Planet Kristof

Debian has updated quagga (denial of service).

Gentoo has updated maildrop (privilege escalation) and sudo (privilege escalation).

openSUSE has updated xorg-x11-server (privilege escalation).

Red Hat has updated sudo (privilege escalation), kernel (RHEL 4, RHEL 4.7: privilege escalation), and rpm (RHEL 4, RHEL 5: privilege escalation).

Ubuntu has updated sudo (privilege escalation).

Your editor had the good fortune to be able to attend the first LinuxCon Brazil event, held in São Paulo. There were a number of interesting talks to be seen, presented by speakers from Brazil and far beyond. This article will cover three in particular (by Jane Silber, Vinod Kutty, and Jon 'Maddog' Hall) which were interesting as a result of the very different views they gave on how Linux users work with their systems.

I've just reactivated comments. Out of a simple reason: I would have to tone down my comments, when i'm not allowing rebuttals and i don't want that this blog is considered as a Oracle fanboy's soap box. Thanks to Michael for an insightful mail.

I made a decision today. I deactivated comments today. This was a hard decision for me, as the comments were open for over six years now and i've got many many good comments. But i don't want to offer a stage for been-there-done-that-knowing-all-better's writing on every stage you offer to them, these armchair-CEOs, people going berzerk because of being disappointed about the things have changed any longer. Feel free to contact me about this decision via mail.

Hi. Long time no see.

While I have not been producing much on Dr. Whisky, I do promise I have been keeping busy spreading the gospel of whisky both at work and at play.

We held a tasting for Balvenie that had been a whisky geek dream of mine for some time now: to taste the full historical range of The Balvenie. While we didn't have everything, we had a pretty damn near complete archive, all open, all available for sampling for Warehouse 24 members. It really was amazing. (For facebookers, photos are HERE)

But the geek dream continues. I was invited to become The Balvenie Global Ambassador and I couldn't be more honoured, excited, anxious, etc. Back in May 2008 I announced on this blog that Dr. Whisky had accepted a job in the whisky industry/gone corporate/sold his soul/got your dream job in the USA and today that dream continues on a Global level. I look forward to meeting more whisky lovers from all over the whiskyverse and am so grateful to everyone that has helped me along my malt mission. THANK YOU and see you soon.

But I am not writing this post to write about myself. I wanted to write a post about the outstanding work being done on other blogs that I read, namely Yossi's Balvenie week (obviously), Oliver's controversial, informative and provocative posts on Dramming.com, Jason (et al) and their innovative and interesting Whisky Roundtable (no, I do not have a seat), and the recent amazing guest posts on What Does John Know. The world wide web is soaked in whisky, it seems, and we are all the better for it.

More on these pages soon, I promise. I have a ton of samples to get through before moving back across the pond! It's a hard life.

Who's Hiring?

• deviantART is Hiring a Senior Software Engineer.
• Okta is hiring! Okta provides a ground-breaking cloud adoption and management solution and they are looking for people in many different areas.

Cool Products and Services

• CloudSigma. Instantly scalable European cloud servers.
• ManageEngine Applications Manager : Application Performance monitoring and Virtualization monitoring.
• www.site24x7.com : Website Monitoring Service from a global monitoring network.

---

deviantART is Hiring a Senior Software Engineer

Do you like large-scale challenges and writing code that gets used by millions of people daily? Do you like art? deviantART.com is home to the largest art community on earth. Home to over 14 million registered members and over 125 million unique artist generated works of art. deviantART is also a massive social network with visitor and page view totals that place it in the top 100 of all trafficked websites on the Internet.

deviantART is looking to hire a talented senior software engineer to join our incredible Devious Technology team. We are a very developer friendly company where you will be responsible for leading teams on projects creating interesting scalable technologies and fun features across a number of areas of deviantART. Our remote teams work on a rapid iteration process and encourage collaboration between developers, UI designers, product managers and non-technical staff.

This position is open to both US and non-US residents. We like telecommuters and offer flexible work schedules!

For more information or to apply, please visit: http://deviantart.theresumator.com/apply/8ZGsSA/source:hs

 

---

Okta is Hiring for Many Positions in Engineering, Marketing, Sales, and Customer Success

We're building a key service for the cloud, in the cloud, by people who know the cloud. Our team is composed of people who were central to building services likes Salesforce.com and SuccessFactors, systems which process millions of transactions in the cloud every day. We know what problems people are having because we experienced them ourselves and saw our customers and colleagues cry for help. We're changing the way people interact with technology, starting with a very fundamental element: identity.

We've got exciting, hard problems to solve and we want you to help us. We learned a lot while creating the largest on-demand enterprise companies, and we're putting that knowledge to good use as we build the next generation of corporate IT. At Okta we understand what Internet-scale innovation requires, which is why we've started fresh, with no legacy code or old code lines to maintain. It's a fast-paced, agile environment – just like the Internet – and we need the best and the brightest to help us change the world.

For more information see Okta's Careers page. 

---

CloudSigma

• Instantly Scalable European Cloud Servers. Create virtual servers in the cloud that are fully scalable and adaptive. Control your servers via our web console or API. CloudSigma gives more power and control over your server infrastructure.
• Keep control, increase scalability. Subscribe for capacity or pay as you go; with CloudSigma we give you the power and control you need.
• Competitive Innovative Pricing. Discover transparent pricing and a flexible billing model. Purchase what you need when you need it without resource bundling. We let you purchase CPU, RAM, Storage and bandwidth independently. Create your perfect combination that’s right for you. 
• 14-day Free Trial. Try our cloud computing products free. 

More information at CloudSigma.

---

ManageEngine Applications Manager

ManageEngine provides Enterprise IT Management suite of products. ManageEngine Applications Manager helps SaaS companies monitor their production applications and helps keep costs low.
There is out-of-the-box support for monitoring application servers, database servers, servers and web servers from a single web console. In addition to support for IBM Applications, Oracle Apps and Microsoft applications, there is deep support for Open Source Applications like JBoss, Memcached, LAMP stack etc.  Pricing starts at $795 for monitoring 25 servers or applications. Learn more about the Application Performance Monitoring tool.

---

Site24x7

Site24x7.com (from ZOHO) is a Website and Web Application Monitoring service. It helps you ensure your shopping carts and other web transactions work. It also helps you monitor the performance of your websites from a global point of presence. You can Sign Up for a Free Trial. The Professional Edition starts at $1 / Month. Learn more about the Website Monitoring Service.

---

If you are interested in a sponsored post for an event, job, or product, please take a look at the advertising section.

You can think about Hurd whatever you want. But the "Oracle top management don't know HW" should be out of the world now.

The 1.10.0 release of the Cairo graphics library has finally been released. "One of the more interesting departures for cairo for this release is the inclusion of a tracing utility, cairo-trace. cairo-trace generates a human-readable, replayable, compact representation of the sequences of drawing commands made by an application. This can be used to inspecting applications to understand issues and as a means for profiling real-world usage of cairo." The profiling feature has evidently been used to improve performance in a number of areas. There is also improved printing support, better 16-bit buffer support, and better use of hardware acceleration.

Netbooks are laptops done right. I had no idea how true this was before I actually bought a netbook myself. While only being slightly larger than a DVD-cover, my eeePC-900 was so portable, I've taken it with me around the world, both for work and holiday trips. My eeePC has been indeed so successful, it has completely wiped out my need for my laptop, which has been mostly gathering dust since the netbook purchase.

However, a (first generation) netbook still has some serious disadvantages :

• disk is mostly a combination of SSD and SD, and very limited in space.
• the keyboard is way too small to type comfortably
• the battery is very limited in life expectancy.

My new netbook had to overcome those three limitations. Not a big deal, since most current netbooks deal with this already. In addition, I wanted a minimum of 2GB RAM and a CPU with virtualization possibilities. As I was very happy with the eeePC line, I almost opted for a eeePC-1201HA, which sports the Z520 CPU, which had Intel-V support. Unfortunately, the netbook got slaughtered in every review because of its slow performance.

My final choice was the Samsung N220 Premium Plus, a N450 based laptop with 2GB RAM and a 350GB hard disk. As the laptop is red, I feared a bit for too much of hardware bling, but the color is nicely darkish red, so it doesn't scream out in a meeting room. So far, I've been really happy with the netbook itself. The following are only (very) minor annoyances, but indeed are things that could have been better :

• If some netbook manufacturer brands a netbook with a Premium label, I expect the least they can do, is to include a pouch with it. As a netbook gets carried along everywhere, you want a cover for it to avoid excessive scratching, unless it is not made in plastic. No pouch with my edition, though I've heard that latest Samsung netbooks come again with this addition.
• The Power button comes in some sort of a slide button, which is on the front of the netbook. A true button would have been better, and would have been better if been protected by the lid.
• If the lid is closed, it is very hard to see if the netbook has been suspended, as the LEDs are hidden by the lid itself.

What is exellent is that netbook is completely silent : the hard disk is perfectly mute, and the fan makes only a slight noise under high stress. The netbook comes with Windows 7 Home Premium Edition, which starts its installation when you power on for the first time. The good thing is that it lets you choose the partitioning, so the hard disk is split by default into 3 partitions :

• first partition carries the Windows7 OS
• the second partition is a 14GB restore partition
• the third is an empty D-drive, which can be used for data & installed programs.

In a next post, I'll describe what tweaks were necessary to install & use a 64bits Ubuntu on the 3rd partition.

Round a bout a month ago, Hurd left HP. Yesterday Oracle announced that Hurd is now a co-president at Sun: "Oracle hires former HP's Hurd, Phillips leaves"

I have been trying to eat better, and am trying a variety of different things to get into a routine of healthy eating (this is super hard to do when you lived off of junk food for as long as I have!). As part of my new eating habits, I have been trying to incorporate [...]

Martin Graesslin looks at problems with the interaction between KWin and some graphics drivers. "Now that I have explained all our checks we did to ensure a smooth user experience, I want to explain how it could happen that there are regressions in 4.5. In 4.5 we introduced two new features which require OpenGL Shaders: the blur effect and the lanczos filter. Both are not hard requirements. Blur effect can easily be turned off by disabling the effect and the lanczos filter is controlled by the general effect level settings which is also used for Plasma and Oxygen animations. Both new features check for the required extensions and get only activated iff the driver claims support for it. So everything should be fine, shouldn't it? Apparently not when it comes to the free graphics drivers (please note and remember: we do not see such problems with the proprietary NVIDIA driver!)." (Thanks to Jos Poortvliet)

• The worlds strangest, weirdest and scariest airports - Telegraph
  (tags: aviation)
• Flight attendants to land aircraft in emergency
  O'Leary again ....
  (tags: aviation)
• Standpunkt: Dancing the Sarrazin? - wissenrockt.de
• Rasse, Vererbung und Zucht fuer das christliche Abendland
  Fuer die Steigerung der durchschnittlichen Verbloedung eines Landes gibt es drei Methoden: Es gibt mehr Dumme. Es gibt eine Dominanz von Medien wie Privat-TV, BILD und Spiegel Online. Und es gibt weniger Gebildete.
• EDISEN SENSOR SYSTEM GmbH und CO KG
  kapazitive lichtschalter
• Thilo Sarrazin hat grundlegende genetische Zusammenhaenge falsch verstanden

Debian has updated smbind (sql injection).

Fedora has updated pam_mount (F13, F12: arbitrary code execution), libhx (F13, F12: arbitrary code execution), F13: python (multiple vulnerabilities), and F12: sblim-sfcb (arbitrary code execution).

Mandriva has updated lvm2 (privilege escalation).

Pardus has updated phpmyadmin (cross-site scripting) and mysql (multiple vulnerabilities).

Fedora will be holding a Systemd test day on September 7, 2010. "This week's Test Day, which will take place on Tuesday 2010/09/07 rather than the more usual Thursday, is on systemd, so it's a very important one! It will also serve at least two functions: as usual, the testing will help us to improve the code so that if it does go into the final Fedora 14 release it will work as well as possible, but the Fedora steering committee will also be using the results of the Test Day to help inform their final decision as to whether to go ahead with systemd for the Beta and final release, or whether to revert to upstart. So there's a lot riding on this Test Day."

Version 7.2 of the GDB debugger is out. New features include support for the D language, some C++ improvements, better Python support, better tracepoint support, and more; see the announcement for the details.

The MWR Labs group at MWR Info Security is running a series of articles comparing Linux distributions from a security point of view. Part 1: user space memory protection looks at protection against memory corruption attacks, while Part 2 - into the kernel examines kernel security settings. "The notable exceptions in the results are Fedora and Ubuntu. Both distributions do not allow the ability to write code to a certain memory region and then execute it. This can be observed from the results of the first five tests. Fedora goes one step further and also prevents the bss, data and heap sections from being marked as executable using the 'mprotect' system call. It should be noted that there would still be numerous other memory regions where an attacker could upload their code and then use the 'mprotect' function to mark it as executable."

The 2.4 kernel lives - for a little while longer, at least. Willy Tarreau has just released the 2.4.37.10 update, with a small set of important fixes. This might just be the last update in this series, unless some sort of important fix comes in. "If nothing happens before September 2011, it's possible that there won't be any 2.4.37.11 at all. By that time, the 2.6 kernel will have been available for almost 8 years, this should have been enough for anyone to have a look at it. Users now have one year to migrate or to report critical bugs. I think that's an honest deal." See the announcement for the full description of his planned policy.

Oracle announced two Netra Servers a few days ago: The first one is a blade server, albeit it's in a form factor few of you will ever use. The Netra CP3270 is a so called ATCA blade server. ATCA is the acronym for Advanced Telecommunications Computing architecture. As the name suggests, you find them in use by telecommunication companies for their telephone switching infrastructure e.g. The Netra CP3270 is a NEBS Level 3 certified blade based on two Intel Xeon LC5518 processors. You will find additional information on the Oracle webpage. .

The other server looks a little more common. It's the Netra X4270. It's a rack server, however this one is is NEBS certified as well and it's available with direct current as well as alternating current power supply. You will find more information here.

There is a new Oracle Solaris Podcast available:

By combining the great products and technologies from Oracle and Sun, we are able to deliver a complete solution to our customers - from applications to disk. In this episode, the hosts dive into some of the things we've been doing over the last six months to integrate testing, support, and applications. They also cover early plans for deploying Sun systems in Oracle's Global IT infrastructure and how this will benefit our customers.