The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.
I think computers like Chromebooks are the way of the future, but not because of their operating system - because of their hardware. Relatively low cost laptops with SSDs for storage and an insane battery life are everything I want in a computer.
Magiea has been one of my favorite projects and distributions since its inception, but Jesse Smith said today that the spell is broken for him. Smith had issues with his network connection upon first boot, but continued to have installation and updating of software issues. He complained of poor performance, missing packages, and a seriously annoying task switcher too. All in all, he wasn't pleased. He concluded (in part):
The module is available in an industrial temperature version. It ships with a Yocto Project-certified Linux Linux 3.12 or 3.2 BSP that offers a choice of several distributions, including Arago and Ubuntu. Board support packages are also available for Android 4.x and WEC7.
Friday evening can be a very busy time in Citibank’s Changi Business Park office in Singapore. Hundreds of mission-critical applications hit the production servers, security patches are applied, hundreds of professionals including developers, systems engineers, Linux gurus, and management professionals spend the whole night on the conference calls ensuring the smooth functioning of servers at this financial giant. The applications that get life over the weekend have monetary value and therefore require robust servers to host them. These servers need to maximize the utilization of the applications and should have the stability to run for a longer period of time without a reboot. These servers should also have the capability to be scaled up as the infrastructure grows. The bottom line: these enterprise level boxes need to be tough.
It would be heartening to see James Whitehurst, the head of Red Hat Linux, the biggest commercial Linux outfit, and one that has seen billing go above the billion-dollar mark, deliver a speech at some official forum that underlined the fact that his company's product - and that of other commercial Linux companies - provides a guarantee against the insertion of backdoors.
On a related note, the LLVM Linux project is also seeking GSoC attention. Developers are still hard at work on making the upstream Linux kernel compatible with building under LLVM/Clang rather than just GCC. Much progress has been made in being able to build the Linux kernel with Clang but there's still outstanding patches, etc.
Other changes for today's NVIDIA 334.21 Linux driver update include a NVIDIA kernel module security fix for a userspace pointer dereference, OpenGL bug-fixes, support for GPUs with VDPAU feature set E, improved application profile support, improved performance of OpenGL applications when used in conjunction with the X driver's composition pipeline, NVIDIA Settings control panel updates, and other fixes.