Over on his blog, kernel security developer Kees Cook has a description of live patching the kernel to disable the kexec system call in older kernels. The idea is to be able to turn off kexec without rebuilding the older kernels (future kernels may be able to use the proposed /proc/sys/kernel/kexec_disabled). He examines several possible routes (ksplice, systemtap) before deciding on a more direct approach.
Mozilla has released Firefox 26. The release
notes cover some new features. Java plug-ins are defaulted to 'click
to play', the password manager supports script-generated password fields,
there's support for H.264 on Linux if the appropriate gstreamer plug-ins are
installed, and the release includes the usual pile of bug fixes and
Google has, in its wisdom, decreed that email coming from lwn.net is spam
and is no longer delivering it to gmail users. In typical fashion, there
is no way to appeal such a ruling; Google Knows Best. Unless something
changes soon, we'll be unsubscribing gmail addresses from our mailing
lists. Our apologies for the inconvenience.
Update: we are in communication with some folks at Google; hopefully
this issue will be resolved soon.
The latest project to be announced by the Linux Foundation is the AllSeen
Alliance, an effort to promote development of the "Internet of
Everything." "The members of the AllSeen Alliance will contribute
software and engineering resources as part of their collaboration on an
open software framework that enables hardware manufacturers, service
providers and software developers to create interoperable devices and
4.6.0 of the KDevelop development environment is available.
"Aside from many bug fixes and general improvements such as
performance optimizations in various areas, which make KDevelop 4.6.0
faster and less memory-hungry, a few changes are especially noteworthy: The
ReviewBoard plugin now supports updating existing review requests. There is
a new plugin which adds support for building projects with ninja instead of
make. CMake support was also stabilized and improved, adding support for
missing or new CMake features."
WhisperPush is the CyanogenMod implementation of the "TextSecure" encrypted
text messaging protocol; that implementation is just now finding
its way into the CyanogenMod 10.2 nightly builds. "Moxie
[Marlinspike] has been the lead engineer on the CyanogenMod implementation
of TextSecure, making sure the CM version is both secure and compatible
with his existing services. Unique to the CM implementation is our SMS