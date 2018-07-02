OSS Leftovers Linux Australia Joins Open Source Initiative The Open Source Initiative is the steward of the Open Source Definition (OSD) and the community-recognized body for reviewing and approving licenses as OSD-conformant. The organization's members play an important role across the world in community building, education and public advocacy to promote the importance of non-proprietary software. In doing so they further international awareness of how open source technologies, licenses and models of development can provide economic and strategic advantage.

Fixing bufferbloat on your home network with OpenBSD 6.2 or newer The reason for this is a phenomenom called "bufferbloat". I'm not going to explain it in detail, there are plenty of good resources to read about it, including the eponymous Bufferbloat.net. Bufferbloat is the result of complex interactions between the software and hardware systems routing traffic around on the Internet. It causes higher latency in networks, even ones with plenty of bandwidth. In a nutshell, software queues in our routers are not letting certain packets through fast enough to ensure that things feel interactive and responsive. Pings, TCP ACKs, SSH connections, are all being held up behind a long line of packets that may not need to be delivered with the same urgency. There's enough bandwidth to process the queue, the trick is to do it more quickly and more fairly.

libredwg-0.5 released [alpha]

H1-2018 Was Certainly Eventful For The GCC Compiler - The first half of 2018 was certainly eventful for the GNU Compiler Collection (GCC) with the stable release of GCC8, feature development on GCC9 kicking off, and all the associated fun. The stable GCC 8.1 debut brought with it initial C++2A support, initial Intel Cannonlake and Icelake CPU enablement, Profile Guided Optimization improvements and other optimization passes work, Intel CET, Qualcomm Saphira CPU support and other ARM CPU improvements, C17 language support, updates for the Go and Fortran languages, AMD HSA IL / BRING improvements, and a whole lot of other work that built up over the past year. GCC 8.1 was officially released in early May while all feature work is now focused on GCC 9 that should debut as stable around the end of Q1'2019.

5 military phrases for DevOps practitioners

Security Leftovers Security updates for Thursday

NATO troops on the front line with Russia are taking new steps to protect against electronic attacks Larsen and other military officers involved said Russian personnel behaved professionally and kept their distance, but the NATO forces were taking new steps to insulate themselves electronically: All members of the crew on Larsen’s four ships were required to keep their phones on airplane mode to ward off hacking [sic] attempts. [...] Troops at Estonia’s Tapa military base switched to a “no smartphones” policy last year, after they noticed their contacts were disappearing and music they had not downloaded would start playing.

Reading hotel key cards with a credit card magstripe reader In this post I describe how my cheap magstripe reader wouldn’t read all magstripes, only credit/debit cards. This did nothing to help me understand what data was on my hotel key card – which is what I really wanted to know. Rather than take the obvious next step or buying a better reader, I opted to open up the cheap magstripe reader, probed around a bit and found a way to read the raw data off the hotel magstripes. What that data means remains a mystery so there may be a part 2 at some stage.

Really dumb malware targets cryptocurrency fans using Macs Someone impersonating administrators of cryptocurrency-related discussion channels on Slack, Discord, and other social messaging platforms has been attempting to lure others into installing macOS malware. The social-engineering campaign consists of posting a script in discussions and encouraging people to copy and paste that script into a Terminal window on their Macs. The command downloads a huge (34 megabyte) file and executes it, establishing a remote connection that acts as a backdoor for the attacker.

IBM Lands $740 Million Deal to Supply Data Security to Australia The contract will see services such as automation and blockchain provided to federal departments including defense and home affairs, IBM’s Asia Pacific head, Harriet Green, said in an interview with Bloomberg TV on Thursday. The “youth of the technology” and the employment of Australians to support and help the implementation would be hallmarks of the new partnership, she said.

A step forward for government vulnerability disclosure in Europe We’ve argued for many years that governments should implement transparent processes to review and disclose the vulnerabilities that they learn about. Such processeses are essential for the cybersecurity of citizens, businesses, and indeed governments themselves. To advance policy discourse on this issue in Europe, we recently participated in the Centre of European Policy Studies (CEPS) Taskforce on Software Vulnerability Disclosure. The Taskforce’s final report was published this week and makes a strong case for the need for government vulnerability disclosure policies, and comes at a critical juncture as European policymakers debate the EU Cybersecurity Act.