Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All) (Single Column)

LinuxSecurity.com - Security Advisories









  • Fedora 27: libgit2 Security Update
    `bbLinuxSecurity.com`/bb: This is a security release fixing out-of-bounds reads when processing smart- protocol "ng" packets. When parsing an "ng" packet, we keep track of both the current position as well as the remaining length of the packet itself. But instead of taking care not to exceed the length, we pass the current pointer's position to strchr, which will search for a certain character until hitting NUL.




  • Debian LTS: DLA-1469-1: libxcursor security update
    `bbLinuxSecurity.com`/bb: It was discovered that there was a denial of service or (potentially code execution) vulnerability in libxcursor, a library designed to help locate and load cursors for the X Window System.


LXer Linux News

  • 10 Efficient Raspberry Add-ons To Enhance Performance - Part 8
    Sometimes you may find yourself in great need to improve the functionality of your Raspberry Pi. There is a good chance your Raspberry does not support the functionality you want. There is also a chance that it supports your dream functionality but with the help of an external tool. An add-on in other words. It is pretty obvious that your dream add-on exists in the market or someone somewhere is cracking an algorithm to build. Never mind, here we compile a list of the best add-ons to get for your Raspberry in 2018.


  • Red Hat's Jim Whitehurst on strategy and culture
    Red Hat Inc. is a successful, public open source software company. It’s the first open source company to crack $1b in revenue and is closing in on $3b. Here is some advice from the CEO for your own business.




  • How to check your CentOS Version
    In this tutorial, we’ll show you how to find your CentOS version. There are several ways to check what version of CentOS you are running.






  • GitHub goes off the Rails as Microsoft closes in
    Ruby shop turns to Go, Java, and Kubernetes for platform makeoverAnalysis GitHub invited a handful of journalists to its San Francisco headquarters to explain how the social code hosting biz is evolving from a website into a platform.…





  • Open source Zephyr RTOS snuggles up to RISC-V with new members
    The Zephyr Project announced six new members including RISC-V boosters SiFive and AntMicro, and expanded development support to more than 100 boards. The Linux Foundation’s Zephyr Project, which is developing the open source Zephyr real-time operating system (RTOS) for microcontrollers, announced six new members, including RISC-V members Antmicro and SiFive. The project also announced expanded […]


  • OERu makes a college education affordable
    Open, higher education courses are a boon to adults who don’t have the time, money, or confidence to enroll in traditional college courses but want to further their education for work or personal satisfaction. OERu is a great option for these learners. It allows people to take courses assembled by accredited colleges and universities for free, using open textbooks, and pay for assessment only when (and if) they want to apply for formal academic credit.read more


  • Lennart Jern: How Do You Fedora?
    The Fedora Magazine recently interviewed Lennart Jern on how he uses Fedora. This is part of a series  on the Fedora Magazine. This series profiles Fedora users and how they use Fedora to get things done...



  • AryaLinux: A Distribution and a Platform
    AryaLinux doesn’t only offer an installable, open source operating system, they offer a platform with which users can build a complete GNU/Linux operating system. The provided scripts were created based on the instructions from Linux From Scratch and Beyond Linux From Scratch.


  • Mixing software development roles produces great results
    Most open source communities don’t have a lot of formal roles. There are certainly people who help with sysadmin tasks, testing, writing documentation, and translating or developing code. But people in open source communities typically move among different roles, often fulfilling several at once.In contrast, team members at most traditional companies have defined roles, working on documentation, support, QA, and in other areas.read more



Error: It's not possible to reach RSS file http://www.newsforge.com/index.rss ...

Digg Top Stories



  • This Nude Vegan Blogger Drama Is Incredible
    Rid yourself of your rationality and step into the all-natural world of Freelee the Banana Girl, an Australian YouTuber and blogger who's currently embroiled in some grade-A niche drama.


  • This Bank Is Basically Giving You 20 Bucks Every Month
    Radius Bank is flipping over the proverbial couch cushions to find you extra money each month. From ATM rebates, cash back rewards and healthy interest rates, Radius Bank customers earn an average of $20 each month, without you having to lift a finger.







  • A Bot Panic Hits Amazon's Mechanical Turk
    By Friday, New Scientist ran an article with the headline "Bots on Amazon's MTurk Are Ruining Psychology Studies." One psychology professor mused on Facebook, "I wonder if this is the end of MTurk research?"




  • Inspiring Viral Sports Girl Is Actually A Boy
    People from all over the world, who assumed the kid was a girl, passed the video along with inspired messages, and the clip went viral.The child is actually an Iranian boy named Arat, whose father has trained him since he was an infant to be a body builder/soccer star.


  • Switch Banks, Get Free Money
    Radius Bank is flipping over the proverbial couch cushions to find you extra money each month. From ATM rebates, cash back rewards and healthy interest rates, Radius Bank customers earn an average of $20 each month, without you having to lift a finger.







  • When Body Cams Had Bullets
    The first attempt at police cameras were very different from the body cams of today, however, as releasing the shutter required pulling the trigger of the gun the camera was attached to.



  • This Miracle Headrest Will Soothe Your Neck Pain In 10 Minutes
    All you have to do is lay down. That's it. The C-Rest neck support helps you release tension, improve posture and relieve stress in 10 minutes. It's like an on-demand neck rub. And if that sounds good to you at all, then now would be a good time to back their Indiegogo campaign.





  • My Withered Legs
    No matter what the theme of my essay or story — lesbian love, wilderness exploration, mother/daughter relationships — it seems everyone wants me to include more about my legs. I've never understood that. Why would I think about my legs all the time?


  • When Did Parenting Become So Fearful?
    Why are Americans so suffocatingly weird about their kids nowadays? We have to save the kids, but if pressed on why or from what or what are you doing, we can't always answer.




  • Fighting The Vanilla Thieves Of Madagascar
    A barefoot farmer is making his way through a forest. The rusty machete he holds isn’t for cutting down vines or chopping away stubborn branches — it is a defense against thieves.








  • Funerals Are Becoming One Last Extravagant Display Of Wealth
    The rich and the powerful are choosing to be laid to rest in $60,000 gold-plated coffins and ferried by horse-drawn funeral carriages or Rolls-Royce hearses. Some are even flying friends and relatives to exotic locales for destination funerals.


  • The Extinct Tech You Forgot Existed
    A recent study has revealed which kinds of tech have stood the test of time — in terms of recognition, if not use. Would your children recognize these? (And would you?).


  • Thank You For Not Breeding
    Sure, the voluntary extinction movement doesn't want you to have babies — but there's much more to the story.










  • If You're Looking For A New Car Stereo, You've Found Nirvana
    Crutchfield is the best place to get any and all auto audio goods —  among other gear. They have quality products, fair prices, free installation options and legendary customer service. Go on and treat yourself while it's still roll-down-the-window-and kick-up-the-jams weather.



  • Live-Updating Trump News
    There's a lot going on right now, and you can follow it all here — tweets, stories and more.




Slashdot

  • Rolls-Royce Launches New Battery System To Electrify Ships
    Rolls-Royce, a British power system company (not to be confused with the luxury automobile maker), is launching a new battery system to electrify ships. "Rolls-Royce now offers SAVe Energy, a cost competitive, highly efficient and liquid cooled battery system with a modular design that enables the product to scale according to energy and power requirements," the company said in a statement. "SAVe Energy comply with international legislations for low and zero emission propulsion systems." Electrek reports: The company has been working on battery systems for years, but the recent improvements in li-ion batteries are now resulting in a boom of electrification of ships. Andreas Seth, Rolls-Royce, EVP Electrical, Automation and Control for Commercial Marine, said the company expects to deploy more batteries next year than they did over the last 8 years combined: "The electrification of ships is building momentum. From 2010 we have delivered battery systems representing about 15 MWh in total. However now the potential deployment of our patent pending SAVe Energy in 2019 alone is 10-18 MWh."   Seth said that they are delivering the first system to Prestfjord as part of Norway's effort to electrify its maritime transport: "Battery systems have become a key component of our power and propulsions systems, and SAVe Energy is being introduced on many of the projects we are currently working on. This includes the upgrade programme for Hurtigruten's cruise ferries, the advanced fishing vessel recently ordered by Prestfjord and the ongoing retrofits of offshore support vessels. As a system provider we can find the best solution considering both installation and operational cost."
            

    Read more of this story at Slashdot.


  • Stolen Android Anti-Piracy Software Dumped On Github
    Dexguard, a tool used to protect Android software from piracy, tampering and cloning attacks, has been removed after being illegally posted on Github. A version of the tool exposed on the code repository was stolen from a customer of Guardsquare, the software's creator. TorrentFreak reports: "We develop premium software for the protection of mobile applications against reverse engineering and hacking," the [security company Guardsquare's] website reads. "Our products are used across the world in a broad range of industries, from financial services, e-commerce and the public sector to telecommunication, gaming and media." One of Guardsquare's products is Dexguard, a tool to protect Android applications from being decompiled, something that can lead to piracy, credential harvesting, tampering and cloning. Unfortunately, a version of Dexguard itself ended up on Github. In a takedown notice filed with the Microsoft-owned code platform, Guardsquare explains that the code is unauthorized and was obtained illegally. "The listed folders... contain an older version of our commercial obfuscation software (DexGuard) for Android applications. The folder is part of a larger code base that was stolen from one of our former customers," Guardsquare writes. Guardsquare found almost 300 "forks" of the stolen software on Github and filed a request to have them all taken down.
            

    Read more of this story at Slashdot.


  • Volkswagen's CEO Was Told About Emissions Software Months Before Scandal, Says Report
    An anonymous reader quotes a report from Reuters: Volkswagen Chief Executive Herbert Diess was told about the existence of cheating software in cars two months before regulators blew the whistle on a multi-billion exhaust emissions scandal, German magazine Der Spiegel said. Der Spiegel's story, based on recently unsealed documents from the Braunschweig prosecutor's office, raises questions about whether VW informed investors in a timely manner about the scope of a scandal which it said has cost it more than $27 billion in penalties and fines.   Responding to the magazine report, the carmaker reiterated on Saturday that the management board had not violated its disclosure duties, and had decided to not inform investors earlier because they had failed to grasp the scope of the potential fines and penalties. Citing documents unsealed by the Braunschweig prosecutor's office, Der Spiegel said Diess was present at a meeting on July 27, 2015 when senior engineers and executives discussed how to deal with U.S. regulators, who were threatening to ban VW cars because of excessive pollution levels. Diess, who had defected from BMW to become head of the VW brand on July 1, 2015, joined the July 27 meeting with Volkswagen's then Chief Executive Martin Winterkorn to discuss how to convince regulators that VW's cars could be sold, a VW defense document filed with a court in Braunschweig in February, shows.
            

    Read more of this story at Slashdot.


  • Does Gmail's 'Confidential Mode' Go Far Enough?
    Last month, Gmail's big redesign became default for everyone, changing up the aesthetic appearance of the email service and introducing several new features. One of the key features, Confidential Mode, lets you add an "expiration date" and passcode to emails either in the web interface or via SMS, but not everyone is so trusting of its ability to keep your private data secure. "Recipients of these confidential emails won't be able to copy, paste, download, print or forward the message, and attachments will be disabled," notes Engadget.   The Electronic Frontier Foundation (EFF) doesn't think this new mode is secure at all. It's not encrypted end-to-end, so Google could read your messages in transit, and the expiring messages do not disappear from your Sent mail, which means they are retrievable. What's more is that if you use an SMS passcode, you might need to give Google your recipient's phone number. Because of these reasons, Slashdot reader shanen doesn't believe the new feature goes far enough to secure your data. They write: [M]y initial reaction is that I now need a new feature for Gmail. I want an option to reject incoming email from any person who wants to use confidential mode to communicate with me. Whatever conspiracy you are trying to hide, I'm not interested. So can anyone convince me you have a legitimate need for confidential mode? The main features I still want are completely different. Easiest one to describe would be future delivery of email, preferably combined with a tickler system.
            

    Read more of this story at Slashdot.


  • Uber Loses $900 Million In Second Quarter; Urged By Investors To Sell Off Self-Driving Division
    Last week, Uber reported a second-quarter loss of $891 million, even though it brought in $2.8 billion in revenue. "While it's a 16 percent improvement from a year earlier, the loss follows a rare profit posted in the first quarter, thanks largely to the sale of overseas assets," reports Bloomberg. As a result, the company is being pressured by investors to sell its self-driving cars unit, which Uber is spending $125-200 million a quarter to maintain. From the report: Even after increased spending last quarter, revenue growth is slowing. Sales rose 63 percent to $2.8 billion in the second quarter compared with the same period last year. The rate in the first quarter was 70 percent. [Uber CEO Dara Khosrowshahi] Khosrowshahi is pouring large, undisclosed sums of money into food delivery, logistics and autonomous-car technology. The San Francisco-based company has said the food delivery business, Uber Eats, represents more than 10 percent of its gross bookings. Growth in that segment may be masking a slowdown in Uber's main business.
            

    Read more of this story at Slashdot.


  • HUD Files Complaint Alleging Facebook Ad Tools Allow Housing Discrimination
    An anonymous reader quotes a report from Gizmodo: The U.S. Department of Housing and Urban Development has filed an official discrimination complaint against Facebook, saying the site's dizzying array of advertising tools makes it simple for advertisers to illegally exclude wide swathes of the population from seeing housing ads, Politico wrote on Friday. In a press release, HUD wrote that Facebook's "targeted advertising" model more or less constitutes a way for said advertisers to skirt the federal Fair Housing Act, specifically by excluding members of protected categories: "HUD claims Facebook enables advertisers to control which users receive housing-related ads based upon the recipient's race, color, religion, sex, familial status, national origin, disability, and/or zip code. Facebook then invites advertisers to express unlawful preferences by offering discriminatory options, allowing them to effectively limit housing options for these protected classes under the guise of 'targeted advertising.'"   Specific examples cited by HUD included showing display ads "either only to men or women," as well as preventing users flagged as interested in disabilities-related topics like "assistance dog" or "accessibility" from seeing display ads. HUD also said that the targeted advertising tool can be used to prevent people interested in specific religions or regions from seeing ads, as well as "draw a red line around zip codes and then not display ads to Facebook users who live in specific zip codes." The complaint is just a complaint, but it does start an official process that will either end in Facebook reaching a resolution with federal officials or a lawsuit. CNN Tech notes that the National Fair Housing Alliance is simultaneously suing Facebook for the same reason. "Facebook is trying to dismiss the suit by claiming it has limited liability for user-generated content, though HUD and federal prosecutors claim the site operates as an internet content provider with respect to housing ads and therefore is subject to civil rights law," reports Gizmodo.
            

    Read more of this story at Slashdot.


  • Musk's Boring Company Proposes High-Speed Underground Subway To Dodger Stadium
    Elon Musk's Boring Company wants to build a transit tunnel connecting Dodger Stadium to a Los Angeles' subway station. An anonymous reader quotes GeekWire:   The Boring Company laid out the plan for the Dugout Loop on its website, saying that the linkup could take baseball fans and concertgoers to the stadium in less than four minutes for a roughly $1 fare. This ride would be nothing like your typical subway trip: Loopers could book their tickets in advance, through an app-based reservation system that's similar to what's used to purchase theater tickets, or buy them over the phone or in person for a given time (say, 5:45 p.m. heading for the stadium).  At least initially, the Dugout Loop clientele would be limited to about 1,400 people per event, or roughly 2.5 percent of stadium capacity. The Boring Company says that capacity could be doubled over time. Loopers would board electric-powered pods (also known as "skates") that are based on the Tesla Model X auto design and are capable of carrying 8 to 16 passengers at a time. The skates would be lowered into the tunnel system, and sent autonomously at speeds of 125 to 150 mph from one terminal to the other. The Boring Company says it'll cover the cost of digging the roughly 3.6-mile tunnel with no public funding sought.   The Boring Company's site says this project will preempt construction of their proof-of-concept tunnel under Los Angeles' Sepulveda Boulevard.  "The Boring Company has made technical progress much faster than expected and has decided to make its first tunnel in Los Angeles an operational one, hence Dugout Loop!"
            

    Read more of this story at Slashdot.


  • Recruiters Are Still Complaining About No-Shows At Interviews
    An anonymous reader quotes CNN Money: Chandra Kill had scheduled face-to-face interviews with 21 candidates to fill some job openings at her employment screening firm. Only 11 showed up. "About half flaked out," said Kill.... "A year or two ago it wasn't like this." With the U.S. unemployment rate at its lowest in 18 years, and more job openings than there are people looking for work, candidates are bailing on scheduled interviews. In some cases, new hires are not showing up for their first day of work....  While there's nothing wrong with accepting another job offer, bailing on an employer without notice could have lasting effects. "The world is small," said Johnny Taylor, president and CEO of the Society for Human Resource Management.... He added that he's heard of a candidate being flown out for a job interview only to skip that part of the trip. "I expect that if I send you a plane ticket and block off two hours to meet with you, you will show up." As a result, he said some companies are having candidates agree to reimburse for travel costs if they take the trip but flake on the interview.  In an effort to curb the problem, recruiters have been changing their tactics and moving through the hiring process faster. If they have a qualified candidate that seems like a good fit, they work to get them in for an interview the next day.   Inc. magazine once blamed the problem of no-shows on the low unemployment rate and "the effects technology have had on the communication style of younger generations." But leave your own thoughts in the comments.  And have you ever been a no-show for a job interview?
            

    Read more of this story at Slashdot.


  • Egypt Fights Terrorism By Censoring Web Sites, Threatening Jail Time For Accessing Them
    An anonymous reader quotes the Associated Press: Egypt's President Abdel-Fattah el-Sissi has ratified an anti-cybercrime law that rights groups say paves the way for censoring online media. The law, published Saturday in the country's official gazette, empowers authorities to order the blocking of websites that publish content considered a threat to national security. Viewers attempting to access blocked sites can also be sentenced to one year in prison or fined up to EGP100,000 ($5,593) under the law. Last month, Egypt's parliament approved a bill placing personal social media accounts and websites with over 5,000 followers under the supervision of the top media authority, which can block them if they're found to be disseminating false news.  "Authorities say the new measures are needed to tackle instability and terrorism," reports the BBC.  "But human rights groups accuse the government of trying to crush all political dissent in the country."
            

    Read more of this story at Slashdot.


  • Firefox-Forking Browser 'Pale Moon' Releases Major Update 28.0
    Long-time Slashdot reader tdailey spotted a new version of Pale Moon, a customised version of Firefox optimized for speed and efficiency. Beta News reports it's the first major update since November of 2016:   There are virtually no visual or obvious changes in this new major build, but the under-the-hood changes are both extensive and necessary.... Despite all the updates, Moonchild is keen to stress certain things haven't changed -- unlike Firefox, for example, Pale Moon continues to support NPAPI plugins, complete themes and a fully customizable user interface. There is also no DRM built into the browser, although third-party plugins such as Silverlight are supported. It will also continue to work with certain "legacy" plugins of the type abandoned by Firefox.   Pale Moon strips out what one reviewer calls "little-used components" of Firefox, including parental controls and accessbility features, as well as crash reports and support for Internet Explorer's ActiveX and ActiveX scripting technology.  "Proving that open source leads to great development, Pale Moon takes the already decent Firefox web browser and makes it even better and a faster."
            

    Read more of this story at Slashdot.


  • Tesla Short Sellers Actually Made Over $1 Billion After Musk's Taking-Private Tweet
    An anonymous reader quotes Fortune: Investors betting that Tesla stock will lose value -- so-called "shorts" -- have made $1.2 billion since CEO Elon Musk first tweeted about taking the company private. Much of that gain came on Friday, after the New York Times published a revealing, emotional interview with Musk that drove Tesla stock down nearly 9%. The tally comes from a report released Friday by stock analytics firm S3 Partners. The Friday collapse helped reverse a price spike after Musk's August 7 Tweet saying he was "considering taking Tesla private at $420," about 18% higher than the stock's market value at the time.  According to S3, the subsequent surge in Tesla stock cost short positions $1.3 billion. But soon after, it became clear that Musk had exaggerated the certainty of his funding, and the SEC began a probe of his statements, driving the stock back down. On Friday, the Times interview with Musk detailed his 120-hour work weeks, lack of social life, and reliance on Ambien to sleep. That sent the stock down 9% in one day, for a total drop of 19% over 10 days. That gave $2.5 billion back to the shorts, for a net gain of $1.2 billion since Musk's going-private tweet.   Tesla remains the most-shorted stock on the American stock exchanges, and the researchers note that only 4% of shorts have actually cashed in these on-paper gains.
            

    Read more of this story at Slashdot.


  • Australians Who Won't Unlock Their Phones Could Face 10 Years In Jail
    An anonymous reader quotes the Sophos security blog:  The Australian government wants to force companies to help it get at suspected criminals' data. If they can't, it would jail people for up to a decade if they refuse to unlock their phones. The country's Assistance and Access Bill, introduced this week for public consultation, strengthens the penalties for people who refuse to unlock their phones for the police. Under Australia's existing Crimes Act, judges could jail a person for two years for not handing over their data. The proposed Bill extends that to up to ten years, arguing that the existing penalty wasn't strong enough...  [C]ompanies would be subject to two kinds of government order that would compel them to help retrieve a suspect's information. The first of these is a "technical assistance notice" that requires telcos to hand over any decryption keys they hold. This notice would help the government in end-to-end encryption cases where the target lets a service provider hold their own encryption keys. But what if the suspect stores the keys themselves? In that case, the government would pull out the big guns with a second kind of order called a technical capability notice. It forces communications providers to build new capabilities that would help the government access a target's information where possible. In short, the government asks companies whether they can access the data. If they can't, then the second order asks them to figure out a way....  The government's explanatory note says that the Bill could force a manufacturer to hand over detailed specs of a device, install government software on it, help agencies develop their own "systems and capabilities", and notify agencies of major changes to their systems.   "[T]he proposed legislation also creates a new class of access warrant that lets police officers get evidence from devices in secret before the device encrypts it, including intercepting communications and using other computers to access the data. It also amends existing search and seizure warrants, allowing the cops to access data remotely, including online accounts."
            

    Read more of this story at Slashdot.


  • Nvidia Is Giving Up On the Cryptocurrency Mining Market
    "Nvidia's nine-month crypto gold rush is over," reports the Los Angeles Times. An anonymous reader quotes their report: "Our core platforms exceeded our expectations, even as crypto largely disappeared," founder and Chief Executive Jensen Huang said Thursday on a conference call. "We're projecting no cryptomining going forward...." Nvidia said it had expected about $100 million in sales of chips bought by currency miners in the fiscal second quarter. Instead, the total was $18 million in the period, and that revenue is likely to disappear entirely in future quarters, the company said.  Investors are expressing their concern at the sudden collapse of what had looked like a billion-dollar business. Three months ago, Nvidia said it generated $289 million in sales from cryptocurrency miners, but warned that demand was declining rapidly and might fall by as much as two-thirds. Even that prediction was too optimistic.
            

    Read more of this story at Slashdot.


  • New VORACLE Attack Can Recover HTTP Data From Some VPN Connections
    "A new attack named VORACLE can recover HTTP traffic sent via encrypted VPN connections under certain conditions," reports Bleeping Computer, citing research presented last week at the Black Hat and DEF CON security conferences. An anonymous reader writes:   The conditions are that the VPN service/client uses the OpenVPN protocol and that the VPN app compresses the HTTP traffic before it encrypts it using TLS. To make matters worse, the OpenVPN protocol compresses all data by default before sending it via the VPN tunnel. At least one VPN provider, TunnelBear, has now updated its client to turn off the compression. [UPDATE: ExpressVPN has since also disabled compression to prevent VORACLE attacks.]   HTTPS traffic is safe, and only HTTP data sent via the VPN under these conditions can be recovered. Users can also stay safe by switching to another VPN protocol if their VPN client suppports multiple tunneling technologies.  In response to the security researcher's report, the OpenVPN project "has decided to add a more explicit warning in its documentation regarding the dangers of using pre-encryption compression."
            

    Read more of this story at Slashdot.


  • Linux Study Argues Monolithic OS Design Leads To Critical Exploits
    Long-time Slashdot reader Mike Bouma shares a paper (via OS News) making the case for "a small microkernel as the core of the trusted computing base, with OS services separated into mutually-protected components (servers) -- in contrast to 'monolithic' designs such as Linux, Windows or MacOS."  While intuitive, the benefits of the small trusted computing base have not been quantified to date. We address this by a study of critical Linux CVEs [PDF] where we examine whether they would be prevented or mitigated by a microkernel-based design. We find that almost all exploits are at least mitigated to less than critical severity, and 40% completely eliminated by an OS design based on a verified microkernel, such as seL4....   Our results provide very strong evidence that operating system structure has a strong effect on security. 96% of critical Linux exploits would not reach critical severity in a microkernel-based system, 57% would be reduced to low severity, the majority of which would be eliminated altogether if the system was based on a verified microkernel. Even without verification, a microkernel-based design alone would completely prevent 29% of exploits...   The conclusion is inevitable: From the security point of view, the monolithic OS design is flawed and a root cause of the majority of compromises. It is time for the world to move to an OS structure appropriate for 21st century security requirements.
            

    Read more of this story at Slashdot.


The Register










  • ZX Spectrum reboot scandal biz gets £35k legal costs delayed
    But just for a month - and what a month September will be for its directors
    The directors of the company at the heart of the ZX Spectrum reboot scandal have been ordered to pay yet more legal costs as they keep trying to kick their financial woes into the long grass.…


  • UK.gov told data-sharing plans need vendor buy-in
    Think tank calls for open standards, interoperability
    Government departments should mandate interoperability when procuring systems and establish audit trails to track data use in order to benefit from data sharing, a think tank has said.…


  • Shiver me timbers: Symantec spots activist investor Starboard side
    Time for cyber-security firm to pull up the baggywrinkle?
    Security slinger Symantec is facing a bruising battle with activist investor Starboard Value, which has nominated five directors to the security firm's board after having amassed a 5.8 per cent shareholding.…



  • Most staffers expect bosses to snoop on them, say unions
    You’re not paranoid if they’re really out to get you
    The TUC, a federation of trade unions in England and Wales, is lobbying to gain a legal right to be consulted on surveillance in the workplace, as it opened up on staffers’ growing concerns about their bosses snooping on them.…








  • Home Office seeks Brexit tech boss – but doesn't splash the cash
    £100k to sort borders, immigration, biometrics systems by 2019. Did we mention it's in Croydon?
    The reality of the mammoth task facing the Home Office in preparing for Brexit appears to have sunk in – the department is seeking a technology lead for the UK’s exit from the European Union.…






  • Net neutrality freaks furious over lack of fury at FCC hearing
    Unbelievable that more wasn't made of this non-story
    Net neutrality advocates were left furious on Thursday that there wasn't more fury directed at the chair of the Federal Communications Commission (FCC) at Congressional hearing despite, the fact he killed off net neutrality several months ago.…



  • GitHub goes off the Rails as Microsoft closes in
    Ruby shop turns to Go, Java, and Kubernetes for platform makeover
    Analysis GitHub invited a handful of journalists to its San Francisco headquarters to explain how the social code hosting biz is evolving from a website into a platform.…




  • Your Twitter app stopped working? Here's why
    Social media shifts APIs, starts charging for some features
    Is Twitter broken? That's what many are asking today as their favorite apps for the social media service suddenly appeared to stop working.…



  • Don't you just love Windows 10 refreshes, yells Lenovo
    Chinese biz exploits PC upgrade cycle... for the moment
    Windows 10 PC refreshes in business land helped Lenovo report double digit sales growth for the first quarter of its fiscal 2019 earnings - the Chinese giant made hay while the sun shone.…


  • NetApp flashes numbers at rivals: NAND we're eating your dinner
    EMC, HP rationalising, while IBM, Hitachi, Fujitsu, Oracle just defending installed base
    All flash arrays made up just 14 per cent of NetApp's installed base, up from 10 per cent last year, but the firm expects NAND price declines to push that number up higher.…



  • Rimini Street slapped with ban in Oracle copyright dispute
    Big Red awarded $30m legal fees as judge slams support biz's 'significant litigation misconduct'
    Oracle has won a permanent injunction against Rimini Street, banning it from controversial support practices that have been ruled a violation of copyright laws.…


  • Arm debuts CPU roadmap for the first time, sort of
    Move reflects desire to develop in the open, says company not developing in the open
    Chip designer Arm for the first time in recent memory has presented a roadmap, sparsely detailed through it may be, covering future CPU plans for 5G always-on connected mobile and laptop devices.…



  • Rejoice! Thousands more kids flock to computing A-level
    Even more impressively, thousands are passing it with good grades, too
    It’s that day again, the day when picture editors across the British news media drop everything to find fresh photos of teenagers suspended in mid-air. Yes, it’s A-level results day – and thousands more pupils are passing exams in computing rather than old school ICT.…


  • Using Microsoft's Hybrid MDM? Er, not for much longer
    You will move to Intune on Azure. You have one year to comply
    Microsoft has warned customers managing mobile devices using hybrid MDM that the clock is now ticking for the service and gently reminded them to consider migrating to Intune on Azure?…




  • Google risks mega-fine in EU over location 'stalking'
    First big test for GDPR looms
    Special Report Privacy campaigners say Google's obsessive collection of location markers violates Europe's privacy laws - potentially exposing the Californian giant to punitive fines.…









Page last modified on November 02, 2011, at 09:59 PM