Thursday, October 24, 2013

OpenStack 10/24/2013 (p.m.)


Posted from Diigo. The rest of Open Web group favorite links are here.

Wednesday, October 23, 2013

OpenStack 10/24/2013 (a.m.)

  • "At its Ideas Summit in New York, Google has announced that it is working on developing a browser extension that will act as an easy-to-use way to bypass country-specific Internet censorship and make connections safer and more private. Safer connections The tool, which was developed by the University of Washington and seeded by Google, is at its core a peer-to-peer personalized virtual private network (VPN) that redirects Internet traffic coming from an initial, less secure connection through a second, trusted connection, and then encrypts the pathway between the two terminals. Whenever you access the Internet, the connection is routed through a number of terminals. At each step of the way the connection may be blocked, surveilled, or even tampered with (especially if the data is not encrypted). On the whole, the safety and privacy of your data is only as good as the weakest link in the chain. Google's solution with uProxy was to develop a tool that makes it much easier to make an unsafe connection more secure, with the help of a trusted friend. The software, which will be available as a Chrome and Firefox extension to begin with, can use existing social networks like Facebook or Google Hangouts to help find users who already have uProxy installed on their system. If two users agree to use the service in tandem, the software can begin to make data connections safer. How it works Let's assume that Alice, who lives in a country with an Internet censorship problem such as China or Iran, contacts Bob, who has much safer, or uncensored, or unmonitored access to the Internet. Bob agrees to act as a proxy for Alice, and as long as his browser is open, Alice's outgoing web traffic will now be routed through Bob's connection, and so she'll now be able to access websites that she wouldn't otherwise be able to reach on her own. The connection between Alice and Bob is also encrypted. To an external observer looking at Bob's connection, it would appear that he is simply surfing the net, while it is really Alice who's doing the browsing. Likewise, an observer looking at Alice's connection would only see a stream of encrypted data being sent from and to Bob, but would not be able to understand it, or determine whether it's "allowed" web traffic or not. One more possible use for the software could be to proxy your own web traffic whenever you are traveling and worried about the safety of your connection (when you're connecting to an open Wi-Fi hotspot or public network, for example). In cases like these, you can use uProxy to route your web traffic back to your home computer and access the Web as if you were in your own home. What uProxy is (and isn't) Internet proxies already provide a similar service, but the advantage with uProxy is that it's a true P2P service, so there is no centralized server that governments can block. The data packets in the encrypted connection between Alice and Bob aren't marked in any way, and so they can't be easily flagged by a malicious user (or government). Google cautions that users should only make use of uProxy with those they trust. If you provide someone access to your safer connection, you have to trust that they will be using the connection legally: since the traffic is routed through you, you will be responsible for their online activity. Likewise, if you're using the service to get access from someone else, you have to trust that their connection is secure. If it isn't, you may be thinking that you're not being monitored, while really you are. In fact, if your friend's connection turns out to be less safe than your own, you'll just be making things worse for yourself. The service doesn't anonymize traffic like Tor, and it isn't a file sharing tool as it only proxies traffic from web browsers. What's next? Google says it is developing uProxy for the desktop versions of Chrome and Firefox to start with, and that the tool may be expanded to other browsers and mobile platforms in the future. The software has been launched as a private beta only, and the code hasn't been made available to the public yet because Google wants to make sure that the software is indeed tamper-proof. For that, it is allowing technically-savvy beta testers to take a look at the code to iron out any bugs. Once the software reaches the desired stability, it will be audited by Internet freedom organizations such as OpenITP, and then made freely available under an open source license. The video below is a short introduction to the software."

    Tags: uProxy, P2P, Security, Google


Posted from Diigo. The rest of Open Web group favorite links are here.

Saturday, October 19, 2013

OpenStack 10/20/2013 (a.m.)

  • "We (Forrester) just published a report on the state of adoption of Office 2013 And Productivity Suite Alternatives based on a survey of 155 Forrester clients with responsibility for those investments. The sample does not fully represent the market, but lets us draw comparisons to the results of our previous survey in 2011. Some key takeaways from the data:   One in five firms uses email in the cloud. Another quarter plans to move at some point. More are using Office 365 (14%) than Google Apps (9%).  Just 22% of respondents are on Office 2013. Another 36% have plans to be on it. Office 2013's uptake will be slower than Office 2010 because fewer firms plan to combine the rollout of Office 2013 with Windows 8 as they combined Office 2010 with Windows 7. Alternatives to Microsoft Office show little traction. In 2011, 13% of respondents supported open source alternatives to Office. This year the number is just 5%. Google Docs has slightly higher adoption and is in use at 13% of companies. "

    Tags: Office-Productivity, Cloud-Computing, Cloud-Productivity-Platform, Cloud-Compound-Document, HTML5

      • We just published a report on the state of adoption of Office 2013 And Productivity Suite Alternatives based on a survey of 155 Forrester clients with responsibility for those investments. The sample does not fully represent the market, but lets us draw comparisons to the results of our previous survey in 2011. Some key takeaways from the data:
         
        • One in five firms uses email in the cloud. Another quarter plans to move at some point. More are using Office 365 (14%) than Google Apps (9%). 
        • Just 22% of respondents are on Office 2013. Another 36% have plans to be on it. Office 2013's uptake will be slower than Office 2010 because fewer firms plan to combine the rollout of Office 2013 with Windows 8 as they combined Office 2010 with Windows 7.
        • Alternatives to Microsoft Office show little traction. In 2011, 13% of respondents supported open source alternatives to Office. This year the number is just 5%. Google Docs has slightly higher adoption and is in use at 13% of companies. 
    • Microsoft continues to have a stranglehold on office productivity in the enterprise: Just 6% of companies in our survey give all or some employees an alternative instead of the installed version of Microsoft Office. Most surprising of all, multi-platform support is NOT a priority. Apps on iOS and Android devices were important to 16% of respondents, and support for non-Windows PCs was important to only 11%. For now, most technology decision-makers seem satisfied with leaving employees to self-provision office productivity apps on their smartphones and tablets if they really want them. 
    • Do you think we're getting closer to replacing Microsoft Office in the workplace?
  • Interesting stats coming out from the recent Forrester study on Office Productivity.  The study was conducted by Philipp Karcher, and it shows a fcoming collision of two interesting phenomenon that cannot continue to "coexist".  Something has to give. The two phenom are the continuing dominance and use of client/server desktop productivity application anchor, MSOffice, and, the continuing push of all business productivity application to highly mobile cloud-computing platforms.   It seems we are stuck in this truly odd dichotomy where the desktop MSOffice compound document model continues to dominate business productivity processes, yet those same users are spending ever more time mobile and in the cloud.  Something has got to give. And yes, I am very concerned about the fact that neither of the native XML document formats {used by MSOffice (OXML), OpenOffice and LibreOffice (ODF)} are designed for highly mobile cloud-computing.   It's been said before, the Web is the future of computing.  And HTML5 is the language of the Web.  HTML is also the most prolific compound-document format ever.  One of the key problems for cloud-computing is the lack of HTML5 ready Office Productivity Suites that can also manage the complexities of integrating cloud-ready data streams. Sadly, when Office Productivity formats went down the rat hole of a 1995 client/server compound document model, the productivity suites went right with them.  Very sad.  But the gaping hole in cloud-computing is going to be filled.  One way or the other.

    Tags: Office-Productivity, Cloud-Computing, Cloud-Productivity-Platform, Cloud-Compound-Document, HTML5


Posted from Diigo. The rest of Open Web group favorite links are here.

Friday, October 18, 2013

OpenStack 10/18/2013 (p.m.)

  • Tags: surveillance state, NSA, Linux, Linux-backdoor, Solaris, FreeBSD, Darwin

    • IBM announced today that it would throw another billion at Linux, the open-source operating system, to run its Power System servers.

      The first time it had thrown a billion at Linux was in 2001, when Linux was a crazy, untested, even ludicrous proposition for the corporate world. So the moolah back then didn’t go to Linux itself, which was free, but to related technologies across hardware, software, and service, including things like sales and advertising – and into IBM’s partnership with Red Hat which was developing its enterprise operating system, Red Hat Enterprise Linux.

      “It helped start a flurry of innovation that has never slowed,” said Jim Zemlin, executive director of the Linux Foundation. IBM claims that the investment would “help clients capitalize on big data and cloud computing with modern systems built to handle the new wave of applications coming to the data center in the post-PC era.” Some of the moolah will be plowed into the Power Systems Linux Center in Montpellier, France, which opened today. IBM’s first Power Systems Linux Center opened in Beijing in May.

      IBM may be trying to make hay of the ongoing revelations that have shown that the NSA and other intelligence organizations in the US and elsewhere have roped in American tech companies of all stripes with huge contracts to perfect a seamless spy network. They even include physical aspects of surveillance, such as license plate scanners and cameras, which are everywhere [read.... Surveillance Society: If You Drive, You Get Tracked].

    • Then another boon for IBM. Experts at the German Federal Office for Security in Information Technology (BIS) determined that Windows 8 is dangerous for data security. It allows Microsoft to control the computer remotely through a “special surveillance chip,” the wonderfully named Trusted Platform Module (TPM), and a backdoor in the software – with keys likely accessible to the NSA and possibly other third parties, such as the Chinese. Risks: “Loss of control over the operating system and the hardware” [read.... LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA.
    • It would be an enormous competitive advantage for an IBM salesperson to walk into a government or corporate IT department and sell Big Data servers that don’t run on Windows, but on Linux. With the Windows 8 debacle now in public view, IBM salespeople don’t even have to mention it. In the hope of stemming the pernicious revenue decline their employer has been suffering from, they can politely and professionally hype the security benefits of IBM’s systems and mention in passing the comforting fact that some of it would be developed in the Power Systems Linux Centers in Montpellier and Beijing.

      Alas, Linux too is tarnished. The backdoors are there, though the code can be inspected, unlike Windows code. And then there is Security-Enhanced Linux (SELinux), which was integrated into the Linux kernel in 2003. It provides a mechanism for supporting “access control” (a backdoor) and “security policies.” Who developed SELinux? Um, the NSA – which helpfully discloses some details on its own website (emphasis mine):

      The results of several previous research projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. A reference implementation of this architecture was first integrated into a security-enhanced Linux® prototype system in order to demonstrate the value of flexible mandatory access controls and how such controls could be added to an operating system. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work.

    • Among a slew of American companies who contributed to the NSA’s “mainstreaming” efforts: Red Hat.

      And IBM? Like just about all of our American tech heroes, it looks at the NSA and other agencies in the Intelligence Community as “the Customer” with deep pockets, ever increasing budgets, and a thirst for technology and data. Which brings us back to Windows 8 and TPM. A decade ago, a group was established to develop and promote Trusted Computing that governs how operating systems and the “special surveillance chip” TPM work together. And it too has been cooperating with the NSA. The founding members of this Trusted Computing Group, as it’s called facetiously: AMD, Cisco, Hewlett-Packard, Intel, Microsoft, and Wave Systems. Oh, I almost forgot ... and IBM.

      And so IBM might not escape, despite its protestations and slick sales presentations, the suspicion by foreign companies and governments alike that its Linux servers too have been compromised – like the cloud products of other American tech companies. And now, they’re going to pay a steep price for their cooperation with the NSA. Read...  NSA Pricked The “Cloud” Bubble For US Tech Companies


Posted from Diigo. The rest of Open Web group favorite links are here.

Sunday, October 13, 2013

OpenStack 10/14/2013 (a.m.)

  • Tags: surveillance state, internet-freedom, U.S., NSA-blowback, ICANN, IETF, IAB, W3C, Internet-Society

    • All of the major internet organisations have pledged, at a summit in Uruguay, to free themselves of the influence of the US government.

      The directors of ICANN, the Internet Engineering Task Force, the Internet Architecture Board, the World Wide Web Consortium, the Internet Society and all five of the regional Internet address registries have vowed to break their associations with the US government.

      In a statement, the group called for “accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing”.

      That’s a distinct change from the current situation, where the US department of commerce has oversight of ICANN.

      In another part of the statement, the group “expressed strong concern over the undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance”.

      Meanwhile, it was announced that the next Internet Governance Summit would be held in Brazil, whose president has been extremely critical of the US over web surveillance.

      In a statement announcing the location of the summit, Brazilian president Dilma Rousseff said: “The United States and its allies must urgently end their spying activities once and for all.”


Posted from Diigo. The rest of Open Web group favorite links are here.

Monday, October 07, 2013

OpenStack 10/08/2013 (a.m.)


Posted from Diigo. The rest of Open Web group favorite links are here.

Saturday, October 05, 2013

OpenStack 10/06/2013 (a.m.)

  • From the Dept. of YouGottaBeKiddingMe. 

    Tags: HTML5, DRM, W3C

    • "Danny O'Brien from the EFF has a weblog post about how the Encrypted Media Extension (EME) proposal will continue to be part of HTML Work Group's bailiwick and may make it into a future HTML revision." From O'Brien's post: "A Web where you cannot cut and paste text; where your browser can't 'Save As...' an image; where the 'allowed' uses of saved files are monitored beyond the browser; where JavaScript is sealed away in opaque tombs; and maybe even where we can no longer effectively 'View Source' on some sites, is a very different Web from the one we have today. It's a Web where user agents—browsers—must navigate a nest of enforced duties every time they visit a page. It's a place where the next Tim Berners-Lee or Mozilla, if they were building a new browser from scratch, couldn't just look up the details of all the 'Web' technologies. They'd have to negotiate and sign compliance agreements with a raft of DRM providers just to be fully standards-compliant and interoperable."

Posted from Diigo. The rest of Open Web group favorite links are here.

Tuesday, October 01, 2013

OpenStack 10/02/2013 (a.m.)

  • White paper from Intel discusses HTML5 and the future of computing. Intro: Computer programmers have been grappling with cross-platform issues since there was a second platform. Since then, the number of issues has rapidly increased. Today’s developers can target at least four operating systems (plus their fragments), running on devices with all shapes, sizes, resolutions, persistence levels, input methods, carrier networks, connection speeds and states, UI conventions, app stores, deployment and update mechanisms, and on and on. Many of the world’s developers once looked to Java* as the shining knight of cross-platform development. Indeed, the structured language of Sun* (and now Oracle) continues to solve many cross-platform issues. But it also introduces obstacles, not the least of which is a class structure that heavily burdens even the tiniest of program functions. Java’s heft grew still more burdensome as developers turned to the browser for app delivery; Java applets are black boxes that are as opaque to the browser as the language is closed to the developer (with all due deference to the JCP). Around the same time Java was fuelling the browser wars, a like-named interpreted language was beginning to emerge. First called Mocha, later LiveScript, and finally JavaScript*, the language proved more useful than Java in some ways because it could interact with the browser and control content display using HTML’s cascading style sheets (CSS). JavaScript support soon became standard in every browser. It is now the programming language of HTML5, which is currently being considered by the World Wide Web Consortium as the next markup-language standard. To better understand HTML5—why it is where it is and where it’s going— Intel® Software Adrenaline turned to Moh Haghighat, a senior principal engineer in the Developer Products Division of Intel’s Software and Services Group. Moh was the technical lead from Intel’s side on the first JavaScript just-in-time compiler (JIT) in Firefox* browser. He also led the development of the first parallel JavaScript JIT and parallel browser layout-engine prototypes, both in the context of Firefox. He is currently leading Intel’s HTML5 technical strategy.

    Tags: HTML5, Visual-Productivity, Visual-Documents, Cloud-Computing


Posted from Diigo. The rest of Open Web group favorite links are here.