Operating Systems

GNU Hurd Begins Supporting Sound, Still Working On 64-bit & USB Support (phoronix.com) 312

An anonymous reader writes: GNU developer Samuel Thibault presented at this weekend's FOSDEM conference about the current state of GNU Hurd. He shared that over the past year they've started working on experimental sound support as their big new feature. They also have x86 64-bit support to the point that the kernel can boot, but not much beyond that stage yet. USB and other functionality remains a work-in-progress. Those curious about this GNU kernel project can find more details via the presentation media.
Facebook

Epoch Time Bug Causes Facebook To Congratulate Users On 46 Years of Friendship (gizmodo.com) 108

An anonymous reader writes: A bunch of Facebook users received mysterious messages yesterday congratulating them on 46 years of being friends with somebody on Facebook. An astute observer may note that Facebook hasn't been around for 46 years. An even more astute observer might note that 46 years ago yesterday would be 12/31/1969 — easily recognizable as value '0' in the Unix Epoch with a time zone adjustment. A Microsoft engineer posits that the messages were sent because of how Facebook implemented its congratulatory messages. Many people were Facebook friends when the feature was rolled out, and instead of finding or estimating the date they became friends, Facebook simply set that database value to '0'. When the script fired to send those messages, it grabbed that value expecting a time, and interpreted the 0 accordingly. "The developer who wrote the "friends with since" memories algorithm should have added a case WHERE friendsWithSinceDate != '0' or something along those lines."
Operating Systems

Hackers Get Linux Running On a PlayStation 4 (engadget.com) 108

An anonymous reader writes: Two years after the PlayStation 4 was released, and two weeks after it was jailbroken, a group of hackers has now successfully installed Linux on it. "...it appears that the fail0verflow team utilized a WebKit bug similar to the one recently documented by GitHub user CTurt and then took things up a notch. CTurt's workaround focuses on the PlayStation 4's Webkit browser, which is tricked into freeing processes from the core of the console's operating system by an improvised webpage. The PS4 is powered by Sony's Orbis OS, which is based on a Unix-like software called FreeBSD. With a route into the console's system, fail0verflow then identified weaknesses in the PlayStation 4's GPU. It specifically called out engineers from semiconductor company Marvell, accusing them of 'smoking some real good stuff' when they designed the PlayStation 4's southbridge chip."
Unix

New Year's Resolutions For *nix SysAdmins (cyberciti.biz) 242

An anonymous reader writes: A new year, with old systems. It is time to break bad old habits and develop good new ones. This list talks about new years resolutions for Linux and Unix sysadmins. List includes turning on 2FA on all services, making peace with systemd, installing free SSL/TLS certificates, avoiding laptops with horrible screens or wireless whitelist in BIOS, building Linux gaming rig and more. What resolutions are on your list regarding sysadmin or IT work in 2016?
Operating Systems

DragonFlyBSD 4.4 Switches To the Gold Linker By Default (phoronix.com) 26

An anonymous reader writes: DragonFlyBSD 4.4 is now available for download (x86_64 ISO) and is a feature release that presents many improvements and new features. DragonFlyBSD now uses the Gold Linker by default rather than GNU Ld, updates the Intel and Radeon graphics support against the Linux 3.18 kernel, improves its experimental HAMMER2 file-system updates the locale system and provides collation for named locales, changes out its regex library, and has new hardware drivers. More details on the 4.4 release page.
Windows

Windows 3.1 Glitch Causes Problems At French Airport -- Wait, 3.1? (vice.com) 406

OakDragon writes: Microsoft has tamped down the earth on XP's grave, steered Internet Explorer toward the nursing home, and is trying to convince everyone Windows 10 is a bright up-and-comer. But in the Paris airport of Orly, a system called DECOR — which helps air traffic controllers relay weather information to pilots — is running on Windows 3.1. That program suffered a glitch recently that grounded planes for some time. The airport actually runs on a variety of old systems, including Windows XP and UNIX. Maintenance is a problem. There are only three people in Paris that work on DECOR issues, and one of them is retiring soon. Hardware is also an issue. "Sometimes we have to go rummaging on eBay to replace certain parts," said Fiacre. "In any case, these machines were not designed to keep working for more than 20 years."
Unix

Andrew Tanenbaum Announces MINIXcon (minix3.org) 104

LichtSpektren writes: Andrew Tanenbaum, author of MINIX, writes: 'MINIX has been around now for about 30 years so it is (finally) time for the MINIXers to have a conference to get together, just as Linuxers and BSDers have been doing for a long time. The idea is to exchange ideas and experiences among MINIX 3 developers and users as well as discussing possible paths forward now that the ERC funding is over. Future developments will now be done like in any other volunteer-based open-source project. Increasing community involvement is a key issue here. Attend or give a presentation.' The con will be held on 1 February 2016 at the Vrije Universiteit in Amsterdam, the Netherlands.
GNU is Not Unix

GNU Hurd 0.7 and GNU Mach 1.6 Released 129

jones_supa writes: Halloween brought us GNU Hurd 0.7, GNU Mach 1.6, and GNU MIG 1.6. The new Hurd comes with filesystem driver improvements, provides a new rpcscan utility, and the Hurd code has been ported to work with newer versions of GCC and GNU C Library. The Mach microkernel has updates for compiler compatibility, improvements to the lock debugging infrastructure, the kernel now lets non-privileged users write to a small amount of memory, timestamps are now kept relative to boot time, and there are various bugfixes. MIG 1.6 is a small update which improves compatibility with newer dialects of C programming language. Specific details on all of the updates can be found in the full release announcement. jrepin adds some more details: The GNU Hurd 0.7 improves the node cache for the EXT2 file-system code (ext2fs), improves the native fakeroot tool, provides a new rpcscan utility, and fixes a long-standing synchronization issue with the file-system translators and other components. The GNU Mach 1.6 microkernel also has updates for compiler compatibility, improvements to the lock debugging infrastructure, the kernel now lets non-privileged users write to a small amount of memory, timestamps are now kept relative to boot time, and there are various bug-fixes.
Google

Interviews: Ask Alan Donovan and Brian Kernighan About Programming and Go 185

Alan Donovan is a member of Google’s Go team in New York and holds computer science degrees from Cambridge and MIT. Since 2005, he has worked at Google on infrastructure projects and was the co-designer of its proprietary build system, Blaze. Brian Kernighan is a professor in the Computer Science Department at Princeton University. He was a member of technical staff in the Computing Science Research Center at Bell Labs, where he worked on languages and tools for Unix. He is the co-author of several books, including The C Programming Language, and The Practice of Programming. Recently, the pair have co-authored a soon to be released book titled The Go Programming Language. Alan and Brian have agreed to give us some of their time to answer any questions you may have about the upcoming book, Go, and programming in general. Ask as many questions as you'd like, but please keep them to one per post.
Botnet

Compromised CCTV and NAS Devices Found Participating In DDoS Attacks (incapsula.com) 64

chicksdaddy writes: The parade of horribles continues on the Internet of Things, with a report from the security firm Incapsula that its researchers discovered compromised closed circuit cameras as well as home network attached storage (NAS) devices participating in denial of service attacks. The compromised machines included a CCTV at a local mall, just a couple minutes from the Incapsula headquarters.

According to the report, Incapsula discovered the infections as part of an investigation into a distributed denial of service attack on what it described as a "rarely-used asset" at a "large cloud service." The attack used a network of 900 compromised cameras to create a flood of HTTP GET requests, at a rate of around 20,000 requests per second, to try to disable the cloud-based server. The cameras were running the same operating system: embedded Linux with BusyBox, which is a collection of Unix utilities designed for resource-constrained endpoints.

The malware in question was a variant of a self-replicating program known as Lightaidra, which targets systems running BusyBox and exploits vulnerable Telnet/SSH services using so-called "brute force dictionary attacks" (aka "password guessing"). Given that many Internet connected devices simply use the default administrator credentials when deployed, calling it a "brute force" attack is probably a stretch.

Open Source

Celebrating 20 Years of OpenBSD With Release 5.8 (openbsd.org) 158

badger.foo writes: 20 years to the day after the OpenBSD source tree was created for the new project, the project has released OpenBSD 5.8, the 38th release on CD-ROM (and 39th via FTP/HTTP). This release comes with four release songs instead of the usual one, and a long list of improvements over the last releases. (Probably a good time to donate to the project, too, even if you don't use it directly, because of all the security improvements that OpenBSD programmers contribute to the world.)
KDE

KDE Turns 19 115

prisoninmate writes: Believe it or not, it has been 19 long years since Matthias Ettrich announced his new project, the Kool Desktop Environment (KDE). "Unix popularity grows thanks to the free variants, mostly Linux. But still a consistent, nice looking free desktop-environment is missing. There are several nice either free or low-priced applications available so that Linux/X11 would almost fit everybody needs if we could offer a real GUI," wrote the developer back in October 14, 1996.
Operating Systems

NetBSD 7.0 Released (netbsd.org) 58

An anonymous reader writes: After three years of development and over a year in release engineering, NetBSD 7.0 has been released. Its improvements include added support for many new ARM boards including the Raspberry Pi 2, major improvements to its multiprocessor-compatible firewall NPF, kernel scripting in Lua, kernel mode-setting for Intel and Radeon graphics chips, and a daemon called blacklistd(8) which integrates with numerous network daemons and shields them from flood attempts.
Privacy

Ask Slashdot: Where Can I Find "Nuts and Bolts" Info On Cookies & Tracking Mechanisms? 84

New submitter tanstaaf1 writes: I was thinking about the whole tracking and privacy train-wreck and I'm wondering why specific information on how it is done, and how it can be micromanaged or undone by a decent programmer (at least), isn't vastly more accessible? By searching, I can only find information on how to erase cookies using the browser. Browser level (black box) solutions aren't anywhere near good enough; if it were, the exploits would be few and far between instead everywhere everyday. Read below for the rest of tanstaaf1's question.
Unix

OpenIndiana Hipster 2015.10: Keeping an Open-Source Solaris Going 149

An anonymous reader writes: It's been five years since Oracle killed off OpenSolaris while the community of developers are letting it live on with the new OpenIndiana "Hipster" 15.10 release. OpenIndiana 15.10 improves its Python-based text installer as it looks to drop its GUI installer, switches out the Oracle JDK/JRE for OpenJDK, and updates its vast package set. However, there are still a number of outdated packages on the system like Firefox 24 and X.Org Server 1.14 while the default office suite is a broken OpenOffice build, due to various obstacles in maintaining open-source software support for Solaris while being challenged by limited contributors. Download links are available via the OpenIndiana.org release notes. There's also a page for getting involved if wishing to improve the state of open-source Solaris.
Unix

30 Years a Sysadmin 162

itwbennett writes: Sandra Henry-Stocker's love affair with Unix started in the early 1980s when she 'was quickly enamored of the command line and how much [she] could get done using pipes and commands like grep.' Back then, she was working on a Zilog minicomputer, a system, she recalls, that was 'about this size of a dorm refrigerator'. Over the intervening years, a lot has changed, not just about the technology, but about the job itself. 'We might be 'just' doing systems administration, but that role has moved heavily into managing security, controlling access to a wide range of resources, analyzing network traffic, scrutinizing log files, and fixing the chinks on our cyber armor,' writes Henry-Stocker. What hasn't changed? Systems administration remains a largely thankless role with little room for career advancement, albeit one that she is quick to note is 'seldom boring' and 'reasonably' well-paid. And while 30 years might not be a world's record, it's pretty far along the bell curve; have you been at it longer?
GNU is Not Unix

Interviews: RMS Answers Your Questions 246

The Free Software Foundation will be celebrating its 30th anniversary on Oct. 3rd. Recently, you had a chance to ask its founder Richard Stallman about GNU/Linux, free software, and other issues of public concern. Below you'll find his answers to your questions. Learn more about how you can join the FSF here, and help fight the good fight.
GUI

New Release of the Trinity Desktop Environment 197

mescobal writes: A new release of the Trinity Desktop Environment (TDE) is out. TDE is "a computer desktop environment for Unix-like operating systems with a primary goal of retaining the function and form of traditional desktop computers" which translates into a fully functional KDE 3 style Desktop. Something is missing in the new generation of desktop environments, since some people (perhaps more than "some") feel at home with Gnome 2 or KDE i3. They have repositories for Debian and Ubuntu-based distros. I'm now using it on Ubuntu 15.04, amazed about how well-planned things were in the previous generation of DE. We may have gained some things with Gnome 3 and Plasma 5, but we lost a lot of good features too. TDE brings them back.
Open Source

Debian Founder: How I Came To Find Linux 136

An anonymous reader writes: Ian Murdock has pretty solid open source cred: in 1993 he founded Debian, he was the CTO of Progeny and the Linux Foundation, and he helped pave the way for OpenSolaris. He has published a post about how he initially joined the Linux ecosystem. Quoting: "[In 1992], I spent most evenings in the basement of the MATH building basking in the green phosphorescent glow of the Z-29 terminals, exploring every nook and cranny of the UNIX system upstairs. ... I was also accessing UNIX from home via my Intel 80286-based PC and a 2400-baud modem, which saved me the trek across campus to the computer lab on particularly cold days. Being able to get to the Sequent from home was great, but I wanted to replicate the experience of the ENAD building's X terminals, so one day, in January 1993, I set out to find an X server that would run on my PC. As I searched for such a thing on Usenet, I stumbled across something called 'Linux.'" How did you come to find Linux?
Encryption

OpenSSH 7.0 Released 75

An anonymous reader writes: Today the OpenSSH project maintainers announced the release of version 7.0. This release is focusing on deprecating weak and unsafe cryptographic methods, though some of the work won't be complete until 7.1. This release removes support for the following: the legacy SSH v1 protocol, the 1024-bit diffie-hellman-group1-sha1 key exchange, ssh-dss, ssh-dss-cert-* host and user keys, and legacy v00 cert format. There were also several bug fixes, security tweaks, and new features. In the next release, they plan to retire more legacy cryptography. This includes refusing RSA keys smaller than 1024 bits, disabling MD5-based HMAC algorithms, and disabling these ciphers: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES.

Slashdot Top Deals