Brief items
Security
Combating abuse in Matrix - without backdoors (Matrix blog)
This Matrix blog entry describes a planned reputation-management system that, it is claimed, accomplishes some of the same goals as government backdoors without the need to compromise end-to-end encryption. "Just like the Web, Email or the Internet as a whole, there is literally no way to unilaterally censor or block content in Matrix. But what we can do is provide first-class infrastructure to let users (and room/community moderators and server admins) make up their own mind about who to trust, and what content to allow. This would also provide a means for authorities to publish reputation data about illegal content, providing a privacy-respecting mechanism that admins/mods/users can use to keep illegal content away from their servers/clients."
Security Quote of the Week
Researchers at Israel’s Ben Gurion University of the Negev […] previously revealed that they could use split-second light projections on roads to successfully trick Tesla’s driver-assistance systems into automatically stopping without warning when its camera sees spoofed images of road signs or pedestrians. In new research, they’ve found they can pull off the same trick with just a few frames of a road sign injected on a billboard’s video. And they warn that if hackers hijacked an internet-connected billboard to carry out the trick, it could be used to cause traffic jams or even road accidents while leaving little evidence behind.
— Andy Greenberg at Wired
Kernel development
Kernel release status
The 5.10 merge window remains open; it can be expected to close with a 5.10-rc1 release on October 25.Stable updates: 5.9.1, 5.8.16, 5.4.72, 4.19.152, 4.14.202, 4.9.240, and 4.4.240 were all released on October 17.
Distributions
Distribution quotes of the week
On the other hand I'm concerned that Debian developers can be under
funded. We want to get more people involved in free software and
Debian. We want to encourage sources of funding that are independent,
allowing people who want to be independent to actually be independent
and to find ways to make that work for them successfully. The aspects
of independence I care about are actually enhanced if it is easier to
find funding for doing Debian work.
— Sam Hartman
In my mind, finding initiatives like this that allow our members to easily find funding for their work would significantly benefit the community.
Like the movie "Hackers", the OpenBSD project is now 25 years old. Though the movie played no part in our focus on security.
— Theo de Raadt
Development
Firefox 82.0 and ESR 78.4.0
Firefox 82.0 has been released, with improvements "that make watching videos more delightful" and improved performance. Firefox ESR 78.4.0 is also available with various stability, functionality, and security fixes. See the release notes (82.0, 78.4.0) for details.
Git v2.29.0 released
Version 2.29.0 of the Git source-code management system is out. This release includes a long list of smallish improvements; click below for the details. Also present is the code enabling Git to switch to the SHA-256 hash algorithm; this feature is still deemed experimental, though, and interoperability with SHA-1 repositories is not yet available.Development quote of the week
So I have decided to put the GNU recutils back under active development,
for the immense joy of adults and children (and turtles.) [...]
— Jose
E. Marchesi (Thanks to Paul Wise)
So let's see, 2021 may introduce recutils 2.0! Slowly and carefully... turtle steps..
Page editor: John Coggeshall
Next page:
Announcements>>