posted less than an hour ago on slashdot
theodp shared this article from the Washington Post: Bill Gates has a(nother) plan for K-12 public education. The others didn't go so well, but the man, if anything, is persistent. Gates announced Thursday that the Bill & Melinda Gates Foundation would spend more than $1.7 billion over the next five years to pay for new initiatives in public education, with all but 15 percent of it going to traditional public school districts and the rest to charter schools... He said most of the new money -- about 60 percent -- will be used to develop new curriculums and "networks of schools" that work together to identify local problems and solutions, using data to drive "continuous improvement." He said that over the next several years, about 30 such networks would be supported, though he didn't describe exactly what they are... Though there wasn't a lot of detail on exactly how the money would be spent, Gates, a believer in using big data to solve problems, repeatedly said foundation grants given to schools as part of this new effort would be driven by data. "Each [school] network will be backed by a team of education experts skilled in continuous improvement, coaching and data collection and analysis," he said, an emphasis that is bound to worry critics already concerned about the amount of student data already collected and the way it is used for high-stakes decisions. In 2014, a $100 million student data collection project funded by the Gates foundation collapsed amid criticism that it couldn't adequately protect information collected on children. "In his speech, Gates said that education philanthropy was difficult, in part because it is easy to 'fool yourself' about what works and whether it can be easily scaled," according to the article. It also argues that big spending on education by Gates and others "has raised questions about whether American democracy is well-served by wealthy people pouring so much money into pet education projects -- regardless of whether they are grounded in research -- that public policy and funding follow." By 2011 the Gates' foundation had already spent $5 billion on education projects -- and admitted that "it hasn't led to significant improvements."

Read More...
posted about 1 hour ago on slashdot
"Anyone who is pissed off can now automatically find other people that are similarly pissed off," argues author Jamie Bartlett, in a new essay shared by Slashdot reader schwit1 which calls the internet "a bottomless well of available grievance." Here's an excerpt from Newsweek: Silicon Valley's utopians genuinely but mistakenly believe that more information and connection makes us more analytical and informed. But when faced with quinzigabytes of data, the human tendency is to simplify things. Information overload forces us to rely on simple algorithms to make sense of the overwhelming noise. This is why, just like the advertising industry that increasingly drives it, the internet is fundamentally an emotional medium that plays to our base instinct to reduce problems and take sides, whether like or don't like, my guy/not my guy, or simply good versus evil. It is no longer enough to disagree with someone, they must also be evil or stupid... Nothing holds a tribe together like a dangerous enemy. That is the essence of identity politics gone bad: a universe of unbridgeable opinion between opposing tribes, whose differences are always highlighted, exaggerated, retweeted and shared. In the end, this leads us to ever more distinct and fragmented identities, all of us armed with solid data, righteous anger, a gutful of anger and a digital network of likeminded people. This is not total connectivity; it is total division.

Read More...
posted about 3 hours ago on slashdot
An anonymous reader quotes CNET: Google may have a lifeline for struggling news publishers. The web giant is planning to share a chunk of its revenue with publishers, the Financial Times reported Sunday. Google's plan is to mate its treasure trove of personal data with machine learning algorithms to help news publications grow their subscriber base, the newspaper reported... The deal Google is offering to news publishers will reportedly be similar to the arrangement Google has with traditional advertisers through its AdSense business. "We want to have a healthy ecosystem where we'll benefit both as a society and with our business," Richard Gringas, Google's head of news, told the FT. Google promises the revenue sharing "will be very, very generous," although according to TechCrunch they'll also be claiming "a 30% finder's fee" for every new subscriber.

Read More...
posted about 3 hours ago on slashdot
UPDATE (2:53 PST): Google say it hasn't lined up any deals to share revenue and user data with online news sites, calling Sunday news reports "totally wrong." "We have not reached any conclusions on the revenue side," Google spokeswoman Maggie Shiels told CNET. "We haven't reached any conclusions [regarding] subscriptions and need to speak to publishers." An anonymous reader shared the text of CNET's original report: The web giant is planning to share a chunk of its revenue with publishers, the Financial Times reported Sunday. Google's plan is to mate its treasure trove of personal data with machine learning algorithms to help news publications grow their subscriber base, the newspaper reported... The deal Google is offering to news publishers will reportedly be similar to the arrangement Google has with traditional advertisers through its AdSense business. "We want to have a healthy ecosystem where we'll benefit both as a society and with our business," Richard Gringas, Google's head of news, told the FT. Financial Times claimed that Google had promised that the revenue sharing "will be very, very generous," while TechCrunch had reported that Google would also be claiming "a 30% finder's fee" for every new subscriber.

Read More...
posted about 3 hours ago on slashdot
PC-MOS/386 "was a multi-user, computer multitasking operating system...announced at COMDEX in November 1986," remembers Wikipedia, saying it runs many MS-DOS titles (though it's optimized for the Intel 80386 processor). Today Slashdot user Roeland Jansen writes: After some tracking, racing and other stuff...PC-MOS/386 v5.01 is open source under GPLv3. Back in May he'd posted to a virtualization site that "I still have the source tapes. I want(ed) to make it GPL and while I got an OK on it, I haven't had time nor managed to get it legalized. E.g. lift the NDA and be able to publish." 1987 magazine ads described it as "the gateway to the latest technology...and your networking future," and 30 years later its release on GitHub includes sources and executables. "In concert with Gary Robertson and Rod Roark it has been decided to place all under GPL v3."

Read More...
posted about 4 hours ago on slashdot
"Could it turn out users actually prefer to trade a little CPU time to website owners in favor of them not showing ads?" writes phonewebcam, a long-time Slashdot reader. Slashdot covered the downside [of in-browser cryptocurrency mining] recently, with even [Portuguese professional sportsballer] Cristiano Ronaldo's official site falling victim, but that may not be the full story. This could be an ideal win-win situation, except for one huge downside -- the current gang of online advertisers. By "current gang of online advertisers," he means Google, according to a longer essay at LinkedIn: Naturally, the world's largest ad broker, which runs the world most popular browser (desktop and mobile) is keen to see how this plays out, and is also uniquely placed to be able to heavily influence it, too... As it happens, Chrome users can already do something about it via extensions, for example AntiMiner... If cryptocurrencies have a future - and that's a big if (look at China's Bitcoin ban) - it could well turn out that their role just took an unexpected turn.

Read More...
posted about 6 hours ago on slashdot
Business Insider reports: Tesla has created a customized insurance package, InsureMyTesla, that is cheaper than traditional plans because it factors in the vehicles' Autopilot safety features and maintenance costs. InsureMyTesla has been available in 20 countries, but Tesla just recently partnered with Liberty Mutual to make the plan available in the U.S. InsureMyTesla shows how the insurance industry is bound for disruption as cars get safer with self-driving tech. Electrek reports: There have been several false alarms over the past few years about Tesla building a factory in China. Earlier this year, Tesla finally confirmed working with the Shanghai government to establish a manufacturing facility in the region and promised an announcement by the end of the year. Now the Wall Street Journal reports that they have come to an agreement with the local authorities on a "wholly owned" factory in the region... China is already the biggest market for electric vehicles, or any vehicles for that matter, and Tesla profited from the demand by tripling its sales to over $1 billion in the country in 2016. Tesla continues to have strong sales in the country this year, where it leads foreign electric car sales with no close second.

Read More...
posted about 7 hours ago on slashdot
24 years after its release, NetBSD is getting a security upgrade -- specifically, Address Space Layout Randomization (ASLR). An anonymous reader writes: Support for Kernel ASLR was added on NetBSD-amd64 a few weeks ago. KASLR basically randomizes the address of the kernel, and makes it harder to exploit several classes of vulnerabilities [including privilege escalations and remote code execution]. It is still a work-in-progress, but it's already fully functional, and can be used following the instructions on this post from the NetBSD blog. It will be available starting from NetBSD 9, but may be backported to NetBSD 8 once it is stabilized. NetBSD says they're the first BSD system to support ASLR.

Read More...
posted about 8 hours ago on slashdot
An anonymous reader quotes Motherboard: There are nearly as many Canadians who use Facebook daily as there are people in this country who are registered to vote -- which is why the federal government is working with Facebook to protect its next federal election... Facebook is now facing perhaps its biggest test as it looks to curb foreign electoral interference and the rampant disinformation on its platform, both of which undermine the nature of democracy. Facebook Canada's election integrity project includes a partnership with a local digital news media literacy organization MediaSmarts, as well as a "cyberhygiene guide" that highlights particular vulnerabilities such as phishing and page-admin authentication. Facebook also has a crisis email line to help politicians and parties with hacking concerns... Kevin Chan, Facebook Canada's head of public policy, said the social media company is working on preventing bad actors from interfering with the democratic process. "At Facebook we take our responsibilities seriously," Chan said. "We don't want anyone to use our tools to undermine democracy." At the launch of "the Canadian Election Integrity Initiative," Canada's Minister of Democratic Institutions argued that social media sites "must begin to view themselves as actors in shaping the democratic discourse." The article points out Facebook "has promised to hire thousands of workers globally to help review flagged and suspicious content, as well as use machine learning to identify suspicious patterns of behavior on its platform."

Read More...
posted about 9 hours ago on slashdot
Two-factor authentication "protects from an attacker listening in right now," writes Slashdot reader szczys, "but in many case a database breach will negate the protections of two-factor." Hackaday reports: To fake an app-based 2FA query, someone has to know your TOTP password. That's all, and that's relatively easy. And in the event that the TOTP-key database gets compromised, the bad hackers will know everyone's TOTP keys. How did this come to pass? In the old days, there was a physical dongle made by RSA that generated pseudorandom numbers in hardware. The secret key was stored in the dongle's flash memory, and the device was shipped with it installed. This was pretty plausibly "something you had" even though it was based on a secret number embedded in silicon. (More like "something you don't know?") The app authenticators are doing something very similar, even though it's all on your computer and the secret is stored somewhere on your hard drive or in your cell phone. The ease of finding this secret pushes it across the plausibility border into "something I know", at least for me. The original submission calls two-factor authentication "an enhancement to password security, but good password practices are far and away still the most important of security protocols." (Meaning complex and frequently-changed passwords.)

Read More...
posted about 11 hours ago on slashdot
"One of my students sent me this letter," writes Slashdot reader Hasaf. "I have a good idea how I will answer, but I wanted to put it before the Slashdot community." The letter reads: Right now I am 14 years old, I was wondering when I should get a VPN... I was thinking about getting the yearly deal. But right now I really have no need for a VPN at the moment. I was thinking of getting a VPN when I'm in 11th grade or maybe in college. What do you think? Of course, the larger question is what factors go into deciding whether your need to be using a VPN. So leave your best answers in the comments. When should you get your first VPN?

Read More...
posted about 16 hours ago on slashdot
An anonymous reader quotes PCMag: In a Wednesday blog post, Redmond examined Google's browser security and took the opportunity to throw some shade at Chrome's security philosophy, while also touting the benefits of its own Edge browser. The post, written by Microsoft security team member Jordan Rabet, noted that Google's Chrome browser uses "sandboxing" and isolation techniques designed to contain any malicious code. Nevertheless, Microsoft still managed to find a security hole in Chrome that could be used to execute malicious code on the browser. The bug involved a Javascript engine in Chrome. Microsoft notified Google about the problem, which was patched last month. The company even received a $7,500 reward for finding the flaw. However, Microsoft made sure to point out that its own Edge browser was protected from the same kind of security threat. It also criticized Google for the way it handled the patching process. Prior to the patch's official rollout, the source code for the fix was made public on GitHub, a software collaboration site that hosts computer code. That meant attentive hackers could have learned about the vulnerability before the patch was pushed out to customers, Microsoft claimed. "In this specific case, the stable channel of Chrome remained vulnerable for nearly a month," the blog post said. "That is more than enough time for an attacker to exploit it." In the past Google has also disclosed vulnerabilities found in Microsoft products -- including Edge.

Read More...
posted about 18 hours ago on slashdot
"Researchers were able to use GPS data from an ad network to track a user to their actual location, and trace movements through town," writes phantomfive. Mashable reports: The idea is straightforward: Associate a series of ads with a specific individual as well as predetermined GPS coordinates. When those ads are served to a smartphone app, you know where that individual has been... It's a surprisingly simple technique, and the researchers say you can pull it off for "$1,000 or less." The relatively low cost means that digitally tracking a target in this manner isn't just for corporations, governments, or criminal enterprises. Rather, the stalker next door can have a go at it as well... Refusing to click on the popups isn't enough, as the person being surveilled doesn't need to do so for this to work -- simply being served the advertisements is all it takes. It's "an industry-wide issue," according to the researchers, while Mashable labels it "digital surveillance, made available to any and all with money on hand, brought to the masses by your friendly neighborhood Silicon Valley disrupters."

Read More...
posted about 21 hours ago on slashdot
An anonymous reader quotes Reuters: The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure. The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed by email late on Friday that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May. The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage. The objective of the attackers is to compromise organizational networks with malicious emails and tainted websites to obtain credentials for accessing computer networks of their targets, the report said. According to the report, the Department of Homeland Security "has confidence that this campaign is still ongoing and threat actors are actively pursuing their objectives over a long-term campaign."

Read More...
posted about 23 hours ago on slashdot
New York Times columnist Timothy Egan was part of the paper's Pulitzer Prize-winning team in 2001. Now he's written an op-ed arguing Amazon "took Seattle's soul." An anonymous reader writes: Since Amazon arrived "we've been overwhelmed by a future we never had any say over," Egan writes, with a message for cities competing to be the site of Amazon's next headquarters. Amazon now owns as much office space as Seattle's next 40 biggest employers combined, according to an analysis by the Seattle Times, "a mind-boggling 19 percent of all prime office space in the city, the most for any employer in a major U.S. city...more than twice as large as any other company in any other big U.S. city." Egan notes Amazon is offering 50,000 high-paying jobs and $5 billion worth of investments, "a once-in-a-century, destiny-shaping event," but "You think you can shape Amazon? Not a chance. It will shape you... What comes with the title of being the fastest growing big city in the country, with having the nation's hottest real estate market, is that the city no longer works for some people. For many others, the pace of change, not to mention the traffic, has been disorienting... [M]edian home prices have doubled in five years, to $700,000. This is not a good thing in a place where teachers and cops used to be able to afford a house with a water view... As a Seattle native, I miss the old city, the lack of pretense, and dinner parties that didn't turn into discussions of real estate porn. Wages have risen faster in Amazon's Seattle than anywhere else in America, and while Amazon changed the city's character, it also poured $38 billion into the city's economy. (Besides Amazon's own 40,000 employees, it also attracted another 50,000 new jobs.) "To the next Amazon lottery winner I would say, enjoy the boom," Egan concludes, "but be careful what you wish for."

Read More...
posted 1 day ago on slashdot
slash.jit shared an article from Futurism: Amazon has been granted a patent for an ambitious new method of maintaining a charge in electric vehicles. The company wants to use drones to allow drivers to top up their vehicles without having to visit a charging station. Drivers would request a top up from a central server, which would dispatch a charging drone to their location. The drone would then dock with the vehicle and start transferring power, without the car ever needing to come to a stop. This solution isn't meant to administer a full charge to the car's battery, it would only supply enough power to get the driver to a charging station, which are still in somewhat limited supply. "Amazon first applied for this patent back in June 2014," reports CNET, noting it was finally granted this month. "Like many other patents, there's no guarantee that Amazon will actually create a product based on the design. It could merely be an attempt to stop competitors from doing so."

Read More...
posted 1 day ago on slashdot
AmiMoJo writes: Suidobashi Heavy Industries and MegaBots agreed to test their piloted giant robots in combat a few years back, and the content is finally available on YouTube. It ended in a draw, with Japan decisively winning the first bout with a single punch and the US team winning the second thanks to a chainsaw weapon. There have been some complaints that the whole event felt scripted, but it's early days yet. ITMedia has a nice gallery of photos from the event. "The MegaBots team expressed hope for a formal fighting robot league in the future," reports CNBC.

Read More...
posted 1 day ago on slashdot
schwit1 brings news about an exiled Chinese billionaire with 500,000 followers on YouTube. The Washington Free Beacon reports:YouTube has suspended the video account of popular Chinese dissident Guo Wengui amid a mounting pressure from the Beijing government to silence one of its critics. According to a person familiar with the action, YouTube issued what the company calls a 'strike' against Guo, who since the beginning of the year has created an online sensation by posting lengthy videos in which he reveals details of corruption by senior Chinese officials. The suspension involves a 90-day block on any new live-stream postings of videos and was the result of a complaint made against a recent Guo video for alleged harassment. The identity of the person or institution who issued the complaint could not be learned... Other videos by Guo posted prior to the suspension remain accessible. The suspension coincides with this week's once-every-five-years congress of the Chinese Communist party to reveal which top officials will serve President Xi Jinping, according to Financial Times, adding that "China's choreographed politics is not designed for public participation or questioning."

Read More...
posted 1 day ago on slashdot
An anonymous reader writes: Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper, researchers estimate its current size at nearly two million infected devices. According to researchers, the botnet is mainly made up of IP-based security cameras, routers, network-attached storage (NAS) devices, network video recorders (NVRs), and digital video recorders (DVRs), primarily from vendors such as Netgear, D-Link, Linksys, GoAhead, JAWS, Vacron, AVTECH, MicroTik, TP-Link, and Synology. The botnet reuses some Mirai source code, but it's unique in its own right. Unlike Mirai, which relied on scanning for devices with weak or default passwords, this botnet was put together using exploits for unpatched vulnerabilities. The botnet's author is still struggling to control his botnet, as researchers spotted over two million infected devices sitting in the botnet's C&C servers' queue, waiting to be processed. As of now, the botnet has not been used in live DDoS attacks, but the capability is in there. Today is the one-year anniversary of the Dyn DDoS attack, the article points out, adding that "This week both the FBI and Europol warned about the dangers of leaving Internet of Things devices exposed online."

Read More...
posted 1 day ago on slashdot
"A trio of data scientists developed a betting strategy to beat bookmakers at football games," writes austro. [The game Americans call soccer.] New Scientist reports: The team studied 10 years' worth of data on nearly half a million football matches and the associated odds offered by 32 bookmakers between January 2005 and June 2015. When they applied their strategy in a simulation, they made a return of 3.5 per cent. Making bets randomly resulted in a loss of 3.32 per cent. Then the team decided to try betting for real. They developed an online tool that would apply their odds-averaging formula to upcoming football matches. When a favorable opportunity arose, a member of the team would email Kaunitz and his wife, one of whom then placed a bet. They kept this up for five months, placing $50 bets around 30 times a week. And they were winning. After five months the team had made a profit of $957.50 -- a return of 8.5 per cent. But their streak was cut short. Following a series of several small wins, the trio were surprised to find that their accounts had been limited, restricting how much they could bet to as little as $1.25. The gambling industry has long restricted players who appear to show an edge over the house, says Mark Griffiths at Nottingham Trent University, UK. The paper "illustrates how the sports gambling industry compensates market inefficiencies with discriminatory practices against successful clients," adds austro, noting that the researchers posted a paper explaining their methodology on arxiv last week. "They also made the dataset and source code available on github. And best of all, they made an online publicly available dashboard that shows a live list of bet recommendations on football matches based on their strategy here or here for anyone to try."

Read More...
posted 1 day ago on slashdot
An anonymous reader quotes Mashable: Google, in collaboration with bug bounty platform HackerOne, has launched the Google Play Security Reward Program, which promises $1,000 to anyone who can identify security vulnerabilities in participating Google Play apps. Thirteen apps are currently participating, including Tinder, Duolingo, Dropbox, Snapchat, and Headspace... If you find a security vulnerability in one of the participating apps, you can report that vulnerability to the developer, and work with them to fix it. When the problem has been resolved, the Android Security team will pay you $1,000 as a reward, on top of any reward you get from the app developer. Google will be collecting data on the vulnerabilities and sharing it (anonymized) with other developers who may be exposed to the same problems. For HackerOne, it's about attracting more and better participants in bounty programs.

Read More...
posted 1 day ago on slashdot
Here's some surprising news from the Akamia Edge conference. chicksdaddy writes: [E]xecutives at some of the U.S.'s leading corporations agreed that the much maligned password won't be abandoned any time soon, even as data breaches and follow-on attacks make passwords more susceptible than ever to abuse, the Security Ledger reports. "We reached the end of needing passwords maybe seven years ago, but we still use them," said Steve Winterfeld, Director of Cybersecurity, at clothing retailer Nordstrom. "They're still the primary layer of defense." "It's hard to kill them," noted Shalini Mayor, who is a Senior Director at Visa Inc. "The question is what to replace them with." This, even though the cost of using passwords is high and getting higher, as sophisticated attacks attempt to compromise legitimate accounts using so-called "credential stuffing" techniques, which use automated password guessing attacks against web-based applications... Stronger and more reliable alternatives to passwords already exist, but the obstacles to using them are often prohibitive. Shalani Mayor said Visa is "looking at" biometric technologies like Apple's TouchID as a tool for making payments securely. Such technologies -- from fingerprint scans to facial and retinal scans -- promise more secure and reliable factors than alphanumeric passwords, the executives agreed. But customers often resist the technologies or find them error prone or too difficult to use.

Read More...
posted 1 day ago on slashdot
An anonymous reader quotes Ars Technica: [O]ne of the most prominent institutions, New York's Flatiron School, will be shelling out $375,000 to settle charges brought by New York Attorney General Eric Schneiderman's office. The AG said the school operated for a period without the proper educational license, and it improperly marketed both its job placement rates and the salaries of its graduates. New York regulators didn't find any inaccuracies in Flatiron's "outcomes report," a document the company is proud of. However, the Attorney General's office found that certain statements made on Flatiron's website didn't constitute "clear and conspicuous" disclosure. For instance, Flatiron claimed that 98.5 percent of graduates were employed within 180 days of graduation. However, only by carefully reading the outcomes report would one find that the rate included not just full-time employees, but apprentices, contract workers, and freelancers. Some of the freelancers worked for less than 12 weeks. The school also reported an average salary of $74,447 but didn't mention on its website that the average salary claim only applied to graduates who achieved full-time employment. That group comprised only 58 percent of classroom graduates and 39 percent of those who took online courses. The school's courses last 12 to 16 weeks, and cost between $12,000 and $15,000, according to a statement from the attorney general's office [PDF]. (Or $1,500 a month for an onine coding class). Eligible graduate can claim their share of the $375,000 by filing a complaint within the next thee months.

Read More...
posted 1 day ago on slashdot
An anonymous reader quotes Ars Technica: [O]ne of the most prominent institutions, New York's Flatiron School, will be shelling out $375,000 to settle charges brought by New York Attorney General Eric Schneiderman's office. The AG said the school operated for a period without the proper educational license, and it improperly marketed both its job placement rates and the salaries of its graduates. New York regulators didn't find any inaccuracies in Flatiron's "outcomes report," a document the company is proud of. However, the Attorney General's office found that certain statements made on Flatiron's website didn't constitute "clear and conspicuous" disclosure. For instance, Flatiron claimed that 98.5 percent of graduates were employed within 180 days of graduation. However, only by carefully reading the outcomes report would one find that the rate included not just full-time employees, but apprentices, contract workers, and freelancers. Some of the freelancers worked for less than 12 weeks. The school also reported an average salary of $74,447 but didn't mention on its website that the average salary claim only applied to graduates who achieved full-time employment. That group comprised only 58 percent of classroom graduates and 39 percent of those who took online courses. The school's courses last 12 to 16 weeks, and cost between $12,000 and $15,000, according to a statement from the attorney general's office [PDF]. (Or $1,500 a month for an onine coding class). Eligible graduate can claim their share of the $375,000 by filing a complaint within the next thee months.

Read More...
posted 1 day ago on slashdot
The former Executive Director of the Free Software Foundation -- and Slashdot user #41121 -- contacted Slashdot with this announcement. bkuhn -- now president of the Software Freedom Conservancy -- writes: Software Freedom Conservancy, home of the GPL Compliance Project for Linux Developers, publicly applauded today the proposal of the Linux Kernel Enforcement Statement, which adds a per-copyright-holder-opt-in additional permission to the termination provisions of Linux's GPLv2-only license. It apparently addresses a developer who "made claims based on ambiguities in the GPL-2.0 that no one in our community has ever considered part of compliance," according to a statement from some of the kernel developers who drafted the statement. While the kernel community has always supported enforcement efforts to bring companies into compliance, we have never even considered enforcement for the purpose of extracting monetary gain... [W]e are aware of activity that has resulted in payments of at least a few million Euros. We are also aware that these actions, which have continued for at least four years, have threatened the confidence in our ecosystem. Because of this, and to help clarify what the majority of Linux kernel community members feel is the correct way to enforce our license, the Technical Advisory Board of the Linux Foundation has worked together with lawyers in our community, individual developers, and many companies that participate in the development of, and rely on Linux, to draft a Kernel Enforcement Statement to help address both this specific issue we are facing today, and to help prevent any future issues like this from happening again. It adopts the same termination provisions we are all familiar with from GPL-3.0 as an Additional Permission giving companies confidence that they will have time to come into compliance if a failure is identified.

Read More...