An FUQ for the GDPR

4 weeks ago
by Doc Searls

Today is Privmas Eve: the day before Privmas, aka GDPR Day: the one marked red on the calendars of every company in the world holding an asset the GDPR has suddenly made toxic: personal data. The same day—25 May—should be marked green for everyone who has hated the simple fact that harvesting personal data from everybody on the internet has been too damned easy for too damned long for too damned many companies, and governments too.

Whether you like the GDPR or not (and there are reasons for both, which we'll get into shortly), one thing it has done for sure is turn privacy into Very Big Deal. This is good, because we've had damned little of it on the internet and now we're going to get a lot more. That's worth celebrating, everybody. Merry Privmas! 

To help with that, and because 99.99x% of GDPR coverage is about what it means for the fattest regulatory targets (Facebook, Google, et al.), here's an FUQ: Frequently Unasked (or Unanswered) Questions about the GDPR and what it means for you, me and everybody else who wants to keep personal data personal—or to get back personal data those data farmers have already harvested. (The GDPR respects both.)

A note before we begin: this is a work in progress. It's what we know about what's now possible in a world changed by the GDPR. And "we" includes everybody. If you want to help, weigh in. Here goes...

Bottom line, what does the GDPR mean for the "natural persons" it also calls "data subjects"?

It means we're in charge now: at least of ourselves—and of our sides of relationships with the corporate entities we deal with.

No, the GDPR doesn't say that specifically, but both the letter and the spirit of the GDPR respect privacy as a fundamental human right. Since rights are something we exercise as individuals, and not just a something good corporate behavior allows us to enjoy, we should be able to provide it for ourselves as well.

Don't we have enough privacy tools already with crypto, onion routing, VPNs and so on?

No, we don't.

Those are all forms of protection against exploitation by others. We need tools that create private spaces around us on the net, much as clothing (the original privacy tech) does for us in the natural world. We need ways to signal to others what's okay and what's not okay, and to know easily when those signals are being respected and when they are not. We need ways to move about the net anonymously, and to submit identifiers only on a need to know basis, and then in ways we control.

Go to Full Article
Doc Searls

Parrot 4.0 Now Available, Eudora Email Code Open-Sourced, Firefox Now Offers Two-Step Authentication and More

4 weeks ago

News briefs for May 24, 2018.

Parrot 4.0 is now available for download. Parrot is a "GNU/Linux distribution based on Debian Testing and designed with Security, Development and Privacy in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own software or protect your privacy while surfing the net." New features of this "milestone" version include netinstall images, Docker templates, Linux kernel 4.16 and several other bugfixes and changes. See the release notes for more information.

Historic Eudora email code has been open-sourced by the Computer History Museum, The Register reports: "it fell into neglect after Qualcomm stopped selling it in 2006, and a follow-up version was poorly received in 2007. Under this latest deal, Qualcomm is to donate all IP—copyright code, trademarks and domain names—over to the museum."

Mozilla began offering two-step authentication for Firefox this week. If you enable it, you'll need to use an additional security code to log in. Mozilla is using the authentication standard TOTP (Time-based One-Time Password) to implement this feature. If you don't see a "Two-step authentication" panel in your Preferences, see this page for further instructions on how to enable it.

Kata Containers 1.0 was released this week. This first release "completes the merger of Intel's Clear Containers and Hyper's runV technologies, and delivers an OCI compatible runtime with seamless integration for container ecosystem technologies like Docker and Kubernetes." Visit the Kata Containers page for more info and links to the GitHub and install guide.

News Security Distributions open source Firefox Mozilla Containers Docker Kubernetes
Jill Franklin

Visualizing Molecules with EasyChem

4 weeks ago
by Joey Bernard

Introducing EasyChem, a program that generates publication-quality images of molecular structures.

Chemistry is one of the heavy hitters in computational science. This has been true since the beginning, and it's no less true today. Because of this, several software packages specifically target this user group. Most of these software packages focus on calculating things within chemistry, like bond energies or protein folding structures. But, once you've done the science portion, you need to be able to communicate your results, usually in the form of papers published in journals. And, part of the information you'll need to disseminate is imagery of the molecules from your work. And, that's where EasyChem, this article's subject, comes into play.

EasyChem helps generate publication-quality images of molecular structures. It should be available in the package management repositories for most distributions. In Debian-based distributions, you can install it with the following command:

sudo apt-get installed easychem

Once it's installed, you can start it either from your GUI's menu system or from the command prompt. When it first starts, you get a blank canvas within which to start your project.

Figure 1. You get a blank workspace when you first start EasyChem.

One of the first things you'll want to check is whether the option to have helpful messages is turned on. You can check this by clicking Options→Learning messages. With this selected, you'll get helpful information in the bottom bar of the EasyChem window.

Let's start with a simple molecule like benzene. Benzene is a ring of six carbon atoms, with every other bond a double bond. You can create this structure by using the options at the bottom of the draw window. Making sure that the "Add bonds" option is selected, select the "Simple" bond from the drop-down of "Bond type". If you now place the mouse pointer somewhere in the window and click and drag, you'll get a single bond drawn. To get a ring, you need to hold down the Ctrl key, and then click and drag. This will draw a ring structure for you.

You can set the number of atoms to use in the ring with the "Ring size" option in the bottom left of the window. The default is six, which is what you'll want for your benzene ring.

To get the alternating bond types, select the "Edit" option at the bottom, and then you'll be able to select individual bonds and change their types. When you select one of the bonds, you'll see a new pop-up window where you can change the details, such as the type of bond, along with the color and the relative width if it is a multiple bond.

Go to Full Article
Joey Bernard

VPNFilter Malware Attacks Routers, Mitigations for Spectre Variant 4, OnePlus 6 Phone and More

4 weeks 1 day ago

News briefs for May 23, 2018.

There's a new type of malware called VPNFilter, which has "has infected at least half a million home and small business routers including those sold by Netgear, TP-Link, Linksys, MicroTik, and QNAP network storage devices". This code is intended to "serve as a multipurpose spy tool, and also creates a network of hijacked routers that serve as unwitting VPNs, potentially hiding the attackers' origin as they carry out other malicious activities". See the story on Wired for all the details.

Canonical released an update to address 13 security vulnerabilities, including the new Spectre Variant 4, for Ubuntu 18.04 LTS, Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS. Canonical notes that "to fully mitigate Spectre Variant 4, users must also update the processor microcode firmware". See the security announcement for more info, and update now.

Also yesterday, Greg Kroah-Hartman released updates for the Linux 4.9.102, 4.14.43, and 4.16.11 kernels for Spectre Variant 4 mitigation. Update now. (Source: Phoronix.)

Mark Shuttleworth created a stir this week with his keynote at the OpenStack Summit in Vancouver due to his competitive comments about VMware and Red Hat. See the ServerWatch story for details.

The OnePlus 6 unlocked phone is now available for $529. See Android Central for specification and a review of the new phone.

News Security Spectre Android Mobile OpenStack Canonical kernel
Jill Franklin

Cooking With Linux (without a net): Really tiny Linux distributions, old DOS games, and more

4 weeks 1 day ago

Please support Linux Journal by subscribing or becoming a patron.

It's Tuesday, and it's time for Cooking With Linux (without a net) where I do some live Linuxy and open source stuff, live, on camera, and without the benefit of post video editing therefore providing a high probability of falling flat on my face. Today, it's teeny tiny Linux time where I'll show you some of the smallest fully graphical distributions out there, play some old abandoned games, DOS emulation, and visit browser based Linux. Basically, a grab bag of Linux and open source goodies. Oh, and wine.

Cooking with Linux
Marcel Gagné