An anonymous reader writes "In a February 2013 ACM Queue / Communications of the ACM article, A decade of OS access-control extensibility, Robert Watson at the University of Cambridge credits 2000s-era DARPA security research, distributed via FreeBSD, for the success of sandboxing in desktop, mobile, and embedded systems such as Mac OS X, iOS, and Juniper's Junos router OS. His blog post about the article argues that OS security extensibility is just as important as more traditional file system (VFS) and device driver extensibility features in kernels — especially in embedded environments where UNIX multi-user security makes little sense, and where tradeoffs between performance, power use, functionality, and security are very different. This seems to fly in the face of NSA's recent argument argument that one-size-fits-all SELinux-style Type Enforcement is the solution for Android security problems. He also suggests that military and academic security researchers overlooked the importance of app-store style security models, in which signed application identity is just as important as 'end users' in access control."

CowboyRobot writes "In 25 years, an odd thing will happen to some of the no doubt very large number of computing devices in our world: an old, well-known and well-understood bug will cause their calculation of time to fail. The problem springs from the use of a 32-bit signed integer to store a time value, as a number of seconds since 00:00:00 UTC on Thursday, 1 January 1970, a practice begun in early UNIX systems with the standard C library data structure time_t. On January 19, 2038, at 03:14:08 UTC that integer will overflow. It's not difficult to come up with cases where the problem could be real today. Imagine a mortgage amortization program projecting payments out into the future for a 30-year mortgage. Or imagine those phony programs politicians use to project government expenditures, or demographic software, and so on. It's too early for panic, but those of us in the early parts of their careers will be the ones who have to deal with the problem."

Rikki Endsley has been Community Manager for USENIX since September, 2011. She also edits their magazine, ;login:, writes for publications ranging from Linux.com to Network World, and is a long-distance runner to boot. But this interview concentrates on USENIX, a worthy organization that does a great job of helping its members (and the entire Unix/Linux community) stay up to date technically and, with its job board, keep USENIX members employed. Toward the end of the conversation, Rikki mentions some of the intangible but valuable benefits people get when they attend USENIX events. (Remember: If you don't have time to watch the video, can't see the video or just don't like video, you can click on the "Show/Hide Transcript" link and read a text version of the video.)

A while ago you had the chance to ask founder of the GNU Project, and free software advocate, Richard Stallman, about GNU/Linux, free software, and anything else. You can read his answers to a wide range of questions below. As usual, RMS didn't pull any punches.

tearmeapart writes "The teams at FreeBSD have reached another great achievement with FreeBSD 9.1, with improvements to the already fantastic zfs features, more VM improvements (helping bringing FreeBSD to the next generation of VMs), and improvements in speed to many parts of the network system. Support FreeBSD via the FreeBSD mall or download/upgrade FreeBSD from a mirror. Unfortunately, the torrent server is still down due to the previous security incident." And new submitter northar writes "The other day the NetBSD project released their first update to the 6.x series, 6.0.1. They also (rather discreetly) announced a fund drive targeting 60.000 USD before the end of 2012 in the release notes. They better get going if their donation page is anything like recently updated."

CowboyRobot writes "Columbia University grad student Ang Cui demonstrated how networked printers and phones can be abused by attackers. 'The attack I demonstrated is caused by the multiple vulnerabilities within the syscall interface of the CNU [Cisco Native Unix] kernel,' Cui tells Dark Reading. 'It is caused by the lack of input validation at the syscall interface, which allows arbitrary modification of kernel memory from userland, as well as arbitrary code execution within the kernel. This, in turn, allows the attacker to become root, gain control over the DSP [Digital Signal Processor], buttons, and LEDs on the phone. The attack I demonstrated patches the existing kernel and DSP in order to carry out stealthy mic exfiltration.'"

Last week, you asked questions of Eugene Kaspersky; below, find his answers on a range of topics, from the relationship of malware makers to malware hunters, to Kasperky Labs' relationship to the Putin government, as well as whitelisting vs. signature-based detection, Internet ID schemes, and the SCADA-specific operating system Kaspersky is working on. Spoiler: There are a lot of interesting facts here, as well as some teases.

TrueSatan writes "Perhaps a sign of our troubled times or a sign that FreeBSD is becoming less relevant to modern computing needs: the FreeBSD project has sought $500,000 by year end to allow it to continue to offer to fund and manage projects, sponsor FreeBSD events, Developer Summits and provide travel grants to FreeBSD developers. But with the end of this year fast approaching, it has raised just over $280,000, far short of its target."

kfogel writes "Two thumbs up, and maybe a tentacle too, on Version Control with Git, 2nd Edition by Jon Loeliger and Matthew McCullough. If you are a working programmer who wants to learn more about Git, particularly a programmer familiar with a Unix-based development environment, then this is the book for you, hands down (tentacles down too, please)." Read below for the rest of Karl's review.

An anonymous reader writes "Following recent compromises of the Linux kernel.org and Sourceforge, the FreeBSD Project is now reporting that several machines have been broken into. After a brief outage, ftp.FreeBSD.org and other services appear to be back. The project announcement states that some deprecated services (e.g., cvsup) may be removed rather than restored. Users are advised to check for packages downloaded between certain dates and replace them, although not because known trojans have been found, but rather because the project has not yet been able to confirm that they could not exist. Apparently initial access was via a stolen SSH key, but fortunately the project's clusters were partitioned so that the effects were limited. The announcement contains more detailed information — and we are left wondering, would proprietary companies that get broken into so forthcoming? Should they be?"

First time accepted submitter Hatfield56 writes "I've been in IT since the mid-1980s, mainly working for financial institutions. After 16 years at a company, as a programmer (Java, C#, PL/SQL, some Unix scripting) and technical lead, my job was outsourced. That was in 2009 when the job market was basically dead. After many false starts, here I am 3 years later wondering what to do. I'm sure if I were 40 I'd be working already but over 60 you might as well be dead. SO, I'm wondering about A+. Does anyone think that this will make me more employable? Or should I being a greeter at Walmart?"

An anonymous reader writes "Brooks Davis has announced that the FreeBSD Project has now officially switched to Clang/LLVM as C/C++ compiler. This follows several years of preparation, feeding back improvements to the Clang and LLVM source code bases, and nightly builds of FreeBSD using LLVM over two years. Future snapshots and all major FreeBSD releases will ship compiled with LLVM by default!"

First time accepted submitter lukpac writes "We have an old (ancient) Unisys server in production that hosts a legacy system and are attempting to virtualize it. Unfortunately we don't have a generic UnixWare (2.1.2) installation CD, just a Unisys-specific one, and given the recent unpleasantness (see Groklaw for details), SCO isn't much of an option. We're not looking at pirating it (as above, we do still have the Unisys-specific media), but do need a generic copy of UnixWare. What options, if any, are available?"

CowboyNeal writes "The nature of the open source movement and its software over the years has changed considerably. From its humble beginnings in the early 80s to mainstream Android adoption, open source software along with computers and technology as a whole has gone from the sidelines to a prevalent position in the lives of modern consumers." Read below for the rest of what CowboyNeal has to say.

New submitter Madwand sends this quote from the NetBSD Project's announcement that NetBSD 6.0 has been released: "Changes from the previous release include scalability improvements on multi-core systems, many new and updated device drivers, Xen and MIPS port improvements, and brand new features such as a new packet filter. Some NetBSD 6.0 highlights are: support for thread-local storage (TLS), Logical Volume Manager (LVM) functionality, rewritten disk quota subsystem, new subsystems to handle flash devices and NAND controllers, an experimental CHFS file system designed for flash devices, support for Multiprotocol Label Switching (MPLS) protocol, and more. This release also introduces NPF — a new packet filter, designed with multi-core systems in mind, which can do TCP/IP traffic filtering, stateful inspection, and network address translation (NAT)."

While attending ITEXPO West in Austin, TX, Slashdot editor Timothy Lord met Ivan Kohler, the "President, Founder and Head Geek" of a company called Freeside Internet Services that is 100% open source (no dual-licensing) and makes its living supporting software Ivan says is used to manage some of the very unsexy backend tasks that ISPs and VoIP providers need to do, like track usage and send bills to customers. Freeside uses the AGPL license, which Ivan calls "a GPL variant for web applications" that, he says, "prevents people from taking our software, modifying it, and selling it in a hosted capacity as proprietary software."

Monday you had a chance to ask Linus Torvalds any question you wanted. We sent him a dozen of the highest rated and below you'll see what he has to say about computers, programming, books, and copyrights. He also talks about what he would have done differently with Linux if he had to do it all over again. Hint: it rhymes with nothing.

Mark Hachman writes in Slash Datacenter that the Sparc T5 chip Oracle announced earlier this year apparently won't be ready until sometime in 2013. John Fowler, executive vice president, Systems, Oracle, presented at Oracle Open World a chart outlining highlights of Oracle's plans for the future. "But Fowler also skipped over some bad news: an apparent delay for the Sparc T5. A year ago, Oracle’s Sun division announced the Sparc T4—and according to Fowler, Oracle chief Larry Ellison set a very high bar for the next iteration: double the performance while maintaining app compatibility on an annual basis. Apparently, that didn’t quite happen with the T5; Oracle had the opportunity to announce a T5-based server, and didn’t. That’s a bit of bad news for the Sun design team, which already had to watch Intel’s Xeon chief, Diane Bryant, give the preceding keynote. ... As detailed at this year’s Hot Chips conference, the T5 combines 16 CPU cores running at 3.6 GHz on a 28-nm manufacturing process. Continuing the trend of hardware acceleration of specific functions, Sun executives claimed the chip would lead in on-chip encryption acceleration, with support for asymmetric (public key) encryption, symmetric encryption, hashing up to SHA-512, plus a hardware random number generator."

An anonymous reader writes "The widely used X11 Window System has turned 25 years old today. Version 11 of the X Window System is likely to remain in use for many years to come for backwards compatibility with the many legacy applications, BSD/Solaris systems, and Enterprise Linux distributions. Meanwhile, Wayland is still working to unseat the X Server for the common Linux desktop."

First time accepted submitter jospoortvliet writes with news of a new openSUSE release. From the release announcement: "Two months of extra stabilization work have resulted into a stellar release, chock-full of goodies, yet stable as you all like it. The latest release of the world's most powerful and flexible Linux Distribution brings you speed-ups across the board with a faster storage layer in Linux 3.4 and accelerated functions in glibc and Qt, giving a more fluid and responsive desktop. The infrastructure below openSUSE has evolved, bringing in newly matured technologies like GRUB2 and Plymouth and the first steps in the direction of a revised and simplified UNIX file system hierarchy. Users will also notice the added polish to existing features bringing an improved user experience all over. The novel Btrfs file system comes with improved error handling and recovery tools. KDE has improved its stability, GNOME 3.4, developing rapidly, brings smooth scrolling to all applications and features a reworked System Settings and Contacts manager while XFCE has an enhanced application finder. Download openSUSE 12.2 from any of our mirrors."