Hugh Pickens DOT Com writes "Ed Felton writes about an incident, in 2003, in which someone tried to backdoor the Linux kernel. Back in 2003 Linux used BitKeeper to store the master copy of the Linux source code. If a developer wanted to propose a modification to the Linux code, they would submit their proposed change, and it would go through an organized approval process to decide whether the change would be accepted into the master code. But some people didn't like BitKeeper, so a second copy of the source code was kept in CVS. On November 5, 2003, Larry McAvoy noticed that there was a code change in the CVS copy that did not have a pointer to a record of approval. Investigation showed that the change had never been approved and, stranger yet, that this change did not appear in the primary BitKeeper repository at all. Further investigation determined that someone had apparently broken in electronically to the CVS server and inserted a small change to wait4: 'if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) ...' A casual reading makes it look like innocuous error-checking code, but a careful reader would notice that, near the end of the first line, it said '= 0' rather than '== 0' so the effect of this code is to give root privileges to any piece of software that called wait4 in a particular way that is supposed to be invalid. In other words it's a classic backdoor. We don't know who it was that made the attempt—and we probably never will. But the attempt didn't work, because the Linux team was careful enough to notice that that this code was in the CVS repository without having gone through the normal approval process. 'Could this have been an NSA attack? Maybe. But there were many others who had the skill and motivation to carry out this attack,' writes Felton. 'Unless somebody confesses, or a smoking-gun document turns up, we'll never know.'"
Slashdot is powered by your submissions, so send in your scoop
An anonymous reader writes "NVIDIA was caught removing features from their Linux driver and days later Linux developers have caught and confirmed AMD imposing artificial limitations on their graphics cards in the DVI-to-HDMI adapters that their driver will support. Over years AMD has quietly been adding an extra EEPROM chip to their DVI-to-HDMI adapters that are bundled with Radeon HD graphics cards. Only when these identified adapters are detected via checks in their Windows and Linux Catalyst driver is HDMI audio enabled. If using a third-party DVI-to-HDMI adapter, HDMI audio support is disabled by the Catalyst driver. Open-source Linux developers have found this to be a self-imposed limitation and that the open-source AMD Linux driver will work fine with any DVI-to-HDMI adapter."
badger.foo writes "Against ridiculous odds and even after gaining some media focus, the botnet dubbed The Hail Mary Cloud apparently succeeded in staying under the radar and kept compromising Linux machines for several years. This article sums up the known facts about the botnet and suggests some practical measures to keep your servers safe."
RemyBR writes "Softpedia points to a Nvidia Developer Zone forum post revealing that the company has removed a specific Linux feature as of the v310 drivers due to the Windows platform. A BaseMosaic user on Ubuntu 12.04 noticed a change in the number of displays that can be used simultaneously after upgrading from the v295 drivers to v310. Another user, apparently working for Nvidia, gave a very troubling answer: 'For feature parity between Windows and Linux we set BaseMosaic to 3 screens.'"
DeviceGuru writes "At the Maker Faire Rome this week, Arduino announced a next-generation Arduino single board computer featuring a dual-processor architecture, and able to run a 'full Linux OS', in contrast to the lightweight OpenWRT Linux variant (Linino) buried inside the Yun's Atheros WiFi module. The Arduino TRE features a 1GHz 32-bit TI Sitara AM335x ARM Cortex-A8 SoC for running Linux software, plus an 8-bit Atmel ATmega MCU for AVR-compatible control of expansion modules (aka shields). The TRE's Sitara subsystem includes HDMI video, 100Mbps Ethernet, and 5 USB 2.0 ports, and is claimed to provide up to 100X the performance the Arduino Leonardo and Uno boards. Interestingly, the TRE's development reportedly benefited from close collaboration between Arduino and the BeagleBoard.org foundation."
An anonymous reader writes "Valve has revealed their first Steam Machines prototype details. The first 300 Steam Machine prototypes to ship will use various high-end Intel CPUs and NVIDIA GPUs while running their custom SteamOS Linux distribution. The Intel Haswell CPU + NVIDIA GPU combination should work well on Linux with the binary drivers. Using a range of CPUs/GPUs in the prototypes will allow them to better gauge the performance and effectiveness. Valve also said they will be releasing the CAD design files to their custom living room console enclosure for those who'd like to reproduce them." Valve is careful to point out that these specs aren't intended as a standard: "[T]o be clear, this design is not meant to serve the needs of all of the tens of millions of Steam users. It may, however, be the kind of machine that a significant percentage of Steam users would actually want to purchase — those who want plenty of performance in a high-end living room package. Many others would opt for machines that have been more carefully designed to cost less, or to be tiny, or super quiet, and there will be Steam Machines that fit those descriptions."
angry tapir writes "arkOS is a Linux distribution that runs on the Raspberry Pi. It's an initiative of the CitizenWeb Project, which promotes decentralization and democratization of the Internet. arkOS is aiming to aid this effort by making it super-simple for people to host their own email, blogs, storage and other services from their own home, instead of relying on cloud services run by third parties. about the project."
jones_supa writes "France's National Gendarmerie — the national law enforcement agency — is now running 37,000 desktop PCs with a custom distribution of Linux, and by summer of 2014, the agency plans to switch over all 72,000 of its desktop machines. The agency claims that the TCO of open source software is about 40 percent less than proprietary software from Microsoft, referring to their article published by EU's Interoperability Solutions for Public Administrations. Initially Gendarmerie has moved to Windows versions of cross-platform OSS applications such as OpenOffice, Firefox, and Thunderbird. Now they are completing the process by changing the OS. This is one of the largest known government deployments of Linux on the desktop."
First time accepted submitter slack_justyb writes "Matthew Garrett, former employee of Red Hat, comments on the current state of XMir and Canonical's recent decision to not ship XMir as the default display server in Ubuntu 13.10. Noting the current issues outstanding in XMir, the features yet to be implemented, the security loopholes, and Intel's recent rejection to support Mir in general. All of this leading Garrett to the conclusion that 'It's clear that XMir has turned into a larger project than Canonical had originally anticipated, but that's hardly surprising.'"
jones_supa writes "Things are starting to look even better for the status of open specifications for AMD Radeon HD hardware. AMD's Alex Deucher announced via his personal blog that programming guides and register specifications on the 3D engines for the Evergreen, Northern Islands, Southern Islands, and Sea Islands GPUs are now in the NDA-free public domain. These parts represent the 3D engines on the Radeon HD 5000 through Radeon HD 8000 series graphics processors."
kthreadd writes "Version 3.10 of the GNOME software collection has been released. New in this release is improved support for Wayland, the upcoming X replacement. The system status menus have been consolidated into one single menu. Many of the applications in GNOME now features header bars instead of title bars, which merges the titlebar and toolbar into a single element and allows applications to offer more dynamic user interfaces. GNOME now also includes an application for searching, browsing and installing applications called Software. Several other new applications have also been added to GNOME including Music, Photos, Notes and Maps."
jammag writes "'When the history of free software is written, I am increasingly convinced that this last year will be noted as the start of the decline of Ubuntu,' opines Linux pundit Bruce Byfield. After great initial success, Ubuntu and Canonical began to isolate themselves from the mainstream of the free software community. Canonical, he says, has tried to control the open source community, and the company has floundered in many of its initiatives. Really, the mighty Ubuntu, in decline?"
sl4shd0rk writes "Nvidia, perhaps inspired by the infamous Torvalds Salute, has decided to do something about its crummy image with Open Source developers. The company has begun to release public documentation on certain aspects of its GPUs. Reactions from developers have been mixed; much of what's already been released wasn't a big mystery, but Nvidia says more is coming and they will also provide guidance in needed areas as well. Linus said, 'I'm cautiously optimistic that this is a real shift in how Nvidia perceives Linux. The actual docs released so far are fairly limited, and in themselves they wouldn't be a big thing, but if Nvidia really does follow up and start opening up more, that would certainly be great. They've already been much better in the ARM SoC space than they were on the more traditional GPU side, and I really hope that some day I can just apologize for ever giving them the finger.'"
An anonymous reader writes "Select to copy and middle-click to paste. That's very convenient usability feature associated with UNIX graphical environments. But it is confusing for new users, so the ability to middle-click paste was briefly removed from GNOME 3.10. It was restored few days later, but with clear message: middle-click paste will be permanently removed from next GNOME version." I hope that "we'll defer this change until the next cycle" also means that it's getting re-thought, rather than just delayed.
darthcamaro writes "It was ten years ago this past Sunday September 22nd, that the Red Hat sponsored Fedora project was born. The first Fedora release didn't come until six weeks later in November of 2003. Over the last 10 years the project has transformed itself from being entirely controlled by Red Hat to being a true community effort. In a video interview, the current Fedora Project Leader, Robyn Bergeron talks about the past and the future of Fedora. 'We need to think about how we're actually making the sausage,' Bergeron said. 'I think we can try and abstract and automate the things we have to do a lot, so our really awesome people's brains can be applied to solving problems that aren't yet automate-able.'"
Today Valve Software announced SteamOS, a Linux-based gaming operating system designed for, as Valve puts it, "living room machines." They say, "In SteamOS, we have achieved significant performance increases in graphics processing, and we're now targeting audio performance and reductions in input latency at the operating system level. Game developers are already taking advantage of these gains as they target SteamOS for their new releases." One major feature they're touting is the ability to use the SteamOS machine to stream video games from other Windows and Mac computers in the house to your TV. They mention media streaming as well, but without much detail. "With SteamOS, 'openness' means that the hardware industry can iterate in the living room at a much faster pace than they've been able to. Content creators can connect directly to their customers. Users can alter or replace any part of the software or hardware they want. Gamers are empowered to join in the creation of the games they love. SteamOS will continue to evolve, but will remain an environment designed to foster these kinds of innovation."
Twelve years ago, Slashdot interviewed Brad Kuhn in his then-role as VP of the Free Software Foundation. Kuhn is still involved with the FSF, but has gone on, after a stint as CTO for the Software Freedom Law Center, to concentrate his efforts as President, Executive Director of the Software Freedom Conservancy. The Conservancy offers organization and support to copylefted and permissively licensed software, and Brad explains in the video below what that entails, as well as where the Conservancy fits in the expanding landscape of organizations that help protect the rights of software developers. Brad makes no bones about wishing for a world where all software is Free software, but that's a big-picture goal. In the meantime, there's a lot of work to go around, just making sure that developers' chosen licenses are intelligently selected, and properly respected.
An anonymous reader writes "The openSUSE Linux distribution looks like it may be the first major Linux distribution to ship the Btrfs file-system by default. The openSUSE 13.1 release is due out in November and is still using EXT4 by default, but after that the developers are looking at having openSUSE using Btrfs by default on new installations. The Btrfs features to be enabled would be the ones the developers feel are data-safe."
darthcamaro writes "At the Linuxcon conference in New Orleans today, Linus Torvalds joined fellow kernel developers in answering a barrage of questions about Linux development. One question he was asked was whether a government agency had ever asked about inserting a back-door into Linux. Torvalds responded 'no' while shaking his head 'yes,' as the audience broke into spontaneous laughter. Torvalds also admitted that while he as a full life outside of Linux he couldn't imagine his life without it. 'I don't see any project coming along being more interesting to me than Linux,' Torvalds said. 'I couldn't imagine filling the void in my life if I didn't have Linux.'"