An integer underflow flaw, leading to a heap-based buffer overflow, was
found in the ksba_oid_to_str() function of libksba, an X.509 and CMS
(PKCS#7) library. By using special crafted S/MIME messages or ECC based
OpenPGP data, it is possible to create a buffer overflow, which could
cause an application using libksba to crash (denial of service), or
potentially, execute arbitrary code.
The just released version 14.11 of the Genode OS framework complements the framework's arsenal of device drivers with the Intel wireless stack. This way, Genode enables the realization of microkernel-based systems on modern laptops without relying on any kind of "device-driver OS" or "Dom0". Other highlights of the release are a new dynamic linker, VirtualBox 4.3.16 on the NOVA hypervisor, a new scheduler for the HW kernel, and networking for the Raspberry Pi.
WiFi stacks are known to be extremely complex. In the Linux kernel, it is certainly one of the most sophisticated driver subsystems besides GPU drivers. From the perspective of an alternative OS, it is quite frightening. On the other hand, WiFi is an universally required feature for a general-purpose OS by today's standards. Therefore, the Genode project had to face the issue to enable a full WiFi stack on top of the framework sooner or later. In spring this year, the Genode team finally took on the engineering feat to transplant the Intel wireless stack from Linux to a user-level component on Genode. This line of work was more demanding than originally anticipated. The biggest hurdle was to get a grasp on the interactions between the various involved protocols and mechanisms such as mac80211, cfg80211, nl80211, the netlink API, AF_NETLINK, and the WPA supplicant. The actual porting work followed the approach of prior porting efforts like the Linux USB and TCP/IP subsystems. All Linux kernel threads are executed by a single user-level thread that cooperatively schedules each kernel thread as a light-weight execution context. Compared to the prior porting efforts, the driver environment for the WiFi stack is far more complex. About 8,500 lines of environment code had to be provided to bring the 215,000 lines of WiFi stack to life. However, almost no original code had to be changed, which will make future updates relatively easy.
From its very beginning, Genode was designed to manage resources via a trading mechanism. For example, when a client component connects to a server component, it can provide a part of its own memory budget to the server. This way, the server does not need to perform allocations from its own resources on behalf of its client, which mitigates the risk for denial-of-service attacks driven by malicious clients. This scheme works well for memory but it had not been employed for CPU time, yet. The reason was the lack of the scheduling facilities offered by the kernels supported by Genode. However, with their custom kernel called "base-hw", the Genode developers were finally able to pursue this idea. The outcome of this line of work is featured in the new release.
Besides the WiFi stack and the new scheduler, Genode 14.11 comes with an upgrade of VirtualBox to version 4.3.16 that can be executed directly on the NOVA microhypervisor, a new dynamic linker, added GUI components, and networking support for the Raspberry Pi. The full story behind all those topics is covered by the release documentation.
The Debian fork website, put together by the Veteran Unix Admins (VUA) group, has annouced the VUA has decided to fork the popular Debian GNU/Linux distribution. The VUA is critical of Debian's decision to adopt systemd as the distribution's default init software and to allow software packaged for Debian to depend directly on systemd. The VUA plans to create a fork of Debian using SysV Init as the default init software and is asking for donations to support the endevor.
The default init system in the next Debian v8 "Jessie" release will be systemd, bringing along a deep web of dependencies. We need to individuate those dependencies, clean them from all packages affected and provide an alternative repository where to get them. The stability of our fork is the main priority in this phase.
There has been a lot of debate over systemd in the Debian community in the past few months and it will be interesting to see if this non-systemd fork of Debian gains support.
Russian internet giant Yandex has launched an alpha version of its new Chromium-based browser for Windows and Mac OS X that incorporates a few interesting ideas of how a modern browser might look. The main difference from the interface of Chrome or Firefox is the ultimate minimalism and the fact that the tabs are moved to the bottom of the page.
It actually looks quite appealing. More information and download links can be found in Yandex' blog post.
A long-standing oddity of Windows is that its branded number has for some years now not matched the version number stamped into the kernel and other parts of the operating system. Windows 7, for example, reported itself to software as being version 6.1. Windows 8 is 6.2, and Windows 8.1 is 6.3.
Current public builds of Windows 10 repeat this trend - they purport to be version 6.4 - but not for much longer. Chinese site ITHome published a picture showing the version number to be 10.0. Version number 10.0 is also cropping up on BuildFeed which tracks build numbers, and has been further corroborated elsewhere.
Interesting little tidbit of information.
The European Parliament has voted in favour of breaking Google up, as a solution to complaints that it favours is own services in search results.
Politicians have no power to enforce a break-up, but the landmark vote sends a clear message to European regulators to get tough on the net giant.
I'm glad they're keeping a close watch on these powerful companies, but a break-up?
Good luck with that.
The new ReactOS Explorer is much more compatible, stable, and comes with more features than the current (and now old) explorer. We expect it to be a big quality jump in terms of usability, and the rockstar feature of the upcoming 0.4 release. Just keep reading to discover more about it!
The new shell has been merged today.
"People are talking about women and games seriously; people are taking the critiques seriously," Sarkeesian says as she stirs her tea. "It's been a huge shift. This discussion is becoming more mainstream."
A blond woman sitting at the next table before an array of New York City street maps begins squirming excitedly in her seat. "Are you talking about the article about gaming in the New York Times yesterday? I read it!" she says excitedly. "Did you write that? It was great!"
Fantastic article, horrible title (hence why I'm using a generic placeholder title instead). She's not gaming's "greatest adversary". In fact, Sarkeesian - and people like her, trying to create more diversity in every aspect of gaming - are gaming's greatest asset.
The DragonFly BSD operating system is a server oriented project. Though originally forked from FreeBSD, DragonFly BSD is an independent operating system that carries a number of unique features, foremost among them is the HammerFS file system. DragonFly BSD 4.0 was released on November 25th and offers several new features.
Version 4 of DragonFly brings Haswell graphics support, 3D acceleration, and improved performance in extremely high-traffic networks. DragonFly now supports up to 256 CPUs, Haswell graphics (i915), concurrent pf operation.
The latest version of DragonFly BSD no longer supports 32-bit x86 machines and is designed to work exclusively on the 64-bit x86 architecture.
Google risks losing its spot as the default search provider in Apple's Safari browser next year, according to a report from The Information. The latest extension of a deal that's put Google Search in the hands of iPhone owners since 2007 is set to expire in 2015, and Mountain View rivals Microsoft and Yahoo are already making a case for change with Apple's leadership. Per the report, each company has pitched Apple SVP Eddy Cue on the idea of replacing Google as the default iOS search provider; Microsoft wants Bing to be the default option out of the box, and Yahoo is vying for the same spot.
This will be an interesting claim of Apple's claim that they care about consumers. If they renew the deal, they place their customer's interests first, because their customers massively prefer Google Search. However, if they ditch Google and replace it with some inferior nonsense like Bing or Yahoo, they care more about their personal vendetta than their customers' best interests. If they go the privacy angle, switching to Bing or Yahoo is even more laughable, since those companies track just as much as Google does.
If Apple opts for DDG as default - well, then they earn some respect.
TempleOS is more than an exercise in retro computing, or a hobbyist's space for programming close to the bare metal. It's the brainchild - perhaps the life's work - of 44-year-old Terry Davis, the founder and sole employee of Trivial Solutions. For more than a decade Davis has worked on it; today, TempleOS is 121,176 lines of code, which puts it on par with Photoshop 1.0. (By comparison, Windows 7, a full-fledged modern operating system designed to be everything to everyone, filled with decades of cruft, is âabout 40 million lines.)
If you read just one article today, make sure it's this one.
The FreeBSD Foundation published a report yesterday on the status of FreeBSD running on 64-bit ARM processors. Work to port FreeBSD to the 64-bit ARM architecture has been progressing quickly and it is now possible to boot a FreeBSD installation into single user mode on the young architecture.
The kernel bring-up portion of the project is nearing completion; FreeBSD/arm64 boots to single-user mode on ARM's reference simulator. Work is underway on the remaining kernel drivers, and on userland support. This project's overall goal is to bring FreeBSD/arm64 to a Tier-1 status, including release media and prebuilt package sets. More information about the arm64 port can be found on the FreeBSD wiki.
Samsung's mobile business has been having a rough year - it's still one of the biggest and most profitable players in the Android ecosystem, but profits are down. That can be attributed at least in part to lower than expected sales of the company's flagship Galaxy S5. The Wall Street Journal reports that Samsung increased production by 20 percent relative to last year's Galaxy S4, but that it actually sold 40 percent less than it expected to. The S4 sold around 16 million phones in its first three months on the market, compared to just 12 million for the S5.
Samsung was becoming far too dominant, so I'm glad they're being taken down a notch on both the high and the low end. Other Android manufacturers (and Apple, but that's nothing new) are putting the squeeze on Samsung, and that leads to more choice for consumers, as well as lower prices, and in many cases, better quality for the same or less money.
We all benefit.
Currently Chrome supports NPAPI plugins, but they are blocked by default unless the user chooses to allow them for specific sites (via the page action UI). A small number of the most popular plugins are whitelisted and allowed by default. In January 2015 we will remove the whitelist, meaning all plugins will be blocked by default.
In April 2015 NPAPI support will be disabled by default in Chrome and we will unpublish extensions requiring NPAPI plugins from the Chrome Web Store. Although plugin vendors are working hard to move to alternate technologies, a small number of users still rely on plugins that havenât completed the transition yet. We will provide an override for advanced users (via chrome://flags/#enable-npapi) and enterprises (via Enterprise Policy) to temporarily re-enable NPAPI while they wait for mission-critical plugins to make the transition.
Definitely a big chance some Chrome users will have to account for.
When first released in 1984, the Apple Macintosh shipped with a black-and-white 512 x 342 display. Fast forward 30 years to the release of the iMac with Retina 5K display, which ships with a 5,120 x 2,880 display with support for millions of colours. That's an increase from 175,000 pixels to more than 14.7 million - an 8,400% increase. 80 of the original Macintosh displays fit within a single Retina 5K display.
The picture really does speak a thousand words. This post turns everything around.
The NetBSD project has announced two important stability updates for its highly portable operating system.
The NetBSD Project is pleased to announce NetBSD 5.1.5, the fifth security/bugfix update of the NetBSD 5.1 release branch, and NetBSD 5.2.3, the third security/bugfix update of the NetBSD 5.2 release branch. They represent a selected subset of fixes deemed important for security or stability reasons, and if you are running a prior release of either branch, we strongly suggest that you update to one of these releases.
Details on the two updated branches of NetBSD can be found in the release notes for NetBSD 5.1.5 and NetBSD 5.2.3.
Eugenio Paolantonio has announced the availability of the first development build of Semplice Linux 7, a lightweight, Debian-based distribution that ships with a desktop environment called "Vera" built on top of the Openbox window manager: "It's my pleasure to announce the immediate release of Semplice 7-preview, code-named 'Comfortably....
Zbigniew Konojacki has announced the release of 4MLinux 10.1, the new stable build of the project's lightweight desktop Linux distribution running a customised JWM window manager: "4MLinux 10.1 'Allinone' edition final released. The status of the 4MLinux 10.1 series has been changed to stable. Lots of improvements, most....
Justin Sherrill has announced the release of DragonFly BSD 4.0.1, the first stable 4.0 build of the project's UNIX-like operating system created in 2003 by Matthew Dillon as a fork of FreeBSD 4.8: "Version 4.0.1 released 25 November 2014. Version 4 of DragonFly brings Haswell graphics support, 3D....