×
Operating Systems

Linux 4.18 Preparing Many New Features While Dropping 100k+ Lines of Code (phoronix.com) 83

An anonymous reader writes: Linux 4.18 development is going strong with recent 4.18-rc1 release. This kernel cycle has dropped 107,210 lines of code so far but Linux 4.18 is adding many new features. The kernel is coming in lighter as a result of the LustreFS code being removed and other code cleanups. On the feature front, Phoronix reports, "ew AMDGPU support improvements, mainlining of the V3D DRM driver, initial open-source work on NVIDIA Volta GV100 hardware, merging of the Valve Steam Controller kernel driver, merging of the BPFILTER framework, ARM Spectre mitigation work, Speck file-system encryption support, removal of the Lustre file-system, the exciting restartable sequences system call was merged, the new DM writecache target, and much more."
DRM

Lawrence Lessig Criticizes Proposed 140-Year Copyright Protections (techcrunch.com) 174

EqualCitizens.US reports on growing opposition to the CLASSICS Act proposed by the U.S. Congress, which grants blanket copyright protection to all audio works created before 1972, leaving some of them copyrighted until 2067. Importantly, the Act doesn't require artists or the rights holder to register for the copyright. Rather, any and all pre-1972 sound recordings would be copyrighted, greatly limiting the public's access to these works. Various organizations and scholars have responded. Equal Citizens along with a coalition of internet freedom and democracy reform organizations, is sending this letter to the Senate Judiciary Committee to urge its members to reject this Act in its entirety, or at a minimum, at least require registration of pre-1972 works. Otherwise, if the Act passes as is, famous artists and wealthy corporations will benefit greatly while the public will get absolutely nothing in return, as Professor Lawrence Lessig notes in Wired....

This act will limit access to past works and stifle creativity for new works. It would effectively remove many existing works, including some popular documentaries, podcasts, etc., from the public arena. The Coalition recommends adding a registration requirement to secure the extended copyright term, such that works that nobody claimed could be allowed to enter the public domain. As this TechCrunch report on the coalition letter explains:

By having artists and rights owners register, it solves the problem for everyone. Anyone who wants to have their pre-1972 works brought into the new scheme can easily achieve that, but orphan works will enter the public domain as they ought to.

"Either way," Lessig writes, "it is finally clear that the Supreme Court's prediction that the copyright owners would be satisfied with the copyright protection provided by the Sonny Bono Act turns out not to be true."
DRM

Flight-Sim Maker Threatens Legal Action Over Reddit Posts Discussing DRM (arstechnica.com) 175

An anonymous reader quotes a report from Ars Technica: Today's controversy begins with a Reddit thread that noted FlightSimLabs' A320 add-on installing "cmdhost.exe" files in the "system32" and "SysWOW64" folders inside the Windows directory. The strange filename and location -- which seems designed to closely match those of actual Windows system files -- made some Reddit users suspicious, especially given FlightSimLabs history of undisclosed installations. FlightSimLabs responded on Facebook last Thursday by saying that the files came from third-party e-commerce service eSellerate and were designed to "reduce the number of product activation issues people were having." This system has been acknowledged in the FlightSimLabs forums in the past, and it apparently passes all major antivirus checks.

The "controversy" over these files might well have died down after that response. But then FlightSimLabs' Simon Kelsey sent a message to the moderators of the flightsim subreddit, gently reminding them of "Reddit's obligation as a publisher... to ensure that any libelous content is taken down as soon as you become aware of it." While ostensibly welcoming "robust fair comment and opinion," the message also warns that "ANY suggestion that our current or future products pose any threat to users is absolutely false and libelous." That warning extends to the company's previous password-extractor controversy, with Kelsey writing, "ANY suggestion that any user's data was compromised during the events of February is entirely false and therefore libelous." "I would hate for lawyers to have to get involved in this, and I trust that you will take appropriate steps to ensure that no such libel is posted," Kelsey concludes. A follow-up message from Kelsey reiterated the same points and noted that FlightSimLabs has reported specific comments and demanded they be removed as libelous.

Businesses

Appliance Companies Are Lobbying To Protect Their DRM-Fueled Repair Monopolies (vice.com) 143

Electronics companies Dyson, LG, and Wahl are fighting right-to-repair legislation, Motherboard reported Wednesday, citing letters it has obtained. From a report: The manufacturers of your appliances do not want you to be able to fix them yourself. Last week, at least three major appliance manufacturers -- Dyson, LG, and Wahl -- sent letters to Illinois lawmakers opposing "fair repair" legislation in that state. The letters were written with the help of a trade group called the Association of Home Appliance Manufacturers (AHAM). All three letters are similar but include slightly different wording and examples in parts. The letters ask lawmakers to "withdraw" a bill that would protect and expand the ability for consumers and independent repair professionals to repair everything from iPhones to robot vacuums, electric shavers, toasters, and tractors. Here are links to the Wahl, Dyson, and LG letters.
Security

Ask Slashdot: Do We Need a New Word For Hacking? 196

goombah99 writes: Hacking and Hackers get a bum rap. Headline scream "Every Nitendo switch can be hacked." But that's good right? Just like farmers hacking their tractors or someone re-purposing a talking teddy bear. On the other hand, remote hacking a Intel processor backdoor or looting medical data base, that are also described as hacking, are ill-motivated. It seems like we need words with different connotations for hacking. One for things you should definitely do, like program an Arduino or teddy bear. One for things that are pernicious. And finally one for things that are disputably good/bad such as hacking DRM protected appliances you own. What viral sounds terms and their nuances would you suggest? Editor's note: We suggest reading this New Yorker piece "A Short History of 'Hack'", and watching this Defcon talk by veteran journalist Steven Levy on the creativeness and chutzpah of the early hackers.
DRM

Ask Slashdot: What Would Happen If Everything On the Internet Was DRM Protected? 190

dryriver writes: The whole Digital Rights Management (DRM) train started with music and films, spread horribly to computer and console games (Steam, Origin), turned a lot of computer software you could once buy-and-use into DRM-locked Software As A Service or Cloud Computing products (Adobe, Autodesk, MS Office 365 for example) that are impossible to use without an active Internet connection and account registration on a cloud service somewhere. Recently the World Wide Web Consortium (W3C) appears to have paved the way for DRM to find its way into the world of Internet content in various forms as well. Here's the question: What would happen to the Internet as we know it if just about everything on a website -- text, images, audio, video, scripts, games, PDF documents, downloadable files and data, you name it -- had DRM protection and DRM usage-limitations hooked into it by default?

Imagine trying to save a JPEG image you see on a website to your harddisk, and not only does every single one of your web browsers refuse the request, but your OS's screen-capture function won't let you take a snapshot of that JPEG image either. Imagine trying to copy-and-paste some text from a news article somewhere into a Slashdot submission box, and having browser DRM tell you 'Sorry! The author, copyright holder or publisher of this text does not allow it to be quoted or re-published anywhere other than where it was originally published!'. And then there is the (micro-)payments aspect of DRM. What if the DRM-fest that the future Internet may become 5 to 10 years from now requires you to make payments to a copyright holder for quoting, excerpting or re-publishing anything of theirs on your own webpage? Lets say for example that you found some cool behind-the-scenes-video of how Spiderman 8 was filmed, and you want to put that on your Internet blog. Except that this video is DRM'd, and requires you to pay 0.1 Cent each time someone watches the video on your blog. Or you want to use a short excerpt from a new scifi book on your blog, and the same thing happens -- you need to pay to re-publish even 4 paragraphs of the book. What then?
Graphics

A New Era For Linux's Low-level Graphics (collabora.com) 61

Slashdot reader mfilion writes: Over the past couple of years, Linux's low-level graphics infrastructure has undergone a quiet revolution. Since experimental core support for the atomic modesetting framework landed a couple of years ago, the DRM subsystem in the kernel has seen roughly 300,000 lines of code changed and 300,000 new lines added, when the new AMD driver (~2.5m lines) is excluded. Lately Weston has undergone the same revolution, albeit on a much smaller scale. Here, Daniel Stone, Graphics Lead at Collabora, puts the spotlight on the latest enhancements to Linux's low-level graphics infrastructure, including Atomic modesetting, Weston 4.0, and buffer modifiers.
Books

Project Gutenberg Blocks German Users After Outrageous Court Ruling (teleread.org) 265

Slashdot reader David Rothman writes: The oldest public domain publisher in the world, Project Gutenberg, has blocked German users after an outrageous legal ruling saying this American nonprofit must obey German copyright law... Imagine the technical issues for fragile, cash-strapped public domain organizations -- worrying not only about updated databases covering all the world's countries, but also applying the results to distribution. TeleRead carries two views on the German case involving a Holtzbrinck subsidiary...

Significantly, older books provide just a tiny fraction of the revenue of megaconglomerates like Holtzbrinck but are essential to students of literature and indeed to students in general. What's more, as illustrated by the Sonny Bono Copyright Term Extension Act in the U.S., copyright law in most countries tends to reflect the wishes and power of lobbyists more than it does the commonweal. Ideally the travails of Project Gutenberg will encourage tech companies, students, teachers, librarians and others to step up their efforts against oppressive copyright laws. While writers and publishers deserve fair compensation, let's focus more on the needs of living creators and less on the estates of authors dead for many decades. The three authors involved in the German case are Heinrich Mann (died in 1950), Thomas Mann (1955) and Alfred Döblin (1957).

One solution in the U.S. and elsewhere for modern creators would be national library endowments... Meanwhile, it would be very fitting for Google and other deep-pocketed corporations with an interest in a global Internet and more balanced copyright to help Gutenberg finance its battle. Law schools, other academics, educators and librarians should also offer assistance.

DRM

Pirates Crack Microsoft's UWP Protection, Five Layers of DRM Defeated (torrentfreak.com) 138

A piracy scene group has managed to get past the five layers of DRM in Microsoft's Unified Windows Platform UWP -- which enables software developers to create applications that can run across many devices. From a report: This week it became clear that the UWP system, previously believed to be uncrackable, had fallen to pirates. After being released on October 31, 2017, the somewhat underwhelming Zoo Tycoon Ultimate Animal Collection became the first victim at the hands of popular scene group, CODEX. "This is the first scene release of a UWP (Universal Windows Platform) game. Therefore we would like to point out that it will of course only work on Windows 10. This particular game requires Windows 10 version 1607 or newer," the group said in its release notes. CODEX says it's important that the game isn't allowed to communicate with the Internet so the group advises users to block the game's executable in their firewall.
DRM

Blizzard Issues DMCA Notice to a Fan-Run 'WoW' Legacy Server (torrentfreak.com) 308

An anonymous reader calls it "the never-ending stupidity of copyright wars." TorrentFreak reports: Blizzard Entertainment is taking a stand against a popular World of Warcraft legacy server. The fan-operated project allows gamers to experience how the game was played over a decade ago and to revive old battles... In recent years the project has captured the hearts of tens of thousands of die-hard WoW fans. At the time of writing, the most popular realm has more than 6,000 people playing from all over the world... Blizzard, however, sees this as copyright infringement and has asked GitHub to pull the site's code offline.
The article notes the DMCA notice came "just weeks after several organizations and gaming fans asked the US Copyright Office to make a DMCA circumvention exemption for 'abandoned' games."
Books

'Science Fiction Writers of America' Accuse Internet Archive of Piracy (sfwa.org) 119

An anonymous reader writes: The "Open Library" project of the nonprofit Internet Archive has been scanning books and offering "loans" of DRM-protected versions for e-readers (which expire after the loan period expires). This week the Legal Affairs Committe of the Science Fiction Writers of America issued a new "Infringement Alert" on the practice, complaining that "an unreadable copy of the book is saved on users' devices...and can be made readable by stripping DRM protection."

The objection, argues SFWA President Cat Rambo, is that "writers' work is being scanned in and put up for access without notifying them... it is up to the individual writer whether or not their work should be made available in this way." But the infringement alert takes the criticism even further. "We suspect that this is the world's largest ongoing project of unremunerated digital distribution of entire in-copyright books."

The Digital Reader blog points out one great irony. "The program initially launched in 2007. It has been running for ten years, and the SFWA only just now noticed." They add that SFWA's tardiness "leaves critical legal issues unresolved."

"Remember, Google won the Google Books case, and had its scanning activities legalized as fair use ex post facto... [I]n fact the Internet Archive has a stronger case than Google did; the latter had a commercial interest in its scans, while the Internet Archive is a non-profit out to serve the public good."
DRM

Filmmakers Want The Right To Break DRM and Rip Blu-Rays (torrentfreak.com) 107

An anonymous reader shares a report: Breaking DRM or ripping Blu-Rays discs is a crime In the United States. While there are fair use exemptions, these don't apply to the public at large. Interestingly, filmmakers themselves are now urging the Copyright Office to lift some of the current restrictions, so that they can make the films they want. [...] Technically speaking it's not hard to rip a DVD or Blu-Ray disc nowadays, and the same is true for ripping content from Netflix or YouTube. However, people who do this are breaking the law. The DMCA's anti-circumvention provisions specifically forbid it. There are some exemptions, for educational use for example, and to allow for other types of fair use, but the line between legal and illegal is not always clear. Interestingly, filmmakers are not happy with the current law either. They often want to use small pieces of other videos in their films, but under the current exemptions, this is only permitted for documentaries. The International Documentary Association, Kartemquin Films, Independent Filmmaker Project, University of Film and Video Association and several other organizations hope this will change. In a comment to the Copyright Office, which is currently considering updates to the exemptions, they argue that all filmmakers should be allowed by break DRM and rip Blu-Rays. According to the filmmakers, the documentary genre is vaguely defined. This leads to a lot of confusion whether or not the exemptions apply. They, therefore, suggest to apply it to all filmmakers, instead of criminalizing those who don't identify themselves as documentarians.
DRM

DMCA Exemption Sought to Save 'Abandoned' Online Games (techspot.com) 59

An anonymous reader quotes TechSpot: Every three years the US Copyright Office reviews and renews the DMCA's anti-circumvention provisions at which time it considers exemptions to the law. It is currently looking at a proposal for allowing museums, libraries and archives to circumvent the DRM on abandoned online games such as FIFA World Cup, Nascar and The Sims.

The proposal was initiated by The Museum of Art and Digital Entertainment (The MADE). The Made is a 501c3 non-profit organization with a physical museum located in Oakland, California. The gallery "is the only all-playable video game museum in the world, [and] houses over 5,300 playable games." The Made is concerned that certain multiplayer and single-player games that require a server to run will be lost if exemptions are not made to the DMCA. It is not looking to circumvent current games but instead is looking to preserve titles that have already been shut down by the producer -- City of Heroes (and Villains) would be a good example.

"Although the Current Exemption does not cover it, preservation of online video games is now critical," a Made representative wrote to the Copyright Office. "Online games have become ubiquitous and are only growing in popularity. For example, an estimated fifty-three percent of gamers play multiplayer games at least once a week, and spend, on average, six hours a week playing with others online." The number of abandoned games is not insignificant, either. According to the Electronic Arts "Online Services Shutdown" list, more than 300 titles and servers dropped out of service just in the last four years. These games are not played anymore because they require an active server.

DRM

Why Linux HDCP Isn't the End of the World (collabora.com) 136

"There is no reason for the open-source community to worry..." writes Daniel Stone, who heads the graphics team at open-source consultancy Collabora. mfilion quotes Collabora.com: Recently, Sean Paul from Google's ChromeOS team, submitted a patch series to enable HDCP support for the Intel display driver. HDCP is used to encrypt content over HDMI and DisplayPort links, which can only be decoded by trusted devices... However, if you already run your own code on a free device, HDCP is an irrelevance and does not reduce freedom in any way....

HDCP support is implemented almost entirely in the hardware. Rather than adding a mandatory encryption layer for content, the HDCP kernel support is dormant unless userspace explicitly requests an encrypted link. It then attempts to enable encryption in the hardware and informs userspace of the result. So there's the first out: if you don't want to use HDCP, then don't enable it! The kernel doesn't force anything on an unwilling userspace.... HDCP is only downstream facing: it allows your computer to trust that the device it has been plugged into is trusted by the HDCP certification authority, and nothing more. It does not reduce user freedom, or impose any additional limitations on device usage.

Firefox

Firefox 57 Brings Better Sandboxing on Linux (bleepingcomputer.com) 124

Catalin Cimpanu, writing for BleepingComputer: Firefox 57, set to be released tomorrow, will ship with improvements to the browser's sandbox security feature for Linux users. The Firefox sandboxing feature isolates the browser from the operating system in a way to prevent web attacks from using a vulnerability in the browser engine and its legitimate functions to attack the underlying operating system, place malware on the filesystem, or steal local files. Chrome has always run inside a sandbox. Initially, Firefox ran only a few plugins inside a sandbox -- such as Flash, DRM, and other multimedia encoding plugins.
Google

Google Working To Remove MINIX-Based ME From Intel Platforms (tomshardware.com) 181

An anonymous reader quotes a report from Tom's Hardware: Intel's Management Engine (ME) technology is built into almost all modern Intel CPUs. At the Embedded Linux Conference, a Google engineer named Ronald Minnich revealed that the ME is actually running its own entire MINIX OS and that Google is working on removing it. Due to MINIX's presence on every Intel system, the barebones Unix-like OS is the most widely deployed operating system in the world. Intel's ME technology is a hardware-level system within Intel CPUs that consists of closed-source firmware running on a dedicated microprocessor. There isn't much public knowledge of the workings of the ME, especially in its current state. It's not even clear where the hardware is physically located anymore.

What's concerning Google is the complexity of the ME. Public interest in the subject piqued earlier this year when a vulnerability was discovered in Intel's Active Management Technology (AMT), but that's just a software that runs on ME--ME is actually an entire OS. Minnich's presentation touched on his team's discovery that the OS in question is a closed version of the open-source MINIX OS. The real focus, though, is what's in it and the consequences. According the Minnich, that list includes web server capabilities, a file system, drivers for disk and USB access, and, possibly, some hardware DRM-related capabilities. It's not known if all this code is explicitly included for current or future ME capabilities, or if it's because Intel simply saw more potential value in keeping rather than removing it.

Intel

MINIX: Intel's Hidden In-chip Operating System (zdnet.com) 271

Steven J. Vaughan-Nichols, writing for ZDNet: Matthew Garrett, the well-known Linux and security developer who works for Google, explained recently that, "Intel chipsets for some years have included a Management Engine [ME], a small microprocessor that runs independently of the main CPU and operating system. Various pieces of software run on the ME, ranging from code to handle media DRM to an implementation of a TPM. AMT [Active Management Technology] is another piece of software running on the ME." [...] At a presentation at Embedded Linux Conference Europe, Ronald Minnich, a Google software engineer reported that systems using Intel chips that have AMT, are running MINIX. So, what's it doing in Intel chips? A lot. These processors are running a closed-source variation of the open-source MINIX 3. We don't know exactly what version or how it's been modified since we don't have the source code. In addition, thanks to Minnich and his fellow researchers' work, MINIX is running on three separate x86 cores on modern chips. There, it's running: TCP/IP networking stacks (4 and 6), file systems, drivers (disk, net, USB, mouse), web servers. MINIX also has access to your passwords. It can also reimage your computer's firmware even if it's powered off. Let me repeat that. If your computer is "off" but still plugged in, MINIX can still potentially change your computer's fundamental settings. And, for even more fun, it "can implement self-modifying code that can persist across power cycles." So, if an exploit happens here, even if you unplug your server in one last desperate attempt to save it, the attack will still be there waiting for you when you plug it back in. How? MINIX can do all this because it runs at a fundamentally lower level. [...] According to Minnich, "there are big giant holes that people can drive exploits through." He continued, "Are you scared yet? If you're not scared yet, maybe I didn't explain it very well, because I sure am scared." Also read: Andrew S. Tanenbaum's (a professor of Computer Science at Vrije Universiteit) open letter to Intel.
Printer

MakerBot Launches New 'MakerBot Labs' Platform (hackaday.com) 42

"MakerBot just announced a new Open Source initiative called 'MakerBot Labs'," writes Slashdot reader szczys. "It is a small move, centering around some new APIs and a new extruder which is listed as experimental and not covered by their normal warranty. Largely they missed the mark on making a meaningful move toward openness, but with a new CEO at the helm as of January this could be the first change of the rudder in a larger effort to turn the ship around."

Makerbot's history is "an example of how you absolutely should not operate an open source company," argues Hackaday, saying it's left them skeptical of Makerbot's latest move: It reads like a company making a last ditch effort to win back the users they were so sure they didn't need just a few years ago... The wheels of progress turn slowly in any large organization, and perhaps doubly so in one that has gone through so much turmoil in a relatively short amount of time. It could be that it's taken Goshen these last nine months to start crafting a plan to get MakerBot back into the community's good graces.
From MakerBot's press release: "After setting high industry standards for what makes a quality and reliable 3D printing experience, we're introducing this new, more open platform as a direct response to our advanced users calling for greater freedom with materials and software."
DRM

Denuvo's DRM Now Being Cracked Within Hours of Release (arstechnica.com) 113

Denuvo, an anti-tamper technology and digital rights management scheme, isn't doing a very good job preventing PC games from being copied. According to Ars Technica, Denuvo releases are being publicly cracked within a day of their launch. From the report: This week's release of South Park: The Fractured but Whole is the latest to see its protections broken less than 24 hours after its release, but it's not alone. Middle Earth: Shadow of War was broken within a day last week, and last month saw cracks for Total War: Warhammer 2 and FIFA 18 the very same day as their public release. Then there's The Evil Within 2, which reportedly used Denuvo in prerelease review copies but then launched without that protection last week, effectively ceding the game to immediate potential piracy. Those nearly instant Denuvo cracks follow summer releases like Sonic Mania, Tekken 7, and Prey, all of which saw DRM protection cracked within four to nine days of release. But even that small difference in the "uncracked" protection window can be important for game publishers, who usually see a large proportion of their legitimate sales in those first few days of availability. The presence of an easy-to-find cracked version in that launch window (or lack thereof) could have a significant effect on the initial sales momentum for a big release. If Denuvo can no longer provide even a single full day of protection from cracks, though, that protection is going to look a lot less valuable to publishers.
DRM

Hollywood's International War on Kodi Plugins And Video-Streaming Boxes (eff.org) 57

An anonymous reader quotes the EFF: In the past few years, the sale of pre-configured Kodi boxes, and the availability of a range of plugins providing access to streaming media, has seen the software's popularity balloon -- and made it the latest target of Hollywood's copyright enforcement juggernaut. We've seen this in the appearance of streaming media boxes as an enforcement priority in the U.S. Trade Representative's Special 301 Report, in proposals for new legislation targeting the sale of "illicit" media boxes, and in lawsuits that have been brought on both sides of the Atlantic to address the "problem" that media boxes running Kodi, like any Web browser, can be used to access media streams that were not authorized by the copyright holder...

The difficulty facing the titans of TV is that since neither those who sell Kodi boxes, nor those who write or host add-ons for the software, are engaging in any unauthorized copying by doing so, cases targeting these parties have to rely on other legal theories. So far several legal theories have been used; one in Europe against sellers of Kodi boxes, one in Canada against the owner of the popular Kodi add-on repository TVAddons, and two in the United States against TVAddons and a plugin developer... These lawsuits by big TV incumbents seem to have a few goals: to expand the scope of secondary copyright infringement yet again, to force major Kodi add-on distributors off of the Internet, and to smear and discourage open source, freely configurable media players by focusing on the few bad actors in that ecosystem.

The EFF details the specific lawsuits in each region, and concludes that their courts "should reject these expansions of copyright liability, and TV networks should not target neutral platforms and technologies for abusive lawsuits."

Slashdot Top Deals