[slashdot.org] The Environmental Cost of Internet Porn
An anonymous reader shares a report (condensed for space): Online streaming is a win for the environment. Streaming music eliminates all that physical material -- CDs, jewel cases, cellophane, shipping boxes, fuel -- and can reduce carbon-dioxide emissions by 40 percent or more. Scientists who analyze the environmental impact of the internet tout the benefits of this "dematerialization," observing that energy use and carbon-dioxide emissions will drop as media increasingly can be delivered over the internet. But this theory might have a major exception: porn. Since the turn of the century, the pornography industry has experienced two intense hikes in popularity. In the early 2000s, broadband enabled higher download speeds. Then, in 2008, the advent of so-called tube sites allowed users to watch clips for free, like people watch videos on YouTube. Adam Grayson, the chief financial officer of the adult company Evil Angel, calls the latter hike "the great mushroom-cloud porn explosion of 2008." Precise numbers don't exist to quantify specifics, but the impression across the industry is that viewership is way, way up. Pornhub, the world's most popular porn site, provides some of the only accessible data on its yearly web-traffic report. The first Year In Review post in 2013 tabulated that 14.7 billion people visited the site. By 2016, the number of visitors had almost doubled, to 23 billion, and those visitors watched more than 4.59 billion hours of porn. And Pornhub is just one site. Using a formula that Netflix published on its blog in 2015, Nathan Ensmenger, a professor at Indiana University who is writing a book about the environmental history of the computer, calculates that if Pornhub streams video as efficiently as Netflix (0.0013 kWh per streaming hour), it used 5.967 million kWh in 2016. For comparison, that's about the same amount of energy 11,000 light bulbs would use if left on for a year. And operating with Netflix's efficiency would be a best-case scenario for the porn site, Ensmenger believes.

Read more of this story at Slashdot.

[slashdot.org] Maker of Sneaky Mac Adware Sends Security Researcher Cease-and-Desist Letters
Zack Whittaker, writing for ZDNet: The maker of a sneaky adware that hijacks a user's browser to serve ads is back with a new, more advanced version -- one that can gain root privileges and spy on the user's activities. News of the updated adware dropped Tuesday in a lengthy write-up by Amit Serper, principal security researcher at Cybereason. The adware, dubbed OSX.Pirrit, is still highly active, infecting tens of thousands of Macs, according to Serper, who has tracked the malware and its different versions for over a year. Serper's detailed write-up is well worth the read. [...] TargetingEdge sent cease-and-desist letters to try to prevent Serper from publishing his research. "We've received several letters over the past two weeks," Serper told ZDNet. "We decided to publish anyway because we're sick of shady 'adware' companies and their threats."

Read more of this story at Slashdot.

[slashdot.org] Universities Spend Millions on Accessing Results of Publicly Funded Research
Mark C. Wilson, a senior lecturer at Department of Computer Science, University of Auckland, writing for The Conversation: University research is generally funded from the public purse. The results, however, are published in peer-reviewed academic journals, many of which charge subscription fees. I had to use freedom of information laws to determine how much universities in New Zealand spend on journal subscriptions to give researchers and students access to the latest research -- and I found they paid almost US$15 million last year to just four publishers. There are additional costs, too. Paywalls on research hold up scientific progress and limit the publicâ(TM)s access to the latest information.

Read more of this story at Slashdot.

[slashdot.org] Someone Used Wet String To Get a Broadband Connection
dmoberhaus shares a Motherboard report: A UK techie with a sense of humor may have found an alternative to expensive corporate broadband cables: some wet string. It's an old joke among network technicians that it's possible to get a broadband connection with anything, even if it's just two cans connected with some wet string. As detailed in a blog post by Adrian Kennard, who runs an ISP called Andrews & Arnold in the UK, one of his colleagues took the joke literally and actually established a broadband connection using some wet string. Broadband is a catch-all term for high speed internet access, but there are many different kinds of broadband internet connections. For example, there are fiber optic connections that route data using light and satellite connections, but one of the most common types is called an asymmetric digital subscriber line (ADSL), which connects your computer to the internet using a phone line. Usually, broadband connections rely on wires made of a conductive substances like copper. In the case of the Andrews & Arnold technician, however, they used about 6 feet of twine soaked in salt water (better conductivity than fresh water) that was connected to alligator clips to establish the connection. According to the BBC, this worked because the connection "is not really about the flow of current." Instead, the string is acting as a guide for an electromagnetic wave -- the broadband signal carrying the data -- and the medium for a waveguide isn't so important.

Read more of this story at Slashdot.

[slashdot.org] Mirai IoT Botnet Co-Authors Plead Guilty
Three hackers responsible for creating the massive Mirai botnet that knocked large swathes of the internet offline last year have pleaded guilty. Brian Krebs reports: The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men (Editor's note: three men) first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called "Internet of Things" devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site). Entering guilty pleas for their roles in developing and using Mirai are 21-year-old Paras Jha from Fanwood, N.J. and Josiah White, 20, from Washington, Pennsylvania. Jha and White were co-founders of Protraf Solutions LLC, a company that specialized in mitigating large-scale DDoS attacks. Like firemen getting paid to put out the fires they started, Jha and White would target organizations with DDoS attacks and then either extort them for money to call off the attacks, or try to sell those companies services they claimed could uniquely help fend off the attacks. Editor's note: The story was updated to note that three men have pleaded guilty. -- not two as described in some reports.

Read more of this story at Slashdot.

[lwn.net] [$] An overview of KubeCon + CloudNativeCon

The CloudNative Computing Foundation (CNCF) held its conference,KubeCon + CloudNativeCon, in December 2017. There were 4000 attendees at this gathering in Austin, Texas,more than all the previous KubeCons before, which shows the rapid growth of thecommunity building around the tool that was announced by Google in2014. Large corporations are also taking a larger part in the community, with major players in the industry joining the CNCF, which is a project of the Linux Foundation. The CNCF now features three of the largest cloudhosting businesses (Amazon, Google, and Microsoft), but also emergingcompanies from Asia like Baidu and Alibaba.

[linuxtoday.com] Kubernetes on AWS Leads CNCF Cloud Native Survey

 itprotoday: By this time next year Amazon will be competing with itself as far as Kubernetes on AWS goes.

[linuxtoday.com] How To Install Git on CentOS 7

Git is a distributed version control system, which you can use to track the code changes (versions) while developing software.

[slashdot.org] Uber's Massive Scraping Program Collected Data About Competitors Around The World
Kate Conger, reporting for Gizmodo: For years, Uber systemically scraped data from competing ride-hailing companies all over the world, harvesting information about their technology, drivers, and executives. Uber gathered information from these firms using automated collection systems that ran constantly, amassing millions of records, and sometimes conducted physical surveillance to complement its data collection. Uber's scraping efforts were spearheaded by the company's Marketplace Analytics team, while the Strategic Services Group gathered information for security purposes, Gizmodo learned from three people familiar with the operations of these teams, from court testimony, and from internal Uber documents. Until Uber's data scraping was discontinued this September in the face of mounting litigation and multiple federal investigations, Marketplace Analytics gathered information on Uber's overseas competitors in an attempt to advance Uber's position in those markets. SSG's mission was to protect employees, executives, and drivers from violence, which sometimes involved tracking protesters and other groups that were considered threatening to Uber. An Uber spokesperson declined to comment for this story.

Read more of this story at Slashdot.

[slashdot.org] Old Crypto Vulnerability Hits Major Tech Firms
wiredmikey writes: A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world's top websites. The attack/exploit method against a Transport Layer Security (TLS) vulnerability now has a name, a logo and a website. It has been dubbed ROBOT (Return Of Bleichenbacher's Oracle Threat) and, as the name suggests, it's related to an attack method discovered by Daniel Bleichenbacher back in 1998. ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain conditions. While proof-of-concept (PoC) code will only be made available after affected organizations have had a chance to patch their systems, the researchers have published some additional details. Researchers have made available an online tool that can be used to test public HTTPS servers. An analysis showed that at least 27 of the top 100 Alexa websites, including Facebook and PayPal, were affected.

Read more of this story at Slashdot.

[linux.com] Leveraging NFV and SDN for Network Slicing

Network slicing is poised to play a pivotal role in the enablement of 5G. The technology allows operators to run multiple virtual networks on top of a single, physical infrastructure. With 5G commercialization set for 2020, many are wondering to what extend network functions virtualization (NFV) and software-defined networking (SDN) can help move network slicing forward.

Virtualized infrastructure

[linuxtoday.com] Personal Backups with Duplicati on Linux

HowToForge: This tutorial is for performing personal backups to local USB hard drives, having encryption, deduplication and compression.

[slashdot.org] Almost 45 Million Tons of E-waste Discarded Last Year
A new study claims 44.7 million metric tons (49.3 million tons) of TV sets, refrigerators, cellphones and other electrical good were discarded last year, with only a fifth recycled to recover the valuable raw materials inside. From a report: The U.N.-backed study published Wednesday calculates that the amount of e-waste thrown away in 2016 included a million tons of chargers alone. The U.S. accounted for 6.3 million metric tons, partly due to the fact that the American market for heavy goods is saturated. The original study can be found here (PDF; Google Drive link).

Read more of this story at Slashdot.

[slashdot.org] Russia-Linked Accounts Were Active on Facebook Ahead of Brexit
The Russia-linked troll farm that used Facebook to target Americans during last year's election was also active in the UK ahead of the Brexit vote (Editor's note: the link may be paywalled; alternative source), the social media company has admitted. From a report: In a letter to the Electoral Commission, Facebook said accounts associated with the Internet Research Agency spent $0.97 for three ads in the days before the EU referendum. These ads appeared on approximately 200 news feeds in the UK before the country voted to leave the EU last year. For months the social media company has sidestepped questions from MPs and journalists about Russian interference through its platform in the UK. The concerns were fuelled by revelations this summer that Facebook had been weaponised by Russian entities before the election of US President Donald Trump. France and Germany have said their elections were also targeted. "We strongly support the Commission's efforts to regulate and enforce political campaign finance rules in the United Kingdom, and we take the Commission's request very seriously," Facebook said in the letter.

Read more of this story at Slashdot.

[lwn.net] Linaro ERP 17.12 released
Linaro has announced the 17.12 release of its "Enterprise ReferencePlatform" distribution. "The goal of the Linaro Enterprise Reference Platform is to provide a fullytested, end to end, documented, open source implementation for ARM basedEnterprise servers. The Reference Platform includes kernel, a communitysupported userspace and additional relevant open source projects, and isvalidated against existing firmware releases."
[linuxtoday.com] How to squeeze the most out of Linux file compression

NetworkWorld: Linux systems offer lots of options for compressing files.

[slashdot.org] Andy Rubin's Essential Phone Considered Anything But
An anonymous reader shares a report: Andy Rubin's ambitions to create a new consumer electronics ecosystem are floundering at base camp. Sales of Essential's phone, which forms a key part of the strategy, are tepid. Google Play reports a mere 50,000 download of Essential's Camera app so far, the Android Police blog notes. This doesn't paint the full picture, but it can be assumed a fairly complete one, barring a few brush strokes. Essential launched in the US with support from Sprint, at a recommended SIM-free retail price of $699. After reported sales of just five thousand in the first month, this was slashed to $499 and could be grabbed for $399 in the post-Thanksgiving sales. As devices from different manufacturers proliferate in the home, Rubin has alluded to "a new operating system so it can speak all those protocols and it can do it securely and privately." But rather than launching a new software platform he's had to launch hardware.

Read more of this story at Slashdot.

[slashdot.org] Net Neutrality Protests Move Online, Yet Big Tech Is Quiet
The New York Times: Protests to preserve net neutrality, or rules that ensure equal access to the internet, migrated online on Tuesday, with numerous online companies posting calls on their sites for action to stop a vote later this week. Reddit, Etsy and Kickstarter were among the sites warning that the proposal at the Federal Communications Commission to roll back so-called net neutrality rules would fundamentally change the way the internet is experienced. Kickstarter, the crowdfunding site, cleared its entire home screen for a sparse white screen reading "Defend Net Neutrality" in large letters. Reddit, the popular online message board, pushed in multiple ways on its site for keeping the rules, including a pop-up box on its home screen. But the online protests also highlighted how the biggest tech companies, such as Facebook and Google, have taken a back seat in the debate about protecting net neutrality (Editor's note: the link may be paywalled; syndicated source), rules that prohibit internet service providers like AT&T and Comcast from blocking or slowing sites or for charging people or companies for faster speeds of particular sites. For the most part, the large tech companies did not engage in the protest on Tuesday. In the past, the companies have played a leading role in supporting the rules.

Read more of this story at Slashdot.

[linux.com] 3 Essential Questions to Ask at Your Next Tech Interview
Title: 
3 Essential Questions to Ask at Your Next Tech Interview
[linux.com] What Open Means to OpenStack

In his keynote at OpenStack Summit in Australia, Jonathan Bryce (Executive Director of the OpenStack Foundation) stressed on the meaning of both “Open” and “Stack” in the name of the project and focused on the importance of collaboration within the OpenStackecosystem.

[linux.com] Many Cloud-Native Hands Try to Make Light Work of Kubernetes

The Cloud Native Computing Foundation, home of the Kubernetes open-source community, grew wildly this year. It welcomed membership from industry giants like Amazon Web Services Inc. and broke attendance records at last week’s KubeCon + CloudNativeCon conference in Austin, Texas. This is all happy news for Kubernetes — the favored platform for orchestrating containers (a virtualized method for running distributed applications).

[linux.com] Asynchronous Decision-Making: Helping Remote Teams Succeed

Asynchronous decision-making is a strategy that enables geographically and culturally distributed software teams to make decisions more efficiently. In this article, I'll discuss some of the principles and tools that make this approach possible.

[linux.com] Juniper Moves OpenContrail to the Linux Foundation

Juniper Networks is moving the codebase for its OpenContrail network virtualization platform to the Linux Foundation.

Juniper first released its Contrail products as open source in 2013 and built a community around the project. However, many stakeholders complained that Juniper didn’t work very hard to build the community, and some called it “faux-pen source.”

[linux.com] Language Bugs Infest Downstream Software, Fuzzer Finds

Developers working in secure development guidelines can still be bitten by upstream bugs in the languages they use. That's the conclusion of research presented last week at Black Hat Europe by IOActive's Fernando Arnaboldi.

[linuxtoday.com] Mining cryptocurrency with Raspberry Pi and Storj

opensource.com: Storj uses a proof-of-retrievability system allowing users "rent out" spare disk space and get paid monthly in Storj coin.

[slashdot.org] No Matter What Happens With Net Neutrality, an Open Internet Isn't Going Anywhere, Says Former FCC Chairman
Michael K. Powell, a former chairman of the Federal Communications Commission, writing for Recode: With an ounce of reflection, one knows that none of this will come to pass, and the imagined doom will join the failed catastrophic predictions of Y2K and massive snow storms that fizzle to mere dustings -- all too common in Washington, D.C. Sadly, rational debate, like Elvis, has left the building. The vibrant and open internet that Americans cherish isn't going anywhere. In the days, weeks and years following this vote, Americans will be merrily shopping online for the holidays, posting pictures on Instagram, vigorously voicing political views on Facebook and asking Alexa the score of the game. Startups and small business will continue to hatch and flourish, and students will be online, studiously taking courses. Time will prove that the FCC did not destroy the internet, and our digital lives will go on just as they have for years. This confidence rests on the fact that ISPs highly value the open internet and the principles of net neutrality, much more than some animated activists would have you think. Why? For one, because it's a better way of making money than a closed internet.

Read more of this story at Slashdot.

[slashdot.org] What Does Artificial Intelligence Actually Mean?
An anonymous reader writes: A new bill (pdf) drafted by senator Maria Cantwell asks the Department of Commerce to establish a committee on artificial intelligence to advise the federal government on how AI should be implemented and regulated. Passing of the bill would trigger a process in which the secretary of commerce would be required to release guidelines for legislation of AI within a year and a half. As with any legislation, the proposed bill defines key terms. In this, we have a look at how the federal government might one day classify artificial intelligence. Here are the five definitions given: A) Any artificial systems that perform tasks under varying and unpredictable circumstances, without significant human oversight, or that can learn from their experience and improve their performance. Such systems may be developed in computer software, physical hardware, or other contexts not yet contemplated. They may solve tasks requiring human-like perception, cognition, planning, learning, communication, or physical action. In general, the more human-like the system within the context of its tasks, the more it can be said to use artificial intelligence.B) Systems that think like humans, such as cognitive architectures and neural networks.C) Systems that act like humans, such as systems that can pass the Turing test or other comparable test via natural language processing, knowledge representation, automated reasoning, and learning.D) A set of techniques, including machine learning, that seek to approximate some cognitive task.E) Systems that act rationally, such as intelligent software agents and embodied robots that achieve goals via perception, planning, reasoning, learning, communicating, decision-making, and acting.

Read more of this story at Slashdot.

[linuxtoday.com] How To Count The Number Of Files And Folders/Directories In Linux

2DayGeek: Set of tricky commands that helps you to count files and folders in Linux.

[linuxtoday.com] Oh My Fish! Make Your Shell Beautiful

ostechnix: Oh My Fish is a Fishshell framework that allows you to install packages which extend or modify the look and feel of your shell.

[slashdot.org] AMD Is Open-Sourcing Their Official Vulkan Linux Driver
An anonymous reader writes: While many of you have likely heard of the "RADV" open-source Vulkan driver, it's been a community-written driver up to this point in the absence of AMD's official, cross-platform Vulkan driver being open-source. That's now changed with AMD now open-sourcing their official Vulkan driver. The code drop is imminent and they are encouraging the use of it for quick support of new AMD hardware, access to the Radeon GPU Profiler, easy integration of AMD Vulkan extensions, and enabling third-party extensions. For now at least it does provide better Vulkan performance than RADV but the RADV developers have indicated they plan to continue development of their Mesa-based Vulkan driver.

Read more of this story at Slashdot.

[linuxtoday.com] How to enable Nested Virtualization in KVM on CentOS 7 / RHEL 7

Nested virtualization means to configure virtualization environment inside a virtual machine.

[slashdot.org] Why Meteoroids Explode Before Hitting the Earth
According to a new study from Purdue University, scientists have figured out why meteoroids explode before hitting the Earth. "The research, published in the December issue of the journal Meteoritics & Planetary Science, shows that as meteoroids plunge, the high-pressure air they push against find its way into the objects' pores and cracks, forcing their bodies apart from the inside," reports Quartz. "The result is a kind of detonation that looks like an explosion." From the report: To explain the astrophysics, researchers focused their work on a widely viewed February 2013 meteoroid explosion place over Chelyabinsk, Russia, a city of 1.1 million north of the Kazakhstan border. Researchers ran a computer program that allowed for them to simulate what happened to the meteoroid in the atmosphere. "Our simulations reveal a previously unrecognized process in which the penetration of high-pressure air into the body of the meteoroid greatly enhances the deformation and facilitates the breakup of meteoroids similar to the size of Chelyabinsk," the study states. The researchers added that while the air pressure is effective at breaking apart small meteoroids, larger ones would likely withstand the force as they come to Earth.

Read more of this story at Slashdot.