Tech

  • Kremlin to step up monitoring of its online detractors

    Steve WoodsPolitics, Social Media, Tech

    Friday’s Le Monde reports that Russian State security agency the FSO is going to step up its surveillance of bloggers and others who are critical of the Russian government.

    online spying imageWhile Russian state security agencies already have surveillance systems in use, the administration has decided “to entrust this part of the work to professional computer specialists“.

    Quoting Izvestia, Le Monde states that an invitation to tender with a maximum budget of 31.8 mn. roubles (€700,000) has been issued for the procurement of a centralised data collection system for data published on the internet.

    The subject of the invitation to tender is the creation of a system comprising a database of citizens who have a “negative” opinion of the government and the provision of a daily summary of publications concerning the president, his administration, the prime minister or even the opposition. The procurement of this system is reportedly not a case of “turning up the heat” by the authorities, but more enabling them to anticipate some events by the early detection of protests being organised (a likely story. Ed.)

  • CodeCombat: an open source online game for learning how to programme

    Steve WoodsOpen Source, Tech

    The initiatives for encouraging young people to get into programming are multiplying, writes French news site Le Monde Informatique. With CodeCombat the work is both study and play.

    Now released as open source, CodeCombat is a video game devoted to teaching programming. The platform is multi-player and uses CoffeeScript, a programming language that transcompiles to JavaScript. It’s possible to use JavaScript libraries even though CoffeeScript is very well documented.

    CodeCombat screenshot

    The basic idea is very simple: lines of code need writing for players to make progress in the game (see the image above) and to compete against other programmers/players. Volunteer participants create levels and characters which can be borrowed by other players.

    Developed by Nick Winter, an alumnus of Oberlin College in Ohio, CodeCombat is available in seven languages thanks to the efforts of willing participants in this collaborative development work.

    Reposted from Bristol Wireless.

  • 0 A.D. Alpha 15 “Osiris” released

    Steve WoodsLinux, Open Source, Tech

    Just before the end of last month Wildfire Games announced the release of 0 A.D. Alpha 15 “Osiris”. 0 A.D. is a real time strategy game and the new release comes with additional functions. It’s available free of charge for Linux, Mac and Windows and is licensed under Version 2 of the GPL. The Alpha 15 release, which is playable, provides a multi-player lobby, in which players can meet and play each other, whilst a new playable civilisation can be added with the Ptolemaic Egyptians. However, only some of the latter’s buildings units and play functions can be tested; the civilisation itself shall only be made available in the next alpha version.

    A new play mode has been added to the game with so-called “Skirmish Maps”. Units now also gain a bonus if they come within reach of a certain building or special unit. Up top now temples regenerate the health of nearby units and most heroes also have such an “aura”. This function will be further refined and extended in future versions of the game.

    The user interface has also been improved so that players can now order their troops to defend other units or buildings. An audible signal or a chat message notifies when a player is being attacked, whilst flashing pixels on a miniature map show where the attack is taking place. Fighting units can be returned to the civilian work they were previously carrying out with a new “Back to work” button.

    In addition, there are new graphic elements, pieces of music and bug fixes, etc. in 0 A.D. Alpha 15 “Osiris”. The game is available for download from the project website.

    Finally, the project is seeking volunteer contributors in programming, art, sound, documentation and more. For details, log onto #0ad-dev on QuakeNet on IRC and meet the developers or register on the project’s forums and start participating!

    Previously published on the Bristol Wireless website.

  • US Customs needs no reason to examine travellers’ electronic devices, Court confirms

    Steve WoodsMedia, Politics, Tech

    image of laptopIn a case brought by civil liberties campaigners, a Brooklyn court has ruled that US Customs officers do not need to suspect a crime to examine travellers’ computer equipment at borders, Le Monde Informatique reported yesterday.

    In the United States the border police may carry out checks of travellers’ portable computers and other mobile devices without having to justify suspicions that the content they wish to examine is connected with criminal action, an American federal judge concluded last week at the end of a case brought in 2010 by the American Civil Liberties Union (ACLU). The ACLU believed such behaviour infringed the US constitution. However, Judge Edward Korman of the Brooklyn District Court did not share this opinion and rejected the case. The ACLU is contemplating an appeal.

    The ACLU submitted the complaint on behalf of Pascal Abidor, a student with dual French and American nationality and two other associations, one which defends lawyers and the other press photographers. In 2010, Customs officers confiscated Mr. Abidor’s portable computer as he was entering the United States aboard a Montreal (Canada) to New York train as he was entering the USA. Mr. Abidor was studying the history of the Shi’ites in Lebanon and had downloaded photographs linked to the militant organisations Hamas and Hezbollah onto his computer. He was detained for several hours while his computer equipment was examined before being released with no further action being taken. He had disclosed his password and the officers searched through his private data, including messages he’d exchanged with his girlfriend. Some information was retained for the purpose of further inquiries after he had handed over his equipment.

    For lawyers and journalists whose work entails maintaining keeping the data they hold confidential, such investigations by customs form a real problem and the lawsuit aimed to highlight the violation that Abidor’s treatment represented. However, Judge Korman asserted that Customs already had special procedures for examining this content which required suspicions of crime. Furthermore, he stated that searches of this kind are rare at borders and are already made within the scope of these procedures. In summary he states in his ruling, published by the ACLU, that giving reasons would not be appropriate because it is highly unlikely that one of the members of the plaintiff organisations had been subject to an examination of their electronic equipment at borders since, according to the judge, there is little chance that such a search would take place without reasonable suspicion. In view of the figures submitted by US Customs and Border Protection, Judge Korman believes there is a less than one in a million chance that a computer carried by a foreign traveller entering the USA would be confiscated.

  • Greens/EFA using Debian and encrypted email

    Steve WoodsLinux, Open Source, Politics, Tech

    Debian logoJoinup reports that the European Parliament’s Greens/EFA Group has started trial use of laptops running a tailored version of the Debian GNU/Linux distribution and “is reaching out to the Free Software community”, in order to achieve trustworthy email encryption in moves to counter mass surveillance by companies and governments.

    In a press release, Greens/EFA co-president Rebecca Harms stated:

    “Thanks to Snowden we are beginning to understand the full scope of what it means to live in a digital environment polluted by pervasive surveillance. Commercial and governmental surveillance is undermining trust in our democratic institutions and corrupts the very fabric of democracy. This is now a global problem of such scale that each individual effort will fail, yet without taking small concrete steps from accepting where we are, no progress is possible. Therefore, the Greens/EFA is now reaching out to the Free Software community to join in a small project to use trustworthy email encryption in cooperation and dialogue with the European Parliament IT services.

    “As the Green Group in the European Parliament we want to make an effort to ensure that nobody but the intended recipient of an email can read it. Such emails need to be encrypted, travel over the internet, and then be decrypted on the receiving computer — and nowhere else. In this project, me and colleagues in the Greens/EFA will use a selection of Free Software from Debian and run it on computers dedicated for this purpose. We will start small scale with 10 regular consumer laptops. This is not special hardware running special software, but general computers running software available for everybody.”

    For secure email, a combination of the cryptographic software tools provided by GnuPG and the Icedove email client (a Debian-specific version of Mozilla Thunderbird) will be used as the European Parliament’s proprietary email solution cannot offer trustworthy encryption.

  • Enlightenment 0.18 released

    Steve WoodsLinux, Open Source, Tech

    Just before Christmas the release of version 0.18 of the Enlightenment desktop environment for Linux was announced, according to Heise. Modules for controlling Bluetooth and music software are amongst the new features for the Enlightenment 0.18.0 (E18). It has been released as planned just one year after version 0.17.0 (E17), whose development took 12 years.

    In the new version the compositor which combines the application windows and desktop components into an overall picture is no longer optional, but firmly integrated into the desktop’s main components. Support for running Wayland, the potential successor X11 is also new, as is better interaction with systemd, the system management daemon designed exclusively for the Linux kernel API. The developers have also fixed several crashes and made considerable improvements to the file manager, according to the release notes.

    e18 desktop screenshot

    The developers are currently working on Enlightenment 0.19.0 (E19), which will be able to work as a Wayland Compositor. Details of these plans may be found on the E19 Release Manager blog, as well as in the video below.

  • Crowdfunding for Tails

    Steve WoodsLinux, Open Source, Tech

    Tails logoTails is a live Linux operating system (based on Debian. Ed.), that can be booted on almost any computer from a DVD, USB stick or SD card. Tails aims at preserving its users’ privacy and anonymity, as well as helping them to:

    • use the Internet anonymously and circumvent censorship; all connections to the internet are forced to go through the Tor network;
    • leave no trace on the computer being used without your requesting it;
    • use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.

    A crowdfunding campaign to support encryption tools for journalists has been launched by The Freedom of the Press Foundation; this campaign will last for two months and is collecting funds for Tails, Tor, the encrypted mobile communication tools RedPhone and TextSecure, plus the LEAP encrypted email platform.

  • Anti-brute force attack tool DenyHosts locks admins out

    Steve WoodsOpen Source, Tech

    DenyHosts logoAttackers can force the DenyHosts security tool to block any IP addresses they want due to a security hole, according to German IT news site Heise. To all intents and purposes, the tool ensures that IP addresses are added to a blacklist after a certain number of failed ssh log-in attempts. However, if a specially formatted user name is entered when logging in, any IP address the user wants can be added to the blacklist, including that of the administrator if the worst comes to the worst.

    The vulnerability was discovered by Helmut Grohne of Cygnus Networks. He wrote on the oss-sec mailing list that entering ssh connections using the following pattern was sufficient to implement the exploit:

    ssh -l 'Invalid user root from 123.123.123.123' 21.21.21.21

    The following line, amongst others, is then added to the log:

    sshd[123]: input_userauth_request: invalid user Invalid user root from 123.123.123.123 [preauth]

    According to Grohne this results in the specified user name (parameter -l) being blocked in addition to the attacker’s actual IP address.

    However, Grohne hasn’t just drawn attention to the problem, but has also provided a solution: a patch he has developed the tightens up DenyHosts’ regular expressions for matching log file entries so that the user names specified in the example above is not wrongly interpreted any more.

    Patched versions of DenyHosts are already being distributed via the Debian repositories. Yves-Alexis Perez from the Debian Security Team is advising DenyHosts users to switch to alternatives such as fail2ban since DenyHosts has not been actively maintained since 2008.

Posts navigation