An anonymous reader writes: Today Mozilla announced the release of Firefox 39.0, which brings an number of minor improvements to the open source browser. (Full release notes.) They've integrated Firefox Share with Firefox Hello, which means that users will be able to open video calls through links sent over social media. Internally, the browser dropped support for the insecure SSLv3 and disabled use of RC4 except where explicitly whitelisted. The SafeBrowsing malware detection now works for downloads on OS X and Linux. (Full list of security changes.) The Mac OS X version of Firefox is now running Project Silk, which makes animations and scrolling noticeably smoother. Developers now have access to the powerful Fetch API, which should provide a better interface for grabbing things over a network.

Mr D from 63 writes: Today, a new "cloud tax" takes effect in the city of Chicago, targeting online databases and streaming entertainment services. Residents who stream movies and music from companies like Netflix and Spotify will now need to pay an additional 9% tax. This also applies to Chicago businesses that pay to use databases online. Chicago expects to collect $12 million a year as a result of the new tax ruling. From the 24/7 Wall St. story: "Also worth noting is that the city’s tax ruling in both cases avoids the issue of whether there is a close-enough connection (nexus, in legalese) to require providers like Netflix or others to collect either tax. International law firm ReedSmith weighs in on this point as well: '[O]nce the Department begins to audit and assess customers located within the city, many of those customers are likely to demand that providers collect the tax going forward. As a result, many providers will likely feel the need to register to collect the taxes, despite lacking nexus, and despite having strong arguments against the Department’s expansive interpretation of its taxing ordinances.'"

Mark Wilson writes with this excerpt from a story at Beta News: A court has revealed that the UK intelligence agency, GCHQ, illegally spied on human rights organization Amnesty International. It is an allegation that the agency had previously denied, but an email from the Investigatory Powers Tribunal backtracked on a judgement made in June which said no such spying had taken place.

The email was sent to Amnesty International yesterday, and while it conceded that the organization was indeed the subject of surveillance, no explanation has been offered. It is now clear that, for some reason, communications by Amnesty International were illegally intercepted, stored, and examined. What is not clear is when the spying happened, what data was collected and, more importantly, why it happened.

kfogel writes: Microsoft Research has open sourced WorldWide Telescope, releasing it under the MIT license and donating the code to the .NET Foundation. The code is up on GitHub at github.com/WorldWideTelescope, and there are demos and more details at WorldWideTelescope.org. Go forth and explore!

An anonymous reader writes with the story from Ars Technica that UK prime minister David Cameron "has re-iterated that the UK government does not intend to 'leave a safe space — a new means of communication — for terrorists to communicate with each other.'" That statement came Monday, as a response to Conservative MP David Bellingham, "who asked [Cameron, on the floor of the House of Commons] whether he agreed that the 'time has come for companies such as Google, Facebook and Twitter to accept and understand that their current privacy policies are completely unsustainable?' To which Cameron replied: 'we must look at all the new media being produced and ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on.'" This sounds like the UK government is declaring a blustery war on encryption, and it might not need too much war: some companies can be persuaded (or would be eager) to cooperate with the government in handing over all kinds of information. However, the bluster part may leave even the fiercest surveillance mostly show: as Ars writer Glyn Moody asks, what about circumstances "where companies can't hand over keys, or where there is no company involved, as with GnuPG, the open source implementation of the OpenPGP encryption system?" Or Tor?

Last Thursday you had a chance to ask Linus Torvalds about programming, hardware, and all things Linux. You can read his answers to those questions below. If you'd like to see what he had to say the last time we sat down with him, you can do so here.

An anonymous reader writes: The struggles facing for-profit colleges continue. The University of Phoenix announced poor quarterly earnings yesterday, and the institution has laid off 900 workers since September. Enrollment is down 14% since last year, and the CEO of its parent company, Apollo Education Group, says enrollment is likely to drop from 206,000 to about 150,000 next year. Apollo's stock has lost more than half its value since the beginning of the year. "Tighter regulations on for-profits and the Obama administration's push to make community college free top the list of headwinds. And non-profit universities have entered the online education space, where for-profit schools once held center stage."

bmearns writes: Amazon has announced a new library called "s2n," an open source implementation of SSL/TLS, the cryptographic security protocols behind HTTPS, SSH, SFTP, secure SMTP, and many others. Weighing in at about 6k lines of code, it's just a little more than 1% the size of OpenSSL, which is really good news in terms of security auditing and testing. OpenSSL isn't going away, and Amazon has made clear that they will continue to support it. Notably, s2n does not provide all the additional cryptographic functions that OpenSSL provides in libcrypto, it only provides the SSL/TLS functions. Further more, it implements a relatively small subset of SSL/TLS features compared to OpenSSL.