wlug November 2015

wlug@list.waikato.ac.nz

10 participants
30 discussions

Why Algebraic Eraser may be the riskiest cryptosystem you’ve never heard of

by Peter Reutemann

"A potential standard for securing network-connected pacemakers, automobiles, and other lightweight devices has suffered a potentially game-over setback after researchers developed a practical attack that obtains its secret cryptographic key. Known as Algebraic Eraser, the scheme is a patented way to establish public encryption keys without overtaxing the limited amounts of memory and computational resources that often constrain so-called Internet of Things (IoT) devices. Developed by scientists from Shelton, Connecticut-based SecureRF, it's similar to the Diffie-Hellman key exchange in that it allows two parties who have never met to securely establish a key over an insecure channel." -- source: http://arstechnica.com/security/2015/11/why-algebraic-eraser-may-be-the-mos… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 8 months

When Is “Free Software” Not Free?

by Lawrence D'Oliveiro

Linux kernel developer Matthew Garrett has posted some criticisms of projects like Mozilla, Red Hat and Ubuntu that develop or redistribute Free software, but tack on an “intellectual property rights policy”. Basically that means they claim ownership of certain logos and trademarks, so if you want to fully exercise your Four Freedoms, you have to strip those out before you are allowed to redistribute what you receive from them. <http://lwn.net/Articles/665175/> One particularly worrying thing is this comment from Garrett (mjg59) on the above article: Canonical refuse to tell you what changes you need to make to the packages in order to do so.

5 years, 8 months

Pi Zero: A full Raspberry Pi for just $5

by Peter Reutemann

"Have you ever wanted a Raspberry Pi but thought that £16/$25—roughly three packs of cigarettes—was a little exorbitant for a complete computer capable of running Linux? Well, I have good news: the Raspberry Pi Foundation has just released the Pi Zero, a single-board computer that costs just £4/$5." -- source: http://arstechnica.com/gadgets/2015/11/pi-zero-a-full-raspberry-pi-for-just… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 8 months

Ubuntu 16.04 LTS Will Ship With Linux Kernel 4.4 LTS

by Peter Reutemann

"The current daily build of the Ubuntu 16.04 LTS (Xenial Xerus) remains based on the Linux 4.2 kernel packages of the stable Ubuntu 15.10 (Wily Werewolf) operating system, while the latest and most advanced Linux 4.3 kernel is tracked on the master-next branch of the upcoming operating system. In the meantime, the Ubuntu Kernel Team announced plans for moving to Linux kernel 4.4 for the final release of the Ubuntu 16.04 LTS (Xenial Xerus) operating system." -- source: http://linux.slashdot.org/story/15/11/26/1920204 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 8 months

20 Years of GIMP

by Peter Reutemann

'Back in 1995, University of California students Peter Mattis and Kimball Spencer were members of the eXperimental Computing Facility, a Berkeley campus organization. In June of that year, the two hinted at their intentions to write a free graphical image manipulation program as a means of giving back to the free software community. On November 21st, 20 years ago today, Peter Mattis announced the availability of the "General Image Manipulation Program" on Usenet (later "GNU Image Manipulation Program"). Over the years, GIMP amassed a huge amount of new features designed for all kinds of users and practical applications: general image editing, retouching and color grading, digital painting, graphic design, science imaging, and so on. To celebrate the 20th anniversary, there is an update of the current stable branch of GIMP. The newly released version 2.8.16 features support for layer groups in OpenRaster files, fixes for layer groups support in PSD, various user interface improvements, OSX build system fixes, translation updates, and more.' -- source: http://tech.slashdot.org/story/15/11/22/2019259 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 8 months

Fwd: [Roundcube Announce] Roundcube Webmail 1.2-beta out now

by Simon Green

Good morning all, Roundcube 1.2-beta has been released, Among other enhancements, this release supports either server side or client side PGP encryption. As far as I know, this is the first open source web based e-mail client that does so. -- Simon -------- Original Message -------- Subject: [Roundcube Announce] Roundcube Webmail 1.2-beta out now Date: 24/11/2015 5:15 am From: Thomas Bruederli <thomas(a)roundcube.net> We're proud to announce that the beta release of the next major version 1.2 of Roundcube webmail is out now for download and testing. With this milestone we introduce new features primarily focusing on security and PGP encryption: * PHP7 compatibility * PGP encryption * Drag-n-drop attachments from mail preview to compose window * Mail messages searching with predefined date interval * Improved security measures to protect from brute-force attacks And of course plenty of small improvements and bug fixes. The PGP encryption support in Roundcube comes with two options: Mailvelope -------------- The integration of this browser plugin [1] for Firefox and Chrome comes out of the box in Roundcube 1.2 and is enabled if the Mailvelope API is detected in a user's browser. See the Mailvelope documentation [2] how to enable it for your site. Read more about the Mailvelope integration and how this looks like in Alec's blog [3]. Enigma plugin ------------------- This Roundcube plugin adds server-side PGP encryption features to Roundcube. Enabling this means that users need to fully trust the webmail server as encryption is done on the server GnuPG and private keys are also stored there. In order to activate server-side PGP encryption for all your users, the 'enigma' plugin, which is shipped with this package, has to be enabled in the Roundcube config. See the plugin's README for details. Also read Alec's blogpost about the Enigma plugin and how it works [4]. Both encryption features are pretty new and not yet perfectly documented. We'd much appreciate your feedback and your contribution to the end-user documentation [5] or our wiki page [6]. IMPORTANT: with this version, we finally deprecate some old Roundcube library functions [7]. Plugin developers, please test your plugins thoroughly and look for deprecation warnings in the logs. These function will be removed in the final 1.2.0 release and can therefore render plugins dysfunctional. See the full changelog on trac.roundcube.net [8] and download the new packages from https://roundcube.net/download Please note that this is a beta release and we recommend to test it on a separate environment. And don't forget to backup your data before installing it! Enjoy and please share your experience either through our mailing lists or as comments in the blog posts mentioned above. Kind regards, Thomas [1] https://www.mailvelope.com [2] https://www.mailvelope.com/en/help#watchlist [3] https://kolabian.wordpress.com/2015/10/10/mailvelope-integration-pgp-encryp… [4] https://kolabian.wordpress.com/2015/10/13/enigma-plugin-pgp-encryption/ [5] http://trac.roundcube.net/wiki/Online_Help [6] http://trac.roundcube.net/wiki/Dev_Encryption [7] https://github.com/roundcube/roundcubemail/blob/master/program/include/bc.p… [8] http://trac.roundcube.net/wiki/Changelog

5 years, 8 months

Rebel Geeks: Meet Your Maker

by Lawrence D'Oliveiro

Some on this list should be interested in this series on Al Jazeera called “Rebel Geeks”. The episode this week featured Massimo Banzi, one of the founders of Arduino, at the Maker Faire in Shenzhen, China. It also talks about the Safecast project, which was a volunteer group that came together in the wake of the Fukushima disaster to provide radiation data more extensive than anything the Government was able to offer. You can watch it on-line here <http://www.aljazeera.com/programmes/rebelgeeks/2015/11/technology-maker-mov…>.

5 years, 8 months

Linux Mint 1.73 BETA

by Peter Reutemann

Linux Mint 17.3 "Rosa" BETA is out, using Cinnamon and MATE: http://blog.linuxmint.com/?p=2937 http://blog.linuxmint.com/?p=2938 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 8 months

Open source projects rely on donated time—what motivates participants?

by Peter Reutemann

"Open source software packages like WordPress and Firefox have been major influences on modern computing. In statistics, open source software known as “R” has become the most popular environment for statistical computation and data analysis. A recent paper in PNAS studied the developers who make this software so successful to understand what motivates them and why they find contributing satisfying." -- source: http://arstechnica.com/science/2015/11/open-source-projects-rely-on-donated… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 8 months

The Dirk And Linus Show Comes To Seoul

by Lawrence D'Oliveiro

Snippets from <http://lwn.net/Articles/662106/>: Is there anybody out there who understands the entire kernel? Linus said that nobody does. There are some people who have a good overview of the whole kernel, and Linus, at least, generally knows who to blame for any specific problem. But with a project the size of the kernel it's not possible for anybody to have a deep understanding of the whole thing. ... With regard to how an aspiring kernel developer should start, Linus has always said the same thing: he can't tell developers what to do. It is important, instead, that developers work on things they *want* to do. ... How many kernel compiles has he done? It used to take about twelve minutes to compile a kernel; over time, the kernel has gotten bigger, but the hardware has gotten faster; the current time is about 22 minutes for an allmodconfig kernel. He does about ten builds per day during the merge window, a couple otherwise. Kernel development has been happening for about 8800 days; the bottom line, Linus guessed, was about 100,000 compiles. ... What about the Git project — what made that project successful? Linus gave a lot of credit to BitKeeper which, despite its licensing issues, changed how the kernel community did development. Git, of course, is an [Linus Torvalds] improvement on BitKeeper, but BitKeeper showed the benefits of distributed development when nobody else was working in that area. Once Git was around, its use by the kernel community helped it to spread quickly. Its immutable object model turned out to make it easy for service providers to use, enabling companies like GitHub. Ten years ago, developers were resistant to thinking about source-code management issues; Git forced them to look at it and to realize how much better distributed source-code management is. Git was not the first in this area, but it was the one that created wide awareness of a better way of doing things.

5 years, 8 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

wlug November 2015