Language Selection

English French German Italian Portuguese Spanish

OpenSSL loses FIPS certification

Filed under
Software

The National Institute of Standards and Technology has revoked certification of the open-source encryption tool OpenSSL under the Federal Information Processing Standard.

OpenSSL in January became one of the first open-source software products to be validated under NIST’s Computer Module Validation Program for FIPS-140-2. The certificate apparently was suspended in June when questions were raised about the validated module’s interaction with outside software elements.

The revocation caught the Open Source Software Institute, which shepherded the module through the validation process, by surprise.

“I am discouraged with what appears to be another change after certification has been awarded,” said executive director John Weathersby. “It is disheartening after three-and-a-half years of work to have the certification pulled twice for reasons not clear to us.”

Full Story.

More in Tux Machines

Top 4 CDN services for hosting open source libraries

A CDN, or content delivery network, is a network of strategically placed servers located around the world used for the purpose of delivering files faster to users. A traditional CDN will allow you to accelerate your website's images, CSS files, JS files, and any other piece of static content. This allows website owners to accelerate all of their own content as well as provide them with additional features and configuration options. These premium services typically require payment based on the amount of bandwidth a project uses. Read more

Bash Bunny: Big hacks come in tiny packages

Bash Bunny is a Debian Linux computer with a USB interface designed specifically to execute payloads when plugged into a target computer. It can be used against Windows, MacOS, Linux, Unix, and Android computing devices. It features a multicolor RGB LED that indicates various statuses and a three-position selector switch: Two of the positions are used to launch payloads, while the third makes Bash Bunny appear to be a regular USB storage device for copying and modifying files. Read more

openSUSE Leap's New Versioning Scheme Finally Syncs with SUSE Linux Enterprise

openSUSE Board Chairman Richard Brown informed the community about a major version number change for upcoming releases of the openSUSE Leap operating system. As some of you might know already, openSUSE Leap 42.2 is the current stable release of the GNU/Linux distribution based on the sources of the commercial SUSE Linux Enterprise (SLE) operating system designed for enterprises, and the next scheduled release is openSUSE Leap 42.3, which is currently in development. Read more

Leftovers: OSS

  • Top 4 CDN services for hosting open source libraries
    A CDN, or content delivery network, is a network of strategically placed servers located around the world used for the purpose of delivering files faster to users. A traditional CDN will allow you to accelerate your website's images, CSS files, JS files, and any other piece of static content. This allows website owners to accelerate all of their own content as well as provide them with additional features and configuration options. These premium services typically require payment based on the amount of bandwidth a project uses. However, if your project doesn't justify the cost of implementing a traditional CDN, the use of an open source CDN may be more suitable. Typically, these types of CDNs allow you to link to popular web-based libraries (CSS/JS frameworks, for example), which are then delivered to your web visitors from the free CDN's servers. Although CDN services for open source libraries do not allow you to upload your own content to their servers, they can help you accelerate libraries globally and improve your website's redundancy.
  • Users stand up, speak out, and deliver data on OpenStack growth
    Last week, the OpenStack Foundation announced the results of its ninth user survey. OpenStack users responded in record-breaking numbers to participate, and their voices as revealed in the data tell the real story of OpenStack. The OpenStack community is growing, thriving with new users, deployments, code contributions, and collaborations, all on the rise. User diversity is expanding across geographies and organizational sizes. And OpenStack's ability to integrate with innovative technologies is paving the way for advancements not even dreamed of just five years ago.
  • How to get started learning to program