54617573
submission
ConstantineM writes:
I don’t want web designers redesigning the “experience” of using the web. The unification of the user experience of using computers is a positive thing. If you use old software from the early days of computing, everything had a different user experience. If you use Windows or OS X, you’ll know of software that behaves differently from the norm. If you are a reasonably perceptive user, you’ll see it, and then you’ll be annoyed by it.
54517553
submission
ConstantineM writes:
Microsoft has all significant exploit mitigation techniques fully integrated and enabled, says Theo de Raadt at Yandex ruBSD, whilst giving a 10-year summary of the methods employed by OpenBSD. In year 2000, OpenBSD started a development initiative to intentionally make the memory environment of a process less predictable and less robust, without impacting the well-behaved programs. Concepts like the random stack gap, W^X, ASLR and PIE are explained. Some of them, like the random stack gap, are implemented with a 3-line change to the kernel, yet it appears that FreeBSD is still shipping without it. Theo de Raadt also identifies that although Linux has the code for all of these techniques, most vendors enable them very sparingly, and, in general, support is disabled; Apple does have ASLR, but other methods appear missing.
54452613
submission
ConstantineM writes:
Microsoft has all significant exploit mitigation techniques fully integrated and enabled, claims Theo de Raadt at Yandex ruBSD, whilst giving a 10-year summary of the methods employed by OpenBSD. In year 2000, OpenBSD started a development initiative to intentionally make the memory environment of a process less predictable and less robust, without impacting the well-behaved programs. Concepts like the random stack gap, W^X, ASLR and PIE are explained. Some of them, like the random stack gap, are implemented with a 3-line change to the kernel, yet it appears that some other vendors are still shipping without it.
54425461
submission
ConstantineM writes:
File system in userland support — fuse — was included in OpenBSD 5.4 source tree, but not built by default, hence not officially supported. This has since changed in 5.4-current. The undeadly editors have tracked down the author, Sylvestre Gallon, and asked him about his experience of getting libfuse into OpenBSD. Which userland file systems are supported? So far, it's sshfs-fuse and ntfs-3g (both are in the ports tree due to the GPL).
54310819
submission
ConstantineM writes:
FUSE(4) has been included in OpenBSD 5.4, but was not build into the default kernels yet, hence, not officially supported. This has since changed in 5.4-current. The undeadly editors have tracked down the author, Sylvestre Gallon, a first-time OpenBSD contributor, and asked him about his experience of getting libfuse into OpenBSD. Long story short: it involves some vfs grokking, improved fusebufs and a BSD rewrite of the GPL libfuse. Although to actually enjoy the feature, you'd still have to subject yourself to GPLv2 in the ports tree: sysutils/sshfs-fuse and ntfs-3g ports are available.
54180635
submission
ConstantineM writes:
Inspired by a recent Google initiative to adopt ChaCha20 and Poly1305 for TLS, OpenSSH developer Damien Miller has added a similar protocol to ssh, chacha20-poly1305@openssh.com, which is based on D. J. Bernstein algorithms that are specifically optimised to provide the highest security at the lowest computational cost, and not require any special hardware at doing so. Some further details are in his blog, and at undeadly. The source code of the protocol is remarkably simple — less than 100 lines of code!
46567811
submission
ConstantineM writes:
A site written in nginx.conf. What? Make no mistake, this is what the newly announced mdoc.su is. The site is a URL shortener that provides an easy addressing scheme for the manual pages of all the BSDs, and even supports generating complete HTML pages with multiple links to pages of several systems at once: http://mdoc.su/f91,n60,o52,d/mdoc. Source code is available on github under a BSD licence.
44812449
submission
ConstantineM writes:
Publicly private beta? Instead of devising a new scheme on handing out invitations for a new and improved OpenGrok for the BSDs, why not require IPv6 for the beta? Welcome BXR.SU — Super User's BSD Cross Reference, which is launched today as an IPv6-only OpenGrok service for FreeBSD, OpenBSD, NetBSD and DragonFly. The service is IPv6-only during the beta (ask your ISP for an token); but a full release schedule is already known: an A record for BXR.SU will be temporarily published on 2013-04-04, an IPv4 day, to test out the water, and ensure misconfigurations of the NAT don't break out access to the site. IPv4 glue records are also withheld — the authors are afraid that some nameservers are misconfigured, and are giving the ISPs extra time. BXR.SU is claimed to be 200× faster than the nearest competitor, metager.de.
44811569
submission
ConstantineM writes:
Publicly private beta? Instead of devising a new scheme on handing out invitations for a private beta of a new and improved OpenGrok service for the BSDs, why not require IPv6 for the beta test? Welcome BXR.SU — Super User's BSD Cross Reference, which is launched today as an IPv6-only OpenGrok service for FreeBSD, OpenBSD, NetBSD and DragonFly. The service is IPv6-only during the beta (ask your ISP for an token to participate); but a full release schedule is already known: an A record for BXR.SU will be temporarily published on 2013-04-04, an IPv4 day, to test out the water, and ensure misconfigurations of the NAT don't break out access to the site. IPv4 glue records are also withheld — the authors are afraid that some nameservers are misconfigured, and are giving ISPs until 2013-04-24 prior to publishing IPv4 glue. BXR.SU is claimed to be 200× faster than the nearest competitor, code.metager.de.
