Category: Software

Google opens up Android in Russia

Google will open up Android  to Russian rival search engines as part of a deal to settle a two year dispute with Russian competition authorities.

The deal sets a new precedent for the tech giant, which faces multiple complaints worldwide that it is abusing its dominant position by imposing restrictions on manufacturers of Android-based devices in order to protect its share of the online search market.

Russia’s competition watchdog, FAS, ruled in 2015 that Google was breaking the law by requiring the pre-installation of applications, including its own search tool, on mobile devices using Android, following a complaint by Russia’s Yandex.

Google will no longer demand exclusivity of its applications on Android-based devices in Russia and will not restrict the pre-installation of rival search engines and other applications, as part of a deal with FAS, the regulator said on Monday.

It will also develop a tool allowing users to choose a default search engine on their Android devices.

“Users will be able to change settings at any time and choose the default search engine which suits their needs,” FAS said.

Google confirmed the deal, saying it met the interests of all parties. It also said it had reached a commercial agreement with Yandex that “provides new opportunities for Yandex to promote its search service within Chrome”.

The deal is for a term of six years and nine months and  Google will  have to pay $7.85 million in fines.

EFF sues Aussie patent troll

The Electronic Frontier Foundation (EFF) has sued an Australian patent troll which it previously awarded the  “Stupid Patent of the Month: Storage Cabinets on a Computer.”

Last year Global Equity Management (SA) Pty. Ltd. (GEMSA), managed to get an Australian court to order EFF to remove the post, but the EFF told the court to sod off.

In January 2017, Pasha Mehr, an attorney representing GEMSA, further demanded that the article be removed and that EFF pay $750,000. EFF still did not comply.

Instead it filed in federal court in San Francisco on Wednesday, and asks that the American court declare the Australian ruling unenforceable in the US, because the Australian ruling runs afoul of free speech protections granted under the United States Constitution.

GEMSA attorneys have threatened to take this Australian court order to American search engine companies to deindex the blog post, making the post harder to find online.

The EFF’s Stupid Patent of the Month campaign began back in August of 2014.  GEMSA won the title with US Patent No. 6,690,400 (the ’400 patent), claims the idea of using “virtual cabinets” to graphically represent data storage and organisation.

GEMSA is incorporated in Australia and appears to have no business other than patent litigation. The patent began its life with a company called Flash VOS. This company once offered a product that allowed users to run multiple operating systems on personal computers with x86-compatible processors.

In the past year, GEMSA has sued dozens of companies, ranging from Airbnb to Zillow. In each case, it makes the assertion that the defendant’s website infringes the ’400 patent. For example, it simply states that “AIRBNB maintains, controls and/or operates a website with a graphical user interface (“GUI”) at www.airbnb.com that infringes one or more claims of the ‘400 patent”.

In his initial letter to EFF dated August 26, 2016, Mehr dubbed the blog post as “defamatory, false, and malicious slander”.

By October 2016, GEMSA’s director, Schumann Rafizadeh said that if the article was not immediately removed from EFF.ORG, and the defendant otherwise publishes or broadcasts the statements, GEMSA will sustain irreparable damage to its reputation and credibility.

The article’s continued publication and circulation through various common web search engines and other such websites is continuing to damage the reputation and credibility of GEMSA, which it critically relies upon for its negotiations and ongoing discussions for the licensing arrangements and our Intellectual Property (IP), including the referenced patent.

In other words ,if EFF says it is just a patent troll it might make it harder to squeeze money from other companies. Indeed, in a second affidavit, Rafizadeh admitted that its business and legal tactics were meeting some resistance for the first time. US Defendants have joined and instated two lnterparte Proceedings against GEMSA in the United States.

As EFF has made no appearance before an Australian court, GEMSA was likely able to be granted the default judgement against the organization—the removal of the purportedly offending blog post. Six months later, the EFF post remains.

Berners-Lee fears AI monster

The bloke who created the world-wide web, Sir Tim Berners-Lee,  said he is worried that artificial intelligence (AI) could become the new ‘masters of the universe’ by creating and running their own companies.

Speaking at the Innovate Finance Global Summit today, Berners-Lee envisioned a world where AI systems start to develop decision-making capabilities and the impact this will have on the fairness of our economic systems.

He said that AI could decide which companies to acquire: “So when AI starts to make decisions such as who gets a mortgage, that’s a big one. Or which companies to acquire and when AI starts creating its own companies, creating holding companies, generating new versions of itself to run these companies.

“It becomes difficult to understand how to ensure they are being fair, and how do you describe fairness to a computer anyway.”

The scenario does threaten to wipe out an entire industry and raises some fundamental questions about how fair a financial system without any human involvement can be.

Berners-Lee also slammed the Trump administration’s rollback of net neutrality protections.

He recently published a letter on the 28th anniversary of the world wide web, detailing what he views as the three main challenges for the web: loss of control over personal data, the spread of misinformation across the web and the need for transparency with online political advertising.

 

Microsoft boosts Windows 10 upgrade savings claims

Microsoft has boosted its claim of how much enterprises can save by deploying Windows 10 by 28 percent.

The revised estimate came from a Microsoft-commissioned analysis first done in mid-2016 by Forrester Research.

Forrester said the per-worker savings over a three-year stretch would be $404. To reach that number, the research firm interviewed four Microsoft customers that had begun moving to Windows 10, then modelled a hypothetical organization with 24,000 Windows devices, and a large number of mobile workers among the 20,000 employees.  It then divided that number by its shoe size and multiplied it by the cheque that Microsoft had given it.

Using that pretend company, Forrester forecast the difference between running Windows 10 and retaining Windows 7.

Late last year, Forrester interviewed another quartet of Windows early 10 adopters, then added that data to what it had originally.

The new per-employee savings: $515 over three years, a jump of almost a third. Forrester’s increase in the number of mobile workers — the total climbed by 460 employees — was the biggest factor in the changed estimate.

Forrester and Microsoft said that the migration to Windows 10 would pay for itself in 14 months.

The report says IT administrators “estimate a 20per cent improvement in management time, as Windows 10 requires less IT time to install, manage, and support with in-place deployment and more self-service functions”, while because of the OSs security software, security events requiring IT remediation are reduced or avoided by 33 percent.

Drupal community in bondage

The Drupal community has been whipped into a fury after a prominent contributor was asked to leave the project by its leader, Dries Buytaert because he was into BDSM.

Larry Garfield, a prominent Drupal contributor and long-time member of the Drupal and PHP communities was forced out over his unconventional sex life. Garfield is into BDSM, and is a member of the Gorean community, “a community who are interested in, and/or participate in, elaborate sexual subjugation fantasies, in which men are inherently superior to women”.

While that might not float anyone else’s boat, apparently it harms Garfield’s ability to code and he must be cast out of the open saucy world.

There are some who feel that the ability to code is not really dependent on how you have sex and it is Buytaert being far too much like a dominant control freak.

Buytaert said there were no 50 shades of grey in his project and the removal was black and white, It was “because it came to my attention that [Garfield] holds views that are in opposition with the values of the Drupal project,” he hissed.

Buytaert said that when a highly-visible community member’s private views become public, controversial, and disruptive for the project, he must consider the impact. Of course that applies to Garfield and not his views, which strike us as a little puritanical.

“I cannot in good faith support someone who actively promotes a philosophy that is contrary to this …any association with Larry’s belief system is inconsistent with our project’s goals,” he said. The project’s goal is about writing a bit of code to get content up on a website it does not appear to mention anything about sexual preferences at all.

Over at the site the following statement has been printed:

“We want to be clear that the decision to remove Larry’s DrupalCon session and track chair role was not because of his private life or personal beliefs. The Drupal Association stands by our values of inclusivity. Our decision was based on confidential information conveyed in private by many sources. Due to the confidential nature of the situation we cannot and will not disclose any information that may harm any members of our community, including Larry.”

But what is alarming here is that somewhere there is apparently a moral code of sexuality which developers are not supposed to cross – Open Source is not open after all but subject to the moral code of the person who runs the project who apparently does not want to use a safe word.

Microsoft sued over Windows 10

Three people in Illinois have filed a lawsuit against Microsoft, claiming that its Windows 10 update destroyed their data and damaged their computers.

The complaint, filed in Chicago’s US District Court, claimed that Vole’s Windows 10’s installer was a defective product, and that its maker failed to provide adequate warning about the potential risks posed by Windows 10 installation.

The attorneys representing the trio are seeking to have the case certified as a class action that includes every person in the US who upgraded to Windows 10 from Windows 7 and suffered data loss or damage to software or hardware within 30 days of installation.

They claim there are hundreds or thousands of affected individuals.

Microsoft responded that they’d offered free customer service and other support options for “the upgrade experience,” adding “We believe the plaintiffs’ claims are without merit”.

The complaint argues Windows 10’s installer “does not check the condition of the PC and if the hard drive can withstand the stress of the Windows 10 installation”.

The lead plaintiff says her hard drive failed after Windows 10 installed without her express approval, and she had to buy a new computer.

Linux had a killer flaw for 11 years and no one noticed

One of the key advantages of Open sauce software is that it is supposed to be easier to spot and fix software flaws, however Linux has had a  local privilege escalation flaw for 11 years and no-one has noticed.

The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.

The flaw can be exploited locally by using heap spraying techniques to execute arbitrary code inside the kernel, the most privileged part of the OS. Andrey Konovalov, the Google researcher who found the vulnerability, plans to publish an exploit for it a few days.

While it cannot be exploited remotely, this sort of bug can be combined with other flaws that give remote hackers access to a lower privileged account on a system.

For the flaw to be exploitable, the kernel needs to be built with the CONFIG_IP_DCCP option. Many distributions use kernels built with this option, but some don’t.

Red Hat announced that Red Hat Enterprise Linux 5, 6, 7, and Red Hat Enterprise MRG 2 kernels are affected. The company has released patches for Red Hat Enterprise Linux 6 and 7 and for the Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt).

The Debian project released fixed kernel packages for Debian 7 Wheezy and Debian 8 Jessie, the “old stable” and “stable” versions of the distribution. Debian Stretch (testing) and Sid (unstable) have not been patched yet.

Patches are also available for Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. As far as SUSE goes, only SUSE Linux Enterprise Server 10 is affected and patches for it are only available to customers with long term service pack support. The kernels in SUSE Linux Enterprise Server 11 SP 1 to 4 and SUSE Linux Enterprise Server 12 SP 1 and 2 are not built with support for the DCCP protocol.

Online job sites block older workers

Illinois Attorney General Lisa Madigan has opened an investigation into allegations that online software tools that millions of Americans use to job hunt is discriminating against older workers.

The San Francisco Federal Reserve Bank found that in a widespread test using fabricated resumes, fictional older workers were 30 percent less likely to be contacted after applying for jobs.

Fictional older women had it even worse, being 47 percent less likely to get a “callback”.  Several forces are conspiring to ensure that many Americans must work well past the traditional retirement age of 65.

Because people are living longer, their retirement savings are inadequate, and Social Security reforms are almost certainly going to require it.

The San Francisco Fed says that the share of the older 65 working population is projected to rise sharply — from about 19 percent now to 29 percent in the year 2060.

But while online job-hunting tools should be making things easier for older employment seekers, online job sites seem to be cutting older workers out with age bias is built right into their software.

In a statement, Madigan said that Job seekers who try to build a profile or resume can find that it’s impossible to complete some forms because drop-down menus needed to complete tasks don’t go back far enough to let older applicants fill them out.

For example, one site’s menu options for “years attended college” stops abruptly at 1956. That could prevent someone in their late 70s from filling out the form.

Madigan’s office said it found one example that only accommodated those who had attended school after 1980, “barring anyone who is older than 52.”

Other sites used dates ranging from 1950 to 1970 as cutoffs, her office said. The Illinois’ Civil Rights Bureau has opened a probe into potential violations of the Illinois Human Rights Act and the federal Age Discrimination in Employment Act. Madigan’s office has written letters to six top jobs sites including Beyond.com, CareerBuilder, Indeed, Ladders, Monster Worldwide and Vault to ask them about their policies.

Cyberfox is officially dead

The web browser Cyberfox appears to have been torn apart by hounds while rich toffs on horses stand by applauding and another makes loud farting noises on a bugle.

In a blog entitled Cyberfox and its future direction, the browser’s lead developer of Cyberfox proclaimed the death of their web browser.

Toady, said that the project was taking too much of his personal time, and the changes required by Mozilla were requiring more and more time to maintain.

He said: “This project has been amazing no one could ask for a better project or community sadly as much as i love this project my heart is no longer fully in it, dreams of pursuing game development were pushed aside and lifestyle steadily declined ultimately slowly coming to this point where changes and choices have to be made ones that will affect this project and the future of what i have spent all these years building.”

The issue appears to be that Mozilla announced major changes to Firefox, some of which landed already, some are in process, and others are announced for 2017. These include multi-process Firefox, the removal of plugins and WebExtensions will replace all other add-on systems of the browser.

That’s too much change, for projects that are maintained by a small but dedicated group of developers such as Cyberfox.

The author of Cyberfox made the decision to switch the browser’s release channel to Firefox 52.0 ESR. This means that Cyberfox will be supported with security updates for the next eight release cycles, but new features that Mozilla introduces in Firefox Stable won’t find their way into the browser anymore.

ZTE pays $900 million fine

 

Chinese telecom equipment maker ZTE has agreed to plead guilty and pay up in a US sanctions case, drawing a line under a damaging scandal that had threatened its cut off its supply chain.

While the fine was larger than expected, ZTE, also a major smartphone maker, reported robust underlying earnings for 2016 and was upbeat in estimates for the first quarter.

A five-year investigation found ZTE conspired to evade US embargoes by buying US components, incorporating them into ZTE equipment and illegally shipping them to Iran.

It also made 283 shipments of telecommunications equipment to North Korea.

US Attorney General Jeff Sessions said in a statement that ZTE Corporation not only violated export controls that keep sensitive American technology out of the hands of hostile regimes like Iran’s, they lied … about their illegal acts,”

But ZTE relies on US suppliers for 25 percent to 30 percent of its components, many of which are key to its goods. It buys about $2.6 billion worth of components a year from US firms. This includes  Qualcomm, Microsoft and Intel.

ZTE Chief Executive Zhao Xianming said in a statement that his outfit acknowledges the mistakes it made, takes responsibility for them, and remains committed to positive change in the company.

The company agreed to a seven-year suspended denial of export privileges, which could be activated if there are further violations, as well as three years of probation, a compliance and ethics program, and a corporate monitor.

It also agreed to an additional penalty of $300 million that will be suspended during the seven-year term on the condition the company complies with requirements in the agreement.

ZTE has replaced executives allegedly involved, including naming a new president.

The company said it slid to a preliminary net loss of $342 million in 2016, its first loss in four years, due to the settlement.