Language Selection

English French German Italian Portuguese Spanish

OSS

France’s citizens vote in favour of open source

Filed under
OSS

France’s citizens are in favour of their public administrations’ use of free and open source software. France should also implement this type of software in education, according to the results of a public consultation on France’s Digital Republic bill (La République numérique). After twenty days of public debate and voting on proposals, the consultation ended on Sunday. La République numérique - the Digital Republic - drew 147,710 votes, received 8501 proposals and attracted 21,330 participants.

Read more

AllSeen Alliance Adds Security Updates to Open Source IoT Platform

Filed under
OSS
Security

The AllSeen Alliance claims to have made open source Internet of Things (IoT) development more secure with the latest update to its AllJoyn IoT framework, Security 2.0. The new feature brings authentication, device authorization and encryption enhancements to the platform.

Read more

An OpenBSD History Lesson to Mark the Open Source OS's 20th Birthday

Filed under
OSS
BSD

OpenBSD, the open source Unix-like operating system that today mostly lives in Linux's shadow, turns 20 this month. To mark the occasion, here's some historical background on one of the only major "open source" operating systems to have survived without embracing the GNU GPL license.

Read more

ownCloud Server 8.2 is here

Filed under
OSS

And on time following the new three month release cycle! The previous release, ownCloud Server 8.1, was all about stability, performance and security. Now, more work has been put in the user experience. That shows in the new sidebar, the new gallery app and refreshed style but for system admins, there's a large number of new control points as well.

Read more

Apache HTTP Server Adds HTTP/2 Support for Speed and Security

Filed under
OSS
Web

Apache HTTP Server, the open source web server that controls around half of the market, has become the latest platform to support HTTP/2, a major security- and efficiency-focused revision of the protocol computers use to download information from the web.

Read more

OpenStack and Servers

Filed under
Server
OSS

FOSS/Linux Events

Filed under
Linux
OSS
  • Tizen Developer Summit 2015 Bengaluru – Inaugural Keynote
  • Linaro Connect US '15

    One of the items that came out of Linux plumbers for me was discussion on the future of the Ion memory manager for Android. While not as relevant to my day to day work anymore, I still have a lot of background knowledge and input to give. Linaro Connect happened a little over a month after plumbers and I was up there for the week, mostly for Ion and other ARM talks. (Non-technically, being at Linaro Connect also meant I could avoid the chaos in my apartment from an impending move. Yay for convenient excuses!)

  • LinuxCon Europe 2015 in Dublin

    The second day was opened by Leigh Honeywell and she was talking about how to secure an Open Future. An interesting case study, she said, was Heartbleed. Researchers found that vulnerability and went through the appropriate vulnerability disclosure channels, but the information leaked although there was an embargo in place. In fact, the bug proofed to be exploited for a couple of months already. Microsoft, her former employer, had about ten years of a head start in developing a secure development life-cycle. The trick is, she said, to have plans in place in case of security vulnerabilities. You throw half of your plan away, anyway, but it’s good to have that practice of knowing who to talk to and all. She gave a few recommendations of which she thinks will enable us to write secure code. Coders should review, learn, and speak up if they feel uncomfortable with a piece of code. Managers could take up on what she called “smells” when people tend to be fearful about their code. Of course, MicroSoft’s SDL also contains many good practices. Her minimal set of practices is to have a self-assessment in place to determine if something needs security review, have an up-front threat modelling that is kept up to date as things evolve, have a security checklist like Mozilla’s or OWASP’s, and have security analysis built into CI process.

  • Second Round of systemd.conf 2015 Sponsors

Ultimaker Releases Open Source Files for Ultimaker 2 Go and Extended

Filed under
OSS

For Dutch 3D printer manufacturer Ultimaker, being open sourced has been part of who the company was since the very beginning, and their early success can easily be traced directly back to their loyal community of users. Their first 3D printer, the Ultimaker Original, was already a great 3D printer and remains (despite being four years old) one of the most reliable 3D printers available today. And from the very beginning Ultimaker has encouraged their community to help them make the Original better, and they certainly have. In fact, many of the improvements created by the community for their personal Originals were implemented into their next 3D printer, the Ultimaker 2 and the resulting Ultimaker 2 family of 3D printers.

Read more

ONOS, ODL closer to cooperating on open source controller

Filed under
Linux
OSS

Two open source groups building separate software-defined networking (SDN) controllers are now part of the Linux Foundation, increasing the likelihood of cross-project collaboration.

This week, the Open Networking Lab (ON.Lab) placed its Open Networking Operating System (ONOS) project under the foundation. ONOS developers are building a carrier-grade SDN open source controller.

Read more

Imply launches with $2M to commercialize the Druid open-source data store

Filed under
OSS

Some of the first few people to work on the Druid open-source data store are today launching a new startup, Imply, with $2 million in seed funding from Khosla Ventures.

Think of this as the next big-data startup to spin out, in the vein of Hadoop-oriented Hortonworks (former Yahoo), Kafka startup Confluent (former LinkedIn), and Drill startup Dremio (former MapR). In this case, Imply is spinning out of advertising analytics startup Metamarkets.

Read more

Syndicate content

More in Tux Machines

Red Hat General and Financial News

today's howtos

Tizen in Bolivia and India

Security Leftovers

  • Security updates for Wednesday
  • Microsoft says its best not to fiddle with its Windows 10 group policies (that don't work)

    On Monday, we revealed that a security researcher had used a packet sniffer to show that many settings designed to prevent access to the internet were being ignored with connections to a range of third party servers including advertising hubs.

  • What's got a vast attack surface and runs on Linux? Windows Defender, of course
    Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too. Ormandy's project is to port Windows DLLs to Linux for his vuln tests (“So that's how he works so fast!” Penguinistas around the world are saying). Typically self-effacing, Ormandy made this simple announcement on Twitter (to a reception mixing admiration, humour, and horror):
  • Hacked in Translation – from Subtitles to Complete Takeover
    Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.
  • A Samba remote code execution vulnerability
    Distributors are already shipping the fix; there's also a workaround in the advisory for those who cannot update immediately.