jap - Slashdot User

+ - Dutch government officially trusts OpenVPN-NL for -> 0

Submitted by

joost.bijl

on Tuesday November 22, 2011 @10:43AM

joost.bijl writes "Today the Dutch government took a step to further improve the adoption of Open Source in its ranks. It has officialy approved a modified version of the open source VPN software OpenVPN for use on the governmental level 'Departementaal Vertrouwelijk' (Restricted). The release is called OpenVPN-NL and is fully open-source and available for use. The software has undergone a security evaluation by the Dutch government's national communications security agency (NLNCSA).

The major change is the removal of OpenSSL as the cryptographic core of OpenVPN-NL. Instead, the Dutch government opted to include the smaller, better readable and documented open source library PolarSSL to provide the cryptographic and SSL/TLS functionality.

The Dutch IT Security company Fox-IT worked together with both OpenVPN and PolarSSL communities and modified the stock software to support the government evaluation process. In total 8000 lines of code and 4000 lines of documentation were checked in to the OpenVPN trunk."
Link to Original Source

+ - First 3.0 Kernel Prepatch is out-> 0

Submitted by mvar on Monday May 30, 2011 @06:19AM

mvar (1386987) writes "Linus has announced the availability of the 3.0-rc1 kernel prepatch: Yay! Let the bikeshed painting discussions about version numbering begin (or at least re-start). I decided to just bite the bullet, and call the next version 3.0. It will get released close enough to the 20-year mark, which is excuse enough for me, although honestly, the real reason is just that I can no longe rcomfortably count as high as 40. The whole renumbering was discussed at last years Kernel Summit, and there was a plan to take it up this year too. But let's face it — what's the point of being in charge if you can't pick the bike shed color without holding a referendum on it? So I'm just going all alpha-male, and just renumbering it. You'll like it. Now, my alpha-maleness sadly does not actually extend to all the scripts and Makefile rules, so the kernel is fighting back, and is calling itself 3.0.0-rc1. We'll have the usual 6-7 weeks to wrestle it into submission, and get scripts etc cleaned up, and the final release should be just "3.0". The -stable team can use the third number for their versioning."
Link to Original Source

Comment: Re:MOD PARENT UP (Score 2, Informative) 904

by jap on Tuesday March 10, 2009 @02:46AM (#27131403) Attached to: Locking Down Linux Desktops In an Enterprise?

Err, you can still run interpreted programs on a filesystem mounted noexec:

~$ python myprogram.py

A sufficiently clever user could use an interpreter to write his own dynamic linker and thereby run binaries too.

No he cannot, as he cannot write that interpreter to a place where it can be executed.

Besides, such an interpreter already exists on your system and is called /lib/ld.so or one of its newer names. Note that trying to do this trick doesn't work, as your linker then needs to mmap this code with PROT_EXEC which is not allowed for files residing in a noexec mounted fs.

Comment: hormone imbalance (Score 5, Funny) 320

by jap on Monday January 05, 2009 @12:40PM (#26331099) Attached to: Steve Jobs Issues Update On His Health

is an anagram of 'a common rehab line'

Journal: Using Google Adsense for Charity 0

Journal by Raindeer on Wednesday March 07, 2007 @07:16AM

I hope Slashdot-readers will help me generate more attention for this idea and come up with ideas to get this idea higher up Google's to-do-list. I have blogged about this on my blog. The origins of this idea lie in me looking at the enormous amount of $8 on my Adsense account (the payout limit is $100) and wondering if there was something better to do with it, instead of waiting 12 years for the first check.