"A potential standard for securing network-connected pacemakers,
automobiles, and other lightweight devices has suffered a potentially
game-over setback after researchers developed a practical attack that
obtains its secret cryptographic key.
Known as Algebraic Eraser, the scheme is a patented way to establish
public encryption keys without overtaxing the limited amounts of
memory and computational resources that often constrain so-called
Internet of Things (IoT) devices. Developed by scientists from
Shelton, Connecticut-based SecureRF, it's similar to the
Diffie-Hellman key exchange in that it allows two parties who have
never met to securely establish a key over an insecure channel."
-- source: http://arstechnica.com/security/2015/11/why-algebraic-eraser-may-be-the-mos…
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
Linux kernel developer Matthew Garrett has posted some criticisms of
projects like Mozilla, Red Hat and Ubuntu that develop or redistribute
Free software, but tack on an “intellectual property rights policy”.
Basically that means they claim ownership of certain logos and
trademarks, so if you want to fully exercise your Four Freedoms, you
have to strip those out before you are allowed to redistribute what you
receive from them.
<http://lwn.net/Articles/665175/>
One particularly worrying thing is this comment from Garrett (mjg59) on
the above article:
Canonical refuse to tell you what changes you need to make to the
packages in order to do so.
"The current daily build of the Ubuntu 16.04 LTS (Xenial Xerus)
remains based on the Linux 4.2 kernel packages of the stable Ubuntu
15.10 (Wily Werewolf) operating system, while the latest and most
advanced Linux 4.3 kernel is tracked on the master-next branch of the
upcoming operating system. In the meantime, the Ubuntu Kernel Team
announced plans for moving to Linux kernel 4.4 for the final release
of the Ubuntu 16.04 LTS (Xenial Xerus) operating system."
-- source: http://linux.slashdot.org/story/15/11/26/1920204
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
'Back in 1995, University of California students Peter Mattis and
Kimball Spencer were members of the eXperimental Computing Facility, a
Berkeley campus organization. In June of that year, the two hinted at
their intentions to write a free graphical image manipulation program
as a means of giving back to the free software community. On November
21st, 20 years ago today, Peter Mattis announced the availability of
the "General Image Manipulation Program" on Usenet (later "GNU Image
Manipulation Program"). Over the years, GIMP amassed a huge amount of
new features designed for all kinds of users and practical
applications: general image editing, retouching and color grading,
digital painting, graphic design, science imaging, and so on. To
celebrate the 20th anniversary, there is an update of the current
stable branch of GIMP. The newly released version 2.8.16 features
support for layer groups in OpenRaster files, fixes for layer groups
support in PSD, various user interface improvements, OSX build system
fixes, translation updates, and more.'
-- source: http://tech.slashdot.org/story/15/11/22/2019259
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
Good morning all,
Roundcube 1.2-beta has been released, Among other enhancements, this
release supports either server side or client side PGP encryption. As
far as I know, this is the first open source web based e-mail client
that does so.
--
Simon
-------- Original Message --------
Subject: [Roundcube Announce] Roundcube Webmail 1.2-beta out now
Date: 24/11/2015 5:15 am
From: Thomas Bruederli <thomas(a)roundcube.net>
We're proud to announce that the beta release of the next major
version 1.2 of Roundcube webmail is out now for download and testing.
With this milestone
we introduce new features primarily focusing on security and PGP
encryption:
* PHP7 compatibility
* PGP encryption
* Drag-n-drop attachments from mail preview to compose window
* Mail messages searching with predefined date interval
* Improved security measures to protect from brute-force attacks
And of course plenty of small improvements and bug fixes.
The PGP encryption support in Roundcube comes with two options:
Mailvelope
--------------
The integration of this browser plugin [1] for Firefox and Chrome
comes out of the box in Roundcube 1.2 and is enabled if the
Mailvelope API is detected in a user's browser. See the Mailvelope
documentation [2] how to enable it for your site.
Read more about the Mailvelope integration and how this looks like in
Alec's blog [3].
Enigma plugin
-------------------
This Roundcube plugin adds server-side PGP encryption features to
Roundcube. Enabling this means that users need to fully trust the
webmail server as encryption is done on the server GnuPG and private
keys are also stored there.
In order to activate server-side PGP encryption for all your users,
the 'enigma' plugin, which is shipped with this package, has to be
enabled in the Roundcube config. See the plugin's README for details.
Also read Alec's blogpost about the Enigma plugin and how it works [4].
Both encryption features are pretty new and not yet perfectly
documented. We'd much appreciate your feedback and your contribution
to the end-user documentation [5] or our wiki page [6].
IMPORTANT: with this version, we finally deprecate some old Roundcube
library functions [7]. Plugin developers, please test your plugins
thoroughly and look for deprecation warnings in the logs. These
function will be removed in the final 1.2.0 release and can therefore
render plugins dysfunctional.
See the full changelog on trac.roundcube.net [8] and download the new
packages from https://roundcube.net/download
Please note that this is a beta release and we recommend to test it on
a separate environment. And don't forget to backup your data before
installing it!
Enjoy and please share your experience either through our mailing
lists or as comments in the blog posts mentioned above.
Kind regards,
Thomas
[1] https://www.mailvelope.com
[2] https://www.mailvelope.com/en/help#watchlist
[3]
https://kolabian.wordpress.com/2015/10/10/mailvelope-integration-pgp-encryp…
[4]
https://kolabian.wordpress.com/2015/10/13/enigma-plugin-pgp-encryption/
[5] http://trac.roundcube.net/wiki/Online_Help
[6] http://trac.roundcube.net/wiki/Dev_Encryption
[7]
https://github.com/roundcube/roundcubemail/blob/master/program/include/bc.p…
[8] http://trac.roundcube.net/wiki/Changelog
Some on this list should be interested in this series on Al Jazeera
called “Rebel Geeks”. The episode this week featured Massimo Banzi, one
of the founders of Arduino, at the Maker Faire in Shenzhen, China. It
also talks about the Safecast project, which was a volunteer group that
came together in the wake of the Fukushima disaster to provide
radiation data more extensive than anything the Government was able to
offer.
You can watch it on-line here
<http://www.aljazeera.com/programmes/rebelgeeks/2015/11/technology-maker-mov…>.
"Open source software packages like WordPress and Firefox have been
major influences on modern computing. In statistics, open source
software known as “R” has become the most popular environment for
statistical computation and data analysis. A recent paper in PNAS
studied the developers who make this software so successful to
understand what motivates them and why they find contributing
satisfying."
-- source: http://arstechnica.com/science/2015/11/open-source-projects-rely-on-donated…
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/http://www.data-mining.co.nz/
Snippets from <http://lwn.net/Articles/662106/>:
Is there anybody out there who understands the entire kernel? Linus
said that nobody does. There are some people who have a good
overview of the whole kernel, and Linus, at least, generally knows
who to blame for any specific problem. But with a project the size
of the kernel it's not possible for anybody to have a deep
understanding of the whole thing.
...
With regard to how an aspiring kernel developer should start, Linus
has always said the same thing: he can't tell developers what to
do. It is important, instead, that developers work on things they
*want* to do.
...
How many kernel compiles has he done? It used to take about twelve
minutes to compile a kernel; over time, the kernel has gotten
bigger, but the hardware has gotten faster; the current time is
about 22 minutes for an allmodconfig kernel. He does about ten
builds per day during the merge window, a couple otherwise. Kernel
development has been happening for about 8800 days; the bottom
line, Linus guessed, was about 100,000 compiles.
...
What about the Git project — what made that project successful?
Linus gave a lot of credit to BitKeeper which, despite its licensing
issues, changed how the kernel community did development. Git, of
course, is an [Linus Torvalds] improvement on BitKeeper, but
BitKeeper showed the benefits of distributed development when nobody
else was working in that area.
Once Git was around, its use by the kernel community helped it to
spread quickly. Its immutable object model turned out to make it
easy for service providers to use, enabling companies like GitHub.
Ten years ago, developers were resistant to thinking about
source-code management issues; Git forced them to look at it and to
realize how much better distributed source-code management is. Git
was not the first in this area, but it was the one that created
wide awareness of a better way of doing things.