Thursday, May 5, 2011

Gigantii tech acuzati ca au conspirat pentru a mentine salariile angajatilor scazute

Mai mule companii tech, printre care Apple, Google si Intel sunt date in judecata sub acuzatia ca au conspirat pentru a mentine scazute salariile angajatilor.

Potrivit plangerii formulate de Siddharth Hariharan, fost inginer software la compania de productie Lucas Film, Adobe, Apple, Google, Intel, Intuit, Lucasfilm si Pixar au violat legile antitrust conspirand la palfonarea salariilor si intrand in aranjamente de genul “No solicitation”.

Totodata, Hariharan sustine ca giganti tech au semnat intelegeri prin care sa nu isi recruteze activ angajatii unii altora si sa prin care sa trimita notificari angajatorului unui candidat – fara ca acesta sa stie – inainte de a face o oferta.

Potrivit estimarilor, competitia redusa pe aceste servicii a determinat o reducere cu 10-15% a salariilor angajatilor acestor companii.

China isi intareste controlul asupra Internetului

China a pus bazele unei noi institutii guvernamentale, responsabila pentru controlul informatiei pe Internet.

Biroul de Informatii al Internetului le va permite autoritatilor sa practice o cenzura care l-ar face pana si pe Ceausescu gelos, controland tot contentul disponibil pentru utilizatorii de internet din tara.

Beijing-ul opereaza o cenzura draconica asupra internetului, numita si “Marele zid de foc al Chinei.” Website-urile considerate o amenintare la adresa guvernului sunt blocate zilnic.

The Chinese government has put a lot of resources into controlling and censoring the internet content available to its citizens.

Guvernul chinez a alocat un numar mare de resurse in controlarea si cenzurarea contentului de pe web.

Pana in prezent aceasta supraveghere era exercitata de catre Biroul de Informatii al tarii si de alte cateva agentii. Institutia noua creata aduce la un loc controlul tehnic si cel politic.

Consecinta imediat urmatoare se va vedea intr-o cenzura mult mai accentuata a stirilor si a informatiilor online, a afacerilor new media si intr-un control mult mai agresiv al accesului la internet.

Decizia autoritatilor de a infiinta Biroul de Informatii al Internetului ar putea veni ca urmare a revolutiilor din Orientul Mijlociu si Nordul Africii.

LastPass in possible password fail

LastPass is asking users to change their master password after identifying a brief network traffic "anomaly" from one of its non-critical machines - which apparently resulted in the transmission of an unspecified amount of data.

"[Although anomalies] happen occasionally, we typically identify them as an employee or an automated script. In this case, we couldn't find that root cause," a LastPass rep explained in an official blog post.

LastPass in possible password fail

"After delving into the anomaly we found a similar but smaller matching traffic anomaly from one of our databases in the opposite direction - more traffic was sent from the database compared to what was received on the server."

The LastPass rep conceded the company couldn't account for the anomaly, and would therefore be "paranoid" by assuming the very worst.

"We know roughly the amount of data transferred and that it's big enough to have transferred people's email addresses, the server salt and their salted password hashes from the database. We also know that the amount of data taken isn't remotely enough to have pulled many users encrypted data blobs.

"As a precaution, we're forcing you to change your master password. We're [also] going to want an indication that you're you, by either ensuring that you're coming from an IP block you've used before or by validating your email address. The reason is that if an attacker had your master password through a brute force method, LastPass still wouldn't give access to this theoretical attacker because they wouldn't have access to your email account or your IP."

Nevertheless, the LastPass rep was careful to emphasize that while the company had no actual proof passwords were compromised, it preferred to err on the side of caution. 

"It's prudent to assume where there's smoke there could be fire. We're rebuilding the boxes in question and have shut down and moved services from them in the meantime. 

"[Remember], the source code running the website and plugins has been verified against our source code repositories, and we have further determined from offline snapshots and cryptographic hashes in the repository that there was no tampering with the repository itself."

Meanwhile, Sophos security expert Carole Theriault noted the inherent irony in the company's marketing motto: "the last password you'll ever need." 

"Turns out you might need more than one. Oh well. Despite this potential security breach, LastPass has a strong reputation among the technology-savvy as a rather good piece of password-management software. It allows users to store the multitude of passwords for their various online activities in an encrypted form, accessible only via their master password," said Theriault.

"And for what it's worth, I think LastPass are doing the right thing: they saw something odd. They cannot explain it. There is a risk that sensitive info is in the wrong hands, so they immediately go into action, explain with some detail why they are concerned, and tell you what to do you about it."

Sabily 11.04

Sabily 11.04, an Ubuntu-based distribution with a collection of Islamic software and an integrated web content filtering tool, has been released: "The Sabily team is proud to announce the release of the new version of Sabily 11.04, code name 'Al-Badr'. What's new: new 'Al-Badr' pictures and wallpapers, new Plymouth and GDM themes; Unity and Unity 2D available, but Ubuntu classic (GNOME 2) set by default; new Firefox persona. New applications: Islamic Date - a Firefox extension that displays Hijri date; Zakat Calculator provides Zakat calculations; gufw - an easy-to-use Ubuntu firewall; DesktopNova (replacing WallpaperTray); autoKey - to avoid typing frequently encountered words; recordMyDesktop - records desktop sessions to a video file (Ogg Theora Vorbis file); Anki - an extensible flash card learning program...." Read the rest of the release announcement for more details. Download (MD5): sabily-11.04-desktop-i386-small.iso (917MB, torrent).

VectorLinux 7.0 RC1

Robert Lange has announced the availability of the first release candidate for VectorLinux 7.0, a Slackware-based desktop distribution: "The VectorLinux development crew is proud to announce the first release candidate of VectorLinux 7.0. There have been numerous changes since the beta 2.1 release. The kernel is version, glibc is 2.13 and everything else is up-to-date with Slackware 13.37. We have the new Xfce 4.8 with Glx-Dock, the latest AbiWord, Gnumeric, Scribus, Inkscape, Shotwell and a vast array of other programs in all categories at their latest stable versions. We have squashed major bugs that occurred during the second beta cycle, which includes updates to the kernel, firmware, vasm, GDM, VectorLinux artwork, ConsoleKit and some minor theme changes." The release announcement. Download: VL7.0-STD-RC1.iso (618MB, MD5).

VortexBox 1.9

Andrew Gillis has announced the release of VortexBox 1.9, a Fedora-based distribution with the ability to turn an unused computer into an easy-to-use music server: "We are pleased to announce the release of VortexBox 1.9. This release adds updated versions of many of the packages that make VortexBox work so well. This version includes a new kernel for better hardware support. The DVD ripping package has also been improved and, of course, we added the latest version of SqueezeBox Server (7.5.4). The DAAP server has been updated to support Apple TV and you can now stream music directly from your VortexBox to your Apple TV including cover art. VortexBox can even stream your FLAC collection to Apple TV even though Apple TV doesn't support FLAC." Here is the brief release announcement. Download (MD5): vortexbox-1.9.iso (617MB).