Proposed Penalty For UK Hackers Who "Damage National Security": Life
Except that this has nothing to do with "attacks". The word "damage" is also applied to the "trust" and "credibility" of governmental institutions.
This kind of legislation would apply even if nobody died in the carrying out of the activity.
Industry-Based ToDo Alliance Wants To Guide FOSS Development
So the major players want to bring some order to the bazaar. So be it - they can try. There are small projects that will probably decide to cooperate, and will because they are a one- or two- person effort - but the projects that truly behave like a bazaar will remain as coordinated or uncoordinated as they still are.
I don't see this effort being capable of shoving an agenda down anybody's throats - if you don't care for the agenda, don't. Submit your code to the project as and when you see fit, and work on the bits you want to. If tomorrow they want to address what they see as glaring issues in GNU's netcat, they'll be able to throw resources at it collectively - but I doubt they'll be able to tap GNU's shoulder and say "hey, give us some of 'your' devs to fix this."
In the end, if the effort results in a pooled selection of developers, incentivized directly and collectively (read: employed) by the companies, to work on aspects of open source projects they have communal stake in, to common goals and specification, that is probably going to be a good thing.
If they fork any of the technologies that is fine too - that's exactly what GNU GPLv3 was meant to allow them to do. They just can't expect to fork the maintainers and community too.
If however there is a scenario in which volunteers can be coerced into their way or the highway, that scenario must be understood and countermeasures prepared by those who would stand to lose from it. Don't take it too seriously, but don't take it in any way lightly either.
Gmail Now Rejects Emails With Misleading Combinations of Unicode Characters
The "highly restricted" spec is meant to catch suspicious combos like in the mybank example - but does not catch full-ascii (which is an even more restrictive level) trickery like tvvitter.com (notice the two "v" chars). that combo in particular is now known, but goes to demonstrate that trickery does not need charsets larger than 7-bit... some people simply get caught by hsbc.net...
Ask Slashdot: Where Do You Get (or Share) News About Open Source Projects?
From a user's perspective, three sources: the Linux Action Show podcast highlghts fun/useful items once a week.
Then there's tuxmachines.org which talks about.... well pretty much anything, you'll have to sift through the deluge...
Then just following what's generally popular, and using alternativeto.net to find open source counterparts...
French Blogger Fined For Negative Restaurant Review
In the original article an ArretSurImages.fr, the blogger details in her interview that she decided not to hire a lawyer, instead simply complied immediately and did not defend her position. She was not required by the court to remove her post, but she did so of her own accord.
A commenting lawyer interviewed for the article indicated that the case shows more the necessity of getting legal advice, rather than any evolution of rights on the Internet.
Yes it's sad that she was attacked for her criticisms, but it's sadder that she did not take responsibility, or stand her ground.
Qualcomm Takes Down 100+ GitHub Repositories With DMCA Notice
This is sounding like a LOIC - but that issues DMCA requests instead of network requests :-p
Google and Microsoft Plan Kill Switches On Smartphones
Hm. I would say "there goes my preference for not associating my phone with an online account" but that would actually be incorrect. Though I would indeed prefer not to have to have an account to install apps.
I guess I still treat my phone like a computer in many respects and I'm trying my darndest to keep it away from any form of remote kill at all for the sake of a "no remote please" blanket stance...
Still, I'm pretty sure I prefer to be slightly on the neurotic side.
Google and Microsoft Plan Kill Switches On Smartphones
Whilst all this may be valid and true, how are we going to prevent the "wrong people" from using this kill switch? Will it be hardware based, in which case, how will we be sure it won't be triggered/used remotely if we install a different OS on the device? Or if some script kiddie found a way of activating it by exploiting an insecure app?
(new hollywood armaggedon scenario: terrorists threaten to detonante a phone bomb that would activate kill switches around the world, bringing down entire civilizations)
Yes, a technological solution might exist for the problem; question is, is this one the right one? Are we going to stop looking for alternatives?
No, they meant Ctrl-X , Y
The Internet's Broken. Who's Going To Invent a New One?
The main thing that is wrong with the Internet is that it's still an academic plaything.
It was invented for use in a lab, and extended for use by trustable peers across the country. Then someone opened the floodgates.
What we need is a base infrastructure that is paranoid by design, not trusting by nature.
Oh and one that is capable of handling bazillions of entities on it.
New French Law Prohibits After-Hours Work Emails
Reading the original article on Les Echos.fr, it seems to me this is not law but an agreement between a coalition of enterprise owners and the unions - they've signed an agreement to implement this.
La semaine dernière, après six mois de négociation, le patronat des sociétés d’ingénierie et de conseil et des bureaux d’études (Syntec et Cinov) a signé avec la CFDT et la CGC (56% de leurs salariés à elles deux) un avenant à l’accord de 1999 sur les 35 heures qui pourrait avoir valeur d’exemple.
"Last week, after six months of negotiation, [ a union of ] bosses of engineering, consulting and design departments (Syntec and Cinov) signed with CFDT and CGC [workers' unions] (56% of their joint workforce) an ammendment to the 1999 agreement on the right to 35 hour working week which could set an example [to the rest of the country?]."
A third union that didn't sign, the CGT, is actually deploring the fact that it still has a loophole allowing it to be ignored, and a previous agreement between the two camps to try and improve working conditions was struck down by a court of law:
Cela suffira-t-il à convaincre les juges? L’avenant est un nouvel épisode du feuilleton juridique, que les signataires espèrent être le dernier dans leur profession. En avril 2013, la Cour de cassation avait invalidé le précédent dispositif, jugeant le contrôle de l’amplitude et de la charge de travail insuffisant.
Will it be enough to convince the judges? The amendment is a new episode in this jurisdiction saga, which the signatories hope to be the last in their profession. In April 2013, a high court rejected their last attempt, judging that the control of the amplitude and amount of work insufficient.
French journalistic style is not as easy to decipher as English-language journalism -- the French style is very fond of appearing as literary as possible. I'll post extra translations at some point if anybody wants.
Judge (Tech) Advice By Results
Anybody who has tried to put a bog-standard user on Free Software Only laptops (Yeelong or X60 exclusively) with only Free Software and no proprietary.... knows that the user runs screaming back to the motherly proprietary vendors with reinforced assurance that the FSF are nuts. And we all lose.
Judge (Tech) Advice By Results
I'd phrase it like this:
If the advice you gave was too difficult to follow, you didn't take your audience into account. / If the advice they need requires extra knowedge/effort, be there to help them implement.
On the whole however I think the idea is spot on. Could do with some <h1> and <h2> lines to help the TL;DR crowd.
Should Microsoft Give Kids Programmable Versions of Office?
TDF should be pushing their scriptable LibreOffice, and point out the benefits of not having to purchase it either now or in the future, the freedom of open formats, and also the benefits from a "smart kids" point of view to giving them an open-sourced office suite they can tinker with.
If companies see value in using Microsoft's full suite and stack, more power to them both. In the mean time, from an educational, budget and general open formats point of view, LibreOffice is the way to go.
Heck, if it's about kids' programming skills, and if the kids think they can improve the scriptability of the application itself, they could even submit their own patches and features to LO. Not so with MSO.
Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?
I know you've said you're trying to avoid screwing it up, but if you want, the CentOS wiki is pretty good for explaining what and why, and since it's a kernel firewall, it applies to Ubuntu too. In fact, I suspect all other "firewall tools" are basic GUI frontends to iptables. If you are indeed concerned about firewalling (though not quite as concerned as crypto-specialists), you probably at least want to have a go at it manually with some easy to understand notes
When in doubt, try it on a virtual machine of course.
I put together a general, documented, script that I run on all my new installs; comment out any lines you don't need. nixCraft has some notes on restarting the Ubuntu iptables/firewall under what I assume is upstart.
Ex-Microsoft Employee Arrested For Leaking Windows 8
Indeed, by physical standards he stole nothing as the owner (licensor) of the software still has it.
Normally software theft can be counted in lost sales due to leakage...
.... and let's face it. Microsoft lost nothing from the leak itself.
A Call For Rollbacks To Previous Versions of Software
Where have we seen in consumer space the ability to rollback an uncompleted install? Once it's installed, the only way back is to find a previous installer, nuke, and reinstall.
This has been standard IT procedure since Microsoft invented "service packs."
Indeed, and since way before too.
It used to be that you never went for the x.0. Nowadays, we have to be wary of getting any x.y.0
Ask Slashdot: Linux For Grandma?
Nevermind what the distro or the desktop environment is (well, within reason). So long as you can help her, even on the end of a crackly phone line, it's fine.
When installing for any non-techie, Desktop Environment aside, show them how to find their browser and applications, show them how to find the file manager, and install Synapse so that they can search for pretty much anything (for bonus points, set the Synapse shortcut to something simple like Super+Space). Basically, give them their starting points, and show them how to search.
Whether you choose to move your mother/relative/neighbour to KDE, Xfce, GNOME 3 or even Unity if you like (or even Windows or Mac at that) it has no bearing. Once you have set them up and you have installed the applications and configured all shortcuts, it's you who needs to know the system.
I support my dad on his Mac (he's die-hard Mac which is why I haven't moved him to Linux) piloting him blind because I know the system inside out, I know if he clicks in one place, I can predict the set of dialogs he'll see. I use Manjaro Xfce for Linux because it's install-once and sufficiently light. When setting up for a non-technician, I customize shortcuts my way, show them the ropes in person and hand them a cheat sheet based on my setup choice. If they mail me or call me, I know how to pilot them back to safety.
Ask Slashdot: How Do I Change Tech Careers At 30?
First off - if you're happy with your current role, why leave? Greener grass, etc. Talk to people in the area of activity first to get an idea of what it's like. The "private sector" (if there is much distinction) may work at a different pace with different imperatives than what you're used to, and the difference will be more business politics than actual technological differences/merit.
Secondly, what industry do you want to work with? I've worked 2nd level and 1st level support, mainly enterprise and some helpdesk, in a variety of industries; some experiences were enjoyable on average complex tech, some tech was amazin but for dull projects or industries... Make sure you're iterested in what the technology is applied to, and not just the technology itself. Applying great server products to manage a ball-bearing packing facility is not necessarily the most enriching experience after a few months, since most of the time it will just be maintenance.
Thirdly, if you want to learn about Microsoft products, you'll either need to shell out for them yourself, or find a job that makes use of them. Most likely is indeed tech support, from an entry level perspective. I can tell you that some support jobs teach you little by way of actual tech, some teach you lots, depending on the support level, and whether you're supporting users or integrators. Be on the lookout for technologies that interest you within the job descriptions, and go after those.
Finally, to learn about the underlying technologies before you can buy the software licenses, you would still do well to have a look at setting up enteprise Linux systems. I know you said you like Microsoft products but hear me out - administrative skills, troubleshooting, and many network-related tasks translate directly across platforms. You could be on CentOS, Ubuntu Server, Windows 200x server or OS X Server; from an administrative, and infrastructure and maintenance point of view, it's the same difference. Examples are setting up such things as web servers, SSL, LDAP, network troubleshooting, data migration, backup, SMTP server setup, database configuration, app server clustering, etc; and some non-technology stuff like change management, some minor project management, requirements gathering, system design, etc.
You can't teach yourself Enterprise stuff straight on Microsoft products on a hobbyist budget. Or you can, but it's an expensive hobby, which is why the normal route if you really want to pursue Microsoft tech, would be to change job. Your other option would be to convince your employer to invest in Microsoft.
But if it's specifically for your spare time, Linux is definitely what you want to look into.
Ask Slashdot: Does Your Employer Perform HTTPS MITM Attacks On Employees?
Out of curiosity, what was the name of the feature? All I can see on this thread are "mitm" and "proxy" - but how is this feature actually called from a vendor point of view? I doubt it was being called as "SSL defeater" or something alarming like that...