Slashdot (Last Update: 2020-09-04 03:30:00GMT) |
|
Phoronix (Last Update: 2017-12-25 14:39:38GMT) |
Fedora Rawhide Flips On New SATA Power Management Policy
- If you are running Fedora Rawhide (their daily/development packages) and using an Intel mobile chipset, be forewarned that they are enabling the SATA link power change that runs the slight risk of potentially causing disk corruption...
AMDGPU DC Patches To Test This Christmas
- For those with extra time this holiday week, AMD recently published their latest patch queue of DC "display code" updates...
VLC 3.0-RC3 Released With Hardware Decoding That Works On All Platforms
- VLC lead developer Jean-Baptiste Kempf has released the big VLC 3.0-RC3 update for Christmas...
NVIDIA May Be Trying To Prevent GeForce GPUs From Being Used In Data Centers
- Making the rounds on the Internet this holiday weekend is an updated NVIDIA GeForce software license agreement prohibiting the use of their drivers in data-center deployments for consumer GPUs...
Marek Boosts Glxgears Performance By 20% For Christmas
- Well known open-source AMD driver developer Marek Olšák has taken to some Christmas day hacking on Mesa with a significant performance improvement for AMD APU owners and those who care about glxgears...
Debian Salsa Is Served Out On A Beta Dish
- Rolling out as beta this Christmas is Debian Salsa...
Freedreno Lands Context Priority Support
- Rob Clark of the Freedreno project has landed his context priority patches in Mesa that originate from this past October...
AMD Queues More AMDKFD HSA Kernel Driver Changes For Linux 4.16
- More AMDKFD changes are being queued for the upcoming Linux 4.16 kernel merge window with this being the kernel HSA driver for ROCm support, etc...
|
Undeadly.org (Last Update: 2020-08-31 19:28:11GMT) |
6.8-beta tagged in CVS
-
Theo (deraadt@ ) has just committed the crank to 6.8-beta to CVS
From: Theo de Raadt
Date: Mon, 31 Aug 2020 10:08:28 -0600 (MDT)
To: source-changes@openbsd.org
Subject: CVS: cvs.openbsd.org: src
CVSROOT: /cvs
Module name: src
Changes by: deraadt@cvs.openbsd.org 2020/08/31 10:08:28
Modified files:
sys/conf : newvers.sh
sys/sys : param.h
usr.bin/signify: signify.1
etc/root : root.mail
share/mk : sys.mk
sys/arch/macppc/stand/tbxidata: bsd.tbxi
Log message:
crank to 6.8-beta
You know what this means: time to test snapshots and report any issues you find, both in the base systems as in the supplied packages, so that the upcoming 6.8 release will not surprise you in unfortunate ways!
Frederic Cambus on text console improvements
-
Frederic Cambus (
fcambus@ ) has published an article on his blog about the work that has been done to improve the text-console experience on OpenBSD. Well worth a read if, as a proper UNIX-sysadmin, you enjoy working in a text-only environment; but also if you spend most of your time in X!
LibreSSL documentation status update
-
More than six years ago,
LibreSSL was forked from
OpenSSL, and almost two years ago,
i explained the status of LibreSSL documentation during
EuroBSDCon
2018 in Bucuresti.
So it seems providing an update might be in order.
Read more…
LLVM 10.0.0 imported into -current
Timecounters available to userland in -current
First powerpc64 snapshots available
-
Since we reported the first bits of powerpc64 support going into the tree on 16 May, work has progressed at a steady pace, resulting in snapshots now being available for this platform.
So, if you have a POWER9 system idling around, go to your nearest
mirror
and fetch this snapshot. Keep in mind that as this is still very early days, very little handholding is available - you are basically on your own.
Read more…
WireGuard imported into OpenBSD
Graphical view of the x86 OpenBSD boot process
|
Groklaw (Last Update: 2013-08-20 02:40:21GMT) |
Forced Exposure ~pj
Apple v. Samsung I: Case Management Statement, Hearing Aug. 21 ~pj
- There will be a hearing in Apple v. Samsung I in Judge Lucy Koh's courtroom, Courtroom 8 on the 4th floor, on August 21 at 2:00 PM, so if any of you stalwarts can attend, that would be fabulous. You don't even have to wake up early.
What's it about? Didn't they just have a case management hearing in April? Why yes. Yes, they did, but there have been "progress and changes" since, according to the parties' Joint Case Management Statement [PDF], which fills us in on the details. Both parties would like some changes since the last case management hearing. Here's the last joint case management statement, back in April. And the judge's order on April 30 was to go forward immediately with the damages trial, unless certain things happened in the USPTO reexaminations of Apple's patents at issue. Some of those things have almost happened, and there are other quirks, so some changes are being requested. The real core issue is
Samsung's '381 motion, asking for a new trial on Apple's '381 patent based on newly discovered evidence or for entry of judgment on liability. Apple Opposes with a capital O. It now wants another chance to file a sur-reply [PDF], which Samsung
opposes [PDF], claiming that "Apple identifies no 'new' arguments Samsung raised in its reply that were not
responsive to arguments in Apple's opposition." The parties have been told that this motion wasn't on the calendar yet, but that they should be prepared to argue it on August 21. There is also the fact that the USPTO has found all relevant claims in the '915 patent invalid in a final office action. There can be more to come on that, but how does it impact the damages trial is the question?
And that is why we really should be there to hear it, if any of you can arrange your affairs to get there and be our eyes and ears. Samsung is telling the court that "Apple is attempting to 'sandbag'
Samsung and obtain an unfair tactical advantage" by various proposals on how to go forward and by refusing to seriously meet and confer with Samsung. For example, Apple wants the judge to restrict the parties to the same exhibits used at the first trial. But that's not really fair in Samsung's eyes, because since that first trial, Apple has said things to the USPTO that conflict with what they said about the '381 and '915 patents at that trial: Samsung does not believe the Court should limit the parties to the same exhibits disclosed prior to the first trial. For example, Apple has made numerous admissions to the USPTO subsequent to the first trial that directly contradict its arguments concerning the scope of the '381 and '915 patents. Apple should not be permitted to tell the
Patent Office one thing and the new jury another. Samsung should be able to put this new evidence before the jury. Doing so would raise no issues concerning inconsistent appellate records because liability issues are not being retried and this damages trial will have its own separate record. Rather, the trial should be held based on an evidentiary record as it exists at the time of the new trial. If you can go, email me please and I'll tell you more.
Judge Robart Rules in MS v. Motorola: Seeking an Injunction on a FRAND Patent Can Be Perfectly Proper ~pj
First 104 pages of Aaron Swartz Secret Service File Released - Who is the female on page 97? ~pj
- Kevin Poulsen at Wired reports that the first 104 pages of Aaron Swartz's Secret Service files are available now, with a lot more to come, as a result of court ordered release. There are apparently 14,500 more pages to come.
Look at page 97. It's redacted so the identity of the woman is kept confidential, but it appears from the notation that a woman was in contact with authorities and informing them of conversations between her and Swartz.
The notation on that page reads: [Redacted] said that she also spoke with Swartz after the search of his residence. [Redacted] said that Swartz told her that agents came into his house and took part of his book. [Redacted] said that Swartx also said that agents came into the Safra Center and took his controller for Rock Band. [Redacted] said that Swartz told her that the agents were frustrated and that they did not find what they were looking for. [Redacted] said that Swartz told her that the agents took his phones....[Redacted] said that Swartz started a Google Group called Guerilla Open Access. So after the raid, Swartz spoke with a female friend, or someone he wrongly imagined was a friend, who then told the raiders what his reaction to the raid had been and told them about Guerilla Open Access. So. Who fits that description? What isn't clear is whether it was an informer in a traditional sense or someone contacted by them, as opposed to the other way around, just a person being interviewed in connection with the case.
Reports from the Apple v. Samsung Appeal Hearing ~pj
- Today was the day Apple's appeal of Judge Lucy Koh's
refusal to
issue an injunction against Samsung was scheduled at the US Court of Appeals for the Federal Circuit in Washington, DC. And Groklaw had two volunteers there. The first report is in, and we expect Webster to
send in his report next. Groklaw's RFD has the framework of how it went, but he confesses he couldn't predict the outcome.
Motorola Presses Its Case v. Microsoft's FRAND Attack in Seattle and in Germany ~pj
- Things are getting interesting in Seattle in the FRAND case between Microsoft and Motorola. At the hearing the other day, our reporters mentioned that the judge had asked for cases to support Motorola's position that the time frame to consider Motorola's good faith in making its initial offer was back when it happened:
Judge asks when duty of good faith bargaining begins and ends. Motorola says it is ongoing. But each breach complaint is pinned to a specific date -- not tied to the progress of the litigations. Mentions FTC order re Google acquisition of Motorola. FTC did not say that *prior* injunctive relief requests had to be dropped. And our second report added this:The German action was filed July 2011, MS didn't say they would accept a RAND offer until Sept 2011, and as such breach can't be a moving target. MS is stuck with the facts at the time of the complaint. Robart seemed skeptical of this, "Do you have authority for that?" answer about getting back with more briefing "I think you're wrong, but I'll be happy to read your brief."
Sullivan says they have an ongoing duty, but a new breach action would be required, and the litigation in this case can't be included in this current breach action. So this is about the German action, which Microsoft claims caused it financial damages it would like to recoup, and I'll tell you more about that, because Microsoft is very upset about it all. Motorola has followed up [PDF] with two cases, and Microsoft has provided an excerpt [PDF] from the Daubert hearing that we didn't attend the day before, so that's nice to have. On Microsoft's side, it naturally immediately
filed the USTR's letter [PDF] blocking the injunction against Apple by Samsung, although its cover letter is misleading as to what the USTR said. You knew they would do that. And they are
in quite a tizzy [PDF] over the fact that Motorola continues to proceed in the German case, where it already got an injunction against Microsoft, which this Seattle judge purports to have the authority to block. However, Microsoft had already made a financial offer of royalties to Motorola in that case, and Motorola, to Microsoft's horror, accepted them. The rate is higher than what this Seattle judge set, so Microsoft has smoke coming out of its ears about how unfair it is that Motorola accepted its original offer. So Microsoft is
asking [PDF] the court to "to renew and expand its anti-suit injunction to curtail Motorola's ongoing efforts in Germany to undercut the jurisdiction of this Court and to attempt to procure inconsistent rulings." As for the judge, he's maybe starting to realize that some of his assumptions about FRAND requirements conflict with what the experts are now telling him. He expresses a measure of confusion about it in
an order [PDF] on what the experts for both sides can tell the jury. Here's what he won't allow Motorola's experts to tell them: that being willing to negotiate is sufficient to meet a FRAND obligation. That contradicts what this judge has already ruled in this crazy case, so he doesn't like that, I suppose. The "reason" they can't say that to the jury is, he says, because he gets to decide what is or isn't a fulfillment of a RAND obligation, in that he's Da Law on Microsoft's obligations under Washington state law which he believes the world must go along with, Germany included. Experts can't opine on legal conclusions. However, Motorola has now informed him via this route that he's been getting some things seriously wrong on what FRAND obligations are and what good faith requires. Perhaps it will influence him. He says that the Motorola experts can input how the jury instructions read. I wouldn't put much faith in that if I were Motorola, and I gather they don't. This German prong is getting interesting, I must say.
Apple, Motorola, ITC - Federal Circuit Remands - The Beat Goes On ~pj
- The Federal Circuit has just ruled in Apple's appeal of a final ruling of the ITC, which had ruled in Motorola's favor, overturning the ITC in part and remanding the case:
Apple appeals from the final decision of the International Trade Commission (ITC) that the asserted claims of U.S. Patent No. 7,663,607 ('607 patent) are invalid and that Motorola does not infringe the asserted claims of U.S. Patent No. 7,812,828 ('828 patent). Apple challenges the ITC's claim construction and its determinations of obviousness, anticipation, and noninfringement. For the following reasons, we affirm-in-part, reverse-in-part, and vacate-in-part the ITC's decision and remand for further proceedings. So the ugly dance continues. Apple started the show in this particular tent of the overall smartphone patent wars circus, suing Motorola at the ITC for infringement of various claims of Apple's '607 and '828 patents, which are about touchscreens and multi-touch. The ITC found that Motorola didn't do what the claims cover, and Apple appealed. As you know, the Federal Circuit never saw a patent it didn't love, or at least rarely do they, and in their opinion, the ITC didn't correctly throw out certain prior art or come up with the correct construction of another patent, blah blah, and under the new Federal Circuit definitions and guidance, Motorola might infringe, so back it has to go to the ITC to reconsider the Federal Circuit's way:We remand so the ITC can consider that evidence in conjunc- tion with the evidence of secondary considerations and determine in the first instance whether claim 10 would have been obvious to one of skill in the art at the time of the invention....We thus vacate the ITC's decision that Motorola does not infringe the '828 patent claims and remand the case to allow the ITC to consider in the first instance whether the accused products infringe under the correct construction of "mathematically fitting an ellipse." So back it goes. If you want to know what is going wrong in patent law, just read this ruling. Seriously.
Apple's ITC Presidential Pardon v. The ITC's Opinion ~pj
- Samsung had already appealed [PDF] the portion of the ITC Opinion that denied it relief against Apple regarding the mainly non-FRAND patents the ITC ruled Apple did not infringe, and in connection with that appeal, we find the complete public version of the
ITC Opinion [PDF] that the President just overruled attached as an exhibit. It's long, 162 pages because there is an appendix bundled in that same PDF, but I want to show you a few excerpts from the opinion that I hope will demonstrate to you, as they do me, that Apple's pardon was not based on Apple being the good guy in this picture. The ITC found otherwise on the facts in the record. In fact, the ITC specifically states in the opinion that Apple failed to prove that Samsung had violated any FRAND obligation.
The pardon, therefore, couldn't have been due to concern about patent hold-up, as was stated [PDF], since the ITC specifically found that Samsung had negotiated with Apple in good faith, had already licensed the '348 patent to over 30 companies, and that it was, in fact, Apple that illustrated the danger of reverse hold-up. Further, the opinion stated, Apple not only failed to prove that Samsung violated any FRAND obligation, it failed to establish even what they are. Further, Apple conceded in its ITC briefing that FRAND patent holders are not barred from seeking injunctions, and in fact since Apple argued to the ITC that the '348 patent was not really essential, this would mean that Samsung had no FRAND obligations, due to the wording of the ETSI terms.
So, it was a bit like the papal special dispensations of history, where the law said X, but you are let off the hook from having to keep it. That makes Apple's reported public response particularly offensive, when it said, "Samsung was wrong to abuse the patent system in this way." Samsung didn't abuse the patent system. It was, as you will see, exactly the opposite, according to the ITC Opinion. And while the President can do whatever he wishes regarding public policy, the ITC followed the statute, since it has no policy powers. In short, one unavoidably must conclude that if Samsung had been the US company and Apple the Korean one, there would have been no pardon. That's the bottom line, I'm afraid. As Jamie Love
tweeted, "What Froman and USTR will now have to explain is why India and other countries can't also consider public interest in patent cases." As I'll show you, one of the things the ITC considered was public comments warning that changing the terms for FRAND patent owners would make sweeping changes to trade laws, and Korea has already
registered its concerns. I'm all for reforming the patent system, as you know, but if you want to reform it, how about making it *more* fair, not less? Playing favorites based on country of origin doesn't aim for that noble goal. It's indisputable that this has harmed Samsung, and since the ITC, which examined the facts in detail, found it was the innocent party in this picture, what can be the justification for Apple's comment?
|
Freshmeat (Last Update: 2014-06-18 08:08:08GMT) |
ObjectiveSync 0.1.2
-
ObjectiveSync is a thin JDBC object persistence library. If features querying done in SQL, centralized object marshaling and unmarshaling where each object should know how to sync itself and its descendants, a single syntax for inserting and updating, Ruby-like objectivized JDBC fetching with exception handling, user-definable deep fetching and updating (almost Hibernate-like), batch API to avoid round-trips when submitting multiple queries, stats collection, and more.
Release Notes: Initial public release.
Release Tags: Major, Alpha
Tags: jdbc, Java, Database development
Licenses: LGPL
EFL pre 3.6.0
-
EFL makes CFEngine easy by editing data files and not complex CFEngine policy.
Release Notes: The efl_class_retrunszero bundle now uses json input. The csvtojson utility was improved.
Tags: CFEngine, Configuration Management, System Administration, devops
Licenses: GPLv3
gsecraif Alpha-02
-
Gsecraif is a tool for splitting and recombining files in a secure manner. It addresses two aspects of security: protecting against data loss and guarding against unauthorised access. It splits a file into three or more equal sized parts (component files), up to a maximum of 255. The utility can recover the original file even if one of the component files is lost. It uses XOR (RAID 5) technology. None of the component files contain any data from the original file. It can split any kind of file and uses no encryption.
Release Notes: Initial Freecode announcement
Tags: file splitter, split, merge
Licenses: GNU General Public License version 3.0 (GPLv3)
Sagan 1.0.0RC3
-
Sagan can alert you when events are occurring in your syslogs that need your attention right away. It can store events into a Snort database, so your IDS/IPS data and log data are in the same place. This enables
a single console, like Snorby or BASE, to view not only your IDS/IPS data but your log (syslog, SNMP, etc.) data as well. Sagan will correlate the data for you. It also uses 'Snort-like' rule sets, which means it is compatible with Snort rule set management software. It supports multiple output formats that any network administrator will find useful. Sagan can also stop threats based on log analysis via "Snortsam". This allows Sagan to communicate with various types of network devices (Cisco routers/ASA/etc., Linux iptables, etc).
Release Notes: Code is now formatted in the GNU "artistic" style. Multiple bugs were fixed. Sagan is much more efficient with memory. New "meta_content" and "meta_nocase" options were provided for multi-searching in a single rule. The "track_clients" processor was fixed and improved. Flowbit tracking 'by_src', 'by_dst', 'both', and 'none' were added for multiple line log support.
Tags: Syslog, windows events, snmp-trap
Licenses: GPLv2
ServerStatus 1.0.1
-
The ServerStatus application will display a window that shows the status of a list of servers, NAS, routers, etc. ServerStatus will 'ping' each server/network device once per minute to determine if it is 'online' or 'offline'.
Release Notes: A Ping command is now used rather than using the isReachable() method.
Tags: Networking, Monitoring
Licenses: Apache 2.0
Suriwire 0.2
-
Suriwire is a plugin for Wireshark that displays Suricata generated alerts for a pcap file inside the Wireshark output. It adds the alerts to the packet details and in the expert info window. It also enables you to use signature fields as filtering items in Wireshark output.
Release Notes: Suriwire now uses the EVE file format created by Suricata 2.x instead of using the pcapinfo file. This allows you to add information about alerts and events coming from protocol decoding. For example, you can now get packets corresponding to a TLS where the certificate subject contains a substring.
Release Tags: Major
Tags: Security Analysis, wireshark, suricata
Licenses: GPLv3
Reportico 4.0
-
Reportico is a PHP reporting tool. It can create a report from a single SQL command and then build a whole suite of reports with criteria entry, graphs, groups, drill-downs, and expression handling. You can perform data transformation with your own custom PHP code. It can produce output in HTML, PDF, CSV, XML, and JSON.
Release Notes: Dynamic sortable, searchable grids were added. SQL can now be passed to the reportico engine without having to create a report. Bootstrap look and feel is now supported both in standalone mode and when embedded in bootstrap enabled Web pages. The NVD3 charting library was added. A new SQL command criteria option allows users to type in SQL. Dropdown menu and static menu arrays can be passed to the reportico engine to create configurable report menus. UI elements can now be configured for use as report control checkboxes, output buttons, etc. Various security updates were applied.
Tags: Reports, Database
Licenses: GPLv3
DKPro WSD 1.1.0
-
DKPro WSD provides UIMA components which encapsulate corpus readers, linguistic annotators, lexical semantic resources, WSD algorithms, and evaluation and reporting tools. You configure the components, or write new ones, and arrange them into a data processing pipeline. DKPro WSD is modular and flexible. Components which provide the same functionality can be freely swapped. You can easily run the same algorithm on different data sets, or test several different algorithms on the same data set.
Release Notes: Evaluators now permit chaining of backoff algorithms.
There are now annotators that allow for disambiguating the complete text collectively. There is now a weighted MFS baseline. The sense cluster evaluator now computes McNemar's test. The sense cluster evaluator now handles the case where there are multiple gold-standard senses, and includes undisambiguated instances in the confusion matrix. Bugs were fixed.
Tags: NLP, computational linguistics, word sense disambiguation, WSD
Licenses: GPLv3, Apache 2.0
|
Schneier (Last Update: 2016-09-21 12:33:26GMT) |
Tesla Model S Hack
-
Impressive remote ,a href="http://www.pcworld.com/article/3121999/security/researchers-demonstrate-remote-attack-against-tesla-model-s.html">hack of the Tesla Model S.
Details. Video.
The vulnerability is fixed.
Remember, a modern car isn't an automobile with a computer in it. It's a computer with four wheels and an engine. Actually, it's a distributed 20-400-computer system with four wheels and an engine.
Two Good Essays on the NSA's "Upstream" Data Collection under Section 702
More on the Equities Debate
Periscope ATM Skimmers
-
"Periscope skimmers" are the most sophisticated kind of ATM skimmers. They are entirely inside the ATM, meaning they're impossible to notice.
They're been found in the US.
Friday Squid Blogging: Giant Squid on Japanese Television
-
I got this video from PZ Myers's blog. I know absolutely nothing about it.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Hacking Bridge-Hand Generation Software
-
Interesting:
Roughly three weeks later, there is a operation program available to crack ACBL hand records.
- Given three consecutive boards, all the remaining boards for that session can be determined.
- The program can be easily parallelized. This analysis can be finished while sessions are still running
this would permit the following type of attack:
- A confederate watch boards 1-3 of the USBF team trials on vugraph
- The confederate uses Amazon web services to crack all the rest of the boards for that session
- The confederate texts the hands to a players smart phone
- The player hits the head, whips out his smart phone, and ...
Hacking Wireless Tire-Pressure Monitoring System
-
Research paper: "Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study," by Ishtiaq Rouf, Rob Miller, Hossen Mustafa, Travis Taylor, Sangho Oh, Wenyuan Xu, Marco Gruteser, Wade Trapper, Ivan Seskar:
Abstract: Wireless networks are being integrated into the modern automobile. The security and privacy implications of such in-car networks, however, have are not well understood as their transmissions propagate beyond the confines of a car's body. To understand the risks associated with these wireless systems, this paper presents a privacy and security evaluation of wireless Tire Pressure Monitoring Systems using both laboratory experiments with isolated tire pressure sensor modules and experiments with a complete vehicle system. We show that eavesdropping is easily possible at a distance of roughly 40m from a passing vehicle. Further, reverse-engineering of the underlying protocols revealed static 32 bit identifiers and that messages can be easily triggered remotely, which raises privacy concerns as vehicles can be tracked through these identifiers. Further, current protocols do not employ authentication and vehicle implementations do not perform basic input validation, thereby allowing for remote spoofing of sensor messages. We validated this experimentally by triggering tire pressure warning messages in a moving vehicle from a customized software radio attack platform located in a nearby vehicle. Finally, the paper concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems and other forthcoming in-car wireless sensor networks.
Recovering an iPhone 5c Passcode
-
Remember the San Bernardino killer's iPhone, and how the FBI maintained that they couldn't get the encryption key without Apple providing them with a universal backdoor? Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from the phone, extracting the memory, and then running a brute-force attack without worrying about the phone deleting the key.
The FBI said it was impossible. We all said they were wrong. Now, Sergei Skorobogatov has proved them wrong. Here's his paper:
Abstract: This paper is a short summary of a real world mirroring attack on the Apple iPhone 5c passcode retry counter under iOS 9. This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts. This is the first public demonstration of the working prototype and the real hardware mirroring process for iPhone 5c. Although the process can be improved, it is still a successful proof-of-concept project. Knowledge of the possibility of mirroring will definitely help in designing systems with better protection. Also some reliability issues related to the NAND memory allocation in iPhone 5c are revealed. Some future research directions are outlined in this paper and several possible countermeasures are suggested. We show that claims that iPhone 5c NAND mirroring was infeasible were ill-advised.
Susan Landau explains why this is important:
The moral of the story? It's not, as the FBI has been requesting, a bill to make it easier to access encrypted communications, as in the proposed revised Burr-Feinstein bill. Such "solutions" would make us less secure, not more so. Instead we need to increase law enforcement's capabilities to handle encrypted communications and devices. This will also take more funding as well as redirection of efforts. Increased security of our devices and simultaneous increased capabilities of law enforcement are the only sensible approach to a world where securing the bits, whether of health data, financial information, or private emails, has become of paramount importance.
Or: The FBI needs computer-security expertise, not backdoors.
Patrick Ball writes about the dangers of backdoors.
|
LXer (Last Update: 2020-09-04 03:54:44GMT) |
Launch Web Browsers In Kiosk Mode (Full Screen) From CLI
- Some times you might want to run an application (especially a web application) 24/7 in full-screen mode. In this guide, we will see how to launch web browsers in kiosk mode (full screen) from command line in Linux.
Min Lightweight Browser Releases 1.16 with UI Improvements
- The privacy-centric yet minimal browser Min brings another release with its version 1.16 with UI improvements and major new features.
Q4OS 3.12 Linux Distro Released, Based on Debian GNU/Linux 10.5 “Buster”
- Q4OS, the Debian-based GNU/Linux distribution that keeps the spirit of the old-school KDE3.5 desktop environment alive has been updated to version 3.12.
Datasheet: Tiny Embedded Boards
- (Circuit Cellar article) With todayâs level of integrated chip technology, board-level embedded computers can now literally fit in the palm of your hand. This âtinyâ category of board-level computing products meets the needs of applications where extremely low SWaP (size, weight and power) is a priority over other requirements. This Datasheet section updates readers on [â¦]
Making Zephyr More Secure
- Zephyr is gaining momentum where more and more companies are embracing this open source project for their embedded devices. However, security is becoming a huge concern for these connected devices. The NCC Group recently conducted an evaluation and security assessment of the project to help harden it against attacks. In the interview, Kate Stewart, Senior [â¦]
TUXEDO Computers Unveils TUXEDO Polaris 15 and 17 Laptops for Linux Gamers
- TUXEDO Computers unveiled today two new laptops for Linux gamers, the TUXEDO Polaris 15 and TUXEDO Polaris 17, which come with powerful components from both Intel and AMD.
Ryzen V1000/R1000 gains another Mini-ITX as the V2000 preps for launch
- ICPâs âgKINO-V1000â series of Mini-ITX boards offers a choice of Ryzen Embedded V1000 and R1000 processors and up to quad 4K displays. Meanwhile, details have leaked about an upcoming V2000 SoC with Zen 2 cores. ICP Germany has announced a gKINO-V1000 series of SBCs that run on AMDâs Ryzen Embedded V1000 and R1000 SoCs, joining [â¦]
How to Minimize Spotify to the System Tray in Linux
- Recent versions of the Spotify client for Linux don't have the minimize ability. Follow this to minimize Spotify to the system tray in Linux.
|
RootPrompt (Last Update: 2010-10-19 08:17:02GMT) |
Block crackers with 3 locks to your SSH door (18 Oct 2010)
- Security always requires a multi-layered scheme. SSH is a good example of this. Methods range from simple sshd configuration through the use of PAM to specify who can use SSH, to application of port-knocking techniques, or to hide the fact that SSH access even exists. Applying these techniques can make life much harder for possible intruders, who will have to go past three unusual barriers."Learn 3 ways of hardening SSH access to your system to block would-be crackers"
Bazaar: source control system (15 Oct 2010)
- Bazaar is used to produce the Ubuntu Linux distribution, which is an enormous software project with thousands of components. If you're using a UNIX or Linux system, chances are that your distribution offers a pre-built Bazaar package. Bazaar is flexible enough to accommodate Subversion - a centralized system and Git - a decentralized system. This article introduces you to Bazaar's many appealing features."Intro to Bazaar, a great place to keep your code"
User space memory access from the Linux kernel (13 Oct 2010)
- As the kernel and user space exist in different virtual address spaces, there are special considerations for moving data between them. Explore the ideas behind virtual address spaces and the kernel APIs for data movement to and from user space, and learn some of the other mapping techniques used to map memory."An introduction to Linux memory and user space APIs"
Techniques for migrating Perl to Python (11 Oct 2010)
- Python programmers shouldn't get too smug. While many people agree that Python is designed in a way that makes it a highly readable language, there can still be problems with legacy, untested Python code too. Porting legacy Perl to Python can be a daunting task. In this article, learn some of the theory behind dealing with legacy code, including what not to do."Techniques for migrating legacy, untested Perl to Python"
New AIX 7 capabilities for virtualization (8 Oct 2010)
- The IBM AIX operating system provides a highly scalable IT infrastructure for client workloads. Learn about the latest version, AIX 7.1, an open standards-based UNIX operating system, that includes significant new capabilities for virtualization, security features, availability features, and manageability."Learn about the latest version of AIX 7.1 - an open standards-based UNIX operating system"
Introduction to PowerHA (1 Sep 2010)
- PowerHA for AIX is the new name for HACMP (High Availability Cluster Multiprocessing). HACMP is an application that makes system fault resilient and reduces downtime of applications. This article introduces PowerHA and provides a detailed explanation of how to configure a two node cluster. This document is very useful for understanding PowerHA and setting up a two node cluster."Get Power high availability by Configuring a PowerHA cluster" Introduction to PowerHA
Yeah - Learn Linux: Maintain the integrity of file (30 Aug 2010)
- Learn how to check the integrity of your Linux filesystems, monitor free space, and fix simple problems. Use the material in this article to study for the Linux Professional Institute (LPI) 11 exam for Linux system administrator certification or just to check your filesystems and keep them in good working order, especially after a system crash or power loss. "Here's an easy way to keeping track of your Linux disk space" Yeah - Learn Linux: Maintain the integrity of filesystems
Live Kernel Patches with Ksplice (11 Aug 2010)
- Ksplice applies kernel patches on-the-fly - no reboot required in a fraction of a second. Here's a hands-on guide to performing painless system updates. Learn how to patch a live kernel and give reboots the boot."Avoid reboots of your system with live Kernel updates using Ksplice" Live Kernel Patches with Ksplice
|