Telefonieren im Flugzeug immer noch wenig gewünscht
Lediglich 14 Prozent der Flugpassagiere wünschen sich, an Bord telefonieren zu können. Die meisten sind entweder dagegen oder es ist ihnen egal.
Quelle: Heise Tech News
Early-Access-Hit Playerunknown’s Battlegrounds bei 5 Millionen Spielern
Das Spieler-Wachstum bei Playerunknown's Battlegrounds kennt kein Ende: Mittlerweile spielen knapp 5 Millionen Spieler den Mehrspieler-Actiontitel.
Quelle: Heise Tech News
Bundestrojaner: Österreich will Staatshackern Wohnungseinbrüche erlauben
Nach Deutschland will auch Österreich den Einsatz von Bundestrojanern neu regeln. Dabei dürfen die dortigen Ermittler nicht nur Sicherheitslücken nutzen, um die Programme zu installieren. (Onlinedurchsuchung, Instant Messenger)
Quelle: Golem
Airbnb, Uber, And Ola May Start Using Aadhaar, India’s Controversial Biometric Identity System
An Indian visitor gives a thumb impression to withdraw money from his bank account with his Aadhaar card in January 2017.
Noah Seelam / AFP / Getty Images
Airbnb, the ride-hailing giant Uber, and its Indian rival Ola are exploring the option of adding Aadhaar, India’s controversial biometric identity system, to their products and services in the country, BuzzFeed News has learned. Uber and Ola are considering using Aadhaar to verify the identities of drivers, while Airbnb is exploring using the system to authenticate Indian hosts, sources at all three companies told BuzzFeed News. They spoke under the condition of anonymity because they were not authorized to speak on the matter.
India’s Aadhaar system is a centralized, government-sanctioned database containing fingerprints, iris scans, and demographic information, such as the names, dates of birth, genders, addresses, mobile numbers, of nearly 90% of India’s 1.3 billion people. It’s the first national ID database of this scale anywhere in the world. But it’s attracted scrutiny from critics who say it enables the government and private companies to mass surveil India’s residents and poses a serious threat to privacy, especially since India does not have any privacy or data protection laws.
Aadhaar’s creator Nandan Nilekani, an Indian billionaire and former CEO of IT services giant Infosys, has called it a “turbocharged version of the Social Security number”, a definition that critics disagree with because the Aadhaar number is intrinsically and permanently linked to fingerprints and iris scans unlike the Social Security number.
In February, Microsoft became the first Western company to announce that it would plug Skype Lite, a stripped down version of Skype, into the Aadhaar database, drawing criticism from India’s privacy activists.
Companies can use Aadhaar in two ways. The first one lets them use someone’s fingerprint or iris scans, or their 12-digit Aadhaar number, which is further validated with a one-time password sent to their mobile number to verify their identity. This is how Microsoft uses Aadhaar in Skype Lite. The second way lets them use a person’s Aadhaar-verified identity to download their demographic information from the Aadhaar database. Doing this saves companies time and money by eliminating cumbersome paperwork.
Airbnb is considering using Aadhaar to verify hosts’ identities on its platform in India and is currently testing it “with a limited universe of hosts,” an Airbnb spokesperson told BuzzFeed News. The spokesperson said no final decisions have been made. During the test, these hosts in India will have a choice as to whether they want to provide Aadhaar as their method of verification. “Identity verification is important to the safety and security of our community. We are exploring a number of different ways for our community in India to verify they are who they say they are, including potentially using Aadhaar,” the spokesperson said. This means that Airbnb will not actually collect users’ demographic information using their Aadhaar. The company will simply use their Aadhaar number to validate their identities against the Aadhaar database.
Ola and Uber are planning to use Aadhaar to verify drivers’ identities and collect their demographic data, since they want to have this information on file.
Ola and Uber are planning to use Aadhaar to verify drivers’ identities and collect their demographic data, since they want to have this information on file, sources told BuzzFeed News. According to sources at Ola, the company plans to make Aadhaar authentication mandatory for all new drivers who sign up for the platform starting on Wednesday. Sources also told BuzzFeed News that Ola’s existing drivers will need to start visiting Ola’s driver onboarding centers starting next week to scan their fingerprints and re-authenticate themselves using the Aadhaar system. Ola will terminate drivers who fail to do this by a yet-to-be-decided deadline, sources told BuzzFeed News.
Ola decided to validate its drivers’ identities after an Ola driver kidnapped a passenger for ransom in New Delhi on July 7, sources familiar with the matter said. According to reports, the driver signed up to drive for Ola using forged ID documents, making it hard for police to track him down. Ola hopes that mandating drivers to authenticate using their fingerprints would prevent this from happening again, said a source.
Ola did not respond to BuzzFeed News’ requests for comment.
A top Uber executive told BuzzFeed News in May that the company was “seriously looking” at onboarding drivers using Aadhaar. At that time, the executive said that Uber would not make Aadhaar authentication mandatory for its drivers in India. But it’s unclear how Uber’s plans for Aadhaar implementation in India have developed since then. Uber declined to respond to BuzzFeed News’ follow-up questions.
Validating identities and doing background checks for drivers has been an important part both Uber and Ola’s onboarding processes after media reports that Uber had done neither for a driver who raped a passenger in New Delhi in December 2014. The subsequent backlash forced both companies to step up driver verification standards. Both companies now require drivers in India to submit half a dozen documents, including a driver's license and proof of address when they sign up to drive. Drivers are also subject to additional verification by local authorities to ensure they have no criminal records.
Using Aadhaar would help these companies speed up the identification process. But experts say that Aadhaar isn’t foolproof. “Aadhaar itself isn’t [robust] as proof of someone’s identity,” said Kiran Jonnalagadda, co-founder of the Internet Freedom Foundation, a volunteer-driven organization in Bangalore that works on online privacy and encryption issues in India. That’s because demographic data in the Aadhaar database is often only as good as the documents someone provides when signing up for an Aadhaar number in the first place. If you didn’t have existing documentation to validate your date of birth, name, or addresses — and millions of Indians don’t — placeholders and estimates are used to fill in those details against your Aadhaar number in the database. That makes Aadhaar a system that’s “fairly forgiving of the quality of documents,” said Jonnalagadda. In 2015, for instance, a man was able to get an Aadhaar card for his dog.
India’s Aadhaar project kicked off in 2009 and was envisioned as a voluntary identity system meant to crack down on identity fraud in the country’s notoriously corrupt welfare system. But over the years, an Aadhaar number has become effectively mandatory to access an increasing number of government services, such as getting subsidized foodgrain and paying taxes, as well as private services, such as signing up for cellphone service or opening a bank account. Critics say that Aadhaar enables the government to create a holistic profile of an individual because it is linked to databases owned by both the government and private companies. For example, Jio, India’s newest mobile carrier, has been using Aadhaar to quickly sign up new customers (and download their demographic data) using just their fingerprints.
“I think it’s problematic that such an extensive ecosystem is being built around Aadhaar, whether by Indian startups or Western companies, while a comprehensive privacy law remains non-existent in India,” said Anja Kovacs, director of the Internet Democracy Product, an organization that works on issues of free speech, democracy, and social justice on the internet in India.
Kovacs says that companies using Aadhaar to download people’s demographic data is particularly problematic because these new, privately controlled databases are full of sensitive information that could be compromised or stolen. Unlike the European Union that places companies under stringent data protection standards, there is no law in India that mandates companies from notifying customers about any privacy breaches. Earlier this month, the personal details of an undisclosed number of Jio customers were leaked onto the internet. Aadhaar numbers were not part of the data dump, but the leak showed that Jio’s databases are susceptible to hackers.
“The data we have given to the government is now spread across a number of private entities without any strong privacy protections being in place,” Kovacs told BuzzFeed News.
Uber and Ola did not respond to questions about whether they had systems in place to protect drivers’ demographic information.
On Wednesday, a panel of nine Indian Supreme Court judges will hear to decide if Indians have a fundamental right to privacy. The move was prompted by 20 pleas in the Supreme Court challenging the constitutional validity of Aadhaar.
Quelle: <a href="Airbnb, Uber, And Ola May Start Using Aadhaar, India’s Controversial Biometric Identity System“>BuzzFeed
Elektromobilität: Shell stellt Ladesäulen an Tankstellen auf
Verbrennungsautos tanken, Elektroautos laden: Der Ölkonzern Shell denkt in die Zukunft und stellt an einigen Tankstellen Ladesäulen für E-Autos auf. (Elektroauto, Auto)
Quelle: Golem
Facebook will Bezahlfunktion für journalistische Inhalte testen
Facebook hat die Absicht, eine Paywall zu errichten: Im Oktober testet das soziale Netzwerk einen kostenpflichtigen Aboservice für journalistische Inhalte. Die Nutzer können pro Monat zehn Artikel kostenlos lesen – dann senkt sich die Bezahlschranke.
Quelle: Heise Tech News
Apple-ID: Polizei warnt vor neuer Phishing-Welle
Mit gefälschten E-Mails und Webseiten wollen Kriminelle Zugangsdaten von Apple-Nutzern erschleichen. Die Phishing-Seiten setzen auf "gute Optik" und geben sich durch https-Verschlüsselung einen seriösen Anschein, warnt die Polizei Niedersachsen.
Quelle: Heise Tech News
Mira Prism: Augmented-Reality-Brille für 100 US-Dollar
Der Brillenaufsatz Mira Prism soll Nutzern einen preisgünstigen Einstieg in die Welt der Augmented Reality bieten. Als Display dient ein iPhone, dessen Bild an eine Glasscheibe reflektiert wird.
Quelle: Heise Tech News
Sicherheitslücke in Axis-Überwachungskamera mit Breitenwirkung
"So schwer auszurotten wie Efeu" beschreiben Forscher eine Sicherheitslücke, die sie ursprünglich in einer Überwachungskamera entdeckt haben. Betroffen sind möglicherweise Millionen von Geräten.
Quelle: Heise Tech News
Demystifying the Open Container Initiative (OCI) Specifications
The Open Container Initiative (OCI) announced the completion of the first versions of the container runtime and image specifications this week. The OCI is an effort under the auspices of the Linux Foundation to develop specifications and standards to support container solutions. A lot of effort has gone into the building of these specifications over the past two years. With that in mind, let’s take a look at some of the myths that have arisen over the past two years.
Myth #1: The OCI is a replacement for Docker
Standards are important, but they are far from a complete production platform. Take for example, the World Wide Web. It has evolved over the last 25 years and was built on core dependable standards like TCP/IP, HTTP and HTML. Using TCP/IP as an example, when enterprises coalesced around TCP/IP as a common protocol, it fueled the growth of routers and in particular – Cisco. However, Cisco became a leader in its market by focusing on differentiated features on its routing platform. We believe the parallel exists with the OCI specifications and Docker.
Docker is a complete production platform for developing, distributing, securing and orchestrating container-based solutions. The OCI specification is used by Docker, but it represents only about five percent of our code and a small part of the Docker platform concerned with the runtime behavior of a container and the layout of a container image.
Myth #2: Products and projects already are certified to the OCI specifications
The runtime and image specifications have just released as 1.0 this week. However, the OCI certification program is still in development so companies cannot claim compliance, conformance or compatibility until certification is formally rolled out later this year.
The OCI certification working group is currently defining the standard so that products and open source projects can demonstrate conformance to the specifications. Standards and specifications are important for engineers implementing solutions, but formal certification is the only way to reassure customers that the technology they are working with is truly conformant to the standard.
Myth #3: Docker doesn’t support the OCI specifications work
Docker has a long history with contributing to the OCI. We developed and donated a majority of the OCI code and have been instrumental in defining the OCI runtime and image specifications as maintainers of the project. When the Docker runtime and image format quickly became the de facto standards after being released as open source in 2013, we thought it would be beneficial to donate the code to a neutral governance body to avoid fragmentation and encourage innovation. The goal was to provide a dependable and standardized specification so Docker contributed runc, a simple container runtime, as the basis of the runtime specification work, and later contributed the Docker V2 image specification as the basis for the OCI image specification work.
Docker developers like Michael Crosby and Stephen Day have been key contributors from the beginning of this work, ensuring Docker’s experience hosting and running billions of container images carries through to the OCI. When the certification working group completes its work, Docker will bring its products through the OCI certification process to demonstrate OCI conformance.
Myth #4: The OCI specifications are about Linux containers
There is a misperception that the OCI is only applicable to Linux container technologies because it is under the aegis of the Linux Foundation. The reality is that although Docker technology started in the Linux world, Docker has been collaborating with Microsoft to bring our container technology, platform and tooling to the world of Windows Server. Additionally, the underlying technology that Docker has donated to the OCI is broadly applicable to multi-architecture environments including Linux, Windows and Solaris and covers x86, ARM and IBM zSeries.
Myth #5: Docker was just one of many contributors to the OCI
The OCI as an organization has a lot of supporting members representing the breadth of the container industry. That said, it has been a small but dedicated group of individual technologists that have contributed the time and technology to the efforts that have produced the initial specifications. Docker was a founding member of the OCI, contributing the initial code base that would form the basis of the runtime specification and later the reference implementation itself. Likewise, Docker contributed the Docker V2 Image specification to act as the basis of the OCI image specification.
Myth #6: CRI-O is an OCI project
CRI-O is an open source project in the Kubernetes incubator in the Cloud Native Computing Foundation (CNCF) – it is not an OCI project. It is based on an earlier version of the Docker architecture, whereas containerd is a direct CNCF project that is a larger container runtime that includes the runc reference implementation. containerd is responsible for image transfer and storage, container execution and supervision, and low-level functions to support storage and network attachments. Docker donated containerd to the CNCF with the support of the five largest cloud providers: Alibaba Cloud, AWS, Google Cloud Platform, IBM Softlayer and Microsoft Azure with a charter of being a core container runtime for multiple container platforms and orchestration systems.
Myth #7: The OCI specifications are now complete
While the release of the runtime and image format specifications is an important milestone, there’s still work to be done. The initial scope of the OCI was to define a narrow specification on which developers could depend for the runtime behavior of a container, preventing fragmentation in the industry, and still allowing innovation in the evolving container domain. This was later expanded to include a container image specification.
As the working groups complete the first stable specifications for runtime behavior and image format, new work is under consideration. Ideas for future work include distribution and signing. The next most important work for the OCI, however, is delivering on a certification process backed by a test suite now that the first specifications are stable.
Learn more about OCI and Open Source at Docker:
Read the blog post about the OCI Release of v1.0 Runtime and Image Format Specifications
Visit the Open Container Initiative website
Visit the Moby Project website
Attend DockerCon Europe 2017
Attend the Moby Summit LA alongside OSS NA
7 things to know about v1.0 of the #OCI runtime and image specifications Click To Tweet
The post Demystifying the Open Container Initiative (OCI) Specifications appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/
