Forgot your password?
typodupeerror

+ - One week of OpenSSL cleanup ->

Submitted by CrAlt
CrAlt (3208) writes "After the news of heartbleed broke early last week, the OpenBSD team dove in and started axing it up into shape. Leading this effort are Ted Unangst (tedu@) and Miod Vallat (miod@), who are head-to-head on a pure commit count basis with both having around 50 commits in this part of the tree in the week since Ted's first commit in this area. They are followed closely by Joel Sing (jsing@) who is systematically going through every nook and cranny and applying some basic KNF. Next in line are Theo de Raadt (deraadt@) and Bob Beck (beck@) who've been both doing a lot of cleanup, ripping out weird layers of abstraction for standard system or library calls.

Then Jonathan Grey (jsg@) and Reyk Flöter (reyk@) come next, followed by a group of late starters. Also, an honorable mention for Christian Weisgerber (naddy@), who has been fixing issues in ports related to this work.

All combined, there've been over 250 commits cleaning up OpenSSL. In one week. Some of these are simple or small changes, while other commits carry more weight. Of course, occasionally mistakes get made but these are also quickly fixed again, but the general direction is clear: move the tree forward towards a better, more readable, less buggy crypto library.

Check them out at http://anoncvs.estpak.ee/cgi-b..."

Link to Original Source

+ - The Poor Neglected Gifted Child

Submitted by theodp
theodp (442580) writes ""Korea, Taiwan, and Singapore," explains The Boston Globe's Amy Crawford in The Poor Neglected Gifted Child, "have national laws requiring that children be screened for giftedness, with top scorers funneled into special programs. China is midway through a 10-year 'National Talent Development Plan' to steer bright young people into science, technology, and other in-demand fields." It seems to be working — America's tech leaders are literally going to Washington with demands for "comprehensive immigration reform that allows for the hiring of the best and brightest". But in the U.S., Crawford laments, "we focus on steering all extra money and attention toward kids who are struggling academically, or even just to the average student" and "risk shortchanging the country in a different way." The problem advocates for the gifted must address, Crawford explains, is to "find ways for us to develop our own native talent without exacerbating inequality." And address it we must. "How many people can become an astrophysicist or a PhD in chemistry?" asks David Lubinski, a psychologist at Vanderbilt University. We really have to look for the best — that's what we do in the Olympics, that's what we do in music, and that's what we need to with intellectual capital.""

+ - Scientists extract RSA key from GnuPG using sound of CPU->

Submitted by kthreadd
kthreadd (1558445) writes "In their research paper titled RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis Daniel Genkin, Adi Shamir and Eran Tromer et. all. present a method for extracting decryption keys from the GnuPG security suite using an interesting side-channel attack. By analysing the acoustic sound made by the CPU they were able to extract a 4096 bit RSA key in about an hour. A modern mobile phone placed next to the computer is sufficient to carry out the attack, but up to four meters have been successfully tested using specially designed microphones."
Link to Original Source

+ - Dice Ruins Slashdot-> 12

Submitted by Anonymous Coward
An anonymous reader writes "In an attempt to modernize Slashdot, Dice has removed everything that made Slashdot unique and worthwhile and has turned it into a generic blog site. User feedback has been unanimously negative, but this is to no avail, and users will have to head elsewhere for insightful and entertaining commentary on tech news."
Link to Original Source

Comment: Re:There are no rules. (Score 2) 117

by bofkentucky (#43091267) Attached to: Ask Slashdot: On the Job Certification Training?
The last two shops I've been at have tuition reimbursement programs, but they only apply to 2 or 4 year accredited colleges and universities. This leads to a weird situation where they could pay $10500 over 3 years to help pay for a diploma mill MBA but can't approve $3500 to pay for industry coursework from vmware/emc/redhat/etc that actually interests me.
Intel

+ - Intel to Pay NVIDIA Licensing Fees of $1.5 Billion->

Submitted by wiredmikey
wiredmikey (1824622) writes "NVIDIA and Intel have agreed to drop all outstanding legal disputes between them and Intel will pay NVIDIA an aggregate of $1.5 billion in licensing fees payable in five annual installments, beginning Jan. 18, 2011. Under the new agreement, Intel will have continued access to NVIDIA's full range of patents."
Link to Original Source
Google

Chrome OS Doesn't Trust Apps Or Users 410

Posted by kdawson
from the for-your-own-good dept.
holy_calamity writes "Google's Chrome OS chiefs explain in Technology Review how most of the web-only OS's features flow from changing one core assumption of previous operating system designs. 'Operating systems today are centered on the idea that applications can be trusted to modify the system, and that users can be trusted to install applications that are trustworthy,' says Google VP Sundar Pichai. Chrome doesn't trust applications, or users — and neither can modify the system. Once users are banned from installing applications, or modifying the system security, usability, and more are improved, the Googlers claim."
Oracle

RIP, SunSolve 100

Posted by timothy
from the to-the-moon-instead dept.
Kymermosst writes "Today marks the last day that SunSolve will be available. Oracle sent the final pre-deployment details today for the retirement of SunSolve and the transition to its replacement, My Oracle Support Release 5.2, which begins tomorrow. People who work with Sun's hardware and software have long used SunSolve as a central location for specifications, patches, and documentation."

+ - Walmart using DMCA letters to stop BF ads rumors->

Submitted by Anonymous Coward
An anonymous reader writes "Walmart is sending DMCA notices to bargain hunting websites demanding they remove threads which contained scans of their Black Friday ads. Slickdeals.net and also ThanksgivingBlackFridayAds.com (https://www.thanksgivingblackfridayads.com/2010/walmart-day-after-thanksgiving-circular/) have received such notices. Forum posters on the Slickdeals site indicate they have also recieved such threats relating to their own blogs. (Feel free to rewrite this information or add additional details to bring it up to your editorial standards.)"
Link to Original Source

+ - Oracle Solaris 11 Express 2010.11 released->

Submitted by comay
comay (979887) writes "Today Oracle released its latest version of Solaris technology, the Oracle Solaris 11 Express 2010.11 release. It includes a large number of new features not found in either Oracle Solaris 10 or previous OpenSolaris releases including ZFS encryption and deduplication, network-based packaging and provisioning systems, network virtualization, optimized I/O for NUMA platforms and optimized platform support including support for Intel's latest Nehalem and SPARC T3. In addition, Oracle Solaris 10 support is available from within a container/zone so migration of existing systems is greatly simplified. The release is available under a variety of licenses including a supported commercial license on a wide variety of x86 and SPARC platforms."
Link to Original Source

Small is beautiful.

Working...