FreeBSD-Current Random Number Generator Broken

February 18th, 2015 by Rob


First time accepted submitter bobo the hobo writesThe FreeBSD random number has been discovered to be generating possibly predictable SSH keys and SSL certificates for months. Time to regenerate your keys and certs if using FreeBSD-Current. A message to the freebsd-current mailing list reads in part: “If you are running a current kernel r273872 or later, please upgrade your kernel to r278907 or later immediately and regenerate keys. I discovered an issue where the new framework code was not calling randomdev_init_reader, which means that read_random(9) was not returning good random data. read_random(9) is used by arc4random(9) which is the primary method that arc4random(3) is seeded from.”

Share on Google+

Read more of this story at Slashdot.



PC-BSD: Set For Serious Growth?

February 17th, 2015 by Rob


Artem Tashkinov writes: Luke Wolf, a KDE developer, argues that PC-BSD might become a serious desktop OS contender by year 2020, since Linux so far has failed to grasp any serious market share. He writes, “Consider this: In the past 10 years has the distribution you run changed significantly in what it offers over other distributions? I think you’ll find the answer is largely no. I do have to give a shout out to openSUSE for the OBS, but otherwise I’ve used my desktop in the same exact way that I have always used it within the continuity of distribution X,Y, or Z since I started using them. Distributions simply aren’t focused on desktop features, they’re leaving it up to the DEs to do so.” He continues, “PC-BSD on the other hand in fitting with the BSD mindset of holistic solutions is focused on developing desktop features and is moving rapidly to implement them.” What do you think?

Share on Google+

Read more of this story at Slashdot.



New committer: Wei Hu (src)

February 11th, 2015 by Rob


Book Review: FreeBSD Mastery: Storage Essentials

January 19th, 2015 by Rob


Saint Aardvark writes If, like me, you administer FreeBSD systems, you know that (like Linux) there is an embarrassment of riches when it comes to filesystems. GEOM, UFS, soft updates, encryption, disklabels — there is a *lot* going on here. And if, like me, you’re coming from the Linux world your experience won’t be directly applicable, and you’ll be scaling Mount Learning Curve. Even if you *are* familiar with the BSDs, there is a lot to take in. Where do you start? You start here, with Michael W. Lucas’ latest book, FreeBSD Mastery: Storage Essentials. You’ve heard his name before; he’s written Sudo Mastery (which I reviewed previously), along with books on PGP/GnuPGP, Cisco Routers and OpenBSD. This book clocks in at 204 pages of goodness, and it’s an excellent introduction to managing storage on FreeBSD. From filesystem choice to partition layout to disk encryption, with sidelong glances at ZFS along the way, he does his usual excellent job of laying out the details you need to know without every veering into dry or boring. Keep reading for the rest of Saint Aardvark’s review.

Share on Google+

Read more of this story at Slashdot.



New committer: Jan Beich (ports)

January 19th, 2015 by Rob


Ask Slashdot: Migrating a Router From Linux To *BSD?

January 15th, 2015 by Rob


An anonymous reader writes I’m in the camp that doesn’t trust systemd. You can discuss the technical merits of all init solutions all you want, but if I wanted to run Windows NT I’d run Windows NT, not Linux. So I’ve decided to migrate my homebrew router/firewall/samba server to one of the BSDs. Question one is: which BSD? Question two: where’s some good documentation regarding setting up a home router/firewall on your favorite BSD?It’s fine if the documentation is highly technical, I’ve written linux kernel drivers before :)

Share on Google+

Read more of this story at Slashdot.



October–December, 2014 Status Report

January 15th, 2015 by Rob


The October–December, 2014 Status Report is now available.

OpenBSD’s Kernel Gets W^X Treatment On Amd64

January 14th, 2015 by Rob


New submitter brynet tips this news from Theo de Raadt: Over the last two months Mike Larkin (mlarkin@) modified the amd64 kernel to follow the W^X principles. It started as a humble exercise to fix the .rodata segment, and kind of went crazy. As a result, no part of the kernel address space is writeable and executable simultaneously. At least that is the idea, modulo mistakes. Final attention to detail (which some of you experienced in buggy drafts in snapshots) was to make the MP and ACPI trampolines follow W^X, furthermore they are unmapped when not required. Final picture is many architectures were improved, but amd64 and sparc64 look the best due to MMU features available to service the W^X model. The entire safety model is also improved by a limited form of kernel ASLR (the code segment does not move around yet, but data and page table ASLR is fairly good.”

Share on Google+

Read more of this story at Slashdot.



New committer: Muhammad Moinur Rahman (ports)

December 14th, 2014 by Rob


FreeNAS 9.3 Released

December 11th, 2014 by Rob


An anonymous reader writes This FreeNAS update is a significant evolutionary step from previous FreeNAS releases featuring: a simplified and reorganized Web User Interface, support for Microsoft ODX and Windows 2012 clustering, better VMWare integration, including VAAI support, a new and more secure update system with roll-back functionality, and hundreds of other technology enhancements. You can get it here and the list of changes are here. Existing 9.2.x users and 9.3 beta testers are encouraged to upgrade.

Share on Google+

Read more of this story at Slashdot.