Showing headlines posted by penguinist

The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.

European cybersecurity agency ENISA has come down firmly against backdoors and encryption restrictions, arguing they only help criminals and terrorists while harming industry and society.

A 4K monitor can be attached to Odroid-C2 through an HDMI 2.0 port. The board has ARM's latest Mali-450 MP3 GPU and a video acceleration chip that can render H.265 4K video streams at 60 frames per second... The Odroid-C2 will start shipping on March 4 with Ubuntu pre-installed, according to the company.

The big news yesterday and even into today was the new Ubuntu tablet, which everyone including Canonical touted as "convergence delivered." Well, today Randall Ross scolds news sites for missing the "timely idea" that is convergence.

An open source network utility (socat) used by administrators and security professionals contains a cryptographic weakness so severe that it may have been intentionally created to give attackers a surreptitious way to eavesdrop on protected communications, its developer warned...

Malwarebytes says it will take about a month to deploy a patch to fix vulnerabilities found by Google's Project Zero bug hunters.

The NSA is also keen to find any hardcoded passwords in software or passwords that are transmitted in the clear ... If you really want to make the NSA’s life hard ... limit access privileges for important systems to those who really need them; segment networks and important data to make it harder for hackers to reach your jewels; patch systems and implement application whitelisting; remove hardcoded passwords and legacy protocols that transmit passwords in the clear.

One of the most powerful organizations in the open-source world faces questions over why it quietly did away with two seats on its board designated for non-corporate members. As of Jan. 15, the Linux Foundation’s bylaws were changed to remove a provision that allowed for the election of two board members by the group’s individual affiliates. The entirety of the board’s membership is now selected by the Linux Foundation’s corporate members.

Rust is a multi-platform systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety.

The Perception Point Research team has identified a 0-day local privilege escalation vulnerability in the Linux kernel. While the vulnerability has existed since 2012, our team discovered the vulnerability only recently, disclosed the details to the Kernel security team, and later developed a proof-of-concept exploit.

This article is a fascinating summary of the current debates within the Bitcoin open source developer community around the future direction of this virtual currency.

Linux has been around as an open-source, free operating system for quite some time... More companies announced support this week, including Ford. 7 car companies are now involved.

The same individual or group claiming to be behind a recent breach of the personal e-mail account of CIA Director John Brennan now claims to be behind the hijacking of the accounts of Director of National Intelligence James Clapper.

We're past the point of predictions for 2016, so let's talk about the one thing I really want to happen in the Linux world this year: desktop Linux on tablets.

Toyota, the world’s largest auto company, announced at CES two days ago that it will use the Ford Motor Company’s SmartDeviceLink, or SDL... The company released SDL as an open-source package three years ago...

Who is the mystery man behind bitcoin, and why are so many people desperate to find out?

ROS 2.0 will support the growth of the ROS community by making it much easier to work with small embedded systems, teams of multiple robots, and robots that require real-time control... BMW chose ROS for its autonomous driving research, though: they appreciate its popularity, its stability and reliability based on a large user base, the fact that it makes it easy to collaborate, and its open source nature.

Adobe released a security update for the Linux version of their Flash player that addresses the zero-day exploits coming out of the "Hacking Team" disclosures. The current Linux Flash Player for Firefox is now Version 11.2.202.491.

LXer Feature: 2014-Mar-31

Imagine having the equivalent of four 1920x1080 monitors in a 2x2 grid, on your desk, with absolutely no seam between them. This article describes my journey towards that goal...

Three golden nuggets from the Southeast LinuxFest: "RPi+", video editing, and spam tips.