There’s been a lot of interest in the media in recent days over the impending release of the film of E.L. James’ 2011 erotic novel Fifty Shades of Grey.
Following hard on the heels of the media interest, comes the HTML colo(u)r* chart.
If you need to pick colours for web pages, fonts and the like, the W3C has a handy picker.
* In HTML American spellings – e.g. color, center – are used.
Libération reports that the entire French railway network will be connected to the internet between now and the end of 2016, according to French train operator SNCF, alluding to forthcoming works to be conducted with mobile operators and Arcep, the French telecommunications regulator. “We shall work in full cooperation with the operators and what we can say, without making a false promise, is that all French trains will without a shadow of a doubt be able to receive the internet properly between and the end of 2016, ” SNCF chairman Guillaume Pepy stated at the end of a press conference.
“The first stage is to carry out a proper diagnosis with Arcep and a technical diagnosis of the quality of reception on the network with specially equipped trains and a methodology that will be foolproof,” Pepy added. He stressed that there will then be a need to deal with notspots or areas of poor reception and then get round the table. “We are starting these measurements from March onwards so as to be able to share the initial results of these measurements in April with the four [mobile] operators and Arcep,” explained SNCF’s Digital and Communications Director Yves Tyrode.
SNCF is going “to facilitate infrastructure access to mobile operators for deployment of their antennas,” he added. “As an addition to this 3G and 4G coverage, SNCF is going to increase wifi coverage, but only in certain specific instances, such as some stations and on TGV trains,” he continued.
An invitation to tender is underway to equip TGV trains with internet access (posts passim), whose outcome will be known at the end of June. “We’re going to change technology. Up to now we tested technology which brought wifi and connection by satellite together and we’re going to change to a technology that will ally wifi on the trains with 4G,” he stressed. “The choice made five years ago and which was hailed by everyone, the satellite-based model, did not prove to be pertinent, neither from a technical point of view, nor a commercial one,” Guillaume Pepy commented.
Cyber security students at Saarland Univeristy in Germany (which I attended during 1975 and 1976. Ed.) have discovered up to 40,000 insecure databases on the internet, the university reports.
Anyone could retrieve or even amend several million customer accounts with name, address, email and credit card details via the internet, according to information from the University’s Center for IT-Security, Privacy, and Accountability (CISPA). The cause is a wrongly configured, freely available database on which millions of online shops and platforms around the world are establishing their services. If the operators blindly stick to the defaults in the installation process and do not consider crucial details, the data is available online, completely unprotected. CISPA has already contacted the vendor and data protection authorities.
“It is not a complex bug, but it’s effect is disastrous”, explains Michael Backes, professor of information security and cryptography at Saarland University and director of CISPA. He was contacted by the students and CISPA employees Kai Greshake, Eric Petryka and Jens Heyens at the end of January. Heyens is a cyber security student at Saarland University and his two fellow students plan to concentrate in this subject in the forthcoming semester. The flaw which they detected affects 39,890 databases. “The databases are accessible online without being protected by any defensive mechanism. You even have the permissions to update and change data. Hence we assume hat the databases were not left open on purpose”, Backes explains. The vendor of the database is MongoDB Inc. Its MongoDB database is one of the most widely used open source databases. Out of curiosity, the students queried a publicly accessible search engine for servers and services connected to the internet and thus discovered the IP addresses companies use to run unprotected MongoDB databases.
When the students called up the detected MongoDB databases with the respective IP addresses, they were surprised. Access was neither locked, nor protected in any other way. “A database unprotected like this is similar to a public library with a wide open entrance door and without any librarian. Everybody can enter”, explains Backes. Within a few minutes, the students also detected this critical condition in numerous other databases as well. They even found a customer database possibly belonging French ISP and mobile phone provider containing the addresses and telephone numbers of roughly 8 million French customers. According to the students, they also found the data of half a million German clients among those addresses. Another unprotected database detected was that of a German online retailer which included payment information. “The saved data can be used later to steal identities. Even if the identity theft is known, even years later the affected people have to deal with contracts signed under their own names by the identity thieves”, says Backes. The CISPA researchers began contacting MongoDB Inc. immediately, as well as the international computer emergency response teams (CERTs). They informed the French data protection service, the Commission nationale de l’informatique et des libertés, and the German Office for Information Security. “We do also hope that the developer of MongoDB will quickly include our results, incorporate them into its guidelines and forward them to the companies using the database”, says Backes.
CISPA has released a report of its findings (pdf).
GnuPG is the de facto standard implementation of the PGP standard. Anyone currently encrypting their emails as a private individual is almost always using a software package that has GnuPG under its bonnet. Since the middle of December GnuPG’s main developer has been collecting donations to enable financing of his work on the software. This was going rather slowly until last Thursday, when, helped by media reports of the project’s plight, main GnuPG Werner Koch and his fellow developers succeeded in raising the required €120,000 within one day, German IT news site heise reports.
The software’s development will therefore be fully financed for the current year for the first time. In addition, Facebook and payment processor Stripe have both stated their readiness to subsidise its development with $50,000 per year each and The Linux Foundation has given Koch a one-off donation of $60,000. Even the German Federal Office for Security & Information Technology (Bundesamt für Sicherheit in der Informationstechnik – BSI) is intending to support the GnuPG project. This was announced via German computer periodical c’t. It is believed the BSI has given the project similar support in the past.
Explaining its decision, Facebook stated:
We think it’s important to have a diverse family of software that can stand the test of time, and this is a great opportunity to support such a project. GnuPG was started 17 years ago, and we hope it keeps improving for years to come.
In a new move Bristol City Council has started advertising websites for non-existent domains as part of its tenure as European Green Capital 2015.
I’m indebted to Redvee for the photograph below.
Not only does the solar park itself not exist, neither does the domain shown on the sign, as a simple whois search reveals.
I wonder how much money has been wasted on the publicity for a non-existent solar park and its accompanying (and equally non-existent) website.
Would anyone from Bristol City Council care to comment?
Update 02/02/2015: a subsequent whois search today revealed that the domain in question was registered by a PR person working for Bristol City Council this morning and that the registrant contact details are currently awaiting validation.
The Document Foundation has announced the release of LibreOffice 4.4, billed as “the most beautiful LibreOffice ever“.
This is the ninth major release of this leading free and open source office suite, with a significant number of design and user experience improvements.
“LibreOffice 4.4 has got a lot of UX and design love, and in my opinion is the most beautiful ever,” says design team leader Jan “Kendy” Holesovsky. “We have completed the dialog conversion, redesigned menu bars, context menus, toolbars, status bars and rulers to make them much more useful. The Sifr monochrome icon theme is extended and now the default on OS X. We also developed a new Color Selector, improved the Sidebar to integrate more smoothly with menus, and reworked many user interface details to follow today’s UX trends.”
LibreOffice 4.4 likewise offers several significant improvements in other areas, such as:
A complete list of new and improved features is available in the release notes.
LibreOffice 4.4 is available immediately for download from http://www.libreoffice.org/download/.
I’m looking forward to the new release being available in the Debian Jessie software repositories in the next few days. 🙂
Debian developer Thomas Goirand has announced on his blog that a Debian disk image of the free and open source OpenStack cloud computing software platform is now available from Debian at cdimage.debian.org.
Thomas writes:
About a year and a half after I started writing the openstack-debian-images package, I’m very happy to announce to everyone that, thanks to Steve McIntyre’s help, the official OpenStack Debian image is now generated at the same time as the official Debian CD ISO images. If you are a cloud user, if you use OpenStack on a private cloud, or if you are a public cloud operator, then you may want to download the weekly build of the OpenStack image from here:
http://cdimage.debian.org/cdimage/openstack/testing/
Note that for the moment, there’s only the amd64 arch available, but I don’t think this is a problem: so far, I haven’t found any public cloud provider offering anything else than Intel 64 bits arch. Maybe this will change over the course of this year, and we will need arm64, but this can be added later on.
Now, for later plans: I still have 2 bugs to fix on the openstack-debian-images package (the default 1GB size is now just a bit too small for Jessie, and the script exits with zero in case of error), but nothing that prevents its use right now. I don’t think it will be a problem for the release team to accept these small changes before Jessie is out.
When generating the image, Steve also wants to generate a sources.tar.gz containing all the source packages that we include on the image. He already has the script (which is used as a hook script when running the build-openstack-debian-image script), and I am planning to add it as a documentation in /usr/share/doc/openstack-debian-images.
Last, probably it would be a good idea to install grub-xen, just as Ian Campbell suggested to make it possible for this image to run in AWS or other Xen based clouds. I would need to be able to test this though. If you can contribute with this kind of test, please get in touch.
Feel free to play with all of this, and customize your Jessie images if you need to. The script is (on purpose) very small (around 400 lines of shell script) and easy to understand (no function, it’s mostly linear from top to bottom of the file), so it is also very easy to hack, plus it has a convenient hook script facility where you can do all sorts of things (copying files, apt-get install stuff, running things in the chroot, etc.).
Again, thanks so much to Steve for working on using the script during the CD builds. This feels me with joy that Debian finally has official images for OpenStack.
I’m a great fan of Debian GNU/Linux (byline: the universal operating system. Ed.), having used it or its derivatives (e.g. Ubuntu, Mepis) as my main operating systems since my wholesale move to free and open source software.
Researchers at the Georgia Institute of Technology in the USA are behind a project to develop a wireless keyboard powered by keystrokes, Le Monde Informatique reports. The force generated by the fingers can produce enough electrical current for a wireless connection. To convert mechanical energy into electricity, the researchers applied a coating which acts as an electrode on keystrokes. The small electrical charged produced is stored in a lithium-ion battery which powers the interface wirelessly.
However, during their work, the researchers have thought of another use which could have a much wider impact. Over 100 volunteer testers typed the word “touch” on the keyboard and a software package collected data on the pressure exerted on the keys and measured the time interval between each stroke. It proved to be that these measurements are particular to each individual. By using signals analysis techniques, they identified touch patterns unique to individuals with a low error rate to achieve a kind of biometric authentication.
In a telephone call, Professkr Zhong Li Wang of the School of Materials Science and Engineering at Georgia Tech, stated that these patterns enable a “unique personal measurement” to be defined.
This keyboard, which uses standard materials, would be cheap to develop, Professor Wang stressed. The keys are not mechanical, but made up of transparent films stacked vertically to produce electricity. His team is still working on making the keyboard more reliable, but he believes this product could be marketed in just under two years. What happens if a person breaks a finger or changes his typing rhythm? Professor Wang states that a second authentication mechanism is a definite requirement.
When Wikipedia came online in January 2001, no-one could have have imagined its subsequent development. Fourteen years later, innumerable authors have produced more than 34 million articles in 280 languages. The Wikimedia Foundation attracts 20,000 mn. hits on the online encyclopaedia and its sister projects, heise reports.
This success is now being recognised by the Dutch-based Praemium Erasmianum foundation with the noted Erasmus Prize. Part of the citation reads: “By distributing knowledge to places where it was previously unavailable, Wikipedia also plays an important role in countries where neutrality and open information are not taken for granted. With its worldwide reach and social impact.”
Each year the Praemium Erasmianum foundation recognises people and institutions for their services. The prize will be handed over to representatives of the Wikipedia community in the autumn, while the prize money of €150,000 is to be used for community development.
In the meantime, the Wikimedia Foundation must grapple with future strategy. As Foundation Trustee Phoebe Ayers recently explained on her blog, the online encyclopaedia’s readership has clearly declined, particularly in industrial countries. Even sharply rising mobile access figures cannot compensate for the loss. The number of authors has also been declining steadily for several years. The Wikimedia Foundation is investing in a more attractive platform that’s also easier to use to counteract this trend.
As with all other fields of human activity, IT is not immune from fads and fashion.
One of the recent fads has been for so-called cloud computing.
Wikipedia describes cloud computing (often truncated to just the cloud. Ed.) as follows:
Cloud computing is a recently evolved computing terminology or metaphor based on utility and consumption of computing resources. Cloud computing involves deploying groups of remote servers and software networks that allow centralized data storage and online access to computer services or resources. Clouds can be classified as public, private or hybrid.
However, almost from the outset, cloud computing has been heavily criticised by free software advocates such as the Free Software Foundation’s founder, Richard Stallman.
The latest effort to counteract the cloud computing hype comes from the Free Software Foundation Europe (FSFE), which has just produced a sticker that tells the simple truth about the cloud.
That’s right! Other people’s computers, although in this case the people or persons are likely to be juridical persons, i.e. corporations.
The stickers can be ordered from the FSFE (scroll down until you find them) and a small donation to its work would be appreciated in return.