Home Blog Page 1546

Linux 3.15 Can Almost Be Compiled Under LLVM’s Clang

By
Phoronix
-

A few hours ago I wrote about the most interesting features for the Linux 3.15 kernel from my perspective as it didn’t look like anything else interesting would be introduced this late in the merge window before the imminent 3.15-rc1. However, this time I’ve been happily proven wrong with Clang patches being added to the Linux 3.15 kernel…

Read more at Phoronix

The Linux 3.15 Kernel Is Going To Have A Lot Of Great Features

By
Phoronix
-

There’s likely just a day or two left before the Linux 3.15-rc1 kernel will be released to mark the end of the Linux 3.15 kernel merge window. With all of the major features appearing to have been merged by now, here’s an overview of the exciting features to look forward to with the Linux 3.15 release…

Read more at Phoronix

Make Your Linux Machine An Internet Access Point [Hotspot]

By
Mike Kuplevatsky
-

It can be tough staying at a place without so much as a router, right? It’s incredibly annoying, especially considering it’s 2014 — a year where technology is supposed to be at its best. Today, I thought it would be useful if I introduced you to a concept I consider totally badass. All you’ll need is your Linux machine and an ethernet cable. What’s that? No, this process won’t ask for your firstborn in return — it’s not Micrsoft. It’s kind of like reverse tethering. [Thanks for asking, imaginary person that I just created to answer my own question.]

 

Step 1: Add PPA

sudo add-apt-repository ppa:nilarimogard/webupd8

Step 2: Update

sudo apt-get update


Step 3: Install

sudo apt-get install ap-hotspot


Step 4: Configure

sudo ap-hotspot configure


If you’re connected to an Ethernet cable, it should detect your network as something like etch0 — just continue. Once it asks to name your network, name it something like awesomenetwork. Your WPA password should be of the following length (this is what I use as my password: fivefifty. No longer, no shorter.

 

To Start

Sudo ap-hotspot start

To Stop

sudo ap-hotspot stop

To Restart

sudo ap-hotspot restart

Meet Jasper, an open-source, Siri-like virtual assistant for Raspberry Pi

By
PCWorld
-

Over the past year or so, we’ve seen the Raspberry Pi mini-PC used for some very cool projects, including a Lego-botall-in-one PC3D printer, and even a drone.

Now we have another intriguing use for the Pi: An automated personal assistant.

Two Princeton University students have a new open source project called Jasper that is basically a Siri or Google Now clone running on the Raspberry Pi. It’s an always-on system constantly waiting for voice commands that you can hack together to use in your home.

Read more at PCWorld.

Linux Foundation Responds to the Heartbleed Bug

By
Eric Searcy
-

You have likely heard by now about the “Heartbleed” SSL vulnerability (CVE-2014-0160). Put simply from the perspective of a user of the Internet, this vulnerability means that for the last two years, any secure “your-browser-shows-a-lock” site you went to might have not really been secure, and an attacker could have been intercepting your passwords or sensitive data just like they can on “regular” non-SSL sites. Or, an attacker might discover information about a server hosting an SSL site that could help them in an attempt to compromise (hack) that server.

The Linux Foundation takes security very seriously. We, like many others, use the popular OpenSSL library to secure our web services. Within hours of the publishing of the OpenSSL advisory Monday and the LWN news report, we began patching our affected SSL services, which we completed Monday night/Tuesday morning (07:45 UTC). All SSL sites we manage have had newly-generated certificates installed.

It’s nearly impossible to know for sure, due to the nature of the vulnerability, how much the Heartbleed vulnerability was used to snoop on secure data. We recommend for our sites the same as for other sites: first, watch for a statement to come out from your financial institutions, email providers, and others, which shares whether they were affected. Start changing your passwords. Use different passwords on different sites and store them in a password safe like KeePass, LastPass or 1Password. That way, if any sites that remain vulnerable leak your password, it won’t affect any other sites. Check back on sites that post statements after you changed the password, and then change the passwords again if needed.

We highly recommend our users change the password on their Linux Foundation ID—which is used for the logins on most Linux Foundation sites, including our community site, Linux.com—for your own security and as part of your own comprehensive effort to update and secure as many of your online credentials as you can.

 

 

If you have further concerns, please email This e-mail address is being protected from spambots. You need JavaScript enabled to view it
. To contact our technical team, please email This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.

Wishing you a secure 2014,

Eric Searcy, IT Infrastructure Manager
The Linux Foundation

CloudOps Extends the Security of Apache’s CloudStack Platform

By
OStatic
-

CloudStack became an Apache Top-level Project (TLP) back in March 2013, and is the open source muscle behind many cloud deployments. Originally donated to Apache by Citrix, CloudStack depends on community contributions to keep its feature set growing and its security hardened. This week, CloudOps, which provides private, public and hybrid cloud solutions for enterprises, announced security enhancements that the company has contributed to Apache CloudStack and the availability of their implementation and managed services for Apache CloudStack 4.3.

Apache CloudStack is an integrated Infrastructure-as-a-Service (IaaS) cloud platform that has been well maintained by Apache, and it recently arrived in version 4.3. For its part, CloudOps has contributed code to CloudStack 4.3 that enables support of Palo Alto Networks as an integrated security service and that enables a new Secure Sockets Layer (SSL) termination.

 

Read more at Ostatic

Heartbleed Developer Explains OpenSSL Mistake that Put Web at Risk

By
ArsTechnica
-

 

The software developer who inserted a major security flaw into OpenSSL has said the error was “quite trivial” despite the severity of its impact, according to a new report.

The Sydney Morning Herald published an interview today with Robin Seggelmann, who added the flawed code to OpenSSL, the world’s most popular library for implementing HTTPS encryption in websites, e-mail servers, and applications. The flaw can expose user passwords and potentially the private key used in a website’s cryptographic certificate (whether private keys are at risk is still being determined).

The Herald reports:

Read 4 remaining paragraphs | Comments

Read more at Ars Technica

Heartbleed’s Lesson: Passwords Must Die

By
ZDNet
-

With the multitudes of accounts we have to deal with for email, social networking and other applications that require password authentication, we need a better solution.

Heartbleed May Not Leak Private SSL Keys After All

By
The Verge
-

After this week’s massive Heartbleed bug, one of the biggest concerns was that the bug might leak a website’s private SSL keys, the key to the green lock that secures data sent to users. It’s especially dangerous because, if an attacker did access the keys, they could be used even after the server was patched, allowing attacks months or even years in the future.

“If it is possible, it is at a minimum very hard.”

But today, the content distribution network CloudFlare has announced Heartbleed may not allow access to those private keys after all. In two weeks of testing, the company has been unable to successfully access private keys with Heartbleed, suggesting the attack may not be possible at all. “If it is possible, it is at a minimum…

Continue reading…

Read more at The Verge

NVIDIA GeForce 337 Beta Driver Linux Overclocking Trials

By
Phoronix
-

NVIDIA released their first 337 Linux driver beta earlier this week and it finally brings GPU overclocking support for the GeForce 400 “Fermi” series and newer, up through the latest-generation Maxwell graphics hardware.

Read more at Phoronix
1...1,5451,5461,547...10,743Page 1,546 of 10,743