Author Archive

Open Letter – Call for major websites to opt out of Phorm

Posted by on Friday, 17 April, 2009

From http://www.openrightsgroup.org/2009/03/22/open-letter-call-for-major-websites-to-opt-out-of-phorm/

Open letter, sent to Chief Privacy Officers or equivalent at:

(i) Microsoft
(ii) Google / Youtube
(iii) Facebook
(iv) AOL / Bebo
(v) Yahoo
(vi) Amazon
(vii) Ebay

Dear Sir / Madam,

We are writing this open letter to you to ask you if you will act to protect your users’ privacy.

We are asking you to exercise your ability to opt out of the Phorm system, that is planned to be rolled out in the near future under the “Webwise” brand by BT, Virgin and TalkTalk, the three largest UK ISPs.

You may already be aware of the very significant concerns being expressed by many of your UK Internet customers about the interception and processing of their data whenever it is viewed by customers whose ISPs deploy the Phorm/Webwise system.

This was recently highlighted in a widely reported meeting held in Parliament, hosted by Baroness Miller, at which Sir Tim Berners-Lee, the inventor of the World Wide Web, made a firm stand against
technologies which ’snoop’ on the Internet, because of the highly sensitive nature of those communications.

Further demonstrations of the worries about Phorm include over 21,000 members of the public signing a petition against Phorm’s deployment:

<http://petitions.number10.gov.uk/ispphorm/>

We believe that many of your customers will feel exactly the same way. They may be using other Internet providers, but the information they put on your website may well be viewed by them as personal, and they will not wish it to be read and stored by third party technologies.

Even where your customers are using Phorm / Webwise ISPs, we are entirely unconvinced that the information they are given will ensure that they give ‘informed consent’ to the processing of all the data they send to and receive from your website.

Additionally, you may have concerns of your own; that a third party will be processing the contents of your website, without asking your permission, in order to construct profiles of your customers.

You may already be aware of our view that the Phorm / Webwise system is illegal. Communications cannot be lawfully intercepted, as this system does, without the informed consent of both the sender and receiver. The system will make copies of copyright material without permission, a further unlawful activity. Also, by forging extra ‘tracking’ cookies in your name, it may well bring your own system into disrepute.

We strongly believe that it is clearly in your company’s interest, it is in the interests of all of your customers, and it will serve to protect your brand’s reputation, if you insist that the Phorm/Webwise
system does not process any data that passes to or from your website.

You may well wish to reserve the right to take legal action on your own account. However, Phorm have announced an alternative and relatively simple way of taking action, in that it is possible to “opt
out” of their system by simply sending an email to website-exclusion at webwise.com.

They provide full details at:
<http://www2.bt.com/static/i/btretail/webwise/help.html#how-do-i-prevent-webwise-from-scanning-my-site>.While we recognise that an “opt-out” is an entirely second-rate way of dealing with this problem, we would strongly urge you to take advantage of it, in order to immediately reduce the risk of harm to
your company and to your customers.

Making your decision public will provide reassurance to your customers, and will help them retain confidence in your brand, as well as in the integrity of the Internet as a whole.

We therefore strongly urge you to exercise your ability to “opt out” as soon as possible, and declare publicly to us and to your customers that data sent to and from your website will not be snooped upon by the Phorm/Webwise system.

Yours faithfully

Jim Killock, Executive Director, Open Rights Group

Richard Clayton, Treasurer, Foundation for Information Policy Research

Alexander Hanff

Pete John

Category: YourRights   , , ,
Comments (0)

Announcing the Release Candidate for Ubuntu 9.04

Posted by on Friday, 17 April, 2009

The Ubuntu team is pleased to announce the Release Candidate for Ubuntu
9.04 Desktop and Server editions and Ubuntu Netbook Remix. Codenamed
“Jaunty Jackalope”, 9.04 continues Ubuntu’s proud tradition of integrating
the latest and greatest open source technologies into a high-quality,
easy-to-use Linux distribution.

We consider this release candidate to be complete, stable, and suitable for
testing by any user.

Ubuntu 9.04 Desktop Edition brings faster boot speeds and a new
notification system to your everyday computing experience.

Ubuntu 9.04 Server Edition makes it easy to experiment with cloud computing
using Eucalyptus on your own servers, and sports an improved mail server
integration stack based on postfix and dovecot.

Ubuntu 9.04 Netbook Remix brings a new, easy-to-use interface
that is designed to be used on the smaller screens of netbook devices.

The Ubuntu 9.04 family of variants, Kubuntu, Xubuntu, Ubuntu Studio, and
Mythbuntu, also reach RC status today.

The final release of Ubuntu 9.04 is scheduled for 23 April 2009 and will
be supported for 18 months on both desktops and servers. Users requiring a
longer support lifetime may choose to continue using Ubuntu 8.04 LTS, with
security support until 2011 on the desktop and 2013 on the server, rather
than upgrade to 9.04.

Before installing or upgrading to Ubuntu 9.04 please review the
instructions and caveats in the release notes:

http://www.ubuntu.com/getubuntu/releasenotes/904

In addition, there are a small number of known bugs in the release
candidate that will be fixed before the Ubuntu 9.04 release, but warrant
highlighting for your attention:

http://www.ubuntu.com/getubuntu/releasenotes/904overview#Known%20issues

About The Release Candidate
—————————

The purpose of the Release Candidate is to solicit one last round of
testing before the final release. Here are ways that you can help:

* Upgrade from Ubuntu or Kubuntu 8.10 to the Release Candidate by
following the instructions in the release notes referenced above.

* Participate in installation testing using the Release Candidate CD
images, by following the testing and reporting instructions at
http://wiki.ubuntu.com/Testing/ISO

Desktop features
—————-

Faster boot times: improvements to Ubuntu’s start-up process mean you can
spend less time waiting and more time being productive with your Ubuntu
desktop.

Notification system: notifications, those alerts that signify a change of
status on your system or whether someone is contacting you, have been made
consistent across applications to provide a pleasing, intuitive experience
for users.

Server features
—————

Cloud computing: Ubuntu Enterprise Cloud (powered by Eucalyptus) puts you
in control of your own cloud computing infrastructure, compatible with
Amazon’s Elastic Compute Cloud (EC2) but running on your own servers behind
your firewall. Ubuntu Server Edition 9.04 will also see Ubuntu available
on Amazon EC2 — making it the most complete cloud environment available
today.

Turn-key mail servers: the dovecot-postfix package in Ubuntu 9.04 provides
an all-in-one solution for deploying SMTP, POP3, and IMAP services with
integrated server-side filtering support.

Netbook Remix features
———————-

Built-for-purpose interface: favourite applications and websites are just a
click away, making Ubuntu Netbook Remix a great choice for netbook users.

Faster boot times: improvements to Ubuntu’s start-up process mean you can
spend less time waiting and more time being productive with your Ubuntu
Netbook desktop.

Ubuntu Netbook Remix is known to work on these netbook models:
Asus Eee PC 900
Acer Aspire One
Dell Mini 9

Kubuntu features
—————-

Kubuntu, built on the amazing KDE 4.2, brings users a complete,
full-featured KDE4 desktop with many new applications and innovations.

Please see https://wiki.kubuntu.org/JauntyJackalope/RC/Kubuntu for details.

Xubuntu features
—————-

Xubuntu comes with the light-weight Xfce 4.6 desktop environment for those
who want a desktop that is easy to use, but places particular emphasis on
conserving system resources.

Please see https://wiki.ubuntu.com/Xubuntu/JauntyJackalope/RC for further
details.

Ubuntu Studio features
———————-

Ubuntu Studio includes updates to input hardware and sound device
management from Ubuntu Desktop and a complete suite of tools for generation
of audio, video, and graphic content.

Ubuntu Studio 9.04 also features a streamlined installation process, giving
you a familiar Ubuntu desktop and all of your studio applications in a
single step.

The realtime kernel flavor (linux-rt) has returned and is again used by
default in Ubuntu Studio. The rtirq script (http://alsa.opensrc.org/Rtirq

)
is also now included in the ubuntustudio-audio package. It is recommended
that users not use the new EXT4 filesystem with the linux-rt kernel on
production systems due to some reports of instability.

Jack-audio-connection-kit now includes support for the Free Firewire Audio
Drivers (FFADO, www.ffado.org).

Mythbuntu features
——————

As of 9.04, Mythbuntu fits better into the Ubuntu ecosystem by using the
same build methods as all other remixes and derivatives. Because of this,
9.04 has been a focus around stability and preparing for an easy transition
to the next version of MythTV (0.22) later this year.

Unfortunately, the main Mythbuntu website, http://mythbuntu.org is
temporarily down due to a problem with the hosting provider. RC images
will still be available at
http://cdimage.ubuntu.com/mythbuntu/releases/jaunty . We’ll restore the
other mirrors as soon as the main site returns.

A more complete tour of the features new in 9.04 can be found at
http://www.ubuntu.com/getubuntu/releasenotes/904overview

About Ubuntu
————

Ubuntu is a full-featured Linux distribution for desktops, laptops, netbooks
and servers, with a fast and easy installation and regular releases. A
tightly-integrated selection of excellent applications is included, and an
incredible variety of add-on software is just a few clicks away.

Professional services including support are available from Canonical and
hundreds of other companies around the world. For more information about
support, visit http://www.ubuntu.com/support

To Get the Ubuntu 9.04 Release Candidate
—————————————-

To upgrade to Ubuntu 9.04 Release Candidate from Ubuntu 8.10, follow these
instructions:

https://help.ubuntu.com/community/JauntyUpgrades

Or, to perform a new installation or try out 9.04 “live” from CD, download
the Ubuntu 9.04 Release Candidate here (choose the mirror closest to you):

Asia:

* http://ftp.tcc.edu.tw/iso/Ubuntu/9.04 (Taiwan)

Europe:

* http://ubuntu.univ-nantes.fr/ubuntu-cd/9.04 (France)
* http://ftp.uni-kl.de/pub/linux/ubuntu.iso/9.04 (Germany)
* http://ftp.ntua.gr/pub/linux/ubuntu-releases/9.04 (Greece)
* http://ie.releases.ubuntu.com/9.04 (Ireland)
* http://nl.releases.ubuntu.com/releases/9.04 (Netherlands)
* http://es.releases.ubuntu.com/9.04 (Spain)
* http://se.releases.ubuntu.com/9.04 (Sweden)
* http://ubuntu-releases.datahop.it/9.04 (United Kingdom)

North America:

* http://less.cogeco.net/ubuntu-releases/9.04 (Canada)
* http://mirrors.cat.pdx.edu/ubuntu-releases/9.04 (United States)
* http://ubuntu.media.mit.edu/ubuntu-releases/9.04 (United States)

Oceania/Australia:

* http://ubuntu-releases.optus.net/9.04 (Australia)
* http://ftp.citylink.co.nz/ubuntu-releases/9.04 (New Zealand)

Rest of the world:

http://releases.ubuntu.com/9.04 (Great Britain)

Please download using BitTorrent if possible. See
https://help.ubuntu.com/community/BitTorrent for more information about
using BitTorrent.

Feedback and Helping
——————–

If you would like to help shape Ubuntu, take a look at the list of ways you
can participate at

http://www.ubuntu.com/community/participate/

Your comments, bug reports, patches and suggestions will help turn this
Release Candidate into the best release of Ubuntu ever. Please note that,
where possible, we prefer that bugs be reported using the tools provided,
rather than by visiting Launchpad directly. Instructions can be found at

https://help.ubuntu.com/community/ReportingBugs

If you have a question, or if you think you may have found a bug but are
not sure, first try asking on the #ubuntu IRC channel on FreeNode, on the
Ubuntu Users mailing list, or on the Ubuntu forums:

http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
http://www.ubuntuforums.org/

Category: Releases   , ,
Comments (0)

Debian GNU/Linux 5.0 updated

Posted by on Monday, 13 April, 2009

——————————

——————————————-
The Debian Project http://www.debian.org/
Debian GNU/Linux 5.0 updated press@debian.org
April 11th, 2009 http://www.debian.org/News/2009/20090411
————————————————————————-

Debian GNU/Linux 5.0 updated

The Debian project is pleased to announce the first update of its stable
distribution Debian GNU/Linux 5.0 (codename “lenny”). This update mainly
adds corrections for security problems to the stable release, along with
a few adjustment to serious problems.

Please note that this update does not constitute a new version of Debian
GNU/Linux 5.0 but only updates some of the packages included. There is
no need to throw away 5.0 CDs or DVDs but only to update via an up-to-
date Debian mirror after an installation, to cause any out of date
packages to be updated.

Those who frequently install updates from security.debian.org won’t have
to update many packages and most updates from security.debian.org are
included in this update.

New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively will
be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian’s many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:

<http://www.debian.org/distrib/ftplist>

Miscellaneous Bugfixes
———————-

This stable update adds several binary updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:

Package Reason

barnowl Fix for CVE-2009-0363 (through testing-security)
base-files Fix a typo to remove “base” correctly
bind9 Fix atomic operations on alpha and ia64
brltty Upload with fixed version number
consolekit Various fixes
fai Fix typo which prevents perl scripts to work
firmware-nonfree Kernel ABI change
flpsed Fix dependency on ghostscript-x
gdm Fix a double free
gthumb Fix copying loop
gtick Add dependency on oss-compat
gtk+2.0 Fix infinite loop caused by setting color scheme
gtkguitune Add dependency on oss-compat
heartbeat Fix failover and message corruption
imagemagick Replace non-free fonts
irqbalance Do not crash on bogus /proc/irq entries
kvm Fix hang on reboot with virtio
libbz2-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libcgi-application-plugins-perl Fix information leak
libeb-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libfilesystem-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libfusefs-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libkakasi-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libodbc-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libopengl-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
librevolution-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libvorbisfile-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
libwrap-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
linux-2.6 Several issues
linux-kernel-di-alpha-2.6 New kernel for debian-installer
linux-kernel-di-amd64-2.6 New kernel for debian-installer
linux-kernel-di-arm-2.6 Add minix-modules to orion5x kernel flavour
linux-kernel-di-armel-2.6 New kernel for debian-installer
linux-kernel-di-hppa-2.6 New kernel for debian-installer
linux-kernel-di-i386-2.6 New kernel for debian-installer
linux-kernel-di-ia64-2.6 New kernel for debian-installer
linux-kernel-di-mips-2.6 New kernel for debian-installer
linux-kernel-di-mipsel-2.6 New kernel for debian-installer
linux-kernel-di-powerpc-2.6 New kernel for debian-installer
linux-kernel-di-s390-2.6 New kernel for debian-installer
linux-kernel-di-sparc-2.6 New kernel for debian-installer
linux-latest-2.6 Kernel ABI change
linux-modules-contrib-2.6 Rebuild for kernel ABI change
linux-modules-di-alpha-2.6 New kernel modules for debian-installer
linux-modules-di-amd64-2.6 New kernel modules for debian-installer
linux-modules-di-arm-2.6 New kernel modules for debian-installer
linux-modules-di-armel-2.6 New kernel modules for debian-installer
linux-modules-di-hppa-2.6 New kernel modules for debian-installer
linux-modules-di-i386-2.6 New kernel modules for debian-installer
linux-modules-di-ia64-2.6 New kernel modules for debian-installer
linux-modules-di-mips-2.6 New kernel modules for debian-installer
linux-modules-di-mipsel-2.6 New kernel modules for debian-installer
linux-modules-di-powerpc-2.6 New kernel modules for debian-installer
linux-modules-di-s390-2.6 New kernel modules for debian-installer
linux-modules-di-sparc-2.6 New kernel modules for debian-installer
linux-modules-extra-2.6 Rebuild for kernel ABI change
linux-modules-nonfree-2.6 Rebuild for kernel ABI change
live-initramfs Fix media timeout, boot and shutdown issues
lvm2 Fix lvm on multipath in initrd
mediawiki Fix XSS vulnerabilities
mp3gain [i386] Rebuild in a clean environment
mt-daapd Fix crasher in built-in webserver
munin Fix cgi mode
nvidia-graphics-legacy-96xx-modules-amd64 Rebuild for kernel ABI change
nvidia-graphics-legacy-96xx-modules-i386 Rebuild for kernel ABI change
nvidia-graphics-modules-amd64 Rebuild for kernel ABI change
nvidia-graphics-modules-i386 Rebuild for kernel ABI change
oldsys-preseed Add support for the D-Link DNS-323
open-vm-tools Fix builds with other kernels than the running one
openoffice.org Repacked source to remove RFC text file, various bug fixes
optipng Fix array overflow vulnerability
pam Fix signedness error in _pam_StrTok
pcapy Fix memory leak and capturing on lo
pidgin Fix failure while connecting to ICQ servers due to protocol changes
pidgin-otr Provide translation
posixlock [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
postgresql-8.3 New upstream bugfix release
pyusb Fix module for python2.5 on 64 bit arch
qwik [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
root-system Add libsm-dev as Build-Dependency
roundup Fix several vulnerabilities
ruby-v4l [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
samba Fix two bugs of severity important
sary-ruby [armel] Rebuild to put modules in arm-linux instead of arm-linux-eabi
sbnc Fix sbnc.key file location
schroot Build with pthreads explicitly to fix a crash on alpha
smartmontools Fix target not checking for running daemon
snort Fix possible segfault
texlive-extra Blacklist aurora, non-commercial license
toolame Portability fixes
user-mode-linux Rebuild against updated linux-source
xorg-server Work around broken PCI on sparc in lenny’s kernel
xserver-xorg-video-savage Do not add panel modes when there is no panel

New version of debian-installer
——————————-

debian-installer was updated to incorporate the updated Linux kernel
(DSA-1749), to add support for the D-Link DNS-323 (a NAS device) and to
incorporate new archive keys.

Security Updates
—————-

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

Advisory ID Package Correction(s)

DSA-1719 gnutls26 Certificate validation
DSA-1725 websvn Information leak
DSA-1726 python-crypto Denial of service
DSA-1728 dkim-milter Denial of service
DSA-1730 proftpd-dfsg SQL injection vulnerabilities
DSA-1734 opensc Information disclosure
DSA-1735 znc Privilege escalation
DSA-1736 mahara Cross-site scripting
DSA-1737 wesnoth Several vulnerabilities
DSA-1738 curl Arbitrary file access
DSA-1739 mldonkey Double slash vulnerability
DSA-1740 yaws Denial of service
DSA-1741 psi Denial of service
DSA-1742 libsndfile Arbitrary code execution
DSA-1743 libtk-img Arbitrary code execution
DSA-1744 weechat Denial of service
DSA-1745 lcms Arbitrary code execution
DSA-1746 ghostscript Arbitrary code execution
DSA-1747 glib2.0 Arbitrary code execution
DSA-1749 linux-2.6 Several issues
DSA-1750 libpng Several vulnerabilities
DSA-1751 xulrunner Several vulnerabilities
DSA-1752 webcit Potential remote code execution
DSA-1755 systemtap Local privilege escalation
DSA-1756 xulrunner Multiple vulnerabilities
DSA-1757 auth2db SQL injection
DSA-1758 nss-ldapd Information disclosure
DSA-1759 strongswan Possible denial of service
DSA-1760 openswan Possible denial of service

Category: Releases   , , ,
Comments (0)