Forgot your password?
typodupeerror

Slashdot is powered by your submissions, so send in your scoop

Encryption

Security Company Tries To Hide Flaws By Threatening Infringement Suit 122

Posted by Soulskill
from the because-that-always-ends-well dept.
An anonymous reader writes: An RFID-based access control system called IClass is used across the globe to provide physical access controls. This system relies on cryptography to secure communications between a tag and a reader. Since 2010, several academic papers have been released which expose the cryptographic insecurity of the IClass system. Based on these papers, Martin Holst Swende implemented the IClass ciphers in a software library, which he released under the GNU General Public License.

The library is useful to experiment with and determine the security level of an access control system (that you own or have explicit consent to study). However, last Friday, Swende received an email from INSIDE Secure, which notified him of (potential) intellectual property infringement, warning him off distributing the library under threat of "infringement action." Interestingly, it seems this is not the first time HID Global has exerted legal pressure to suppress information.
Software

GNU Emacs 24.4 Released Today 154

Posted by timothy
from the please-have-more-than-8-megs-of-RAM dept.
New submitter Shade writes Well over one and a half years in the works, the latest and greatest release of GNU Emacs was made officially available today. Highlights of this release include a built-in web browser, improved multi-monitor and fullscreen support, "electric" indentation enabled by default, support for saving and restoring the state of frames and windows, pixel-based resizing for frames and windows, support for digitally signed ELisp packages, support for menus in text terminals, and much more. Read the official announcement and the full list of changes for more information.
Software

Apple Releases CUPS 2.0 178

Posted by Soulskill
from the onward-and-upward dept.
kthreadd writes: 15 years after the release of CUPS 1.0, Apple has now released version 2.0 of the printing system for GNU/Linux and other Unix-style operating systems. One of the major new features in 2.0 is that the test program for ippserver now passes the IPP Everywhere self-certification tests. Also, they've made an interesting blog post looking at the past and future of printing. Since the first major release in 1999, printing has become much more personal. Printer drivers are going away, and mobile usage is now the norm."
Programming

Fighting the Culture of 'Worse Is Better' 240

Posted by Soulskill
from the fighting-for-reasoned-debate dept.
An anonymous reader writes: Developer Paul Chiusano thinks much of programming culture has been infected by a "worse is better" mindset, where trade-offs to preserve compatibility and interoperability cripple the functionality of vital languages and architectures. He says, "[W]e do not merely calculate in earnest to what extent tradeoffs are necessary or desirable, keeping in mind our goals and values -- there is a culture around making such compromises that actively discourages people from even considering more radical, principled approaches." Chiusano takes C++ as an example, explaining how Stroustrup's insistence that it retain full compatibility with C has led to decades of problems and hacks.

He says this isn't necessarily the wrong approach, but the culture of software development prevents us from having a reasoned discussion about it. "Developing software is a form of investment management. When a company or an individual develops a new feature, inserts a hack, hires too quickly without sufficient onboarding or training, or works on better infrastructure for software development (including new languages, tools, and the like), these are investments or the taking on of debt. ... The outcome of everyone solving their own narrow short-term problems and never really revisiting the solutions is the sea of accidental complexity we now operate in, and which we all recognize is a problem."
Open Source

Lennart Poettering: Open Source Community "Quite a Sick Place To Be In" 993

Posted by samzenpus
from the let-the-flamewar-begin dept.
An anonymous reader writes "Free software programmer Lennart Poettering has been part of his fair share of controversy in the open source community, and his latest essay may raise the most eyebrows yet. Poettering takes on the idea that the community is one big happy family and has some harsh words for the loudest and most obnoxious members. He says in part: "I don't usually talk about this too much, and hence I figure that people are really not aware of this, but yes, the Open Source community is full of a#@&oles, and I probably more than most others am one of their most favourite targets. I get hate mail for hacking on Open Source. People have started multiple 'petitions' on petition web sites, asking me to stop working (google for it). Recently, people started collecting Bitcoins to hire a hitman for me (this really happened!). Just the other day, some idiot posted a 'song' on youtube, a creepy work, filled with expletives about me and suggestions of violence. People post websites about boycotting my projects, containing pretty personal attacks. On IRC, people /msg me sometimes, with nasty messages, and references to artwork in 4chan style. And there's more. A lot more."
Bug

Apple Yet To Push Patch For "Shellshock" Bug 208

Posted by timothy
from the everyone-has-their-reasons dept.
An anonymous reader writes "Open source operating systems vulnerable to the Shellshock bug have already pushed two patches to fix the vulnerability, but Apple has yet to issue one for Mac OS X. Ars Technica speculates that licensing issues may be giving Apple pause: "[T]he current [bash] version is released under the GNU Public License version 3 (GPLv3). Apple has avoided bundling GPLv3-licensed software because of its stricter license terms....Apple executives may feel they have to have their own developers make modifications to the bash code."" It's also worth noting that there are still flaws with the patches issued so far. Meanwhile, Fedora Magazine has published an easy-to-follow description of how Shellshock actually works. The Free Software Foundation has also issued a statement about Shellshock.
KDE

OpenMandriva Lx 2014.1 Released 30

Posted by timothy
from the tradition-of-heritage dept.
jrepin writes OpenMandriva is proud to announce the release of OpenMandriva Lx 2014.1 distribution of the GNU/Linux operating system. Most of developers efforts were focused on reducing system boot up time and memory usage. This version brings Linux kernel 3.15.10 (with special patches for desktop system performance, responsiveness, and realtime capabilities), KDE Software Compilation 4.13.3, Xorg 1.15.1, Mesa 10.2.6, LibreOffice 4.3.1, Firefox 32, GNU bash with latest security fixes, and many other updated software packages.
GNU is Not Unix

Stallman Does Slides -- and Brevity -- For TEDx 326

Posted by timothy
from the time-and-place-restrictions dept.
New submitter ciaran2014 writes Richard Stallman's long-format talks are well-known — there are videos going back to 2001 and transcripts dating back to 1986 — but he recently condensed his free software talk down to 14 minutes and set it to hand-drawn slides for TEDxGeneva (video link). He introduces with the four freedoms, as always, and then moves on to spyware, surveillance, non-free drivers, free software in schools, non-free javascript, Service as a Software Substitute and how free software is today necessary for a strong democracy. As usual, the talk is suitable for non-technical audiences.
GNU is Not Unix

MediaGoblin 0.7.0 "Time Traveler's Delight" Released 73

Posted by timothy
from the like-rupert-murdoch dept.
paroneayea (642895) writes "The GNU MediaGoblin folks have put out another release of their free software media hosting platform, dubbed 0.7.0: Time Traveler's Delight. The new release moves closer to federation by including a new upload API based on the Pump API, a new theme labeled "Sandy 70s Speedboat", metadata features, bulk upload, a more responsive design, and many other fixes and improvements. This is the first release since the recent crowdfunding campaign run with the FSF which was used to bring on a full time developer to focus on federation, among other things."
Government

Munich Reverses Course, May Ditch Linux For Microsoft 579

Posted by Unknown Lamer
from the campaign-funding-brought-to-you-by-windows dept.
alphadogg (971356) writes with news that the transition from Windows to GNU/Linux in Munich may be in danger The German city of Munich, long one of the open-source community's poster children for the institutional adoption of Linux, is close to performing a major about-face and returning to Microsoft products. Munich's deputy mayor, Josef Schmid, told the Süddeutsche Zeitung that user complaints had prompted a reconsideration (Google translation to English) of the city's end-user software, which has been progressively converted from Microsoft to a custom Linux distribution — "LiMux" — in a process that dates back to 2003.
Education

Reglue: Opening Up the World To Deserving Kids With Linux Computers 91

Posted by Soulskill
from the never-too-early-for-your-first-tux dept.
jrepin writes: Today, a child without access to a computer (and the Internet) at home is at a disadvantage before he or she ever sets foot in a classroom. The unfortunate reality is that in an age where computer skills are no longer optional, far too many families don't possess the resources to have a computer at home. Linux Journal recently had the opportunity to talk with Ken Starks about his organization, Reglue (Recycled Electronics and Gnu/Linux Used for Education) and its efforts to bridge this digital divide.
The Media

Print Isn't Dead: How Linux Voice Crowdfunded a New Magazine 56

Posted by Unknown Lamer
from the something-about-paper dept.
M-Saunders (706738) writes The death of print has been predicted for years, and many magazines and publishers have taken a big hit with the rise of eBooks and tablets. But not everyone has given up. Four geeks quit their job at an old Linux magazine to start Linux Voice, an independent GNU/Linux print and digital mag with a different publishing model: giving profits and content back to the community. Six months after a successful crowdfunding campaign, the magazine is going well, so here is the full story.
Networking

OpenWRT 14.07 RC1 Supports Native IPv6, Procd Init System 71

Posted by Unknown Lamer
from the bofh-excuse-#3847-replacing-router-os dept.
An anonymous reader writes Release Candidate One of OpenWRT 14.07 "Barrier Breaker" is released. Big for this tiny embedded Linux distribution for routers in 14.07 is native IPv6 support and the procd init system integration. The native IPv6 support is with the RA and DHCPv6+PD client and server support plus other changes. Procd is OpenWRT's new preinit, init, hotplug, and event system. Perhaps not too exciting is support for upgrading on devices with NAND, and file system snapshot/restore so you can experiment without fear of leaving your network broken. There's also experimental support for the musl standard C library.
Education

Prof. Andy Tanenbaum Retires From Vrije University 136

Posted by timothy
from the congratulations-and-good-wishes dept.
When Linus Torvalds first announced his new operating system project ("just a hobby, won't be big and professional like gnu"), he aimed the announcement at users of Minix for a good reason: Minix (you can download the latest from the Minix home page) was the kind of OS that tinkerers could afford to look at, and it was intended as an educational tool. Minix's creator, Professor Andrew Stuart "Andy" Tanenbaum, described his academic-oriented microkernel OS as a hobby, too, in the now-famous online discussion with Linus and others. New submitter Thijssss (655388) writes with word that Tanenbaum, whose educational endeavors led indirectly to the birth of Linux, is finally retiring. "He has been at the Vrije Universiteit for 43 years, but everything must eventually end."
Books

Book Review: Data-Driven Security: Analysis, Visualization and Dashboards 26

Posted by samzenpus
from the read-all-about-it dept.
benrothke writes There is a not so fine line between data dashboards and other information displays that provide pretty but otherwise useless and unactionable information; and those that provide effective answers to key questions. Data-Driven Security: Analysis, Visualization and Dashboards is all about the later. In this extremely valuable book, authors Jay Jacobs and Bob Rudis show you how to find security patterns in your data logs and extract enough information from it to create effective information security countermeasures. By using data correctly and truly understanding what that data means, the authors show how you can achieve much greater levels of security. Keep reading for the rest of Ben's review.
Debian

Ask Slashdot: Practical Alternatives To Systemd? 533

Posted by timothy
from the going-forward dept.
First time accepted submitter systemDead (3645325) writes "I looked mostly with disinterest at Debian's decision last February to switch to systemd as the default init system for their future operating system releases. The Debian GNU/Linux distribution is, after all, famous for allowing users greater freedom to choose what system components they want to install. This appeared to be the case with the init system, given the presence of packages such as sysvinit-core, upstart, and even openrc as alternatives to systemd.

Unfortunately, while still theoretically possible, installing an alternative init system means doing without a number of useful, even essential system programs. By design, systemd appears to be a full-blown everything-including-the-kitchen-sink solution to the relatively simple problem of starting up a Unix-like system. Systemd, for example, is a hard-coded dependency for installing Network Manager, probably the most user-friendly way for a desktop Linux system to connect to a wireless or wired network. Just this week, I woke up to find out that systemd had become a dependency for running PolicyKit, the suite of programs responsible for user privileges and permissions in a typical Linux desktop.

I was able to replace Network Manager with connman, a lightweight program originally developed for mobile devices. But with systemd infecting even the PolicyKit framework, I find myself faced with a dilemma. Should I just let systemd take over my entire system, or should I retreat to my old terminal-based computing in the hope that the horde of the systemDead don't take over the Linux kernel itself?

What are your plans for working with or working around systemd? Are there any mainstream GNU/Linux distros that haven't adopted and have no plans of migrating to systemd? Or is migrating to one of the bigger BSD systems the better and more future-proof solution?"
Software

After a Long wait, GNU Screen Gets Refreshed 77

Posted by timothy
from the s-in-gnu's-not-unix-stands-for dept.
New submitter jostber (304257) writes "It's been a long wait, but now GNU Screen, the most useful CLI windows manager around, is available. Version 4.2.1 was released a couple of days ago and the maintainer's release news is here." There are fewer commits than you might expect for software that's had six years since its last major update, but that could be because the developers have had 23 years to knock out the major bugs.
GNU is Not Unix

GNU Mailman 3 Enters Beta 57

Posted by Unknown Lamer
from the duke-nukem-forever dept.
GNU Mailman, likely the most popular mailing list manager in use today, has finally announced the release of a beta for version 3. GNU Mailman 3.0 is a major rewrite, features include a central server with a REST API replacing the dozen or two programs that manipulated Mailman data directly, a shiny new web fron end (Postorius), and a new archiver (HyperKitty). Fedora is already using the new archiver and interface, which is quite a bit more modern looking than Mailman 2.x's interface (wayback machine link for posterity). Individual message thread views are greatly improved, and you can even reply from the web by logging in with your list credentials. If you'd like to try it out, see the announcement message.

HELP!!!! I'm being held prisoner in /usr/games/lib!

Working...