Language Selection

English French German Italian Portuguese Spanish

Debian: New Debian Developers and Maintainers, DebConf19 and More

Filed under
Debian
  • New Debian Developers and Maintainers (November and December 2018)

    The following contributors got their Debian Developer accounts in the last two months:

    Abhijith PA (abhijith)
    Philippe Thierry (philou)
    Kai-Chung Yan (seamlik)
    Simon Qhuigley (tsimonq2)
    Daniele Tricoli (eriol)
    Molly de Blanc (mollydb)
    The following contributors were added as Debian Maintainers in the last two months:

    Nicolas Mora
    Wolfgang Silbermayr
    Marcos Fouces
    kpcyrd
    Scott Martin Leggett

  • DebConf19 is looking for sponsors!

    DebConf19 will be held in Curitiba, Brazil from July 21th to 28th, 2019. It will be preceded by DebCamp, July 14th to 19th, and Open Day on the 20th.

    DebConf, Debian's annual developers conference, is an amazing event where Debian contributors from all around the world gather to present, discuss and work in teams around the Debian operating system. It is a great opportunity to get to know people responsible for the success of the project and to witness a respectful and functional distributed community in action.

    The DebConf team aims to organize the Debian Conference as a self-sustaining event, despite its size and complexity. The financial contributions and support by individuals, companies and organizations are pivotal to our success.

  • Nonce sense paper online

    When you create a cryptographic signatures using ECDSA (the elliptic curve digital signature algorithm), you need to come up with the nonce, a 256 bit random number. It is really important to use a different nonce every time, otherwise it is easy for someone else to take your signatures (which might be stored for everyone to read on the Bitcoin blockchain) and calculate your private key using relatively simple math, and with your private key they can spend all your Bitcoins. In fact, there is evidence that people out there continuously monitor the blockchains for signatures with such repeated nonces and immediately extract the money from compromised keys.

    Less well known, but still nothing new to the crypto (as in cryptopgraphy) community is the that an attacker can calculate the key from signature that use different, but similar nonces: For example if they are close by each other (only the low bits differ), or if they differ by exactly a large power of two (only the high bits differ). This uses a fancy and powerful technique based on lattices. Our main contribution here is to bridge crypto (as in cryptopgraphy) and crypto (as in cryptocurrency) and see if such vulnerabilities actually exist out there.

    And indeed, there are some. Not many (which is good), but they do exist, and clearly due to more than one source. Unfortunately, it is really hard to find out who made these signatures, and with which code, so we can only guess about the causes of these bugs. A large number of affected signatures are related to multisig transactions, so we believe that maybe hardware tokens could be the cause here.

  • Jonathan Dowland: Amiga floppy recovery project, part 3: preliminaries

    The first step for my Amiga project was to recover the hardware from my loft and check it all worked.

    When we originally bought the A500 (in, I think, 1991) we bought a RAM expansion at the same time. The base model had a whole 512KiB of RAM, but it was common for people to buy a RAM expander that doubled the amount of memory to a whopping 1 MiB. The official RAM expander was the Amiga 501, which fit into a slot on the underside of the Amiga, behind a trapdoor.

    The 501 also featured a real-time clock (RTC), which was powered by a backup NiCad battery soldered onto the circuit board. These batteries are notorious for leaking over a long enough time-frame, and our Amiga had been in a loft for at least 20 years. I had heard about this problem when I first dug the machine back out in 2015, and had a vague memory that I checked the board at the time and could find no sign of leakage, but reading around the subject more recently made me nervous, so I double-checked.

  • Debian Bug Squash Party Tokyo 2019-01
  • Mario Lang: Please delete me from Planet

    Wow. Hi Debian. Apparently, you've changed even more in a direction I personally never really liked. As a member of a minority group, I feel the need to explain that I highly dislike the way you are currently handling minority groups. And no, I dont feel you are ignoring them. You are giving a select view far too much attention for a technically focused project.

More in Tux Machines

today's howtos

Audiocasts: Linux in the Ham Shack (LHS), Linux Action News, Open Source Security Podcast and Let’s Encrypt

  • LHS Episode #266: #$%&! Net Neutrality
    Welcome to the first episode of Linux in the Ham Shack for 2019. In this episode, the hosts discuss topics including the 2018 RTTY Roundup using FT-8, Cubesats and wideband receivers in space, the ORI at Hamcation, Wekcan, Raspberry Pi-based VPN servers, the LHS Linux distributions, CW trainers and much more.
  • LHS Episode #267: The Weekender XXII
    Welcome to the 22nd edition of the LHS Weekender. In this episode, the hosts discuss upcoming amateur radio contests and special event stations, Open Source events in the next fortnight, Linux distributions of interest, news about science, technology and related endeavors as well is dive into food, drink and other hedonistic topics.
  • Linux Action News 89
    Another troubling week for MongoDB, ZFS On Linux lands a kernel workaround, and 600 days of postmarketOS. Plus our thoughts on the new Project Trident release, and Mozilla ending the Test Pilot program.
  • Open Source Security Podcast: Episode 130 - Chat with Snyk co-founder Danny Grander
  • The ACME Era | TechSNAP 395
    We welcome Jim to the show, and he and Wes dive deep into all things Let’s Encrypt.

Review: Sculpt OS 18.09

The Sculpt OS website suggests that the operating system is ready for day to day use, at least in some environments: "Sculpt is used as day-to-day OS by the Genode developers." Though this makes me wonder in what capacity the operating system runs on the machines of those developers. When I tried out the Haiku beta last year, the operating system had some limitations, but I could see how it could be useful to some people in environments with compatible hardware. In theory, I could browse the web, perform some basic tasks and develop software on Haiku. With Sculpt though, I was unable to get the operating system to do anything, from a user's point of view. The small OS could download packages and load some of them into memory, and it could display a graph of related components. Sculpt could connect to my network and mount additional storage. All of this is good and a fine demo of the Genode design. However, I (as a user) was unable to interact with any applications, find a command line, or browse the file system. All of this put a severe damper on my ability to use Sculpt to do anything useful. Genode, and by extension Sculpt OS, has some interesting design goals when it comes to security and minimalism. However, I don't think Sculpt is practical for any end-user tasks at this time. Read more

This Week in Linux, Chrome OS, and Death of Windows 10 Mobile

  • Episode 51 | This Week in Linux
    On this episode of This Week in Linux, we got some new announcements from Inkscape, Purism, Solus, Mozilla, and Steam. We’ll also check out some new Distro releases from Netrunner, Deeping, Android X86 and more. Then we’ll look at some new hardware offerings from Purism and Entroware. Later in the show will talk about some drama happening with a project’s licensing issues and then we’ll round out the episode with some Linux Gaming news including some sales from Humble Bundle. All that and much more!
  • Chrome OS 73 Dev Channel adds Google Drive, Play Files mount in Linux, USB device management and Crostini backup flag
    On Tuesday, Google released the first iteration of Chrome OS 73 for the Dev Channel and there are quite a few new items related to Project Crostini, for Linux app support. Some things in the lengthy changelog only set up new features coming soon while others add new functionality. Here’s a rundown on some of the Crostini additions to Chrome OS 73.
  • Tens to be disappointed as Windows 10 Mobile death date set: Doomed phone OS won't see 2020
    Microsoft has formally set the end date for support of its all-but-forgotten Windows 10 Mobile platform. The Redmond code factory said today that, come December 10, it's curtains for the ill-fated smartphone venture. The retirement will end a four-year run for a Microsoft phone effort that never really got off the ground and helped destroy Nokia in the process. "The end of support date applies to all Windows 10 Mobile products, including Windows 10 Mobile and Windows 10 Mobile Enterprise," Microsoft declared.