The Register - Australia's government has fulfilled a promise to probe Web giants' impact on the media, news and advertising businesses.
The land down under recently re-wrote its laws on media ownership, to allow greater concentration of ownership. That law was contentious, given that a certain R Murdoch already dominates Australian media. To gain the votes needed to get the law through the Parliament, the government therefore pledged an inquiry into how the media landscape has changed given that advertising spend on digital platforms has gone from zero per cent of the market to forty per cent in under two decades.
Treasurer Scott Morrison MP has now ordered Australia's Competition and Consumer Commission (ACCC) to run the promised inquiry.
The Register - Starts talks with Kaspersky to 'prevent the transfer of UK data to the Russian state'
The United Kingdom's National Cyber Security Centre has effectively banned the use of Russian anti-virus products from government departments and revealed it is trying to “prevent the transfer of UK data to the Russian state” from Kaspersky Labs software.
A guidance note published last Friday and distributed to permanent secretaries of government departments, addressed “The issue of supply chain risk in cloud-based products, including anti-virus (AV) software” and explained “how departments should approach the issue of foreign ownership of AV suppliers.”
The advice is simple:
“… where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen. In practical terms, this means that for systems processing information classified SECRET and above, a Russia-based provider should never be used.”
ZDNet - Red Hat, Facebook, Google, and IBM commit to providing a fair cure period to correct open-source GPLv2 software license compliance issues.
The GNU Public License version 2 (GPLv2) is arguably the most important open-source license for one reason: It's the license Linux uses. On November 27, three Linux-using technology powers, Facebook, Google, and IBM, and the major Linux distributor Red Hat announced they would extend additional rights to help companies who've made GPLv2 open-source license compliance errors and mistakes.
The GPLv2 and its close relative, GNU Lesser General Public License (LGPL) are widely-used open source software licenses. When the GPL version 3 (GPLv3) was released, it came with an express termination approach that offered users opportunities to cure errors in license compliance. This termination policy in GPLv3 provided a way for companies to repair licensing errors and mistakes. This approach allows license compliance enforcement that is consistent with community norms.
The four companies are committed to extending the GPLv3 approach for license compliance errors to software code under GPLv2 and LGPLv2.1 and v2. Specifically, the Common Cure Rights Commitment, is:
Computer Weekly - UK government has the innovation skills to become a digital public services leader, but needs to improve the ID and authentication that sits underneath it to reach this goal.
The UK trails countries like Germany, Spain Italy and France when it comes to making its services available digitally, despite being seen as a leader in digital innovation, according to a benchmark of eGovernment services across Europe.
With an overall digital services score of 59%, it was some way behind Germany (76%), Spain (76%), Italy (64%) and France (63%). The UK could benefit from its innovation leadership if it adopts the right identification technology and uses authenticated sources of information that can be re-used across the public sector.
ZDNet - Torvalds explains why he gets angry with security people.
Developers are often accused of not thinking about security, but Linux kernel founder Linus Torvalds has had enough of security people who don't think about developers and end-users.
After blasting some kernel developers last week for killing processes in the name of hardening the kernel, Torvalds has offered a more measured explanation for his frustration with security myopia.
While he agrees that having multiple layers of security in the kernel is a good idea, certain ways of implementing it are not, in particular if it annoys users and developers by killing processes that break users' machines and wreck core kernel code. Because ultimately, if there are no users, there's not much point in having a supremely secure kernel, Torvalds contends.
"'Do no harm' should be your mantra for any new hardening work," Torvalds instructed security developers, reminding them to see the bigger picture.