You are here

Site në gjuhë të huaj

Alibaba Face Off With Chinese Regulator Over Fake Products

Slashdot.org - Pre, 30/01/2015 - 4:05pd
hackingbear writes China's State Administration of Industry and Commerce on Wednesday issued a scathing report against one of the country's biggest stars, accusing e-commerce giant Alibaba of failing to do enough to prevent fake goods from being sold on its websites. SAIC said Alibaba allowed "illegal advertising" that misled consumers with false claims about low prices and other details. It claims some Alibaba employees took bribes and the company failed to deal effectively with fraud. Alibaba fired back with charges of bias and misconduct by accusing the SAIC official in charge of Internet monitoring, Liu Hongliang, of unspecified "procedural misconduct" and warned it will file a formal complaint. Such public defiance is almost unheard of in China. Apparently, Alibaba has long attained the too big to fail status.

Read more of this story at Slashdot.








Laura Arjona: Going selfhosting: Installing Debian Wheezy in my home server

Planet Debian - Pre, 30/01/2015 - 2:28pd

It was in my mind to open a new series of articles with topic “selfhosting”, because I really believe in free software based network services and since long time I want to plug a machine 24×7 at home to host my blog, microblog, MediaGoblin, XMPP server, mail, and, in conclusion, all the services that now I trust to very kind third parties that run them with free software, but I know I could run myself (and offer them to my family and friends).

Last September I bought the domain larjona.net (curious, they say “buy” but it’s a rent, for 1,2,3 years… never yours.  Pending another post about my adventures with the domain name, dynamic DNS, and SSL certs!) and I bought an HP Microserver G7 N54L, with 2 GB RAM. It had a 250GB SATA harddisk and I bought 2 more SATA harddisks, 1 TB each, to setup a RAID 1 (mirror). Total cost (with keyboard and mouse), 300€. A friend gave me a TFT monitor that was too old for him (1024×768) but it serves me well, (it’s a server, no graphical interface, and I will connect remotely most of the times).

Installing Debian stable (wheezy)

I decided to install Debian stable. Jessie was not frozen yet, and since it was my first non-LAMP server install, I wanted to make sure that errors and problems would be my errors, not issues of the non-released-yet distro.

I thought to install YunoHost or some other distro “prepared” for selfhosting, but I’ve never tried them, and I have not much free time, so I decided to stick on Debian, my beloved distro, because it’s the one that I know best and I’m part of its awesome community. And maybe I could contribute back some bug reports or documentation.

I wanted to try a crypto setup (just for fun, just for learn, for its benefits, and to be one more freecrypto-tester in the world) so after reading a bit:

https://wiki.debian.org/DebianInstaller/SataRaid
https://wiki.archlinux.org/index.php/disk_encryption
http://madduck.net/docs/cryptdisk/
http://linuxgazette.net/140/kapil.html
http://smcv.pseudorandom.co.uk/2008/09/cryptroot/
http://www.linuxquestions.org/questions/linux-security-4/lvm-before-and-after-encryption-871379/

and some other pages, and try some different things, this is the setup that I managed to configure:

  • A “rescue” system with /boot and / partitions, both in the 250 GB disk.
  • A RAID 1 system of the two 1TB disks, setup in the BIOS of the machine (so the motherboard handles the RAID and the OS is focused in other things).
  • Inside the Debian installer, I went to manual partition, then I put my /boot in the 250GB disk (yes, a 2nd /boot there), and then selected the 1TB disk (since the RAID was already made, it appeared a single 1TB disk) as physical device to be encrypted.
  • After that, still in the Debian installer, I setup LVM there: configured a volume group, then, two volumes, one for / and the other one for swap.
  • Then I saved the changes and go on installing my system.

Everything went well. Yay!

Some doubts and one problem

Everything went quite well except some doubts:

  • I’m still not sure if this BIOS RAID (“Fake RAID”) is better than a software RAID or not. I suppose it’s better since I delegate in the motherboard to do it, and leave the OS to care about other things (transcode my videos yeah!). But I don’t know how to measure ‘performance’ and which metrics and results should I expect. The disks (cheap disks) are a bit noisy (just a bit! or maybe it’s the fan that it’s very quiet! poor Laura, never saw/had a ‘luxury’ machine like this one :)
  • I had to install firmware-linux-nonfree in order to properly use the graphics card (Mobility Radeon HD 4225/4250). I have no graphical environment there, only a console, so I was not sure if installing the firmware or not (without the firmware, the letters of the console were bigger, but I just don’t mind since I most of the time I log in remotely from my laptop). Then, two questions arised to my ignorant mind:
    1. Do I need the driver for better performance (aka is the graphics card used for rendering/transcoding/showing images and videos in my MediaGoblin site or just when it’s needed to display them in local (and subsequently, never)?
    2. If I leave the system like that, and forget about the firmware warning at boot time, can the hardware be damaged by the default (free) driver? (for example, due to fan controlling malfunction or something like that).

After talking about this issues with friends (and in debian-women IRC channel), I decided to install the non-free driver, just in case, with the same reasoning as with the RAID: let the card do the job, so the CPU can care about other things. Again, I notice that learning a bit about benchmarking (and having some time to do some tests) would be nice…

And now, the problem:

  • I noticed something strange in my setup. Sometimes, after a system reboot, cryptsetup was not accepting the password to unlock the encrypted disk. And believe me, I was typing it carefully. But when I completely shutdown the computer, unplug the cable, replug the cable, and start again, the password was accepted. The keyboard is USB and this machine does not accept other connection for the keyboard. The keyboard configuration, language and so, was all correct. No Non-ASCII symbols in my password. My password would need to press the same keys in a Spanish and an English keyboard.
  • I thought that maybe something in my RAID was failing. I tried to disconnect one of the disks, and see if (1) the bug was solved (no) and (2) the RAID was working (yes). I made the same with the other disk. I was happy that I could reconstruct my RAID when plugging the disk again. But still I had the problem of the password.

I left this problem apart and go on installing the software. I would think later what to do.

Installing MediaGoblin

The most urgent selfhosting service, for me, was GNU MediaGoblin, because I wanted to show my server to my family in Christmas, and upload the pictures of the babies and kids of the family. And it’s a project where I contribute translations and I am a big fan, so I would be very proud of hosting my own instance.

I followed the documentation to setup 2 instances of GNU MediaGoblin 0.7 (the stable release in the moment), with their corresponding PostgreSQL databases. Why two instances? Well, I want an instance to host and show my videos, images, and replicate videos that I like, and a private one for sharing photos and videos with my family. MediaGoblin has no privacy settings yet, so I installed separate instances, and the private one I put it in a different port, with a self-signed SSL cert, and enabled http-authorization in Nginx, so only authorized Linux users of my machine can accesss the website.

Installing MediaGoblin was easier than what I thought. I only had some small doubts about the documentation, and they were solved in the IRC channel. You can access, for example, my user profile in my public instance, and see some different files that I already uploaded. I’m very happy!!

Face to face with the bug, again

I had to solve the problem of the password not accepted in reboots. I began to think that it could be a bug in cryptsetup. Should I upgrade the package to the version in wheezy-backports? Jessie was almost frozen, maybe it was time to upgrade the whole system, to see if the problem was solved (and to see how my MediaGoblin was working or not in Jessie. It should work, it’s almost packaged! But who knows). And if it didn’t work, maybe it was time to file a bug…

So I upgraded my system to Debian Jessie. And after upgrade, the system didn’t boot. But that’s the story of another blog post (that I still need to finish to write… don’t worry, it has happy end, as you could see accessing my Mediagoblin site!).


Filed under: My experiences and opinion Tagged: Debian, encryption, English, libre software, MediaGoblin, Moving into free software, N54L, selfhosting, sysadmin

Microsoft To Invest In Rogue Android Startup Cyanogen

Slashdot.org - Pre, 30/01/2015 - 1:55pd
An anonymous reader writes The Wall Street Journal reports that Microsoft plans to be a minority investor in a roughly $70 million round of equity financing for mobile startup Cyanogen Inc.. Neither company is commenting on the plan but last week during a talk in San Francisco, Cyanogen's CEO said the company's goal was to "take Android away from Google." According to Bloomberg: "The talks illustrate how Microsoft is trying to get its applications and services on rival operating systems, which has been a tenet of Chief Executive Officer Satya Nadella. Microsoft has in the past complained that Google Inc., which manages Android, has blocked its programs from the operating system."

Read more of this story at Slashdot.








Joel Leclerc: Track: Darkness Awakens

Planet UBUNTU - Pre, 30/01/2015 - 1:25pd

I made this track a while back, and I hope you’ll enjoy it! =D Linux-wise? Umm … it was made on a linux machine … using wine for like, everything …. but it was on a linux machine!! =p Spent ~60 hours on this.


LibreOffice Gets a Streamlined Makeover With 4.4 Release

Slashdot.org - Pre, 30/01/2015 - 1:11pd
TechCurmudgeon sends word that LibreOffice 4.4 has been released. "The Document foundation announced availability of the latest version of LibreOffice on Thursday, which it says is the most beautiful version of the open source productivity suite yet. LibreOffice 4.4 also fixes some compatibility issues with files that are saved in Microsoft's OOXML formats. LibreOffice 4.4 has got a lot of UX and design love," Jan "Kendy" Holesovsky, who leads the design team for Libreoffice, said in a statement. LibreOffice 4.4 is currently available for Windows."

Read more of this story at Slashdot.








D-Link Routers Vulnerable To DNS Hijacking

Slashdot.org - Pre, 30/01/2015 - 12:27pd
An anonymous reader writes At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered. Todor Donev, a member of the Ethical Hacker research team, says that the vulnerability is found in the ZynOS firmware of the device, D-Link's DSL-2740R ADSL modem/wireless router. The firmware in question is implemented in many networking equipment manufactured by D-Link, TP-Link Technologies and ZTE.

Read more of this story at Slashdot.








Spire Plans To Use Tiny Satellites For More Accurate Weather Forecasts

Slashdot.org - Pre, 30/01/2015 - 12:06pd
Zothecula writes Weather forecasting is a notoriously inexact science. According to San Francisco-based tech startup Spire, this is partially because there are currently less than 20 satellites responsible for gathering all of the world's weather data – what's more, some of the older ones are using outdated technology. Spire's solution? Establish a linked network of over 100 shoebox-sized CubeSats, that will use GPS technology to gather 100 times the amount of weather data than is currently possible. The first 20 of those satellites are scheduled to launch later this year.

Read more of this story at Slashdot.








FSF-Endorsed Libreboot X200 Laptop Comes With Intel's AMT Removed

Slashdot.org - Enj, 29/01/2015 - 11:43md
gnujoshua (540710) writes "The Free Software Foundation has announced its endorsement of the Libreboot X200, a refurbished Lenovo ThinkPad X200 sold by Gluglug. The laptop ships with 100% free software and firmware, including the FSF's endorsed Trisquel GNU/Linux and Libreboot. One of the biggest challenges overcome in achieving FSF's Respects Your Freedom certification was the complete removal of Intel's ME and AMT firmware. The AMT is a controversial proprietary backdoor technology that allows remote access to a machine even when it is powered off. Quoting from the press release: "The ME and its extension, AMT, are serious security issues on modern Intel hardware and one of the main obstacles preventing most Intel based systems from being liberated by users. On most systems, it is extremely difficult to remove, and nearly impossible to replace. Libreboot X200 is the first system where it has actually been removed, permanently," said Gluglug Founder and CEO, Francis Rowe."

Read more of this story at Slashdot.








'Anonymized' Credit Card Data Not So Anonymous, MIT Study Shows

Slashdot.org - Enj, 29/01/2015 - 11:12md
schwit1 writes Scientists showed they can identify you with more than 90 percent accuracy by looking at just four purchases, three if the price is included — and this is after companies "anonymized" the transaction records, saying they wiped away names and other personal details. The study out of MIT, published Thursday in the journal Science, examined three months of credit card records for 1.1 million people. "We are showing that the privacy we are told that we have isn't real," study co-author Alex "Sandy" Pentland of the Massachusetts Institute of Technology, said in an email.

Read more of this story at Slashdot.








VP Anthony Moschella Shows Off Makerbot's Latest Printers and Materials (Video)

Slashdot.org - Enj, 29/01/2015 - 10:28md
You may have read a few weeks ago about the new materials that MakerBot has introduced for its 3-D printers; earlier this month, I got a chance to see some of them in person, and have them explained by MakerBot VP of Product Anthony Moschella in a cramped demo closet — please excuse the lighting — at the company's booth at CES. Moschella had some things to say about materials, timelines, and what MakerBot is doing to try to salvage its open-source cred, despite being a very willing part of a corporate conspiracy to sell boxes of Martha Stewart-branded extruder filament — as well as a few unremarkable things that the company's ever-vigilant PR overseer decreed Moschella couldn't answer on the record for reasons like agreements between MakerBot parent Stratasys and their suppliers. The good news for owners of recent MakerBot models: they'll be upgradeable to use the new and interesting materials with a part swap, rather than a whole-machine swap (it takes a "smart extruder" rather than the current, dumber one). And the pretty good news for fans of open source, besides that the current generation of MakerBots are all Linux-based computers themselves, is that MakerBot's open API provides a broad path for 3-D makers to interact with the printers. (The bad news is that there's no move afoot to return the machines' guts to open source hardware, like the early generations of MakerBots, but STL files at least don't care whether you ship them to an FSF-approved printer to be made manifest.)

Read more of this story at Slashdot.








US Air Force Selects Boeing 747-8 To Replace Air Force One

Slashdot.org - Enj, 29/01/2015 - 9:46md
Tyketto writes Following up on a previous story about its replacement, the US Air Force has selected the Boeing 747-8 to replace the aging Presidential fleet of two VC-25s, which are converted B747-200s. With the only other suitable aircraft being the Airbus A380, the USAF cited Boeing's 50-year history of building presidential aircraft as their reason to skip competition and opt directly for the aircraft, which due to dwindling sales and prospects, may be the last 747s to be produced.

Read more of this story at Slashdot.








Ask Slashdot: When and How Did Europe Leapfrog the US For Internet Access?

Slashdot.org - Enj, 29/01/2015 - 8:50md
New submitter rsanford, apropos today's FCC announcement about what is officially consided "broadband" speed by that agency, asks In the early and middle 90's I recall spending countless hours on IRC 'Trout-slapping' people in #hottub and engaging in channel wars. The people from Europe were always complaining about how slow their internet was and there was no choice. This was odd to me, who at the time had 3 local ISPs to choose from, all offering the fastest modem connections at the time, while living in rural America 60 miles away from the nearest city with 1,000 or more people. Was that the reality back then? If so, what changed, and when?

Read more of this story at Slashdot.








Philip Withnall: DX hackfest 2015: day 5

Planet GNOME - Enj, 29/01/2015 - 8:39md

Day 5, and the DX and docs hackfest in Collabora HQ, Cambridge has drawn to a close. It’s been great to have everyone here, and there have been a lot of in-depth discussions over the last few days about the details of app sandboxing, runtimes, Builder integration with various new services, the development of an IDE abstraction layer, approaches for making build systems accessible to Builder, lots of new things to statically analyse, and some fairly fundamental additions to GLib in the form of G_DECLARE_[FINAL|DERIVABLE]_TYPE and general-purpose reference counted memory areas. Whew! We even had a fleeting visit by Richard Hughes to discuss packaging issues for apps.

For all the details, see the blogs by Ryan, Cosimo, Ryan again, Alberto, Christian and Emmanuele.

I can’t do justice to the work of the docs team, who put in consistent, solid effort throughout the hackfest. See the blogs by Petr, Bastian, Kat and Jim for all the details. They even left me with a seemingly endless supply of Mallard balls to throw around the office!

Dave and I have spent a little while working on further deprecating gnome-common. More details to come once the migration guide is finished.

Thank you to Collabora for hosting, and Endless, Codethink and Red Hat for letting people attend; and thank you to the GNOME Foundation for sponsoring some of the attendees. It would not be a hackfest without the hackers!

Ben Howard: [BETA] New Cloud Image Finder

Planet UBUNTU - Enj, 29/01/2015 - 8:16md
One of the perennial problems in the Cloud is knowing what is the most current image and where to find it. Some Clouds provide a nice GUI console, an API, or some combination. But what has been missing is a "dashboard" showing Ubuntu across multiple Clouds.

https://cloud-images.ubuntu.com/locatorIn that light, I am please to announce that we have a new beta Cloud Image Finder. This page shows where official Ubuntu images are available. As with all betas, we have some kinks to work out, like gathering up links for our Cloud Partners (so clicking an Image ID launches an image). I envision that in the future this locator page will be the default landing page for our Cloud Image Page..



The need for this page became painfully apparent yesterday as I was working through the fallout of the Ghost Vulnerability (aka CVE 2015-0235). The Cloud Image team had spent a good amount of time pushing our images to AWS, Azure, GCE, Joyent and then notifying our partners like Brightbox, DreamCompute, CloudSigma and VMware of new builds. I realized that we needed a single place for our users to just look and see where the builds are available. And so I hacked up the EC2 Locator page to display other clouds.  
Please note: this new page only shows stable releases. We push a lot of images and did not want to confuse things by showing betas, alphas, dailies or the development builds. Rather, this page will only show images that have been put through the complete QA process and are ready for production work loads. 
This new locator page is backed by Simple Streams, which is our machine-formatted data service. Simple Streams provides a way of locating images in uniform way across the cloud. Essentially our new Locator Page is just a viewer of the Simple Stream Data.
Hopefully our users will find this new page useful. Feedback is always welcome. Please feel free to drop me a line (utlemming @ ubuntu dot com). 

Mozilla Dusts Off Old Servers, Lights Up Tor Relays

Slashdot.org - Enj, 29/01/2015 - 8:09md
TechCurmudgeon writes According to The Register, "Mozilla has given the Tor network a capacity kick with the launch of 14 relays that will help distribute user traffic. Engineers working under the Foundation's Polaris Project inked in November pulled Mozilla's spare and decommissioned hardware out of the cupboard for dedicated use in the Tor network. It included a pair of Juniper EX4200 switches and three HP SL170zG6 (48GB ram, 2*Xeon L5640, 2*1Gbps NIC) servers, along with a dedicated existing IP transit provider (2 X 10Gbps). French Mozilla engineer Arzhel Younsi (@xionoxfr) said its network was designed to fall no lower than half of its network capacity in the event of maintenance or failure. The Polaris initiative was a effort of Mozilla, the Tor Project and the Centre for Democracy and Technology to help build more privacy controls into technology."

Read more of this story at Slashdot.








FCC Officially Approves Change In the Definition of Broadband

Slashdot.org - Enj, 29/01/2015 - 7:28md
halfEvilTech writes As part of its 2015 Broadband Progress Report, the Federal Communications Commission has voted to change the definition of broadband by raising the minimum download speeds needed from 4Mbps to 25Mbps, and the minimum upload speed from 1Mbps to 3Mbps, which effectively triples the number of US households without broadband access. Currently, 6.3 percent of US households don't have access to broadband under the previous 4Mpbs/1Mbps threshold, while another 13.1 percent don't have access to broadband under the new 25Mbps downstream threshold.

Read more of this story at Slashdot.








Former NATO Nuclear Bunker Now an 'Airless' Unmanned Data Center

Slashdot.org - Enj, 29/01/2015 - 6:33md
An anonymous reader writes A German company has converted a 1960s nuclear bunker 100 miles from network hub Frankfurt into a state-of-the-art underground data center with very few operators and very little oxygen. IT Vision Technology (ITVT) CEO Jochen Klipfel says: 'We developed a solution that reduces the oxygen content in the air, so that even matches go outIt took us two years'. ITVT have the European Air Force among its customers, so security is an even higher priority than in the average DC build; the refurbished bunker has walls 11 feet thick and the central complex is buried twenty feet under the earth.

Read more of this story at Slashdot.








Dell 2015 XPS 13: Smallest 13" Notebook With Broadwell-U, QHD+ Display Reviewed

Slashdot.org - Enj, 29/01/2015 - 5:50md
MojoKid writes Dell's 2015 XPS 13 notebook made a splash out at CES this year with its near bezel-less 13-inch QHD+ (3200X1800) display and Intel's new 5th Gen Core series Broadwell-U processor. At 2.8 pounds, the 2015 XPS 13 isn't the absolute lightest 13-inch ultrabook book out there but it's lighter than a 13-inch MacBook Air and only a few ounces heavier than Lenovo's Core M-powered Yoga 3 Pro. The machine's Z dimensions are thin, at .33" up front to .6" at its back edge. However, its 11.98" width almost defies the laws of physics, squeezing a 13.3" (diagonal) display into an 11.98-inch frame making it what is essentially the smallest 13-inch ultrabook to hit the market yet. Performance-wise, this review shows its benchmarks numbers are strong and Intel's Broadwell-U seems to be an appreciable upgrade versus the previous generation architecture, along with lower power consumption.

Read more of this story at Slashdot.








Petr Kovar: 2015 Winter Docs Hackfest

Planet GNOME - Enj, 29/01/2015 - 5:22md

I’m here in lovely Cambridge for the winter GNOME docs hackfest. This time, the docs team is sharing a room with the Developer Experience (DX) hackfest, which provides us with a great opportunity to reach out to GNOME developers for expert’s advice.

Yesterday, Christian Hergert presented a new GNOME IDE in development, called Builder:

Builder comes with a feature-rich text editor that can also be useful for documentation writers who often author documents in XML.

Cosimo Cecchi showed us some of the downstream changes the Endless team made to gnome-user-docs and gnome-getting-started-docs. For me, personally, the most interesting part was their feedback on the GNOME docs style and content. Endless seem to target their product to a slightly different customer, still, they appear to have data on their users that the upstream project lacks. The GNOME help suite, written by different authors and in different style over the course of many years, is actually targeted at multiple audiences, spanning from quite inexperienced desktop end-users to skilled users who need to troubleshoot VMs in GNOME Boxes.

Shaun McCance showcased some of the cool features of Ducktype, a new lightweight syntax for Mallard. Although still a work in progress, this new syntax brings to the world of Mallard docs the flexibility of formats such as AsciiDoc or Markdown, which are now gaining strong popularity in both the developer and technical communication communities.

The docs team focused on squashing the bugs filed against GNOME Help and application help, and on content improvements in different areas of the desktop documentation stack. Jim Campbell worked on changing the structure and layout of Files help. He also worked with Jana Svarova on VPN docs for the GNOME sysadmin guide. Jana went through the docs feedback ML archives, responding to user comments and filing new bugs. Kat worked on application help with Jim and fixed a couple of bugs in gnome-user-docs. I worked on triaging docs bugs, and then on reviewing and updating some parts of GNOME Help and the sysadmin guide.

I would like to thank Collabora for providing the venue and catering, Kat and Philip Withnall for running the hackfests, and the GNOME Foundation for sponsoring me.

It’s been great to see old and new faces from the community, now off to Brussels for FOSDEM, then back to Brno for DevConf!

Holger Levsen: 20150129-reproducible-fosdem

Planet Debian - Enj, 29/01/2015 - 5:16md
Bit by bit identical binaries coming to a FOSDEM near you

Tomorrow I'll be going to FOSDEM because of the rather great variety of talks, contributors and beers - and because even after 10 years I still love to see the Grand Place at night!

On Saturday afternoon I'll be giving a talk titled "Stretching out for trustworthy reproducible builds - the status of reproducing byte-for-byte identical binary packages from a given source". I'm pretty thankful to the FOSDEM organisers for accepting this talk despite me submitting it rather (too) late, which was mostly due to the rapid developments in recent times. These are exciting times indeed: it'll be an opportunity to present what we did, how we did it, the progresses we had so far, our findings, and our plans for the future. The interview by the FOSDEM organizers might give you some preliminary insights, but you should come if you can!

So, please spread the word: this talk not at all only about Debian. We hope to have many upstream software developers and maintainers from other distributions attending as we will explain how reproducible builds are about reliability in software development and deployment in general. We hope one day reproducibility will be the norm everywhere and thus we want to reach out to upstreams and other distros now.

And it's getting even better: I learned a very pleasant surprise yesterday: I won't be giving this talk alone but rather together with Lunar! I would have gladly given this talk alone as planned, but team work is soo much more fun - and more productive too as this very project is showing everyday!

Faqet

Subscribe to AlbLinux agreguesi - Site në gjuhë të huaj