News

Terminator: Genisys Teaser Trailor for Super Bowl

OSDir.com - il y a 17 min 6 sec
From the ... back. Again. dept.:
Catégories: News

Highly critical “Ghost” allowing code execution affects most Linux systems

OSDir.com - il y a 17 min 6 sec
From the Updates dept.:
An extremely critical vulnerability affecting most Linux distributions gives attackers the ability to execute malicious code on servers used to deliver e-mail, host webpages, and carry out other vital functions.

The vulnerability in the GNU C Library (glibc) represents a major Internet threat, in some ways comparable to the Heartbleed and Shellshock bugs that came to light last year. The bug, which is being dubbed "Ghost" by some researchers, has the common vulnerability and exposures designation of CVE-2015-0235. While a patch was issued two years ago, most Linux versions used in production systems remain unprotected at the moment. What's more, patching systems requires core functions or the entire affected server to be rebooted, a requirement that may cause some systems to remain vulnerable for some time to come.
Catégories: News

Google reveals third unpatched 90-day Windows vulnerability

OSDir.com - il y a 17 min 6 sec
From the Google, Windows, or Security? dept.:
Microsoft has heavily criticized Google and its 90-days security disclosure policy after the firm publicly revealed two zero-day vulnerabilities in Microsoft's Windows 8.1 operating system one after one just days before Microsoft planned to issue a patch to kill the bugs. But, seemingly Google don't give a damn thought.

Once again, Google has publicly disclosed a new serious vulnerability in Windows 7 and Windows 8.1 before Microsoft has been able to produce a patch, leaving users of both the operating systems exposed to hackers until next month, when the company plans to deliver a fix.
Catégories: News

Severe NTP Vulnerabilities

OSDir.com - il y a 17 min 6 sec
From the What time is it? dept.:
Here is a CERT advisory warning of a number of code-execution vulnerabilities in the network time protocol (NTP) implementation. "These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available." Most distributors already have updates available; applying them seems like a good idea.
Catégories: News

PostgreSQL 9.4 Released

OSDir.com - il y a 17 min 6 sec
From the More, Faster dept.:
he PostgreSQL Global Development Group announces the release of PostgreSQL 9.4, the latest version of the world's leading open source database system. This release adds many new features which enhance PostgreSQL's flexibility, scalability and performance for many different types of database users, including improvements to JSON support, replication and index performance.
Catégories: News

Ruby Programming Lang Creator Working on New Language: Streem

OSDir.com - il y a 17 min 6 sec
From the Why not both? dept.:
Streem is a concurrent scripting language based on a programming model similar to shell, with influences from Ruby, Erlang and other functional programming languages.
Catégories: News

Android Wear Updated. Android 5.0 on the Way

OSDir.com - il y a 17 min 6 sec
From the Wrist dept.:
Google today has announced a major update to Android Wear, bringing some long-awaited official functionality to its smartwatches — and a host of new features to go along with them.

Oh, and Android 5.0 is coming soon to your watch.
Catégories: News

Terminator Genisys Trailor Released

OSDir.com - il y a 17 min 6 sec
From the Liquid Metal dept.:
Catégories: News

The Hobbit: The Battle of the Five Armies

OSDir.com - il y a 17 min 6 sec
From the Beards & Gold dept.:
Catégories: News

Mad Max: Fury Road Trailer Released

OSDir.com - il y a 17 min 6 sec
From the A Touch Dusty dept.:
Catégories: News

Libreboot X200 laptop now FSF-certified to respect your freedom

Free Software Foundation - il y a 51 min 26 sec

This is the second Libreboot laptop from Gluglug (a project of Minifree, Ltd.) to achieve RYF certification, the first being the Libreboot X60 in December 2013. The Libreboot X200 offers many improvements over the Libreboot X60, including a faster CPU, faster graphics, 64-bit GNU/Linux support (on all models), support for more RAM, higher screen resolution, and more. The Libreboot X200 can be purchased from Gluglug at http://shop.gluglug.org.uk/product/libreboot-x200/.

The Libreboot X200 is a refurbished and updated laptop based on the Lenovo ThinkPad X200. In order to produce a laptop that achieved the Free Software Foundation's certification guidelines, the developers at Gluglug had to replace the low-level firmware as well as the operating system. Microsoft Windows was replaced with the FSF-endorsed Trisquel GNU/Linux operating system, which includes the GNOME 3 desktop environment. The free software boot system of Libreboot and the GNU GRUB 2 bootloader were adapted to replace the stock proprietary firmware, which included a BIOS, Intel's Management Engine system, and Intel's Active Management Technology (AMT) firmware.

The FSF has previously written about Intel's ME and AMT, calling attention to how this proprietary software introduces a fundamental security flaw -- a back door -- into a person's machine that allows a perpetrator to remotely access the computer over a network. It enables powering the computer on and off, configuring and upgrading the BIOS, wiping the hard drives, reinstalling the operating system, and more. While there is a BIOS option to ostensibly disable AMT, because the BIOS itself is proprietary, the user has no means to verify whether this is sufficient. The functionality provided by the ME/AMT could be a very useful security and recovery measure, but only if the user has control over the software and the ability to install modified versions of it.

"The ME and its extension, AMT, are serious security issues on modern Intel hardware and one of the main obstacles preventing most Intel based systems from being liberated by users. On most systems, it is extremely difficult to remove, and nearly impossible to replace. Libreboot X200 is the first system where it has actually been removed, permanently," said Gluglug Founder and CEO, Francis Rowe.

"This is a huge accomplishment, but unfortunately, it is not known if the work they have done to remove the ME and AMT from this device will be applicable to newer Intel-based laptops. It is incredibly frustrating to think that free software developers may have to invest even more time and energy into figuring out how to simply remove proprietary firmware without rendering the hardware nonfunctional. On top of that, the firmware in question poses a serious security threat to its users -- and the organizations who employ them. We call on Intel to work with us to enable removal of ME and AMT for users who don't want it on their machines," said FSF's executive director, John Sullivan.

In order to remove the ME, AMT, and other proprietary firmware from the laptop, the Libreboot developers had to first reverse engineer Intel's firmware. They then created a small software utility to produce a free firmware image that conforms to Intel's specifications. Finally, to install their firmware on the device, they used special hardware (an SPI flasher) that they directly connected to a small chip on the motherboard itself. After many months of work, the Libreboot developers managed to completely overwrite the proprietary firmware with Libreboot and GNU GRUB 2. Those who purchase a Libreboot X200 from Gluglug will receive a laptop that has had all of this work already done to it and will be able to update or install new firmware to their device without needing to make use of any special hardware or complicated procedures.

To learn more about the Respects Your Freedom hardware certification, including details on the certification of the Libreboot X200, visit http://www.fsf.org/ryf. Hardware sellers interested in applying for certification can consult http://www.fsf.org/resources/hw/endorsement/criteria.

Subscribers to the FSF's Free Software Supporter newsletter will receive announcements about future Respects Your Freedom products.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About Gluglug and Minifree, Ltd

Francis Rowe is the Founder and CEO of Minifree Ltd in the UK, which owns and operates Gluglug, a project to promote adoption of free software globally. To purchase products sold by Gluglug, visit http://shop.gluglug.org.uk.

Media Contacts

Joshua Gay
Licensing & Compliance Manager
Free Software Foundation
+1 (617) 542 5942
licensing@fsf.org

Francis Rowe
Founder & CEO
Gluglug
info@gluglug.org.uk

Catégories: News

The best open-source office suite, LibreOffice 4.4, gets new release

ZDNet Open Source - il y a 2 heures 46 min
The top open-source office suite offers a new, improved version with better Microsoft Office file format compatibility.
Catégories: News

Android 5.0 Lollipop Released

OSDir.com - mer, 28/01/2015 - 21:00
From the Sucker dept.:
Google has started pushing the over-the-air updates to Android 5.0 Lollipop out to Nexus devices, so over the coming days you can expect an update notification on your phone or tablet. In case you don't want to wait, you can grab the system images straight from Google and update manually.
Catégories: News

Dell offers new Ubuntu Linux workstation laptop

ZDNet Open Source - mer, 28/01/2015 - 20:20
Dell is continuing to support Linux developers with new Linux-powered laptops.
Catégories: News

GHOST, a critical Linux security hole, is revealed

ZDNet Open Source - mar, 27/01/2015 - 20:33
This security hole, which impacts many older versions of Linux and some current ones, should be patched as soon as possible.
Catégories: News

​Microsoft: The open-source company

ZDNet Open Source - lun, 26/01/2015 - 20:04
Microsoft loves Linux, is adopting Docker for its servers, and just bought Revolution Analytics, the biggest open-source R statistical language company. This is not your dad's Microsoft.
Catégories: News

​Librem 15, the first free software GNU/Linux laptop, makes funding goal

ZDNet Open Source - jeu, 22/01/2015 - 19:47
The Librem 15 Linux laptop has surpassed the $250-thousand goal it needed to launch.
Catégories: News

​Get on the Linux job train with a new system administration class

ZDNet Open Source - mer, 21/01/2015 - 17:11
The Linux Foundation is offering a new self-paced class to help you get ready for the Linux Foundation Certified System Administrator exam.
Catégories: News

New ​Linux Foundation's guide to the open-source cloud

ZDNet Open Source - mar, 20/01/2015 - 13:53
A little confused about what's what with Cloud Foundry, OpenStack and Mesos? Let the Linux Foundation help you with its new guide to open-source cloud technologies.
Catégories: News
Numéro fédéral :  CH-660.2.608.005-3
Creative Commons License CC BY-SA