Forgot your password?
typodupeerror
Debian

Not Just Apple: GnuTLS Bug Means Security Flaw For Major Linux Distros 144

Posted by timothy
from the holes-to-plug dept.
According to an article at Ars Technica, a major security bug faces Linux users, akin to the one recently found in Apple's iOS (and which Apple has since fixed). Says the article:"The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical 'goto fail' flaw that for months put users of Apple's iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug." And while Apple can readily fix a bug in its own software, at least for users who keep up on patches, "Linux" refers to a broad range of systems and vendors, rather than a single company, and the affected systems include some of the biggest names in the Linux world, like Red Hat, Debian, and Ubuntu.
Bug

Linux Developers Consider On-Screen QR Codes For Kernel Panics 175

Posted by timothy
from the take-a-picture-it'll-last-longer dept.
An anonymous reader writes "Linux kernel developers are currently evaluating the possibility of using QR codes to display kernel oops/panic messages. Right now a lot of text is dumped to the screen when a kernel oops occurs, most of which isn't easily archivable by normal Linux end-users. With QR codes as Linux oops messages, a smart-phone could capture the display and either report the error string or redirect them to an error page on Kernel.org. The idea of using QR codes within the Linux kernel is still being discussed by upstream developers."
Intel

Intel Releases $99 'MinnowBoard Max,' an Open-Source Single-Board Computer 97

Posted by timothy
from the embed-and-deploy dept.
A few months back, we posted a video interview with some of the folks behind the Linux-friendly, x86-based MinnowBoard. TechCrunch reports the release of a more powerful version of the same all-in-one computer, now with a 1.91GHz Atom E3845 processor. According to the linked article, "The board's schematics are also available for download and the Intel graphics chipset has open-source drivers so hackers can have their way with the board. While it doesn’t compete directly with the Raspberry Pi – the Pi is more an educational tool and already has a robust ecosystem – it is a way for DIYers to mess around in x86 architected systems as well as save a bit of cash. The system uses break-out boards called Lures to expand functionality."
Security

Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User? 187

Posted by timothy
from the perfect-security-on-the-way dept.
An anonymous reader writes "I am a new Linux user; I'm on 2nd day now. Currently I am trying out Ubuntu, but that could change. I am looking for a user friendly firewall that I can set up that lets me do these things:1) set up a default deny rule 2) carve out exceptions for these programs: browser, email client, chat client, yum and/or apt. 3) carve out exceptions to the exceptions in requirement 2 — i.e. I want to be able to then block off IPs and IP ranges known to be used by malware, marketers, etc., and all protocols which aren't needed for requirement 2. It also needs to have good enough documentation that a beginner like me can figure it out. Previously, I had done all of the above in AVG Firewall on Windows, and it was very easy to do. So far, I have tried these things:1) IPTABLES — it looked really easy to screw it up and then not notice that it's screwed up and/or not be able to fix it even if I did notice, so I tried other things at that point... 2) searched the internet and found various free firewalls such as Firestarter, GUFW, etc., which I weren't able to make meet my requirements. Can someone either point me to a firewall that meets my needs or else give me some hints on how to make firestarter or GUFW do what I need?"
Hardware Hacking

Tesla Model S Has Hidden Ethernet Port, User Runs Firefox On the 17" Screen 208

Posted by timothy
from the wardriving-in-style dept.
New submitter FikseGTS (3604833) writes "A Tesla Model S owner located a 4 pin connector on the left side of the Tesla Model S dashboard that turns out to be a disguised ethernet networking port. After crafting his owns patch cable to connect with the Tesla's port, a networking connection was established between the Tesla Model S and a laptop computer. The Model S is running a 100 Mbps, full duplex ethernet network and 3 devices were found with assigned IP addresses in the 192.168.90.0 subnet. Some ports and services that were open on the devices were 22 (SSH), 23 (telnet),53 (open domain), 80 (HTTP), 111 (rpcbind), 2049 (NFS), 6000 (X11). Port 80 was serving up a web page with the image or media of the current song being played. The operating system is modified version of Ubuntu using an ext3 filesystem. Using X11 it also appears that someone was able to somewhat run Firefox on both of the Model S screens. Is a jailbroken Tesla Model S on the way?" Some more details on this front would be appreciated, for anyone who has a Tesla they'd like to explore.
Open Source

Linus Torvalds Suspends Key Linux Developer 641

Posted by Soulskill
from the arguing-about-penguins dept.
alphadogg writes: "An argument between developers of some of the most basic parts of Linux turned heated this week, resulting in a prominent Red Hat employee and code contributor being banned from working on the Linux kernel. Kay Sievers, a well-known open-source software engineer, is a key developer of systemd, a system management framework for Linux-based operating systems. Systemd is currently used by several prominent Linux distributions, including two of the most prominent enterprise distros, Red Hat and SUSE. It was recently announced that Ubuntu would adopt systemd in future versions as well. Sievers was banned by kernel maintainer Linus Torvalds on Wednesday for failing to address an issue that caused systemd to interact with the Linux kernel in negative ways."
Debian

Interview: Ask Bruce Perens What You Will 129

Posted by samzenpus
from the go-ahead-and-ask dept.
Bruce Perens is a computer programmer and one of the most important advocates for the open source community. He co-founded the Open Source Initiative with ESR and has worked towards reforms of national and international technology policies. He is an amateur radio enthusiast, and has pushed for open radio communication standards. He is also our interview guest today. As usual, ask as many questions as you'd like, but please, one per post.
Intel

Intel Upgrades MinnowBoard: Baytrail CPU, Nearly Halves Price To $99 92

Posted by Unknown Lamer
from the moar-power dept.
DeviceGuru (1136715) writes "Intel and CircuitCo have revealed a smaller, faster, 2nd-gen MinnowBoard open SBC based on an Atom E3800 SoC and supported by both Android 4.4 and various standard Linux OSes. The MinnowBoard Max, which will ship in Q3 starting at $99, blows past the original MinnowBoard (Slashdot video) on price, performance, and energy consumption. The 3.9 x 2.9-inch Max's $99 starting price includes a 64-bit 1.46GHz Intel Atom E3815 (Bay Trail-T) CPU, 1GB RAM and 8GB SPI flash, and coastline ports for MicroSD, Micro-HDMI, GbE, dual USB, and SATA. Unlike the original MinnowBoard, the Max provides two expansion connectors: a low-speed header, with signals similar to the Arduino's Shield connector; and a high-speed connector, which can support mSATA and mini-PCIe sockets on expansion modules, among other interfaces. Although the Max's design supports CPUs up to Intel's quad-core 1.91GHz (10W TDP) E3845, only two choices shown initially at MinnowBoard.org, with the higher-end $129 model stepping up to a 1.33GHz dual-core E3825 plus 2GB RAM.."
Linux

Linux 3.14 Kernel Released 132

Posted by samzenpus
from the get-it-while-it's-hot dept.
An anonymous reader writes "The Linux 3.14 "Shuffling Zombie Juror" kernel has been released. Significant improvements to Linux 3.14 include the mainlining of SCHED_DEADLINE, stable support for Intel Broadwell CPU graphics, Xen PVH support, stable support for ZRAM, and many other additions. There's also a tentative feature list on KernelNewbies.org."
Virtualization

oVirt 3.4 Means Management, VMs Can Live On the Same Machine 51

Posted by timothy
from the right-there-in-the-open dept.
darthcamaro (735685) writes "Red Hat's open source oVirt project hit a major milestone this week with the release of version 3.4. It's got improved storage handling so users can mix and match different resource types, though the big new feature is one that seems painfully obvious. For the first time oVirt users can have the oVirt Manager and oVirt VMs on the same physical machine. 'So, typically, customers deployed the oVirt engine on a physical machine or on a virtual machine that wasn't managed or monitored,' Scott Herold, principal product manager for Red Hat Enterprise Virtualization said. 'The oVirt 3.4 release adds the ability for oVirt to self-host its engine, including monitoring and recovery of the virtual machine.'" (Wikipedia describes oVirt as "a free platform virtualization management web application community project.")
Bug

Ask Slashdot: How To Handle Unfixed Linux Accessibility Bugs? 266

Posted by timothy
from the linux-on-the-desktop dept.
dotancohen (1015143) writes "It is commonly said that open source software is preferable because if you need something changed, you can change it yourself. Well, I am not an Xorg developer and I cannot maintain a separate Xorg fork. Xorg version 1.13.1 introduced a bug which breaks the "Sticky Keys" accessibility option. Thus, handicapped users who rely on the feature cannot use Xorg-based systems with the affected versions and are stuck on older software versions. Though all pre-bug Linux distros are soon scheduled for retirement, there seems to be no fix in sight. Should disabled users stick with outdated, vulnerable, and unsupported Linux distros or should we move to OS-X / Windows?

The prospect of changing my OS, applications, and practices due to such an ostensibly small issue is frightening. Note that we are not discussing 'I don't like change' but rather 'this unintentional change is incompatible with my physical disability.' Thus this is not a case of every change breaks someone's workflow."
KDE

KDE and Canonical Developers Disagree Over Display Server 202

Posted by samzenpus
from the no-meeting-of-the-minds dept.
sfcrazy (1542989) writes "Robert Ancell, a Canonical software engineer, wrote a blog titled 'Why the display server doesn't matter', arguing that: 'Display servers are the component in the display stack that seems to hog a lot of the limelight. I think this is a bit of a mistake, as it’s actually probably the least important component, at least to a user.' KDE developers, who do have long experience with Qt (something Canonical is moving towards for its mobile ambitions), have refuted Bob's claims and said that display server does matter."
Programming

Ask Slashdot: Moving From Tech Support To Development? 133

Posted by timothy
from the which-flavor-of-ice-cream? dept.
An anonymous reader writes "My eastern European tech-support job will be outsourced in 6 months to a nearby country. I do not wish to move, having relationship and roots here, and as such I stand at a crossroads. I could take my current hobby more seriously and focus on Java development. I have no degree, no professional experience in the field, and as such, I do not hold much market value for an employer. However, I find joy in the creative problem solving that programming provides. Seeing the cogs finally turn after hours invested gives me pleasures my mundane work could never do. The second option is Linux system administration with a specialization in VMware virtualisation. I have no certificates, but I have been around enterprise environments (with limited support of VMware) for 21 months now, so at the end of my contract with 27 months under my belt, I could convince a company to hire me based on willingness to learn and improve. All the literature is freely available, and I've been playing with VDIs in Debian already.

My situation is as follows: all living expenses except food, luxuries and entertainment is covered by the wage of my girlfriend. That would leave me in a situation where we would be financially alright, but not well off, if I were to earn significantly less than I do now. I am convinced that I would be able to make it in system administration, however, that is not my passion. I am at an age where children are not a concern, and risks seem to be, at first sight, easier to take. I would like to hear the opinion and experience of fellow readers who might have been in a similar situation."
AMD

AMD Develops New Linux Open-Source Driver Model 142

Posted by timothy
from the winds-of-change dept.
An anonymous reader writes "AMD privately shared with Phoronix during GDC2014 that they're developing a new Linux driver model. While there will still be an open (Gallium3D) and closed-source (Catalyst) driver, the Catalyst driver will be much smaller. AMD developers are trying to isolate the closed-source portion of the driver to just user-space while the kernel driver that's in the mainline Linux kernel would also be used by Catalyst. It's not clear if this will ultimately work but they hope it will for reducing code duplication, eliminating fragmentation with different kernels, and allowing open and closed-source driver developers to better collaborate over the AMD Radeon Linux kernel driver."
Software

Docker Turns 1: What's the Future For Open Source Container Tech? 65

Posted by timothy
from the within-and-beneath-additional-layers dept.
darthcamaro (735685) writes "Docker has become one of the most hyped open-source projects in recent years, making it hard to believe the project only started one year ago. In that one year, Docker has now gained the support of Red Hat and other major Linux vendors. What does the future hold for Docker? Will it overtake other forms of virtualization or will it just be a curiosity?"
Security

Speedy Attack Targets Web Servers With Outdated Linux Kernels 93

Posted by Soulskill
from the update-your-junk dept.
alphadogg writes "Web servers running a long-outdated version of the Linux kernel were attacked with dramatic speed over two days last week, according to Cisco Systems. All the affected servers were running the 2.6 version, first released in December 2003. 'When attackers discover a vulnerability in the system, they can exploit it at their whim without fear of it being remedied,' Cisco said. After the Web server has been compromised, the attackers slip in a line of JavaScript to other JavaScript files within the website. That code bounces the website's visitors to a second compromised host. 'The two-stage process allows attackers to serve up a variety of malicious content to the visitor,' according to Cisco."
Linux Business

Linux May Succeed Windows XP As OS of Choice For ATMs 367

Posted by Soulskill
from the cash-from-a-penguin dept.
Dega704 sends this news from ComputerWorld: "Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles. Pushing them in that direction apparently is Microsoft's decision to end support for Windows XP on April 8, said David Tente, executive director, USA, of the ATM Industry Association. 'There is some heartburn in the industry' over Microsoft's end-of-support decision, Tente said. ATM operators would like to be able to synchronize their hardware and software upgrade cycles. But that's hard to do with Microsoft dictating the software upgrade timetable. As a result, 'some are looking at the possibility of using a non-Microsoft operating system to synch up their hardware and software upgrades,' Tente said."
Debian

Debian Considering Long Term Support for Squeeze 46

Posted by Unknown Lamer
from the thank-gnu dept.
Via Bits from Debian, comes news that the security team is considering adding a Long Term Support suite for Squeeze (Debian 6) after Jessie (Debian 8) is released sometime next year. From the mailing list post: "At the moment it seems likely that an extended security support timespan for squeeze is possible. The plan is to go ahead, sort out the details as as it happens, and see how this works out and whether it is going to be continued with wheezy. The rough draft is that updates will be delivered via a separate suite (e.g. squeeze-lts), where everyone in the Debian keyring can upload in order to minimise bottlenecks and allow contributions by all interested parties. Some packages will be exempted upfront due to their volatile nature (e.g. some web applications) and others might be expected to see important changes. The LTS suite will be limited to amd64 and i386. The exact procedures will be sorted out soon and announced in a separate mail. ... It needs to be pointed out that for this effort to be sustainable actual contributions by interested parties are required. squeeze-lts is not something that will magically fall from the sky. If you're dependent/interested in extended security support you should make an effort to contribute." If successful, the LTS idea would possibly be carried over to Wheezy. With all of the changes coming in Jessie and its aggressive release schedule, this sysadmin really likes the idea of having a bit more breathing room for updating infrastructure between releases. The email also contains a bunch of other info on changes coming to the security process.

In related news, the Debian Installer team announced the first alpha of debian-installer for Jessie. Just the installer, not the distro as a whole (Jessie will be frozen in November). XFCE remains the default desktop, ia64 was kicked out of the archive, and a few new ARM variants are supported.
Open Source

GNU C Library Alternative Musl Libc Hits 1.0 Milestone 134

Posted by Unknown Lamer
from the pry-glibc-from-my-cold-dead-ld.so dept.
New submitter dalias (1978986) writes "The musl libc project has released version 1.0, the result of three years of development and testing. Musl is a lightweight, fast, simple, MIT-licensed, correctness-oriented alternative to the GNU C library (glibc), uClibc, or Android's Bionic. At this point musl provides all mandatory C99 and POSIX interfaces (plus a lot of widely-used extensions), and well over 5000 packages are known to build successfully against musl.

Several options are available for trying musl. Compiler toolchains are available from the musl-cross project, and several new musl-based Linux distributions are already available (Sabotage and Snowflake, among others). Some well-established distributions including OpenWRT and Gentoo are in the process of adding musl-based variants, and others (Aboriginal, Alpine, Bedrock, Dragora) are adopting musl as their default libc."
The What's New file contains release notes (you have to scroll to the bottom). There's also a handy chart comparing muscl to other libc implementations: it looks like musl is a better bet than dietlibc and uclibc for embedded use.
Data Storage

OpenSUSE 13.2 To Use Btrfs By Default 91

Posted by Soulskill
from the changing-horses dept.
An anonymous reader writes "OpenSUSE has shared features coming to their 13.2 release in November. The big feature is using Btrfs by default instead of EXT4. OpenSUSE is committed to Btrfs and, surprisingly, they are the first major Linux distribution to use it by default. But then again, they were also big ReiserFS fans. Other planned OpenSUSE 13.2 features are Wayland 1.4, KDE Frameworks 5, and a new Qt5 front-end to YaST."
Security

Malware Attack Infected 25,000 Linux/UNIX Servers 220

Posted by Soulskill
from the sudo-configure-your-stuff-properly dept.
wiredmikey writes "Security researchers from ESET have uncovered a widespread attack campaign that has infected more than 25,000 Linux and UNIX servers around the world. The servers are being hijacked by a backdoor Trojan as part of a campaign the researchers are calling 'Operation Windigo.' Once infected, victimized systems are leveraged to steal credentials, redirected web traffic to malicious sites and send as many as 35 million spam messages a day. 'Windigo has been gathering strength, largely unnoticed by the security community, for more than two and a half years and currently has 10,000 servers under its control,' said Pierre-Marc Bureau, security intelligence program manager at ESET, in a statement.

There are many misconceptions around Linux security, and attacks are not something only Windows users need to worry about. The main threats facing Linux systems aren't zero-day vulnerabilities or malware, but things such as Trojanized applications, PHP backdoors, and malicious login attempts over SSH. ESET recommends webmasters and system administrators check their systems to see if they are compromised, and has published a detailed report presenting the findings and instructions on how to remove the malicious code if it is present."
Games

GOG.com To Add Linux Support 55

Posted by Soulskill
from the year-of-linux-on-the-gamebox dept.
jones_supa writes "More great news for Linux gamers: following the footsteps of Steam, GOG.com is preparing delivery of Linux games. They expect to start doing so this autumn. The officially supported distributions will be Ubuntu and Mint. Right now, they are performing testing on various configurations, training up their teams on Linux-speak, and generally preparing for the rollout of at least 100 titles — DRM-free, as usual. This will update some of the catalog's existing games with a Linux port and bring new ones to the collection. Further information on specific games is yet not known, but GOG invites fans and customers to their community wishlist for discussion."
Linux

Crytek Ports CRYENGINE To Linux Support Ahead of Steam Machines Launch 132

Posted by Unknown Lamer
from the getting-crowded-over-here dept.
probain was the first to submit news that Crytek has officially announced the port of their CRYENGINE game engine to Linux and will be demoing it at the Game Developers Conference next week. Quoting: "During presentations and hands-on demos at Crytek's GDC booth, attendees can see for the first time ever full native Linux support in the new CRYENGINE. The CRYENGINE all-in-one game engine is also updated with the innovative features used to recreate the stunning Roman Empire seen in Ryse – including the brand new Physically Based Shading render pipeline, which uses real-world physics simulation to create amazingly realistic lighting and materials in CRYENGINE games."
Android

Google Blocking Asus's Android-Windows "Duet"? 194

Posted by timothy
from the when-free-will-isn't-quite-good-enough dept.
theodp writes "Android is free and open," reiterated Google Android Chief Andy Rubin in 2010 as Microsoft launched Windows Phone 7. Rubin added, 'Competition is good for the consumer and if somebody has an idea for a feature or a piece of functionality in their platform and Android doesn't do it, great. I think it's good to have the benefit of choice, but in the end I don't think the world needs another platform.' But now, CNET and Digitimes report that Google is holding up the Asus Transformer Book Duet TD300 (specs), a laptop-tablet hybrid that can instantly switch between Android and Windows 8.1. A source familiar with the Asus Duet told CNET that Google is the one that has not favored the idea, while Microsoft has not, to date, been actively opposed to the idea. 'If true,' reports Apple Insider, 'it may not be the first time Google has helped to quash such a product.' South Korean electronics giant Samsung quietly canceled plans for its hybrid Ativ Q tablet last year, and Digitimes notes that Asus may not be the only company to bow to Google's wishes."
Education

$2,400 'Introduction To Linux' Course Will Be Free and Online This Summer 84

Posted by timothy
from the divide-by-zero-for-your-discount dept.
kc123 writes "Earlier this week, The Linux Foundation announced that it would be working with edX, a non-profit online learning site governed by Harvard and MIT, to make its "Introduction to Linux" course free and open to all. The Linux Foundation has long offered a wide variety of training courses through its website, but those can generally cost upwards of $2,000. This introductory class, which usually costs $2,400, will be the first from the Linux Foundation to run as a Massive Open Online Course (MOOC)."
Bug

Portal 2 Incompatible With SELinux 212

Posted by timothy
from the are-you-telling-us-the-whole-truth? dept.
jones_supa writes "Valve has recently released Portal 2 on Steam for Linux and opened a GitHub entry to gather all the bugs from the community. When one of the Valve developers closed a bug related to Portal 2 recommending that the users disable a security feature, the Linux community reacted. A crash is caused by the game's interaction with SELinux, the Linux kernel subsystem that deals with access control security policies. Portal 2 uses the third-party Miles Sound System MP3 decoder which, in turn, uses execheap, a feature that is normally disabled by SELinux. Like its name suggests, execheap allows a program to map a part of the memory so that it is both writable and executable. This could be a problem if someone chose to use that particular memory section for buffer overflow attacks; that would eventually permit the hacker to gain access to the system by running code. In the end, Valve developer David W. took responsibility of the problem: 'I apologize for the mis-communication: Some underlying infrastructure our games rely on is incompatible with SELinux. We are hoping to correct this. Of course closing this bug isn't appropriate and I am re-opening it.' This is more of an upstream problem for Valve. It's not something that they can fix directly, and most likely they will have to talk with the Miles developers and try to repair the problem from that direction."
Linux

Ask Slashdot: Linux For Grandma? 287

Posted by Unknown Lamer
from the gnu-slash-grandma dept.
First time accepted submitter BlazeMiskulin writes "With XP approaching end-of-life, I find myself in a situation that I'm guessing is common: What to do with Mom's machine (or 'grandma's machine' for the younger of you). Since a change has to be made, this seems like a good time to move to a Linux distro. My mother (82) uses her computer for e-mail and web-browsing only. I know that any distro will be able to handle her needs. I've been using Linux (Ubuntu, CentOS, and Redhat--usually with KDE interface) for about 10 years now, but I know that my preferences are quite different from hers.

I have my own ideas, but I'm curious what others think: What combination of distro and UI would you recommend for an old, basic-level user who is accustomed to the XP interface and adverse to change?"
My Grandmother seems happy running KDE on Debian.
Red Hat Software

Fedora To Have a "Don't Ask, Don't Tell" For Contributors 212

Posted by timothy
from the the-right-kind-of-discretion dept.
An anonymous reader writes "The Fedora Project is now going to enforce a "Don't Ask, Don't Tell" policy for contributors. What the project's engineering committee is asking their members to conceal is a contributor's nationality, country of origin, or area of residence. There's growing concern about software development contributions coming from export restricted countries by the US (Cuba, Iran, North Korea, Sudan, and Syria) with Red Hat being based out of North Carolina, but should these governmental restrictions apply to an open-source software project?"
Cloud

OpenShift Now Supports Windows; GoDaddy Joins OpenStack 19

Posted by Unknown Lamer
from the didn't-see-that-one-coming dept.
sfcrazy writes "It's not The Onion: Red Hat has partnered with Uhuru Software to bring Microsoft .NET Apps and SQL server capabilities to Red Hat's Platform-as-a-Service solution OpenShift." This brings OpenShift to Windows, and not .NET applications to GNU/Linux OpenShift installations. RedHat customers have apparently been asking for this for a while. The source is available: "The consistent model for managing both Linux and Windows systems that OpenShift provides allow organizations to achieve greater efficiency and agility. Windows is now a full-fledged member of the Open Source world of OpenShift. In keeping with the spirit of Open Source, Uhuru has made all of its OpenShift integration software for Windows available to the community and is working to have it officially integrated into OpenShift Origin."

In related news (OpenShift is usually used on top of OpenStack), darthcamaro writes "The OpenStack cloud platform keeps on gaining new converts. The latest is GoDaddy which today announced it is now officially supporting the OpenStack Foundation. How GoDaddy came to officially join the OpenStack Foundation is interesting, apparently the OpenStack Foundation found out that GoDaddy was using OpenStack though job postings."
Ubuntu

Canonical Ports Chromium To The Mir Display Server 63

Posted by Unknown Lamer
from the then-you-port-mir-to-chromium dept.
An anonymous reader writes "Months after Intel ported the Chromium open-source web browser to Wayland, Chromium is now running on Ubuntu's Mir. The Mir display server port ended up being based on Wayland's Chromium code for interfacing with Google's Ozone abstraction framework. The Ubuntu developer responsible for this work makes claims that they will be trying to better collaborate with Wayland developers over this code." Grab the code hot off the press.
Security

Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk 231

Posted by Soulskill
from the feeling-secure-is-the-biggest-bug dept.
New submitter williamyf writes "According to this article at Ars Technica, '[A] bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn't be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.' The coding error may have been present since 2005."
Chrome

Google Won't Enable Chrome Video Acceleration Because of Linux GPU Bugs 295

Posted by Soulskill
from the off-the-poorly-rendered-table dept.
An anonymous reader writes "Citing 'code we consider to be permanently "experimental" or "beta,"' Google Chrome engineers have no plans on enabling video acceleration in the Chrome/Chromium web browser. Code has been written but is permanently disabled by default because 'supporting GPU features on Linux is a nightmare' due to the reported sub-par quality of Linux GPU drivers and many different Linux distributions. Even coming up with a Linux GPU video acceleration white-list has been shot down over fear of the Linux video acceleration code causing stability issues and problems for Chrome developers. What have been your recent experiences with Linux GPU drivers?"
Android

Android Beats iOS As the Top Tablet OS 487

Posted by Unknown Lamer
from the gnu-feeling-left-out dept.
sfcrazy writes "Linux is on a roll. After conquering the smartphone space, Android is now dominating the tablet space. According to a new study by Gartner, 'the tablet growth in 2013 was fueled by the low-end smaller screen tablet market, and first time buyers; this led Android to become the No. 1 tablet operating system (OS), with 62 percent of the market.'" Also, everyone is buying tablets.(~200 million sold in 2013 vs ~115 million in 2012). Microsoft still only has 2% of the tablet market.
Debian

Experimental Port of Debian To OpenRISC 56

Posted by Unknown Lamer
from the building-rms-a-new-laptop dept.
Via Phoronix comes news that Debian has been ported to the OpenRISC architecture by Christian Svensson. Quoting his mailing list post: "Some people know that I've been working on porting Glibc and doing some toolchain work. My evil master plan was to make a Debian port, and today I'm a happy hacker indeed! ... If anyone want to try this on real hardware (would be very cool to see how this runs IRL), ping me on IRC [#openrisc on freenode] and I'll set you up with instructions how to use debootstrap - just point to a repo with the debs and you're all set, the wonders of binary distributions." For those who don't know, OpenRISC is the completely open source RISC processor intended as the crown jewel of the Opencores project. A working port of glibc and a GNU/Linux distribution is a huge step toward making use of OpenRISC practical. There's a screencast of the system in action, and source on Github (at posting time, it was a month out of date from the looks of it). Christian Svensson's Github account also has repos for the rest of the toolchain.
Games

Portal 2 Beta Released For Linux 99

Posted by Soulskill
from the now-you're-thinking-with-betaportals dept.
jones_supa writes "Yesterday Portal 2, a Source-based game that has been missing a Linux version, got a public beta release. The Steam game product page doesn't yet say the game supports Linux. To access the beta for Linux, right-click the game in Steam, select Properties and go to the Betas tab. Valve hasn't published the Linux system requirements for Portal 2 yet, but WebUpd8 tested it using Intel HD 3000 graphics under Ubuntu and it worked pretty well."
Software

Open Source Video Editor Pitivi Seeks Crowdfunding to Reach 1.0 79

Posted by timothy
from the tantalizingly-close dept.
Eloquence writes "Pitivi is perhaps the most mature, stable and actually usable open source video editor out there. They're now looking to raise funds to support the project's ongoing development. The lack of decent open source video editors has been one of the things keeping people locked into proprietary platforms, and video editing has been identified as a high priority project by the Free Software Foundation. 2014 may still not be the fabled year of the Linux desktop, but here's hoping it'll be the year of open source video editing." Work continues as well on the crowdfunded transition to cross-platform, open-source video editing with OpenShot, and developer Jonathan Thomas is presenting the work done so far at SCALE this weekend.
Operating Systems

Jolla Announces Sailfish OS 1.0 75

Posted by Soulskill
from the competition-is-a-good-thing dept.
An anonymous reader writes "Sailfish, the Linux-based mobile operating system developed by Finnish devicemaker Jolla, has reached version 1.0. Sailfish arose from the ashes of several failed and interrupted projects to bring a new, major Linux-based platform to mobile devices. It's already running on phones sold in India and Russia, but more importantly, Sailfish was designed to be easily ported to existing Android devices. It's also built to support many Android apps. Jolla will begin providing complete firmware downloads during the first half of the year."
Linux Business

Ask The Linux Foundation's Executive Director Jim Zemlin What You Will 58

Posted by samzenpus
from the go-ahead-and-ask dept.
In addition to sponsoring the work of Linus Torvalds, The Linux Foundation supports and promotes a wide variety of resources and services for Linux. Their recently released 2014 Linux Jobs Report surveyed more than 1,000 managers and corporations, finding in part, that the demand for "Linux Professionals" was up 70% from last year. Jim Zemlin is the Executive Director of the Linux Foundation and he has agreed to answer any questions that you have about the report and the state of Linux in general. As usual, ask as many as you'd like, but please, one question per post.
Businesses

Former Second Largest Linux Distributor Red Flag Software Has Shut Down 92

Posted by Unknown Lamer
from the linux-defeats-linux dept.
cold fjord writes with news that Red Flag Software, makers of China's Red Hat derivative Red Flag Linux, has halted operations. From the article: "Once the world's second-largest Linux distributor, Red Flag Software has shuttered reportedly due to mismanagement and after owing employees months in unpaid wages. China's state-funded answer to global software giants like Microsoft ... filed for liquidation over the weekend and terminated all employee contracts. Set up in late-1999 amid the dot-com boom, Red Flag was touted as an alternative to Windows ... It thrived in the early days, inking deals with partners such as Oracle and Dell which products were certified to support and shipped with Red Flag Software. The Beijing-based vendor was primarily funded by the Chinese Academy of Sciences' Institute of Software Research, and later received additional funding from state-owned Shanghai NewMargin Venture Capital and the Ministry of Information Industry's VC arm ... 'A lack of brand awareness and sustained investments, coupled with the rise of rivals including Red Hat Enterprise Linux and SuSE Linux Enterprise, led to its downfall,' Eric Peng, Beijing-based research manager with IDC, said ... Peng noted that, during its hey days, Red Flag had enjoyed high adoption among government agencies, state-owned organizations, and schools.""
Ubuntu

Why Do You Need License From Canonical To Create Derivatives? 118

Posted by Soulskill
from the because-they-said-so dept.
sfcrazy writes "Canonical's requirement of a license for those creating Ubuntu derivatives is back in the news. Yesterday the Community Council published a statement about Canonical's licensing policies, but it's vague and it provides no resolution to the issue. It tells creators of derivative distros to avoid the press and instead talk to the Community Council (when they're not quick about responding). Now Jonathan Riddell of Kubuntu has come forth to say no one needs any license to create any derivative distro. So, the question remains: If Red Hat doesn't force a license on Oracle or CentOS, why does Canonical insist upon one?"
Ubuntu

Ubuntu To Switch To systemd 279

Posted by Soulskill
from the follow-the-leader dept.
GuerillaRadio writes "Following the decision for Debian to switch to the systemd init system, Ubuntu founder and SABDFL Mark Shuttleworth has posted a blog entry indicating that Ubuntu will now follow in this decision. 'Nevertheless, the decision is for systemd, and given that Ubuntu is quite centrally a member of the Debian family, that's a decision we support. I will ask members of the Ubuntu community to help to implement this decision efficiently, bringing systemd into both Debian and Ubuntu safely and expeditiously.'"
Linux

What Are the Weirdest Places You've Spotted Linux? 322

Posted by timothy
from the upside-down-mig-while-communicating dept.
colinneagle writes "Bryan Lunduke recently pulled together a collection of the weirdest places he's found Linux, from installations in North Korea and the International Space Station to a super-computer made out of Legos and computer engineer Barbie. Seen any weird places for Linux not mentioned in this list?"
Red Hat Software

Red Hat Hires CentOS Developers 91

Posted by timothy
from the first-national-brain-trust-of-raleigh dept.
rjmarvin writes "Karanbir Singh and a handful of other CentOS developers are now full-time Red Hat employees, working in-house on the CentOS distribution with more transparent processes and methods. None of the CentOS developers will be working on Red Hat Enterprise Linux. The CentOS project would become another distribution and community cared for by Red Hat, like Fedora, and Red Hat CTO Brian Stevens says the company is planning its future around OpenStack, not just Linux."
Open Source

Godot Game Engine Released Under MIT License 73

Posted by Unknown Lamer
from the shiny-new-toys dept.
goruka writes with news that a new game engine has been made available to Free Software developers under the permissive MIT license "Godot is a fully featured, open source, MIT licensed, game engine. It focuses on having great tools, and a visual oriented workflow that can deploy to PC, Mobile and Web platforms with no hassle. The editor, language and APIs are feature rich, yet simple to learn. Godot was born as an in-house engine, and was used to publish several work-for-hire commercial titles. With more than half a million lines of code, Godot is one of the most complex Open Source game engines at the moment, and one of the largest commitments to open source software in recent years. It allows developers to make games under Linux (and other unix variants), Windows and OSX." The source is available via Github, and, according to Phoronix, it's about as featureful as the Unity engine.
GNU is Not Unix

GNU Hurd Gets Improvements: User-Space Driver Support and More 163

Posted by samzenpus
from the now-even-better dept.
jones_supa writes "At FOSDEM 2014 some recent developments of GNU Hurd were discussed (PDF slides). In the name of freedom, GNU Hurd has now the ability to run device drivers from user-space via the project's DDE layer. Among the mentioned use-cases for the GNU Hurd DDE are allowing VPN traffic to just one application, mounting one's own files, redirecting a user's audio, and more flexible hardware support. You can also run Linux kernel drivers in Hurd's user-space. Hurd developers also have working IDE support, X.Org / graphics support, an AHCI driver for Serial ATA, and a Xen PV DomU. Besides the 64-bit support not being in a usable state, USB and sound support is still missing. As some other good news for GNU Hurd, around 79% of the Debian archive is now building for GNU Hurd, including the Xfce desktop (GNOME and KDE soon) and Firefox web browser."
Businesses

Who's Writing Linux These Days? 63

Posted by timothy
from the thought-we-were-an-autonomous-collective dept.
cold fjord writes "IEEE Spectrum reports, "About once a year, the Linux Foundation analyzes the online repository that holds the source code of the kernel, or core, of the Linux operating system. As well as tracking the increasing complexity of the ever-evolving kernel over a series of releases from versions 3.0 to 3.10, the report also reveals who is contributing code, and the dominant role corporations now play in what began as an all-volunteer project in 1991. While volunteer contributors still represent a plurality among developers, over 80 percent of code is contributed by people who are paid for their work. ""
Graphics

Linus Torvalds Gives 'Thumbs Up' To Nvidia For Nouveau Contributions 169

Posted by Unknown Lamer
from the romulans-approaching-the-neutral-zone dept.
sfcrazy writes "Linus Torvalds has had some harsh words for Nvidia in the past. Their failure to work constructively with the Linux community is especially disappointing in light of the company's large presence in the Android market. That said, where there is life, there is change, and that is just what happened yesterday. Torvalds publicly gave a thumbs-up to Nvidia for contributing basic support for the recently released Nvidia K1 processor to Nouveau; something that was totally unexpected but received with open arms. 'Hey, this time I'm raising a thumb for nvidia. Good times,' said Linus."
GUI

Ask Slashdot: Are Linux Desktop Users More Pragmatic Now Or Is It Inertia? 503

Posted by Soulskill
from the beards-give-a-+50%-modifier-to-inertia dept.
David W. White writes "Years ago ago those of us who used any *nix desktop ('every morning when you wake up, the house is a little different') were seen as willing to embrace change and spend hours tinkering and configuring until we got new desktop versions to work the way we wanted, while there was an opposite perception of desktop users over in the Mac world ('it just works') and the Windows world ('it's a familiar interface'). However, a recent article in Datamation concludes that 'for better or worse, [Linux desktop users] know what they want — a classic desktop — and the figures consistently show that is what they are choosing in far greater numbers than GNOME, KDE, or any other single graphical interface.' Has the profile of the Linux desktop user changed to a more pragmatic one? Or is it just the psychology of user inertia at work, when one considers the revolt against changes in the KDE, GNOME, UNITY and Windows 8 interfaces in recent times?"

Mathemeticians stand on each other's shoulders while computer scientists stand on each other's toes. -- Richard Hamming

Working...