| Linux 4.0 Kernel Released: Linux Posted by: comforteagle
From the 4.0 dept.:
Linus: "So I decided to release 4.0 as per the normal schedule, because there
really weren't any known issues, and while I'll be traveling during
the end of the upcoming week due to a college visit, I'm hoping that
won't affect the merge window very much. We'll see.
Linux 4.0 was a pretty small release both in linux-next and in final
size, although obviously "small" is all relative. It's still over 10k
non-merge commits. But we've definitely had bigger releases (and
judging by linux-next v4.1 is going to be one of the bigger ones)."
| Google Lets SMTP Certificate Expire Posted by: comforteagle
From the Oopsie dept.:
Google on Saturday let a digital certificate expire that was used to secure its smtp.google.com domain, the domain used by Gmail and Google Apps users to send outgoing email.
The certificate was issued by Google Internet Certificate Authority G2, which issues digital certificates for Google web sites and properties.
| Open Crypto Audit Passes TrueCrypt: Security Posted by: comforteagle
From the Grading dept.:
At his blog, cryptographer Matt Green announced that the Open Crypto Audit project's review of the now-abandoned TrueCrypt encryption tool is complete, and that "based on this audit, Truecrypt appears to be a relatively well-designed piece of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances."
Published Apr 09, 2015 - 01:09 PM
| CIA 'tried to crack security of Apple devices': Security Posted by: comforteagle
From the Inconceivable! dept.:
The CIA led sophisticated intelligence agency efforts to undermine the encryption used in Apple phones, as well as insert secret surveillance back doors into apps, top-secret documents published by the Intercept online news site have revealed.
The newly disclosed documents from the National Security Agency’s internal systems show surveillance methods were presented at its secret annual conference, known as the "jamboree".
| Xen Security Bug: Amazon, Rackspace Cloud Reboots: Security Posted by: comforteagle
From the Bugs dept.:
Amazon Web Services and Rackspace are warning their customers of upcoming reboots they’re taking to address a new Xen hypervisor security issue.
In a premium support bulletin issued Thursday night, Amazon said fewer than 10 percent of all EC2 instances will require work but the affected instances must be updated by March 10. Rackspace also notified customers of the issue, which will affect a subset of a portion of its First and Next Generation Cloud Servers, Thursday night. Later on Friday, Linode also warned users of an upcoming Xen-related reboot.
| FCC Approves Net Neutrality Rules Posted by: comforteagle
From the Not Buffering.... dept.:
It's a good day for proponents of an open internet: The Federal Communications Commission just approved its long-awaited network neutrality plan, which reclassifies broadband internet as a Title II public utility and gives the agency more regulatory power in the process. And unlike the FCC's last stab at net neutrality in 2010, today's new rules also apply to mobile broadband. FCC Chairman Tom Wheeler laid out the basic gist of the plan earlier this month -- it'll ban things like paid prioritization, a tactic some ISPs used to get additional fees from bandwidth-heavy companies like Netflix, as well as the slowdown of "lawful content." But now Wheeler's vision is more than just rhetoric; it's something the FCC can actively enforce.
| Kaspersky: Your HDDs were RIDDLED with NSA SPYWARE for YEARS: Security Posted by: comforteagle
From the Backdoor dept.:
The US National Security Agency (NSA) has infected hard disk firmware with spyware in a campaign valued as highly as Stuxnet that dates back at least 14 years and possibly up to two decades, according to an analysis by Kaspersky Labs.
| Live Patching Now Available For Linux: Linux Posted by: comforteagle
From the You First dept.:
You may never have to reboot your Linux machine ever again, even for kernel patching," and excerpts from the long (and nicely human-readable) description of newly merged kernel code that does what Ksplice has for quite a while (namely, offer live updating for Linux systems, no downtime required), but without Oracle's control. It provides a basic infrastructure for function "live patching" (i.e. code redirection), including API for kernel modules containing the actual patches, and API/ABI for userspace to be able to operate on the patches (look up what patches are applied, enable/disable them, etc). It's relatively simple and minimalistic, as it's making use of existing kernel infrastructure (namely ftrace) as much as possible. It's also self-contained, in a sense that it doesn't hook itself in any other kernel subsystem (it doesn't even touch any other code). It's now implemented for x86 only as a reference architecture, but support for powerpc, s390 and arm is already in the works (adding arch-specific support basically boils down to teaching ftrace about regs-saving).
| Over 720,000 Android Wear devices shipped in 2014 - Apple set to drive major growth in wearables in 2015: Hardware Posted by: comforteagle
From the Arm Wrestling dept.:
Over 720,000 Android Wear devices shipped in 2014 out of a total of 4.6 million smart wearable bands. Though the Moto 360 remained supply constrained through Q4, Motorola was the clear leader among Android Wear vendors. LG’s round G Watch R performed significantly better than its original G Watch, while Asus and Sony entered the market with their own Android Wear devices. Pebble meanwhile shipped a total of 1 million units from its 2013 launch through to the end of 2014. Continual software updates, more apps in its app store and price cuts in the fall helped maintain strong sales in the second half of the year. ‘Samsung has launched six devices in just 14 months, on different platforms and still leads the smart band market. But it has struggled to keep consumers engaged and must work hard to attract developers while it focuses on Tizen for its wearables.’ said Canalys VP and Principal Analyst Chris Jones.
| New Multi-Core Raspberry Pi 2 Launches: Hardware Posted by: comforteagle
From the Hemi dept.:
Coming in at the same $35 price-point that has come to be expected from the Raspberry Pi, it looks like the new Model 2 will be packing a quad-core ARM processor with a GB of RAM. From the article: "The Raspberry Pi Foundation is likely to provoke a global geekgasm today with the surprise release of the Raspberry Pi 2 Model B: a turbocharged version of the B+ boasting a new Broadcom BCM2836 900MHz quad-core system-on-chip with 1GB of RAM – all of which will drive performance "at least 6x" that of the B+.