We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
darthcamaro (735685) writes "Ubuntu Linux isn't just for desktops, servers and the cloud anymore, Mark Shuttleworth wants Ubuntu to be the operating system of choice for the Internet of Things too. The new Snappy Ubuntu Core is being targeted at device developers and its the basis for an entire new division of Canonical Inc. The promise of Snappy Ubuntu Core is also one of security, protecting the devices of the world, by keeping them updated.
With Snappy there is also a division of responsibilities for updating that can also help protect IoT devices and users.
"So we could deliver an update for a Heartbleed or Shellshock vulnerability, completely independently of the lawnmower control app that would come from the lawnmower company," Shuttleworth said.
darthcamaro (735685) writes "2014 was seen by some as a tough year for open-source, given the Heartbleed and Shellshock vulnerabilities that impacted millions of users and systems. Mark Shuttleworth, founder of Ubuntu Linux (and former space tourist) has a different view. 2014 was a great year for him, as he marked the 10th anniversary of Ubuntu — and in terms of security he knows exactly why the open-source model is superior.
"The great thing about open source is that it's so dynamic and has so much innovation, that we have much more diversity in our ecosystem than there has ever been in the proprietary ecosystem," Shuttleworth said. "You'll never stop security issues from occurring in either open source or proprietary software but you deal with issues faster in open source."
darthcamaro (735685) writes "There have been lots of stories here on/. in recent years about vulnerable WordPress plugins that aren't patched by users, resulting in those sites being exploited by attackers. While WordPress has provided a fully automated way to keep the core WordPress application updated for security fixes, plugins have been a gap. With the new Jetpack update from WordPress.com, a site administrator can now choose a setting that will enable automatic updates of plugins.
Is this the feature that could make massive WordPress exploits extinct in the future?" Link to Original Source top
Linux Hit by Privilege Escalation Flaw; The Grinch is Not to Blame
darthcamaro (735685) writes "Some media outlets in the past 24 hours have been reporting on a new alleged flaw in Linux that has been branded as the Grinch. The only problem with the flaw, is that it's not actually a flaw at all, it's a pre-defined feature in PolicyKit.
Basically, this bug report on Grinch was a bit more sensational than it needed to be," Josh Bressers, lead of the Red Hat Product Security Team said.
Ironically though, the same day that the Grinch was disclosed, a bona fide real Linux kernel privilege escalation vulnerability identified as CVE-2014-9322 was disclosed and patched." Link to Original Source
darthcamaro (735685) writes "The world's most popular open-source Intrusion Prevention System (IPS) has long been Snort, but it has been a while since there has been a major upgrade. Back in 2009 an effort started to build a Snort 3.0 but it got shelved. This week, Cisco announced that Snort 3.0 is now in development and it will bring a new policy language engine and a new command line shell.
"The user-friendliness features, for example, might enable users to build a programmatic interface for Snort, so when you run it, it can ask the user what class of attacks to look for," Marty Roesch, Snort founder said
darthcamaro (735685) writes "Red Hat Enterprise Linux 7.1 is now out as a public beta and it has a long list of new features including improved Ceph storage support and windows Common Internet File System (CIFS) integration. Security is a big item in the new release with a number of new capabilities including support for FreeOTP for two-factor authentication, a new Certificate Authority managements system and an guide for the Security Content Automation Protocol (SCAP)" Link to Original Source top
Cisco, Akamai, EFF and Mozilla Partner for New Free Let's Encrypt SSL Service
darthcamaro (735685) writes "We all know we should deploy SSL/TLS on our servers but it's not always easier (or cheap) to do properly. That's the reason why the Electronic Frontier Foundation (EFF), Cisco, Akamai and Mozilla have come together for the 'Let's Encrypt' initiative which will provide free certificates backed by a free certificate authority
Peter Eckersley, technology projects director at the EFF said:
"To Websites that have been struggling with HTTPS, and Internet users who are frustrated by a lack of privacy and security, we have a simple message: Help is on the way."
darthcamaro (735685) writes "Usually, proprietary closed software is thought off as being the enemy of open source, but that's not necessarily the case. At the OpenStack Summit in Paris, Mark Collier, the Chief Operating Officer of the OpenStack Foundation spent the first half of his keynote bashing Amazon for being a monolith. But he was quick to note at the midway point that Amazon isn't the enemy. In his view, open source doesn't have any enemies.
"Open source is not about enemies; it's about using technology in the way that you want," Collier said.
What do you think?
darthcamaro (735685) writes "A year ago, there were only 22 Top Level Domain Names, with.com and.net being the most commonly deployed. Now there are hundreds of new names and according to VeriSign (the people that manage.com and.net), it's leading to confusion.
Are you confused by new.xyz /.guru.anything domains?" Link to Original Source top
The Carder Who Loved Me (aka how to entrap a Credit Card Criminal)
darthcamaro (735685) writes "Credit card theft is the bane of the modern world and credit card thieves — known as Carders — are growing in number. Big retail breaches are giving these carders lots of numbers to play with, but thankfully law enforcement is up to the task of tracking down the carders. In a session at the SecTor security conference in Toronto, Grayson Lenik, recounted a story of how a good looking undercover female agent convinced a card to come to Las Vegas to marry her. It didn't end well for the carder — or his friends." Link to Original Source top
darthcamaro (735685) writes "The OpenStack Juno release is now generally available. This the 10th major release for the open-source cloud platform and introduces the Sahara Data Processing Service as the major new project. That's not the only new feature in Juno though, with 310 new features in total. The new features include cloud storage policy, improved IPv6 support, a rescue mode and improved multi-cloud federation capabilities." Link to Original Source top
Red Hat Enterprise Linux 6.6's Big New Feature is Red Hat Enterprise Linux 7
darthcamaro (735685) writes "Red Hat is out today with Red Hat Enterprise Linux 6.6 (RHEL), providing its users with a long list of incremental updates. While many of those updates are new to RHEL 6, they are not new to RHEL 7, the newer version of Red Hat's flagship enterprise Linux product. High-availability, security and peformance features from RHEL 7 now land in RHEL 6.6. Going a step further, Red Hat is now providing a RHEL 6 Docker Image, so RHEL 7 users can run RHEL 6 applications on RHEL 7 without any changes.
As to why RHEL 6 applications cannot just simply run natively on RHEL 7, Bhavna Sarathy, technology product manager in the Platform Business Unit at Red Hat explained explained that applications that were built and certified to run on Red Hat Enterprise Linux 6 have to be rebuilt and re-certified to run on Red Hat Enterprise Linux 7, as the software stack between the two major releases is vastly different.
darthcamaro (735685) writes "Amazon, Rackspace and IBM have all patched their public clouds over the last several days due to a vulnerability in the Xen hypervisor. According to a new report, the Xen project was first advised of the issue two weeks ago, but instead of the knee jerk type reactions we've seen with Heartbleed and now Shellshock, the Xen project privately fixed the bug and waited until all the major Xen deployment were patched before any details were released. Isn't this the way that all open-source projects should fix security issues?" Link to Original Source top
darthcamaro (735685) writes "Marten Mickos is not yet officially part of HP and it's OpenStack cloud (yet) but he will be soon. On Sept 11 Mickos' company Eucalyptus announced that it was being acquired by HP, though the deal has not yet officially closed. That's not stopping Mickos from making bold predictions about OpenStack — an effort that he has been a competitor against for most of the last four years. Speaking at the OpenStack Silicon Valley event Mickos laid out his plan
"For the last one and a half decades, I have been trying to reach full victory for open source," Mickos said.
darthcamaro (735685) writes "Docker has become the new hotness in virtualization technology — but it is still a project that is led by the backing of a single vendor — Docker Inc. Is that a problem? Should there be an open-source Foundation to manage the governance and operation of the Docker project? In a video interview — Docker founder and Benevolent Dictator for Life Solomon Hykes says — No." Link to Original Source top
Millions of IPv4 Addresses Reclaimed - IPv4 is not dead ! (yet).
darthcamaro (735685) writes "Back in 2011, IANA said it had allocated its last/8 block of freely available IPv4 address space. As it turns out, here we are in 2014 and IANA has now reclaimed several million IPv4 addresses that it is now giving to regional internet registries. While that means that unallocated IPv4 space is still available, don't get your hopes up that it's limitless, ARIN only has just over one million IPv4 addresses left for the Americas." Link to Original Source top
darthcamaro (735685) writes "Forget about HTML5, that's already passe — Google is already moving on to HTML5.1 support for the upcoming Chrome 38 release. Currently only a beta, one of the biggest things that web developers will notice is the use of the new "picture" tag which is a container for multiple image sizes/formats. Bottom line is it's a new way to think about the "IMG" tag that has existed since the first HTML spec." Link to Original Source top
Brian Stevens Resigns as Red Hat CTO to pursue New Opportunity
darthcamaro (735685) writes "Since November of 2001, Brian Stevens has been the CTO of Red Hat but as of August 28 that's no longer the case. Under Stevens' tenure, Red Hat transformed its business, adding Red Hat Enterprise Linux, acquiring JBoss, Qumranet, Gluster and Ceph as well as joining (and now leading) the OpenStack Foundation. So why did he leave? No official word, but apparently it is to purse a new opportunity that Stevens just could not pass up." Link to Original Source top
IBM Gearing up Mega Power 8 Servers for October Launch
darthcamaro (735685) writes "Now that IBM has sold off its x86 server business to Lenovo, it's full steam ahead for IBM's Power business. While Intel is ramping up its next generation of server silicon for a September launch, IBM has its next lineup of Power 8 servers set to be announced in October.
There is a larger than 4U, 2 socket system coming out," Doug Balong,General Manager of Power Systems within IBM's System and Technology Group said.
darthcamaro (735685) writes "Linux is everywhere or is it? At the LinuxCon conference in Chicago today Linus Torvalds was asked where Linux should go next. Torvalds didn't hesitate with his reply.
"I still want the desktop," Torvalds said as the audience erupted into boisterous applause.
Torvalds doesn't see the desktop as being a kernel problem at this point either, but rather one about infrastructure. While not ready to declare a 'Year of the Linux Desktop' he does expect that to happen — one day." Link to Original Source