Microsoft

Green Party Leaders Don't Want Windows In Munich (techrepublic.com) 139

Reader sqorbit writes: Munich spent a lot of time (9 years) and a lot of money in shifting some 15,000 staff to a Linux-based OS. The plan now is to move to Windows 10 by 2021. Munich's Green Party is citing the WannaCry virus as a valid reason not to switch to Windows. "As with many of the biggest attacks, the computers that were mainly hit were running the Windows operating system," the Green Party said in a statement.
Security

Linux Malware Infects Raspberry Pi Devices And Makes Them Mine Cryptocurrency (hothardware.com) 84

An anonymous reader quotes Hot Hardware: If you're a Raspberry Pi user who's never changed the default password of the "pi" user, then heed this warning: change it. A brand new piece of malware has hit the web, called "Linux.MulDrop.14", and it preys on those who haven't secured their devices properly... After scanning for RPis with an open (and default) SSH port, the "pi" user is logged into (if the password is left default), and the password is subsequently changed. After that, the malware installs ZMap and sshpass software, and then it configures itself. The ultimate goal of Linux.MulDrop.14 is to make digital money for someone else, namely the author of the malware, using your Raspberry Pi.
Encryption

Docker's LinuxKit Launches Kernel Security Efforts, Including Next-Generation VPN (eweek.com) 44

darthcamaro writes: Back in April, when Docker announced its LinuxKit effort, the primary focus appeared to just be [tools for] building a container-optimized Linux distribution. As it turns out, security is also a core focus -- with LinuxKit now incubating multiple efforts to help boost Linux kernel security. Among those efforts is the Wireguard next generation VPN that could one day replace IPsec. "Wireguard is a new VPN for Linux using the cryptography that is behind some of the really good secure messaging apps like Signal," said Nathan McCauley, Director of Security at Docker Inc.
According to the article, Docker also has several full-time employees looking at ways to reduce the risk of memory corruption in the kernel, and is also developing a new Linux Security Module with more flexible access control policies for processes.
Operating Systems

Ubuntu Works With GNOME To Improve HiDPI Support On Linux Desktop (omgubuntu.co.uk) 85

An anonymous reader shares an article: Canonical is playing host to a 'fractional scaling hackfest' in its Taipei offices this week. Both GNOME developers and Ubuntu developers are in attendance, ready to wrestle with the aim: improve GNOME HiDPI support. Ubuntu's Unity desktop (I'm told, anyhow) plays fairly nice with high DPI monitors because the shell supports fractional scaling (though most apps, I believe, do not). Furthermore, users can tweak some high DPI settings to better suit their display(s). GNOME Shell also supports HiDPI monitors, but has, until now, been a little less flexible about it. "Currently, we only allow to scale windows by integral factors (typically 2). This proves somewhat limiting as there are many systems that are just in between the dpi ranges that are good for scale factor 2, or unscaled," the hackfest page explains.
Chrome

Google Releases Chrome 59 (venturebeat.com) 72

An anonymous reader writes: Google has launched Chrome 59 for Windows, Mac, and Linux. Among the additions are native notifications on macOS, settings being revamped to follow Material Design, the Image Capture API, Headless Chrome, and more service worker improvements. You can update to the latest version now using the browser's built-in silent updater or download it directly from google.com/chrome.
Media

OpenELEC 8.0.4 Kodi-Focused Linux Distro Now Available (openelec.tv) 43

BrianFagioli writes: Unfortunately, Kodi is not its own operating system, meaning it has to be run on top of an OS. Sure, you could use Windows 10, but that is overkill if you only want to run Kodi. Instead, a lightweight Linux distribution that only serves to run the media center is preferable. One of the most popular such distros is OpenELEC. It can run on traditional PC hardware, but also Raspberry Pi, and, my favorite — WeTek boxes. Today, version 8.0.4 achieves stable release. It is a fairly ho-hum update, focusing mostly on fixes and stability.

The team shares the following changes in the release.

- fix crash in WeTek DVB driver on WeTek Play (1st gen).
- enable Kernel NEON mode for RPi2 builds.
- enable some more SOC sound drivers for RPi/RPi2 builds.
- enable Regulator support on all builds.
- enable Extcon support on all builds.
- fix loading for some I2C sound modules on RPI/RPi2 builds.
- fix loading splash screen on systems with Nvidia GPUs.
- fix speed problems on Nvidia ION systems.
- fix problems loading dvbhdhomerun addons.
- fix using user created sleep scripts.
- build PNG support with SSE support for x86_64 builds.
- update to linux-4.9.30, mesa-17.0.7, alsa-lib-1.1.4.1, alsa-utils-1.1.4, kodi-17,3, mariadb-10.1.23, samba-4.6.4.

Ubuntu

Ubuntu Touch Mobile OS Now Maintained By UBports (phoronix.com) 22

An anonymous reader quotes Phoronix: UBports continues to be the leading community project for trying to let Ubuntu Touch live on and evolve under their direction... Among their recent achievements were acquiring more sponsors, all devices that were sold with Ubuntu Touch can now run with UBports' builds, they are working on their own version of Mozilla's AGPS Location Service to replace Canonical's GPS system, the Halium OS platform continues evolving, the Dekko email client is back under development, installation improvements are being worked on, they are still striving for Wayland support, and more.
The UBports Patreon page has even raised enough to allow UBports founder Marius Gripsgard to work full-time on what they're calling "a beautiful, free and open-source mobile OS." Their recent community update announced that "we are seeing more activity on Ubuntu Touch than for a very long time, and that is really encouraging."
Books

Technology Is Making the World More Unequal; Only Technology Can Fix This (theguardian.com) 145

mspohr shares an excerpt from an article written by Cory Doctorow via The Guardian: The inequality of badly-run or corrupt states is boosted by the power of technology -- but it's also easier than ever to destabilize these states, thanks to technology. The question is: which future will prevail?" [The article discusses two sides to the issue:] Here's the bad news: technology -- specifically, surveillance technology -- makes it easier to police disaffected populations, and that gives badly run, corrupt states enough stability to get themselves into real trouble. Here's the good news: technology -- specifically, networked technology -- makes it easier for opposition movements to form and mobilize, even under conditions of surveillance, and to topple badly run, corrupt states. Long before the internet radically transformed the way we organize ourselves, theorists were predicting we'd use computers to achieve ambitious goals without traditional hierarchies -- but it was a rare pundit who predicted that the first really successful example of this would be an operating system (GNU/Linux), and then an encyclopedia (Wikipedia). [Cory also has a new novel, Walkaway , which explores these ideas further.] The future will see a monotonic increase in the ambitions that loose-knit groups can achieve. My new novel, Walkaway, tries to signpost a territory in our future in which the catastrophes of the super-rich are transformed into something like triumphs by bohemian, anti-authoritarian "walkaways" who build housing and space programs the way we make encyclopedias today: substituting (sometimes acrimonious) discussion and (sometimes vulnerable) networks for submission to the authority of the ruling elites.
Open Source

Alpine Linux 3.6.0 Released (alpinelinux.org) 59

An anonymous reader quotes DistroWatch: Natanael Copa has announced the release of Alpine Linux 3.6.0. Alpine Linux is an independent, minimal operating system that is well suited to running servers, routers and firewalls. Version 3.6.0 introduces support for 64-bit POWER machines, 64-bit IBM z Systems computers and features many up to date packages, including PHP 7.1, LLVM 4.0 and version 6.3 of the GNU Compiler.
"Noteworthy new packages" include Rust 1.17.0 and Cargo 0.18.0, as well as Julia 0.5.2, as we ll as "significant updates" like Go 1.8, Python 3.6, and Ruby 2.4. And in addition, "MD5 and SHA-1 hashes have been removed from APKBUILDs, being obsoleted by SHA-512."
Bug

Wormable Code-Execution Bug Lurked In Samba For 7 Years (arstechnica.com) 83

Long-time Slashdot reader williamyf was the first to share news of "a wormable bug [that] has remained undetected for seven years in Samba verions 3.5.0 onwards." Ars Technica reports: Researchers with security firm Rapid7...said they detected 110,000 devices exposed on the internet that appeared to run vulnerable versions of Samba. 92,500 of them appeared to run unsupported versions of Samba for which no patch was available... Those who are unable to patch immediately can work around the vulnerability by adding the line nt pipe support = no to their Samba configuration file and restart the network's SMB daemon. The change will prevent clients from fully accessing some network computers and may disable some expected functions for connected Windows machines.
The U.S. Department of Homeland Security's CERT group issued an anouncement urging sys-admins to update their systems, though SC Magazine cites a security researcher arguing this attack surface is much smaller than that of the Wannacry ransomware, partly because Samba is just "not as common as Windows architectures." But the original submission also points out that while the patch came in fast, "the 'Many eyes' took seven years to 'make the bug shallow'."
Debian

Devuan Jessie 1.0 Officially Released (softpedia.com) 237

prisoninmate quotes a report from Softpedia: Announced for the first time back in November 2014, Devuan is a Debian fork that doesn't use systemd as init system. It took more than two and a half years for it to reach 1.0 milestone, but the wait is now over and Devuan 1.0.0 stable release is here. Based on the packages and software repositories of the Debian GNU/Linux 8 "Jessie" operating system, Devuan 1.0.0 "Jessie" is now considered the first stable version of the GNU/Linux distribution, which stays true to its vision of developing a free Debian OS without systemd. This release is recommended for production use. As Devuan 1.0.0 doesn't ship with systemd, several adjustments needed to be made. For example, the distro uses a systemd-free version of the NetworkManager network connection manager and includes several extra libsystemd0-free packages in its repository.
Debian

Privacy-Focused Debian-Based Tails 3.0 Reaches RC Status (betanews.com) 32

BrianFagioli quotes BetaNews: Today, Tails achieves an important milestone. Version 3.0 reaches RC status -- meaning the first release candidate (RC1). In other words, it may soon be ready for a stable release -- if testing confirms as much. If you want to test it and provide feedback, you can download the ISO now. This is quite the significant upgrade, as the operating system is moving to a new base — Debian 9 "Stretch." The Debian kernel gets upgraded to 4.9.0-3, which is based on Linux kernel 4.9.25. As previously reported back in February, Tails 3.0 will drop 32-bit processor support too.

Using Tor is a huge part of the privacy aspect of Tails, and the tor web browser sees an update to 7.0a4. Tor itself is updated to 0.3.0.7-1. Less important is the move from Icedove to Thunderbird for email. This is really in name only, as Debian has begun using the "Thunderbird" branding again. From a feature perspective, it is inconsequential.

Open Source

Linux 4.10 Kernel Reaches End of Life (softpedia.com) 58

prisoninmate quotes Softpedia: As it's not an LTS (Long Term Support) branch, the Linux 4.10 kernel series was doomed to reach end of life sooner or later, and it happened this weekend with the release of the Linux kernel 4.10.17 patch, which is a major one changing a total of 103 files, with 981 insertions and 538 deletions. Therefore, users are now urged to move to the Linux 4.11 kernel series. If you're using a GNU/Linux distribution powered by a kernel from the Linux 4.10 series you need to update to version 4.10.17 as soon as it makes its way into the stable repositories. However, please inform your OS vendor that they need to upgrade the kernel packages to the Linux 4.11 series immediately.
Data Storage

Endless OS Now Ships With Steam And Slack FlatPak Applications (endlessos.com) 95

An anonymous reader writes: Steam and Slack are now both included as Flatpak applications on the Endless OS, a free Linux distribution built upon the decades of evolution of the Linux operating system and the contributions of thousands of volunteers on the GNOME project. The beauty of Flatpak is the ability to bridge app creators and Linux distributions using a universal framework, making it possible to bring this kind of software to operating systems that encourage open collaboration...

As an open-source deployment mechanism, Flatpak was developed by an independent cohort made up of volunteers and contributors from supporting organizations in the open-source community. Alexander Larsson, lead developer of Flatpak and principal engineer at Red Hat, provided comment saying, "We're particularly excited about the opportunity Endless affords to advance the benefits of open-source environments to entirely new audiences."

Microsoft

Linux Distros Won't Run On Microsoft's Education-Focused Windows 10 S OS (betanews.com) 115

Reader BrianFagioli writes: I was sort of hopeful for Windows 10 S when Microsoft made a shocking announcement at Build 2017 that it is bringing Linux distributions to the Windows Store. This gave the impression that students using the S variant of the OS would be able to tinker with Linux. Unfortunately, this is not the case as Microsoft will be blocking Linux on the new OS. In other words, not all apps in the store will be available for Windows 10 S. "Windows 10 S does not run command-line applications, nor the Windows Console, Cmd / PowerShell, or Linux/Bash/WSL instances since command-line apps run outside the safe environment that protects Windows 10 S from malicious / misbehaving software," says Rich Turner, Senior Product Manager, Microsoft. Tuner further explains, "Linux distro store packages are an exotic type of app package that are published to the Windows Store by known partners. Users find and install distros , safely, quickly, and reliably via the Windows Store app. Once installed, however, distros should be treated as command-line tools that run outside the UWP sandbox and secure runtime infrastructure. They run with the capabilities granted to the local user -- in the same way as Cmd and PowerShell do. This is why Linux distros don't run on Windows 10 S: Even though they're delivered via the Windows Store, and installed as standard UWP APPX's, they run as non-UWP command-line tools and this can access more of a system than a UWP can."
Businesses

'WannaCry Makes an Easy Case For Linux' (techrepublic.com) 411

An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.
Ubuntu

Ubuntu Arrives in the Windows Store, Suse and Fedora Are Coming To the Windows Subsystem For Linux (venturebeat.com) 212

At its Build developer conference today, Microsoft announced that Ubuntu has arrived in the Windows Store. From a report: The company also revealed that it is working with Fedora and Suse to bring their distributions to the Windows Subsystem for Linux (WSL) in Windows 10. At the conference last year, Microsoft announced plans to bring the Bash shell to Windows. The fruits of that labor was WSL, a compatibility layer for running Linux binary executables (in ELF format) natively on Windows, which arrived with the Windows 10 Anniversary Update released in August 2016. Microsoft also partnered with Canonical to allow Ubuntu tools and utilities to run natively on top of the WSL. By bringing Ubuntu to the Windows Store, the company is now making it even easier for developers to install the tools and run Windows and Linux apps side by side. Working with other Linux firms shows that Microsoft's deal with Canonical was not a one-time affair, but rather part of a long-term investment in the Linux world.
Businesses

Canonical Founder Says Recent Changes In Ubuntu Were Necessary To Prepare the Company For an IPO (zdnet.com) 128

An anonymous reader writes: Canonical was doing well with Ubuntu and cloud and container-related technologies, such as Juju, LXD, and Metal-as-a-Service (MaaS). In addition, its OpenStack and Kubernetes software stacks, according to Shuttleworth, are growing by leaps and bounds on both the public and private cloud. Canonical founder Mark Shuttleworth said "in the last year, Ubuntu cloud growth had been 70 percent on the private cloud and 90 percent on the public cloud." In particular, "Ubuntu has been gaining more customers on the big five public clouds." What hadn't succeeded was Canonical's attempt to make Unity the universal interface for desktops, tablets, and smartphones. Shuttleworth was personally invested in this project, but at day's end, it wasn't getting enough adoption to make it profitable. So, Shuttleworth said with regret, Unity had to be dropped. This move also means Canonical will devote more of its time to "putting the company on the path to a IPO. We must figure out what steps we need to take moving forward." That means focusing on Canonical's most profitable lines. Specifically, "Ubuntu will never die. Ubuntu is the default platform on cloud computing. Juju, MaaS, and OpenStack are nearly unstoppable. We need to work out more of our IoT path. At the same time, we had to cut out those parts that couldn't meet an investors' needs. The immediate work is get all parts of the company profitable."
Google

Google's Upcoming 'Fuchsia' Smartphone OS Dumps Linux, Has a Wild New UI (arstechnica.com) 219

More details have emerged about Fuchsia, the new mobile OS Google has been working on. ArsTechnica reports that Fuchsia is not based on Linux (unlike Android and Chrome OS). Instead, the OS uses a new, Google-developed microkernel called "Magenta." From the article: With Fuchsia, Google would not only be dumping the Linux kernel, but also the GPL: the OS is licensed under a mix of BSD 3 clause, MIT, and Apache 2.0. Dumping Linux might come as a bit of a shock, but the Android ecosystem seems to have no desire to keep up with upstream Linux releases. Even the Google Pixel is still stuck on Linux Kernel 3.18, which was first released at the end of 2014. [...] The interface and apps are written using Google's Flutter SDK, a project that actually produces cross-platform code that runs on Android and iOS. Flutter apps are written in Dart, Google's reboot of JavaScript which, on mobile, has a focus on high-performance, 120fps apps. It also has a Vulkan-based graphics renderer called "Escher" that lists "Volumetric soft shadows" as one of its features, which seems custom-built to run Google's shadow-heavy "Material Design" interface guidelines. The publication put the Flutter SDK to test on an Android device to get a sneak peek into the user interface of Fuchsia. "The home screen is a giant vertically scrolling list. In the center you'll see a (placeholder) profile picture, the date, a city name, and a battery icon," the author wrote. "Above the are 'Story' cards -- basically Recent Apps -- and below it is a scrolling list of suggestions, sort of like a Google Now placeholder. Leave the main screen and you'll see a Fuchsia 'home' button pop up on the bottom of the screen, which is just a single white circle."
GNU is Not Unix

How Psychology Today Sees Richard Stallman (psychologytoday.com) 247

After our article about Richard Stallman's new video interview, Slashdot reader silverjacket shared this recent profile from Psychology Today that describes Richard Stallman's quest "to save us from a web of spyware -- and from ourselves." By using proprietary software, Stallman believes, we are forfeiting control of our computers, and thus of our digital lives. In his denunciation of all nonfree software as inherently abusive and unethical, he has alienated many possible allies and followers. But he is not here to make friends. He is here to save us from a software industry he considers predatory in ways we've yet to recognize... for Stallman, moralism is the whole point. If you write or use free software only for practical reasons, you'll stop when it's inconvenient, and freedom will disappear.
Stallman collaborator Eben Moglen -- a law professor at Columbia, as well as the FSF's general counsel -- assesses Stallman's legacy by saying "the idea of copyleft and the proposition that social and political freedom can't happen in a society without technological freedom -- those are his long-term meanings. And humanity will be aware of those meanings for centuries, whatever it does about them." The article also includes quotes from Linus Torvalds and Eric S. Raymond -- along with some great artwork.

In addition to insisting the reporter refer to Linux as "GNU/Linux," Stallman also required that the article describe free software without using the term open source, a phrase he sees as "a way that people who disagree with me try to cause the ethical issues to be forgotten." And he ultimately got Psychology Today to tell its readers that "Nearly all the software on our phones and computers, as well as on other machines, is nonfree or 'proprietary' software and is riddled with spyware and back doors installed by Apple, Google, Microsoft, and the like."
Debian

Debian 8.8 Released (debian.org) 65

prisoninmate quotes Softpedia: The Debian Project announced today Debian GNU/Linux 8.8, the most advanced stable version of the Jessie series, which brings corrections for numerous packages and various security flaws discovered and patched since the release of the Debian GNU/Linux 8.7 maintenance update back in mid-January 2017... "This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available," reads today's announcement.

"Please note that this update does not constitute a new version of Debian 8 but only updates some of the packages included. There is no need to throw away old 'jessie' CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated."

Debian 8.8 contains more than 150 bug fixes and security updates.
Java

Red Hat And IBM Will Vote Against Java's Next Release (infoworld.com) 57

An anonymous reader quotes InfoWorld: The next edition of standard Java had been proceeding toward its planned July 27 release after earlier bumps in the road over modularity. But now Red Hat and IBM have opposed the module plan. "JDK 9 might be held up by this," Oracle's Georges Saab, vice president of development for the Java platform, said late Wednesday afternoon. "As is the case for all major Java SE releases, feedback from the Java Community Process may affect the timeline..."

Red Hat's Scott Stark, vice president of architecture for the company's JBoss group, expressed a number of concerns about how applications would work with the module system and its potential impact on the planned Java Enterprise Edition 9. Stark also said the module system, which is featured in Java Specification Request 376 and Project Jigsaw, could result in two worlds of Java: one for Jigsaw and one for everything else, including Java SE classloaders and OSGI. Stark's analysis received input from others in the Java community, including Sonatype.

"The result will be a weakened Java ecosystem at a time when rapid change is occurring in the server space with increasing use of languages like Go," Stark wrote, also predicting major challenges for applications dealing with services and reflection. His critique adds that "In some cases the implementation...contradicts years of modular application deployment best practices that are already commonly employed by the ecosystem as a whole." And he ultimately concludes that this effort to modularize Java has limitations which "almost certainly prevent the possibility of Java EE 9 from being based on Jigsaw, as to do so would require existing Java EE vendors to completely throw out compatibility, interoperability, and feature parity with past versions of the Java EE specification."
Music

Fedora Will Get Full Mp3 Support, As IIS Fraunhofer Terminates Mp3 Licensing Program (fedoramagazine.org) 133

An anonymous reader quotes Fedora Magazine: Both MP3 encoding and decoding will soon be officially supported in Fedora. Last November the patents covering MP3 decoding expired and Fedora Workstation enabled MP3 decoding via the mpg123 library and GStreamer... The MP3 codec and Open Source have had a troubled relationship over the past decade, especially within the United States. Historically, due to licensing issues Fedora has been unable to include MP3 decoding or encoding within the base distribution... A couple of weeks ago IIS Fraunhofer and Technicolor terminated their licensing program and just a few days ago Red Hat Legal provided the permission to ship MP3 encoding in Fedora.
Debian

Systemd-Free Devuan Linux Announces A Second Release Candidate (devuan.org) 122

An anonymous reader quotes The Register: Devuan Linux has released its second release candidate... A 1.0.0 release candidate emerged just under a fortnight ago and today the developers announced Devuan Jessie 1.0.0 RC2. New in this cut of the code is a systemd-free version of network-manager, new versions of reportbug, desktop-base and xfce4-panel. GNOME, KDE, and Cinnamon have been removed from tasksel, but can still be installed although they "are known to suffer from some glitches due to the lack of systemd."
The Devuan web site says this series of release candidates "marks an important milestone towards the sustainability and the continuation of Devuan as a universal base distribution." And their announcement describes Devuan as "the Debian that was and could have been. Our goal is to provide a viable and sustainable alternative...a new path, nurtured with your help and support."
Operating Systems

Linux Mint 18.2 Ubuntu-based OS is Named 'Sonya' (betanews.com) 34

Brian Fagioli, writing for BetaNews: The uncertainty about Ubuntu has not deterred the Linux Mint team, however, as they are moving ahead with plans for version 18.2. While details about the upcoming version of the operating system are scarce, we have learned two important details. First, the code name for the OS will be 'Sonya,' and second, the distro will use LightDM as default display manager.
Debian

UEFI Secure Boot Booted From Debian 9 'Stretch' (theregister.co.uk) 168

Debian's release team has decided to postpone its implementation of Secure Boot. From a report: In a release update from last week, release team member Jonathan Wiltshire wrote that "At a recent team meeting, we decided that support for Secure Boot in the forthcoming Debian 9 'stretch' would no longer be a blocker to release. The likely, although not certain outcome is that stretch will not have Secure Boot support." "We appreciate that this will be a disappointment to many users and developers," he continued, "However, we need to balance that with the limited time available for the volunteer teams working on this feature, and the risk of bugs being introduced through rushed development." The decision not to offer Secure Boot support at release leaves Debian behind Red Hat and Suse, making it the only one of Linux's three main branches not to support the heir-to-BIOS and the many security enhancements it offers.
Open Source

Linux Kernel 4.11 Officially Released (softpedia.com) 55

prisoninmate quotes Softpedia: Linux kernel 4.11 has been in development for the past two months, since very early March, when the first Release Candidate arrived for public testing. Eight RCs later, we're now able to download and compile the final release of Linux 4.11 on our favorite GNU/Linux distributions and enjoy its new features. Prominent ones include scalable swapping for SSDs, a brand new perf ftrace tool, support for OPAL drives, support for the SMC-R (Shared Memory Communications-RDMA) protocol, journalling support for MD RAID5, all new statx() system call to replace stat(2), and persistent scrollback buffers for VGA consoles... The Linux 4.11 kernel also introduces initial support for Intel Gemini Lake chips, which is an Atom-based, low-cost computer processor family developed using Intel's 14-nanometer technology, and better power management for AMD Radeon GPUs when the AMDGPU open-source graphics driver is used.
Crime

Debian Developer Imprisoned In Russia Over Alleged Role In Riots (itwire.com) 93

An anonymous reader writes: "Dmitry Bogatov, Debian developer and Tor node admin, is still being held in a Moscow jail," tweeted the EFF Saturday. IT Wire reports that the 25-year-old math teacher was arrested earlier this month "on suspicion of organizing riots," and is expected to be held in custody until June 8. "The panel investigating the protests claims Bogatov posted several incitory messages on the sysadmin.ru forum; for example, one claim said he was asking people to bring 'bottles, fabric, gasoline, turpentine, foam plastic' to Red Square, according to a post at Hacker News. The messages were sent in the name of one Airat Bashirov and happened to be transmitted through the Tor node that Bogatov was running. The Hacker News post said Bogatov's lawyer had produced surveillance video footage to show that he was elsewhere at the time when the messages were posted.
"After Dmitry's arrest," reports the Free Bogatov site, "Airat Bashirov continue to post messages. News outlets 'Open Russia' and 'Mediazona' even got a chance to speak with him."

Earlier this month the Debian GNU/Linux project also posted a message of support, noting Dmitry maintains several packages for command line and system tools, and saying their group "honours his good work and strong dedication to Debian and Free Software... we hope he is back as soon as possible to his endeavours... In the meantime, the Debian Project has taken measures to secure its systems by removing Dmitry's keys in the case that they are compromised."
Android

Open Ports Create Backdoors In Millions of Smartphones (bleepingcomputer.com) 122

An anonymous reader writes: "Mobile applications that open ports on Android smartphones are opening those devices to remote hacking, claims a team of researchers from the University of Michigan," reports Bleeping Computer. Researchers say they've identified 410 popular mobile apps that open ports on people's smartphones. They claim that an attacker could connect to these ports, which in turn grant access to various phone features, such as photos, contacts, the camera, and more. This access could be leveraged to steal photos, contacts, or execute commands on the target's phone. Researchers recorded various demos to prove their attacks. Of these 410 apps, there were many that had between 10 and 50 million downloads on the official Google Play Store and even an app that came pre-installed on an OEMs smartphones. "Research on the mobile open port problem started after researchers read a Trend Micro report from 2015 about a vulnerability in the Baidu SDK, which opened a port on user devices, providing an attacker with a way to access the phone of a user who installed an app that used the Baidu SDK," reports Bleeping Computer. "That particular vulnerability affected over 100 million smartphones, but Baidu moved quickly to release an update. The paper detailing the team's work is entitled Open Doors for Bob and Mallory: Open Port Usage in Android Apps and Security Implications, and was presented Wednesday, April 26, at the 2nd IEEE European Symposium on Security and Privacy that took place this week in Paris, France."
Bug

Linux 4.11 Delayed For a Week (theregister.co.uk) 48

Linux kernel creator Linus Torvalds said over the weekend that v4.11 version of Linux has hit a speed bump in the form of "NVMe power management that apparently causes problems on some machines." The Register adds: "It's not entirely clear what caused the [NVMe] issue (it wasn't just limited to some NVMe hardware, but also particular platforms), but let's test it." Which sounds like a good idea, given that flash memory on the PCIe bus is increasingly mainstream. That problem and "a couple of really annoying" bugs mean that Torvalds has decided to do an eighth release candidate for Linux 4.11. "I did get fixes for the issues that popped up, so I could have released 4.11 as-is," Torvalds wrote, "but it just doesn't feel right."
The Internet

The Linux Foundation Launches IoT-focused Open Source EdgeX Foundry (betanews.com) 33

Reader BrianFagioli writes: Today, The Linux Foundation launches the open source EdgeX Foundry -- an attempt to unify and simplify the Internet of Things. The Linux Foundation says, "EdgeX Foundry is unifying the marketplace around a common open framework and building an ecosystem of companies offering interoperable plug-and-play components. Designed to run on any hardware or operating system and with any combination of application environments, EdgeX can quickly and easily deliver interoperability between connected devices, applications, and services, across a wide range of use cases. Interoperability between community-developed software will be maintained through a certification program."
Businesses

Linux PC Maker System76 Plans To Design And Manufacture Its Own Hardware (liliputing.com) 103

An anonymous reader quotes Liliputing: System76 is one of only a handful of PC vendors that exclusively sells computers with Linux-based software. Up until now, that's meant the company has chosen hardware that it could guarantee would work well with custom firmware and the Ubuntu Linux operating system... Starting in 2018 though, you may be able to buy a System76 computer that was designed and built in-house... CAD files for System76 computers will be open source, allowing anyone with the appropriate skills and equipment to build or modify their own cases based on the company's designs.
"We're prototyping with acrylic and moving to metal soon," the company says in a blog post, adding "Our first in-house designed and manufactured desktops will ship next year. Laptops are more complex and will follow much later."
Open Source

Systemd-Free Devuan Announces Its First Stable Release Candidate 'Jessie' 1.0.0 (devuan.org) 372

Long-time reader jaromil writes: Devuan 1.0.0-RC is announced, following its beta 2 release last year. The Debian fork that spawned over systemd controversy is reaching stability and plans long-term support. Devuan deploys an innovative continuous integration setup: with fallback on Debian packages, it overlays its own modifications and then uses the merged source repository to ship images for 11 ARM targets, a desktop and minimal live, vagrant and qemu virtual machines and the classic installer isos. The release announcement contains several links to projects that have already adopted this distribution as a base OS.
"Dear Init Freedom Lovers," begins the announcement, "Once again the Veteran Unix Admins salute you!" It points out that Devuan "can be adopted as a flawless upgrade path from both Debian Wheezy and Jessie. This is a main goal for the Devuan Jessie stable release and has proven to be a very stable operation every time it has been performed. "
Red Hat Software

Red Hat Suffers Massive Data Center Network Outage 85

An anonymous reader writes: According to multiple reports on Twitter, the Fedora Infrastructure Status page, and the #fedora-admin Freenode IRC channel, Red Hat is suffering a massive network outage at their primary data center. Details are sketchy at this point, but it looks to be impacting the Red Hat Customer Portal; as well as all their repositories (including Fedora, EPEL, Copr); their public build system, Koji; and a whole host of other popular services. There is no ETA for restoration of services at this point.
Windows

File System Improvements To the Windows Subsystem for Linux (microsoft.com) 110

An anonymous reader shares a new article published on MSDN: In the latest Windows Insider build, the Windows Subsystem for Linux (WSL) now allows you to manually mount Windows drives using the DrvFs file system. Previously, WSL would automatically mount all fixed NTFS drives when you launch Bash, but there was no support for mounting additional storage like removable drives or network locations. Now, not only can you manually mount any drives on your system, we've also added support for other file systems such as FAT, as well as mounting network locations. This enables you to access any drive, including removable USB sticks or CDs, and any network location you can reach in Windows all from within WSL.
Ubuntu

Ubuntu Is Switching to Wayland (omgubuntu.co.uk) 227

An anonymous reader shares a report: Ubuntu is to ship Wayland in place of X.Org Server by default. Mir, Canonical's home-spun alternative to Wayland, had been billed as the future of Ubuntu's convergence play. But both Unity 8 the convergence dream was recently put out to pasture, meaning this decision was widely expected. It's highly likely that the traditional X.Org Server will, as on Fedora, be included on the disc and accessible from whichever login screen Ubuntu devs opt to use in ubuntu 17.10 onwards. This session will be useful for users whose system experience issues running on Wayland, or who need features and driver support that is only present in the legacy X.Org server session.
Nintendo

Nintendo Discontinues the NES Classic Edition (polygon.com) 104

A Nintendo representative has confirmed today that the company will be discontinuing the NES Classic Edition, "a plug-and-play console that became popular with collectors as soon as it launched last fall," reports Polygon. The last shipments of the consoles will hit stores this month. From the report: [Nintendo said in a statement to IGN:] "Throughout April, NOA territories will receive the last shipments of Nintendo Entertainment System: NES Classic Edition systems for this year. We encourage anyone interested in obtaining this system to check with retail outlets regarding availability. We understand that it has been difficult for many consumers to find a system, and for that we apologize. We have paid close attention to consumer feedback, and we greatly appreciate the incredible level of consumer interest and support for this product." "NES Classic Edition wasn't intended to be an ongoing, long-term product. However, due to high demand, we did add extra shipments to our original plans," it told IGN.
Operating Systems

Ubuntu 17.04 'Zesty Zapus', Featuring Unity, Now Available To Download (betanews.com) 83

Brian Fagioli, writing for BetaNews: Ubuntu 17.04 "Zesty Zapus" is available for download. No, this is not an Alpha or Beta, but an official stable version of the Linux-based operating system. Unfortunately, the release is a bit tainted -- it uses Unity as the official desktop environment, which Canonical has announced will be killed. Not to mention, there has been some controversy regarding some comments by Ubuntu founder Mark Shuttleworth. Just yesterday, the CEO of Canonical announced she is leaving the position. With all of the aforementioned controversy and chaos, it is understandably hard to get too excited for "Zesty Zapus," especially as this is not a long term support version. With that said, if you are an existing Ubuntu user that likes Unity, this is certainly a worthwhile upgrade if you are OK with the shorter support. Unity may no longer have a future, but version 7 will continue to be supported -- for a while, at least.
Ubuntu

Dozens Of Canonical Employees Resign As Ubuntu Switches To GNOME, Shuttleworth Returns As CEO (theregister.co.uk) 191

Alexander J Martin, reporting for The Register: More than 80 Canonical workers are facing the axe as founder Mark Shuttleworth has taken back the role of chief executive officer. The number, revealed today by The Reg, comes as Shuttleworth assumed the position from CEO of eight years Jane Silber, previously chief operating officer. The Reg has learned 31 or more staffers have already left the Ubuntu Linux maker ahead of Shuttleworth's rise, with at least 26 others now on formal notice and uncertainty surrounding the remainder. One individual has resigned while others, particularly in parts of the world with more stringent labour laws (such as the UK), are being left in the dark. The details come after The Reg revealed plans for the cuts as a commercial get-fit programme instituted by Shuttleworth. The Canonical founder is cutting numbers after an external assessment of his company by potential new financial backers found overstaffing and that projects lacked focus.
Media

OpenELEC 8.0 Linux Distro Released For PC, Raspberry Pi, WeTek Hub (betanews.com) 50

BrianFagioli writes: Today, popular Linux distro OpenELEC reaches version 8.0 stable. This operating system leverages Kodi to provide a well-rounded media center experience. Not only are there images for PC, but for Raspberry Pi, and WeTek boxes too.

'OpenELEC 8.0 release contains a Kodi major version bump. If you are updating from OpenELEC 7.0 or earlier we strongly recommend you perform a full backup before performing a manual update. If you experience issues please perform a soft-reset to clear OpenELEC and Kodi settings,' says Stephan Raue, OpenELEC.

Ubuntu

Canonical Founder Criticizes Free Software Developers Who 'Hate On Whatever's Mainstream' (google.com) 374

Canonical Founder Mark Shuttleworth said Saturday that "I came to be disgusted with the hate" on Canonical's display server Mir, saying it "changed my opinion of the free software community." After announcing his company was abandoning Unity for GNOME, Shuttleworth posted a gracious thank-you note to the Unity community Friday on Google Plus. But on Saturday, he added a sharper comment: "I used to think that it was a privilege to serve people who also loved the idea of service, but now I think many members of the free software community are just deeply anti-social types who love to hate on whatever is mainstream. When Windows was mainstream they hated on it. Rationally, Windows does many things well and deserves respect for those. And when Canonical went mainstream, it became the focus of irrational hatred too. The very same muppets would write about how terrible it was that IOS/Android had no competition and then how terrible it was that Canonical was investing in (free software!) compositing and convergence. Fuck that shit."
The comment begins by saying "The whole Mir hate-fest boggled my mind - it's free software that does something invisible really well. It became a political topic as irrational as climate change or gun control, where being on one side or the other was a sign of tribal allegiance. We have a problem in the community when people choose to hate free software instead of loving that someone cares enough to take their life's work and make it freely available."
Ubuntu

Canonical Founder Talks About Ubuntu Desktop Switching From Unity To GNOME, And Focus On Cloud (google.com) 80

Canonical founder Mark Shuttleworth on Friday talked about the move to switch Ubuntu's desktop user interface from Unity to GNOME, and putting a stop to development of Ubuntu software for phones and tablet: I would like to thank all of you for your spirit and intellect and energy in the Unity8 adventure. [...] Many elements of the code in the Ubuntu Phone project continue -- snaps grew out of our desire to ship apps reliably and efficiently and securely, the unity8 code itself will continue to be useful for UBports and other projects. And the ideas that we have pushed for are now spreading too. Finally, I should celebrate that Ubuntu consists of so many overlapping visions of personal computing, that we have the ability to move quickly to support the Ubuntu GNOME community with all the resources of Canonical to focus on stability, upgrades, integration and experience. That's only possible because of the diversity of shells in the Ubuntu family, and I am proud of all of our work across that full range.
GNOME

GNOME Dev Schaller Assures Ubuntu Users the Move To Step Away From Unity Will Bring Consistency Across Linux Distros (gnome.org) 104

Earlier this week, Canonical announced that Ubuntu will be ditching Unity as the default user interface on desktops to go back to GNOME next year. The company also said that it will be ending development of Ubuntu software for phones and tablets, in what is a push to focus on cloud. In a blog post, Christian Schaller, a developer on Fedora and GNOME (and Senior Software Engineering Manager at Red Hat), offered some assurance to the community that this is the right move in the grand scheme of things. He writes on an official blog post: We look forward to keep working with great Canonical and Ubuntu people like Allison Lortie and Robert Ancell on projects of shared interest around GNOME, Wayland and hopefully Flatpak. It is worth mentioning that even as we [have] been competing with Unity and Ubuntu, we have also been collaborating with them, most recently on [the] integration of features they wanted from GNOME Software such as user reviews. Of course now sharing a bigger set of technologies collaboration will be even easier. I am personally happy to see this convergence of efforts happening because I have -- for a long time -- felt that the general level of investment in the Linux desktop has not been great enough to justify the plethora of Linux desktops out there. Now having reached a position where Canonical, Endless, Red Hat and Suse again share one desktop technology stack and along with consulting companies such as Centricular, CodeThink, Collabora and Igalia helping push parts of the stack forward, we are at least all pulling in the same direction. This change should also make life easier for ISV who now have a more clear target if they want to try to integrate their UI with the Linux desktop as 'the linux desktop' becomes a more meaningful term with this change.
GNOME

Canonical Killing Unity For Ubuntu Linux, Will Switch To the Superior GNOME (betanews.com) 386

Reader BrianFagioli writes: Today, the company admits that it is throwing in the towel on Unity, as well as its vision for convergence with devices like phones and tablets. Starting with Ubuntu 18.04, the wonderful GNOME will once again become the default desktop environment! "We are wrapping up an excellent quarter and an excellent year for the company, with performance in many teams and products that we can be proud of. As we head into the new fiscal year, it's appropriate to reassess each of our initiatives. I'm writing to let you know that we will end our investment in Unity8, the phone and convergence shell. We will shift our default Ubuntu desktop back to GNOME for Ubuntu 18.04 LTS," says Mark Shuttleworth, Founder of Ubuntu and Canonical.
Emulation (Games)

Ask Slashdot: Can Linux Run a GPU-Computing Application Written For Windows? 117

dryriver writes: I have been told that Linux can run Windows software using Wine or perhaps a VM. What happens if that Windows software is a GPU-computing application -- accessing the GPU through HLSL/GLSL/CUDA/OpenCL or similar interfaces? Can Wine or other solutions run that software at a decent speed under Linux? Or is GPU-computing software written for the Windows platform unsuitable for use -- emulated or otherwise -- under Linux? This sounds like one of those cases where there's a theoretical answer and then your own real-world experiences. So leave your best answers in the comments. Can Linux run a GPU-computing application that's written for Windows?
Privacy

USB Canary Sends An SMS When Someone Tinkers With Your USB Ports (bleepingcomputer.com) 40

An anonymous reader quotes a report from BleepingComputer: A new tool released on GitHub last week can help paranoid sysadmins keep track of whenever someone plugs in or disconnects an USB-based device from high-value workstations. Called USB Canary, this tool is coded in Python and currently, works only on Linux (versions for Windows and Mac are in the works). The tool works by watching USB ports for any activity while the computer is locked, which generally means the owner has left his desk. If an USB device is plugged in or unplugged, USB Canary can perform one of two actions, or both. It can alert the owner by sending an SMS message via the Twilio API, or it can post a message in a Slack channel, which can be monitored by other co-workers. USB Canary can prove to be a very useful tool for large organizations that feature strict PC policies. For example, if you really want to enforce a "No USB drives" at work, this could be the tool for the job. Further, with modifications, it could be used for logging USB activity on air-gapped systems.
AT&T

AT&T Joins The Linux Foundation as a Platinum Member (linuxfoundation.org) 40

From a press release: The Linux Foundation, the nonprofit advancing professional open source management for mass collaboration, today announced that AT&T has become a Platinum member. This follows news of the company's contribution of several million lines of ECOMP code to The Linux Foundation, as well as the new Open Network Automation Platform (ONAP) Project based on production-ready code from AT&T and OPEN-O contributors. Chris Rice, senior vice president of AT&T Labs, joins The Linux Foundation Board of Directors and was also recently selected as the ONAP chairman. "Open source is crucial to AT&T's software transformation," said Chris Rice, chairman of ONAP and senior vice president of AT&T Labs. "So, it was a natural decision for us to join The Linux Foundation. SDN is helping us meet performance, capital spending and efficiency goals and we expect continued benefits. But more so, we recognize that the open source community accelerates innovation. We're excited to work with The Linux Foundation and its members to promote a globally accepted platform for SDN and NFV technologies."
Operating Systems

Ask Slashdot: What's The Easiest Linux Distro For A Newbie? 510

joseph Kramer -- a long-time user of both Windows and MacOS -- comes to Slashdot with the ultimate question: I've been lurking here for years and seen many recommendations for a Linux flavor that works. What I'm really looking for is Linux that works without constant under-the-hood tweaking (ala early Windows flavors, 3.1, 95/98). Does such an OS exist? For the record, I am not an IT tech. I just need something to work with the mechanical equipment it controls. Any recommendations?
When it comes to Windows and MacOs, he describes himself as "fed up with their shenanigans." So leave your best answers in the comments. What's the best way for a newbie to get started with Linux?
Microsoft

Microsoft's OneDrive Web App Crippled With Performance Issues On Linux and Chrome OS (theregister.co.uk) 114

Iain Thomson, reporting for The Register: Plenty of Linux users are up in arms about the performance of the OneDrive web app. They say that when accessing Microsoft's cloudy storage system in a browser on a non-Windows system -- such as on Linux or ChromeOS -- the service grinds to a barely usable crawl. But when they use a Windows machine on the same internet connection, speedy access resumes. Crucially, when they change their browser's user-agent string -- a snippet of text the browser sends to websites describing itself -- to Internet Explorer or Edge, magically their OneDrive access speeds up to normal on their non-Windows PCs. In other words, Microsoft's OneDrive web app slows down seemingly deliberately when it appears you're using Linux or some other Windows rival. This has been going on for months, and complaints flared up again this week after netizens decided enough is enough. When gripes about this suspicious slowdown have cropped up previously, Microsoft has coldly reminded people that OneDrive for Business is not supported on Linux, thus the crap performance is to be expected. But when you change the user-agent string of your browser on Linux to match IE or Edge, suddenly OneDrive's web code runs fine. The original headline of the story is, "Microsoft loves Linux so much, its OneDrive web app runs like a dog on Windows OS rivals".
GNOME

GNOME 3.24 Released (softpedia.com) 118

prisoninmate quotes a report from Softpedia: GNOME 3.24 just finished its six-month development cycle, and it's now the most advanced stable version of the modern and popular desktop environment used by default in numerous GNU/Linux distributions. It was developed since October 2016 under the GNOME 3.23.x umbrella, during which it received numerous improvements. Prominent new features of the GNOME 3.24 desktop environment include a Night Light functionality that promises to automatically shift the colors of your display to the warmer end of the spectrum after sunset, and a brand-new GNOME Control Center with redesigned Users, Keyboard and Mouse, Online Accounts, Bluetooth, and Printer panels. As for the GNOME apps, we can mention that the Nautilus file manager now lets users browse files as root (system administrator), GNOME Photos imitates Darktable's exposure and blacks adjustment tool, GNOME Music comes with ownCloud integration and lets you edit tags, and GNOME Calendar finally brings the Week view. New apps like GNOME Recipes are also part of this release. The full release notes can be viewed here. Softpedia notes in conclusion: "As mentioned before, it will take at least a couple of weeks for the new GNOME 3.24 packages to land on the stable repositories of your favorite distro, which means that you'll most probably be able to upgrade from GNOME 3.22 when the first point release, GNOME 3.24.1, is out on April 12, 2017."

Slashdot Top Deals