| NetBSD 7.0: Linux Posted by: comforteagle
From the Other White Meat dept.:
The NetBSD Project is pleased to announce NetBSD 7.0, the fifteenth major release of the NetBSD operating system.
This release brings stability improvements, hundreds of bug fixes, and many new features. Some highlights of the NetBSD 7.0 release are:
| Node.js v4.0.0 Released: Open Source Posted by: comforteagle
From the Update dept.:
The first merge of the popular Node.js and io.js repositories has been released! From the announcement: "The collaborators of the Node.js project and the members of the Node.js Foundation are proud to offer v4.0.0 for general release. This release represents countless hours of hard work encapsulated in both the Node.js project and the io.js project that are now combined in a single codebase. The Node.js project is now operated by a team of 44 collaborators, 15 of which form its Technical Steering Committee (TSC). Further, over 100 new individuals have been added to the list of people contributing code to core since v0.12.7.
| Severe Deserialization Vulnerabilities Found In Android, 3rd Party Android SDKs: Android Posted by: comforteagle
From the Ekkkkk! dept.:
Closely behind the discoveries of the Stagefright flaw, the hole in Android's mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that of an Android serialization vulnerability that affects Android versions 4.3 to 5.1 (i.e. over 55 percent of all Android phones). The bug (CVE-2015-3825), discovered by IBM's X-Force Application Security Research Team in the OpenSSLX509Certificate class in the Android platform, can be used to turn malicious apps with no privileges into "super" apps that will allow cyber attackers to thoroughly "own" the victim's device.
| Vulkan Added to Android: Android Posted by: comforteagle
From the 3D dept.:
Developers of games and 3D graphics applications have one key challenge to meet: How complex a scene can they draw in a small fraction of a second? Much of the work in graphics development goes into organizing data so it can be efficiently consumed by the GPU for rendering. But even the most careful developers can hit unforeseen bottlenecks, in part because the drivers for some graphics processors may reorganize all of that data before it can actually be processed. The APIs used to control these drivers are also not designed for multi-threaded use, requiring synchronization with locks around calls that could be more efficiently done in parallel. All of this results in CPU overhead, which consumes time and power that you’d probably prefer to spend drawing your scene.
| Google Announced Major ReOrg; New CEO: Google Posted by: comforteagle
From the Shake dept.:
Our company is operating well today, but we think we can make it cleaner and more accountable. So we are creating a new company, called Alphabet (http://abc.xyz). I am really excited to be running Alphabet as CEO with help from my capable partner, Sergey, as President.
What is Alphabet? Alphabet is mostly a collection of companies. The largest of which, of course, is Google. This newer Google is a bit slimmed down, with the companies that are pretty far afield of our main Internet products contained in Alphabet instead. What do we mean by far afield? Good examples are our health efforts: Life Sciences (that works on the glucose-sensing contact lens), and Calico (focused on longevity). Fundamentally, we believe this allows us more management scale, as we can run things independently that aren’t very related. Alphabet is about businesses prospering through strong leaders and independence. In general, our model is to have a strong CEO who runs each business, with Sergey and me in service to them as needed. We will rigorously handle capital allocation and work to make sure each business is executing well. We'll also make sure we have a great CEO for each business, and we’ll determine their compensation. In addition, with this new structure we plan to implement segment reporting for our Q4 results, where Google financials will be provided separately than those for the rest of Alphabet businesses as a whole.
| CentOS 6.7 Released: Linux Posted by: comforteagle
From the Not "Enterprise" dept.:
*sssd has a number of new capabilities
*Support for udev rules to restrict removable media to be mounted read-only for security
*LVM caching is now fully supported
*New package clufter can be used for analyzing and transforming cluster configuration formats
*SSLv3 and older insecure protocols are disabled by default, and various packages now have more configuration options to select the desired protocols
*vim has been rebased to version 7.4, with improvements to undo and regular expressions
*libreoffice has been upgraded to 126.96.36.199
*The KVM hypervisor can now handle up to 240 virtual CPUs per virtual machine
*IPv6 IP sets are now allowed in firewall rules
*squid has been rebased to version 3.1.23 and now supports HTTP/1.1 POST and PUT responses with no message body
*mdadm has been rebased to version 3.3.2, improving support for RAID level migrations and automatic array rebuilding the package yum-plugin-downloadonly is now superseded by the main yum package, as the feature has been integrated
| NSA Open Sources InfoSec Tool: Security Posted by: comforteagle
From the Challenge Accepted? dept.:
The US National Security Agency has offered up one of its cyber security tools for government departments and the private sector to use freely to help beef up their security and counter threats.
The systems integrity management platform - SIMP - was released to the code repository GitHub over the weekend.
SIMP helps to keep networked systems compliant with security standards, the NSA said, and should form part of a layered, "defence-in-depth" approach to information security.
| Firefox 39: Mozilla Posted by: comforteagle
From the Chat dept.:
Firefox 39 has been released for both desktop and mobile systems. The new features include a social sharing tool for the Firefox Hello video chat subsystem. It is designed to make it easier to share Firefox Hello chat invitations over third-party social networks. In addition, Firefox's existing phishing-and-malware detection tool has been extended to cover downloads, support has been added for Unicode 8.0's multi-ethnic emoji characters, and there is improved support for the Accessible Rich Internet Applications (ARIA) standard.
| Open Container Project Launched: Open Source Posted by: comforteagle
From the Bucket dept.:
A broad coalition of industry leaders and users are joining forces to create the Open Container Project (OCP), chartered to establish common standards for software containers.
Housed under the Linux Foundation, the OCP’s mission is to enable users and companies to continue to innovate and develop container-based solutions, with confidence that their pre-existing development efforts will be protected and without industry fragmentation. As part of this initiative, Docker will donate the code for its software container format and its runtime, as well as the associated specifications. The leadership of the Application Container spec (“appc”) initiative, including founding member CoreOS, will also be bringing their technical leadership and support to OCP.
| Google Eavesdropping Through Chromium / Chrome?: Security Posted by: comforteagle
From the WAT!?! dept.:
Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to "we can do that".
|Tuesday, May 26|
|·||Fedora 22 (0)|
|·||Mozilla Revamping Firefox Smartphone for Quality (0)|
|Thursday, May 14|
|·|| Wireless Charging Tech Adopted By Ford, Chrysler, and Toyota Goes Open Source (0)|
|Friday, May 08|
|·||Self-destructing virus kills off PCs (0)|
|Thursday, April 30|
|·||Debian 8 "Jessie" Released (0)|
|Monday, April 13|
|·||Linux 4.0 Kernel Released (0)|
|Thursday, April 09|
|·||Google Lets SMTP Certificate Expire (0)|
|·||Open Crypto Audit Passes TrueCrypt (0)|
|Wednesday, March 11|
|·||CIA 'tried to crack security of Apple devices' (0)|
|Monday, March 02|
|·||Xen Security Bug: Amazon, Rackspace Cloud Reboots (0)|
| ||Older Articles|