The H Roundup - Adblocker accusations, open backdoors and Xiph codecs
Welcome to The H Roundup, your review of the week with the most read news on The H, the security alerts and open source releases, and the essential feature articles – all in one quick-to-scan news item. This week: Adblocker accusations, open backdoors in backup boxes from HP, Xiph's latest codec, what's coming in Linux 3.10, the free software world post-Prism and Opera's malware problem.
Top News
A number of allegations were made over the business behind Adblock Plus, a real backdoor was discovered in HP backup systems which demonstrated the danger of tech support "access" and Xiph unveiled the early work it has been doing to create a next-next-generation video codec to take on H.265.
- Serious accusations against AdBlock Plus
- Backdoor in HP backup servers
- Xiph unveils "next-next-generation" video codec
Raspberry Pi owners got a beta of XBian 1.0, an XBMC-centric Linux distribution, The H's Open Recall looked at FreeBSD on the PlayStation 4 and future changes in systemd, and, Mozilla released Firefox 22 with JavaScript boosting OdinMonkey and full WebRTC support.
- First beta of XBian 1.0 for Raspberry Pi
- Open Recall: PlayStation 4 OS, VLC licence change, systemd changes
- Firefox 22 offers real-time video communications and faster JavaScript
Surprising some who thought it was already open source, Citrix open sourced the XenServer platform. Also more economically available, unfortunately in this case, was the Carberp banking malware which has now been leaked onto file sharing networks. Android phone owners looking for an alternative ROM can now get their hands on CyanogenMod 10.1 which will have monthly releases going forward.
- Citrix open sources XenServer
- Banking malware Carberp - was $50,000, now free
- CyanogenMod 10.1 released, monthly release series begins
Adobe open sourced its C/C++ to Flash compiler, for those still using Flash as a development platform, and the first release candidate of LibreOffice 4.1 landed ready for the bug hunters to do their work.
Features
In a world where every government is spying on everyone and where new revelations and old insecurities arrive in the press, what does free software, and the organisations and communities around it, need to do in the post-PRISM world? Glyn Moody looks at some possibilities.
As Linux 3.10 approaches, Thorsten Leemhuis has performed his analysis of what to expect in filesystems, storage, infrastructure and drivers.
- Kernel Log: Coming in 3.10 (Part 2) - Filesystems and storage
- Kernel Log: Coming in 3.10 (Part 3) - Infrastructure
- Kernel Log: Coming in 3.10 (Part 4) - Drivers
Open Source Releases
New releases for TeX Live, KScreen, ownCloud for Enterprise, Mint 15 KDE and XFCE versions, Xen for CentOS, Knoppix 7.2 and darktable 1.2.2. For developers, Rails 4.0 rolled out, Eclipse's Kepler entered orbit, a Ruby update fixed an SSL vulnerability and a playground for App Engine opened. The next version of Firefox, just in beta, gets a universal share button.
- Annual update released for TeX Live
- New KDE screen management tool ready for widespread use
- Linux Mint 16 to be named "Petra", release due in November
- Xen comes back to CentOS with Xen4CentOS
- Netflix releases open source Genie for Hadoop
- Playground in Google Cloud
- Upcoming ownCloud Enterprise 5 improves authentication speed
- Rails 4.0 rolls out to reduce client-side coding
- Eclipse Kepler enters public orbit
- Knoppix 7.2 brings UEFI support
- Ruby update fixes SSL man-in-the-middle vulnerability
- Darktable 1.2.2 adds new cameras
Development releases
Security Alerts
WordPress users should have updated to get a solid batch of fixes for a variety of vulnerabilities. Opera users will need to give their systems a scan after a break into Opera's systems meant malware signed with an expired Opera signature was pushed into the update system.
For everything The H has published in the last week, check out the last seven days of news. To keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.
(djwm)