LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Monday, August 19th, 2013

    Time Event
    11:48a
    Kernel prepatch 3.11-rc6
    The 3.11-rc6 prepatch is out. Linus says:
    "It's been a fairly quiet week, and the rc's are definitely
    shrinking. Which makes me happy.    " The end of the 3.11 development
    cycle is getting closer.
    4:57p
    Security updates for Monday

    Debian has updated ruby1.9.1 (two vulnerabilities).

    Fedora has updated cacti (F19; F18: two vulnerabilities), filezilla (F19: multiple vulnerabilities), httpd (F18: two vulnerabilities), hylafax+ (F19; F18: PIE build), libtiff (F19; F18: two code execution vulnerabilities), libtomcrypt (F19; F18: bad prime number calculation), libtommath (F19; F18: bad prime number calculation), openstack-swift (F19: denial of service), seamonkey (F19; F18: multiple vulnerabilities), and znc (F19; F18: denial of service).

    Mageia has updated chromium-browser-stable (multiple vulnerabilities), libimobiledevice (M3: file overwrite and device key access), and python (SSL hostname check bypass).

    openSUSE has updated bind (12.3, 12.2; 11.4: denial of service) and putty (12.3: multiple vulnerabilities).

    SUSE has updated PHP5 (many vulnerabilities).

    9:55p
    Poortvliet: Basic Usability Testing at Home - notes from the workshop at Akademy 2013
    Continuing our recent usability theme (GNOME usability and Ubuntu usability), Jos Poortvliet has some tips and lessons learned from a usability workshop that he and Björn Balazs ran at this year's Akademy. "The goal was to teach developers how to do 'basic usability testing at home' by guiding users through their application and watching the process. To help developers who didn't make it (and those who did but can use a reminder) I hereby share a description of the process and some tips and notes." Videos from two of the tests are shown as well.
    10:09p
    Here's what you find when you scan the entire Internet in an hour (The Washington Post)
    Over at The Washington Post, Timothy B. Lee looks at the ZMap network scanning tool that was announced (slides [PDF]) at the USENIX Security conference on August 16. "In contrast, ZMap is "stateless," meaning that it sends out requests and then forgets about them. Instead of keeping a list of [outsanding] requests, ZMap cleverly encodes identifying information in outgoing packets so that it will be able to identify responses. The lower overhead of this approach allows ZMap to send out packets more than 1,000 times faster than Nmap. So while an Internet-wide scan with Nmap takes weeks, ZMap can (with a gigabit network connection) scan the entire Internet in 44 minutes." Beyond just the tool itself, Lee also looks at the results of some of the research that ZMap has facilitated in areas like HTTPS adoption, security flaw fixing, and when the internet sleeps.

    << Previous Day 2013/08/19
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org