|Google memo Reveals plans to track search users in China|
|By Thom Holwerda on 2018-09-21 18:28:09|
Google bosses have forced employees to delete a confidential memo circulating inside the company that revealed explosive details about a plan to launch a censored search engine in China, The Intercept has learned.
The memo, authored by a Google engineer who was asked to work on the project, disclosed that the search system, code-named Dragonfly, would require users to log in to perform searches, track their location - and share the resulting history with a Chinese partner who would have "unilateral access" to the data.
These are the requirements set forth by the Chinese government that you must fulfil in order to do business of this kind in China. It's the same reason why Apple handed over all of its iCloud data to a company owned and run by the Chinese government - if you want to make money in China, you have to play by their rules. It just goes to show that while these companies make romp and stomp about caring about the privacy of western users, said care goes right out the window if it means they can make more money. Your privacy does not matter - only money matters.
And yes, they will do the same thing here in the west the moment it's financially advantagous for them to do so.
|Apple File System reference|
|By Thom Holwerda on 2018-09-21 17:58:10|
Some more light reading, right in time for the weekend - the 147 pages long reference to AFS.
Apple File System is the default file format used on Apple platforms. Apple File System is the successor to HFS Plus, so some aspects of its design intentionally follow HFS Plus to enable data migration from HFS Plus to Apple File System. Other aspects of its design address limitations with HFS Plus and enable features such as cloning files, snapshots, encryption, and sharing free space between volumes. Most apps interact with the file system using high-level interfaces provided by Foundation, which means most developers don't need to read this document. This document is for developers of software that interacts with the file system directly, without using any frameworks or the operating system - for example, a disk recovery utility or an implementation of Apple File System on another platform. The on-disk data structures described in this document make up the file system; software that interacts with them defines corresponding in-memory data structures.
This document could prove quite useful to developers who might wish to add AFS compatibility to for instance Linux.
|FreeBSD desktop: pause any application|
|By Thom Holwerda on 2018-09-20 23:36:09|
After using UNIX for so many years I knew that I could freeze (or pause) any process in the system with kill -17 (SIGSTOP) signal and then unfreeze it with with kill -19 (SIGCONT) signal as I described in the Process Management section of the Ghost in the Shell - Part 2 article. Doing it that way for the desktop applications is PITA to say the least. Can you imagine opening xterm terminal and searching for all Chromium or Firefox processes and then freezing them one by one every time you need it? Me neither.
Fortunately with introduction of so called X11 helper utilities - like xdotool(1) - it is now possible to implement it in more usable manner.
Today I will show you how to freeze any X11 application with single keyboard shortcut or mouse gesture if you utilize them in any way with small simple script.
Handy little trick. The entire series of articles by the same author about FreeBSD on the desktop are interesting and informative reads.
|GeForce RTX 2080 Ti and RTX 2080 FE review|
|By Thom Holwerda on 2018-09-20 23:31:50|
AnandTech benchmarked the new RTX graphics cards, and concludes:
So where does that leave things? For traditional performance, both RTX cards line up with current NVIDIA offerings, giving a straightforward point-of-reference for gamers. The observed performance delta between the RTX 2080 Founders Edition and GTX 1080 Ti Founders Edition is at a level achievable by the Titan Xp or overclocked custom GTX 1080 Ti’s. Meanwhile, NVIDIA mentioned that the RTX 2080 Ti should be equal to or faster than the Titan V, and while we currently do not have the card on hand to confirm this, the performance difference from when we did review that card is in-line with NVIDIA's statements.
The easier takeaway is that these cards would not be a good buy for GTX 1080 Ti owners, as the RTX 2080 would be a sidegrade and the RTX 2080 Ti would be offering 37% more performance for $1200, a performance difference akin upgrading to a GTX 1080 Ti from a GTX 1080. For prospective buyers in general, it largely depends on how long the GTX 1080 Ti will be on shelves, because as it stands, the RTX 2080 is around $90 more expensive and less likely to be in stock. Looking to the RTX 2080 Ti, diminishing returns start to kick in, where paying 43% or 50% more gets you 27-28% more performance.
Neither of the two new RTX cards seem to be particularly smart purchases at this point - the 2080 barely performs any better than a 1080 Ti, and while the 2080 Ti does offer a decent performance improvement over the 1080 Ti, it's also $1200. You might want to wait to see if NVIDIA's raytracing efforts pay off and gets adopted in video games, and if said raytracing features don't suck too much performance.
|Ubuntu Desktop images available in Hyper-V gallery|
|By Thom Holwerda on 2018-09-20 21:23:23|
Today we're very pleased to announce that an optimised Ubuntu Desktop image is available from the Hyper-V gallery. This will give an optimum experience when running Ubuntu Desktop as a guest on a Windows 10 Pro desktop host. From the Ubuntu Report data we know that a lot of people are using Ubuntu as a virtual machine, and so we want to make that experience as seamless as possible.
This is probably the most seamless way to run an Ubuntu virtual machine on Windows.
|Google creates new governance model for AMP|
|By Thom Holwerda on 2018-09-20 21:19:55|
The power to make significant decisions in the AMP Project will move from a single Tech Lead to a Technical Steering Committee (TSC) which includes representatives from companies that have committed resources to building AMP, with the end goal of not having any company sit on more than a third of the seats.
Google is moving the AMP project to a new, more open governance model, which should address some of the valid concerns people have over the project's Google-centric nature. Google is further exploring creating a separate foundation for AMP, to further solidify the independent nature of AMP. Meanwhile, Microsoft is also adopting AMP by redirecting Bing search results to AMP pages.
|By Thom Holwerda on 2018-09-19 22:08:51|
This work concerns a dissection of QNX's proprietary, real-time operating system aimed at the embedded market. QNX is used in many sensitive and critical devices in different industry verticals and while some prior security research has discussed QNX, mainly as a byproduct of BlackBerry mobile research, there is no prior work on QNX exploit mitigations and secure random number generators. In this work, carried out as part of the master's thesis of the first author, we present the first reverse-engineering and analysis of the exploit mitigations, secure random number generators and memory management internals of QNX versions up to and including QNX 6.6 and the brand new 64-bit QNX 7.0 released in March 2017. We uncover a variety of design issues and vulnerabilities which have significant implications for the exploitability of memory corruption vulnerabilities on QNX as well as the strength of its cryptographic ecosystem.
This scientific article is not for people with short attention spans.
|LLVM 7.0.0 released|
|By Thom Holwerda on 2018-09-19 22:04:44|
The release contains the work on trunk up to SVN revision 338536 plus work on the release branch. It is the result of the community's work over the past six months, including: function multiversioning in Clang with the 'target' attribute for ELF-based x86/x86_64 targets, improved PCH support in clang-cl, preliminary DWARF v5 support, basic support for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer support for OpenBSD, UBSan checks for implicit conversions, many long-tail compatibility issues fixed in lld which is now production ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and diagtool. And as usual, many optimizations, improved diagnostics, and bug fixes.
The release notes have all the details.
|Lenovo: Companies working in China install local backdoors|
|By Thom Holwerda on 2018-09-19 22:01:37|
Does Lenovo put backdoors in if the Chinese government asks?
"If they want backdoors globally? We don't provide them. If they want a backdoor in China, let's just say that every multinational in China does the same thing.
"We comply with local laws. If the local laws say we don't put in backdoors, we don't put in backdoors. And we don't just comply with the laws, we follow the ethics and the spirit of the laws."
This shouldn't surprise anyone, really. At this point, it's pretty safe to assume that any major technology company selling products in China are putting backdoors into their products sold in China. Microsoft, Apple, phone makers - China is simply too powerful and important to ignore.
|Google China prototype links searches to phone numbers|
|By Thom Holwerda on 2018-09-18 22:38:16|
Google built a prototype of a censored search engine for China that links users' searches to their personal phone numbers, thus making it easier for the Chinese government to monitor people's queries, The Intercept can reveal.
The search engine, codenamed Dragonfly, was designed for Android devices, and would remove content deemed sensitive by China's ruling Communist Party regime, such as information about political dissidents, free speech, democracy, human rights, and peaceful protest.
Don't be evil.
|Read some older news|