Debian Security   [more] [xml]
 2015-05-28 DSA-3274 virtualbox - security update

Jason Geffner discovered a buffer overflow in the emulated floppy disk drive, resulting in potential privilege escalation.

 2015-05-25 DSA-3273 tiff - security update

William Robinet and Michal Zalewski discovered multiple vulnerabilities in the TIFF library and its tools, which may result in denial of service or the execution of arbitrary code if a malformed TIFF file is processed.

 2015-05-23 DSA-3272 ipsec-tools - security update

Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of service.

Debian Wiki   [more] [xml]
 2015-05-30T11:38:02Z Creating signed GitHub releases
consistently GitHub instead of github
 2015-05-30T11:31:01Z ServicesSSL
update qa.d.o stuff
 2015-05-30T10:03:14Z ReproducibleBuilds/History
iceweasel being reproducible is noteworthy   [more] [xml]
 Fri, 29 May 2015 19:00:00 -0700 Smart API integrations with Python and Zato As the number of applications and APIs connected in a cloud-driven world rises dramatically, it becomes a challenge to integrate them in an elegant way

 Fri, 29 May 2015 15:00:00 -0700 3 Relatively Unknown Open Source Web Browsers for Linux that Packs the Punch

 techdrivein: 3 superb free and open source web browsers you've probably never heard about.

 Fri, 29 May 2015 14:00:00 -0700 Microsoft Lobbying in India Shoots Down or At Least Weakens Free/Libre Software Policy

 techrights: After Microsoft lobbying (both directly and by proxy) against Indian sovereignty we seem to have ended up with a watered-down Indian policy, which briefly favoured Free/Open Source software (FOSS).

OSNews   [more] [xml]
 Fri, 29 May 2015 23:49:42 GMT Google's Project Vault computing environment on a micro SD card
Project Vault is a secure computer contained entirely on a micro SD sized device. Google's ATAP said the micro SD format made sense because there's already advanced security features on your phone, contained in the SIM card, which protects the things important to carriers. Vault is designed to be an equivalent, but designed to project a user's important content. Would be fun to play with on my Google Nexus 5. Oh wait.
 Fri, 29 May 2015 21:47:21 GMT How an artificial language from 1887 is finding new life online
The internet, though, has been a mixed blessing for Esperanto. While providing a place for Esperantists to convene without the hassle of traveling to conventions or local club meetings, some Esperantists believe those meatspace meet ups were what held the community together. The Esperanto Society of New York has 214 members on Facebook, but only eight of them showed up for the meeting. The shift to the web, meanwhile, has been haphazard, consisting mostly of message boards, listservs, and scattered blogs. A website called Lernu! - Esperanto for the imperative "learn!" - is the center of the Esperanto internet, with online classes and an active forum. But it's stuck with a Web 1.0 aesthetic, and the forum is prone to trolls, a byproduct of Esperanto's culture of openness to almost any conversation as long as it's conducted in - or even tangentially related to - Esperanto. But there's hope that the internet can give the language new life. Wikipedia and its 215,000 pages was a first step, and yesterday, Esperanto debuted on Duolingo, a virtual learning app with 20 million active users - far more people than have ever spoken Esperanto since its invention. This article is the perfect mix between two of my favourite subjects - technology, and language. A highly recommended read.
 Fri, 29 May 2015 21:39:14 GMT An Apple customer's thoughts on Google I/O 2015
While Apple's WWDC is of little interest to hard-core Android customers, Google I/O can and often is of significant interest to Apple customers. It's where Google shows off its big new initiatives and previews updates for its existing services. Some years, those are blips on the radar, here for a moment, gone the next. Other years their scope and implications shake the world. This year, for me, fell somewhere in the middle. Google was restrained, relatively speaking, and focused. Yet as much as they acknowledged the need to shore up what came before, the company's focus is clearly on what's coming next. And that's worth a deeper discussion. How iMore's Rene Ritchie perceived the Google I/O accouncements.
 Fri, 29 May 2015 17:17:04 GMT Chasing the next billion with Sundar Pichai
The Verge has a long and detailed profile of and interview with Sundar Pichai, the man at Google responsible for just about anything you use. We sat down with Pichai to hear his vision for the Google of the future. He laid out a plan to improve Google's products through machine learning - but more importantly, he sketched out a grand effort to deliver computing capabilities to billions of people around the world. Both in the way he manages his internal teams, and in his belief that technology can change people's lives for the better, Pichai advocates an egalitarian ethos. If there's one thing that stood out during the I/O keynote yesterday, it was that Google was really hammering on the fact that it wants to create products for everyone. It wasn't said with so many words, but the clear implication was "unlike Apple, which only builds products for rich people in the west". This egalitarian view permeated every aspect of the keynote, including the people on stage - instead of the usual procession of western, white 40-something men, almost half of all the presenters were women (I think there were three, like a VP of engineering), and a few people weren't even western to begin with. This is unprecedented for technology companies - Apple, for instance, hasn't ever had a woman present on stage (although Tim Cook did interview a supermodel on stage once). We need this. Technology needs this. We need people from "new" economies, as well as women, to play a big part in the development of our technology to ensure that technology isn't just designed for rich white people, but for everyone. Pichai knows this, and it was drop-dead obvious throughout the entire keynote. Say what you want about Google - and there's a lot to say - but in this aspect, they are so far ahead of the competition it's not really a competition to begin with.
 Thu, 28 May 2015 23:01:35 GMT Google is trying to solve the smart home's biggest problem
At its developers conference this afternoon, Google announced two pieces of software for the smart home and the broader collection of connected devices around us, increasingly known as the internet of things. Those two pieces are Brillo, an operating system, and Weave, a common language for devices to talk to one another. And importantly, Weave doesn't have to run on Brillo - so appliance manufacturers can theoretically add it on to their existing products. I just can't get excited about an internet-connected blender.
 Thu, 28 May 2015 18:45:48 GMT Google unveils Now on Tap
After Android M, Google also talked a lot about Google Now - which is getting a major upgrade called Now on Tap. In short, Now on Tap is context-aware, and knows what's going on in the application you're using right now. If someone sends you a WhatsApp message that says "Want to have dinner at Chez Fred tonight?", you can bring up a Google Now overlay without leaving WhatsApp that shows you a Google Now card with information pertaining to Chez Fred. Or, if you're listening to a song on Spotify, you can just say "OK Google, who's the lead singer", and Google Now will provide the answer. We're working to make Google Now a little smarter in the upcoming Android M release, so you can ask it to assist you with whatever you're doing - right in the moment, anywhere on your phone. With "Now on tap," you can simply tap and hold the home button for assistance without having to leave what you’re doing - whether you're in an app or on a website. For example, if a friend emails you about seeing the new movie Tomorrowland, you can invoke Google Now without leaving your app, to quickly see the ratings, watch a trailer, or even buy tickets - then get right back to what you were doing. Developers do not have to do anything to their applications to make them work with Now on Tap - they only need to be indexed by Google.
 Thu, 28 May 2015 18:03:19 GMT Google unveils Android M
Google I/O is here, and the company's big keynote is still underway. The biggest announcement so far is - as expected - Android M, the next major Android release scheduled for Q3 of this year. Much like how the last few iOS releases played catch-up to major Android features, Android M is really catching up to a number of major, stand-out iOS features - and all of them are very welcome. The biggest new feature coming to Android M is App Permissions - and it's exactly what you're thinking. Instead of applications asking for all possible permissions during installation time, they will now only ask for a permission the first time you use the specific feature of the application that requires it. If you've ever used iOS - well, it's that, essentially. In addition, you can go into the Settings application and revoke an application's individual permissions, or the other way around - look at which applications have a specific permission. If you're familiar with Android, you'll be aware of the incredibly long and confusing list of possible permissions. Alongside implementing an iOS-like permission system, Android M will also pare down the number of permissions to a much smaller number (I think I saw 8 or 10?), making them clearer and more straightforward. All good so far, and yet another example of how competition between the major platforms makes both of them better - consumers, win. There's bad news, though, and it's this: the new permission system will only work with applications built with the Android M SDK. "Legacy" applications will, sadly, default to the existing permission system. While that in and of itself is disappointing enough, it also means we'll be using two different permission systems at the same time for at least several months, and possibly years. Another major new feature in M is a new power state, called Doze, which is basically a deeper form of sleep. Your device will learn your usage patterns, and move to this deep sleep state when it's not being used. According to Google, tablets will benefit the most from this, doubling their standby time. For phones, which get used more often, this will deliver less benefit. Android's intents system is also getting an upgrade, allowing applications to directly link to each other, without throwing up that "open with" dialog. Google Wallet is getting an upgrade and a name change - Android Pay - and now works pretty much exactly like Apple Pay, and it will be available on all Android phones with NFC. In addition, it supports fingerprint readers. Support for these readers will be further integrated and standardised in M. There's a lot more in Android M, but these are the biggest features. Google is releasing a developer preview for select Nexus devices today, and the final release will happen somewhere in Q3. This being Android, though, the biggest elephant in the room remained unmentioned: updates. As great as Android M looks, you'll most likely not be getting it until somewhere next year. Such is life.
 Thu, 28 May 2015 11:30:41 GMT Finally, an objective book review: A God In Ruins
A God In Ruins is a novel by the author Kate Atkinson, following on from a previous novel by the same author entitled Life After Life. The book is 24 cm high and 16.2 cm wide. Across the main surface appears a predominantly brown background, depicting wooden boards. Upon them lies or hangs a rabbit, that is possibly dead, but could also be alive. A great story about ethics in book journalism.
 Thu, 28 May 2015 00:04:10 GMT White House tells Supreme Court APIs are copyrightable
The Justice Department is weighing in on the hot-button intellectual property dispute between Google and Oracle, telling the Supreme Court that APIs are protected by copyright. The Obama administration's position means it is siding with Oracle and a federal appeals court that said application programming interfaces are subject to copyright protections. The high court in January asked for the government's views on the closely watched case. Words can't describe how stupid this is, so here's a picture of a bunny wearing a hat.
 Wed, 27 May 2015 21:16:36 GMT The Verge's Pebble Time review
The Verge reviews the Pebble Time - the new Pebble, with all-new hardware and all-new software. They conclude: Right now, the Time is an accessory to your smartphone, which is exactly what Pebble wants it to be. But while other smartwatches feel like futuristic platforms that just need more refinement and purpose, it’s not clear how the Pebble Time could go beyond what it already is. It has smaller ambitions than Apple and Google, and for the most part, it already achieves those ambitions. The notifications could certainly get better, the timeline integrations could definitely get more plentiful, and the watch faces could get more colorful. But at the end of the day, it’s still a thing that you wear on your wrist so you don’t have to pick up your phone at every incoming text message. Strange how what they see as a downside for the Pebble compared to Wear and the Apple Watch, I consider to be its strengths. Pebble doesn't waste battery and screen real estate on stuff that's just cumbersome on a watch and only serves to put a really, really complex, cumbersome, and slow UI on a tiny screen on your wrist. The Pebble definitely looks to be a lot more watch and a lot less computer than Google's and Android's offerings, and that's a good thing in my book - not a bad thing. Much better battery life, always-on display, fast and responsive software, and a really simple and straightforward UI. Too bad that the regular Pebble Time isn't exactly the prettiest watch out there, but luckily, the Pebble Time Steel looks a little better. Still square though, so those of us who prefer round watches will have to wait around a bit longer.
 Tue, 26 May 2015 23:31:34 GMT Microsoft announces Cortana for Android, iOS
Part of the power of a personal assistant comes from being available on the go, on the device you carry with you everywhere. And for people who don't have the benefit of a Windows phone, we want to extend the advantage of Cortana in Windows 10. How will this work? Today, we're announcing a Cortana application for Android phones and for iPhones which works as a companion to Cortana on your Windows 10 PC. The 'Phone Companion' app on the PC will help you install the Cortana app from the Google Play or Apple App Store onto your phone so you’ll be able to take the intelligence of Cortana with you, wherever you go. I've never seen anyone use Siri, save for the occasional parlour trick and the odd one out using it to set alarms. I'm not sure these anthropomorphised ones and zeros are really as a big a deal as these companies want us to believe.
 Tue, 26 May 2015 22:14:33 GMT The mystery of the power bank phone taking over Ghana
Have you noticed an odd bulge in people's shorts around Accra? It's likely because, like many of my friends, they've recently acquired a new phone. But it's not the iPhone 6 Plus, and it's not the Samsung Galaxy S6. It's this thing. I like it. It's functional and has a certain charm to it.
 Tue, 26 May 2015 22:13:09 GMT Apple drops discoveryd in latest OS X beta
After many complaints from the developer community about poor networking performance on Yosemite, the latest beta of OS X 10.10.4 has dropped the discoveryd in favor of the old process used by previous versions of Mac operating system. This should address many of the network stability issues introduced with Yosemite and its new networking stack. A clearer sign that discoveryd was a mess, there is not.
 Tue, 26 May 2015 19:11:23 GMT Genode 15.05 is accompanied by a book
The just released version 15.05 of the Genode OS Framework is the most comprehensive release in the project's history. Among its highlights are a brand-new documentation in the form of a book, principal support for the seL4 microkernel, new infrastructure for user-level device drivers, and the feature completion of the framework's custom kernel. For many years, the Genode OS project was primarily geared towards microkernel enthusiasts and the domain of high-security computing. With version 15.05, the project likes to widen its audience by complementing the release with the downloadable book "Genode Foundations" (PDF). The book equips the reader with a thorough understanding of the architecture, assists developers with the explanation of the development environment and system configuration, and provides a look under the hood of the framework. Furthermore, it contains the specification of the framework's programming interface. If you ever wondered what Genode is all about, the book may hopefully lift the clouds. Besides the added documentation, the second focus of the new version is the project's custom kernel platform called base-hw. This kernel allows the execution of Genode on raw hardware without the need of a 3rd-party microkernel. This line of work originally started as a research vehicle for ARM platforms. But with the addition of kernel-protected capabilities, it has reached feature completeness. Furthermore, thanks to the developers of the Muen isolation kernel, base-hw has become available on the 64-bit x86 architecture. This represents an intermediate step towards running Genode on top of the Muen kernel. Speaking of kernels, the current release introduces the principle ability to run Genode-based systems on top of the seL4 microkernel. As the name suggests, seL4 belongs to the L4-family of microkernels. But there are two things that set this kernel apart from all the other family members. First, with the removal of the kernel memory management from the kernel, it solves a fundamental robustness and security issue that plagues all other L4 kernels so far. This alone would be reason enough to embrace seL4. Second, seL4 is the world's first OS kernel that is formally proven to be correct. That means, it is void of implementation bugs. This makes the kernel extremely valuable in application areas that highly depend on the correctness of the kernel. At the architectural level, the framework thoroughly revised its infrastructure for user-level device drivers, which subjects device drivers to a rigid access-control scheme with respect to hardware resources. The architectural changes come along with added support for message-signaled interrupts and a variety of new device drivers. For example, there is a new AHCI driver, new audio drivers ported from OpenBSD, new SD-card drivers, and added board support for i.MX6. Further noteworthy improvements are the update of the tool chain to GCC 4.9.2, support for GPT partitions, and the ability to pass USB devices to VirtualBox when running on NOVA. These and the many more topics of the version 15.05 are covered in great detail in the release documentation.
 Mon, 25 May 2015 23:11:20 GMT Relicensing Dolphin: the long road to GPLv2+
The team quickly came to the conclusion that in order to keep Dolphin relevant in an ever-changing environment, it would need to be relicensed under GPLv2+. This would give Dolphin some much needed freedom to breathe within the open source landscape. As such, relicensing formally began in September of 2014. A massive undertaking. News   [more] [xml]
 2015-05-28T21:02:26+00:00 Distribution Release: IPFire 2.17 Core 90
The IPFire team has announced the release of IPFire 2.17 Core Update 90. The new release offers a number of security enhancements, including the use of GeoIP filtering and the disabling of vulnerable security protocols. The project's kernel and system services have also been updated and patched against....
 2015-05-28T18:01:41+00:00 Development Release: Mangaka Nyu Alpha
After several dormant years, the developers of Mangaka Linux have released a new development version of their Ubuntu-based distribution. The new alpha release is based on Ubuntu 14.04 and strives to offer a responsive and customizable desktop environment. The distribution is designed with the manga and anime communities....
 2015-05-27T05:22:09+00:00 Distribution Release: ALT Linux 7.0.5
Andrey Cherepanov has announced the release of ALT Linux 7.0.5, a set of Linux distributions that include the "Centaurus", "KDesktop" and "Schools Suite" variants, as well as "Simply Linux" (for the home/office desktop). "Centaurus", shipping with the MATE 1.6.0 desktop environment, is the project's default edition. From the....

powered by zFeeder





Translate to Spanish