Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Red Hat Software

Interviews: Ask Red Hat CEO Jim Whitehurst A Question (redhat.com) 166

Jim Whitehurst joined Red Hat in 2008, as its valuation rose past $10 billion and the company entered the S&P 500. He believes that leaders should engage people, and then provide context for self-organizing, and in 2015 even published The Open Organization: Igniting Passion and Performance (donating all proceeds to the Electronic Frontier Foundation). The book describes a post-bureaucratic world of community-centric companies led with transparency and collaboration, with chapters on igniting passion, building engagement, and choosing meritocracy over democracy.

Jim's argued that Red Hat exemplifies "digital disruption," and recently predicted a world of open source infrastructure running proprietary business software. Fortune has already called Red Hat "one of the geekiest firms in the business," and their open source cloud computing platform OpenStack now competes directly with Amazon Web Services. Red Hat also sponsors the Fedora Project and works with the One Laptop Per Child initiative.

So leave your best questions in the comments. (Ask as many questions as you'd like, but please, one per comment.) We'll pick out the very best questions, and then forward them on for answers from Red Hat CEO Jim Whitehurst.
Electronic Frontier Foundation

2016 Saw A Massive Increase In Encrypted Web Traffic (eff.org) 91

EFF's "Deeplinks" blog has published nearly two dozen "2016 in Review" posts over the last nine days, one of which applauds 2016 as "a great year for adoption of HTTPS encryption for secure connections to websites." An anonymous reader writes: In 2016 most pages viewed on the web were encrypted. And over 21 million web sites obtained security certificates -- often for the first time -- through Let's Encrypt. But "a sizeable part of the growth in HTTPS came from very large hosting providers that decided to make HTTPS a default for sites that they host, including OVH, Wordpress.com, Shopify, Tumblr, Squarespace, and many others," EFF writes. Other factors included the support of Transport Layer Security (TLS) 1.3 by Firefox, Chrome, and Opera.
Other "2016 in Review" posts from EFF include Protecting Net Neutrality and the Open Internet and DRM vs. Civil Liberties. Click through for a complete list of all EFF "2016 in Review" posts.
AT&T

US Court Demands Documents On AT&T/Police Collaboration (eff.org) 48

"The federal government has not justified its excessive secrecy about the massive telephone surveillance program known as Hemisphere, a court ruled in an EFF Freedom of Information Act lawsuit on Thursday." schwit1 quotes the EFF announcement: As a result, the federal government must submit roughly 260 pages of previously withheld or heavily redacted records to the court so that it can review them and decide whether to make more information about Hemisphere public. Hemisphere is a partnership between AT&T and federal, state, and local law enforcement agencies that allows police almost real-time access to telephone call detail records. The program is both extremely controversial -- AT&T requires police to hide its use from the public -- and appears to violate our First and Fourth Amendment rights.
Government lawyers had argued the disputed documents were restricted to use at the federal level, but the court remained unconvinced, especially "after EFF demonstrated that many of them appeared to have been given to state and local law enforcement."
Electronic Frontier Foundation

EFF Begins Investigating Surveillance Technology Rumors At Standing Rock (eff.org) 147

Electronic Frontier Foundation has dispatched a team of technologists and lawyers to a protest site in Standing Rock, North Dakota, to investigate "several reports of potentially unlawful surveillance." An anonymous reader writes: The EFF has "collected anecdotal evidence from water protectors about suspicious cell phone behavior, including uncharacteristically fast battery drainage, applications freezing, and phones crashing completely," according to a recent report. "Some water protectors also saw suspicious login attempts to their Google accounts from IP addresses originating from North Dakota's Information & Technology Department. On social media, many reported Facebook posts and messenger threads disappearing, as well as Facebook Live uploads failing to upload or, once uploaded, disappearing completely."

The EFF reports "it's been very difficult to pinpoint the true cause or causes," but they've targeted over 20 law enforcement agencies with public records requests, noting that "Of the 15 local and state agencies that have responded, 13 deny having any record at all of cell site simulator use, and two agencies -- Morton County and the North Dakota State Highway Patrol (the two agencies most visible on the ground) -- claim that they can't release records in the interest of "public safety"...

"Law enforcement agencies should not be allowed to sidestep public inquiry into the surveillance technologies they're using," EFF writes, "especially when citizens' constitutional rights are at stake... It is past time for the Department of Justice to investigate the scope of law enforcement's digital surveillance at Standing Rock and its consequences for civil liberties and freedoms in the digital world."
Electronic Frontier Foundation

EFF: The Music Industry Shouldn't Be Able To Cut Off Your Internet Access (eff.org) 88

An anonymous reader quotes a report from Electronic Frontier Foundation: No one should have to fear losing their internet connection because of unfounded accusations. But some rights holders want to use copyright law to force your Internet service provider (ISP) to cut off your access whenever they say so, and in a case the Washington Post called "the copyright case that should worry all Internet providers," they're hoping the courts will help them. We first wrote about this case -- BMG v. Cox Communications -- when it was filed back in 2014, and last month, EFF, Public Knowledge (PK), and the Center for Democracy and Technology (CDT) urged the Court of Appeals for the Fourth Circuit to overturn a ruling that ISP Cox Communications was liable for copyright infringement. EFF, PK and CDT advised the court to consider the importance of Internet access in daily life in determining when copyright law requires an ISP to cut off someone's Internet subscription. The case turns in part on a provision in copyright law that gives internet intermediaries a safe harbor -- legal protection against some copyright infringement lawsuits -- provided they follow certain procedures. Online platforms like Facebook and YouTube, along with other internet intermediaries, have to "reasonably implement" a policy for terminating "subscribers and account holders" that are "repeat infringers" in "appropriate circumstances." But given the importance of Internet access, the circumstances where it's appropriate to cut off a home Internet subscription entirely are few and far between. The law as written is flexible enough that providers can design and implement policies that make sense for the nature of their service and their subscribers' circumstances. A repeat infringer policy for the company that provides your link to the Internet as a whole should take into account the essential nature of internet access and the severe harm caused by disconnection. But music publisher BMG wants to use this provision to force ISPs to become tougher enforcers of copyright law. According to BMG, ISPs should be required both to forward rights holders' threatening demand letters to their subscribers and terminate a subscriber's Internet access whenever rights holders allege that person has repeatedly violated copyright law. A subscriber is a "repeat infringer" and subject to termination, they argue, whenever they say so. Cox's appeal of the ruling raises two very important issues: (1) Who should be considered a "repeat infringer" who should be cut off from the Internet, and (2) whether ISPs must either cede to rights holders' demands or monitor their subscribers' internet habits to avoid liability. Slashdot reader waspleg adds: Two landmark Supreme Court cases, Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd., and Sony Corp. of America v. Universal Studios made clear that if a service is capable of significant lawful uses, and the provider doesn't actively encourage users to commit copyright infringement, the provider shouldn't be held responsible when someone nonetheless uses the service unlawfully.
Electronic Frontier Foundation

Why Did Japan Just Ratify The TPP? (businesstimes.com.sg) 225

The controversial Trans-Pacific Partnership can't go into effect without U.S. approval, Japan's Prime Minister Shinzo Abe has acknowledged. Yet despite president-elect Trump's promise to withdraw from the agreement -- Friday Japan's parliament voted to approve it. An anonymous reader quotes the Business Times. Was last Friday's vote simply a Quixotic tribute to a dying cause or -- as some are asking -- does Mr. Abe know something that others don't? They note that he is the only foreign leader to have met with the anointed heir to the U.S. presidency since the election result was announced. What went on in New York's Trump Tower during that "informal" meeting is unknown but some speculate that there may have been some equally informal -- but nonetheless significant -- dealmaking between the two men on the TPP. This seems quite possible, analysts say, because the TPP is of great importance to Japan and to Mr. Abe's grand design for Japan to remain a pivotal Asia-Pacific power.
The EFF has decried "the intense push to ram Internet issues into international law through the TPP," and complained Friday that Japan's newly-passed law "includes the extension of Japan's copyright term from 50 to 70 years after the death of the author, which makes today a very sad day for Japan's public domain."

And in addition, "There remains a risk that other TPP countries such as Singapore -- and even countries that weren't part of the original deal, such as Taiwan -- will soon also bring their domestic legislation into conformity with the requirements of this dead agreement."
Censorship

EFF Report Finds 74% Of Censorship News Stories Are About Facebook (onlinecensorship.org) 75

An anonymous reader writes: OnlineCensorship.org just released a new report "to provide an objective, data-driven voice in the conversation around commercial content moderation." They're collecting media reports about censorship on Facebook, Twitter, Instagram, YouTube, Flickr and Google+, and have now analyzed 294 reports of content takedowns -- 74% of which pertained to Facebook. (Followed by Instagram with 16% and Twitter with 7%.) 47% of all the takedowns were nudity-related, while the next two most frequent reasons given were "real name" violations and "inappropriate content".

Noting "a more visible public debate" over content moderation, the report acknowledges that 4.7 billion Facebook posts are made every day. (It also reports the "consistent refrain" from services apologizing for issues -- that "our team processes millions of reports each week...") But the most bizarre incident they've identified was the tech blogger in India who was locked out of his Facebook account in October because he shared a photo of a cat in a business suit. "It might sound stupid but this just happened to me," he told Mashable India, which reports Facebook later apologized and said it had made a mistake.

Their report -- part of the EFF's collaboration with Visualizing Impact -- urges platforms to clarify their guidelines (as well as applicable laws), to explain the mechanisms being used to evaluate content and appeals, and to share those criteria when notifying users of take-downs. For example, in August Facebook inexplicably removed a 16-century sketch by Erasmus of Rotterdam detailing a right hand.
Electronic Frontier Foundation

Humble Bundle Supports The EFF With A LEGO eBook Sale (humblebundle.com) 17

The EFF is describing it as "a break for your brain." An anonymous reader writes: Humble Bundle has announced a special "pay what you want" sale for four ebooks about LEGO from No Starch Press, with proceeds going to the Electronic Frontier Foundation, or to the charity of your choice. The ebooks include Beautiful LEGO (a compendium of creations by dozens of artists) and Medieval LEGO, which describes and recreates English history in the Middle Ages using LEGO blocks. Contributors who pay more than $8 also receive six more books, including "Forbidden LEGO" a more free-style building guide that one reviewer called "The Anarchist Cookbook of the nursery," as well as "The Cult of LEGO", a tour of the block-building community. And for a $15 donation, contributors receive six more ebooks -- bringing the total to 16 -- including The LEGO Christmas Ornaments Book and Steampunk LEGO.
Government

President Obama Gives Up On The Trans-Pacific Partnership (theguardian.com) 355

An anonymous reader quotes The Guardian: White House officials conceded on Friday that the president's hard-fought-for Trans-Pacific Partnership trade deal would not pass Congress, as lawmakers there prepared for the anti-global trade policies of President-elect Donald Trump. Earlier this week, congressional leaders in both parties said they would not bring the trade deal forward during a lame-duck session of Congress, before the formal transition of power on January 20.
One Canadian law professor had argued the case against the TPP included its unbalanced intellectual property rules and risks to privacy, while the EFF believed it locked in the worst parts of U.S. copyright law and also exported them to other countries.
Electronic Frontier Foundation

Aaron Swartz Remembered With Annual Hackathon In San Francisco (eff.org) 18

"This weekend you have the chance to add to Aaron Swartz's legacy by boosting tools for whistleblowers," the EFF writes. An anonymous reader quotes their report. The 2016 Aaron Swartz International Hackathon -- held in honor of the late Internet and political activist -- will take place during the day Saturday and Sunday at the Internet Archive in San Francisco. The hackathon will focus on whistleblower submission system SecureDrop, which was created by Swartz and Kevin Poulsen to connect media organizations and anonymous sources and is managed by the Freedom of the Press Foundation. This weekend's events -- timed to what would have been his 30th birthday on Nov. 8 -- will also feature a series of speakers on Saturday night, including SecureDrop's Conor Schaefer, Fight for the Future Co-founder Tiffiniy Cheng, and EFF Executive Director Cindy Cohn, as well as a special statement from Chelsea Manning.
Government

EFF Suggests Halloween Costume To Protest Facial Recognition Databases (eff.org) 65

An anonymous reader writes: EFF's list of costume ideas for digital rights activists include a Stingray costume, dressing up like a Privacy Badger (or a patent troll), and using facepaint to simulate the eerie digitization algorithms that are currently capturing images of your face for government databases. "Just this week we learned that facial recognition is far more prevalent among local and federal law enforcement than we thought, with at least 26 states using this biometric technology... To draw attention to this emerging threat to privacy, you can use your face painting skills to recreate the digitization algorithms on your own mug based on public records we and others have obtained from law enforcement agencies."
Sixteen states already grant the FBI access to their DMV databases, reports EFF, noting that it's "almost completely unregulated," with one study reporting that 50% of American faces are already in a government database.
Cellphones

Feds Walk Into a Building, Demand Everyone's Fingerprints To Open Phones (dailyherald.com) 432

An anonymous Slashdot reader quotes the Daily Herald: Investigators in Lancaster, California, were granted a search warrant last May with a scope that allowed them to force anyone inside the premises at the time of search to open up their phones via fingerprint recognition, Forbes reported Sunday. The government argued that this did not violate the citizens' Fifth Amendment protection against self incrimination because no actual passcode was handed over to authorities...

"I was frankly a bit shocked," said Andrew Crocker, a staff attorney at the Electronic Frontier Foundation, when he learned about the scope of search warrant. "As far as I know, this warrant application was unprecedented"... He also described requiring phones to be unlocked via fingerprint, which does not technically count as handing over a self-incriminating password, as a "clever end-run" around constitutional rights.

Encryption

Firefox Users Reach HTTPS Encryption Milestone (techcrunch.com) 63

For the first time ever, secure HTTPS encryption was used for over half the pageloads served to Mozilla users, representing a big milestone for encryption. TechCrunch reports on the telemetry data tweeted by the Head of Let's Encrypt: Mozilla, which is one of the organizations backing Let's Encrypt, was reporting that 40% of page views were encrypted as of December 2015. So it's an impressively speedy rise...

The Let's Encrypt initiative, which exited beta back in April, is doing some of that work by providing sites with free digital certificates to help accelerate the switch to HTTPS. According to [co-founder Josh] Aas, Let's Encrypt added more than a million new active certificates in the past week -- which is also a significant step up. In the initiative's first six months (when still in beta) it only issued around 1.7 million certificates in all.

The "50% HTTPS" figure is just a one-day snapshot, and it's from "only a subset of Firefox users who are running Mozilla's telemetry browser...not default switched on for most Firefox users (only for users of pre-release Firefox builds)." But the biggest caveat is it's only counting Firefox users, which in July represented just 7.7% of web surfers (according to Statista), behind both Chrome (49.5%) and Safari (13.68%) -- but also ahead of Internet Explorer (5.4%) and Opera (5.99%).
Electronic Frontier Foundation

EFF Co-Founder Announces Benefit Concert to Pay His Medical Bills (twitter.com) 195

An anoymous Slashdot reader reports: "I was dead for about 8 mins. on Wed. eve," EFF co-founder John Perry Barlow posted last year on Facebook. "total cardiac arrest...sad to report, no Ascending Light." The cyber-rights activist told the San Francisco Chronicle that he had gone "down the tunnel of eternity and it turned out to be a cheap carnival ride." He paused for a moment. "Probably not cheap, though."

Yesterday Barlow posted a Twitter update announcing a big benefit concert in Mill Valley, California to help pay his mounting medical bills on Monday, October 24th. Performers will include Bob Weir (also of The Grateful Dead), Jerry Harrison (of The Talking Heads), Lukas Nelson, Members of The String Cheese Incident, Sean Lennon and Les Claypool, plus 85-year-old folk singer Ramblin' Jack Elliott, as well as "special guests."

Barlow's family describes the last 18 months as a "medical incarceration" with "a dizzying array of medical events and complications" that has depleted his savings and insurance benefits. They've also set up a site for donations from "his fellow innovators, artists, cowboys, and partners-in-crime, to help us provide the quality of care necessary for Barlow's recovery."
Yahoo!

As Contradictions Mount, Experts Call For Declassification of Yahoo's Email-Scanning Order (onthewire.io) 50

An anonymous Slashdot reader writes: Look at this contradiction in the government's story about their secret scans on hundreds of millions of Yahoo emails. "Intelligence officials told Reuters that all Yahoo had to do was modify existing systems for stopping child pornography from being sent through its email or filtering spam messages." But three former Yahoo employee have now said that actually the court-ordered search "was done by a module attached to the Linux kernel -- in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled... They said that made it hard to detect and also made it hard to figure out what the program was doing."
Slashdot reader Trailrunner7 writes: Now, experts at the EFF and Sen. Ron Wyden say that the order served on Yahoo should be made public according to the text of a law passed last year. The USA Freedom Act is meant to declassify certain kinds of government orders, and the EFF says the Yahoo order fits neatly into the terms of the law. "If the reports about the Yahoo order are accurate -- including requiring the company to custom build new software to accomplish the scanning -- it's hard to imagine a better candidate for declassification and disclosure under Section 402," Aaron Mackey of the EFF said.
Government

Senator Questions The Declassification Policies of America's National Intelligence Office (senate.gov) 28

America spent $16 billion on classifying documents last year, and Senator Wyden argues the process is now "too unwieldy to be truly secure... over-classification prevents effective information sharing between agencies." An anonymous Slashdot reader quotes the Senator's new announcement: The Reducing Over-Classification Act of 2010 allows government agencies to pay cash awards to employees who accurately classify government documents consistently and avoid unnecessary over-classification of information that is not a threat to national security. In response to a Freedom of Information Act request by the EFF, the Office of the Director of National Intelligence said it could not locate any records about the criteria for awarding those incentives.

"Congress included this provision...to reverse the culture of unnecessary classification, reduce the volume of classified documents, and better protect the secrets whose disclosure would truly threaten national security," Wyden wrote [in a new letter to National Intelligence]. "I am concerned that federal agencies with the power to classify and declassify documents may not be taking advantage of these payment awards, and I believe doing so could benefit our national security."

HP

HP To Issue 'Optional Firmware Update' Allowing 3rd-Party Ink (arstechnica.com) 81

Soon after the Electronic Frontier Foundation (EFF) issued a letter to HP, calling for them to apologize to customers for releasing firmware that prevents the use of non-HP ink cartridges and refilled HP cartridges, the company has responded with a temporary solution. HP "will issue an optional firmware update that will remove the dynamic security feature" for certain OfficeJet printers. Ars Technica reports: HP made its announcement in a blog post titled "Dedicated to the best printing experience." "We updated a cartridge authentication procedure in select models of HP office inkjet printers to ensure the best consumer experience and protect them from counterfeit and third-party ink cartridges that do not contain an original HP security chip and that infringe on our IP," the company said. The recent firmware update for HP OfficeJet Pro, and OfficeJet Pro X printers "included a dynamic security feature that prevented some untested third-party cartridges that use cloned security chips from working, even if they had previously functioned," HP said. For customers who don't wish to be protected from the ability to buy less expensive ink cartridges, HP said it "will issue an optional firmware update that will remove the dynamic security feature. We expect the update to be ready within two weeks and will provide details here." This customer-friendly move may just be a one-time thing. HP said it will continue to use security features that "protect our IP including authentication methods that may prevent some third-party supplies from working." Without the optional firmware update, printers will only be able to use third-party ink cartridges that have an "original HP security chip," the company said.
Electronic Frontier Foundation

EFF Calls On HP To Disable Printer Ink Self-Destruct Sequence (arstechnica.com) 250

HP should apologize to customers and restore the ability of printers to use third-party ink cartridges, the Electronic Frontier Foundation (EFF) said in a letter to the company's CEO yesterday. From an ArsTechnica report:HP has been sabotaging OfficeJet Pro printers with firmware that prevents use of non-HP ink cartridges and even HP cartridges that have been refilled, forcing customers to buy more expensive ink directly from HP. The self-destruct mechanism informs customers that their ink cartridges are "damaged" and must be replaced. "The software update that prevented the use of third-party ink was reportedly distributed in March, but this anti-feature itself wasn't activated until September," EFF Special Advisor Cory Doctorow wrote in a letter to HP Inc. CEO Dion Weisler. "That means that HP knew, for at least six months, that some of its customers were buying your products because they believed they were compatible with any manufacturer's ink, while you had already planted a countdown timer in their property that would take this feature away. Your customers will have replaced their existing printers, or made purchasing recommendations to friends who trusted them on this basis. They are now left with a less useful printer -- and possibly a stockpile of useless third-party ink cartridges."
Crime

Cops Are Raiding Homes of Innocent People Based Only On IP Addresses (fusion.net) 241

Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."
The Courts

'Unpatent' Begins Crowdfunding Challenges To Bad Patents (unpatent.co) 115

"Unpatent is a crowdfunding platform that eliminates bad patents," reads their web site. "We do that by crowdsourcing the prior art -- that is all the evidence that makes clear that a patent was not novel -- and filing reexamination requests to the patent office." An anonymous Slashdot reader reports: "Everyone in the world can back the crowdfunding campaign against the patent," explains their site, which includes a special section with "Featured stupid patents". The first $16,000 raised covers the lawyers and fees at the U.S. Patent and Trademark Office, and "The rest is distributed to those who find valid prior art...any evidence that a patent is not novel. We review all the prior art pieces and reward those that may invalidate a claim... Then, we file an ex partes reexamination to the USPTO."

Their team includes Lee Cheng, the legal officer at Newegg, "worldwide renowned as the patent trolls' nightmare," as well as Lus Cuende, who created his own Linux distro when he was 15 and is now CTO of Stampery, a company using the Bitcoin blockchain to notarize data.

They're currently targeting the infamous US8738435 covering "personalized content relating to offered products and services," which in February the EFF featured as their "stupid patent of the month." Its page on Unpatent.co argues that "Taking something so obvious such as personalizing content and offers...and writing the word online everywhere shouldn't grant you a monopoly over it." Unpatent's slogan? "We invalidate patents that shouldn't exist."

Slashdot Top Deals