Slashdot Mirror

ffs writes "The next release of Fedora, 11, will default to the ext4 file system unless serious regressions are seen, as reported by heise online. The LWN story has a few comments extolling the virtues of the file system. Some benchmarks have shown ext4 to be much faster than the current default ext3. Some of the new features that matter for desktop users are a faster file system check, extents support (for efficiently storing large files and reducing fragmentation), multiblock allocation (faster writes), delayed block allocation, journal checksumming (saving against power / hardware failures), and others. The KernelNewbies page has more information on each feature. As is the extfs tradition, mounting a current ext3 filesystem as ext4 will work seamlessly; however, most new features will not be available with the same on-disk format, meaning a fresh format with ext4 or converting the disk layout to ext4 will offer the best experience."

Heise Security reports that a 'team of researchers from Bonn University and RWTH Aachen University have analysed the notorious Storm Worm botnet, and concluded it certainly isn't as invulnerable as it once seemed. Quite the reverse, for in theory it can be rapidly eliminated using software developed and at least partially disclosed by Georg Wicherski, Tillmann Werner, Felix Leder and Mark Schlösser. However it seems in practice the elimination process would fall foul of the law.'

Sub Zero 992 writes "Heise Security (article in German) is reporting that at this year's Chaos Communications Congress (25C3) researchers in Europe's dedected.org group have published an article (PDF) showing, using a PC-Card costing only EUR 23, how to eavesdrop on DECT transmissions. There are hundreds of millions of terminals, ranging from telephones, to electronic payment terminals, to door openers, using the DECT standard." So far, the Heise article's German only, but I suspect will show up soon in English translation. Update: 12/30 21:27 GMT by T : Reader Juha-Matti Laurio writes with the story in English. Thanks!

Kjella writes "A little over a week ago we discussed the EU's forbidding of disconnecting users from the Internet. But even after having passed with an 88% approval in the European Parliament, and passing through the European Commission, it was all undone last week. The European Council, led by French President Nicolas Sarkozy, removed the amendment before passing the Telecom package. This means that there's now nothing stopping France's controversial 'three strikes' law from going into effect. What hope is there for a 'parliament' where near-unanimous agreement can be completely undone so easily?"

Elektroschock writes "An EU document on the Anti-Counterfeiting Treaty was leaked. The main purpose of the trade agreement is to impose the European enforcement measures for IPR infringements on the US and emerging economies, widen the enforcement measures to include criminal sanctions for patent infringements, and introduce internet content filtering measures. Civil society groups such as the FFII criticize the ACTA process because negotiation documents are not made publicly available by the governments. The EU document ('fact sheet') from the EU Trade Commissioner explicitly mentions: 'Internet distribution and information technology — e.g. mechanisms available in EU E-commerce Directive of 2000, such as a definition of the responsibility of internet service providers regarding IP infringing content.'" And an anonymous reader adds Michael Geist's push for more transparency around ACTA negotiations in Canada.

javipas writes "A simple analysis of the most updated version (a Git checkout) of the Linux kernel reveals that the number of lines of all its source code surpasses 10 million, but attention: this number includes blank lines, comments, and text files. With a deeper analysis thanks to the SLOCCount tool, you can get the real number of pure code lines: 6.399.191, with 96.4% of them developed in C, and 3.3% using assembler. The number grows clearly with each new version of the kernel, that seems to be launched each 90 days approximately."

javipas writes "A simple analysis of the most updated version (a Git checkout) of the Linux kernel reveals that the number of lines of all its source code surpasses 10 million, but attention: this number includes blank lines, comments, and text files. With a deeper analysis thanks to the SLOCCount tool, you can get the real number of pure code lines: 6.399.191, with 96.4% of them developed in C, and 3.3% using assembler. The number grows clearly with each new version of the kernel, that seems to be launched each 90 days approximately."

Heise.de's Kernel Log has a look at the ext4 filesystem as Linus Torvalds has integrated a large collection of patches for it into the kernel main branch. "This signals that with the next kernel version 2.6.28, the successor to ext3 will finally leave behind its 'hot' development phase." The article notes that ext4 developer Theodore Ts'o (tytso) is in favor of ultimately moving Linux to a modern, "next-generation" file system. His preferred choice is btrfs, and Heise notes an email Ts'o sent to the Linux Kernel Mailing List a week back positioning ext4 as a bridge to btrfs.

An anonymous reader writes "Some Intel cards don't just not work with the new OpenSUSE beta, they can get bricked as well. Check your hardware before you install!" The only card mentioned as affected is the Intel e1000e, and it's not just OpenSUSE for which this card is a problem, according to this short article: "Bug reports for Fedora 9 and 10 and Linux Kernel 2.6.27rc1 match the symptoms reported by SUSE users."

An anonymous reader writes "According to a report on heise, Intel is switching from using Ubuntu to the Fedora Project for the second version of the Intel supported Mobile & Internet Linux Project Moblin, citing a desire to use RPM package management." So far, of the various subnotebooks I've been glancing at over shoulders at OSCON, though, most of the ones with an easily identified operating system seem to be running Ubuntu.

schliz alerts us that ISO, in response to the four appeals (Venezuela, India, Brazil, South Africa) filed in recent weeks, has put the OOXML standardization process on hold. Here is ISO's press release, which says that ISO/IEC DIS 29500 will not be published for at least "several months" while the appeals process goes forward.
Update: 06/11 10:13 GMT by KD : Reader Alsee points out that the fourth officially recognized appealing country is Venezuela, not Denmark as originally stated. The protests of Denmark and Norway are being disregarded, as they do not come from the administrative heads of their national organizations.

LinuxWatch writes "'It's been long promised, but there it is now,' began Linux creator Linus Torvalds, announcing the 2.6.25 Linux kernel. He continued, 'special thanks to Ingo who found and fixed a nasty-looking regression that turned out to not be a regression at all, but an old bug that just had not been triggering as reliably before. That said, that was just the last particular regression fix I was holding things up for, and it's not like there weren't a lot of other fixes too, they just didn't end up being the final things that triggered my particular worries.' There were numerous changes in this revision of the OS. The origins of some of those fixes is detailed in Heise's brief history of this kernel update."

juct writes "Manufacturers of USB sticks and cards with fingerprint readers promise us that their data safes can only be opened with the right fingerprint. In their tests, heise Security found that it is easy to bypass the authentication and get access to the protected data. This works by sending a single USB command, using the open source tool PLscsi, that changes the accessible partition. They found the vulnerability in several USB sticks that use the same chipset. The article concludes: 'The fingerprint sensors in the products mentioned above apparently only serve one purpose: they mislead interested buyers. They do not provide any significant level of protection. We can only recommend that these products not be purchased.'"

juct writes "A label on the box reading 'AES' does not ensure that your data are protected. heise examined a hard drive enclosure with an RFID key that is typical of many similar products. They found that the 128-bit AES hardware encryption claimed in advertisements was in fact a simple XOR encryption that they were able to break easily with a known plaintext attack." The manufacturer of the drive examined has announced that the product is being retooled and will be reintroduced later this year, presumably with actual AES encryption.