Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Separate from the rebranding of covid.gov... (Score 5, Insightful) 213

...an article worth considering from Princeton University's Zeynep Tufekci:

We Were Badly Misled About the Event That Changed Our Lives

Since scientists began playing around with dangerous pathogens in laboratories, the world has experienced four or five pandemics, depending on how you count. One of them, the 1977 Russian flu, was almost certainly sparked by a research mishap. Some Western scientists quickly suspected the odd virus had resided in a lab freezer for a couple of decades, but they kept mostly quiet for fear of ruffling feathers.

Yet in 2020, when people started speculating that a laboratory accident might have been the spark that started the Covid-19 pandemic, they were treated like kooks and cranks. Many public health officials and prominent scientists dismissed the idea as a conspiracy theory, insisting that the virus had emerged from animals in a seafood market in Wuhan, China. And when a nonprofit called EcoHealth Alliance lost a grant because it was planning to conduct risky research into bat viruses with the Wuhan Institute of Virology â" research that, if conducted with lax safety standards, could have resulted in a dangerous pathogen leaking out into the world â" no fewer than 77 Nobel laureates and 31 scientific societies lined up to defend the organization.

So the Wuhan research was totally safe, and the pandemic was definitely caused by natural transmission â" it certainly seemed like consensus.

We have since learned, however, that to promote the appearance of consensus, some officials and scientists hid or understated crucial facts, misled at least one reporter, orchestrated campaigns of supposedly independent voices and even compared notes about how to hide their communications in order to keep the public from hearing the whole story. And as for that Wuhan laboratoryâ(TM)s research, the details that have since emerged show that safety precautions might have been terrifyingly lax.

Full article

Comment "unstated ability to get access to systems" (Score 1) 48

Transcript of Internet Caucus Panel Discussion
Re: Administration's new encryption policy. Date: September 28, 1999.
Weldon statement.

Rep. Curt Weldon : Thank you. Let me see if I can liven things up here in the last couple of minutes of the luncheon. First of all, I apologize for being late. And I thank Bob and the members of the caucus for inviting me here.
...
But the point is that when John Hamre briefed me, and gave me the three key points of this change, there are a lot of unanswered questions. He assured me that in discussions that he had had with people like Bill Gates and Gerstner from IBM that there would be, kind of a, I don't know whether it's a, unstated ability to get access to systems if we needed it., Now, I want to know if that is part of the policy, or is that just something that we are being assured of, that needs to be spoke. Because, if there is some kind of a tacit understanding, I would like to know what it is.
Because that is going to be subjected to future administrations, if it is not written down in a clear policy way. I want to know more about this end use certificate. In fact, sitting on the Cox Committee as I did, I saw the fallacy of our end use certificate that we were supposedly getting for HPCs going into China, which didn't work. So, I would like to know what the policies are. So, I guess what I would say is, I am happy that there seems to be a coming together. In fact, when I first got involved with NSA and DOD and CIS, and why can't you sit down with industry, and work this out. In fact, I called Gerstner, and I said, can't you IBM people, and can't you software people get together and find the middle ground, instead of us having to do legislation.

.

Submission + - Samba gets funding from the German Sovereign Tech Fund.

Jeremy Allison - Sam writes: The Samba project has secured significant funding (€688,800.00) from the German
Sovereign Tech Fund (STF) to advance the project. The investment was
successfully applied for by SerNet. Over the next 18 months, Samba developers
from SerNet will tackle 17 key development subprojects aimed at enhancing
Samba’s security, scalability, and functionality.

The Sovereign Tech Fund is a German federal government funding program that
supports the development, improvement, and maintenance of open digital
infrastructure. Their goal is to sustainably strengthen the open source
ecosystem.

The project's focus is on areas like SMB3 Transparent Failover, SMB3 UNIX
extensions, SMB-Direct, Performance and modern security protocols such as SMB
over QUIC. These improvements are designed to ensure that Samba remains a
robust and secure solution for organizations that rely on a sovereign IT
infrastructure. Development work began as early as September the 1st and is
expected to be completed by the end of February 2026 for all sub-projects.

All development will be done in the open following the existing Samba
development process. First gitlab CI pipelines have already been running [4]
and gitlab MRs will appear soon!

https://samba.plus/blog/detail...

https://www.sovereigntechfund....

Comment Re:Maybe (Score 1) 104

The upstream Linux kernel doesn't differentiate between security bugs and "normal" bug fixes. So the new kernel.org CNA just assigns CVE's to all fixes. They don't score them.

Look at the numbers from the whitepaper:

"In March 2024 there were 270 new CVEs created for the stable Linux kernel. So far in April 2024 there are 342 new CVEs:"

Comment Re:Yeah (Score 1) 104

Yes ! That's exactly the point. Trying to curate and select patches for a "frozen" kernel fails due to the firehose of fixes going in upstream.

And in the kernel many of these could be security bugs. No one is doing evaluation on that, there are simply too many fixes in such a complex code base to check.

Slashdot Top Deals

Biology is the only science in which multiplication means the same thing as division.

Working...