linux Git tree. The options tested were EXT4, fscrypt, eCryptfs, and LUKS dm-crypt encryption with the EXT4 file-system and tested with the defaults unless otherwise noted. A Toshiba TR150 SATA 3.0 SSD was used as the drive under test for all of the benchmarking. Ubuntu 18.04 LTS was the basis for this benchmarking aside from the Linux kernel upgrade.

All of thes Linux file-system encryption benchmarks were carried out in a standardized and fully reproducible manner using the open-source Phoronix Test Suite benchmarking software.



Read the full article here by Phoronix

Tuesday 12 June 2018

Drone That Can Follow You Around Obstacles

Skydio R1 review..(Read...)



Read the full article here by Likecool

F2FS File-System Gets Discard Improvements, Nobarrier Fsync Mode For Linux 4.18

Flash-Friendly File-System (F2FS) maintainer Jaegeuk Kim has submitted the file-system updates intended for the Linux 4.18 kernel.

This flash storage optimized file-system has improvements around its discard/fstrim support, including the splitting of large discard commands for better responsiveness. There is also a new

fsync_mode=nobarrier

mount option available for reducing the number of cache flushes.

F2FS for Linux 4.18 also has improved sanity checks, various code clean-ups, and at least six known bug fixes.

The complete list of F2FS file-system changes for Linux 4.18 can be found via

the kernel mailing list

.



Read the full article here by Phoronix

Monday 11 June 2018

How to Android without Google

Icon

This guide shows how to install LineageOS without GApps with the help of signature spoofing and microG, so that you can have Push Notifications, Location Services and the like, without needing to have Google Play Services installed (without Google-anything for that matter).

It was made possible by the hard work of creators, maintainers and community around LineageOS, microG, XPosedFramework, F-Droid, Yalp Store and many others.

Exactly what it says on the tin.



Read the full article here by OSNews

Sunday 10 June 2018

Linux Solutions: Snappy, Flatpak, and AppImage

It wasn't all that long ago the idea of binary packages were seen as salvation from having to compile software packages for one's Linux system.

In 2018, we've jumped ahead even further, with distro independent package installation solutions. In this article, we're going to look into three rising stars in this area: Snappy, Flatpak and AppImage.

AppImage is a software disk image that just works

I'm a huge fan of AppImage as you simply make the individual application you wish to run executable, then double click it. AppImages are just that simple. According to their website, the idea is that you get the software directly from the author of said program. Using the AppImage format, installing an application can feel similar to how one might do it with Windows.

The advantage of running an AppImage is that there is no need for sudo, root or even the need to be bothered with system dependencies. You're basically mounting a disk image, similar to how one might mount disk images in OS X.

Perhaps the biggest advantage to running AppImages is that you're running an application that can be removed by simply deleting a single file. This single file/disk image approach is both great and a hardship depending on how you look at it. AppImages are great in that they're easily distributed and simple to run.

The downside of AppImages are that even when you get the software directly from the author's website, you still don't really know if the application has been tampered with. This problem of trusting software is best demonstrated with what happened to OS X users and the application known as Transmission. This application allowed ransomware to infect those individuals who ran the application on their Macs.

So as much as I like AppImages, I take issue with the bold print statement that AppImages are to be trusted absolutely. Fact is, they're just disk images and instead we need to trust the distributor of each individual AppImage. Thankfully if one chooses to run an AppImage within a sandbox, this prevents things from getting out of hand should the downloaded AppImage become exploited on the source website.

Flatpak provides isolated runtimes

Updates and applications installed by Flatpak are handled by individual runtimes. The idea is that this provides more streamlined package handling than running typical Linux package updates. Now here's where Flatpak shines - it's designed for desktop Linux distros. So the applications that are distributed with Flatpaks are going to be designed for desktop Linux users. This is a characteristic also found with AppImages, however Flatpaks differ in that they allow for individual application updates.

Flatpaks share similarities with Ubuntu PPAs in that they're using individual repositories for application installation and updates. I'll be first to admit that I honestly don't love this element of Flatpaks as it's time consuming to have to chase down individual repos. On the positive side, however, it does provide a better system for installation/updates as it's distro independent.

Another consideration is that installing the framework for Flatpaks requires the installation of needed components to make the Flatpak available software installable. The irony takes place with distros such as Ubuntu whereas you must add an Ubuntu PPA for the Flatpak framework. In short, install a PPA repository to install a framework to install Flatpak repositories. While it's not difficult to do this, it is a bit redundant.

The benefit of running Flatpak installed applications is that you can run the latest software on any distro you choose. Additionally, to curb the headache of seeking out individual Flatpak repos, Flathub's Application section makes finding software easy.

Flathub provides the ability locate software in one location, even though historically Flatpaks aren't located in a singular location. It's actually a great idea and it makes using Flatpaks a lot more appealing. Perhaps most importantly, Flathub's software categories are packed full of tons of software to choose from.

To repeat an item from above: Like AppImages, Flatpaks are designed for Linux desktops. This is an important consideration as we roll into the next section of this article.

Snap Packages are a compressed file system

Snap packages are a packaging concept created by Canonical and designed for Linux and IoT (internet of things). When you arrive at the Snapcraft website the first impression you find yourself with is that Snaps put the developer ahead of the end user. I don't mean that as a negative statement, however the Snaps web presence backs up my statement completely. The two buttons on the front page are "Build your first snap" and "Get started using Github."

Both button links mentioned above assume you're a developer. This differs substantially from the front page of the Flatpak. The Flatpak front page is dedicated to getting Flatpak software onto the PCs of end users. Snaps only offers end user solutions if you look to the very top navigation bar and click on store. Once you click the store link, you're presented with available Snaps to install onto target PCs and servers.

Snaps also share similarities with AppImage in that you're mounting a software image vs installing software. Another benefit with Snaps is being able to roll back to an earlier version of software. Additionally, updates are made easy since Snaps share a single repository.

The biggest downside some people find with Snaps is the fact it provides a centralized packaging format that Canonical controls. Granted, Snaps are available across multiple distros, but the control of available Snaps remains in a single location. It's also worth noting that notable open and closed source software is welcome in Snap's repository.

One last important point with Snaps is that they're not limited to the Linux desktop as I mentioned previously. They're also designed to provide packaging solutions for IoT (internet of things). This is the biggest difference between Snaps and both Flatpak and AppImage. Snaps are heavily focused on IoT with Linux being an added bonus.

Which packaging type is best for Linux?

After looking at the differences and advantages of each packaging type mentioned above, we're left wondering which one is best. In terms of simplicity, I'd argue that AppImage wins this one. But if you want to be able to update your software using one of these packaging formats, then Flatpak or Snaps make more sense.

One approach might be to try out each of them and see which packaging type has the user experience and the software titles you're looking for.

What say you? Do you have a preference? If so, what is your rationale as to your choice of software packaging. Hit the Comments, let's hear your perspective.



Read the full article here by Datamation.com

USB 3.2, USB Type-C & SoundWire Updates Head Into Linux 4.18

Greg Kroah-Hartman has begun submitting the v4.18 pull requests for the multiple subsystems he maintains within the Linux kernel.

First up are the

USB updates

for Linux 4.18. With the USB updates there is continued work on bettering the Linux kernel USB Type-C support, namely around the

Type-C Port Manager

(TCPM) that was merged to the mainline kernel last year. Greg KH noted that the Type-C code is almost ready to leave the staging area of the Linux kernel.

Also queued as part of the Linux 4.18 kernel are

some early bits for USB 3.2 support

though it doesn't look like any USB 3.2 controller support is ready for Linux 4.18, this is just the infrastructure prepping around this USB specification published last year.

Greg also sent out the

char/misc updates

. On that front there are more updates to

SoundWire

, the new simple audio stream subsystem that is a MIPI specification and added back into Linux 4.16. There is now support for SoundWire stream management, port management, master/slave port programming, stream configuration APIs, and other additions.

A new driver that is part of the char/misc pull request is the IBM Virtual Management Channel Driver (VMC). The IBM VMC driver is for POWER hardware and is used as a virtual adapter with the PowerVM platform for message passing.

Greg also sent out the

driver core

and

TTY/serial

patches, but nothing too exciting on that front for Linux 4.18. He hasn't yet sent out the staging subsystem updates.



Read the full article here by Phoronix

Intel's 28-core 5 GHz CPU: coming in Q4

Icon

Alongside the launch of Intel's first 5 GHz processor, the 6-core Core i7-8086K, Intel today also showcased a 28-core single socket machine also running at 5 GHz. The system on display scored 7334 in Cinebench R15, and Gregory Bryant (SVP and GM of Intel Client Computing Group) explicitly stated that it would be coming in Q4 this year.

No other details were provided, however for it to exist in a current platform, this new processor would likely be in LGA2066 (X299) or LGA3647 (the server socket). Intel technically already makes 28-core monolithic designs in the Intel Xeon Scalable Platform with the Xeon Platinum 8180, which is a $10k processor, which runs a lot slower than 5.0 GHz.

This sounds like an absolutely insane processor few of us will ever get to enjoy.



Read the full article here by OSNews

Monday 4 June 2018

La FIA porta i kart elettrici alle prossime Olimpiadi giovanili

La conferma è arrivata direttamente dal presidente dell’organo di governo sportivo, Jean Todt, in occasione dell’ultima FIA Sport Conference che si sta svolgendo in questi giorni a Manila. Il numero uno della Federazione ha dato l’ufficialità dell’approdo dei kart elettrici ai giochi che si terranno nel paese sudamericano nell’autunno 2018. L’e-kart rappresenta non solo una nuova opportunità in termini di sviluppo degli sport motoristici, ma dimostra anche che il mondo sta cambiando e che dobbiamo essere leader di questo cambiamento” – ha dichiarato il transalpino – “Il karting sarà presente anche in occasione delle Olimpiadi della Gioventù a Buenos Aires, in Argentina, il prossimo ottobre”.

Todt ha poi aggiunto che si tratta indubbiamente di un “significativo passo avanti per la FIA” nel suo processo di riconoscimento, iniziato nel 2012, da parte del Comitato Olimpico Internazionale. Il vice presidente della Federazione, Graham Stoker, che tramite l’opera del suo sottocomitato per l’innovazione si è prodigato per fare includere il kart ai prossimi giochi olimpici riservati ai giovani ha fatto notare che grazie a questa mossa, la FIA – “ha un’opportunità per cambiare completamente l’approccio al motorsport in tutto il mondo in qualità di Federazione Internazionale”.

A guidare per una prima dimostrazione il mezzo elettrico che scenderà in pista alle olimpiadi argentine sarà l’attuale presidente della Commissione Kart della FIA, Felipe Massa, che si cimenterà in un test a margine della conferenza in corso a Manila. Il veicolo è stato sviluppato dalla Bosch insieme costruttore tedesco specializzato in telai di kart Mach1, i quali hanno interagito con la Federazione nella messa a punto. Le caratteristiche tecniche riferiscono di un powertrain dotato di 20KW di potenza e che sviluppa 300Nm di coppia servendosi di una batteria da 48V.



Read the full article here by FormulaPassion.it

A cartoon intro to DNS over HTTPS

Lin Clark strikes again with her ridiculously well done code cartoons. This time, she's taking on the task of explaining why Mozilla is championing DNS over HTTPS.

(Curious about Lin, her teaching efforts, and her work at Mozilla? GOTO 294.)

A cartoon intro to DNS over HTTPS


Read the full article here by Changelog

Saturday 2 June 2018

Google Quits Selling Tablets

Google has quietly crept out of the tablet business, removing the "tablets" heading from its Android page. It was there yesterday, but it's gone today. TechCrunch reports: Google in particular has struggled to make Android a convincing alternative to iOS in the tablet realm, and with this move has clearly indicated its preference for the Chrome OS side of things, where it has inherited the questionable (but lucrative) legacy of netbooks. They've also been working on broadening Android compatibility with that OS. So it shouldn't come as much surprise that the company is bowing out. Sales have dropped considerably, since few people see any reason to upgrade a device that was originally sold for its simplicity and ease of use, not its specs. Google's exit doesn't mean Android tablets are done for, of course. They'll still get made, primarily by Samsung, Amazon and a couple of others, and there will probably even be some nice ones. But if Google isn't selling them, it probably isn't prioritizing them as far as features and support. Android Police was first to break the news.
Share on Google+

Read more of this story at Slashdot.



Read the full article here by Slashdot

Will Microsoft buy GitHub?

Friday 1 June 2018

Huawei Announces EROFS Linux File-System, Might Eventually Be Used By Android Devices

Huawei's Gao Xiang has announced the EROFS open-source Linux file-system intended for Android devices, but still at its very early stages of development.

EROFS is the company's new approach for a read-only file-system that would work well for Android devices. EROFS is short for the Extendable Read-Only File-System and they began developing it with being unsatisfied with other read-only file-system alternatives.

EROFS is designed to offer better performance than other read-only alternatives while still focusing upon saving storage space. As part of EROFS is also a compression mode pursuing a different design approach than other file-systems: the compression numbers shared in today's announcement on both server hardware and a Kirin 970 are compelling for being in the early stages of development.

EROFS is still very much a work-in-progress and the on-disk layout format has yet to be finalized. It will likely take several months at a minimum before Huawei potentially seeks the inclusion of the code into the mainline Linux kernel.


Don't look for EROFS appearing on Android devices in the immediate future, it's still in the very early stages of development.

The user-space bits for making a EROFS file-system will be published once they clear their internal review, but for now the initial five thousand lines of kernel code making up this read-only file-system driver can be found for review and discussion on the

kernel mailing list

.



Read the full article here by Phoronix

PUBG’s new update is making some big changes to grenades

Try not to get burned

The newest update for PlayerUnknown’s Battlegrounds is here and it’s bringing a few big improvements to items most people don’t use often, as well as some much needed performance upgrades.

The biggest change with this update — called patch 1.0 update 14 — are tweaks to several different types of grenades. Frag grenades are getting a little buff to their damage, as well as a radius around them that does damage based on how close a player is to the explosion. Meanwhile, stun grenades will now prevent players from seeing, hearing or being able to shoot accurately if they are hit by the grenade’s flash. Finally, Molotovs are getting a whole lot more dangerous with a bigger area of effect and fire that will spread across wood surfaces for a limited amount of time. According to developer PUBG Corp., these changes were made to help keep frag grenades strong, while making stun grenades and Molotovs a little more appealing to use.

But grenades aren’t all that’s changing in this update. PUBG Corp. has also done some work to the game’s back end to improve performance. A few of these changes are aimed at improving the game’s frame rate, but the most meaningful improves its network performance and, according to some players, may have almost doubled the server tick rate. What all this means in practice is that PUBG should feel a lot better to play after this patch with everything moving smoother and with significantly less lag.

For a full look at what’s changed in PUBG update 14, you can check out the official patch notes.



Read the full article here by Polygon

Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years

Valve developers have recently patched a severe security flaw that affected all versions of the Steam gaming client released in the past ten years. From a report: According to Tom Court, a security researcher with Context Information Security, the one who discovered the flaw, the vulnerability would have allowed an attacker to execute malicious code on any of Steam's 15 million gaming clients. In the jargon of security researchers, this is a remote code execution (RCE) flaw because exploitation was possible via network requests, without needing access to the victim's computer. Court says an attacker was only required to send malformed UDP packets to a target's Steam client, which would have triggered the bug and allowed him to run malicious code on the target's PC.
Share on Google+

Read more of this story at Slashdot.



Read the full article here by Slashdot

Thursday 31 May 2018

Un network di account sospetti ha spinto la campagna sui social contro Mattarella 

Un network di “account sospetti” su twitter, strutturato e con movenze organizzate, ha prodotto una forte spinta artificiale a tre hashtag di propaganda (a volte con contenuti anche di propaganda pesante e di minacce) contro il presidente della Repubblica Sergio Mattarella, nei due giorni più caldi della crisi per la formazione del nuovo governo, di domenica e lunedì scorso. Sono i giorni in cui il Movimento cinque stelle gridava all’impeachment contro Mattarella, anche se gli account di questo network non presentano evidenze riconducibili a un partito ufficiale. Gli account non mostrano neanche segni di interferenza straniera, appaiono piuttosto frutto di farm italiane. La sostanza, comunque inquietante, è che dei network si muovono per attaccare online la presidenza della Repubblica, contribuendo a invelenire e esasperare una situazione politica già molto difficile. 

 

È quanto emerge da un report di due informatici, Andrea Stroppa e Danny di Stefano, che hanno utilizzato un algoritmo per individuare la propaganda digitale (da loro già impiegato - quasi identico - durante il World Economic Forum di Davos 2018) per analizzare tre hashtag: #mattarelladimettiti, #impeachment e #impeachmentmattarella. L’analisi ha individuato 360 account. È stata condotta dal 27 maggio (alle ore 21.50) al giorno successivo (alle 14.30). «Non parliamo di bot o troll - scrivono gli autori - ma di “account sospetti”: questo perché in uno scenario così altamente complesso, indicare un account come bot o troll è difficilmente dimostrabile, in particolar modo in un ecosistema di propaganda digitale molto discusso». La ragione principale è semplice: «Se indichiamo l’account @marioRossi232323 come bot, perché le sue caratteristiche del profilo e i suoi contenuti o azioni dimostrano automazioni, chi gestisce il presunto bot, un essere umano, potrebbe prenderne il controllo all’istante e iniziare a usarlo in prima persona, provando quindi a dimostrare l’infondatezza di una ricerca». Account generati da un software possono poi tranquillamente “animarsi”, ossia essere operati da umani. 

 

Sono stati quindi usati quattro criteri in questa analisi, confermata alla Stampa anche da una terza parte: composizione del nickname e caratteristiche del profilo, proporzione (ratio) tra following e followers, argomenti trattati, analisi di network. Per esempio, un account normale di solito tende ad avere più follower rispetto ai following, o almeno non in modo sproporzionato. Il report dunque considera solo gli account che, per ogni follower, hanno invece seguìto almeno 5 persone. Le conclusioni a cui arrivano i due informatici sono queste: è stata in corso contro la presidenza della Repubblica «una azione coordinata di digital propaganda, ben studiata in modo da potersi agevolmente nascondersi in mezzo agli account legittimi. Non ci sono evidenze che questi account appartengano ufficialmente a partiti politici come Lega Nord e M5S». Né che la campagna provenga dall’estero. «È però allo stesso modo evidente che in Italia esiste una rete in grado di manipolare eventi politici e sociali, con capacità di poter amplificare fenomeni e farli diventare virali». 

 

L’analisi non si sofferma volutamente su «account importanti» (il numeor di follower di per sé non dice granché, sono molto più interessanti il network, e eventualmente i livelli e il tipo di engagement), ma su quella che è - diciamo così - la loro «base sottostante» di piccoli account sospetti. Da questo punto di vista, le disinfo ops o le ops di black propaganda stanno lievemente mutando forma, nell’ultima stagione, almeno in Italia, cercando di polverizzarsi e mimetizzarsi il più possibile con account naturali dei social. Eviteremo quindi di citare gli account del report Stroppa-Di Stefano, ma solo alcuni dei loro contenuti, che vanno dalla satira pesante («Mattarella ha un würstel al posto del cuore #impeachment») all’insulto («traditore della patria» è il più tenue) o alla violenza verbale («Così #Mattarella butta nel cesso il voto di 15 milioni di italiani. Perché secondo lui la sovranità in Italia appartiene alla #UE e alla #Merkel e non al popolo italiano»), alla minaccia («Don’t Fear The Reaper» - «non temere la Grande Mietitrice», cioè la morte, e sotto, una foto di Mattarella in camice ospedaliero e la scritta «do not intubate do not reanimate»). Inutile procedere oltre, era solo per dare una vaga idea. Augurano o minacciano di morte Mattarella. 

 

Il punto centrale - bisogna ripeterlo - è che secondo i due informatici si tratta di un preciso network: il sample analizzato è relativamente piccolo, ma potrebbe essere più largo (i criteri per l’inclusione sono stati molto selettivi, spiegano gli autori). Molti account del network sono sotto «limitazione temporanea» da parte di twitter, o subiscono restrizioni: segno che sono stati oggetti di ripetute segnalazioni, o sono sotto l’attenzone della cybersecurity dell’azienda. Altri presentano, anche a prima vista, una congiunzione di interessi politici che è poi alla base di alleanze reali attuali, tra sovranismo, ultranazionalismo, tematiche sociali (nazionali e sociali), temi anti-establishment. Una politica parallela è insomma pronta a essere scatenata e rialzata, se davvero si andasse al voto bisognerà tener d’occhio le reti, dove contenuti sovranisti, fortemente nazionalista e anticasta si sono sposati ormai da tre anni, e invocano con modi brutali la rivoluzione legastellata. 



Read the full article here by LASTAMPA.it

Wednesday 30 May 2018

Intel Core i7-8086K Listed, First 5.00 GHz Processor


Intel is commemorating 40 years of its 8086 processor, the spiritual ancestor of the x86 machine architecture that rules modern computing, with a special edition socket LGA1151 processor, dubbed Core i7-8086K. The chip appears to feature a nominal clock speed of 4.00 GHz, with a maximum Turbo Boost frequency of 5.00 GHz, making it the first mainstream desktop processor to hit the 5.00 GHz mark, out of the box.

The Core i7-8086K is more likely to be based on a special bin of the 14 nm, 6-core/12-thread "Coffee Lake" silicon, rather than being something next-gen or 8-core. The retail SKU bears the part number "BX80684I78086K." The chip will be compatible with Intel 300-series chipset motherboards. Pre-launch listings put its price around $486, which is along expected lines, as it's 70-100 EUR pricier than the i7-8700K. Intel could unveil the Core i7-8086K at the 2018 Computex (specifically on the 8th of June), alongside the first motherboards based on its Z390 Express chipset.

Sources: VideoCardz, Connection, Merlion


Read the full article here by techPowerUp!

Monday 28 May 2018

Microsoft Developing a Tool To Help Engineers Catch Bias in Algorithms

Microsoft is developing a tool that can detect bias in artificial intelligence algorithms with the goal of helping businesses use AI without running the risk of discriminating against certain people. From a report: Rich Caruana, a senior researcher on the bias-detection tool at Microsoft, described it as a "dashboard" that engineers can apply to trained AI models. "Things like transparency, intelligibility, and explanation are new enough to the field that few of us have sufficient experience to know everything we should look for and all the ways that bias might lurk in our models," he told MIT Technology Review. Bias in algorithms is an issue increasingly coming to the fore. At the Re-Work Deep Learning Summit in Boston this week, Gabriele Fariello, a Harvard instructor in machine learning and chief information officer at the University of Rhode Island, said that there are "significant ... problems" in the AI field's treatment of ethics and bias today. "There are real decisions being made in health care, in the judicial system, and elsewhere that affect your life directly," he said.
Share on Google+

Read more of this story at Slashdot.



Read the full article here by Slashdot

Mystery donor pledges $1 million to The GNOME Foundation

Despite being the default desktop environment for the two most important Linux distributions in the world -- Fedora and Ubuntu -- GNOME is not a money-making project. Actually, it is run by a non-profit called The GNOME Foundation that relies heavily on donations from both organizations and individuals. That's what makes GNOME so extraordinary -- the high quality desktop environment and apps are largely a labor of love. Today, The GNOME Foundation makes a shocking revelation -- a mystery donor has pledged $1 million dollars! We don't know who is promising the money -- it could be a rich man… [Continue Reading]


Read the full article here by Betanews

Friday 25 May 2018

Feral's GameMode May Soon Have Soft Real-Time Capabilities

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.



Read the full article here by Phoronix

Tuesday 22 May 2018

Rune - Haiku images on ARM

Icon

Up until recently, Haiku builds for ARM have targetted individual ARM boards. The compile process for ARM images required two things: an architecture, and a target board (such as the Raspberry Pi 2). This board setting adjusted a large number of defines throughout Haiku at compile time to set the operating system up for the target ARM device. The board selection also handled placing all the propriety bits (a lot of which have sketchy licensing) into the Haiku image during compile. Haiku would then have to distribute these files. (sketchy licensing and all)

Over the past few years, François Revol, Ithamar R. Adema, and others have worked to add Flat Device Tree (FDT) support to Haiku. FDT’s enable operating systems to obtain core knowledge of the devices they run on by simply swapping one or more compiled binary files. These files describe critical things the operating system needs to know about the hardware they run on. Really important things such as what devices exist at what memory locations. (Think video frame buffers, serial ports, etc)

In a series of cryptic commits in July 2017, I removed these board-centric build steps with grand plans of making testing (and running) Haiku on ARM devices easier.

No, this does not mean Haiku now runs on ARM, as it has been able to do that for a while now. The goal of these changes and improvements is to speed up development of Haiku's ARM build, and to simplify the distribution of ARM builds into a single, generic ARMv7 image.



Read the full article here by OSNews

SafeKeeper: protecting web passwords using trusted execution environments

SafeKeeper: protecting web passwords using trusted execution environments Krawiecka et al., WWW’18

(If you don’t have ACM Digital Library access, the paper can be accessed either by following the link above directly from The Morning Paper blog site, or from the WWW 2018 proceedings page).

Today’s paper is all about password management for password protected web sites / applications. Even if we assume that passwords are salted and hashed in accordance with best practice (NIST’s June 2017 digital identity guidelines now mandate the use of keyed one-way functions such as CMAC), an adversary that can obtain a copy of the back-end database containing the per-user salts and the hash values can still mount brute force guessing attacks against individual passwords.

SafeKeeper goes a lot further in its protection of passwords. What really stands out is the threat model. SafeKeeper keeps end user passwords safe even when we assume that an adversary has unrestricted access to the password database. Not only that, the adversary is able to modify the content sent to the user from the web site (including active content such as client-side scripts). And not only that! The adversary is also able to read all content sent to the backend servers, including any content encrypted by a TLS session key. The adversary can also execute any software they like on the backend server(s), and can launch state-of-the-art phishing attacks. Such as adversary for example, could be one that has taken over a backend server, or an operator of the service, or an operator of a service that a client has been hoodwinked into connecting to in lieu of the real thing.

Given an adversary like that, how is it possible to design a system that protects users’ passwords !? The adversary should not be able to obtain a user password though any means other than guessing. Offline guessing should be computationally infeasible irrespective of password strength, and online guessing must be throttled (rate limited) regardless of the adversary’s computational capabilities. The end user must also be able to tell whether they are communicating safely with a trustworthy backend service.

The answer is a clever use of trusted execution environments (Intel SGX in this case).

High-level design of SafeKeeper

On the server side, SafeKeeper’s password protection service computes cipher-based message authentication codes (CMAC) on salted passwords before storing them in the database. To perform a guessing attack against such passwords, an adversary also requires the CMAC key. SafeKeeper randomly generates this and protects it within an SGX enclave.

To prevent repeated guessing attacks using the online service, SafeKeeper enforces rate limiting within the trusted execution environment.

To prevent eavesdropping on passwords before they arrive at the password protection service, SafeKeeper establishing a secure end-to-end channel directly between the client and the enclave.

To ensure the client can trust the backend service it is interacting with, remote attestation is used to validate that the client is communicating with a genuine SafeKeeper Trusted Application.

To ensure that the user knows it is safe to their credentials, the SafeKeeper browser add-on displays trust information for the backend service, and highlights to the user the input fields that will be protected.

Server-side protection

The server-side is implementation as an SGX enclave.

  • The init function is called whenever the enclave is started. If this is the first time the enclave has been started, Intel’s hardware random number generator is used to generate a new strong CMAC key.
  • The shutdown function seals the enclave state (CMAC key, the map of salts, and password attempt counters) so that it can be securely stored outside of the enclave. This sealed data can be restored in the enclave on subsequent calls to init.
  • The process function takes as input a password (encrypted on the client-side) and corresponding salt value, it calculates the CMAC and returns the result. This result can be stored by the database when the password is first set, and then tested against in future login attempts.

Rate-limiting is done on a per-salt basis (no user ids are passed to the enclave). Assuming a salt-per-user, this is equivalent to rate-limiting by user. SafeKeeper uses a quantized maximum rate limit for each salt, which allows a fixed number of attempts within a pre-defined time interval but doesn’t mandate a delay between the attempts. Once the number of attempts has been exceeded, the user must wait until the next time interval before they can try again.

Remote attestation

Via a process known as remote attestation, a client can verify it is communicating with an endpoint that is running a genuine copy of the SafeKeeper Trusted Application inside a genuine SGX enclave.

Remote attestation is the process through which one party, the verifier, can ascertain the precise hardware and software configuration of a remote party, the prover. The objective is to provide the verifier with sufficient information to make a trust decision about the prover. SGX supports remote attestation by providing verifiers with a signed quote from the enclave, which includes the enclave’s precise identity (MRENCLAVE value) and the enclave’s public key. The verifier can then validate this quote using the Intel Attestation Service (IAS), and can then establish an end-to-end encrypted channel directly to the enclave.

The configuration information in the quote is checked by the client against a whitelist of known SafeKeeper Trusted Applications (TAs). The same TA can be used as-is by many websites, so this list should be short. Since the key agreement step to establish a session key is cryptographically bound to the TA’s remote attestation, the adversary cannot perform a man-in-the-middle attack. The client encrypts the user-supplied password using the session key, and on the server it is this encrypted password that is passed as input to the process function of the enclave, which can decrypt using the shared key.

Client-side assurances

The client-side mechanism is implemented as a browser addon (e.g., a Chrome extension). The server specifies which input fields should be encrypted and sent to the SafeKeeper TA. The addon parses this information and encrypts any text entered into these fields.

A rogue server might specify the wrong field names though, leaving the actual password field unprotected. To prevent this, SafeKeeper visually highlights the fields to be encrypted, greying out the rest of the page.

To avoid an adversary spoofing the highlighting performed by SafeKeeper, the user is required to click on the extension icon to activate the highlighting.

This click cannot be detected or prevented by the adversary (as it is outside of the browser DOM). After the user has clicked, the SafeKeeper icon is again changed to indicate that it is in the highlighting mode… The user is thus assured that a password entered into such an input field will always be protected by SafeKeeper, regardless of the identity of the website or the behaviour of the server.

The addon is stateless and user-agnostic, which means it could also be directly integrated into web browsers.

What about…?

A malicious server operator can include javascript in the page that attempts to read the password as it is typed by the user. SafeKeeper provides a mode which will disable scripts for an individual website and then reload the page with all scripts but SafeKeeper’s blocked. It’s not perfect (there are race conditions), and on many modern sites disabling javascript interferes with the usability of the web page, so SafeKeeper allows client-side scripts by default. An alternative discussed in the extended technical report is to change the UI so that the password is directly entered into a SafeKeeper popup controlled by the extension. For this to work, users must be trained to only enter password data into SafeKeeper popups.

I also wondered about the enclave becoming a single point of failure, and how SafeKeeper would provide high availability. The answers can be found in sections 7.1 and 7.2 of the extended technical report. SafeKeeper supports backup and recovery across a set of key-holding enclaves, with unanimous approval of all current key holding enclaves required to add a new one. If a machine fails, an operator must provide a proof that the failed machine has been revoked in order to change the set of key holding enclaves. If desired, the backup and recovery protocol can be extended to support multiple concurrent primaries. In this case, the overall permissible password checking rate is divided amongst the primaries.

The SafeKeeper site including links to all technical papers and the source code can be found at https://ssg.aalto.fi/research/projects/passwords/.



Read the full article here by the morning paper

Spectre and Meltdown variant 4: Microsoft, Google and Intel reveal new Speculative Store Bypass chip vulnerability

Just when you thought you could forget about the Spectre and Meltdown chip vulnerabilities, yet another variant has been discovered. Known as Speculative Store Bypass, the vulnerability affects chips from AMD and Intel, as well as Power 8, Power 9 and System z processors. The vulnerability has been assigned CVE-2018-3639, and successful exploitation would mean that an attacker could gain access to data. The attack can be carried out through a "language-based runtime environment" such as JavaScript. Some patches exist while others are in development, and they include the same performance hit associated with patches for the previous vulnerabilities. See… [Continue Reading]


Read the full article here by Betanews