CVE-2017-1000367 in Sudo’s get_process_ttyname() for Linux | oss-security@…ts.openwall.com

CVE-2017-1000367 in Sudo’s get_process_ttyname() for Linux; On That Certain Mailing List, hosted At OpenWall; 2017-05-30.

tl;dr → patch all the computers; something after circa sudo-1.8.20p1, the advice is not specific.

ACME Support in Apache HTTP Server Project | Let’s Encrypt

Josh Aas (Let’s Encrypt); ACME Support in Apache HTTP Server Project; In Their Blog; 2017-10-17.
Josh Aas is Executive Director, ISRG (of what?)

tl;dr → mod_md and SSLPolicy modern for httpd; on trunk now, aspirationally into httpd-2.4.x, soon.

Mentions

Apple Safari Privacy Cookie Features Praised by the EFF | Infosecurity

Apple Safari Privacy Cookie Features Praised; ; In Infosecurity Magazine; 2017-09-23.

Occasion

Andrés Arrieta, Alan Toner (EFF); Apple Does Right by Users, Wrong by Advertisers; In Their Blog at the Electronic Frontier Foundation; 2017-09-20.

Background

W3C Payment Request API is Being Implemented in All Major Browsers | ProgrammableWeb

W3C Payment Request API is Being Implemented in All Major Browsers; Janet Wagner; In ProgrammableWeb; 2017-09-20.

Original Sources

Mentions

Participants

  • Chrome,
  • Edge,
  • Firefox,
  • WebKit.
  • Facebook
    • Facebook Messenger Extensions SDK
  • Samsung
    • Samsung Internet for Android 5.

Quoted

For color, background & verisimilitude…

  • Ian Jacobs, Lead, Web Payments Working Group, W3C.
  • Lukasz Olejnik, expert
    • Dr. Lukasz Olejnik
    • site

As Microsoft Joins Coalition for Better Ads, Blocking by Browsers Looks Set to Spread | Advertising Age

As Microsoft Joins Coalition for Better Ads, Blocking by Browsers Looks Set to Spread; ; In Advertising Age; 2017-09-20.

tl;dr → Microsoft has joined the Coalition for Better Ads.

Original Sources

Rik van der Kooi (Microsoft); Microsoft Joins The Coalition For Better Ads; In Their Blog; 2017-09.
Rik van der Kooi is corporate VP for search advertising, Microsoft.

Mentions

  • Microsoft
  • Coalition for Better Ads (CBA)
    • for Chrome
    • of Google
  • Edge
    • a browser
    • of Microsoft
  • <could><eventually>unilaterally block ads that coalition research editorial has deemed annoying.</eventually></could>
  • Google
  • Will call it “ad filtering” going forward
    <quote>The term “blocking” carries a lot of baggage.</quote>
  • <quote>Chrome browser will start “filtering” in “early” 2018.
  • Digital Content Next
    • a trade association
    • for online publishers
    • member, CBA
  • Adblock Plus
    • Eyeo
    • <quote>charges [large] companies fees to participate in its whitelisting program<quote>
    • The business model is extortion, attributed to Randall Rothenberg.
      The spox of Microsoft did not <quote>immediately respond to a request for comment on that point.</quote> [but did she later?]

Membership

  • Procter & Gamble
  • Unilever
  • WPP’s GroupM
  • Facebook
  • Thomson, of Reuters
  • The Washington Post
  • Interactive Advertising Bureau (IAB)
  • Association of National Advertisers (4As)
  • Digital Content Next, a trade association for online publishers and a coalition member itself.
  • <ahem>…and more!</ahem>

Quoted

For color, background &&amp verisimilitude…

  • A spox, a ‘droid, presented as a woman, Microsoft.
  • Rik van der Kooi, corporate VP for search advertising, Microsoft.
  • Satya Nadella, CEO, Microsoft.
  • Jason Kint, CEO, Digital Content Next.
  • Randall Rothenberg, CEO, Interactive Advertising Bureau (IAB).

Previously

In Advertising Age

HP Brings Back Obnoxious DRM That Cripples Competing Printer Cartridges | Techdirt

Karl Bode; HP Brings Back Obnoxious DRM That Cripples Competing Printer Cartridges; In His Blog, entitled Techdirt; 2017-09-19.

Mentions

  • Dynamic Security

Quotes

<quote>Customers can head to the HP support website and download an alternate firmware without the Dynamic Security platform embedded (something that HP knows most users won’t do, and which places the onus for remedying HP’s bad behavior on the end user). Users then have to block HP’s automatic update functionality to prevent this firmware from being installed automatically (at the cost of useful updates).</quote>

The Washington Post’s robot reporter, Heliograf, has published 850 articles in the past year

tl;dr → they are using robots so that reporters can focus on “high value work.” i.e. most of what you’re reading, right now, today, even at the big brightly-lit news shops, is farmed content auto-formfill-assembled drek.

Mentions

  • Heliograph
  • The Associated Press
  • USA Today

Quoted

  • Jeremy Gilbert, director of strategic initiatives, The Washington Post.
  • Francesco Marconi, strategy manager, and AI co-lead (that’s an actual title?) Associated Press.
  • Seth Lewis, professor, of journalism, University of Oregon.

Argot

The Suitcase Words
  • Artificial Intelligence (AI)

On React and WordPress | Matt Mullenweg

Matt Mullenweg; On React and WordPress; In His Blog; 2017-09-14.

tl;dr → The lede is buried. Whereas Facebook’s BSD+Patent license terms are odious and onerous, WordPress will be ripping out every last line of code covered by it; They will rewrite everything rather than be subject to its terms.

Mentions

  • React (JS)
  • React License
  • Facebook
  • Calypso
  • Gutenberg
  • Apache Software Foundation (ASF)
    • BSD+Patents License
    • Category-X License

Referenced

Bridging Industry and Academia to Tackle Responsible Research and Privacy Practices | FPF

Bridging Industry and Academia to Tackle Responsible Research and Privacy Practices; an announcement, a call for participation; Future of Privacy Foundation (FPF); 2017-11-02 & 2017-07-03.

Scope

  • Data Analytics and Privacy–Preserving Technologies.
  • Privacy and Ethics in User Research.
  • People-Centered Privacy Design.

Program Committee

  • Bart Knijnenberg, Clemson University
  • Casey Fiesler, University of Colorado Boulder
  • Janice Tsai, Mozilla
  • Jed Brubaker, University of Colorado Boulder
  • Jessica Vitak, University of Maryland
  • Lorraine Kisselburgh, Purdue University
  • Luke Stark, Dartmouth College
  • Mary Ellen Zurko
  • Nicholas Proferes, University of Kentucky
  • Norah Abokhodair, Microsoft
  • Woodrow Hartzog, Northeastern University School of Law
  • Yang Wang, Syracuse University

Deadlines

Materials: 2017-09-22.

Venue

Facebook’s offices, New York, NY