How closely did you follow the news about Linux and free and open source software this week? You can get an idea about how well informed you are (and have some fun in the process) by taking our weekly FOSS News Quiz. Once you’re done, scroll down to the comments section and let us know how you did!
Yay you! If we could afford it, we’d give you a prize.
Oh, well. Come back next week. Maybe you’ll do better.
#1. What Linux distribution is considered to be the official distribution of China?
The answer is Kylin, which made this week’s news quiz because of an excellent article Liam Proven wrote for The Register.
Actually, when our crackpot team of investigators got to work on this, they discovered the distro seems to be a little confusing, because there are actually three (maybe four) versions of Kylin.
There’s Kylin, the original distro that since 2001 has been developed by academics at the National University of Defense Technology in the People’s Republic of China. This distro actually started life as a FreeBSD-based operating system that switched to Linux when it reached its 3.0 release. In 2009, the Washington Times reported that Kevin G. Coleman, a private security specialist advising the U.S. on cybersecurity, told the U.S. China Economic and Security Review Commission that the distro was a hardened OS, designed by China’s government for waging cyberwarfare on the U.S.
Then there’s NeoKylin, that got started in 2010 when China Standard Software and the National University of Defense Technology signed a strategic partnership to launch a new version of Kylin. This one is our bet to be the “official” official version, as from the beginning it was intended for use by government offices, national defense, energy and other sectors of the Chinese economy.
By 2019, ZDNet said, NeoKylin was shipping on almost all computers sold in China, and that Kylin and NeoKylin had a 90% share of the Chinese computer market.
Then there’s Ubuntu Kylin, which started in 2013 when Canonical reached an agreement with the Ministry of Industry and Information Technology of the People’s Republic of China to release a Ubuntu-based Linux OS with features targeted at the Chinese market.
#2. What browser this week patched high-severity 0-day, its 6th of the year?
The answer is Google’s Chrome. According to Google, the vulnerability was the result of “insufficient data validation in Mojo,” a Chrome component for messaging across inter- and intra-process boundaries that exist between the browser and the operating system. Ars Technica said that Microsoft’s Edge browser has also patched to fix the same flaw.
#3. What tech company said on Saturday that it has quit providing security services to Kiwifarms after a large public outcry?
Kiwifarms is an online forum whose users seem to be people who would be right at home hanging with the Gamergate people. After a week or more of public pressure, CloudFlare announced that it was cutting support for the website, which Wired said effectively puts the site out of business. We’ll see.
#4. What U.S. federal agency this week sued Kochava, a location data broker, in part because the data it sells can easily be linked to identifiable people?
It’s the Federal Trade Commission.
In a blog applauding the move, Electronic Frontiers Foundation said:
“The FTC explains that the same data can be used to identify people who visit houses of worship, domestic violence shelters, homeless shelters, and addiction recovery centers. Such invasions of location privacy expose people, in the words of the FTC, to ‘stigma, discrimination, physical violence, emotional distress, and other harms.’
“The FTC Act bans ‘unfair or deceptive acts or practices in or affecting commerce.’ Under the Act, a practice is ‘unfair’ if: (1) the practice ‘is likely to cause substantial injury to consumers’; (2) the practice ‘is not reasonably avoidable by consumers themselves’; and (3) the injury is ‘not outweighed by countervailing benefits to consumers or to competition.'”
#5. What popular website that reports on tech related political and legal issues is celebrating its 25 birthday today?
It’s Techdirt. The website announced that its celebration would be today. Sorry, you missed it already.
#6. The new owner of what politically focused website sent the Washington Post an email in 2020 saying of Trump, "No American administration in the last 50 years has done more" defending free democracies from Russia and China?
The email was from Mathias Döpfner, whose company bought Politico several months back. You can read more in this Washington Post article.
#7. Trend Micro said this week that ransomware attackers will increasingly target which of the following?
It’s Linux and embedded systems.
Trend Micro said it recorded a double-digit year-on-year increase in attacks on these systems in the first half of 2022.
#8. Which fundraising site this week reportedly fired its entire security staff?
Richi Jennings, who pens SB Blogwatch for Security Boulevard, wrote:
“The firm, which is still doing business in Russia, simply calls it “a strategic shift” (which seems to be corporate mumbo-jumbo for “cheaper outsourcing”). But infosec experts call it a ‘nightmare’ caused by an ‘untrustworthy’ company that’s ‘just put a massive target on its back.’
“And there’s an unsubstantiated rumor that Patreon has been hacked again.”