Via Phoronix comes news that the new DRM driver for the Freedreno driver for Qualcomm Snapdragon Adreno graphics is gaining a few new features in Linux 3.13: "After a year of working on the 'Freedreno' Gallium3D user-space driver and getting that up to speed for Qualcomm Adreno/Snapdragon support, for the past few months he's been working on a complementary kernel driver rather than relying upon Qualcomm's Android-focused kernel layer. ... The work that Rob has ready for Linux 3.13 with this Qualcomm DRM graphics driver is DRI PRIME support, support for render nodes, updated header files, plane support, and a couple of other changes."
jrepin writes "Everywhere you look, change is afoot in computer networking. As data centers grow in size and complexity, traditional tools are proving too slow or too cumbersome to handle that expansion. Dinesh Dutt is Chief Scientist at Cumulus Networks. Cumulus has been working to change the way we think about networks altogether by dispensing with the usual software/hardware lockstep, and instead using Linux as the operating system on network hardware. In this week's New Tech Forum, Dinesh details the reasons and the means by which we may see Linux take over yet another aspect of computing: the network itself."
An anonymous reader writes "NFTables is queued up for merging into the Linux 3.13 kernel. NFTables is a four-year-old project by the creators of Netfilter to write a new packet filtering / firewall engine for the Linux kernel to deprecate iptables (though it now offers an iptables compatibility layer too). NFTables promises to be more powerful, simpler, reduce code complication, improve error reporting, and provide more efficient handling of packet filter rules. The code was merged into net-next for the Linux 3.13 kernel. Iptables will still be present until NFTables is finished, but it is possible to try it out now. LWN also has a writeup on NFTables."
New submitter SanDogWeps writes "Sean Gallagher over at Ars Technica reports that when the U.S.S. Zumwalt (DDG 1000) puts to sea later this year, it will be different from any other ship in the Navy's fleet in many ways. The $3.5 billion ship is designed for stealth, survivability, and firepower, and it's packed with advanced technology. And at the heart of its operations is a virtual data center powered by off-the-shelf server hardware, various flavors of Linux, and over 6 million lines of software code. From the article: 'Called the Common Display System, or CDS (pronounced as "keds" by those who work with it), the three-screen workstations in the operations center are powered by a collection of quad-processor Intel motherboards in an armored case, which gives new meaning to the nautical phrase "toe buster." Even the commanding officer's and executive officer's chairs on the bridge have CDS workstations built-in. Each CDS system runs multiple LynxOS-based Linux virtual machines, which can run on various networks partitioned by security level and purpose. '"
llebeel writes "Canonical announced its free Ubuntu 13.10 Linux operating system (OS) release, on the same day as Microsoft's remedial Windows 8.1 service pack update. We speak to Canonical founder and Ubuntu creator Mark Shuttleworth who tells us what to expect." Adds reader jrepin: "Kubuntu Linux 13.10 has just been released and is available for download. It comes with KDE Software Compilation 4.11, a new application for discovering and installing software, a simpler way to manage your system users. and a new Network Manager applet gives a simpler UI for connecting to a range of network types. You can now setup Wifi networking from the installer making it easier to install updates and extra packages during the install." ZDNet has a fairly tepid review of the incremental rather than startling improvements of the new release, and notes "Ubuntu 14.04 LTS, due for release on 17 April next year, will now perhaps come as even more of a shock if its promised big changes are fully realised."
DeviceGuru writes "Suitable Technologies is offering $50 rentals of its Beam mobile telepresence robot, allowing 50 robotics enthusiasts to remotely attend the RoboBusiness conference in Santa Clara, Calif. on Oct. 23-25. The Ubuntu- and ROS-based Beam will be available to the first 50 applicants, letting them explore the show at up to 1.5 meters/sec and interact with others via video conferencing. The bots will be allowed everywhere on the show floor as well as in conference rooms, and the show will be open late to accommodate remote users from distant time zones. The Beam is a good choice for remotely exploring conferences, saving users the cost and time of traveling to an event, says Suitable Tech; for example, RoboBusiness registration costs $1,595, not including hotel and travel. A list of the conference's keynotes, which include one by Christ Urmson, director of Google's Self-Driving Cars project, is available here."
Okian Warrior writes "As a followup to Linus's opinion about people skeptical of the Linux random number generator, a new paper analyzes the robustness of /dev/urandom and /dev/random . From the paper: 'From a practical side, we also give a precise assessment of the security of the two Linux PRNGs, /dev/random and /dev/urandom. In particular, we show several attacks proving that these PRNGs are not robust according to our definition, and do not accumulate entropy properly. These attacks are due to the vulnerabilities of the entropy estimator and the internal mixing function of the Linux PRNGs. These attacks against the Linux PRNG show that it does not satisfy the "robustness" notion of security, but it remains unclear if these attacks lead to actual exploitable vulnerabilities in practice.'" Of course, you might not even be able to trust hardware RNGs. Rather than simply proving that the Linux PRNGs are not robust thanks to their run-time entropy estimator, the authors provide a new property for proving the robustness of the entropy accumulation stage of a PRNG, and offer an alternative PRNG model and proof that is both robust and more efficient than the current Linux PRNGs.
dryriver writes with an except from Polygon's interview with DICE creative directory Lars Gustavsson, who says it would only take one "killer" game for Linux to break into mainstream gaming (something some would argue it already has): "We strongly want to get into Linux for a reason," Gustavsson said. "It took Halo for the first Xbox to kick off and go crazy — usually, it takes one killer app or game and then people are more than willing [to adopt it] — it is not hard to get your hands on Linux, for example, it only takes one game that motivates you to go there." "I think, even then, customers are getting more and more convenient, so you really need to convince them how can they marry it into their daily lives and make an integral part of their lives," he explained, sharing that the studio has used Linux servers because it was a "superior operating system to do so." Valve's recently announced Steam OS and Steam Machines are healthy for the console market, Gustavsson said when asked for his opinion on Valve's recent announcements."
PengPod is running a crowdfunder to create a GNU Linux/Android tablet, the PengPod 1040. This is their second such product; the first was mentioned on Slashdot last year. PengPod has pledged to make all source and tools used to build the images available, so users can build their own OS top to bottom to guarantee that it's free of NSA tracking. The PengPod has previously found some success as a low-cost touch platform for industrial/commercial control systems and is partnered with ViewTouch, the original inventors of the graphical POS to offer PengPod1040s as restaurant register systems. The feature that the developers seem keenest to emphasize is that the PengPod is built to run conventional desktop Linux distros without special hacking required; Android is the default OS, but it's been tested with several others (including Ubuntu Touch) listed on their Indiegogo page.
jrepin writes "Google is offering rewards as high as $3,133.70 for software updates that improve the security of OpenSSL, OpenSSH, BIND, and several other open-source packages that are critical to the stability of the Internet. The program announced Wednesday expands on Google's current bug-bounty program, which pays from $500 to $3,133.70 to people who privately report bugs found in the company's software and Web properties." Google isn't the only company that sees the value in rewarding those who find security problems: Microsoft just paid British hacker James Forshaw $100,000 for finding a serious security flaw in Windows 8.1.
Lucas123 writes "There are efforts underway within the auto industry to create a standard, Linux-based platform for In-Vehicle Infotainment (IVI) systems so that cars will act more like smartphones instead of having only about 10% of that functionality today. For example, Tesla's Model S IVI system, which is based on Linux, is designed to allow drivers to navigate using Google Maps with live traffic information, listen to streaming music from any online radio station and have access to an Internet browser for news or restaurant reviews. Having an industry-wide open-source IVI operating system would create a reusable platform consisting of core services, middleware and open application layer interfaces that eliminate the redundant efforts to create separate proprietary systems by automakers and their tier 1 suppliers like Microsoft. By developing an open-source platform, carmakers can share upgrades as they arrive."
Hugh Pickens DOT Com writes "Ed Felton writes about an incident, in 2003, in which someone tried to backdoor the Linux kernel. Back in 2003 Linux used BitKeeper to store the master copy of the Linux source code. If a developer wanted to propose a modification to the Linux code, they would submit their proposed change, and it would go through an organized approval process to decide whether the change would be accepted into the master code. But some people didn't like BitKeeper, so a second copy of the source code was kept in CVS. On November 5, 2003, Larry McAvoy noticed that there was a code change in the CVS copy that did not have a pointer to a record of approval. Investigation showed that the change had never been approved and, stranger yet, that this change did not appear in the primary BitKeeper repository at all. Further investigation determined that someone had apparently broken in electronically to the CVS server and inserted a small change to wait4: 'if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) ...' A casual reading makes it look like innocuous error-checking code, but a careful reader would notice that, near the end of the first line, it said '= 0' rather than '== 0' so the effect of this code is to give root privileges to any piece of software that called wait4 in a particular way that is supposed to be invalid. In other words it's a classic backdoor. We don't know who it was that made the attempt—and we probably never will. But the attempt didn't work, because the Linux team was careful enough to notice that that this code was in the CVS repository without having gone through the normal approval process. 'Could this have been an NSA attack? Maybe. But there were many others who had the skill and motivation to carry out this attack,' writes Felton. 'Unless somebody confesses, or a smoking-gun document turns up, we'll never know.'"
An anonymous reader writes "NVIDIA was caught removing features from their Linux driver and days later Linux developers have caught and confirmed AMD imposing artificial limitations on their graphics cards in the DVI-to-HDMI adapters that their driver will support. Over years AMD has quietly been adding an extra EEPROM chip to their DVI-to-HDMI adapters that are bundled with Radeon HD graphics cards. Only when these identified adapters are detected via checks in their Windows and Linux Catalyst driver is HDMI audio enabled. If using a third-party DVI-to-HDMI adapter, HDMI audio support is disabled by the Catalyst driver. Open-source Linux developers have found this to be a self-imposed limitation and that the open-source AMD Linux driver will work fine with any DVI-to-HDMI adapter."
badger.foo writes "Against ridiculous odds and even after gaining some media focus, the botnet dubbed The Hail Mary Cloud apparently succeeded in staying under the radar and kept compromising Linux machines for several years. This article sums up the known facts about the botnet and suggests some practical measures to keep your servers safe."
RemyBR writes "Softpedia points to a Nvidia Developer Zone forum post revealing that the company has removed a specific Linux feature as of the v310 drivers due to the Windows platform. A BaseMosaic user on Ubuntu 12.04 noticed a change in the number of displays that can be used simultaneously after upgrading from the v295 drivers to v310. Another user, apparently working for Nvidia, gave a very troubling answer: 'For feature parity between Windows and Linux we set BaseMosaic to 3 screens.'"