Sign in / up

back to article Better crypto, white-box switch support in Linux 4.2

Linux 4.2 hit the wires yesterday, marking the end of its cycle of eight release candidates. The new kernel only needed a handful of fixes in the past week, according to Linus Torvalds' release note. Now that it's general availability, the kernel does bring some goodies worth having. The Crypto Forum Research Group's ChaCha20 …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. thames

    LSMs

    I seem to remember that various people working on security systems wanted stackable modules years ago, but the SE Linux people protested against it on the grounds that everybody should just use SE Linux and that therefore stackable modules were redundant.

    I'm not surprised to see this now. It was predicted that this would come back once everyone was willing to admit that SE Linux isn't a panacea (nor is Apparmour or Tomoyo).

    2 1 Reply
    1. Anonymous Coward
      Reply Icon
      Big Brother

      Re: LSMs

      "the SE Linux people" are the NSA

      They REALLY dislike ANYONE using ANYTHING other than THEIR SHA(MD5 Rehashes)/AES(Simplified Rijndael) craptography prescription too.

      Just sayin'

      2 2 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: LSMs

        Given the military uses those standards, too, why would they want military secrets encoded with something easy to break (period, since if one can break it, so can another, relatively easily)?

        1 1 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: LSMs

          "Given the military uses those standards..."

          Um, no. For bogroll requisitions only. Using "those standards" to "protect" something actually sensitive would solicit immediate court-martial.

          Why "use" them at all? It's for us. It's called theatre.

          1 2 Reply
          1. Anonymous Coward
            Reply Icon
            Anonymous Coward

            Re: LSMs

            They're the same standards used by the military, which prefer something simpler to implement and to check on. It's in the Rainbow Series, and I DO have insider connections; I'm actually familiar with the military. They know security by obscurity doesn't work, so they take the castle approach: as in, it's easy to advertise yourself if you can guard the ways in. So I ask again. Why would the military (which has pretty important secrets to keep) use an encryption standard (like AES) that wasn't well-hardened so as to safeguard their own data from outsiders?

            PS. For the higher-grade stuff they just use higher levels of the same algorithm.

            1 1 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: LSMs

      "I seem to remember that various people"

      Stackable security modules were rejected originally because of performance and "lack of users" concerns. Faster CPUs make the former less of an issue. Probably the "no one using it" problem is going to stay around, though.

      There may be some interesting things that you could do with it (user configured sandboxes?). Probably not going to be much better than the existing SELinux process sandbox features, though.

      1 1 Reply
  2. asp

    すし, 寿司, 鮨

    Sushi (すし, 寿司, 鮨) is a Japanese food consisting of cooked vinegared rice (鮨飯, sushi-meshi) combined with other ingredients.

    1 0 Reply
    1. deive
      Reply Icon

      Re: すし, 寿司, 鮨

      Yeah, think the word Richard was looking for is sashimi...

      Maybe we should call all animal products exactly what they are, may turn a lot of people into vegies

      0 0 Reply
      1. Eddy Ito
        Reply Icon

        Re: すし, 寿司, 鮨

        Maybe we should call all animal products exactly what they are, may turn a lot of people into vegies

        Oh, I don't know. They've been serving things like 炸豬大腸 and 大腸麵線 in China for a while and nobody seems to mind.

        0 0 Reply
  3. Zolko Silver badge

    uname -r: 4.2.0-z2

    yup, had to use this one, cause only this version supports completely the Macbook Pro 13 retina. Only worked on second try though, on Linux Mint 17.2. Uptime 2 hours, let's see how stable it is.

    2 1 Reply
    1. phil dude
      Reply Icon
      Linux

      Re: uname -r: 4.2.0-z2

      on behalf of the rest of use that have yet to walk *that* road, thank you for taking a few steps...

      P.

      3 0 Reply
  4. akeane
    Linux

    Forget all that boring crypto rubbish...

    ... and instead admire the awesome Pingu stamp!!!

    MOC-MOC!!!

    The only possible way it could be improved is if he had a little trumpet to go around annoying everyone with; especially that Sammy, the boring, the seal.

    HAIL PINGU!

    3 0 Reply
  5. palmerhunt

    The brilliance of Linux is in its simplicity as it is the standard Linux software. It makes use of commodity hardware switches such as brite box or [URL=http://ipfabrics.net/collections/open-networking-cumulus-whitebox-switch]White box Switch[/URL]. It can be scripted, adjusted, adapted, and customized according to the administrator’s requirements. The Linux offers a combination of flexibility, compatibility, and ease of use that has redefined the traditional networking approach.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like