Skip to main content

Home/ Future of the Web/ Group items matching "source code" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Google Chrome Listening In To Your Room Shows The Importance Of Privacy Defense In Depth - 0 views

  • Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to “we can do that”.It looked like just another bug report. "When I start Chromium, it downloads something." Followed by strange status information that notably included the lines "Microphone: Yes" and "Audio Capture Allowed: Yes".
  • Without consent, Google’s code had downloaded a black box of code that – according to itself – had turned on the microphone and was actively listening to your room.A brief explanation of the Open-code / Free-software philosophy is needed here. When you’re installing a version of GNU/Linux like Debian or Ubuntu onto a fresh computer, thousands of really smart people have analyzed every line of human-readable code code before that operating system was built into computer-executable binary code, to make it common and open knowledge what the machine actually does instead of trusting corporate statements on what it’s supposed to be doing. Therefore, you don’t install black boxes onto a Debian or Ubuntu system; you use software repositories that have gone through this code-code audit-then-build process. Maintainers of operating systems like Debian and Ubuntu use many so-called “upstreams” of code code to build the final product.Chromium, the open-code version of Google Chrome, had abused its position as trusted upstream to insert lines of code code that bypassed this audit-then-build process, and which downloaded and installed a black box of unverifiable executable code directly onto computers, essentially rendering them compromised. We don’t know and can’t know what this black box does. But we see reports that the microphone has been activated, and that Chromium considers audio capture permitted.
  • This was supposedly to enable the “Ok, Google” behavior – that when you say certain words, a search function is activated. Certainly a useful feature. Certainly something that enables eavesdropping of every conversation in the entire room, too.Obviously, your own computer isn’t the one to analyze the actual search command. Google’s servers do. Which means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by… an unknown and unverifiable set of conditions.Google had two responses to this. The first was to introduce a practically-undocumented switch to opt out of this behavior, which is not a fix: the default install will still wiretap your room without your consent, unless you opt out, and more importantly, know that you need to opt out, which is nowhere a reasonable requirement. But the second was more of an official statement following technical discussions on Hacker News and other places. That official statement amounted to three parts (paraphrased, of course):
  • ...4 more annotations...
  • 1) Yes, we’re downloading and installing a wiretapping black-box to your computer. But we’re not actually activating it. We did take advantage of our position as trusted upstream to stealth-insert code into open-code software that installed this black box onto millions of computers, but we would never abuse the same trust in the same way to insert code that activates the eavesdropping-blackbox we already downloaded and installed onto your computer without your consent or knowledge. You can look at the code as it looks right now to see that the code doesn’t do this right now.2) Yes, Chromium is bypassing the entire code code auditing process by downloading a pre-built black box onto people’s computers. But that’s not something we care about, really. We’re concerned with building Google Chrome, the product from Google. As part of that, we provide the code code for others to package if they like. Anybody who uses our code for their own purpose takes responsibility for it. When this happens in a Debian installation, it is not Google Chrome’s behavior, this is Debian Chromium’s behavior. It’s Debian’s responsibility entirely.3) Yes, we deliberately hid this listening module from the users, but that’s because we consider this behavior to be part of the basic Google Chrome experience. We don’t want to show all modules that we install ourselves.
  • If you think this is an excusable and responsible statement, raise your hand now.Now, it should be noted that this was Chromium, the open-source version of Chrome. If somebody downloads the Google product Google Chrome, as in the prepackaged binary, you don’t even get a theoretical choice. You’re already downloading a black box from a vendor. In Google Chrome, this is all included from the start.This episode highlights the need for hard, not soft, switches to all devices – webcams, microphones – that can be used for surveillance. A software on/off switch for a webcam is no longer enough, a hard shield in front of the lens is required. A software on/off switch for a microphone is no longer enough, a physical switch that breaks its electrical connection is required. That’s how you defend against this in depth.
  • Of course, people were quick to downplay the alarm. “It only listens when you say ‘Ok, Google’.” (Ok, so how does it know to start listening just before I’m about to say ‘Ok, Google?’) “It’s no big deal.” (A company stealth installs an audio listener that listens to every room in the world it can, and transmits audio data to the mothership when it encounters an unknown, possibly individually tailored, list of keywords – and it’s no big deal!?) “You can opt out. It’s in the Terms of Service.” (No. Just no. This is not something that is the slightest amount of permissible just because it’s hidden in legalese.) “It’s opt-in. It won’t really listen unless you check that box.” (Perhaps. We don’t know, Google just downloaded a black box onto my computer. And it may not be the same black box as was downloaded onto yours. )Early last decade, privacy activists practically yelled and screamed that the NSA’s taps of various points of the Internet and telecom networks had the technical potential for enormous abuse against privacy. Everybody else dismissed those points as basically tinfoilhattery – until the Snowden files came out, and it was revealed that precisely everybody involved had abused their technical capability for invasion of privacy as far as was possible.Perhaps it would be wise to not repeat that exact mistake. Nobody, and I really mean nobody, is to be trusted with a technical capability to listen to every room in the world, with listening profiles customizable at the identified-individual level, on the mere basis of “trust us”.
  • Privacy remains your own responsibility.
  •  
    And of course, Google would never succumb to a subpoena requiring it to turn over the audio stream to the NSA. The Tor Browser just keeps looking better and better. https://www.torproject.org/projects/torbrowser.html.en
Gonzalo San Gil, PhD.

European Commission to update its open source policy | Joinup - 0 views

  •  
    " Steps up efforts to contribute code upstream The European Commission wants to make it easier for its software developers to submit patches and add new functionalities to open code projects. Contributing to open code communities will be made central to the EC's new open code policy, expects Pierre Damas, Head of Sector at the Directorate General for IT (DIGIT)."
  •  
    " Steps up efforts to contribute code upstream The European Commission wants to make it easier for its software developers to submit patches and add new functionalities to open code projects. Contributing to open code communities will be made central to the EC's new open code policy, expects Pierre Damas, Head of Sector at the Directorate General for IT (DIGIT)."
Gonzalo San Gil, PhD.

Get started with open source without writing any source | opensource.com - 1 views

  •  
    "My experience tells me there are a lot of people interested in trying open source, but they don't know where to start. And the perception that you have to write source to contribute to is a barrier to that curiosity. So, I've outlined 10 ways that anyone can get started with open source-no source writing involved. I welcome your ideas and additions, there are without a doubt more than 10 ways-let's get started."
Gonzalo San Gil, PhD.

Protecode: Open code code Will Power 95 Pct. of Companies by 2017 | Open code Application Software Companies content from The VAR Guy - 0 views

  •  
    "Almost all-95 percent, in fact-of companies will be using open source software by 2017 and the adoption of third-party open source source is increasing steadily. "
Gonzalo San Gil, PhD.

Save, Create and run your own pirate bay - 0 views

  •  
    [... Create and run your own pirate bay We, the team that brought you Isohunt.to and oldpiratebay.org, are bringing you the next step in the torrent evolution. Open Pirate Bay source source. History of torrent sites such as Isohunt and The Pirate Bay gives us a lesson that would be a crime not to learn. The era of individual torrent sites is over. That is why we created Pirate Bay open source. It's free for everyone. Now you can create your own copy of The Pirate Bay! Update and change this source to make it better for everyone. We give you three simple options: ...] [# ! While... # ! … there were Pe@ple, computers and #networks, there is #hope. # ! #Life is #Share.]
  •  
    [... Create and run your own pirate bay We, the team that brought you Isohunt.to and oldpiratebay.org, are bringing you the next step in the torrent evolution. Open Pirate Bay source source. History of torrent sites such as Isohunt and The Pirate Bay gives us a lesson that would be a crime not to learn. The era of individual torrent sites is over. That is why we created Pirate Bay open source. It's free for everyone. Now you can create your own copy of The Pirate Bay! Update and change this source to make it better for everyone. We give you three simple options: ...]
Gonzalo San Gil, PhD.

6 tips to increase government agency adoption of open source software | Opensource.com - 0 views

  •  
    "Open source source drives collaborative innovation from a larger pool of developers at a lower cost, which is why federal agencies are adopting the "open source first" model."
  •  
    "Open source source drives collaborative innovation from a larger pool of developers at a lower cost, which is why federal agencies are adopting the "open source first" model."
Paul Merrell

First Look Publishes Open Source Source To Advance Privacy, Security, and Journalism - The Intercept - 0 views

  • today we’re excited to contribute back to the open source community by launching First Look source, the home for our own open source projects related to privacy, security, data, and journalism. To begin with, First Look source is the new home for document sanitization software PDF Redact Tools, and we’ve launched a brand new anti-gag order project called AutoCanary.
  • AutoCanary A warrant canary is a regularly published statement that a company hasn’t received any legal orders that it’s not allowed to talk about, such as a national security letter. Canaries can help prevent web publishers from misleading visitors and prevent tech companies from misleading users when they share data with the government and are prevented from talking about it. One such situation arose — without a canary in place — in 2013, when the U.S. government sent Lavabit, a provider of encrypted email services apparently used by Snowden, a legal request to access Snowden’s email, thwarting some of the very privacy protections Lavabit had promised users. This request included a gag order, so the company was legally prohibited from talking about it. Rather than becoming “complicit in crimes against the American people,” in his words, Lavabit founder Ladar Levison, chose to shut down the service.
  • Warrant canaries are designed to help companies in this kind of situation. You can see a list of companies that publish warrant canary statements at Canary Watch. As of today, First Look Media is among the companies that publish canaries. We’re happy to announce the first version of AutoCanary, a desktop program for Windows, Mac OS X, and Linux that makes the process of generating machine-readable, digitally-signed warrant canary statements simpler. Read more about AutoCanary on its new website.
  •  
    The internet continues to fight back against the Dark State. On the unsettled nature of the law in regard to use of warrant canaries in the U.S. see EFF's faq: https://www.eff.org/deeplinks/2014/04/warrant-canary-faq (it needs a test case).
Gary Edwards

The NeuroCommons Project: Open RDF Ontologies for Scientific Reseach - 0 views

  •  
    The NeuroCommons project seeks to make all scientific research materials - research articles, annotations, data, physical materials - as available and as useable as they can be. This is done by fostering practices that render information in a form that promotes uniform access by computational agents - sometimes called "interoperability". Semantic Web practices based on RDF will enable knowledge sources to combine meaningfully, semantically precise queries that span multiple information sources.

    Working with the Creative Commons group that sponsors "Neurocommons", Microsoft has developed and released an open source "ontology" add-on for Microsoft Word. The add-on makes use of MSOffice XML panel, Open XML formats, and proprietary "Smart Tags". Microsoft is also making the source source for both the Ontology Add-in for Office Word 2007 and the Creative Commons Add-in for Office Word 2007 tool available under the Open source Initiative (OSI)-approved Microsoft Public License (Ms-PL) at http://ucsdbiolit.sourceplex.com and http://ccaddin2007.sourceplex.com,respectively.

    No doubt it will take some digging to figure out what is going on here. Microsoft WPF technologies include Smart Tags and LINQ. The Creative Commons "Neurocommons" ontology work is based on W3C RDF and SPARQL. How these opposing technologies interoperate with legacy MSOffice 2003 and 2007 desktops is an interesting question. One that may hold the answer to the larger problem of re-purposing MSOffice for the Open Web?

    We know Microsoft is re-purposing MSOffice for the MS Web. Perhaps this work with Creative Commons will help to open up the Microsoft desktop productivity environment to the Open Web? One can always hope :)

    Dr Dobbs has the Microsoft - Creative Commons announcement; Microsoft Releases Open Tools for Scientific Research ...... Joins Creative Commons in releasing the Ontology Add-in
Gonzalo San Gil, PhD.

How the rise of open source could improve software security - 0 views

  •  
    "Openness by itself does not yield more secure code, but a new dependence on open code by major software players could ensure more rigorous scrutiny"
  •  
    "Openness by itself does not yield more secure code, but a new dependence on open code by major software players could ensure more rigorous scrutiny"
  •  
    "Openness by itself does not yield more secure code, but a new dependence on open code by major software players could ensure more rigorous scrutiny"
Gonzalo San Gil, PhD.

The new struggles facing open source | ITworld - 0 views

  •  
    "The religious wars have faded, as new conflicts around control, code 'sharecropping,' 'fauxpen code,' and n00b-sniping arise"
  •  
    "The religious wars have faded, as new conflicts around control, code 'sharecropping,' 'fauxpen code,' and n00b-sniping arise"
Gary Edwards

Readium at the London Book Fair 2014: Open Source for an Open Publishing Ecosystem: Readium.org Turns One - 0 views

  •  
    excerpt/intro: Last month marked the one-year anniversary of the formation of the Readium Foundation (Readium.org), an independent nonprofit launched in March 2013 with the objective of developing commercial-grade open source publishing technology software. The overall goal of Readium.org is to accelerate adoption of ePub 3, HTML5, and the Open Web Platform by the digital publishing industry to help realize the full potential of open-standards-based interoperability. More specifically, the aim is to raise the bar for ePub 3 support across the industry so that ePub maintains its position as the standard distribution format for e-books and expands its reach to include other types of digital publications. In its first year, the Readium consortium added 15 organizations to its membership, including Adobe, Google, IBM, Ingram, KERIS (S. Korea Education Ministry), and the New York Public Library. The membership now boasts publishers, retailers, distributors and technology companies from around the world, including organizations based in France, Germany, Norway, U.S., Canada, China, Korea, and Japan. In addition, in February 2014 the first Readium.org board was elected by the membership and the first three projects being developed by members and other contributors are all nearing "1.0" status. The first project, Readium SDK, is a rendering "engine" enabling native apps to support ePub 3. Readium SDK is available on four platforms-Android, iOS, OS/X, and Windows- and the first product incorporating Readium SDK (by ACCESS Japan) was announced last October. Readium SDK is designed to be DRM-agnostic, and vendors Adobe and Sony have publicized plans to integrate their respective DRM solutions with Readium SDK. A second effort, Readium JS, is a pure JavaScript ePub 3 implementation, with configurations now available for cloud based deployment of ePub files, as well as Readium for Chrome, the successor to the original Readium Chrome extension developed by IDPF as the
  •  
    excerpt/intro: Last month marked the one-year anniversary of the formation of the Readium Foundation (Readium.org), an independent nonprofit launched in March 2013 with the objective of developing commercial-grade open source publishing technology software. The overall goal of Readium.org is to accelerate adoption of ePub 3, HTML5, and the Open Web Platform by the digital publishing industry to help realize the full potential of open-standards-based interoperability. More specifically, the aim is to raise the bar for ePub 3 support across the industry so that ePub maintains its position as the standard distribution format for e-books and expands its reach to include other types of digital publications. In its first year, the Readium consortium added 15 organizations to its membership, including Adobe, Google, IBM, Ingram, KERIS (S. Korea Education Ministry), and the New York Public Library. The membership now boasts publishers, retailers, distributors and technology companies from around the world, including organizations based in France, Germany, Norway, U.S., Canada, China, Korea, and Japan. In addition, in February 2014 the first Readium.org board was elected by the membership and the first three projects being developed by members and other contributors are all nearing "1.0" status. The first project, Readium SDK, is a rendering "engine" enabling native apps to support ePub 3. Readium SDK is available on four platforms-Android, iOS, OS/X, and Windows- and the first product incorporating Readium SDK (by ACCESS Japan) was announced last October. Readium SDK is designed to be DRM-agnostic, and vendors Adobe and Sony have publicized plans to integrate their respective DRM solutions with Readium SDK. A second effort, Readium JS, is a pure JavaScript ePub 3 implementation, with configurations now available for cloud based deployment of ePub files, as well as Readium for Chrome, the successor to the original Readium Chrome extension developed by IDPF as the
Paul Merrell

Google Open Source Blog: Bidding farewell to Google Source - 1 views

  • Beginning today, we have disabled new project creation on Google Code. We will be shutting down the service about 10 months from now on January 25th, 2016. Below, we provide links to migration tools designed to help you move your projects off of Google Code. We will also make ourselves available over the next three months to those projects that need help migrating from Google Code to other hosts. March 12, 2015 - New project creation disabled. August 24, 2015 - The site goes read-only. You can still checkout/view project Code, issues, and wikis. January 25, 2016 - The project hosting service is closed. You will be able to download a tarball of project Code, issues, and wikis. These tarballs will be available throughout the rest of 2016. Google will continue to provide Git and Gerrit hosting for certain projects like Android and Chrome. We will also continue maintaining our mirrors of projects like Eclipse, kernel.org and others. How To Migrate Your Data Off Google Code
Paul Merrell

When Is Open Source Not That Open Source? - Devx Blog - 0 views

  • According to Ts'o, the difference between organic and non-organic is related to how much influence a single corporation has in the development of an open source product. The broader the developer community around a project and the lower the barrier to contributing, the more organic it is. Citing Linux, Apache, Mozilla, and Eclipse among those in the organic open source camp, Ts'o singled out OpenSolaris as a prime example of non-organic open source. In fact, he objected to "Sun claiming that Solaris is just like Linux because it's open source"--a characterization that seemed to inspire his interest in asserting these definitions.
  •  
    IBM calling Sun names for iron-clad control over Solaris code commit rights. OpenOffice.org comes to mind as well as the IBM-Sun iron-clad control of ODF.
  •  
    Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com
Gonzalo San Gil, PhD.

The value of open source is the open development process: Scott Wilson OSS Watch | Opensource.com - 0 views

  •  
    "Scott Wilson agrees that open source matters because of open source, but just as important is the process in which the source is made. Open development of source is in the social nature of many programmers, hackers, documentors, and project managers. So, what is it about open development? "
Gonzalo San Gil, PhD.

scancode-toolkit · GitHub - 0 views

  •  
    "ScanCode is a tool to scan Code and detect licenses, copyrights and more. This open Code Code scanning tool helps you find and discover open Code and third-party components in your Code. "
Paul Merrell

Google Open Sources Google XML Pages - O'Reilly News - 0 views

  • OSCON 2008, Gonsalves made the announcement that, after several years of consideration, Google was releasing Google XML Pages (or GXP) under the Apache Open Source License.
  • At OSCON 2008, Gonsalves made the announcement that, after several years of consideration, Google was releasing Google XML Pages (or GXP) under the Apache Open Source License.
  • Originally developed as a Python interpreter that produced Java source source, gxp was rewritten in 2006-7 to be a completely Java based application. The idea behind gxp is fairly simple (and is one that is used, in slightly different fashion, for Microsoft's XAML and Silverlight) - a web designer can declare a number of XML namespaces that define specific libraries on an XHTML or GXP container element, intermixing GXP and XHTML source in order to perform conditional logic, invoke server components, define state variables or create template modules. This GXP source is then parsed and used to generate the relevant Java source, which in turn is compiled into a server module invoked from within a Java servlet engine such as Tomcat or Jetty and cached on the server.
Gary Edwards

Apple's extensions: Good or bad for the open web? | Fyrdility - 0 views

  •  
    Fyrdility asks the question; when it comes to the future of the Open Web, is Apple worse than Microsoft? He laments the fact that Apple pushes forward with innovations that have yet to be discussed by the great Web community. Yes, they faithfully submit these extensions and innovations back to the W3C as open standards proposals, but there is no waiting around for discussion or judgement. Apple is on a mission.

    IMHO, what Apple and the WebKit community do is not that much different from the way GPL based open source communities work, except that Apple works without the GPL guarantee. The WebKit innovations and extensions are similar to GPL forks in the shared source source; done in the open, contributed back to the community, with the community responsible for interoperability going forward.

    There are good forks and there are not so good forks. But it's not always a technology-engineering discussion that drives interop. sometimes it's marketshare and user uptake that carry the day. And indeed, this is very much the case with Apple and the WebKit community. The edge of the Web belongs to WebKit and the iPhone. The "forks" to the Open Web source source are going to weigh heavy on concerns for interop with the greater Web.

    One thing Fyrdility fails to recognize is the importance of the ACiD3 test to future interop. Discussion is important, but nothing beats the leveling effect of broadly measuring innovation for interop - and doing so without crippling innovation.

    "......Apple is heavily involved in the W3C and WHATWG, where they help define specifications. They are also well-known for implementing many unofficial CSS extensions, which are subsequently submitted for standardization. However, Apple is also known for preventing its representatives from participating in panels such as the annual Browser Wars panels at SXSW, which expresses a much less cooperative position...."
Gonzalo San Gil, PhD.

Becoming a trusted member of an open source community | Opensource.com - 0 views

  •  
    [# ! As in #code so in #life] Samsung's Guy Martin talks about strategies for getting involved with-and earning the respect of-an open code community.
  •  
    [# ! As in #code so in #life] Samsung's Guy Martin talks about strategies for getting involved with-and earning the respect of-an open code community.
Gonzalo San Gil, PhD.

How Open Source Is Becoming the Core of All Software | FOSS Force - 1 views

  •  
    "Phil Shapiro The open source development model is taking over the enterprise. Two companies that were late coming to the OSS table but which now contribute much source are Cisco and Capital One."
  •  
    "Phil Shapiro The open source development model is taking over the enterprise. Two companies that were late coming to the OSS table but which now contribute much source are Cisco and Capital One."
Gonzalo San Gil, PhD.

Replace SourceForge with these Better Alternatives - Linux Links - The Linux Portal Site - 1 views

  •  
    "SourceForge is a long established web-based service that offers Source Source repository, downloads mirrors, bug tracker and other features. It acts as a centralized location for software developers to control and manage free and open-Source software development. "
  •  
    "SourceForge is a long established web-based service that offers Source Source repository, downloads mirrors, bug tracker and other features. It acts as a centralized location for software developers to control and manage free and open-Source software development. "
1 - 20 of 70 Next › Last »
Showing 20 items per page