This week saw the release Linux 5.8, which Linus Torvalds called "one of our biggest releases of all time," reports TechRepublic: The new version of the Linux kernel brings a number of updates to Linux 5.7 spanning security, core components, drivers, memory management, networking and improvements to the kernel's design, amongst others. This includes updates for Microsoft's Hyper-V virtualization platform, Intel Tiger Lake Thunderbolt support, improvements to Microsoft's exFAT file system, and support for newer Intel and ARM chips.

Torvalds said the kernel had received over 15,000 merge requests and that around 20% of all the files in the kernel source repository had been modified. "That's really a fairly big percentage, and while some of it is scripted, on the whole it's really just the same pattern: 5.8 has simply seen a lot of development," Torvalds said.

Translated into numbers, Linux 5.8 includes over 800,000 new lines and over 14,000 changed files. It also received one of the biggest number of merge requests during its merge window — over 14,000 non-merge commits and more than 15,000 including merges, according to Torvalds. "5.8 looks big. Really big," he added.

Today the BBC told the story of Jun Wei Yeo, "an ambitious and freshly enrolled Singaporean PhD student" who was gradually recruited by Chinese intelligence.

Yeo "would end up using the professional networking website LinkedIn, a fake consulting company and cover as a curious academic to lure in American targets." Some of the targets that Yeo found by trawling through LinkedIn were commissioned to write reports for his "consultancy", which had the same name as an already prominent firm. These were then sent to his Chinese contacts. One of the individuals he contacted worked on the U.S. Air Force's F-35 fighter jet programme and admitted he had money problems. Another was a U.S. army officer assigned to the Pentagon, who was paid at least $2,000 (£1,500) to write a report on how the withdrawal of US forces from Afghanistan would impact China... According to the court documents, his handlers advised him to ask targets if they "were dissatisfied with work" or "were having financial troubles"...

In 2018, Yeo also posted fake online job ads for his consulting company. He told investigators he received more than 400 CVs with 90% of them coming from "US military and government personnel with security clearances". Some were passed to his Chinese handlers... Dickson Yeo does not appear to have got as far with his contacts as his handlers would have liked. But in November 2019, he travelled to the U.S. with instructions to turn the army officer into a "permanent conduit of information", his signed statement says.

He was arrested before he could ask.
The 39-year-old now faces up to 10 years in prison for being an "illegal agent of a foreign power" — but the article notes he was "aided by an invisible ally — the LinkedIn algorithm.

"Each time Yeo looked at someone's profile it would suggest a new slate of contacts with similar experience that he might be interested in..."

Microsoft's professional networking site LinkedIn said on Tuesday it would cut about 960 jobs, or 6% of its global workforce, as the coronavirus pandemic is having a sustained impact on demand for its recruitment products. From a report: California-based LinkedIn helps employers assess a candidate's suitability for a role and employees use the platform to find new job. Jobs will be cut across sales and hiring divisions of the group globally. Announcing the plan in a message posted on LinkedIn's website, Chief Executive Ryan Roslansky said the company would provide at least 10 weeks of severance pay as well as health insurance for a year for U.S. employees, and will hire for newly-created roles from laid-off staff. "I want you to know these are the only layoffs we are planning," Roslansky said in his message. Affected staff, who have not yet been told, would be able to keep company-issued cell phones, laptops, and recently purchased equipment to help them work from home while making career transitions, he said.

Microsoft will stop relying on Amazon to help it run the popular Minecraft video game. CNBC reports: The shift represents an obvious way for Microsoft to cut back on payments to one of its toughest competitors and promote its own product. Amazon Web Services rules the market for public cloud infrastructure for running software from afar through vast data centers, and Microsoft has been working to take share with its Azure cloud. Azure is growing faster than many other parts of Microsoft, helping it lean less on longstanding properties like Windows and Office. Moving more of its own software to Azure can help Microsoft make the case to customers that it doesn't look anywhere else for computing, storage and networking resources to deliver its online services. That's an important consideration, because Amazon can tell customers that its sprawling e-commerce business consumes resources from AWS.

The use of AWS for Minecraft for a version called Realms -- virtual places for small groups to gather and play the open-world game together -- dates to 2014. Months after AWS published a blog post about how Mojang, the game developer behind Minecraft, had chosen to tap AWS for Realms, Microsoft announced that it would acquire Mojang for $2.5 billion. It would not have been right to make Mojang get off AWS immediately after the acquisition, Matt Booty, the head of studios at Microsoft, suggested in a recent interview. Now there is an end in sight for the dependence on a rival. "We'll be fully transitioned to Azure by the end of the year," the Microsoft spokesperson wrote.

During a series of Cisco online all-hands meetings on race in early June, some workers posted comments in message channels that other staff and company management said were demeaning to Black people, exposing racial divisions at the Silicon Valley tech giant and leading to the dismissal of a number of people. From a report: During the first videoconference on June 1, following the killing of George Floyd by Minneapolis police, Chief Executive Officer Chuck Robbins spoke with Ford Foundation President Darren Walker, who is Black, and Bryan Stevenson, a Black lawyer and author who founded the Equal Justice Initiative, in front of 30,000 employees. The conversations about race continued in subsequent online global staff meetings. "Black lives don't matter. All lives matter," one worker wrote in the comments during one of the virtual all-hands meetings, according to screen shots obtained by Bloomberg. Another said the phrase Black Lives Matter "reinforces racism" because it singles out one ethnic group. "People who complain about racism probably have been a racist somewhere else to people from another race or part of systematic oppression in their own community!" a third worker wrote in the chat section visible for all those online. Cisco, the world's largest networking company, said it fired "a handful" of workers for inappropriate conduct because it "will not tolerate" racism.

The U.S. is "looking at" banning TikTok and other Chinese social media apps, Secretary of State Mike Pompeo told Fox News. From a report: His comments come amid rising tensions between the U.S. and China and as scrutiny on TikTok and Chinese technology firms continues to grow. When asked in a Fox News interview if the U.S. should be looking at banning TikTok and other Chinese social media apps, Pompeo said: "We are taking this very seriously. We are certainly looking at it. We have worked on this very issue for a long time," he said. "Whether it was the problems of having Huawei technology in your infrastructure we've gone all over the world and we're making real progress getting that out. We declared ZTE a danger to American national security," Pompeo added, citing the two Chinese teleommunications networking companies. The remark comes days after India banned TikTok and 58 other apps and services developed by Chinese firms citing cybersecurity concerns.

Andy Greenberg writes via Wired: Late last week, government agencies, including the United States Computer Emergency Readiness Team and Cyber Command, sounded the alarm about a particularly nasty vulnerability in a line of BIG-IP products sold by F5. The agencies recommended security professionals immediately implement a patch to protect the devices from hacking techniques that could fully take control of the networking equipment, offering access to all the traffic they touch and a foothold for deeper exploitation of any corporate network that uses them. Now some security companies say they're already seeing the F5 vulnerability being exploited in the wildâ"and they caution that any organization that didn't patch its F5 equipment over the weekend is already too late.

The F5 vulnerability, first discovered and disclosed to F5 by cybersecurity firm Positive Technologies, affects a series of so-called BIG-IP devices that act as load balancers within large enterprise networks, distributing traffic to different servers that host applications or websites. Positive Technologies found a so-called directory traversal bug in the web-based management interface for those BIG-IP devices, allowing anyone who can connect to them to access information they're not intended to. That vulnerability was exacerbated by another bug that allows an attacker to run a "shell" on the devices that essentially lets a hacker run any code on them that they choose. The result is that anyone who can find an internet-exposed, unpatched BIG-IP device can intercept and mess with any of the traffic it touches. Hackers could, for instance, intercept and redirect transactions made through a bank's website, or steal users' credentials. They could also use the hacked device as a hop point to try to compromise other devices on the network. Since BIG-IP devices have the ability to decrypt traffic bound for web servers, an attacker could even use the bug to steal the encryption keys that guarantee the security of an organization's HTTPS traffic with users, warns Kevin Gennuso, a cybersecurity practitioner for a major American retailer. While only a small minority of F5 BIG-IP devices are directly exploitable, Positive Technologies says that still includes 8,000 devices worldwide. "About 40 percent of those are in the U.S., along with 16 percent in China and single-digit percentages in other countries around the globe," reports Wired.

"Owners of those devices have had since June 30, when F5 first revealed the bug along with its patch, to update," adds Wired. "But many may not have immediately realized the seriousness of the vulnerability. Others may have been hesitant to take their load balancing equipment offline to implement an untested patch, points out Gennuso, for fear that critical services might go down, which would further delay a fix."

As advertisers pull away from Facebook to protest the social networking giant's hands-off approach to misinformation and hate speech, the company is instituting a number of stronger policies to woo them back. From a report: In a livestreamed segment of the company's weekly all-hands meeting, CEO Mark Zuckerberg recapped some of the steps Facebook is already taking, and announced new measures to fight voter suppression and misinformation -- although they amount to things that other social media platforms like Twitter have already enacted and enforced in more aggressive ways.

At the heart of the policy changes is an admission that the company will continue to allow politicians and public figures to disseminate hate speech that does, in fact, violate the Facebook's own guidelines -- but it will add a label to denote they're remaining on the platform because of their "newsworthy" nature. It's a watered down version of the more muscular stance that Twitter has taken to limit the ability of its network to amplify hate speech or statements that incite violence. [...] Zuckerberg's remarks came days of advertisers -- most recently Unilever and Verizon -- announced that they're going to pull their money from Facebook as part the #StopHateforProfit campaign organized by civil rights groups.

Google escalated a fight with Sonos over the wireless home-speaker market, filing a lawsuit that alleges patent infringement. From a report: The conflict between the two companies, which had been collaborating on incorporating some Google features in Sonos's speakers, erupted in January when Sonos sued Google for infringing its patents. The speaker maker is facing increased competition from tech giants such as Google and Amazon.com that are expanding into selling Internet-connected home gadgets, including less expensive wireless speakers. "Sonos has made false claims about the companies' shared work and Google's technology in the lawsuits," the Alphabet unit said in a complaint filed Thursday in San Francisco federal court. "While Google rarely sues other companies for patent infringement, it must assert its intellectual property rights here." Sonos, the Santa Barbara-based pioneer of wireless speakers, is using Google's patented technology for search, software, networking, audio processing and digital-media management and streaming, while refusing to pay a license, according to the lawsuit.

A group of U.S. lawmakers preparing to fight a legislative attack on encrypted communications is trying to establish what happened when encryption was subverted at a Silicon Valley maker of networking gear. From a report: Democrat Ron Wyden, who sits on the Senate Intelligence Committee, said the 2015 incident at Sunnyvale-based Juniper Networks could shed light on the risks of compromised encryption before an expected hearing on the proposed legislation. The EARN IT Act could penalize companies that offer security that law enforcement can't easily penetrate. "Attorney General (William) Barr is demanding that companies like Facebook weaken their encryption to allow the Department of Justice to monitor users' conversations," Wyden told Reuters. ""Congress and the American people must understand the serious national security risks associated with weakening the encryption that protects Americans' personal data, as well as government and corporate systems." In a letter to Juniper Chief Executive Rami Rahim sent late Tuesday, Wyden, Republican Senator Mike Lee of the Judiciary Committee, and the chairmen of the House Judiciary and Homeland Security committees asked what had happened to an investigation Juniper announced after it found "unauthorized code" inside its widely used NetScreen security software in 2015.

Last month Techcrunch reported that Mozilla had gone "full incubator" by holding a startup lab called Fix the Internet, followed by "a formal program dangling $75,000 investments in front of early-stage companies..."

Fix the Internet had many key themes, including collaboration and decentralization (as well as user-controlled data and privacy-protecting social networks). That event "drew the interest of some 1,500 people in 520 projects, and 25 were chosen to receive the full package and stipend during the development of their minimum viable product (MVP). Below that, as far as pecuniary commitment goes, is the 'MVP Lab,' similar to the spring program but offering a total of $16,000 per team."

And one of those MVP Lab teams is Meething, a new video conferencing and collaboration platform from the innovation lab ERA. Meething "aims to be more secure than existing video conferencing tools and run on a decentralized database engine and leverage peer-to-peer networking" according to ZDNet.

In their video interview with CEO Mark Nadal, he outlined the following selling points:

• Browser based video conferencing gives customers better options for security as well as branding.
• Open source architecture is a win and the peer-to-peer networking is more efficient on compute costs.
• Meething doesn't require downloads or apps that increase the security attack surface.
  
  The total addressable market for video conferencing is large and can support multiple players.

Their press release quotes Mark Mayo, a former Chief Product Officer at Mozilla who served as Meething's mentor, arguing that video conferencing on the web "has long promised to enable a whole new world of online collaboration. Frankly, it hasn't delivered. It's been way too hard to build cool products with video and Meething aims to be the zero-barrier-to-entry platform that realizes this future. Soon, video conferencing won't suck!"

Benedict Evans: I suspect part of the answer to this is actually that a lot of physical events will come back in some form as we emerge from lockdown. But this also makes me think that there will be new tools with much more radically new approaches, and some new behaviours and habits. Hence, it's often struck me that networking events are pretty inefficient and random. If you're going to spend an hour or two in a room with 50 or 500 people, then you could take that as a purely social occasion and enjoy yourself. But if your purpose is to have professionally useful conversations, then what proportion of the people in the room can you talk to in an hour and how likely is it that they'll be the right ones? Who's there? I sometimes suggest it would be helpful if we all wore banners, as in the image at the top, so that you could look across the room and see who to talk to. (First Tuesday did something like this in 1999, with different coloured badges.)

This might just be that I'm an introvert asking for a machine to manage human connections for me (and I am), but there is also clearly an opportunity to scale the networking that happens around events in ways that don't rely on random chance and alcohol tolerance. A long time ago Twitter took some of that role, and the explosion of online dating also shows how changing the way you think about pools and sample sets changes outcomes. In 2017, 40% of new relationships in the USA started online. Next, before lockdown, you would often have planned to schedule a non-urgent meeting with a partner or client or connection 'when we're in the same city.' That might be at some specific event, but it might also just be for some ad hoc trip -- 'next time I'm in the Bay Area' or 'next time you're in New York.' In January most people would never actually have thought of making a video call, but today every meeting is a video call, so all of those meetings can be a video call too, and can happen this week rather than 'next time I fly to that city' -- or 'at CES/NAB/MIPCOM.' In the last few months video calls have broke through that habit. I wonder what happens if we accelerate all of those meetings in that way. To argue against some of this, James Turrell has said that part of the value of Roden Crater's remoteness is that you have to really care to go there. Getting a plane and a hotel and a ticket, and taking days of time, has some of the same effect for a conference -- it gives a selection filter for people who care. There is value in aggregating people around a professional interest graph, and in doing that in a focused way, perhaps even around a particular time. (There are also, of course, exclusionary effects to this.)

Google CEO Sundar Pichai told employees Tuesday that the search giant is targeting July 6 to reopen offices for workers that want to come back to in person. The return will be gradual, starting at about 10% building capacity, he said. The company aims to ramp up to 30% capacity by September. From a report: For people who want to continue working from home, the company will allow employees to expense up to $1,000 for equipment and furniture, including things such as standing desks and monitors. Google has been more vocal about employees returning to the workplace while other tech giants have touted permanent work from home options. Pichai's remarks to staff come days after Facebook CEO Mark Zuckerberg said the social networking giant will allow some employees to work from home permanently. He said about half of Facebook's workforce could be remote over the next five to 10 years. Twitter made a similar announcement earlier this month. CEO Jack Dorsey also extended the policy to his other company, mobile-payments firm Square, last week.

Peter Chou, the man who led HTC through its most prosperous years as an Android phone maker, is returning to consumer electronics with the unveiling of a new virtual reality headset, platform and company. From a report: Called XRSpace, the project has been in the works for three years and its centerpiece is a mobile VR headset equipped with fifth-generation wireless networking and over three hours of battery life. Partnering with Deutsche Telekom and Chunghwa Telecom, XRSpace is also building the VR platform on which services, games and social activities can be accessed and experienced. Priced at $599, the XRSpace headset has a high cost of entry, but the company envisions bundling it with carriers' 5G service packages or in other forms for educational institutions. After its home market of Taiwan, it'll look to expand to the U.S. and Europe, Chou said in an interview with Bloomberg News, with the rest of Asia to follow.

The official COVID-19 contact-tracing app for the state of North Dakota, designed to detect whether people have potentially been exposed to the coronavirus, sends location data and a unique user identifier to Foursquare -- and other data to Google and a bug-tracking company -- according to a new report from smartphone privacy company Jumbo Privacy. From a report: The app, called Care19, and produced by a company called ProudCrowd that also makes a location-based social networking app for North Dakota State sports fans, generates a random ID number for each person who uses it. Then, it can "anonymously cache the individual's locations throughout the day," storing information about where people spent at least 10 minutes at a time, according to the state website. If users test positive for the coronavirus, they can provide that information to the North Dakota Department of Health for contact-tracing purposes so that other people who spent time near virus patients can potentially be notified. According to the app's privacy policy, "location data is private to you and is stored securely on ProudCrowd, LLC servers" and won't be shared with third parties "unless you consent or ProudCrowd is compelled under federal regulations."

An anonymous reader quotes a report from Paul Thurrott: With the new build of Windows 10 [19628], Microsoft is starting to test DNS over HTTPS. The new build comes with Microsoft's initial support for DNS over HTTPS on Windows, and Insiders will have to manually enable the new feature. If you would like to enable DNS over HTTPS in Windows 10, you will have to first install the latest Insider build. After that, you will have to go into the registry and tweak an entry to first enable the new DNS over HTTPS client, and then update the DNS servers your computer is using. It's not as easy as ticking a checkbox, but Microsoft has shared the instructions to enable the feature in detail, so make sure to check it out here. What is DNS over HTTPS and why is it important? "DNS, to put simply, is the process where an easy-to-read and write domain address is translated into an actual IP address for where a web resource is located," writes Thurrott. "Although most websites already use HTTPS for added privacy, your computer is still making DNS requests and resolving addresses without any encryption. With DNS over HTTPS, your device will perform all the required DNS requests over a secured HTTPS connection, which improves security thanks to the encrypted connection."

An anonymous reader quotes a report from Bloomberg: Facebook's Oculus division is building a new version of its Quest standalone virtual reality headset, but the device is facing potential delays due to the impact of Covid-19 on product development and the global supply chain. The social-networking giant is working on multiple potential successors to the Quest. Some models in advanced testing are smaller, lighter, and have a faster image refresh rate for more realistic content, according to people familiar with the matter. These headsets also have redesigned controllers, said the people, who asked not to be identified discussing unannounced products.

The company hasn't finalized which new version of the Quest it will release, and the final product may have different features. Facebook originally planned to launch the new model at the end of 2020, around its annual Oculus Connect conference, but the coronavirus pandemic could delay the headset from shipping until 2021, the people said. Some versions in testing are 10% to 15% smaller than the current Quest. That, in addition to being lighter, makes them more comfortable to wear, one of the people said. The existing model weighs about 1.25 pounds, which is too heavy for some users wearing the device for extended periods. The models in testing are closer to a pound, the person said. The company could sell the new model alongside the current Quest, or choose to fully replace it.

coondoggie writes: A glimpse into what that future means for IT networking professionals can be found in Cisco's 2020 Global Networking Trends Report. It was completed before COVID-19 changed the way company's do business, but the predicted impacts have been hastened by the pandemic's impact. From the networking study, Cisco put forward a number of new or developing roles it expects to see in the future, including:

Business translator: The business translator works to better turn the needs of business into service-level, security and compliance requirements that can be applied and monitored across the network. The translator also works to use network and network data for business value and innovation, and their knowledge of networking and application APIs will help them glue the business to the IT landscape.
Network guardian: A network guardian works to bridge network and security architectures. They build the distributed intelligence of the network into security architecture and the SecOps process. This is where networking and security meet, and the guardian is at the center of it all, pulling in and pushing out vast amounts of data, distilling it and then taking action to identify faults or adapt to shutdown attackers.
Network commander: Intent-based networking builds on controller-based automation and orchestration processes. The network commander takes charge of these processes and practices that ensure the health and continuous operation of the network controller and underlying network.
Network orchestrator: This position translates business needs into network policy. It focuses on policy translation and automation, and policy alignment across network and IT domains.
Network detective: A network detective uses and tunes network assurance tools that employadvanced analytics and AI to ensure that the network delivers on business intent. They work with IT service-management processes and SecOps teams to identify network anomalies and close potential security holes. Like the network guardian, they use data proactively to identify faults and attacks.

Free software evangelist Jeremy Allison - Sam (Slashdot reader #8,157) is a co-creator on the Samba project, a re-implementation of SMB/CIFS networking protocol, and he also works in Google's Open Source Programs Office. Now he shares his presentation at the Software Freedom Conservancy's "International Copyleft Conference." He writes: The Samba project has traditionally been one of the strongest proponents of Copyleft licensing and Free Software. However, in the Corporate Cloud-first world we find ourselves, traditional enforcement mechanisms have not been effective. How do we achieve the goals of the Free Software movement in this new world and how do we need to change what we're doing to be successful ?

Traditional license enforcement doesn't seem to work well in the Cloud and for the modern software environment we find ourselves. In order to achieve the world of Free Software available for all I think we need to change our approach. Both GPLv3 and the AGPL have been rejected soundly by most developers. I would argue that we need a new way to inspire developers to adopt Free Software goals and principles, as depending on licensing has failed as licensing itself has fractured.

Communication and collaboration are key to this. Stand-alone software is essentially useless. Software interoperability and published protocol and communication definitions are essential to build a freedom valuing software industry for the future
The talk's title? "Copyleft and the Cloud: Where do we go from here?"

The COVID-19 pandemic has caused a surge in sales for consumer technology in the U.S., even as spending declines overall, an NPD analyst is reporting. The Verge reports: For the week ending April 18th, NPD's Stephen Baker notes that consumer tech sales increased by 23 percent year-over-year. In contrast, the group tracked an overall decline in spending of 23 percent across the industries it tracks. NPD's data also suggests that people are buying more tech to keep themselves entertained, not just to work or learn remotely.

TV sales are up by a massive 86 percent and are selling at the highest volume ever outside a holiday, according to Baker. People are also buying accessories like soundbars (up by 69 percent) and streaming players (42 percent). DVD and Blu-ray players were also up by 27 percent, showing that even physical media is getting a boost. That's not surprising given that last week the NPD reported that nearly a third of US households are without broadband access, which could limit their ability to stream video. Sales of monitors increased by 73 percent compared to last year, PCs were up 53 percent, printers were up by 61 percent, and microphones were up by a massive 147 percent. Chromebook sales are also reportedly seeing triple-digit sales increases, which makes sense given how popular they are in classrooms. Underpinning all this tech is a 70 percent increase in the sale of networking equipment.