Language Selection

English French German Italian Portuguese Spanish

Open source: why is it such a big deal?

Filed under
OSS

What is open source software (OSS)? OSS is any program, application, operating system that is released along with its source code so that you, the user, can change it at will. Or at least have the option to utilise the services of a vendor of your choice. The fact that any other type of software exists is itself strange: would you buy a car that is completely sealed off from repair? No access to the engine, the tail-lights, or the windshield wiper? Even the tyres? One and only one company — the manufacturer of the car — will be able to fix even the smallest problem. Would you buy such a vehicle? Forget buying, given the current competition in vehicles, such a product would not last in the market for even a week.

The fact that people are selling you software that you cannot take to another person to fix, re-package, assist in providing even basic upgrades is in itself wrong and the discussion should end right here, IMHO. But that is a whole different topic and best left to camp-fire discussions; we have neither the will nor the wherewithal to turn an entire industry on its head.

Read more

More in Tux Machines

Ubuntu, Debian, RHEL, and CentOS Linux Now Patched Against "Foreshadow" Attacks

Both Canonical and Red Hat emailed us with regards to the L1 Terminal Fault security vulnerability, which are documented as CVE-2018-3620 for operating systems and System Management Mode (SMM), CVE-2018-3646 for impacts to virtualization, as well as CVE-2018-3615 for Intel Software Guard Extensions (Intel SGX). They affect all Linux-based operating system and machines with Intel CPUs. "It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS)," reads the Ubuntu security advisory. Read more

Hands-on with Linux Mint Debian Edition 3 Beta

I have been out of touch for the past six months, because I accepted a teaching position in Amsterdam. The amount of time that required, and the weekly commute from Switzerland (yes, really, weekly), was vastly more than I expected, and left me no time to do justice to my blog. But now I am back again, and determined to manage my time more effectively and keep up with blogging. Although I haven't been writing, I certainly have been keeping up with news and developments in the Linux world. What really inspired me to get busy and write again was the announcement of LMDE 3 (Cindy) Beta. Hooray! How long have we been waiting for this? It feels like years. Oh, that's because it has been years. Read more

Security Leftovers

  • Theo on the latest Intel issues

    Theo de Raadt (deraadt@) posted to the tech@ mailing list with some background on how the latest discovered Intel CPU issues relate to OpenBSD.

    [...]

    These 3 issues (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646) together are the currently public artifacts of this one bug.

  • Putting Stickers On Your Laptop Is Probably a Bad Security Idea

    Mitchell said political stickers, for instance, can land you in secondary search or result in being detained while crossing a border. In one case, Mitchell said a hacker friend ended up missing a flight over stickers.

  • Video Shows Hotel Security at DEF CON Joking About Posting Photos of Guests' Belongings to Snapchat

    But the room check captured on video suggests the walkthroughs are subject to abuse by hotel personnel who may use them as opportunity to snoop on guests or take and post images for amusement. And accounts of other searches that involved hotel security staff refusing to show ID or showing insufficient ID, and displaying bullying and threatening behavior to guests in occupied rooms, raises questions about the legality of the searches and the tactics and training of security personnel.

  • Researchers in Finland detect vulnerability in password management software
    Researchers identified a security gap in more than 10 applications used by millions around the world, including an app used by Finland's population registry.
  • Trump ends Obama-era rules on US-led cyberattacks: report
     

    The memorandum required that an extensive interagency process take place before the U.S. government embarks on any cyberattacks. Trump reversed the rules to try and ease some of those restrictions, which critics argued were detrimental to launching the attacks quickly, according to the Journal.

Android Leftovers