Tokolosh writes: On February 13, 2018 the FreeBSD Foundation posted its Code of Conduct. This included a system for reporting offenders, plus a Code of Conduct Committee to review charges and issue sanctions. The resulting story on Slashdot on February 17 triggered 859 comments. Needless to say, it was controversial. In 2020, a survey indicated that some 35% of the FreeBSD…
Tag: FreeBSD
Three npm Packages Opened Remote-Access Shells on Linux and Windows Systems
“Three JavaScript packages have been removed from the npm portal on Thursday for containing malicious code,” reports ZDNet. “According to advisories from the npm security team, the three JavaScript libraries opened shells on the computers of developers who imported the packages into their projects.” The shells, a technical term used by cyber-security researchers, allowed threat actors to connect remotely to the…
New Fuzzing Tool Finds 26 USB Bugs in Linux, Windows, macOS, and FreeBSD
Academics say they have discovered 26 new vulnerabilities in the USB driver stack employed by operating systems such as Linux, macOs, Windows, and FreeBSD. From a report: The research team, made up by Hui Peng from Purdue University and Mathias Payer from the Swiss Federal Institute of Technology Lausanne, said all the bugs were discovered with a new tool they created,…
The ‘Go’ Team Releases Version 1.14
The new 1.14 release of the Go programming language “is dotted with performance and security improvements,” reports the developer news site DevClass, “but also gives devs more flexibility when it comes to module use.” And they also give a nice overview of Go’s development process:
Go is the language most containerization projects are built with. The wide adoption of this approach is…
OpenBSD Mail Server Bug Allowed Remotely Executing Shell Commands As Root
This week a remotely-exploitable vulnerability (granting root privileges) was discovered in OpenSMTPD (OpenBSD’s implementation of server-side SMTP). ZDNet notes that the library’s “portable” version “has also been incorporated into other OSes, such as FreeBSD, NetBSD, and some Linux distros, such as Debian, Fedora, Alpine Linux, and more.”
To exploit this issue, an attacker must craft and send malformed SMTP messages to a…
Project Trident Ditches BSD For Linux
Project Trident is moving from FreeBSD to Void Linux, reports Its FOSS: According to a later post, the move was motivated by long-standing issues with FreeBSD. These issues include “hardware compatibility, communications standards, or package availability continue to limit Project Trident users”. According to a conversation on Telegram, FreeBSD has just updated its build of the Telegram client and it was…
Some Original Berkeley Unix Pioneers Still Work On The FreeBSD Project
Slashdot reader sfcrazy writes:
The Linux Foundation hosted the executive director of the FreeBSD Foundation, Deb Goodkin, at the Open Source Summit in San Diego. In this episode of Let’s Talk, we sat down with Goodkin to talk about the FreeBSD project and the foundation. “How did they let you in?” jokes their interviewer. “They didn’t realize that FreeBSD was not a…