Tag Archives: education

Surge of Threatening Piracy Letters Concerns Finnish Authorities

Post Syndicated from Ernesto original https://torrentfreak.com/massive-surge-in-threatening-piracy-letters-concerns-finnish-authorities-170726/

finlandStarting three years ago, copyright holders began sending out thousands of settlement letters to alleged pirates in Finland, a practice often described as copyright trolling.

In a country with a population of just over five million, copyright holders have cast their net wide. According to local reports, Internet providers handed over details of one hundred thousand customers last year alone.

This practice has not been without controversy. As the settlement letters were sent out, recipients – including some pensioners – started to complain. Many of the accused denied downloading any pirated material but felt threatened by the letters.

Thus far, complaints have been filed with the Market Court, the Finnish Communications Regulatory Authority, the Consumer Authority, and the Ministry of Education and Culture.

In May, the Ministry of Education set up a working group to create a set of ‘best practices’ for copyright enforcement. The working group includes, among others, Internet providers, and outfits that are involved in sending the influx of settlement letters.

Anna Vuopala, a Government’s counselor at the Ministry of Education and Culture, told Kauppaleht that rightsholders should act within the boundaries of the law.

“We strive to create good practices [for copyright enforcement] and eliminate practices that are contrary to law,” says Vuopala, who’s leading the working group.

If the parties involved can’t reach an agreement on how to proceed, the Government considers changing existing copyright law to defuse the situation. What these changes could be is unclear at this point.

Earlier this year the Finnish market court already dealt a blow to local copyright trolls. In a unanimous ruling, seven judges ruled that the privacy of alleged BitTorrent pirates outweighs the evidence provided by the rightsholders.

While it was clear that copyright infringement was taking place, the rightsholders failed to show that it was significant enough to hand over the requested personal details.

Although this decision supports the rights of those who are falsely accused, the Government believes that a set of good practices is still needed to prevent future excesses and controversy.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Introducing Our Content Director: Roderick

Post Syndicated from Yev original https://www.backblaze.com/blog/introducing-content-director-roderick/

As Backblaze continues to grow, and as we go down the path of sharing our stories, we found ourselves in need of someone that could wrangle our content calendar, write blog posts, and come up with interesting ideas that we could share with our readers and fans. We put out the call, and found Roderick! As you’ll read below he has an incredibly interesting history, and we’re thrilled to have his perspective join our marketing team! Lets learn a bit more about Roderick, shall we?

What is your Backblaze Title?
Content Director

Where are you originally from?
I was born in Southern California, but have lived a lot of different places, including Alaska, Washington, Oregon, Texas, New Mexico, Austria, and Italy.

What attracted you to Backblaze?
I met Gleb a number of years ago at the Failcon Conference in San Francisco. I spoke with him and was impressed with him and his description of the company. We connected on LinkedIn after the conference and I ultimately saw his post for this position about a month ago.

What do you expect to learn while being at Backblaze?
I hope to learn about Backblaze’s customers and dive deep into the latest in cloud storage and other technologies. I also hope to get to know my fellow employees.

Where else have you worked?
I’ve worked for Microsoft, Adobe, Autodesk, and a few startups. I’ve also consulted to Apple, HP, Stanford, the White House, and startups in the U.S. and abroad. I mentored at incubators in Silicon Valley, including IndieBio and Founders Space. I used to own vineyards and a food education and event center in the Napa Valley with my former wife, and worked in a number of restaurants, hotels, and wineries. Recently, I taught part-time at the Culinary Institute of America at Greystone in the Napa Valley. I’ve been a partner in a restaurant and currently am a partner in a mozzarella di bufala company in Marin county where we have about 50 water buffalo that are amazing animals. They are named after famous rock and roll vocalists. Our most active studs now are Sting and Van Morrison. I think singing “a fantabulous night to make romance ‘neath the cover of October skies” works for Van.

Where did you go to school?
I studied at Reed College, U.C. Berkeley, U.C. Davis, and the Università per Stranieri di Perugia in Italy. I put myself through college so was in and out of school a number of times to make money. Some of the jobs I held to earn money for college were cook, waiter, dishwasher, bartender, courier, teacher, bookstore clerk, head of hotel maintenance, bookkeeper, lifeguard, journalist, and commercial salmon fisherman in Alaska.

What’s your dream job?
I think my dream would be having a job that would continually allow me to learn new things and meet new challenges. I love to learn, travel, and be surprised by things I don’t know.

I love animals and sometimes think I should have become a veterinarian.

Favorite place you’ve traveled?
I lived and studied in Italy, and would have to say the Umbria region of Italy is perhaps my favorite place. I also worked in my father’s home country of Austria, which is incredibly beautiful.

Favorite hobby?
I love foreign languages, and have studied Italian, French, German, and a few others. I am a big fan of literature and theatre and read widely and have attended theatre productions all over the world. That was my motivation to learn other languages—so I could enjoy literature and theatre in the languages they were written in. I started scuba diving when I was very young because I wanted to be Jacques-Yves Cousteau and explore the oceans. I also sail, motorcycle, ski, bicycle, hike, play music, and hope to finish my pilot’s license someday.

Coke or Pepsi?
Red Burgundy

Favorite food?
Both my parents are chefs, so I was exposed to a lot of great food growing up. I would have to give more than one answer to that question: fresh baked bread and bouillabaisse. Oh, and white truffles.

Not sure we’ll be able to stock our cupboards with Red Burgundy, but we’ll see what our office admin can do! Welcome to the team!

The post Introducing Our Content Director: Roderick appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Top 10 Most Pirated Movies of The Week on BitTorrent – 07/24/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-072417/

This week we have two newcomers in our chart.

The Mummy is the most downloaded movie for the second week in a row.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (1) The Mummy 2017 (Subbed HDRip) 5.8 / trailer
2 (2) Ghost In the Shell 6.8 / trailer
3 (…) Going In Style 6.8 / trailer
4 (3) The Boss Baby 6.5 / trailer
5 (…) Spider-Man: Homecoming (HDTS) 8.0 / trailer
6 (5) Despicable Me 3 (HDTS) 6.7 / trailer
7 (6) Wonder Woman (Subbed HDrip) 8.2 / trailer
8 (…) S.W.A.T.: Under Siege ?.? / trailer
9 (4) Alien Covenant (Subbed HDrip) 6.7 / trailer
10 (7) Kong: Skull Island 6.9 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Teaching with Raspberry Pis and PiNet

Post Syndicated from Janina Ander original https://www.raspberrypi.org/blog/teaching-pinet/

Education is our mission at the Raspberry Pi Foundation, so of course we love tools that help teachers and other educators use Raspberry Pis in a classroom setting. PiNet, which allows teachers to centrally manage a whole classroom’s worth of Pis, makes administrating a fleet of Pis easier. Set up individual student accounts, install updates and software, share files – PiNet helps you do all of this!

Caleb VinCross on Twitter

The new PiNet lab up and running. 30 raspberry pi 3’s running as fat clients for 600 + students. Much thanks to the PiNet team! @PiNetDev.

PiNet developer Andrew

PiNet was built and is maintained by Andrew Mulholland, who started work on this project when he was 15, and who is also one of the organisers of the Northern Ireland Raspberry Jam. Check out what he says about PiNet’s capabilities in his guest post here.

PiNet in class

PiNet running in a classroom

PiNet, teacher’s pet

PiNet has been available for about two years now, and the teachers using it are over the moon. Here’s what a few of them say about their experience:

We wanted a permanently set up classroom with 30+ Raspberry Pis to teach programming. Students wanted their work to be secure and backed up and we needed a way to keep the Pis up to date. PiNet has made both possible and the classroom now required little or no maintenance. PiNet was set up in a single day and was so successful we set up a second Pi room. We now have 60 Raspberry Pis which are used by our students every day. – Rob Jones, Secondary School Teacher, United Kingdom

AKS Computing on Twitter

21xRaspPi+dedicated network+PiNet server+3 geeks = success! Ready to test with a full class.

I teach Computer Science at middle school, so I have 4 classes per day in my lab, sharing 20 Raspberry Pis. PiNet gives each student separate storage space. Any changes to the Raspbian image can be done from my dashboard. We use Scratch, Minecraft Pi, Sonic Pi, and do physical computing. And when I have had issues, or have wanted to try something a little crazy, the support has been fabulous. – Bob Irving, Middle School Teacher, USA

Wolf Math on Twitter

We’re starting our music unit with @deejaydoc. My CS students are going through the @Sonic_Pi turorial on @PiNetDev.

I teach computer classes for about 600 students between the ages of 5 and 13. PiNet has really made it possible to expand our technology curriculum beyond the simple web-based applications that our Chromebooks were limited to. I’m now able to use Arduino boards to do basic physical computing with LEDs and sensors. None of this could have happened without PiNet making it easy to have an affordable, stable, and maintainable way of managing 30 Linux computers in our lab. – Caleb VinCross, Primary School Teacher, USA

More for educators

If you’re involved in teaching computing, be that as a professional or as a volunteer, check out the new free magazine Hello World, brought to you by Computing At School, BCS Academy of Computing, and Raspberry Pi working in partnership. It is written by educators for educators, and available in print and as a PDF download. And if you’d like to keep up to date with what we are offering to educators and learners, sign up for our education newsletter here.

Are you a teacher who uses Raspberry Pis in the classroom, or another kind of educator who has used them in a group setting? Tell us about your experience in the comments below.

The post Teaching with Raspberry Pis and PiNet appeared first on Raspberry Pi.

Top 10 Most Pirated Movies of The Week on BitTorrent – 07/17/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-071717/

This week we have two newcomers in our chart.

The Mummy, which came out as a subbed HDRip last week, is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (9) The Mummy 2017 (Subbed HDRip) 5.8 / trailer
2 (2) Ghost In the Shell 6.8 / trailer
3 (10) The Boss Baby 6.5 / trailer
4 (1) Alien Covenant (Subbed HDrip) 6.7 / trailer
5 (4) Despicable Me 3 (HDTS) 6.7 / trailer
6 (5) Wonder Woman (Subbed HDrip) 8.2 / trailer
7 (3) Kong: Skull Island 6.9 / trailer
8 (7) The Fate of the Furious 6.7 / trailer
9 (…) Going in Style 7.2 / trailer
10 (6) King Arthur: Legend of the Sword 7.2 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Just How Risky is Internet Piracy in 2017?

Post Syndicated from Andy original https://torrentfreak.com/just-how-risky-is-internet-piracy-in-2017-170715/

The world’s largest entertainment companies in the spheres of music, movies, and gaming would jump for joy if the Internet piracy phenomenon came to a crashing halt tomorrow. (Spoiler: it won’t)

As a result, large sums of money are expended every day in an effort to keep unlawful distribution under control. Over the years there have been many strategies and several of these have involved targeting end users.

The world is a very big place and the tackling of piracy differs from region to region, but what most consumers of unauthorized media want to know is whether they’re putting themselves at risk.

The short answer is that no matter where people are, there is always some level of risk attached to obtaining and using pirate content. The long answer is more nuanced.

BitTorrent and other P2P protocols

By its very nature, using BitTorrent to access copyrighted content comes with a risk. Since downloaders are also distributors and their IP addresses are necessarily public, torrent users are extremely easy to track. In fact, with a minimum of equipment, any determined rightsholder is able spot and potentially uncover the identity of a file-sharer.

But while basic BitTorrent sharing gets a 0/10 for privacy, that’s a bit like saying that a speeding car gets 0/10 for stealth. Like the speeding car, anyone can see the pirating torrent user, but the big question is whether there’s anyone around who intends to do anything about it.

The big surprise in 2017 is that users are still statistically unlikely to face any consequences.

In the United States, for example, where copyright trolling can be a serious issue for those who get caught up in the net, the problem still only affects a tiny, tiny proportion of pirates. A one percent risk of getting snared would be overstating the risk but these are still odds that any gambler would be happy to take.

Surprisingly, pirates are also less likely to encounter a simple friendly warning than they were last year too. The “Six Strikes” Copyright Alerts System operated by the MPAA and RIAA, that set out to advise large volumes of pirates using notices sent via their ISPs, was discontinued in January. Those behind it gave in, for reasons unknown.

This means that millions of torrent users – despite exposing their IP addresses in public while sharing copyrighted content – are doing so without significant problems. Nevertheless, large numbers are also taking precautions, by using anonymization technologies including VPNs.

That’s not to say that their actions are legal – they’re not – but outside the few thousand people caught up in trolls’ nets each year, the vast and overwhelming majority of torrent users (which number well over 100 million) are pirating with impunity.

In the UK, not even trolling is a problem anymore. After a few flurries that seemed to drag on longer than they should, copyright trolls appear to have left the country for more lucrative shores. No cases have gone through the courts in recent times which means that UK users are torrenting pretty much whatever they like, with no legal problems whatsoever.

It’s important to note though, that their actions aren’t going unnoticed. Unlike the United States, the UK has a warning system in place. This means that a few thousand customers of a handful of ISPs are receiving notices each month informing them that their piratey behavior has been monitored by an entertainment company.

Currently, however, there are no punishments for those who are ‘caught’, even when they’re accused of pirating on a number of occasions. At least so far, it seems that the plan is to worry pirates into submission and in some cases that will probably work. Nevertheless, things can easily change when records are being kept on this scale.

Germany aside (which is overrun with copyright trolling activity), a handful of other European countries have also endured relatively small troll problems (Finland, Sweden, Denmark) but overall, file-sharers go about their business as usual across the continent. There are no big projects in any country aiming to punish large numbers of BitTorrent users and only France has an active warning notice program.

Canada and Australia have also had relatively small problems with copyright trolls (the former also has a fairly toothless ISP warning system) but neither country is considered a particularly ‘dangerous’ place to share files using BitTorrent. Like the United States, UK, and Europe, the chances of getting prosecuted for infringement are very small indeed.

Why such little enforcement?

There are a number of reasons for the apparent lack of interest in BitTorrent users but a few bubble up to the top. Firstly, there’s the question of resources required to tackle millions of users. Obviously, some scare tactics could be deployed by hitting a few people hard, but it feels like most companies have moved beyond that thinking.

That’s partly due to the more recent tendency of entertainment groups and governments to take a broader view of infringement, hitting it at its source by strangling funds to pirate sites, hitting their advertisers, blocking their websites, and attempting to forge voluntary anti-piracy schemes with search engines.

It’s also worth noting that huge numbers of people are routinely protecting themselves with VPN-like technology, which allows them to move around the Internet with much improved levels of privacy. Just recently, anti-piracy outfit Rightscorp partly blamed this for falling revenues.

Importantly, however, the nature of infringement has been changing for some time too.

A few years ago, most people were getting their movies and music from torrent sites but now they’re more likely to be obtaining their fix from a streaming source. Accessing the top blockbusters via a streaming site (perhaps via Kodi) is for the most part untraceable, as is grabbing music from one of the hundreds of MP3 portals around today.

But as recent news revealed, why bother with ‘pirate’ sites when people can simply rip music from sites like YouTube?

So-called stream-ripping is now blamed for huge swathes of piracy and as a result, torrent sites get far fewer mentions from anti-piracy groups than they did before.

While still a thorn in their side, it wouldn’t be a stretch to presume that torrent sites are no longer considered the primary problem they once were, at least in respect of music. Now, the ‘Value Gap‘ is more of a headache.

So, in a nutshell, the millions of people obtaining and sharing copyrighted content using BitTorrent are still taking some risks in every major country, and those need to be carefully weighed.

The activity is illegal almost everywhere, punishable in both civil and criminal courts, and has the potential to land people with big fines and even a jail sentence, if the scale of sharing is big enough.

In truth, however, the chances of the man in the street getting caught are so slim that many people don’t give the risks a second thought. That said, even people who drive 10mph over the limit get caught once in a while, so those that want to keep a clean sheet online often get a VPN and reduce the risks to almost 0%.

For people who stream, life is much less complicated. Streaming movies, TV shows or music from an illicit source is untraceable by any regular means, which up to now has made it almost 100% safe. Notably, there hasn’t been a single prosecution of a user who streamed infringing content anywhere in the world. In the EU it is illegal though, so something might happen in future, potentially…..possibly…..at some point….maybe.

And here’s the thing. While this is the general position today, the ‘market’ is volatile and has the ability to change quickly. A case could get filed in the US or UK next week, each targeting 50,000 BitTorrent users for downloading something that came out months ago. Nobody knows for sure so perhaps the best analogy is the one drummed into kids during high-school sex education classes.

People shouldn’t put themselves at risk at all but if they really must, they should take precautions. If they don’t, they could easily be the unlucky one and that is nearly always miserable.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Raspberry Pi Certified Educators shine at ISTE 2017

Post Syndicated from Andrew Collins original https://www.raspberrypi.org/blog/certified-educators-iste-2017/

Everything’s bigger in Texas, including the 2017 ISTE Conference & Expo, which saw over 20,000 educators convene in San Antonio earlier this summer. As a new Raspberry Pi Foundation team member, I was thrilled to meet the many Raspberry Pi Certified Educators (RCEs) in attendance. They came from across the country to share their knowledge, skills, and advice with fellow educators interested in technology and digital making.

This is the only GIF. Honest.

Meet the RCEs

Out of the dozens of RCEs who attended, here are three awesome members of our community and their ISTE 2017 stories:

Nicholas Provenzano, Makerspace Director at University Liggett School and the original nerdy teacher, shared his ideas for designing innovative STEAM and maker projects. He also knocked our socks off by building his own digital badge using a Raspberry Pi Zero to stream tweets from the conference.

Andrew Collins on Twitter

What’s up w/ @Raspberry_Pi & digital making? Serious knowledge dropping at #ISTE17 #picademy

Amanda Haughs, TOSA Digital Innovation Coach in Campbell Union School District and digital learning champion, shared her ideas for engaging elementary school learners in technology and digital making. She also went next level with her ISTE swag, creating a wearable Raspberry Pi tote bag combining sewing and circuitry.

Amanda Haughs on Twitter

New post: “Pi Tote– a sewing and circuitry project w/the @Raspberry_Pi Zero W” https://t.co/Fb1IFZMH1n #picademy #Maker #ISTE17 #PiZeroW

Rafranz Davis, Executive Director of Professional and Digital Learning for Lufkin ISD and edtech leader extraordinaire, shared her vision for making innovation and digital learning more equitable and accessible for all. She also received the ISTE 2017 Award for Outstanding Leadership in recognition of her efforts to promote diversity, equity, and inclusion for learners across learning environments.

EdSurge on Twitter

At #iste17, @rafranzdavis speaks about the privilege of access. How do we make innovation less privileged? #edtechc… https://t.co/6foMzgfE6f

Rafranz, Nicholas, and Amanda are all members of our original Picademy cohorts in the United States. Since summer 2016, more than 300 educators have attended US Picademy events and joined the RCE community. Be on the lookout later this year for our 2018 season events and sign up here for updates.

The Foundation at ISTE 2017

Oh, and the Raspberry Pi Foundation team was also at ISTE 2017 and we’re not too shabby either : ). We held a Raspberry Jam, which saw some fantastic projects from Raspberry Pi Certified Educators — the Raspberry Pi Preserve Jar from Heidi Baynes, Scratch student projects from Bradley Quentin and Kimberly Boyce, and Sense HAT activities with Efren Rodriguez.

But that’s not all we got up to! You can learn more about our team’s presentations — including on how to send a Raspberry Pi to near space — on our ISTE conference page here.

Raspberry Pi on Twitter

Our #ISTE17 crew had a PACKED day in San Antonio. If you didn’t catch them today, see where they’ll be: https://t.co/Rt0ec7PF7S

Join the fold

Inspired by all this education goodness? You can become a Raspberry Pi Certified Educator as well! All you need to do is attend one of our free two-day Picademy courses held across the US and UK. Join this amazing community of more than 1,000 teachers, librarians, and volunteers, and help more people learn about digital making.

If you’re interested in what our RCEs do at Picademy, check out our free online courses. These are available to anyone, and you can use them to learn about teaching coding and physical computing from the comfort of your home.

The post Raspberry Pi Certified Educators shine at ISTE 2017 appeared first on Raspberry Pi.

Encrypted Media Extensions a W3C Recommendation

Post Syndicated from ris original https://lwn.net/Articles/727499/rss

Encrypted Media Extensions (EME) have been under review by the W3C Advisory
Committee since last March. This report
from the committee addresses comments and objections to EME.
After consideration of the issues, the Director reached a decision
that the EME specification should move to W3C Recommendation. The Encrypted
Media Extensions specification remains a better alternative for users than
other platforms, including for reasons of security, privacy, and
accessibility, by taking advantage of the Web platform. While additional
work in some areas may be beneficial for the future of the Web Platform, it
remains appropriate for the W3C to make the EME specification a W3C
Recommendation. Formal publication of the W3C Recommendation will happen at
a later date. We encourage W3C Members and the community to work in both
technical and policy areas to find better solutions in this space.

The Free Software Foundation’s Defective by Design campaign opposes
EME arguing that it infringes on Web users’ control of their own
computers, and weakens their security and privacy. “Opponents’ last opportunity to stop EME is an appeal by the Advisory Committee of the World Wide Web Consortium (W3C), the body which Tim Berners-Lee heads. Requiring 5% of the Committee’s 475 members (corporate, nonprofit, and educational institutions) to sign on within a two-week period, the appeal would then trigger a vote from the whole Committee to make a final decision to ratify or reject EME.

Top 10 Most Pirated Movies of The Week on BitTorrent – 07/10/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-071017/

This week we have three newcomers in our chart.

Alien Covenant is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (7) Alien Covenant (Subbed HDrip) 6.7 / trailer
2 (…) Ghost In a Shell 6.8 / trailer
3 (1) Kong: Skull Island 6.9 / trailer
4 (…) Despicable Me 3 (HDTS) 6.7 / trailer
5 (2) Wonder Woman (Subbed HDrip) 8.2 / trailer
6 (3) King Arthur: Legend of the Sword 7.2 / trailer
7 (4) The Fate of the Furious 6.7 / trailer
8 (…) Transformers: The Last Knight (TC/HDTS) 5.3 / trailer
9 (5) The Mummy 2017 (HDTS) 5.8 / trailer
10 (6) The Boss Baby 6.5 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Could Pirate TV Box Users Be Prosecuted For Fraud?

Post Syndicated from Andy original https://torrentfreak.com/could-pirate-tv-box-users-be-prosecuted-for-fraud-170709/

With the issue of piracy-enabled set-top boxes still making the headlines, the English Premier League (EPL) has emerged as the most likely organization to prosecute sellers of infringing boxes in the UK.

However, last month the Federation Against Copyright Theft, who provide anti-piracy services for the EPL, revealed that mere users of boxes (such as those containing augmented Kodi setups) could be targeted for prosecution sometime in the future.

As noted in our earlier coverage, people who merely stream pirated content into their own homes are difficult to track online. They pose much greater challenges than BitTorrent users, for example, who can lead investigators straight to their door. But for FACT chief executive Kieron Sharp, there are opportunities to find people via non-technical means.

“When we’re working with the police against a company that’s selling IPTV boxes or illicit streaming devices on a large scale, they have records of who they’ve sold them to,” Sharp said.

The suggestion here is that box sellers’ customer lists contain the personal details of people who obtain Premier League and other content for free so, once identified, could be open to prosecution.

With conventional thinking under copyright law, prosecuting a set-top box/Kodi user for streaming content to his own home is a bit of a daunting prospect, not to mention an expensive one. Copyright cases are notoriously complicated and an individual putting up a spirited defense could cause problems for the prosecution. The inevitable light sentence wouldn’t provide much of a deterrent either.

With all that in mind, it appears that FACT is more interested in prosecuting under other legislation.

During an interview with BBC Radio 5 Live’s Chris Warburton this week, Sharp said that people streaming into their own homes are committing a criminal offense, i.e., something that could interest the police and attract a fine or custodial sentence.

“The law has always been the case that people who are doing something illegal, streaming in their own homes, through these devices, are committing a crime. What’s happened recently is that’s been clarified by an EU judge in one case and by a civil judge in another,” Sharp said.

The EU case was BREIN v Filmspeler, which in part determined that people who stream content from an illegal source do so in breach of copyright law. The judge in the civil case was Justice Arnold, who in a UK Premier League blocking case reached the same conclusion.

While it’s now fairly clear that streaming pirate content in the EU is indeed illegal, is a civil wrong, and can be dealt with by suing someone, it’s not immediately clear how that turns into a criminal offense. It wasn’t clear in the interview either, so Warburton pressed Sharp again.

“What is the bit of the law that you are breaking when you’re streaming, how are you committing a criminal act?” he asked Sharp.

“There are various pieces of legislation,” the FACT chief said. “The one we’ve been looking at is under the Fraud Act which would say you are committing a fraud by streaming these football matches through to your television, watching them at home, and not paying for the license to do so.”

At this point, everything begins to slot into place.

For the past several years through several high-profile Internet piracy cases, FACT has shied away from prosecutions under copyright law. Each time it has opted for offenses under the Fraud Act 2006, partly because longer sentences were available at the time, i.e., up to 10 years in prison.

However, earlier this year FACT’s lawyer revealed that prosecutions under the Fraud Act can be easier for a jury to understand than those actioned under copyright law.

With this wealth of experience in mind, it’s easy to see why FACT would take this route in set-top box cases, especially when fraud legislation is relatively easy to digest.

Possession etc. of articles for use in frauds

“A person is guilty of an offense if he has in his possession or under his control any article for use in the course of or in connection with any fraud,” the Fraud Act reads.

To clarify, an ‘article’ includes “any program or data held in electronic form,” which is perfect for infringing Kodi addons etc.

Given the above, it seems that if the Court can be convinced that the person knowingly possessed a pirate set-top box programmed for fraudulent purposes, there could, in theory, be a successful prosecution resulting in a prison sentence and/or a fine.

Obtaining services dishonestly

“A person is guilty of an offense under this section if he obtains services for himself or another….by a dishonest act, and….he [knowingly] obtains them without any payment having been made for or in respect of them or without payment having been made in full,” the relevant section of the Act reads.

There are probably other angles to this under the Fraud Act but these seem to fit so well that others might not be needed. But how likely is it that someone could be prosecuted in this manner?

Sharp reiterated to the BBC that FACT could get the identities of box buyers as part of investigations into sellers, and as part of that “would see what the situation is” with their customers.

“It may well be that in the future, somebody who is an end-user may well get prosecuted,” he said.

But while the possibilities are there, Sharp really didn’t seem that keen to commit to the hounding of stream consumers in the future, and certainly not now. FACT’s strategy appears to be grounded in getting the word out that people are breaking the law.

“[People] think they can get away with it and that’s an important message from our perspective, that they must understand that they are committing offenses, apart from all the other issues of why they should be paying for the legal product. This is something that should be of concern to them, that they are committing offenses,” Sharp said.

The big question that remains is whether FACT and the English Premier League would ever take a case against a regular end-user to court. History tells us that this is fairly unlikely, but if any case did end up in court, it would definitely be hand-picked for best results.

For example, someone who bought a box from eBay would probably be of no real interest, but someone who had extended email exchanges with a seller, during which they discussed in detail how to pirate English Premier League games specifically, would provide a more useful test subject.

And then, when there are two people involved (the knowingly infringing buyer and the seller, who would also be prosecuted) that also raises the question of whether there had been an element of conspiracy.

Overall though, what people probably want to know is whether lots of people are going to get prosecuted for fraud and the answer to that is almost certainly ‘no.’ Prosecutions against the little guy are resource hungry, expensive, offer little return, and tend to generate negative publicity if they’re perceived as vindictive.

A single highly publicized case is a possible outcome if FACT and the EPL got really desperate, but there’s no guarantee that the Crown Prosecution Service would allow the case to go ahead.

“Prosecutors should guard against the criminal law being used as a debt collection agency or to protect the commercial interests of companies and organizations,” recent CPS advice reads.

“However, prosecutors should also remain alert to the fact that such organizations can become the focus of serious and organized criminal offending.”

FACT could, of course, conduct a private prosecution, which they have done several times in the past. But that is a risk too, so it seems likely that education efforts will come first, to try and slow things down.

“Our desire has always been that sports fans, football fans, would pay for the commercial package, they would pay a fee to watch and that is still our position,” Sharp told the BBC.

“But working with our clients and members such as the Premier League and Sky and BT Sports, we have to consider all the options available to us, to put a bit of a brake on this problem because it’s growing all the time.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

AWS Online Tech Talks – July 2017

Post Syndicated from Tara Walker original https://aws.amazon.com/blogs/aws/aws-online-tech-talks-july-2017/

It’s unbelievable that 2017 has flown by so quickly, yet here we are already in the month of July. A little-known fact about the 7th month of the year is that its name, July, is in honor of the Roman general, Julius Cæsar. The Roman State named the month on his behalf since it the month of his birth. Prior to this designation, the month of July was called Quintilis.

I, also, thought it was interesting to learn that in the month of July, several countries celebrate their Independence Day. These countries are the United States, Bahamas, Kiribati, São Tomé, Príncipe, Liberia, Maldives, Algeria, Cape Verde, Venezuela, Burundi, Rwanda, and Somalia. Seems that the month of July was ripe for freedom and independence for all parts of the world.

Therefore, there is a lot to celebrate in the month of July and you are free to add the celebration of learning to your July festivities with AWS Online Tech Talks. This month’s sessions brings you great technical information about Serverless Compute, Security and Identity, as well as, Big Data and Artificial Intelligence running on Amazon Web Services.

July 2017 – Schedule

Below is the upcoming schedule for the live, online technical sessions scheduled for the month of July. Make sure to register ahead of time so you won’t miss out on these free talks conducted by AWS subject matter experts. All schedule times for the online tech talks are shown in the Pacific Time (PDT) time zone.

 

Webinars featured this month are:

 

Tuesday, July 11

Compute

9:00 AM – 9:40 AM: Managing WordPress on Amazon Lightsail

Big Data

10:30 AM – 11:10 AM: Building a Metadata Catalog for your Data Lakes using Amazon Elasticsearch Service

Databases

12:00 Noon – 12:40 PM: Convert and Migrate Your NoSQL Database or Data Warehouse to AWS

 

Wednesday, July 12

IoT

9:00 AM – 9:40 AM: Essential Capabilities of an IoT Cloud Platform

Storage

10:30 AM – 11:10 AM: Deep Dive on Amazon S3

Security & Identity

12:00 Noon –12:40 PM: Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS Shield

 

Thursday, July 13

Enterprise & Hybrid

9:00 AM – 9:40 AM: Decouple and Scale Applications Using Amazon SQS and Amazon SNS

Mobile

10:30 AM – 11:10 AM: Driving User Engagement with Amazon Pinpoint

Security & Identity

12:00 Noon – 12:40 PM: Integrating Security Assessments Into Your DevOps Cycle with Amazon Inspector

 

Tuesday, July 25

Hands On Lab

8:30 AM – 10:00 AM: Hands-on Lab: Windows Workload

Enterprise & Hybrid

10:30 AM – 11:10 AM: SAP Solutions on AWS for Large Enterprises and Mission Critical Applications

Serverless

12:00 Noon – 1:00 PM: Security Best Practices for Serverless Applications

 

Wednesday, July 26

Hands On Lab

8:30 AM – 10:00 AM: Hands-on Lab: Introduction to Microsoft SQL Server in AWS

Artificial Intelligence

10:30 AM – 11:10 AM: Deep Learning for Data Scientists: Using Apache MXNet and R on AWS

 

Thursday, July 27

Big Data

9:00 AM – 9:40 AM: Embrace Streaming Analytics and Transform Your Business (AWS Webinar featuring Forrester’s Mike Gualtieri)

Compute

10:30 AM – 11:10 AM: Serverless Orchestration of AWS Step Functions

Artificial Intelligence

12:00 Noon – 12:40 PM: Exploring the Business Use Cases for Amazon Polly

 

The AWS Online Tech Talks series covers a broad range of topics at varying technical levels. These sessions feature live demonstrations & customer examples led by AWS engineers and Solution Architects. Check out the AWS YouTube channel for more on-demand webinars on AWS technologies.

Tara

OctaPi: cluster computing and cryptography

Post Syndicated from Laura Sach original https://www.raspberrypi.org/blog/octapi/

When I was a teacher, a question I was constantly asked by curious students was, “Can you teach us how to hack?” Turning this idea on its head, and teaching the techniques behind some of our most important national cyber security measures, is an excellent way of motivating students to do good. This is why the Raspberry Pi Foundation and GCHQ have been working together to bring you exciting new resources!

More computing power with the OctaPi

You may have read about GCHQ’s OctaPi computer in Issue 58 of the MagPi. The OctaPi is a cluster computer joining together the power of eight Raspberry Pis (i.e. 32 cores) in a distributed computer system to execute computations much faster than a single Pi could perform them.

OctaPi cluster

Can you feel the power?

We have created a brand-new tutorial on how to build your own OctaPi at home. Don’t have eight Raspberry Pis lying around? Build a TetraPi (4) or a HexaPi (6) instead! You could even build the OctaPi with Pi Zero Ws if you wish. You will be able to run any programs you like on your new cluster computer, as it has all the software of a regular Pi, but is more powerful.

OctaPi at the Cheltenham Science Festival

Understanding cryptography

You probably use public key cryptography online every day without even realising it, but now you can use your OctaPi to understand exactly how it keeps your data safe. Our new OctaPi: public key cryptography resource walks you through the invention of this type of encryption (spoiler: Diffie and Hellman weren’t the first to invent it!). In it, you’ll also learn how a public key is created, whether a brute force attack using the OctaPi could be used to find out a public key, and you will be able to try breaking an encryption example yourself.

These resources are some our most advanced educational materials yet, and fit in with the “Maker” level of the Raspberry Pi Foundation Digital Making Curriculum. The projects are ideal for older students, perhaps those looking to study Computer Science at university. And there’s more to come: we have two other OctaPi resources in the pipeline to make use of the OctaPi’s full capabilities, so watch this space!

The post OctaPi: cluster computing and cryptography appeared first on Raspberry Pi.

US International Trade Administration Worries About Widespread Piracy

Post Syndicated from Ernesto original https://torrentfreak.com/us-international-trade-administration-worries-about-widespread-piracy-170703/

One of the main goals of the International Trade Administration is to strengthen the interests of U.S. industries around the globe.

The agency, which falls under the Department of Commerce, is committed to ensure fair trade through the “rigorous enforcement” of trade laws and agreements.

Despite its efforts, many challenges remain. In its newly released overview of top markets in the Media and Entertainment (M&E) sector, piracy is highlighted as one of the prime threats.

“Digital trade has brought attention to widespread piracy and the importance of having solid copyright laws and enforcement actions, along with educational campaigns to encourage legal consumption of M&E,” the International Trade Administration (ITA) writes.

The agency points out that it’s hard to measure exactly how much piracy is hurting sales, but states that this number is in the millions. The problem also prompted copyright holders to increase their takedown efforts.

“Piracy and illegal file sharing continue to plague the M&E sectors. It is difficult to quantify losses from piracy and to calculate piracy rates accurately. Therefore many industry groups and businesses track piracy around the clock, and online takedown notices are rising dramatically as a result,” ITA writes.

The piracy threat is a global problem and also affects business in the top export countries for media and entertainment products and services. This includes Canada, India and Brazil, where legislation or enforcement are currently lacking, according to the agency.

In India, for example, various forms of online and physical piracy are booming, despite the fact that legal sales are growing as well.

“[India] is a very challenging marketplace, with barriers, to trade such as high piracy threats to both physical and digital M&E sectors, and uncertain implementation of laws governing the M&E sectors. The IIPA reports online and mobile piracy, illegal file sharing of music, cam cording in theaters, and rampant signal piracy of pay TV content,” ITA writes (pdf).

Another large export market is Canada. While the US and Canada are much alike in many aspects, the northern neighbor’s enforcement against online piracy is lacking, according to the ITA.

“Canada has a well-developed professional sector that makes trading easier and efficient for U.S. exporters. However, there are copyright and other trade barriers for American businesses in Canada. Online infringement is high and enforcement weaker than expected.”

Brazil is the third top expert market where the US media and entertainment sector faces severe challenges. There are various trade barriers, including high taxation of foreign products and services, and piracy is also widespread.

“Copyright industries doing business in Brazil face significant Internet piracy, as do products in the entertainment sector, such as CDs; DVDs; and other media carrying pirated music, movies, TV programming and video games,” ITA writes.

While revenues are growing in Brazil, more work can be done to limit piracy. The Brazilian Government could lower taxes, for example, but the industry itself could also do more to increase the availability of its products.

“Circumvention devices that allow access to video game consoles are a problem for all copyright sectors. The activity is driven by high costs and taxes on entertainment and lack of a full catalogue offering to the public, some of which is a governmental problem, and some of which is caused by the industry.”

The ITA sees robust copyright laws, increased enforcement and campaigns to highlight legal alternatives, as possible solutions to these problems.

In Brazil change may come shortly, as there’s a new copyright law pending. However, not all countries are receptive to the US complaints. Canada previously responded to a similar US report, labeling it as flawed and one-sided.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

PiCorder, the miniature camcorder

Post Syndicated from Janina Ander original https://www.raspberrypi.org/blog/picorder/

The modest dimensions of our Raspberry Pi Zero and its wirelessly connectable sibling, the Pi Zero W, enable makers in our community to build devices that are very small indeed. The PiCorder built by Wayne Keenan is probably the slimmest Pi-powered video-recording device we’ve ever seen.

PiCorder – Pimoroni HyperPixel

A simple Pi-camcorder using @pimoroni #HyperPixel, ZeroLipo, lipo bat, camera and #PiZeroW. All parts from the Pirates, total of ~£85. Project build instructions: https://www.hackster.io/TheBubbleworks/picorder-0eb94d

PiCorder hardware

Wayne’s PiCorder is a very straightforward make. On the hardware side, it features a Pimoroni HyperPixel screen, Pi Zero camera module, and Zero LiPo plus LiPo battery pack. To put it together, he simply soldered header pins onto a Zero W, and connected all the components to it – easy as Pi! (Yes, I went there.)

PiCorder

So sleek as to be almost aerodynamic

Recording with the PiCorder (rePiCording?)

Then it was just a matter of installing the HyperPixel driver on the Pi, and the PiCorder was good to go. In this basic setup, recording is controlled via SSH. However, there’s a discussion about better ways to control the device in the comments on Wayne’s write-up. As the HyperPixel is a touchscreen, adding a GUI would make full use of its capabilities.

Picorder screen

Think about how many screens you’re looking at right now

The PiCorder is a great project to recreate if you’re looking to build a small portable camera. If you’re new to soldering, this build is perfect for you: just follow our ‘How to solder’ video and tutorial, and you’re on your way. This could be the start of your journey into the magical world of physical computing!

You could also check our blog on Alex Ellis‘s implementation of YouTube live-streaming for the Pi, and learn how to share your videos in real time.

Cool camera projects

Our educational resources include plenty of cool projects that could use the PiCorder, or for which the device could be adapted.

Get your head around using the official Raspberry Pi Camera Module with this picamera tutorial. Learn how to set up a stationary or wearable time-lapse camera, and turn your images into animated GIFs. You could also kickstart your career as a director by making an amazing stop-motion film!

No matter which camera project you choose to work on, we’d love to see the results. So be sure to share a link in the comments.

The post PiCorder, the miniature camcorder appeared first on Raspberry Pi.

Top 10 Most Pirated Movies of The Week on BitTorrent – 07/03/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-070317/

This week we have two newcomers in our chart.

Kong: Skull Island is the most downloaded movie for the second week in a row.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (1) Kong: Skull Island 6.9 / trailer
2 (3) Wonder Woman (Subbed HDrip) 8.2 / trailer
3 (2) King Arthur: Legend of the Sword 7.2 / trailer
4 (4) The Fate of the Furious 6.7 / trailer
5 (5) The Mummy 2017 (HDTS) 5.8 / trailer
6 (7) The Boss Baby 6.5 / trailer
7 (…) Alien Covenant (Subbed HDrip) 6.8 / trailer
8 (10) Logan 8.6 / trailer
9 (9) John Wick: Chapter 2 8.0 / trailer
10 (…) The Lost City of Z 6.9 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Pi-powered hands-on statistical model at the Royal Society

Post Syndicated from Janina Ander original https://www.raspberrypi.org/blog/royal-society-galton-board/

Physics! Particles! Statistical modelling! Quantum theory! How can non-scientists understand any of it? Well, students from Durham University are here to help you wrap your head around it all – and to our delight, they’re using the power of the Raspberry Pi to do it!

At the Royal Society’s Summer Science Exhibition, taking place in London from 4-9 July, the students are presenting a Pi-based experiment demonstrating the importance of statistics in their field of research.

Modelling the invisible – Summer Science Exhibition 2017

The Royal Society Summer Science Exhibition 2017 features 22 exhibits of cutting-edge, hands-on UK science , along with special events and talks. You can meet the scientists behind the research. Find out more about the exhibition at our website: https://royalsociety.org/science-events-and-lectures/2017/summer-science-exhibition/

Ramona, Matthew, and their colleagues are particle physicists keen to bring their science to those of us whose heads start to hurt as soon as we hear the word ‘subatomic’. In their work, they create computer models of subatomic particles to make predictions about real-world particles. Their models help scientists to design better experiments and to improve sensor calibrations. If this doesn’t sound straightforward to you, never fear – this group of scientists has set out to show exactly how statistical models are useful.

The Galton board model

They’ve built a Pi-powered Galton board, also called a bean machine (much less intimidating, I think). This is an upright board, shaped like an upside-down funnel, with nails hammered into it. Drop a ball in at the top, and it will randomly bounce off the nails on its way down. How the nails are spread out determines where a ball is most likely to land at the bottom of the board.

If you’re having trouble picturing this, you can try out an online Galton board. Go ahead, I’ll wait.

You’re back? All clear? Great!

Now, if you drop 100 balls down the board and collect them at the bottom, the result might look something like this:

Galton board

By Antoine Taveneaux CC BY-SA 3.0

The distribution of the balls is determined by the locations of the nails in the board. This means that, if you don’t know where the nails are, you can look at the distribution of balls to figure out where they are most likely to be located. And you’ll be able to do all this using … statistics!!!

Statistical models

Similarly, how particles behave is determined by the laws of physics – think of the particles as balls, and laws of physics as nails. Physicists can observe the behaviour of particles to learn about laws of physics, and create statistical models simulating the laws of physics to predict the behaviour of particles.

I can hear you say, “Alright, thanks for the info, but how does the Raspberry Pi come into this?” Don’t worry – I’m getting to that.

Modelling the invisible – the interactive exhibit

As I said, Ramona and the other physicists have not created a regular old Galton board. Instead, this one records where the balls land using a Raspberry Pi, and other portable Pis around the exhibition space can access the records of the experimental results. These Pis in turn run Galton board simulators, and visitors can use them to recreate a virtual Galton board that produces the same results as the physical one. Then, they can check whether their model board does, in fact, look like the one the physicists built. In this way, people directly experience the relationship between statistical models and experimental results.

Hurrah for science!

The other exhibit the Durham students will be showing is a demo dark matter detector! So if you decide to visit the Summer Science Exhibition, you will also have the chance to learn about the very boundaries of human understanding of the cosmos.

The Pi in museums

At the Raspberry Pi Foundation, education is our mission, and of course we love museums. It is always a pleasure to see our computers incorporated into exhibits: the Pi-powered visual theremin teaches visitors about music; the Museum in a Box uses Pis to engage people in hands-on encounters with exhibits; and this Pi is itself a museum piece! If you want to learn more about Raspberry Pis and museums, you can listen to this interview with Pi Towers’ social media maestro Alex Bate.

It’s amazing that our tech is used to educate people in areas beyond computer science. If you’ve created a pi-powered educational project, please share it with us in the comments.

The post Pi-powered hands-on statistical model at the Royal Society appeared first on Raspberry Pi.

Perform More Productive Audits of Your AWS Resources by Using the New AWS Auditor Learning Path

Post Syndicated from Jodi Scrofani original https://aws.amazon.com/blogs/security/perform-more-productive-audits-of-your-aws-resources-by-using-the-new-aws-auditor-learning-path/

Auditing image

AWS customers in highly regulated industries such as financial services and healthcare tend to undergo frequent security audits. To help make these audits more productive, AWS has released the AWS Auditor Learning Path. This set of online and in-person classes provides foundational and advanced education about implementing security in the AWS Cloud and using AWS tools to gather the information necessary to audit an AWS environment. The Learning Path also includes a set of self-paced labs to help you gain hands-on experience for auditing your use of AWS services.

After completing the AWS Auditor Learning Path, you should have an understanding of how your IT department consumes AWS services and be able to more effectively engage with your compliance and security teams. The Learning Path is specifically designed for:

  • Auditing executives
  • Field auditors
  • Specialized internal auditors

To get started today, see the AWS Auditor Learning Path.

– Jodi

Websites Grabbing User-Form Data Before It’s Submitted

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/06/websites_grabbi.html

Websites are sending information prematurely:

…we discovered NaviStone’s code on sites run by Acurian, Quicken Loans, a continuing education center, a clothing store for plus-sized women, and a host of other retailers. Using Javascript, those sites were transmitting information from people as soon as they typed or auto-filled it into an online form. That way, the company would have it even if those people immediately changed their minds and closed the page.

This is important because it goes against what people expect:

In yesterday’s report on Acurian Health, University of Washington law professor Ryan Calo told Gizmodo that giving users a “send” or “submit” button, but then sending the entered information regardless of whether the button is pressed or not, clearly violates a user’s expectation of what will happen. Calo said it could violate a federal law against unfair and deceptive practices, as well as laws against deceptive trade practices in California and Massachusetts. A complaint on those grounds, Calo said, “would not be laughed out of court.”

This kind of thing is going to happen more and more, in all sorts of areas of our lives. The Internet of Things is the Internet of sensors, and the Internet of surveillance. We’ve long passed the point where ordinary people have any technical understanding of the different ways networked computers violate their privacy. Government needs to step in and regulate businesses down to reasonable practices. Which means government needs to prioritize security over their own surveillance needs.

Continuous Delivery of Nested AWS CloudFormation Stacks Using AWS CodePipeline

Post Syndicated from Prakash Palanisamy original https://aws.amazon.com/blogs/devops/continuous-delivery-of-nested-aws-cloudformation-stacks-using-aws-codepipeline/

In CodePipeline Update – Build Continuous Delivery Workflows for CloudFormation Stacks, Jeff Barr discusses infrastructure as code and how to use AWS CodePipeline for continuous delivery. In this blog post, I discuss the continuous delivery of nested CloudFormation stacks using AWS CodePipeline, with AWS CodeCommit as the source repository and AWS CodeBuild as a build and testing tool. I deploy the stacks using CloudFormation change sets following a manual approval process.

Here’s how to do it:

In AWS CodePipeline, create a pipeline with four stages:

  • Source (AWS CodeCommit)
  • Build and Test (AWS CodeBuild and AWS CloudFormation)
  • Staging (AWS CloudFormation and manual approval)
  • Production (AWS CloudFormation and manual approval)

Pipeline stages, the actions in each stage, and transitions between stages are shown in the following diagram.

CloudFormation templates, test scripts, and the build specification are stored in AWS CodeCommit repositories. These files are used in the Source stage of the pipeline in AWS CodePipeline.

The AWS::CloudFormation::Stack resource type is used to create child stacks from a master stack. The CloudFormation stack resource requires the templates of the child stacks to be stored in the S3 bucket. The location of the template file is provided as a URL in the properties section of the resource definition.

The following template creates three child stacks:

  • Security (IAM, security groups).
  • Database (an RDS instance).
  • Web stacks (EC2 instances in an Auto Scaling group, elastic load balancer).
Description: Master stack which creates all required nested stacks

Parameters:
  TemplatePath:
    Type: String
    Description: S3Bucket Path where the templates are stored
  VPCID:
    Type: "AWS::EC2::VPC::Id"
    Description: Enter a valid VPC Id
  PrivateSubnet1:
    Type: "AWS::EC2::Subnet::Id"
    Description: Enter a valid SubnetId of private subnet in AZ1
  PrivateSubnet2:
    Type: "AWS::EC2::Subnet::Id"
    Description: Enter a valid SubnetId of private subnet in AZ2
  PublicSubnet1:
    Type: "AWS::EC2::Subnet::Id"
    Description: Enter a valid SubnetId of public subnet in AZ1
  PublicSubnet2:
    Type: "AWS::EC2::Subnet::Id"
    Description: Enter a valid SubnetId of public subnet in AZ2
  S3BucketName:
    Type: String
    Description: Name of the S3 bucket to allow access to the Web Server IAM Role.
  KeyPair:
    Type: "AWS::EC2::KeyPair::KeyName"
    Description: Enter a valid KeyPair Name
  AMIId:
    Type: "AWS::EC2::Image::Id"
    Description: Enter a valid AMI ID to launch the instance
  WebInstanceType:
    Type: String
    Description: Enter one of the possible instance type for web server
    AllowedValues:
      - t2.large
      - m4.large
      - m4.xlarge
      - c4.large
  WebMinSize:
    Type: String
    Description: Minimum number of instances in auto scaling group
  WebMaxSize:
    Type: String
    Description: Maximum number of instances in auto scaling group
  DBSubnetGroup:
    Type: String
    Description: Enter a valid DB Subnet Group
  DBUsername:
    Type: String
    Description: Enter a valid Database master username
    MinLength: 1
    MaxLength: 16
    AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*"
  DBPassword:
    Type: String
    Description: Enter a valid Database master password
    NoEcho: true
    MinLength: 1
    MaxLength: 41
    AllowedPattern: "[a-zA-Z0-9]*"
  DBInstanceType:
    Type: String
    Description: Enter one of the possible instance type for database
    AllowedValues:
      - db.t2.micro
      - db.t2.small
      - db.t2.medium
      - db.t2.large
  Environment:
    Type: String
    Description: Select the appropriate environment
    AllowedValues:
      - dev
      - test
      - uat
      - prod

Resources:
  SecurityStack:
    Type: "AWS::CloudFormation::Stack"
    Properties:
      TemplateURL:
        Fn::Sub: "https://s3.amazonaws.com/${TemplatePath}/security-stack.yml"
      Parameters:
        S3BucketName:
          Ref: S3BucketName
        VPCID:
          Ref: VPCID
        Environment:
          Ref: Environment
      Tags:
        - Key: Name
          Value: SecurityStack

  DatabaseStack:
    Type: "AWS::CloudFormation::Stack"
    Properties:
      TemplateURL:
        Fn::Sub: "https://s3.amazonaws.com/${TemplatePath}/database-stack.yml"
      Parameters:
        DBSubnetGroup:
          Ref: DBSubnetGroup
        DBUsername:
          Ref: DBUsername
        DBPassword:
          Ref: DBPassword
        DBServerSecurityGroup:
          Fn::GetAtt: SecurityStack.Outputs.DBServerSG
        DBInstanceType:
          Ref: DBInstanceType
        Environment:
          Ref: Environment
      Tags:
        - Key: Name
          Value:   DatabaseStack

  ServerStack:
    Type: "AWS::CloudFormation::Stack"
    Properties:
      TemplateURL:
        Fn::Sub: "https://s3.amazonaws.com/${TemplatePath}/server-stack.yml"
      Parameters:
        VPCID:
          Ref: VPCID
        PrivateSubnet1:
          Ref: PrivateSubnet1
        PrivateSubnet2:
          Ref: PrivateSubnet2
        PublicSubnet1:
          Ref: PublicSubnet1
        PublicSubnet2:
          Ref: PublicSubnet2
        KeyPair:
          Ref: KeyPair
        AMIId:
          Ref: AMIId
        WebSG:
          Fn::GetAtt: SecurityStack.Outputs.WebSG
        ELBSG:
          Fn::GetAtt: SecurityStack.Outputs.ELBSG
        DBClientSG:
          Fn::GetAtt: SecurityStack.Outputs.DBClientSG
        WebIAMProfile:
          Fn::GetAtt: SecurityStack.Outputs.WebIAMProfile
        WebInstanceType:
          Ref: WebInstanceType
        WebMinSize:
          Ref: WebMinSize
        WebMaxSize:
          Ref: WebMaxSize
        Environment:
          Ref: Environment
      Tags:
        - Key: Name
          Value: ServerStack

Outputs:
  WebELBURL:
    Description: "URL endpoint of web ELB"
    Value:
      Fn::GetAtt: ServerStack.Outputs.WebELBURL

During the Validate stage, AWS CodeBuild checks for changes to the AWS CodeCommit source repositories. It uses the ValidateTemplate API to validate the CloudFormation template and copies the child templates and configuration files to the appropriate location in the S3 bucket.

The following AWS CodeBuild build specification validates the CloudFormation templates listed under the TEMPLATE_FILES environment variable and copies them to the S3 bucket specified in the TEMPLATE_BUCKET environment variable in the AWS CodeBuild project. Optionally, you can use the TEMPLATE_PREFIX environment variable to specify a path inside the bucket. This updates the configuration files to use the location of the child template files. The location of the template files is provided as a parameter to the master stack.

version: 0.1

environment_variables:
  plaintext:
    CHILD_TEMPLATES: |
      security-stack.yml
      server-stack.yml
      database-stack.yml
    TEMPLATE_FILES: |
      master-stack.yml
      security-stack.yml
      server-stack.yml
      database-stack.yml
    CONFIG_FILES: |
      config-prod.json
      config-test.json
      config-uat.json

phases:
  install:
    commands:
      npm install jsonlint -g
  pre_build:
    commands:
      - echo "Validating CFN templates"
      - |
        for cfn_template in $TEMPLATE_FILES; do
          echo "Validating CloudFormation template file $cfn_template"
          aws cloudformation validate-template --template-body file://$cfn_template
        done
      - |
        for conf in $CONFIG_FILES; do
          echo "Validating CFN parameters config file $conf"
          jsonlint -q $conf
        done
  build:
    commands:
      - echo "Copying child stack templates to S3"
      - |
        for child_template in $CHILD_TEMPLATES; do
          if [ "X$TEMPLATE_PREFIX" = "X" ]; then
            aws s3 cp "$child_template" "s3://$TEMPLATE_BUCKET/$child_template"
          else
            aws s3 cp "$child_template" "s3://$TEMPLATE_BUCKET/$TEMPLATE_PREFIX/$child_template"
          fi
        done
      - echo "Updating template configurtion files to use the appropriate values"
      - |
        for conf in $CONFIG_FILES; do
          if [ "X$TEMPLATE_PREFIX" = "X" ]; then
            echo "Replacing \"TEMPLATE_PATH_PLACEHOLDER\" for \"$TEMPLATE_BUCKET\" in $conf"
            sed -i -e "s/TEMPLATE_PATH_PLACEHOLDER/$TEMPLATE_BUCKET/" $conf
          else
            echo "Replacing \"TEMPLATE_PATH_PLACEHOLDER\" for \"$TEMPLATE_BUCKET/$TEMPLATE_PREFIX\" in $conf"
            sed -i -e "s/TEMPLATE_PATH_PLACEHOLDER/$TEMPLATE_BUCKET\/$TEMPLATE_PREFIX/" $conf
          fi
        done

artifacts:
  files:
    - master-stack.yml
    - config-*.json

After the template files are copied to S3, CloudFormation creates a test stack and triggers AWS CodeBuild as a test action.

Then the AWS CodeBuild build specification executes validate-env.py, the Python script used to determine whether resources created using the nested CloudFormation stacks conform to the specifications provided in the CONFIG_FILE.

version: 0.1

environment_variables:
  plaintext:
    CONFIG_FILE: env-details.yml

phases:
  install:
    commands:
      - pip install --upgrade pip
      - pip install boto3 --upgrade
      - pip install pyyaml --upgrade
      - pip install yamllint --upgrade
  pre_build:
    commands:
      - echo "Validating config file $CONFIG_FILE"
      - yamllint $CONFIG_FILE
  build:
    commands:
      - echo "Validating resources..."
      - python validate-env.py
      - exit $?

Upon successful completion of the test action, CloudFormation deletes the test stack and proceeds to the UAT stage in the pipeline.

During this stage, CloudFormation creates a change set against the UAT stack and then executes the change set. This updates the UAT environment and makes it available for acceptance testing. The process continues to a manual approval action. After the QA team validates the UAT environment and provides an approval, the process moves to the Production stage in the pipeline.

During this stage, CloudFormation creates a change set for the nested production stack and the process continues to a manual approval step. Upon approval (usually by a designated executive), the change set is executed and the production deployment is completed.
 

Setting up a continuous delivery pipeline

 
I used a CloudFormation template to set up my continuous delivery pipeline. The codepipeline-cfn-codebuild.yml template, available from GitHub, sets up a full-featured pipeline.

When I use the template to create my pipeline, I specify the following:

  • AWS CodeCommit repositories.
  • SNS topics to send approval notifications.
  • S3 bucket name where the artifacts will be stored.

The CFNTemplateRepoName points to the AWS CodeCommit repository where CloudFormation templates, configuration files, and build specification files are stored.

My repo contains following files:

The continuous delivery pipeline is ready just seconds after clicking Create Stack. After it’s created, the pipeline executes each stage. Upon manual approvals for the UAT and Production stages, the pipeline successfully enables continuous delivery.


 

Implementing a change in nested stack

 
To make changes to a child stack in a nested stack (for example, to update a parameter value or add or change resources), update the master stack. The changes must be made in the appropriate template or configuration files and then checked in to the AWS CodeCommit repository. This triggers the following deployment process:

 

Conclusion

 
In this post, I showed how you can use AWS CodePipeline, AWS CloudFormation, AWS CodeBuild, and a manual approval process to create a continuous delivery pipeline for both infrastructure as code and application deployment.

For more information about AWS CodePipeline, see the AWS CodePipeline documentation. You can get started in just a few clicks. All CloudFormation templates, AWS CodeBuild build specification files, and the Python script that performs the validation are available in codepipeline-nested-cfn GitHub repository.

About the author

 
Prakash Palanisamy is a Solutions Architect for Amazon Web Services. When he is not working on Serverless, DevOps or Alexa, he will be solving problems in Project Euler. He also enjoys watching educational documentaries.

Introducing the Raspberry Pi Integrator Programme

Post Syndicated from Roger Thornton original https://www.raspberrypi.org/blog/raspberry-pi-integrator-programme/

An ever-growing number of companies take advantage of Raspberry Pi technology and use our boards as part of their end products. Raspberry Pis are now essential components of everything from washing machines to underwater exploration vehicles. We love seeing these commercial applications, and are committed to helping bring Raspberry Pi-powered products to market. With this in mind, we are excited to announce our new Raspberry Pi Integrator Programme!

Raspberry Pi Integrator Programme

Product compliance testing

Whenever a company wants to sell a product on a market, it first has to prove that selling it is safe and legal. Compliance requirements vary between different products; rules that would apply to a complicated machine like a car will, naturally, not be the same as those that apply to a pair of trainers (although there is some overlap in the Venn diagram of rules).

Raspberry Pi Integrator Programme

Regions of the world within each of which products have to be separately tested

Different countries usually have slightly different sets of regulations, and testing has to be conducted at an accredited facility for the region the company intends to sell the product in. Companies have to put a vast amount of work into getting their product through compliance testing and certification to meet country-specific requirements. This is especially taxing for smaller enterprises.

Making testing easier

Raspberry Pi has assisted various companies that use Pi technology in their end products through this testing and certification process, and over time it has become clear that we can do even more to help. This realisation led us to work with our compliance testing and certification partner UL to create a system that simplifies and speeds up compliance processes. Thus we have started the Raspberry Pi Integrator Programme, designed to help anyone get their Raspberry Pi-based product tested and on the market quickly and efficiently.

The Raspberry Pi Integrator Programme

The programme provides access to the same test engineers who worked on our Raspberry Pis during their compliance testing. It connects the user to a dedicated team at UL who assess and test the user’s product, facilitated by their in-depth knowledge of Raspberry Pi. The team at UL work closely with the Raspberry Pi engineering team, so any unexpected issues that may arise during testing can be resolved quickly. Through the programme, UL will streamline the testing and certification process, which will in turn decrease the amount of time necessary to launch the product. Our Integrator Programme is openly available, it comes with no added cost beyond the usual testing fees at UL, and there are companies already taking advantage of it.

Get your product on the market more quickly

We have put the Integrator Programme in place in the hope of eliminating the burden of navigating complicated compliance issues and making it easier for companies to bring new, exciting products to consumers. With simplified testing, companies and individuals can get products to market in less time and with lower overhead costs.

The programme is now up and running, and ready to accept new clients. UL and Raspberry Pi hope that it will be an incredibly useful tool for creators of Raspberry Pi-powered commercial products. For more information, please email [email protected].

Powered by Raspberry Pi

As a producer of a Pi-based device, you can also apply to use our ‘Powered by Raspberry Pi’ logo on your product and its packaging. Doing so indicates to customers that a portion of their payment supports the educational work of the Raspberry Pi Foundation.

Powered by Pi Logo

You’ll find more information about the ‘Powered by Raspberry Pi’ logo and our simple approval process for using it here.

The post Introducing the Raspberry Pi Integrator Programme appeared first on Raspberry Pi.