Red Hat and IBM Jointly File Another Amicus Brief In Google v. Oracle, Arguing APIs Are Not Copyrightable

Monday Red Hat and IBM jointly filed their own amicus brief with the U.S. Supreme Court in the "Google vs. Oracle" case, arguing that APIs cannot be copyrighted. "That simple, yet powerful principle has been a cornerstone of technological and economic growth for over sixty years. When published (as has been common industry practice for over three decades) or lawfully reverse engineered, they have spurred innovation through competition, increased productivity and economic efficiency, and connected the world in a way that has benefited commercial enterprises and consumers alike." An anonymous reader quotes Red Hat's announcement of the brief: "The Federal Circuit's unduly narrow construction of 17 U.S.C. 102(b) is harmful to progress, competition, and innovation in the field of software development," Red Hat stated in the brief. "IBM and Red Hat urge the Court to reverse the decision below on the basis that 17 U.S.C. 102(b) excludes software interfaces from copyright protection...." The lower court incorrectly extended copyright protection to software interfaces. If left uncorrected, the lower court rulings could harm software compatibility and interoperability and have a chilling effect on the innovation represented by the open source community... Red Hat's significant involvement with Java development over the last 20 years has included extensive contributions to OpenJDK, an open source implementation of the Java platform, and the development of Red Hat Middleware, a suite of Java-based middleware solutions to build, integrate, automate and deploy enterprise applications. As an open source leader, Red Hat has a stake in the consistent and correct determination of the scope of copyright protection that applies to interfaces of computer programs, including the Java platform interface at stake in this case. Open source software development relies on the availability of and unencumbered access to software interfaces, including products that are compatible with or interoperate with other computer products, platforms, and services... Read more of this story at Slashdot.
2020-01-18 21:30:02 preview's
Slate Announces List of The 30 Most Evil Tech Companies

An anonymous reader quotes Slate: Separating out the meaningful threats from the noise is hard. Is Facebook really the danger to democracy it looks like? Is Uber really worse than the system it replaced? Isn't Amazon's same-day delivery worth it? Which harms are real and which are hypothetical? Has the techlash gotten it right? And which of these companies is really the worst? Which ones might be, well, evil? We don't mean evil in the mustache-twirling, burn-the-world-from-a-secret-lair sense -- well, we mostly don't mean that -- but rather in the way Googlers once swore to avoid mission drift, respect their users, and spurn short-term profiteering, even though the company now regularly faces scandals in which it has violated its users' or workers' trust. We mean ills that outweigh conveniences. We mean temptations and poison pills and unanticipated outcomes. Slate sent ballots to "a wide range of journalists, scholars, advocates, and others who have been thinking critically about technology for years," and reported that while America's big tech companies topped the list, "our respondents are deeply concerned about foreign companies dabbling in surveillance and A.I., as well as the domestic gunners that power the data-broker business." But while there were some disagreements, Palantir still rose to #4 on the list because "almost everyone distrusts Peter Thiel." Interestingly, their list ranks SpaceX at #17 (for potentially disrupting astronomy by clogging the sky with satellites) and ranks Tesla at #14 for "its troubled record of worker safety and its dubious claims that it will soon offer 'full self-driving' to customers who have already paid $7,000 for the promised add-on... Our respondents say the very real social good that Tesla has done by creating safe, zero-emission vehicles does not justify misdeeds, like apparent 'stealth recalls' of defects that appear to violate safety laws or the 19 unresolved Clean Air Act violations at its paint shop." Slate's article includes its comprehensive list of the 30 most dangerous tech companies. But here's the top 10: Amazon Facebook Alphabet Palantir Technologies Uber Apple Microsoft Twitter ByteDance Exxon MobilThere's also lots of familiar names higher up on the list, including both 8chan (#20) and Cloudflare (#21). 23andMe came in at #18, while Huawei was #11. Netflix does not appear anywhere on the list, but Disney ranks #15. And Oracle was #19. "It takes a lot to make me feel like Google is being victimized by a bully," wrote Cory Doctorow, "but Oracle managed it." Read more of this story at Slashdot.
2020-01-18 19:45:02 preview's
Exploit Fully Breaks SHA-1, Lowers the Attack Bar

ThreatPost reported on some big research last week: A proof-of-concept attack has been pioneered that "fully and practically" breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering. The exploit was developed by Gaëtan Leurent and Thomas Peyrin, academic researchers at Inria France and Nanyang Technological University/Temasek Laboratories in Singapore. They noted that because the attack is much less complex and cheaper than previous PoCs, it places such attacks within the reach of ordinary attackers with ordinary resources. "This work shows once and for all that SHA-1 should not be used in any security protocol where some kind of collision resistance is to be expected from the hash function," the researchers wrote. "Continued usage of SHA-1 for certificates or for authentication of handshake messages in TLS or SSH is dangerous, and there is a concrete risk of abuse by a well-motivated adversary. SHA-1 has been broken since 2004, but it is still used in many security systems; we strongly advise users to remove SHA-1 support to avoid downgrade attacks." Given the footprint of SHA-1, Leurent and Peyrin said that users of GnuPG, OpenSSL and Git could be in immediate danger. Long-time Slashdot reader shanen writes, "I guess the main lesson is that you can never be too sure how long any form of security will remain secure." Read more of this story at Slashdot.
2020-01-18 17:45:01 preview's
Tuxedo's New Manjaro Linux Laptops Will Include Massive Customization

Tuxedo Computers "has teamed up with Manjaro to tease not one, not two, but several" Linux laptops, Forbes reports: The Tuxedo Computers InfinityBook Pro 15...can be loaded with up to 64GB of RAM, a 10th-generation Intel Core i7 CPU, and as high as a 2TB Samsung EVO Plus NVMe drive. You can also purchase up to a 5-year warranty, and user-installed upgrades will not void the warranty... Manjaro Lead Project Developer Philip Müller also teased a forthcoming AMD Ryzen laptop [on Forbes' "Linux For Everyone" podcast]. "Yes, we are currently evaluating which models we want to use because the industry is screaming for that," Müller says. "In the upcoming weeks we might get some of those for internal testing. Once they're certified and the drivers are ready, we'll see when we can launch those." Müller also tells me they're prepping what he describes as a "Dell XPS 13 killer." "It's 10th-generation Intel based, we will have it in 14-inch with a 180-degree lid, so you can lay it flat on your desk if you like," he says. The Manjaro/Tuxedo Computers partnership will also offer some intense customization options, Forbes adds. "Want your company logo laser-etched on the lid? OK. Want to swap out the Manjaro logo with your logo on the Super key? Sure, no problem. Want to show off your knowledge of fictional alien races? Why not get a 100% Klingon keyboard?" Read more of this story at Slashdot.
2020-01-18 14:45:01 preview's
Why Did Red Hat Drop Its Support for Docker's Runtime Engine?

"I've grown quite fond of the docker container runtime. It's easy to install and use, and many of the technologies I write about depend upon this software," writes TechRepublic/ contributor Jack Wallen. "But Red Hat has other plans." The company decided -- seemingly out of the blue -- to drop support for the docker runtime engine. In place of docker came Podman. When trying to ascertain why Red Hat split with Docker, nothing came clear. Sure, I could easily draw the conclusion that Red Hat had grown tired of the security issues surrounding Docker and wanted to take matters in their own hands. There was also Red Hat's issue with "no big fat daemons." If that's the case, how do they justify their stance on systemd? Here's where my tinfoil hat comes into play. Understand this is pure conjecture here and I have zero facts to back these claims up... Red Hat is now owned by IBM. IBM was desperate to gain serious traction within the cloud. To do that, IBM needed Red Hat, so they purchased the company. Next, IBM had to score a bit of vendor lock-in. Using a tool like docker wouldn't give them that lock-in. However, if Red Hat developed and depended on their own container runtime, vendor lock-in was attainable.... Red Hat has jettisoned a mature, known commodity for a less-mature, relatively unknown piece of software -- without offering justification for the migration.... Until Red Hat offers up a sound justification for migrating from the docker container engine to Podman, there's going to be a lot of people sporting tinfoil hats. It comes with the territory of an always-connected world. And if it does turn out to be an IBM grab for vendor lock-in, there'll be a lot of admins migrating away from RHEL/CentOS to the likes of Ubuntu Server, SUSE/openSUSE, Debian, and more. Red Hat's product manager of containers later touted Podman's ability to deploy containers without root access privileges in an interview with eWeek. "We felt the sum total of its features, as well as the project's performance, security and stability, made it reasonable to move to 1.0. Since Podman is set to be the default container engine for the single-node use case in Red Hat Enterprise Linux 8, we wanted to make some pledges about its supportability." And a Red Hat spokesperson also shared their position with The New Stack. "We saw our customer base wanting the container runtime lifecycle baked-in to the OS or in delivered tandem with OpenShift." Read more of this story at Slashdot.
2020-01-18 13:45:02 preview's
This Philosopher Dreams of Writing Low-Budget Sci-Fi

Philosophy professor Peter Boghossian would much rather be working on screenplays. 
2020-01-18 13:15:02 preview's
Nemesis brings alien impregnation horror to your tabletop—and it works

Beware both the chestburster and your fellow players.
2020-01-18 09:45:02 preview's
This Philosopher Dreams of Writing Sci-Fi

Philosophy professor Peter Boghossian would much rather be working on screenplays.
2020-01-18 09:15:03 preview's
NBC's New Peacock Streaming Service Is Just One Big Ad-Injection Machine

Comcast's NBCUniversal is launching a new streaming service in April called Peacock. With three pricing tiers from free to $10 per month, Comcast wants Peacock "to be an ad delivery system to destroy all others in its path," writes Ryan Waniata via Digital Trends. From the report: In a shockingly long investor call, NBC revealed its big new strategy for delivering its many intellectual property spoils online, which will be offered in a multi-tiered plan (with both ad-based and ad-free versions) rolling up a content hodge-podge, including NBCUniversal TV classics and films on-demand, a handful of new exclusive shows, and live content, from NBC News to the Tokyo Olympics. Peacock's ad-based service -- which rolls out first to the company's Xfinity and Flex cable customers from within their cable box -- will arrive in at least some form for zero dollars per month. A $5 monthly charge will get you more content (but still carry ads), while a $10 fee will get you ad-free viewing and the whole kit-and-caboodle. But here's the thing: The execs at Comcast don't even want you to buy that service. It's an also-ran. A red herring. NBCUniversal Chairman of Advertising & Partnerships Linda Yaccarino spoke vociferously to the crowd of investors, saying, "Peacock will define the future of advertising. The future of free." To hook viewers into their ad-loaded trap, NBC execs have leveraged Peacock to offer "the lightest ad load in the industry," with just 5 minutes of ads per hour. To be fair, that ad-to-content ratio would be quite light these days in TV talk. But, Yaccarino continued, these would be revolutionary new ad innovations for Peacock, including ads that won't be as repeated over and over. Ads that will look "as good as the content" they accompany (whatever that means). Solo ads where "brands become the hero" and offer a TV show brought to you by a single advertiser. Ads. Ads. And more ads. Read more of this story at Slashdot.
2020-01-18 02:15:02