Orome1 writes "Barracuda Networks has released firmware updates that remove SSH backdoors in a number of their products and resolve a vulnerability in Barracuda SSL VPN that allows attackers to bypass access restrictions to download potentially insecure files, set new admins passwords, or even shut down the device. The backdoor accounts are present on in all available versions of Barracuda Spam and Virus Firewall, Web Filter, Message Archiver, Web Application Firewall, Link Balancer, Load Balancer, and SSL VPN appliances." Here's Barracuda's tech note about the exploitable holes.

kthreadd writes "The Red Hat Enterprise Linux 5 derivative CentOS version 5.9 has been released just 10 days after its upstream provider. According to the release notes a number of changes have been made. New packages available in CentOS 5.9 includes for example OpenJDK 7 and Rsyslog 5. Several drivers have also been updated in the kernel which has been updated to version 2.6.18-348, including support for Microsoft's virtualization environment Hyper-V." CentOS has been plugging away now for nearly 10 years.

hypnosec writes "CERN has revealed that the Large Hadron Collider (LHC) is going into hibernation and will be shut down for a period of two years for upgrades. The LHC will go through a maintenance and upgrade phase starting in March that will bring the atom smasher up to speed with its maximum energy levels. From the article: 'The machine that last year helped scientists snare the elusive Higgs boson – or a convincing subatomic impostor – faces a two-year shutdown while engineers perform repairs that are needed for the collider to ramp up to its maximum energy in 2015 and beyond. The work will beef up electrical connections in the machine that were identified as weak spots after an incident four years ago that knocked the collider out for more than a year.'"

An anonymous reader writes "The next major release of the Fedora Project's GNU/Linux distribution (named Spherical Cow) was originally scheduled for November 16th. However, an ambitious set of new features has resulted in the project slipping way past its scheduled release. It had fallen three weeks behind before even producing an alpha release and nine weeks behind by the time the beta release was produced. A major redesign in the distribution installer seems to have resulted in the largest percentage of bugs blocking its release. The set-back marks the first time since 2005 in which there was only one major Fedora release during a calendar year instead of two. Currently, the distribution is scheduled for release on January 15th."

When the local movie theater in Oakhurst, California went out of business, residents were stuck without a way to watch films on the big screen without driving for at least an hour beforehand. Now, three men are trying to resurrect the theater with one major change: instead of relying solely on ticket sales, their business model revolves around subscriptions. From the article: 'They ran models of Nelson's subscription-based theater idea, showing that to break even they would need 3,000 people, or 15% of the mountain communities, to sign up. For $19.95 per month, a member would be able to see each movie one time and buy individual tickets for friends. Non-members could buy a $16 day pass. While researching the theater business, Nelson learned that studios are transitioning to digital distribution. Thousands of independent theaters that couldn't afford equipment upgrades have closed over the last 10 years, according to industry experts. Hundreds of others — which, like the Met, still show print films — remain on the brink. The subscription business model could pay for the new equipment.'

CowboyRobot writes "The 802.11ac standard is expected to be ratified in 2013 and NetworkComputing has an interview with representatives of Cisco Systems and Aerohive Networks about what that will mean for everyone else. 'Out of the gate, the increases in performance over 11n will not be tremendously impressive. The second wave--which will require a hardware refresh--gets far more interesting... First-generation 802.11ac products will achieve up to 1.3 Gbps through the use of three spatial streams, 80-MHz-wide channels (double the largest 40 MHz channel width with 802.11n), and use of better hardware components that allow higher levels of modulation and encoding (up to 256-QAM). Whether we will actually see 802.11ac products capable of 6.9 Gbps is dependent on hardware enhancements on both the access point and client that are not certain.'"

tearmeapart writes "The teams at FreeBSD have reached another great achievement with FreeBSD 9.1, with improvements to the already fantastic zfs features, more VM improvements (helping bringing FreeBSD to the next generation of VMs), and improvements in speed to many parts of the network system. Support FreeBSD via the FreeBSD mall or download/upgrade FreeBSD from a mirror. Unfortunately, the torrent server is still down due to the previous security incident." And new submitter northar writes "The other day the NetBSD project released their first update to the 6.x series, 6.0.1. They also (rather discreetly) announced a fund drive targeting 60.000 USD before the end of 2012 in the release notes. They better get going if their donation page is anything like recently updated."

The Enlightenment front page bears this small announcement: "E17 release HAS HAPPENED!" The release announcement is remarkably spartan — it's mostly a tribute to the dozens of contributors who have worked on the software itself and on translating it into many languages besides system-default English. On the other hand, if you've been waiting since December 2000 for E17 (also known as Enlightenment 0.17), you probably have some idea that Enlightenment is a window manager (or possibly a desktop environment: the developers try to defuse any dispute on that front, but suffice it to say that you can think of it either way), and that the coders are more interested in putting out the software that they consider sufficiently done than in incrementing release numbers. That means they've made some side trips along the way, Knuth-like, to do things like create an entire set of underlying portable libraries. The release candidate changelog of a few days ago gives an idea of the very latest changes, but this overview shows and tells what to expect in E17. If you're among those disappointed in the way some desktop environments have tended toward simplicity at the expense of flexibility, you can be sure that Enlightenment runs the other way: "We don't go quietly into the night and remove options when no one is looking. None of those new big version releases with fanfare and "Hey look! Now with half the options you used to have!". We sneak in when you least expect it and plant a whole forest of new option seeds, watching them spring to life. We nail new options to walls on a regular basis. We bake options-cakes and hand them out at parties. Options are good. Options are awesome. We have lots of them. Spend some quality time getting to know your new garden of options in E17. It may just finally give you the control you have been pining for."

skade88 writes "If you are like me, the proud owner of a Radeon card, and feeling left out of the Linux graphics driver revolution that swept Nvidia cards recently, then stay tuned — there might be hope for us seeing better graphics performance in the Linux 3.8 kernel."

sfcrazy writes with news that Linus pulled a patch by Ingo Molnar to remove support for the 386 from the kernel. From Ingo's commit log: "Unfortunately there's a nostalgic cost: your old original 386 DX33 system from early 1991 won't be able to boot modern Linux kernels anymore. Sniff." Linus adds: "I'm not sentimental. Good riddance."

The wait is over; diegocg writes "Linux kernel 3.7 has been released. This release adds support for the new ARM 64-bit architecture, ARM multiplatform — the ability to boot into different ARM systems using a single kernel; support for cryptographically signed kernel modules; Btrfs support for disabling copy-on-write on a per-file basis using chattr; faster Btrfs fsync(); a new experimental 'perf trace' tool modeled after strace; support for the TCP Fast Open feature in the server side; experimental SMBv2 protocol support; stable NFS 4.1 and parallel NFS; a vxlan tunneling protocol that allows to transfer Layer 2 ethernet packets over UDP; and support for the Intel SMAP security feature. Many small features and new drivers and fixes are also available. Here's the full list of changes."

Nerval's Lobster writes "Google Android's dominance of the smartphone space has been reinforced by a new IDC study that places its market-share at 68.3 percent, well ahead of iOS at 18.8 percent. But which version of Android is most preferred by users? A new set of graphs on the Android Developers Website offers the answer to that question: 'Gingerbread,' or Android versions 2.3 through 2.3.7, dominates with 50.8 percent of the Android pie. 'Ice Cream Sandwich,' or versions 4.0.3 through 4.0.4, is second with 27.5 percent, with the latest 'Jelly Bean' build at 6.7 percent. As demonstrated by that graph on the Android Developers Website, there are a lot of devices running a lot of different versions of Android out there in the ecosystem, all with different capabilities. In turn, that could make it difficult for Google to deliver 'the latest and greatest' to any customer that wants it, and potentially irritates those customers who buy a smartphone (particularly a high-end one) expecting regular upgrades." Here's how Slashdot readers using Android break down: 31.0% Jelly Bean, 31.5% Ice Cream Sandwich, 0.7% Honeycomb, 22.8% Gingerbread, 4.3% Froyo, 1.1% Eclair, 0.05% Donut, 0.02% Cupcake, 8.5% unknown. Looks like you folks are ahead of the curve. iOS breaks down like this: 67% iOS 6, 28.6% iOS 5, 3.2% iOS 4, 0.5% iOS 3, 0.7% unknown. (These numbers include more than just phones, of course.) Overall, our iOS traffic (8.74%) is higher than our Android traffic (6.75%). Windows Phone and BlackBerry both clock in at about 0.2%.

Hugh Pickens writes "In the old days, traditional computer security centered around users. However, Bruce Schneier writes that now some of us have pledged our allegiance to Google (using Gmail, Google Calendar, Google Docs, and Android phones) while others have pledged allegiance to Apple (using Macintosh laptops, iPhones, iPads; and letting iCloud automatically synchronize and back up everything) while others of us let Microsoft do it all. 'These vendors are becoming our feudal lords, and we are becoming their vassals. We might refuse to pledge allegiance to all of them — or to a particular one we don't like. Or we can spread our allegiance around. But either way, it's becoming increasingly difficult to not pledge allegiance to at least one of them.' Classical medieval feudalism depended on overlapping, complex, hierarchical relationships. Today we users must trust the security of these hardware manufacturers, software vendors, and cloud providers and we choose to do it because of the convenience, redundancy, automation, and shareability. 'In this new world of computing, we give up a certain amount of control, and in exchange we trust that our lords will both treat us well and protect us from harm (PDF). Not only will our software be continually updated with the newest and coolest functionality, but we trust it will happen without our being overtaxed by fees and required upgrades.' In this system, we have no control over the security provided by our feudal lords. Like everything else in security, it's a trade-off. We need to balance that trade-off. 'In Europe, it was the rise of the centralized state and the rule of law that undermined the ad hoc feudal system; it provided more security and stability for both lords and vassals. But these days, government has largely abdicated its role in cyberspace, and the result is a return to the feudal relationships of yore,' concludes Schneier, adding that perhaps it's time for government to create the regulatory environments that protect us vassals. 'Otherwise, we really are just serfs.'"

hypnosec writes "The Linux 3.7 kernel has been delayed by one week as Linus Torvalds has released the Linux 3.7-rc8 instead. Because of some hiccups following the 'resurrection of a kswapd issue,' Torvalds wasn't comfortable releasing version 3.7 this week and instead went ahead with another release candidate. Torvalds revealed in his release announcement that because of this delay, the merge window for Linux 3.8 will close just around Christmas time."

Hugh Pickens writes writes "The Washington Post reports that Apple has finally unveiled their new version of iTunes, overhauling its look and feel and integrating it more closely with the company's iCloud Internet- storage service with one of the biggest upgrades Apple has made to the program with 400 million potential users since its debut more than a decade ago. The new design of iTunes moves away from the spreadsheet format that Apple has featured since its debut and adds more art and information about musicians, movies and television shows. It also adds recommendation features so users can find new material. According to David Pogue of the NY Times Apple has fixed some of the dumber design elements that have always plagued iTunes. 'For years, the store was represented only as one item in the left-side list, lost among less important entries like Radio and Podcasts. Now a single button in the upper-right corner switches between iTunes's two personalities: Store (meaning Apple's stuff) and Library (meaning your stuff).' Unfortunately, Apple hasn't fixed the Search box. As before, you can't specify in advance what you're looking for: an app, a song, a TV show, a book. Whatever you type into the Search box finds everything that matches, and you can't filter it until after you search. It feels like a two-step process when one should do. 'Improvements in visual navigation and a more logical arrangement of tools are good, but for me the biggest positive within iTunes 11 remains its vastly improved performance on all three Macs I've tested it on, including a relatively ancient five-year-old MacBook,' writes Jonny Evans."

jfruh writes "Automakers are striving mightily to bring their in-dash systems into the modern age, providing integration with smartphones and other advanced features. The problem: while smartphones go in and out of vogue every few years, modern cars have lifespans of a decade or more. Add in the fact that many (though not all) manufacturers have no plans to allow software upgrades to their systems, and you might end up driving a car with a fancy in-dash computer system that's completely useless for much of the time you own it."

MrSeb writes "Way back in August, three months before the release of Windows 8, we learned about the existence of a project at Microsoft codenamed Blue. At the time it wasn't clear whether this was Windows 9, or some kind of interim update/service pack for Windows 8. Now, if unnamed sources are to be believed, Windows Blue is both of those things: a major update to Windows 8, and also the beginning of a major shift that will result in a major release of Windows every 12 months — just like Apple's OS X. According to these insiders, Blue will roll out mid-2013, and will be very cheap — or possibly even free, to ensure that 'Windows Blue [is] the next OS that everyone installs.' Exact details are still rather vague, but at the very least Blue will make 'UI changes' to Windows 8. The sources also indicate that the Windows 8 and Windows Phone 8 SDKs will be merged or standardized, to further simplify the development of cross-platform apps. Perhaps more important, though, is the shift to a 12-month release cadence. Historically, Microsoft has released a major version of Windows every few years, with the intervening periods populated with stability- and security-oriented service packs. Now it seems that Microsoft wants to move to an OS X-like system, where new and exciting features will be added on an annual basis. In turn, Microsoft will drop the price of these releases — probably to around $25, just like OS X."

New submitter medge_42 sends words that Linux Mint 14 has been released. Check out their list of features and release notes to see what's new. One version uses MATE 1.4, which includes some long-needed bug fixes as well as functional bluetooth and mate-keyring, its own character map, fast alt-tabbing, and improvements to Caja. The other version uses Cinnamon 1.6, which contains a huge number of fixes and new features including its own file browser, persistent workspaces and a window quicklist to go with them, a notifications applet, an improved sound applet, and alt-tab graphical improvements. MDM now supports legacy GDM 2 themes and userlists, and has improved user switching. Gedit 2.30 has replaced Gedit 3, and MintStick replaces USB-ImageWriter.

MrSeb writes "Alternative memory standards have been kicking around for decades as researchers have struggled to find the hypothetical holy grail — a non-volatile, low-latency, low-cost product that could scale from hard drives to conventional RAM. NAND flash has become the high-speed, non-volatile darling of the storage industry, but if you follow the evolution of the standard, you'll know that NAND is far from perfect. The total number of read/write cycles and data duration if the drive isn't kept powered are both significant problems as process shrinks continue scaling downward. Thus far, this holy grail remains elusive, but a practical MRAM (Magnetoresistive Random Access Memory) solution took a step towards fruition this week. Everspin has announced that it's shipping the first 64Mb ST-MRAM in a DDR3-compatible module. These modules transfer data at DDR3-1600 clock rates, but access latencies are much lower than flash RAM, promising an overall 500x performance increase over conventional NAND."

Emscripten is an LLVM-based compiler from dozens of languages to JavaScript (previously demoed as a repl and used to port Doom to the browser), and some recent changes have made it a bit faster, and allowed it to compile itself. Some highlights include a redundant variable eliminator, parallelization of the optimizier and compiler, and a new relooper. From the developer's weblog: "With all of the emscripten optimization passes now in JavaScript, I then worked on parallelizing that. ... The speedup can be close to linear in the number of cores. ... For the LLVM to JS compiler, I made the emscripten compiler parallel as well: It splits up the LLVM IR into 3 main parts: type data, function data, and globals. The function data part is unsurprisingly by far the largest in all cases I checked (95% or so), and it can in principle be parallelized - so I did that. Like in the optimizer, we use a Python process pool which feeds chunks of function data to multiple JavaScript compiler instances. There is some overhead due to chunking, and the type data and globals phases are not parallelized, but overall this can be a close to linear speedup. ... [On the new relooper] Note that this update makes Emscripten a 'self-hosting compiler' in a sense: one of the major optimization passes must be compiled to JS from C++, using Emscripten itself. Since this is an optimization pass, there is no chicken-and-egg problem: We bootstrap the relooper by first compiling it without optimizations, which works because we don't need to reloop there. We then use that unoptimized build of the relooper (which reloops properly, but slowly since it itself is unoptimized) in Emscripten to compile the relooper once more, generating the final fully-optimized version of the relooper, or 'relooped relooper' if you will."