Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×
Open Source

Debian Founder: How I Came To Find Linux 136

An anonymous reader writes: Ian Murdock has pretty solid open source cred: in 1993 he founded Debian, he was the CTO of Progeny and the Linux Foundation, and he helped pave the way for OpenSolaris. He has published a post about how he initially joined the Linux ecosystem. Quoting: "[In 1992], I spent most evenings in the basement of the MATH building basking in the green phosphorescent glow of the Z-29 terminals, exploring every nook and cranny of the UNIX system upstairs. ... I was also accessing UNIX from home via my Intel 80286-based PC and a 2400-baud modem, which saved me the trek across campus to the computer lab on particularly cold days. Being able to get to the Sequent from home was great, but I wanted to replicate the experience of the ENAD building's X terminals, so one day, in January 1993, I set out to find an X server that would run on my PC. As I searched for such a thing on Usenet, I stumbled across something called 'Linux.'" How did you come to find Linux?
Encryption

OpenSSH 7.0 Released 75

An anonymous reader writes: Today the OpenSSH project maintainers announced the release of version 7.0. This release is focusing on deprecating weak and unsafe cryptographic methods, though some of the work won't be complete until 7.1. This release removes support for the following: the legacy SSH v1 protocol, the 1024-bit diffie-hellman-group1-sha1 key exchange, ssh-dss, ssh-dss-cert-* host and user keys, and legacy v00 cert format. There were also several bug fixes, security tweaks, and new features. In the next release, they plan to retire more legacy cryptography. This includes refusing RSA keys smaller than 1024 bits, disabling MD5-based HMAC algorithms, and disabling these ciphers: blowfish-cbc, cast128-cbc, all arcfour variants and the rijndael-cbc aliases for AES.
Operating Systems

HardenedBSD Completes Strong ASLR Implementation 66

New submitter HardenedBSD writes: A relatively new fork of FreeBSD, HardenedBSD, has completed its Address Space Layout Randomization (ASLR) feature. Without ASLR, applications are loaded into memory in a deterministic manner. An attacker who knows where a vulnerability lies in memory can reliably exploit that vulnerability to manipulate the application into doing the attacker's bidding. ASLR removes the determinism, making it so that even if an attacker knows that a vulnerability exists, he doesn't know where that vulnerability lies in memory. HardenedBSD's particular implementation of ASLR is the strongest form ever implemented in any of the BSDs.

The next step is to update documentation and submit updates to the patches they have already submitted upstream to FreeBSD. ASLR is the first step in a long list of exploit mitigation technologies HardenedBSD plans to implement.
Google

Woman Recruited By Google Four Times and Rejected Now Joins Age Discrimination Suit 634

dcblogs writes: An Ivy league graduate, with a Ph.D. in geophysics, Cheryl Fillekes, who also specializes in Linux and Unix systems, was contacted by Google recruiters four separate times over a seven year period. In each instance, she did well enough on the phone interviews to get invited to an in-person interview but was rejected every time for a job. She has since joined an age discrimination lawsuit against Google filed about two months ago by another older worker. "The amended lawsuit also alleges that the U.S. Equal Employment Opportunity Commission (EEOC) received 'multiple complaints of age discrimination by Google, and is currently conducting an extensive investigation.'"
Security

100kb of Unusual Code Protecting Nuclear, ATC and United Nations Systems 145

An anonymous reader writes: For an ex-academic security company still in the seeding round, startup Abatis has a small but interesting roster of clients, including Lockheed Martin, the Swiss military, the United Nations and customers in the civil nuclear and air traffic control sectors. The company's product, a kernel driver compatible with Windows, Linux and Unix, occupies just 100kb with no dependencies, and reportedly achieves a 100% effectiveness rate against intruders by preventing unauthorized I/O activity. The CEO of Abatis claims, "We can stop zero day malware — the known unknowns and the unknown unknowns." The software requires no use of signature files, white-listing, heuristics or sandboxing, with a separate report from Lockheed Martin confirming very significant potential for energy savings — up to £125,000 per year in a data center with 10,000 servers.
Open Source

Why Was Linux the Kernel That Succeeded? 469

jones_supa writes: "One of the most puzzling questions about the history of free and open source software is this: Why did Linux succeed so spectacularly, whereas similar attempts to build a free or open source, Unix-like operating system kernel met with considerably less success?" Christopher Tozzi has rounded up some theories, focusing specifically on kernels, not complete operating systems. These theories take a detailed look at the decentralized development structure, pragmatic approach to things, and the rich developer community, all of which worked in favor of Linux.
GNU is Not Unix

GNU Hurd 0.6 Released 229

jrepin writes It has been roughly a year and a half since the last release of the GNU Hurd operating system, so it may be of interest to some readers that GNU Hurd 0.6 has been released along with GNU Mach 1.5 (the microkernel that Hurd runs on) and GNU MIG 1.5 (the Mach Interface Generator, which generates code to handle remote procedure calls). New features include procfs and random translators; cleanups and stylistic fixes, some of which came from static analysis; message dispatching improvements; integer hashing performance improvements; a split of the init server into a startup server and an init program based on System V init; and more.
Books

Book Review: Networking For System Administrators 33

Saint Aardvark writes Michael W. Lucas has been writing technical books for a long time, drawing on his experience as both a system and a network administrator. He has mastered the art of making it both easy and enjoyable to inhale large amounts of information; that's my way of saying he writes books well and he's a funny guy. Networking for System Administrators, available both in DRM-free ebook and dead tree formats, is his latest book, and it's no exception to this trend. Keep reading for the rest of Saint Aardvark's review.
Open Source

Getting Started Developing With OpenStreetMap Data 39

Nerval's Lobster writes In 2004, Steve Coast set up OpenStreetMap (OSM) in the U.K. It subsequently spread worldwide, powered by a combination of donations and volunteers willing to do ground surveys with tools such as handheld GPS units, notebooks, and digital cameras. JavaScript libraries and plugins for WordPress, Django and other content-management systems allow users to display their own maps. But how do you actually develop for the platform? Osmcode.org is a good place to start, home to the Osmium library (libosmium). Fetch and build Libosmium; on Linux/Unix systems there are a fair number of dependencies that you'll need as well; these are listed within the links. If you prefer JavaScript or Python, there are bindings for those. As an alternative for Java developers, there's Osmosis, which is a command-line application for processing OSM data.
GNU is Not Unix

GNU Nano Gets New Stable Release 119

jones_supa writes: GNU Nano 2.4.0 has been released as the first stable update to this UNIX command line text editor in a number of years. The release codenamed "Lizf" brings a wide variety of changes: full undo system, Vim-compatible file locking, linter support, formatter support, flexible syntax highlighting, and random bugfixes.
Caldera

Not Quite Dead: SCO Linux Suit Against IBM Stirs In Utah 170

An anonymous reader points to a story in the Salt Lake Tribune which says that The nearly defunct Utah company SCO Group Inc. and IBM filed a joint report to the U.S. District Court in Salt Lake City saying that legal issues remain in the case, which was initiated in 2003 with SCO claiming damages of $5 billion against the technology giant, based in Armonk, N.Y. That likely means that U.S. District Judge David Nuffer, who now presides over the dispute, will start moving the lawsuit — largely dormant for about four years while a related suit against Novell Inc. was adjudicated — ahead. What kind of issues? In addition to its claims of IBM misappropriation of code, SCO alleges that IBM executives and lawyers directed the company's Linux programmers to destroy source code on their computers after SCO made its allegations. The company's other remaining claims are that IBM's actions amounted to unfair competition and interference with its contracts and business relations with other companies. IBM has remaining claims against SCO that allege the Utah company violated contracts, copied and distributed IBM code that had been placed in Linux and that SCO created a campaign of "fear, uncertainty and doubt" about IBM's products and services because of the dispute over Unix code.
Mozilla

Mozilla: Following In Sun's Faltering Footsteps? 300

snydeq writes: The trajectory of Mozilla, from the trail-blazing technologies to the travails of being left in the dust, may be seen as paralleling that of the now-defunct Unix systems giant Sun. The article claims, "Mozilla has become the modern-day Sun Microsystems: While known for churning out showstopping innovation, its bread-and-butter technology now struggles." It goes on to mention Firefox's waning market share, questions over tooling for the platform, Firefox's absence on mobile devices, developers' lack of standard tools (e.g., 'Gecko-flavored JavaScript'), and relatively slow development of Firefox OS, in comparison with mobile incumbents.
Open Source

Removing Libsystemd0 From a Live-running Debian System 755

lkcl writes The introduction of systemd has unilaterally created a polarization of the GNU/Linux community that is remarkably similar to the monopolistic power position wielded by Microsoft in the late 1990s. Choices were stark: use Windows (with SMB/CIFS Services), or use UNIX (with NFS and NIS). Only the introduction of fully-compatible reverse-engineered NT Domains services corrected the situation. Instructions on how to remove systemd include dire warnings that "all dependent packages will be removed", rendering a normal Debian Desktop system flat-out impossible to achieve. It was therefore necessary to demonstrate that it is actually possible to run a Debian Desktop GUI system (albeit an unusual one: fvwm) with libsystemd0 removed. The reason for doing so: it doesn't matter how good systemd is believed to be or in fact actually is: the reason for removing it is, apart from the alarm at how extensive systemd is becoming (including interfering with firewall rules), it's the way that it's been introduced in a blatantly cavalier fashion as a polarized all-or-nothing option, forcing people to consider abandoning the GNU/Linux of their choice and to seriously consider using FreeBSD or any other distro that properly respects the Software Freedom principle of the right to choose what software to run. We aren't all "good at coding", or paid to work on Software Libre: that means that those people who are need to be much more responsible, and to start — finally — to listen to what people are saying. Developing a thick skin is a good way to abdicate responsibility and, as a result, place people into untenable positions.
Programming

Nim Programming Language Gaining Traction 520

An anonymous reader writes: Nim is a young, statically typed programming language that has been getting more attention recently. See these articles for an introduction: What is special about Nim?, What makes Nim practical? and How I Start: Nim. The language offers a syntax inspired by Python and Pascal, great performance and C interfacing, and powerful metaprogramming capabilities. The author of "Unix in Rust" just abandoned Rust in favor of Nim and some early-adopter companies are starting to use it as well.
Books

Book Review: FreeBSD Mastery: Storage Essentials 75

Saint Aardvark writes If, like me, you administer FreeBSD systems, you know that (like Linux) there is an embarrassment of riches when it comes to filesystems. GEOM, UFS, soft updates, encryption, disklabels — there is a *lot* going on here. And if, like me, you're coming from the Linux world your experience won't be directly applicable, and you'll be scaling Mount Learning Curve. Even if you *are* familiar with the BSDs, there is a lot to take in. Where do you start? You start here, with Michael W. Lucas' latest book, FreeBSD Mastery: Storage Essentials. You've heard his name before; he's written Sudo Mastery (which I reviewed previously), along with books on PGP/GnuPGP, Cisco Routers and OpenBSD. This book clocks in at 204 pages of goodness, and it's an excellent introduction to managing storage on FreeBSD. From filesystem choice to partition layout to disk encryption, with sidelong glances at ZFS along the way, he does his usual excellent job of laying out the details you need to know without every veering into dry or boring. Keep reading for the rest of Saint Aardvark's review.
Programming

Interviews: Alexander Stepanov and Daniel E. Rose Answer Your Questions 42

samzenpus (5) writes "Alexander Stepanov is an award winning programmer who designed the C++ Standard Template Library. Daniel E. Rose is a programmer, research scientist, and is the Chief Scientist for Search at A9.com. In addition to working together, the duo have recently written a new book titled, From Mathematics to Generic Programming. Earlier this month you had a chance to ask the pair about their book, their work, or programming in general. Below you'll find the answers to those questions."
Operating Systems

OpenBSD's Kernel Gets W^X Treatment On Amd64 84

New submitter brynet tips this news from Theo de Raadt: Over the last two months Mike Larkin (mlarkin@) modified the amd64 kernel to follow the W^X principles. It started as a humble exercise to fix the .rodata segment, and kind of went crazy. As a result, no part of the kernel address space is writeable and executable simultaneously. At least that is the idea, modulo mistakes. Final attention to detail (which some of you experienced in buggy drafts in snapshots) was to make the MP and ACPI trampolines follow W^X, furthermore they are unmapped when not required. Final picture is many architectures were improved, but amd64 and sparc64 look the best due to MMU features available to service the W^X model. The entire safety model is also improved by a limited form of kernel ASLR (the code segment does not move around yet, but data and page table ASLR is fairly good."
Security

OpenBSD Releases a Portable Version of OpenNTPD 79

Noryungi (70322) writes Theo De Raadt roundly criticized NTP due to its recent security advisories, and pointed out that OpenBSD OpenNTPD was not vulnerable. However, it also had not been made portable to other OS in a long time. Brent Cook, also known for his work on the portable version of LibreSSL (OpenBSD cleanup and refactoring of OpenSSL) decided to take the matter in his own hands and released a new portable version of OpenNTPD. Everyone rejoice, compile and report issues!
Books

Book Review: Build Your Own Website: A Comic Guide to HTML, CSS, and WordPress 31

MassDosage writes "At the the risk of exposing my age I remember building my first website using a rudimentary Unix text editor (Joe) and carefully handcrafting the Hypertext Markup Language (HTML) while directly logged on to the web server it was being served from. Back then Cascading Style Sheets (CSS) weren't even a glint in the eyes of their creators. A lot has changed and there's now a world of fancy WYSIWYG web page editors to choose from as well as Content Management Systems that allow you to create websites without looking at the underlying code at all. While this is all very useful and allows less technical people to create websites I still feel that having at least some knowledge of how everything works under the hood is empowering — especially in situations where you want to go beyond the limits placed on you by a certain tool. This is where Build Your Own Website: A comic guide to HTML, CSS and Wordpress comes into the picture. Its aim is to enable people new to web development to learn the subject by teaching the fundamentals of HTML and CSS first and only then describing how to use a Content Management System (CMS) — in this case Wordpress. While Wordpress might not be everyone's kettle of fish it's a good choice as an example of a modern CMS that is easily accessible and very popular. The concepts presented are simple enough that it should be easy enough for a reader to apply them to a different CMS should they want to. Read below for The rest of MassDosage's review.