Story 2014-08-27

Subgraph: the successor to Tails

by
in security on (#2QX4)
story imageTails was compromised, and everyone is wondering what is going to happen next. But a team of researchers in Canada hopes they have the answer: Subgraph, an operating system resistant to zero-day exploits.
In Subgraph OS, any application a computer interacts with running the operating system is isolated in containers to prevent exploits from having a meaningful impact at the OS level. It uses the Grsecurity kernel, a patch applied to the Linux kernel that enhances security by limiting what processes can do. For example, with most operating systems, receiving an infected PDF making use of a zero-day vulnerability means before you realize it, there's malicious code running on your computer. ... he new OS is also, obviously, designed for complete anonymity. All the connections in the OS are intercepted by a metaproxy that then routes them through Tor. The metaproxy has some nifty tricks, too: it opens different Tor circuits for different apps, to avoid an attacker correlating traffic to the same origin.
Subgraph is based on Debian, PGP, and other open source technologies and products.

Jolla smartphone running Sailfish OS launches in Hong Kong

by
in mobile on (#2QX2)
story imageIf you're tired of iOS, bored with Android, disgusted with Blackberry, and put off by Winphones, the folks over at Jolla would like to have a word with you. Their Jolla phone, running a cutting-edge version of their Sailfish OS has just launched.If you hadn't heard, Jolla was founded by a bunch of ex-Nokia employees who decided to go solo with a Linux-based phone operating system when Nokia chose Elop and a Microsoft strategy. Will it work?
Having gone on retail sale at the end of 2013, it's been a busy and productive year for a company with an employee count that is in the low hundreds. Compare that to Microsoft, Apple, or Samsung, and you can put the success of the Jolla hardware and software into perspective. ...

The Jolla handset does not follow the normal paradigms for a smartphone user interface. As the smartphone moves away from the hackers and early supporters, improving the consumer experience has been one goal. The Sailfish UI is fast and flexible, and well-suited to one-handed usage. But it does take some getting used to. Jolla has improved the UI tutorial, and also added in dynamic hints and tips if the OS feels the user is 'stuck' looking for something in the UI.
The thing looks nice enough, but it's going to have to be slicker and sleeker than the existing alternatives to take traction. That said, there's no reason the market can be disrupted. Every time some pundit declares a winner, history proves them wrong.

Windows 7 approaches end of life

by
in microsoft on (#2QWN)
story imagePrefer Windows 7 to Windows 8? Too bad: you're not far away from not having the choice, for some editions. Some wholesalers are already reporting they will no longer be getting Windows 7 Home Premium or Windows 7 Ultimate after October:
Windows 7 Home Premium and Windows 7 Ultimate will be EOL on 10/31/14. Please note: This is ONLY Windows 7 Home Premium and Ultimate editions -- NOT Windows 7 Professional. Windows 7 Professional will still be around for the foreseeable future... No EOL date has been issued on Pro as of yet.
If you have customers that will require Windows 7 Home Premium beyond 10/31/14, please plan ahead. We may purchase Windows 7 Home Premium & Ultimate up until 10/31/14, but once that date has passed, Microsoft will no longer sell the item. At that point - what we have left in-stock is final! Please also remember that downgrading from Windows 8 Core to Windows 7 Home on system builds will no longer be an option after this date, either.
Extended support for Win7 is available until January, 2020. But given how hard it's been to get people to move to Win8, you can only imagine Microsoft is looking forward to pulling the plug on 7 Pro as well.

Twentieth anniversary of the FreeBSD Ports Tree

by
in bsd on (#2QW8)
Twenty years ago a guy by the name of Jordan Hubbard began the first FreeBSD ports tree. Two decades later it's an essential part of any FreeBSD install, allowing source code-level access to a huge ecosystem of software, all installable in either binary package or make-config-install format. That's not Jordan's only contribution either: FreeBSD owes sysinstall and the original package management system to him as well (retired in FreeBSD 10.0-RELEASE for a next generation system).

In commemoration of the big 2-0, BSDFrance commissioned this video. It's quite well done.

BSD/Linux users, what are your opinions of the ports tree vs. repositories vs. app stores? Happy 20th, FreeBSD Ports Tree.

[Ed. note: 2014-08-27 21:18 thrilled to see we now have our very own BSD topic. About time; there have been several BSD articles here!]

The experiment with feeding Soylent articles: your comments!

by
in ask on (#2QM4)
Well, unless you were holed up with Dick Cheney in the underground security bunker, you probably noticed Pipedot flipped the switch on a new feature that feeds articles from other sites. The idea is, as I understand it, anyone running Pipecode can eventually have a whole series of these feeds, and automatically populate their site with articles.

That led to a rash of new articles here, all of the Soylent comments, and a bit of anger over at Soylent despite NCommander having generously and magnanimously offered the feed of articles to Pipedot.

Nonetheless, this mirthful article suggestion poked up in the Pipe today:
Pipedot caught willfully plagiarizing Soylent News! As noted on https://soylentnews.org/comments.pl?sid=3587&cid=85807 and https://pipedot.org/story/2014-08-26/database-to-track-suspicious-memes-on-twitter and in particular, https://pipedot.org/comment/1409062920_n1_soylent_news_org , the majority of content being posted on pipedot.org is taken without permission from soylentnews.org

Given that the copyright of comments on soylentnews.org is not transferred from the people that posted them, this ongoing action constitutes wilful, mass copyright infringement.

You are hereby given notice on behalf of John Doe and Jane Doe * 4,000 under the US Digital Millennium Copyright Act 1998, as amended, Section 512(c)(3)(A) that:- ...
Glad nerds haven't lost their sense of humor. So, what did you think of the feature? Your comments here about the feed, the pipe, and the future direction of Pipedot.

23rd USENIX Security Symposium - 8/2014 - Full Proceedings

by
Anonymous Coward
in security on (#2QM2)
The 23rd Usenix Security Symposium concluded this month in San Francisco, California, and true to their commitment for open access to the material, have immediately made it available on line. Have a look at the following links:

- Main Page:
https://www.usenix.org/conference/usenixsecurity14/technical-sessions

- PDF Download:
https://www.usenix.org/sites/default/files/sec14_full_proceedings.pdf

- More format options than PDF including iPad/eReaders/Mobile Devices:
https://www.usenix.org/conference/usenixsecurity14/technical-sessions

-- View on-line, each page as separate image files rather than PDF:
http://view.samurajdata.se/

[Ed. note: interesting that they've allowed you to avoid use of PDF, if that's your preference.]