Openwashing (Fake 'Open Source'), Fake Security, and Charlatans
Openwashing
The Register UK ☛ AWS exec: 'Our understanding of open source has started to change'
Why is there not an in-place upgrade from one Amazon Linux to another? “We’ve been focused on providing a stable platform,” said Nalley. “The nature of doing in-place upgrades tends to be destabilizing. You’re upgrading the underlying version of glibc or llvm and keeping that safe across versions is a challenge.”
Silicon Angle ☛ GitLab beats expectations, delivers first-ever profit, and its stock jumps
The company reported earnings before certain costs such as stock compensation of nine cents per share on revenue of $149.7 million, up 32% from a year earlier. That was well ahead of Wall Street’s call for a one-cent-per-share loss on sales of just $141.5 million.
Fake Security
-
The Register UK ☛ EU lawmakers finalize cyber security rules that panicked open source devs
Once in force, which will happen 20 days after its adoption by Parliament and the Council, the CRA will require hardware and software makers to meet some intimidating targets. Included in the rule is a 24-hour disclosure period for any newly-discovered security flaw under active exploitation, five years of security patch support, thorough documentation of all security features, and more.
Matthew Garrett ☛ Why does Gnome fingerprint unlock not unlock the keyring? [Ed: TPM is not security and these fingerprint things are futuristic gimmicks rather than a mechanism for authentication]
We can't use the TPM because there's no secure communications channel between the fingerprint reader and the TPM, so we can't configure the TPM to release secrets only if an associated fingerprint is provided.
