Articles about Open Source

Explo-Xen! Bunker buster bug breaks out guests from hypervisor

Code dive A super-bug in the Xen hypervisor may allow privileged code running in guests to escape to the underlying host. This means, on vulnerable systems, malicious administrators within virtual machines can potentially break out of their confines and start interfering with the host server and other guests. This could be really bad …
Chris Williams, 27 Jul 2016

Microsoft stops to smell the roses, creates the Shazam of flowers

Botanists will be positively blooming thanks to Microsoft, which has worked with a team of scientists to create a system to help flower-fanciers identify species in a snap. The Smart Flower Recognition System will help botanists stalk flowers across the world using Microsoft's blossoming library of some 2.6 million floral …
Darren Pauli, 26 Jul 2016

How to make the move from ISDN to SIP

ISDN is fast becoming a technology of the past. Today's telcos have networks that bypass traditional telephony signalling technologies for IP networks: the hardest thing they do is present a “legacy” connection such as an analogue line or an ISDN connection to a customer, as layering a non-IP service on an IP network is non- …
Dave Cartwright, 25 Jul 2016
gold abacus via shutterstock

Eurocrats to pore over Apache, KeePass code

The Apache HTTP server and KeePass password manager are to get a free code audit, courtesy of a pilot European Commission project. The EC-FOSSA (free and open source software auditing project) pilot was conceived by the European parliament in 2014, and given €1 million to work with. As well as code audits, it's got the …

Cyanogen Inc 'axes 20%' staff

Cyanogen Inc, which develops an alternative flavour of Google's Android, has reportedly laid off a bunch of staff. The Seattle-based US startup takes code from the open-source CyanogenMod project, adds in some proprietary features, and tries to get phone makers to ship the package with their handsets. Basically, it seems, that …
Team Register, 23 Jul 2016
1980 olympics weight-lifting champs. By RIA Novosti archive, image #484445 / Dmitryi Donskoy / CC-BY-SA 3.0

OpenStack bronze for Fujitsu

Fujitsu wants to become one of the top three contributors to OpenStack. The company's keen on the open source cloud because it thinks it's an important tool when big business tries to “digitise” processes and applications so they can compete with whichever startup is trying to eat their lunch. The company's using CloudFoundry …
Simon Sharwood, 22 Jul 2016

EFF declares anti-piracy DMCA unconstitutional in new legal showdown

The Electronic Frontier Foundation (EFF) has launched a lawsuit claiming that a controversial anti-digital-piracy law in the US is unconstitutional. Section 1201 of the Digital Millennium Copyright Act (DMCA) – which became law 18 years ago – has long been controversial due to its heavy restrictions on what people are allowed …
Kieren McCarthy, 21 Jul 2016

Snowden's anti-snoop tool

NSA whistleblower Ed Snowden and hardware guru Andrew “Bunnie” Huang have designed a gizmo that wraps around your iPhone 6 and alerts you when the mobe unexpectedly leaks your location. Basically, if you put your smartphone into airplane mode – ie: maintain radio silence – to avoid being tracked, the gadget will kick off if …
Shaun Nichols, 21 Jul 2016

Firefox to banish hidden Flash files – and kill off sneaky ad snoopers

Firefox will next month automatically block invisible Flash content that users cannot see when loading a page, says Mozilla as it continues its campaign against Adobe's plugin. This should protect netizens from dodgy webpages that load hidden malicious Flash files that attempt to infect their computers with malware or perform …
Shaun Nichols, 20 Jul 2016

SpectraLogic sits in the Cyberducking stool

Spectra has entered the Cyberduck universe; data stored in SpectraLogic's disk, tape and public cloud repositories can be transferred to/from other on-premises storage and public clouds with a BlackPearl Cyberduck plug-in. Cyberduck is an open source software tool that provides a near-universal file/object transfer facility …
Chris Mellor, 20 Jul 2016
Penguins and wellies, image via Shutterstock

UK.gov digi peeps hunt open source chief

The British government’s Digital Service is looking for a chief penguin to head up open source. GDS has created a brand-new position for an individual to conduct open source technology projects, adoption and working practices for the government's IT arm. Moreover, the chosen candidate will be charged with forging …
Gavin Clarke, 20 Jul 2016
red_hat_648

Red Hat redraws Ansible Tower so even enterprise managers can get it

Red Hat has given its Ansible Tower a good scrubbing down before smoothing the UI to better penetrate big money corporate accounts. Tower is Red Hat’s paid for version of the open source Ansible automation platform, effectively a GUI and services package around the core product. Well, we say GUI, but Tower 3.0, released today …
Joe Fay, 20 Jul 2016
Image by beccarra http://www.shutterstock.com/gallery-1124891p1.html

Hacker shows Reg how one leaked home address can lead to ruin

Unrestcon It takes nothing more than a home address for hacker "Nixxer" to find enough information to ruin your life. Nixxer is one of Australia’s most skilled good-guy social engineers and at a recent event, and in subsequent chats with The Reg, demonstrated the potential damage rather than actually ruining a life. But the arsenal he …
Darren Pauli, 20 Jul 2016
Iron Giant

Prometheus 1.0 rises

The Cloud Native Computing Foundation's second project, Prometheus, has hit version 1.0. Prometheus is a white box monitoring tool designed to simultaneously monitor lots of different parts of the stack making up a cloud-native application. That's important, explains core Prometheus developer and SoundCloud engineer Björn …
Simon Sharwood, 20 Jul 2016
Xen project logo

Xen roadmap hints

Xen Project chairperson Lars Kurth has revealed some future directions for the open source virtualisation project. In a new Q&A to mark the recent 4.7 release, Kurth said he expects future versions will continue to offer big revisions to core features. “Some new capabilities, such as restartable Dom0’s, and additional …
Simon Sharwood, 19 Jul 2016
open_door_648

US gov open data, code push

The White House has set a deadline of September 15 for all US government departments to post details of their "open government" plans. The letter [PDF] from the country's chief technology officer Megan Smith and chief information officer Tony Scott requires all departments to post what they are doing with a host of open …
Kieren McCarthy, 18 Jul 2016

For $800 you can buy internet engineers' answer to US government spying

The long-awaited response from internet engineers to Edward Snowden's revelations of mass surveillance by the US government has been launched in Berlin. The CrypTech project launched an alpha prototype of its open-source crypto-vault at the 96th meeting of the Internet Engineering Task Force (IETF), and held a two-day workshop …
Kieren McCarthy, 18 Jul 2016
Opera singers

Opera sells open-source Chromium browser for $600m to Chinese bods

Opera will sell its web browser technology to Chinese investors for $600m after a larger sale worth $1.2bn fell apart. The Norwegian company said in a filing to the Oslo Børs stock exchange that it had agreed to an arrangement that will see the Chinese-backed Golden Brick Capital Management private equity fund take control of …
Shaun Nichols, 18 Jul 2016
Man loads in blanket into the washing machine. Photo by Shutterstock

Facebook and Google show how the world really will be blanketed in 5G

Facebook has outdone even Google recently, in its efforts to shake up the mobile industry and accelerate the delivery of broadband services (and its revenue generators) to the entire planet. This is no longer just about using balloons and new spectrum to push affordable wireless access to underserved communities. It is about …
Wireless Watch, 18 Jul 2016
linux_tux_cloud_648

Intel's SGX tiptoes towards Linux

Intel has fulfilled a promise made in April to open-source a Linux driver for its SGX technology. SGX – Software Guard Extensions – first landed in 2013, and allows programmers to lock up code and data inside containers enforced by the CPU. The idea is to create an environment to assure people "clouding" their enterprise …
Man looking up spiral staircase inside deltalis mountain data centre

Your next storage will be invisible (for a while)

In the last two or three years I've talked a lot about "Flash & Trash." A two-tier storage strategy to best cope with the increasing demand of high IOPS and low latency from primary applications on the one hand, and high capacity, associated with throughput at times, on the other. This kind of need depends on the type of …
CHILE -FEBRUARY 6: Moais in Rapa Nui National Park on the slopes of Rano Raruku volcano on Easter Island, Chile. Photo by Shutterstock

The History Boys: Object storage ... from the beginning

Backgrounder This is a terrific object storage history map from Silicon Valley object storage guy Philippe Nicolas*, who has put together a spreadsheet detailing the history of content-addressable storage (CAS**) – otherwise generally known as object storage. I have heard so many odd things about suppliers and technologies in this market …

ANZ Bank staffers drop slick incident response tool for Mandiant mobs

Security boffins at ANZ, one of Australia's largest banks, have offered their nightHawk incident response tools for organisations running free Mandiant tools. Mandiant's open source platform is fit for enterprises requiring incident response at scale, and can run off a laptop for many investigations. ANZ bank security …
Darren Pauli, 15 Jul 2016
Nexus 6P

Google's Nexii stand tall among Android's insecure swill

Nexus devices are, unsurprisingly, the most secure Androids, says security outfit Duo. The devices are regarded as Google's flagship Android device on account of its operating system running the stock Android open source project (AOSP). Android phones from other manufacturers nearly always add custom modifications and are …
Darren Pauli, 15 Jul 2016
Man with head in the cloud

Amazon acquires Cloud9

Amazon has acquired Cloud9 to bolster development offerings on AWS. The two companies announced the deal on Thursday, with Cloud9 CEO Ruben Daniels pledging to continue to develop the company's independent cloud developer tools while working under AWS. "It's still business as usual – we'll continue to work with our Ace Open …
Shaun Nichols, 15 Jul 2016
Tin Can Telephone

AT&T's ECOMP code to land soon at Linux Foundation

AT&T says it's just about ready to release its virtualisation automation software, amounting to more than eight million lines of code: its Enhanced Control, Orchestration, Management and Policy platform – ECOMP – will soon land at the Linux Foundation. The company says the platform is the basis for its target to virtualise 75 …
Twiki

White hat hacker AI bots prepare for DARPA's DEF CON cyber brawl

The research wing of the US military has picked the seven teams who will compete to build machine-learning software that can find and patch bugs automatically to fend off hackers. The DARPA Cyber Grand Challenge will be held at the DEF CON hacking conference next month. The agency has put up $2m in prize money in the unlikely …
Iain Thomson, 13 Jul 2016
Gunther Oettinger, EU digital commissioner. Photo by Shutterstock - must mark as editorial use only

EU operators’ 5G manifesto misses the point

Never before have events coincided so neatly to demonstrate the gap between mobile operators’ thinking about 5G, and how future networks will really be deployed for disruptive effect. While Europe’s leading MNOs were presenting a backwards-looking "5G Manifesto" to the European Commission, veiling pleas for net neutrality …
Wireless Watch, 13 Jul 2016
Rusted car

Next month's Firefox 48 is looking Rusty – and that's a very good thing

Mozilla says it will next month ship the first official Firefox build that sports code written in its more-secure-than-C Rust programming language. The Firefox 48 build – due out August 2 – will include components developed using Rust, Moz's C/C++-like systems language that focuses on safety, speed and concurrency. It's hoped …
Shaun Nichols, 12 Jul 2016
Chef Automate gives Chef, InSpec and Habitat a single dashboard

Chef Automate: Firm's DevOps odds 'n' sods crammed into one parcel

ChefConf Chef has announced Automate, a new product which incorporates all its main DevOps tools into one bundle. The announcement was made at the company's ChefConf event currently under way in Austin, Texas. Chef Automate is essentially a bundle of several existing products – Chef, Chef Delivery, InSpec and Habitat – with …
Tim Anderson, 12 Jul 2016

Github licence checker

Libraries.io founder Andrew Nesbitt has launched a handy service to check code dependencies and licence compliance every time code is pushed into Github, lessening the pain of an annual review. Dependency CI will offer “much lower cost and faster than traditional CI systems, as it does a lot more work up front in the form of …
Andrew Orlowski, 12 Jul 2016
Image: Marvel

Aussie researcher claims 'Antminer' bitcoin boxen can be broken

Australian security researcher Tim Noise says scores of popular Antminer Bitcoin mining devices could be commandeered. Noise demonstrated how a vulnerability in the configuration of the open source mining program CGminer running on an Antminer box can be abused to redirect the efforts of massive mining operations to fill an …
Darren Pauli, 12 Jul 2016
Mullard Radio Astronomy Observatory

Amazingly insecure industrial control systems + internet = Cupful of nope

Many industrial control system are exposed to the internet, creating a severe risk because most are hopelessly insecure, according to a new study by Kaspersky Lab. To minimise the possibility of a cyber-attack, Industrial Control Systems (ICS) are supposed to be run in a physically isolated environment. In total, 188,019 hosts …
John Leyden, 11 Jul 2016
Illustration of a "bitcoin" dissolving into numbers. Photo by SHutterstock

Kim Dotcom pregnant with Bitcoin's mutant offspring

Kim Dotcom running a breeding program to birth anything is not a happy thought, but the legally-contentious New Zealand resident has been doing just that in an attempt to create yet another online content locker. Dotcom has taken to his preferred medium, Twitter, to outline his plans as follows. I can tell you that Megaupload …
Simon Sharwood, 11 Jul 2016
Kevin Turner

Farewell to Microsoft's Sun Tzu: Thanks for all the cheese, Kevin Turner

Kevin Turner’s departure as Microsoft’s chief salesman after 11 years marks the final passing of the Redmond old guard. Chief operating officer Turner - KT, as he was known - was a chief of the old-school corporate kind; sales, marketing and Microsoft’s stores all reported into Turner. His departure is part of a massive sales …
Gavin Clarke, 08 Jul 2016
spy_eye_648

175-year-old in storage deal

The UK’s Westminster University is using Arkivum Perpetua to safeguard global access to its 175-year-old collection of digital and digitised records. Arkivum offers archive as a service (AaaS) based on escrow-based guaranteed IBM LTO tape storage in its cloud. Three copies of the data are stored, backed up by indemnity …
Chris Mellor, 08 Jul 2016
Cymmetria report

Copy paste slacker hackers pop corp locks in ode to stolen code

The ultimate copy paste slacker hacker group has busted security controls in some 2500 corporates and government agencies using nothing but stolen code. The targets focus on those affiliated with military and political assignments around Southeast Asia and the contentious South China Sea, and may have been compromised in a …
Darren Pauli, 08 Jul 2016
Facebook founder Mark Zuckerberg at Samsung's Galaxy S7 launch

Facebook likes Rich Heley, former Tesla veep

Facebook has head-hunted one of Tesla's prize head-hunts: Rich Heley, which the 'leccy car maker lured from Apple back in December 2013. At Apple, Heley worked on design, manufacturing techniques and supply chain, which made him a good fit for what Elon Musk needed. Facebook's now snared Heley into its hardware design …
Pic by Ilya Schurov, Computerra Weekly

Debian founder Ian Murdock killed himself – SF medical examiner

Debian Linux founder Ian Murdock, who died late last year in strange circumstances, killed himself, according to an autopsy report obtained this week. On the evening of December 28, the 42-year-old fired off a string of increasingly incoherent tweets, claiming he had been beaten up by police officers near his home on Green …
Chris Williams, 07 Jul 2016

Sysadmins: Use these scripts to fully check out of your conference calls

Rejoice, system admins; Splunk developer Josh Newlan has created a series of scripts that will with the right tools get you out of time-wasting teleconference meetings. The scripts, built on Splunk and IBM Speech to Text Watson but which can be ported to use open source tools, allow over-worked crushed souls to have relevant …
Darren Pauli, 07 Jul 2016
OpenCellular prototype

OpenCellular: Facebook tests its open templates on base stations

Facebook's unleashed a slab of mobile networking technologies which that hint at how it would like remote communities to connect to the outside world. OpenCellular draws on what Facebook's learned in its Open Compute Project and open networking efforts like 6-Pack and Wedge: a design that will be open-sourced over time, to …
Crowd watches fireworks at night in the field. Photo by Shutterstock

Speaking in Tech: As long as you don't blow your fingers off, you're all good

Podcast speaking_in_tech Greg Knieriemen podcast enterprise This week Sarah Vela and Eddie pound the pod' to discuss Pernix Data, Google bets and open source communities. Our special guest this week is Jonas Rosland, Developer Advocate and Community Manager at EMC. (1:00) Speaking in Duets (3:24) Double dipping (4:30) Rumour: …
Team Register, 06 Jul 2016

EasyDoc malware adds Tor backdoor to Macs for botnet control

Security firm Bitdefender has issued an alert about a malicious app that hands over control of Macs to criminals via Tor. The software, called EasyDoc Converter.app, is supposed to be a file converter but doesn't do its advertised functions. Instead it drops complex malware onto the system that subverts the security of the …
Iain Thomson, 05 Jul 2016

Mozilla emits nightly builds of heir-to-Firefox browser engine Servo

Mozilla has started publishing nightly in-development builds of its experimental Servo browser engine so anyone can track the project's progress. Executables for macOS and GNU/Linux are available right here to download and test drive even if you're not a developer. If you are, the open-source engine's code is here if you want …
Shaun Nichols, 04 Jul 2016
Bug

SQLite developers need to push the patch

SQLite has pushed out an update to fix a local tempfile bug, to address concerns that the bug could be exploitable beyond the merely local. The bug was found by KoreLogic and reported to the popular open source database project, before being published at Full Disclosure. The issue is that SQLite creates its tempfiles in a …
Communist fist, photo via Shutterstock

ODM for the masses? Facebook's OCP still ain't for you, brother

Go to the Computer History Museum in Mountain View, California, and you’ll see a strange contraption cobbled together from commodity motherboards purchased from electronics stores. It’s one of Google’s first production servers, built in 1999 when it didn’t have money to waste on dead-end projects like Wave, NexusQ and Buzz. …
Danny Bradbury, 30 Jun 2016
red shoes. Photo by shutterstock

Oh, Red Hat. Contain yourself and your 'new innovations' talk

Red Hat Summit Red Hat is going full tilt after bringing containers and traditional Linux apps together under its management with a raft of announcements. The company has launched: A Linux container operating system via Red Hat Enterprise Linux and Red Hat Enterprise Linux Atomic Host. Red Hat OpenShift container development and …
Chris Mellor, 30 Jun 2016

Honey, why are porno apps on your Android?! Er, um, malware did it!

Security researchers are warning about the continuing spread of Hummer, a powerful trojan that roots handsets, downloads pornographic applications, and displays pop-up ads at random intervals. Hummer first came up on the logs of Cheetah Mobile's security team in August 2014, but spent eight months in obscurity before starting …
Iain Thomson, 29 Jun 2016
The Incredible Shrinking Man

Permabit offers deduplication to Linux masses – almost

Permabit has moved beyond OEMs, making the latest release of its dedupe technology available as a Linux software package so that ISVs, professional services folks and systems integrators in its Hybrid Cloud Professional Services partners programme can use it. Previously it was available to OEMs in Albireo (dedupe) and Virtual …
Chris Mellor, 29 Jun 2016
Image: Serazetdinov http://www.shutterstock.com/fr/pic-114819721/stock-vector-illustration-of-a-strong-blast-of-brain.html

Zero-interaction remote wormable hijack hole blasts Symantec kit

Scores (or thousands, or millions) of enterprise and home Symantec users are open to remote compromise through multiple now-patched (where possible) wormable remote code execution holes described by Google as 'as bad as it gets'. The flaws are "100 percent" reliable against Symantec's Norton Antivirus and Endpoint according to …
Darren Pauli, 29 Jun 2016