Collection of Linux related news hopefully!

Put it on a stick and 'cheesie'

Facebook buying WhatsApp for nearly as much as Hewlett-Packard spent on Compaq in 2001? Well, 2014 was the year of the selfie, after all. Just don't let that snapshot of your bits get hacked.

Shame and coming late can be good things ... right?

Ho hum. Another year, another slew of open source announcements that prove the once-maligned development methodology is now so mainstream as to be tedious. Running most of the world’s most powerful supercomputers? Been there, done that. Giving retailers the ability to deliver highly customized paper coupons to consumers based on warehouse inventory nearby? So 2013!

Cryptographically signed BIND, DHCP code safe, we're told

The website for the Internet Systems Consortium, which develops the BIND DNS and ISC DHCP tools, has been hacked.

Crypto toolbox, Part II Of Tor, TAILS and Jabber

In the first article in this two-parter on building your own crypto toolbox I covered older tools that have been around for a relatively long time now: Truecrypt and OpenPGP. Here, I will go in a different direction and look at ways of protecting instant messaging, general web-browsing, and how to trust the operating system where we run these tools.

An anonymous reader writes Linux 3.18 was recently released, thus making Linux 3.19 the version under development as the year comes to a close. Linux 3.19 as the first big kernel update of 2015 is bringing in the new year with many new features: among them are AMDKFD HSA kernel driver, Intel "Skylake" graphics support, Radeon and NVIDIA driver improvements, RAID5/6 improvements for Btrfs, LZ4 compression for SquashFS, better multi-touch support, new input drivers, x86 laptop improvements, etc.

Read more of this story at Slashdot.








There was great news and there was awful news in the world of Linux and open-source software during 2014.
343 people on the mailing list, €3,473 in cash and systemd replacement under way

Devuan, the Debian spin-off that will not include systemd has posted its first progress report.

An anonymous reader writes Developer Jonathan Rudenberg has discovered and pointed out a glaring security hole in Docker's system. He says, "Recently while downloading an 'official' container image with Docker I saw this line: ubuntu:14.04: The image you are pulling has been verified I assumed this referenced Docker's heavily promoted image signing system and didn't investigate further at the time. Later, while researching the cryptographic digest system that Docker tries to secure images with, I had the opportunity to explore further. What I found was a total systemic failure of all logic related to image security. Docker's report that a downloaded image is 'verified' is based solely on the presence of a signed manifest, and Docker never verifies the image checksum from the manifest. An attacker could provide any image alongside a signed manifest. This opens the door to a number of serious vulnerabilities." Docker's lead security engineer has responded here.

Read more of this story at Slashdot.








A few key shifts stand out as particularly notable in enterprise computing's evolution over the past year. Here are five examples.

Customers include EMC and Cisco, says firm

Blink and you'll miss it. Big Data analytics is a huge focus of startup activity with young and new companies getting a green light from blue-chip customers and VCs almost all the time.