Ubuntu

Submission + - Canonical designer demos Ubuntu context-aware UI (thinq.co.uk) 1

Submitted by Blacklaw
Blacklaw writes: Canonical's Christian Giordano has posted details of what he believes could be the future of user interface design in Ubuntu — a system that detects physical context.
Designed to be paired with a webcam or other sensor system, the concept is that the computer is able to detect where a user is in proximity to the display along with an idea of roughly what he or she might be doing. Using this information, the operating system — in this case, Ubuntu Linux — can automatically make changes to the screen layout. For example, when the system detects that the user has leaned back in his or her chair, the system automatically makes the currently playing video full-screen. Lean forward again, and the video returns to its previous windowed mode.
Security

Linux Kernel Exploit Busily Rooting 64-Bit Machines 488

Posted by timothy from the get-your-patch-on dept.
An anonymous reader writes "Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch."
Data Storage

Distinguishing Encrypted Data From Random Data? 467

Posted by timothy from the is-this-a-solved-problem? dept.
gust5av writes "I'm working on a little script to provide very simple and easy to use steganography. I'm using bash together with cryptsetup (without LUKS), and the plausible deniability lies in writing to different parts of a container file. On decryption you specify the offset of the hidden data. Together with a dynamically expanding filesystem, this makes it possible to have an arbitrary number of hidden volumes in a file. It is implausible to reveal the encrypted data without the password, but is it possible to prove there is encrypted data where you claim there's not? If I give someone one file containing random data and another containing data encrypted with AES, will he be able to tell which is which?"
Security

Hole In Linux Kernel Provides Root Rights 274

Posted by Soulskill from the everything-old-is-new-again dept.
oztiks writes with this excerpt from The H: "A vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. For instance, attackers can break into a system and exploit a hole in the web server to get complete root (also known as superuser) rights or permissions for a victim's system. According to a report, the problem occurs because the 32-bit call emulation layer does not check whether the call is truly in the Syscall table. Ben Hawkes, who discovered the problem, says the vulnerability can be exploited to execute arbitrary code with kernel rights. ... Hawkes says the vulnerability was discovered and remedied back in 2007, but at some point in 2008 kernel developers apparently removed the patch, reintroducing the vulnerability. The older exploit apparently only needed slight modifications to work with the new hole."
Mandriva

Developers Fork Mandriva Linux, Creating Mageia 206

Posted by Soulskill from the onward-and-upward dept.
Anssi55 writes "As most of the Mandriva employees working on the Linux distribution were laid off due to the liquidation of Edge-IT (a subsidiary of Mandriva SA) and trust in the company has diminished, the development community (including the core developers) has decided to fork the project. The new Linux distribution, named Mageia, will be managed by a not-for-profit organization that will be set up in the coming days. There are already many people that have decided to follow the fork, but the people behind it are still welcoming any help offered in the various tasks related to establishing the new distribution."
Mandriva

Submission + - Developers fork Mandriva Linux, creating Mageia (mageia.org) 1

Submitted by Anssi55
Anssi55 writes: As most of the Mandriva employees working on the Linux distribution were laid off due to the liquidation of Edge-IT (a subsidiary of Mandriva SA) and the trust in the company has diminished, the development community (including the core developers) has decided to fork the project. The new Linux distribution, named Mageia, will be managed by a not-for-profit organization that will be set up in the coming days. There are already many people that have decided to follow the fork, but the people behind it are still welcoming any help offered in the various tasks related to establishing the new distribution.
Security

Submission + - Hole in Linux kernel provides root rights (h-online.com)

Submitted by oztiks
oztiks writes: A vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. For instance, attackers can break into a system and exploit a hole in the web server to get complete root (also known as superuser) rights or permissions for a victim's system.

According to a report, the problem occurs because the 32-bit call emulation layer does not check whether the call is truly in the Syscall table. Ben Hawkes, who discovered the problem, says the vulnerability can be exploited to execute arbitrary code with kernel rights. An exploit (direct download of source code) is already in circulation; in a test conducted by The H's associates at heise Security on 64-bit Ubuntu 10.04, it opened a shell with root rights.

The kernel developers have remedied the flaw in the repository, and Linux distributors will probably soon publish new kernels to close the hole. Until then, switching off 32-bit ELF support solves the problem if you can do without this function. For instructions, see: "Workaround for Ac1db1tch3z exploit".

Hawkes says the vulnerability was discovered and remedied back in 2007, but at some point in 2008 kernel developers apparently removed the patch, reintroducing the vulnerability. The older exploit apparently only needed slight modifications to work with the new hole.

 
Businesses

VMware Looks To Acquire Novell's SUSE Unit 161

Posted by Soulskill from the talking-turkey dept.
minutetraders writes "According to the Wall Street Journal, VMware is attempting to acquire Novell's SUSE Linux operating system business. This move would give VMware a full stack of enterprise software and allow it to establish itself as a full-blown infrastructure and software vendor in direct competition with Red Hat." The WSJ report is behind a paywall, but it's accessible in full through a Google search.
Linux

Submission + - Swiss Region Solothurn stops Migration to Linux

Submitted by Anonymous Coward
An anonymous reader writes: The swiss canton Solothurn has put a stop to their ongoing migration to Linux. The project started in 2001, and has been under harsh public criticism evver since. The responsible CIO resigned this summer. Solothurn plans to convert all desktop Computers to Windows 7 in 2011. http://www.heise.de/open/artikel/Die-Woche-Bruchlandung-fuer-den-Pinguin-1080686.html (Artikel in German).
Microsoft

Microsoft's Chief Exec For Latin America Says 'Open' Means 'Incompetent' 340

Posted by timothy from the deseo-suscribirme-a-su-boletan-de-noticias dept.
An anonymous reader writes "The President of Microsoft Latin America, in criticizing the Brazilian government for its support of open source software, claimed that declaring something open is how you 'mask incompetence.' That seems especially funny coming from Microsoft, who has used 'closed' to mask incompetence for years. I thought 'open' meant that people could find and fix (or ignore) incompetence, whereas closed meant you were stuck with the incompetence."
Graphics

Adobe Releases New 64-Bit Flash Plugin For Linux 240

Posted by samzenpus from the flash-in-the-pan dept.
TheDarkener writes "Adobe seems to have made an about face regarding their support for native 64-bit Linux support for Flash today, and released a new preview Flash plugin named 'Square.' This includes a native 64-bit version for Linux, which I have verified works on my Debian Lenny LTSP server by simply copying libflashplayer.so to /usr/lib/iceweasel/plugins — with sound (which I was never able to figure out with running the 32-bit version with nspluginwrapper and pulseaudio)."
Linux

Submission + - Adobe releases new 64-bit Flash plugin for Linux (adobe.com) 1

Submitted by TheDarkener
TheDarkener writes: Adobe seems to have made an about face regarding their support for native 64-bit Linux support for Flash today, and released a new preview Flash plugin named "Square". This includes a native 64-bit version for Linux, which I have verified works on my Debian Lenny LTSP server by simply copying libflashplayer.so to /usr/lib/iceweasel/plugins — with sound (which I was never able to figure out with running the 32-bit version with nspluginwrapper and pulseaudio).
Microsoft

Windows 7 vs. Ubuntu 10.04 702

Posted by CmdrTaco from the race-is-on dept.
Barence writes "PC Pro has performed a comprehensive test of Windows 7 vs Ubuntu 10.04. They've tested and scored the two operating systems on a number of criteria, including usability, bundled apps, performance, compatibility and business. The final result is much closer than you might expect. 'Ubuntu is clearly an operating system on the rise,' PC Pro concludes. 'If we repeat this feature in a year's time, will it have closed the gap? We wouldn't bet against it.'"
Ubuntu

Shuttleworth Answers Ubuntu Linux's Critics 382

Posted by CmdrTaco from the what's-in-a-name dept.
climenole writes "Technomancer wrote: 'Mark Shuttleworth, Ubuntu Linux's founder, maintains that he and Ubuntu are doing right by the Linux community and the even larger open-source community. In recent weeks, Ubuntu has been criticized for not giving Linux enough support. Specifically, the complains have been that Canonical, the company behind Ubuntu, doesn't do enough for producing Linux source code.'"

Slashdot Top Deals