Brief items
Security
Wheeler: Funded open source security work at the Linux Foundation
David A. Wheeler lists some of the security-related projects he is overseeing at the Linux Foundation. For example:
Ariadne Conill is improving Alpine Linux security, including significant improvements to its vulnerability processing and making it reproducible. For example, as noted in the July 2021 report, this resulted in Alpine 3.14 being released with the lowest open vulnerability count in the final release in a long time. Alpine Linux’s security is important because many containers use it.
Security quotes of the week
Now the neural network described in Apple’s documentation appears very similar to the networks used in face recognition (hat tip to Nicko van Someren for spotting this). So it seems a fair bet that the new software will recognise people whose faces appear in the abuse dataset on which it was trained.— Ross AndersonSo what will happen when someone’s iPhone flags ten pictures as suspect, and the Apple contractor who looks at them sees an adult with their clothes on? There’s a real chance that they’re either a criminal or a witness, so they’ll have to be reported to the police. In the case of a survivor who was victimised ten or twenty years ago, and whose pictures still circulate in the underground, this could mean traumatic secondary victimisation. It might even be their twin sibling, or a genuine false positive in the form of someone who just looks very much like them. What processes will Apple use to manage this? Not all US police forces are known for their sensitivity, particularly towards minority suspects.
All of this is nonsense, of course. As noted above, websites have every right to manage the content on their sites how they see fit. And these forms are just useless grandstanding from two Attorneys General who must know better and simply don't care. They're misleading the public and pretending to do be able to do something they cannot. And, if they actually did try to do something, that would be completely unconstitutional. The chief legal officer in a state shouldn't be setting out to (1) mislead the public with nonsense, and (2) set up to do something unconstitutional. Alabama and Louisiana: elect better people.— Mike Masnick on a plan to gather reports of social media "censorship"
Now Home Depot is experimenting further with DRM at the point of sale. The company has started embedding chips in many of the major tool brands it sells (DeWalt, Milwaukee). And unless the tool is enabled by a Bluetooth-based system at the register, it simply won't work when you take it home.— Karl Bode[...] Yes, what could possibly go wrong. What if the system is buggy and doesn't work? What if you then try to contact a manufacturer or retailer that no longer exists or supports the device and systems in question? Too bad.
[...] Then you're simply left with an additional layer of cumbersome technical restrictions that potentially risk making tool purchase and ownership more of a hassle. People act as if they'd never read Cory Doctorow.
Kernel development
Kernel release status
The current development kernel is 5.14-rc5, released on August 8. According to Linus: "Things are looking perfectly normal. Size is nominal, diffstat looks pretty normal, and the changes are all in the usual places"
Stable updates: 5.13.9, 5.10.57, 5.4.139, 4.19.202, 4.14.243, 4.9.279, and 4.4.279 were released on August 8, followed by 4.4.280 on August 10.
The 5.13.10, 5.10.58, 5.4.140, and 4.19.203 updates are in the review process; they are due on August 12.
Distributions
Elementary OS 6 released
Version 6 of the elementary OS distribution is now available. "It’s been a long road to elementary OS 6—what with a whole global pandemic dropped on us in the middle of development—but it’s finally here. elementary OS 6 Odin is available to download now. And it’s the biggest update to the platform yet!" Headline changes include a new dark-mode theme, a switch to Flatpak for application packaging, a rewritten email client, and more.
Quote of the week
These are all tradeoffs, and there is no one right answer. That may be painful for those who believe that there is, and it is a hidden assumption in the blithe assertion that Debian should be "The Universal OS". Unfortunately, these tradeoffs mean that there can *be* no single "Universal OS". There will always be a need for different horses for different courses.— Ted Ts'o
Development
Firefox 91 released
The Firefox 91 release is available. Changes include stronger tracking-cookie protection, use of HTTPS within anonymous windows whenever possible, and more.
Page editor: Jake Edge
Next page:
Announcements>>