Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Submission + - Linux Foundation Chief Say that It's 'FUN' to Work with Microsoft->

darthcamaro writes: Though Jim Zemlin, executive director of the Linux Foundation was heckled at Linuxcon for holding up a Tux penguin with a Microsoft logo — he's supportive of Microsoft's open source efforts. .

"Don't hold it [the Microsoft penguin]," an audience member shouted. "You might get cancer."


Link to Original Source

Submission + - Linus Torvalds Isn't Looking 10 years Ahead for Linux and That's OK->

darthcamaro writes: At the Linuxcon conference in Seattle today, Linus Torvalds responded to questions about Linux security and about the next 10 years of Linux. For security, Torvalds isn't too worried as he sees it just being about dealing with bugs. When it comes to having a roadmap he's not worried either as he just leaves that to others.

"I'm a very plodding, pedestrian person and look only about six months ahead," Torvalds said. "I look at the current release and the next one, as I don't think planning 10 years ahead is sane."


Link to Original Source

Submission + - Hacker 'Kills' DEF CON Founder Jeff Moss->

darthcamaro writes: In one of the busiest sessions at this past weekend's DEF CON security conference, an Australian security researcher showed how it was possible to get someone legally declared dead, with a full death certificate. Among the victims, was the founder of DEF CON and Black Hat, Jeff Moss.

"I know it's not good form to kill your host, but this a death certificate for Jeff Moss," Security reseacher Chris Rock said as he showed a screenshot of an EDRS form with Moss' name on it as the audience erupted into laughter. "He doesn't know he's dead, he's still walking around, but on paper he's dead and that might be a problem for him when he travels."


Link to Original Source

Submission + - ProxyHam Debunked and Demoed at DEFCON->

darthcamaro writes: Last month, the ProxyHam project talk for DEFCON was mysteriously cancelled. In it's place as a later edition is a new talk, in which the ProxyHam approach will be detailed and debunked — in a session called '“HamSammich”. In a video preview of the talk, Rob Graham and Dave Maynor detail the flaws of ProxyHam and how to do the same thing with off the shelf gear, legally.
Link to Original Source

Submission + - Hacker Set to Demonstrate 60 Second BRINKS Safe Hack at DEFCON->

darthcamaro writes: Ok so we know that Chrysler cars will be hacked at Black Hat, Android will be hacked at DEFCON with Stagefright, and now word has come out that a pair of security researchers plan on bringing a BRINKS safe onstage at DEFCON to demonstrate how it can be digitally hacked. No this isn't some kind of lockpick, but rather a digital hack, abusing the safe's exposed USB port. And oh yeah, it doesn't hurt that the new safe is running Windows XP either.
Link to Original Source

Submission + - Linux Foundation Launches Cloud Native Computing Foundation->

darthcamaro writes: The Linux Foundation's Foundation as a Service model continues to ramp up, today announcing its latest open-source Foundation effort — the Cloud Native Computing Foundation, backed by AT&T, Box, Cisco, Cloud Foundry Foundation, CoreOS, Cycle Computing, Docker, eBay, Goldman Sachs, Google, Huawei, IBM, Intel, Joyent, Kismatic, Mesosphere, Red Hat, Switch SUPERNAP, Twitter, Univa, VMware and Weaveworks.
A key part of the new foundation is Google's donation of the open-source Kubernetes project to help become a 'foundational' component.

"It got to the point where it really makes sense to take Kubernetes to a foundation," Craig McLuckie, product manager at Google, told eWEEK. "The Cloud Native Computing Foundation isn't just about Kubernetes; it's about assembling a harmonized set of technologies that are generally available and accessible to people."


Link to Original Source

Submission + - DigitalOcean CEO Wants to Take on OpenStack with Open-Source Platform->

darthcamaro writes: DigitalOcean is the world's second largest cloud provider today, has just raised another $83 million in funding — and it doesn't use OpenStack. CEO Ben Uretsky also doesn't like OpenStack much and in fact is now considering open-sourcing his company's platform in order to provide an alternative to OpenStack in the market.

"At some point in the future, it would be good to see other open-source frameworks take a run at OpenStack, since today I feel like they [OpenStack] are the only game in town," Uretsky said. "We come from the open-source world and would like to be able to contribute a project that actually delivers real value."


Link to Original Source

Submission + - Will Red Hat Buy Docker Inc?->

darthcamaro writes: Red Hat CEO Jim Whitehurst bought a company called Gluster from Ben Golub in 2011 for $136 million. Now in 2015, Golub is the CEO of Docker Inc and Whitehurst might be considering buying another company from Golub — or not. In a video interview from the Red Hat Summit Whitehurst states that he's ok with how his company is doing on Docker on its own — but he adds that you should never say never when it comes to what could happen in the future.
Link to Original Source

Submission + - Docker and CoreOS Join Together for Open Container Project at Linux Foundation->

darthcamaro writes: the great schism in the container world is now at an end. Today, Docker and CoreOS, announced along with Amazon Web Services, Apcera, Cisco, EMC, Fujitsu, Goldman Sachs, Google, HP, Huawei, IBM, Intel, Joyent, the Linux Foundation, Mesosphere, Microsoft, Pivotal, Rancher Labs, Red Hat and VMware the Open Container Project, as a Linux Foundation Collaborative Project. The new effort will focus specifically on libcontainer — providing a baseline for a container runtime.

"By participating with Docker and all the other folks in the OCP, we're getting the best of all worlds," Alex Polvi, CEO of CoreOS told eWEEK. "We're getting the contributions from Docker with the format and runtime that underpin container usage, and then we're also getting the shared standard and vendor neutrality aspects that we've designed with app container."


Link to Original Source

Submission + - Rancher Labs Raises $10 Million for Docker Optimize Linux Distro without Systemd->

darthcamaro writes: Who doesn't like systemd? (raise your hands or comment below..) — beyond that apparently Docker doesn't work as well as it should with systemd either. So new startup Rancher Labs has now raised $10 million to build out a systemd-less, Docker optimize Linux distro.

"We saw that there was a lot of conflict between systemd and Docker," Shannon Williams, co-founder of Rancher Labs Williams said in a video interview.


Link to Original Source

Submission + - Google, VMware, RedHat Embrace CoreOS' App Container Spec- What now Docker?->

darthcamaro writes: Big news today in container land as Google, VMware, Red Hat and Appcera are now supporters of the CoreOS led App Container spec (appc), which aims to define a broader spectrum of app containers beyond just Docker.

"The compatibility that we are aiming for is someone who packages up an image to run on top, or rkt should run another compatible runtime such as Kurma," Alex Polvi CEO of CoreOS explained. "This promise of having portability was something that the industry didn't quite achieve with virtual machines and cloud."

The big outstanding question though is with the new appc support — where does that leave Docker?
Link to Original Source

Submission + - Heartbleed One Year Later: Has Anything Changed?->

darthcamaro writes: It was on April 7, 2014 that the CVE-2014-0160 vulnerability titled "TLS heartbeat read overrun" in OpenSSL was first publicly disclosed — but to many its a bug known simply as Heartbleed. A new report from certificate vendor Venafi claims that 76% of organizations are still at risk, though it's a statistic that is contested by other vendors as well as other statistics. Qualys' SSL Pulse claims that only 0.3 percent of sites are still at risk. Whatever the risk is today, the bottom line is that Heartbleed did change the security conversation — but did it change it for the better or the worse?
Link to Original Source

Submission + - Firefox's Opportunistic Encryption Turns into an Opportunity for Hackers->

darthcamaro writes: Barely a week ago, Mozilla released Firefox 37, with a key new feature being Opportunistic Encryption. The basic idea behind Opportunistic Encryption is that it acts to encrypt data that might have otherwise been sent by a user over clear text. It's a great opportunity to improve the security of the web, but as it turns out, it's also another opportunity for hackers to exploit users. Mozilla has already issued Firefox 37.0.1 removing Opportunistic Encryption after a security vulnerability was reported in the underlying Alternative Services capability that helps to enable Opportunistic Encryption.

"We plan to re-enable this feature once we've had time to fully investigate the issue," Chad Weiner, director of product management at Mozilla said. /blockquote


Link to Original Source

Submission + - Every Browser Hacked at Pwn2own 2015 as HP Pays out $557,500 in Awards->

darthcamaro writes: Every year, browser vendors patch their browsers ahead of the annual HP Pwn2own browser hacking competition in a bid to prevent exploitation. Sad truth is that it's never enough. This year, security researchers were able to exploit fully patched versions of Mozilla Firefox, Google Chrome, Microsoft Internet Explorer 11 and Apple Safari in record time. For their efforts, HP awarded researchers the princely sum of $557,500. So why does this happen every year? Why can't browser vendors actually produce software that can't be exploited — year after year?

Every year, we run the competition, the browsers get stronger, but attackers react to changes in defenses by taking different, and sometimes unexpected, approaches," Brian Gorenc manager of vulnerability research for HP Security Research said.


Link to Original Source

Submission + - Red Hat Enterprise Linux 7.1 and Atomic Host Hit General Availability->

darthcamaro writes: Red Hat today released the first milestone update to its flagship Red Hat Enterprise Linux 7.x (RHEL) platform. Among the new features in RHEL is the dogtag certificate system and improved two-factor authentication support. Perhaps more noteworthy is the first release of Red Hat Enterprise Linux 7.1 Atomic Host which is an optimized version of RHEL specifically for the deployment of Docker containers. Red Hat is using Google Kubernets for orchestration and the OStree open source technology as a way to enable 'snappy' transactional updates and rollback capabilities. Atomic Host also introduces the concept of 'super-privileged' containers. The super-privileged containers allow users to deploy system services as containers and then run those service containers with privileged access to the host system.
Link to Original Source

And it should be the law: If you use the word `paradigm' without knowing what the dictionary says it means, you go to jail. No exceptions. -- David Jones

Working...