Thank you FreeBSD Community!

freebsd foundation logoDeb Goodkin announced on behalf of the FreeBSD Foundation their gratitude for last year’s donations.

Dear FreeBSD Community,

The FreeBSD Foundation would like to thank everyone for your donations in 2008. We are extremely grateful to everyone who dug deep in their pockets, during these hard times, to help us get very close to our goal.

We raised $282,481 towards our goal of $300,000. With the downturn in the economy, we were very concerned about getting close to our goal. By the end of November, we had only raised $190,000. We sent out a plea for
donations and we received 173 donations in December!

This year we had 450 donors, compared to 374 last year. We were impressed with all the donations received from developers and other volunteers who already put in countless hours supporting the project.

We will be posting our 2009 budget soon, so you can see how we plan to spend the funds.

Sincerely,

The FreeBSD Foundation

Source: FreeBSD Advocacy mailinglist

FreeBSD 7.1 gets a little help from Sun

FreeBSD LogoThis is an interesting article on how code and technologies are shared between FreeBSD and Sun

Latest BSD release adds new Sun developed feature but the tech transfer isn’t just one one way:

FreeBSD 7.1 includes numerous improvements over its predecessor FreeBSD 7.0, including Sun Microsystem-developed Dtrace technology as well as new boot options and scalability improvements.

The FreeBSD 7.1 release comes as FreeBSD developers push toward a FreeBSD version 8.0 later this year. The FreeBSD 7.1 release also demonstrates how the open source ecosystem can extend across company lines as well different operating systems. FreeBSD is one of the earliest open source operating system projects and is a direct descendant of the original open source BSD work performed at the University of California, Berkeley.

DTrace is a mature and compelling technology for performance monitoring developed originally by Sun, released as open source as part of OpenSolaris,

FreeBSD core team member Robert Watson told InternetNews.com.

While we have had many tools for specific sorts of analysis in the past, DTrace is an excellent general-purpose framework for managing and presenting trace data, and also allowing us to more easily add new types of tracing.

Watson added that integrating DTrace into FreeBSD would not have been possible without Sun’s contribution of DTrace to the open source world. John Birrell, who did the port, has been in close contact with Sun during his work.

Bryan Cantrill, senior staff engineer at Sun Microsystems, toldInternetNews.com that, in addition to Birrell, several FreeBSD folks attended Sun’s DTrace unconference last year.

DTrace isn’t the only Sun-developed technology found in FreeBSD. The FreeBSD 7.0 release introduced experimental support for Sun’s ZFS filesystem. Plus, the technology transfer goes more than one way between Sun and FreeBSD.

We (the FreeBSD Project) have made a lot of noise about adopting some key OpenSolaris technologies. I’m not sure that the movement of code in the other direction has been as well-publicized, FreeBSD’s Watson said.

Watson argued that OpenSolaris has benefited from adopting the FreeBSD wireless networking framework in its kernel as well as the CIFS file system support in OpenSolaris, which is also from FreeBSD.

Sun denied that the CIFS stack came from FreeBSD. A Sun spokesperson noted that it comes from a company that Sun acquired years ago named Procom. The spokesperson agreed that many of OpenSolaris’s WiFi drivers and kernel WiFi infrastructure (common/io/net80211/) derive from FreeBSD.

 

Source & full article: internetnews.com (06-01-2008)

 

 

 

FreeBSD Security Advisories (openssl & lukemftpd)

FreeBSD LogoThe FreeBSD Team has issued 2 security warnings:

FreeBSD-SA-09:02.openssl

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

II. Problem Description

The EVP_VerifyFinal() function from OpenSSL is used to determine if a digital signature is valid. The SSL layer in OpenSSL uses EVP_VerifyFinal(), which in several places checks the return value incorrectly and treats verification errors as a good signature. This is only a problem for DSA and ECDSA keys.

III. Impact

For applications using OpenSSL for SSL connections, an invalid SSL certificate may be interpreted as valid. This could for example be used by an attacker to perform a man-in-the-middle attack.

Other applications which use the OpenSSL EVP API may similarly be affected.

For a workaround, solution and patch etc go here

 

FreeBSD-SA-09:01.lukemftpd

I. Background

lukemftpd(8) is a general-purpose implementation of File Transfer Protocol (FTP) server that is shipped with the FreeBSD base system. It is not enabled in default installations but can be enabled as either an inetd(8) server,
or a standard-alone server.

A cross-site request forgery attack is a type of malicious exploit that is mainly targeted to a web browser, by tricking a user trusted by the site into visiting a specially crafted URL, which in turn executes a command which performs some privileged operations on behalf of the trusted user on the victim site.

II. Problem Description

The lukemftpd(8) server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command.

III. Impact

This could, with a specifically crafted command, be used in a cross-site request forgery attack.

FreeBSD systems running lukemftpd(8) server could act as a point of privilege escalation in an attack against users using web browser to access trusted FTP sites.
 

For a workaround, solution and patch etc go here

 

For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit http://security.FreeBSD.org

Volunteers needed to add Subtitles to Conference Videos

Most of you will have heard by now about the BSD Conferences channel on YouTube. At the moment there are 23 videos, but they’re missing subtitles. Murray Stokely writes:

I’d really like to add subtitles to the YouTube metadata as this has been requested by several users. Once we have subtitles they will be automatically machine translated so that users can choose captions in
the language they are most comfortable with.

If you have experience with undertitling or if you’re interested, have a look at this post.

Winter Version of BSDA Study DVD

Dru Lavign writes on her blog about the Winter versions of BSDA study DVD:

The newest version of the BSDA Study DVD is finally ready and available for sale from the  BSDA Certification website

Due to the holidays, we won’t start shipping til next Friday, January 9th. Those of you who have already ordered a DVD or are owed a DVD will have yours shipped next Friday. As always, the information available on the DVD is freely available on the Internet–the DVD is a thank you for those who are able to support the BSD Certification effort with a donation of $40 USD. The contents of the DVD include: 

more…

Frenzy Project – update

frenzy bsd logoI contacted Sergei Mozhaisky, the Frenzy Administrator LiveCD developer, for his reasons (which he blogged about on his Russion blog) to stop with the development of Frenzy BSD.

I made Frenzy 5 years ago because I needed it in my work. I was a system administrator (first at university, then in local ISPs) and Frenzy helped me a lot in my everyday tasks. FreeBSD is a popular server system in ex-USSR, so Frenzy quickly become popular among russian-speaking sysadmin community.

But life is unpredictable. In March 2008 I’ve left my sysadmin job and became a freelance programmer. Since this I’ve never used Frenzy for my work, so motivation for further development is lost. Also I have not so much free time as before…

Another reason for stopping is that there are no other developers joining and sharing the workload.

The second problem is that I was only one developer. My efforts to create a community for group develoment was failed, most of those who make some progress soon create their own distrubutions instead of collective work.

Further development if Frenzy will take a lot of time and is too heavy now for only one developer.

If anybody is interested in continuing the project, the source codes for build scripts can be obtained via SVN:

It would be really good if this project could be continued.

FreeBSD 7.1 release document available

FreeBSD LogoOn Saturday we announced the availability of FreeBSD 7.1 but not documentation was available at that point yet.

The 7.1 release documement can be viewed at http://www.freebsd.org/releases/7.1R/relnotes.html

The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 7.1-RELEASE.  This is the second release from the 7-STABLE branch which improves on the functionality of FreeBSD 7.0 and introduces some
new features.  Some of the highlights:

  • The ULE scheduler is now the default in GENERIC kernels for amd64 and i386 architectures.  The ULE scheduler significantly improves performance on multicore systems for many workloads.
  • Support for using DTrace inside the kernel has been importedfrom OpenSolaris.  DTrace is a comprehensive dynamic tracing framework.
  • A new and much-improved NFS Lock Manager (NLM) client.
  • Boot loader changes allow, among other things, booting from USB devices and booting from GPT-labeled devices.
  • The cpuset(2) system call and cpuset(1) command have been added, providing an API for thread to CPU binding and CPU resource grouping and assignment.
  • KDE updated to 3.5.10, GNOME updated to 2.22.3.
  • DVD-sized media for the amd64 and i386 architectures

Links: FreeBSD.org | download FreeBSD | Release Notes

FreeBSD 7.1 is being mentioned and blogged about on a number of websites:

Hopefully, this will get more people interested in FreeBSD.

Did you know FreeBSD was the first open source OS project in 2009 to announce a new version?

Build a NAS device using FreeNAS

Dave Lawlor at trainsignaltraining.com has created a beginners friendly tutorial for installing and configuring FreeNAS

In this demo I am going to walk you through setting up one of those alternatives, called FreeNAS.FreeNAS, as you might have been able to garner from its name, is free open source NAS software that is pretty robust.

It supports CIFS/SB, FTP, NFS, RSYNC SSH, AFP, Unison, UPnP, ISCSI, local and Microsoft Active Directory authentication, SoftRAID, disk encryption, and has a WebGUI interface. FreeNAS can also be configured to run off a USB Key to keep all that hard drive space for storage. It is built on the FreeBSD platform but you won’t need to know any Linux to get it up and running.

For this demo I am going to setup a RAID 1 drive and make it so I can access it from Windows Vista.

The step-by-step instructions are really easy to follow, with many screenshots.