http://www.ranum.com/security/computer_security/editorials/dumb/ explained in detail that filtering badness is a dumb idea, so if we wanted to build a linux antivirus software, we would need a whitelist of programs that would be allowed to execute. We can easily use the rpm database for that. But what is missing, is a mechanism through that the kernel would check before executing $binary if it is OK to run it.

Wireshark has a CLI program called tshark that can dump the dissectors raw (or xml) output. It would be nice to have complete curses wireshark UI, either by reusing tshark xml output or by making another ui program.

I want to write a bot that generates random Gothic facades. Maybe using L-systems? Maybe that generates SVG?

The YaST team is rewriting yast2-storage. That includes new shiny code for the storage proposal during installation. It calculates what partitions and/or volumes need to be created to allocate the system and finds the best way to create those partitions in the existing free spaces. The second part becomes more complicated than it looks as soon as you start considering the restrictions imposed by each volumes and by the technology (primary vs logical partitions, for example).

PDF format allows inclusion of digital signatures. Unfortunately, Evince can't provide these metadata to the user.

>Resilient File System (ReFS), codenamed "Protogon", is a Microsoft proprietary file system introduced with Windows Server 2012 with the intent of becoming the "next generation" file system after NTFS.

The only Mediatek "hacker" board available is from 96 Boards [1]. Unfortunately up to now there is nearly no mainline support. Idea would be to improve this situation. The idea would be to get the pin-controller merged first and then hopefully most of the other stuff can be just added (fingers crossed...)

This idea was inspired by the recent discussion on the "talk" mailing list about the (in)security of the German ID card. The Chaos Computer Club and other researchers claim that the ID card is insecure. Actual attacks that have been demonstrated are based on keyloggers.

Almost all our laptops, and many servers, feature a TPM today. The TPM doesn't have the best reputation in the community because it could be used to lock down platforms or do nasty things with DRM. Under normal conditions on PCs, the TPM is controlled by the system owner and could actually be useful for almost anything involving crypto. Unfortunately the integration of the TPM in the OS is essentially non-existent. The introduction of the TPM2.0 standard complicates matters, because we now have two different devices with different APIs.

The idea is to present a virtual fc HBA to qemu/kvm guest, The frontend implementation is virtio-fc, the backend is a physical fc HBA with npiv support.