Announcing the OpenWrt/LEDE merge

Both the OpenWrt and LEDE projects are happy to announce their unification under the OpenWrt name.
After long and sometimes slowly moving discussions about the specifics of the re-merge, with multiple similar proposals but little subsequent action, we’re happy to announce that both projects are about to execute the final steps of the merger.

The new, unified OpenWrt project will be governed under the rules established by the LEDE project. Active members of both the former LEDE and OpenWrt projects will continue working on the unified OpenWrt.
LEDE’s fork and subsequent re-merge into OpenWrt will not alter the overall technical direction taken by the unified project. We will continue to work on improving stability and release maintenance while aiming for frequent minor releases to address critical bugs and security issues like we did with LEDE 17.01 and its four point releases until now.
Old pre-15.05 OpenWrt CC releases will not be supported by the


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/dEMtsypPhqs/10217

Original article

10 steps to set up a multi-data center Cassandra cluster on a Kubernetes platform

Learn how to deploy an Apache Cassandra NoSQL database on a Kubernetes
cluster that spans multiple data centers across many regions. The benefits of
such a setup are automatic live backups to protect the cluster from node- and
site-level disasters, and location-aware access to Cassandra nodes for better
performance.


Original URL: http://www.ibm.com/developerworks/opensource/library/ba-multi-data-center-cassandra-cluster-kubernetes-platform/index.html?ca=drs-

Original article

About speculative execution vulnerabilities in ARM-based and Intel CPUs

Security researchers have recently uncovered security issues known by two names, Meltdown and Spectre. These issues apply to all modern processors and affect nearly all computing devices and operating systems. All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time. Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store. Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre. We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.
BackgroundThe Meltdown and Spectre issues


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/2GlmuX-ZxLc/HT208394

Original article

Apple says Meltdown and Spectre flaws affect ‘all Mac systems and iOS devices,’ but not for long

 Apple isn’t immune to Meltdown and Spectre, the major bugs in basic computing architecture that were announced yesterday to widespread amazement and horror. In an announcement, the company said that “all Mac systems and iOS devices are affected,” which sounds right, but that mitigations are either already in place or on the way. Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/mSWJqYj-0Tg/

Original article

Google Says CPU Patches Cause ‘Negligible Impact On Performance’ With New ‘Retpoline’ Technique

In a post on Google’s Online Security Blog, two engineers described a novel chip-level patch that has been deployed across the company’s entire infrastructure, resulting in only minor declines in performance in most cases. “The company has also posted details of the new technique, called Retpoline, in the hopes that other companies will be able to follow the same technique,” reports The Verge. “If the claims hold, it would mean Intel and others have avoided the catastrophic slowdowns that many had predicted.” From the report: “There has been speculation that the deployment of KPTI causes significant performance slowdowns,” the post reads, referring to the company’s “Kernel Page Table Isolation” technique. “Performance can vary, as the impact of the KPTI mitigations depends on the rate of system calls made by an application. On most of our workloads, including our cloud infrastructure, we see negligible impact on performance.” “Of course, Google recommends


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/KahqnBMg8pA/google-says-cpu-patches-cause-negligible-impact-on-performance-with-new-retpoline-technique

Original article

Google Says Almost All CPUs Since 1995 Vulnerable To ‘Meltdown’ And ‘Spectre’ Flaws

Catalin Cimpanu, reporting for BleepingComputer: Google has just published details on two vulnerabilities named Meltdown and Spectre that in the company’s assessment affect “every processor [released] since 1995.” Google says the two bugs can be exploited to “to steal data which is currently processed on the computer,” which includes “your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.” Furthermore, Google says that tests on virtual machines used in cloud computing environments extracted data from other customers using the same server. The bugs were discovered by Jann Horn, a security researcher with Google Project Zero, Google’s elite security team. These are the same bugs that have been reported earlier this week as affecting Intel CPUs. Google was planning to release details about Meltdown and Spectre next week but decided to publish the reports today “because of existing public reports and growing


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/AGba0PdBo8U/google-says-almost-all-cpus-since-1995-vulnerable-to-meltdown-and-spectre-flaws

Original article

Microsoft Issues Rare Out-of-Band Emergency Windows Update For Processor Security Bugs

An anonymous reader shares a report: Microsoft is issuing a rare out-of-band security update to supported versions of Windows today (Wednesday). The software update is part of a number of fixes that will protect against a newly-discovered processor bug in Intel, AMD, and ARM chipsets. Sources familiar with Microsoft’s plans tell The Verge that the company will issue a Windows update that will be automatically applied to Windows 10 machines at 5PM ET / 2PM PT today. The update will also be available for older and supported versions of Windows today, but systems running operating systems like Windows 7 or Windows 8 won’t automatically be updated through Windows Update until next Tuesday. Windows 10 will be automatically updated today.

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/e9usrZXLaHc/microsoft-issues-rare-out-of-band-emergency-windows-update-for-processor-security-bugs

Original article

Intel Memory Access Design Flaw Partially Addressed by Apple in macOS 10.13.2 [Unconfirmed]

An anonymous reader shares a report: A serious design flaw and security vulnerability discovered in Intel CPUs has reportedly already been partially addressed by Apple in the recent macOS 10.13.2 update, which was released to the public on December 6. According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from “multiple sources within Apple” that updates made in macOS 10.13.2 have mitigated “most” security concerns associated with the KPTI vulnerability. A Bloomberg reporter pointed out that Apple has not officially commented on the story.

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/9wYpsJt2mO4/intel-memory-access-design-flaw-partially-addressed-by-apple-in-macos-10132-unconfirmed

Original article

Windows, Meltdown and Spectre: Keep calm and carry on

I’m increasingly skeptical of security holes that have their own logos and PR campaigns. Yesterday’s sudden snowballing of disclosures about two groups of vulnerabilities, now known as Meltdown and Spectre, has led to enormous numbers of reports of varying quality, and widespread panic in the streets. In the case of Intel’s stock price, that’s more like blood in the streets.While it’s true that both vulnerabilities affect nearly every computer made in the past two decades, it’s also true that the threat — especially for plain-vanilla Windows users — isn’t imminent. You should be aware of the situation, but avoid the stampede. The sky isn’t falling.To read this article in full, please click here


Original URL: https://www.computerworld.com/article/3245788/microsoft-windows/windows-meltdown-and-spectre-keep-calm-and-carry-on.html#tk.rss_all

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: