jrepin writes: The KDE community has released Plasma 5.19, the popular free and open-source desktop environment. "In this release, we have prioritized making Plasma more consistent, correcting and unifying designs of widgets and desktop elements; worked on giving you more control over your desktop by adding configuration options to the System Settings; and improved usability, making Plasma and its components easier to use and an overall more pleasurable experience," reads the announcement. For a complete list of what's new, you can visit the Plasma 5.19 changelog.

Roblimo once called it "a tradition, not just a speech" -- Bryan Lunduke's annual "Linux Sucks" presentations at various Linux conferences. But before you get too upset, in his 2014 interview with Slashdot Lunduke admitted "I love Linux, I have made my whole life around Linux. I work for Linux companies. I write for Linux magazines, but it really blows..."

This year he's releasing a special YouTube version of Linux Sucks 2020, the first time Lunduke has attempted the talk without a live audience, "And it feels really wicked weird." But he's still trying to get a rise out of his audience. "Follow me on this into Journey Into Graphs and Numbers Land," Lunduke says playfully, pulling up one of his 160 x 90 pixel slides showing current market share for Windows, Mac, and then Linux "You might notice that some platforms have a higher market share than Linux does," he says with a laugh, describing one slide showing Linux as "scooping up the bottom of the barrel at 1.6%..."

"But here's the thing. These numbers have been either consistent, or for Linux, slowly dropping." And then he puts up a graph showing the number of searches for Linux. "If you look back at 2004 -- the year 2004, 16 years ago -- that was the high point in interest in searching for the word Linux (or Linux plus other things). 2006 it was about half that -- so about two years later it had dropped down to about half. Here in 2020 it is so low, not only does it not fill up the first bar of pixels there, it's like only three pixels in. That doesn't happen -- that sort of decline does not happen -- unless the platform sucks. That's just the truth of the matter. That's just how it goes, right?"

And there's also some very specific reasons why Lunduke thinks Linux sucks:

"The trend towards open-source software on government computers is gathering pace in Germany," reports ZDNet: In the latest development, during coalition negotiations in the city-state of Hamburg, politicians have declared they are ready to start moving its civil service software away from Microsoft and towards open-source alternatives. The declaration comes as part of a 200-page coalition agreement between the Social Democratic and Green parties, which will define how Hamburg is run for the next five years. It was presented on Tuesday but has yet to be signed off. The political parties in charge in Hamburg are the same as those in Munich, who recently agreed to revert back to that city's own open-source software.

"With this decision, Hamburg joins a growing number of German states and municipalities that have already embarked on this path," said Peter Ganten, chairman of the Open Source Business Alliance, or OSBA, based in Stuttgart. He's referring to similar decisions made in Schleswig-Holstein, Thuringia, Bremen, Dortmund, and Munich. But, he adds: "The Hamburg decision is nevertheless remarkable because the city has always been more aggressively oriented towards Microsoft.

"In the future we will aim to have more open-source software in digital management [systems] and we also want to develop our own code, which will remain open," the head of the local Hamburg-Mitte branch of the Greens, Farid Mueller, wrote on his website. Hamburg wants to be a leading example of digital independence, he stated.
The article also adds a final interesting detail. A Microsoft spokeperson told a Germany technology site "that the company didn't see the desire for more open-source software as an attack on itself. Microsoft now also uses and develops a lot of open source and welcomed fair competition, the spokesperson added."

"A newly uncovered form of ransomware is going after Windows and Linux systems," reports ZDNet, "in what appears to be a targeted campaign." Named Tycoon after references in the code, this ransomware has been active since December 2019 and looks to be the work of cyber criminals who are highly selective in their targeting. The malware also uses an uncommon deployment technique that helps stay hidden on compromised networks. The main targets of Tycoon are organisations in the education and software industries.

Tycoon has been uncovered and detailed by researchers at BlackBerry working with security analysts at KPMG. It's an unusual form of ransomware because it's written in Java, deployed as a trojanised Java Runtime Environment and is compiled in a Java image file (Jimage) to hide the malicious intentions... [T]he first stage of Tycoon ransomware attacks is less uncommon, with the initial intrusion coming via insecure internet-facing Remote Desktop Protocol servers. This is a common attack vector for malware campaigns and it often exploits servers with weak or previously compromised passwords. Once inside the network, the attackers maintain persistence by using Image File Execution Options (IFEO) injection settings that more often provide developers with the ability to debug software. The attackers also use privileges to disable anti-malware software using ProcessHacker in order to stop removal of their attack...

After execution, the ransomware encrypts the network with files encrypted by Tycoon given extensions including .redrum, .grinch and .thanos — and the attackers demand a ransom in exchange for the decryption key. The attackers ask for payment in bitcoin and claim the price depends on how quickly the victim gets in touch via email.

The fact the campaign is still ongoing suggests that those behind it are finding success extorting payments from victims.

Long-time Slashdot reader mrflash818 ("Linux geek since 1999") shared a ZDNet article pointing out that SpaceX's Falcon 9 rocket has an onboard operating system that's "a stripped-down Linux running on three ordinary dual-core x86 processors. The flight software itself runs separately on each processor and is written in C/C++."

Interestingly, back in 2018 a Slashdot headline asked whether C++ was "a really terrible language," and Elon Musk replied on Twitter with his single-word answer. "Yes."

ZDNet points out that "ordinary" processors are often needed because of the multi-year development time for the spacecraft they power. Their article notes that the International Space Station actually runs on 1988-vintage 20 MHz Intel 80386SX CPUs: Of course, while those ancient chips work for the station's command and control multiplexer/demultiplexer, they're not much good for anything else. For ordinary day-in and day-out work, astronauts use HP ZBook 15s running Debian Linux, Scientific Linux, and Windows 10. The Linux systems act as remote terminals to the control multiplexer/demultiplexer, while the Windows systems are used for email, the web, and fun.

Usually, though, chips that go into space aren't ordinary chips. CPUs that stay in space must be radiation-hardened. Otherwise, they tend to fail due to the effects of ionizing radiation and cosmic rays. These customized processors undergo years of design work and then more years of testing before they are certified for spaceflight. For instance, NASA expects its next-generation, general-purpose processor, an ARM A53 variant you may know from the Raspberry Pi 3, to be ready to run in 2021...

The Dragon spacecraft's touchscreen interface is rendered using Chromium and JavaScript. If something were to go wrong with the interface, the astronauts have physical buttons to control the spacecraft.
Today the SpaceX software team answered questions on Reddit, revealing they use Chromium with a reactive library developed in-house, and that "All of our on-board computers either run Linux (with the PREEMPT_RT patch) or are microcontrollers that run bare-metal code...." Later they emphasized that for the Falcon 9 and Dragon software, "All of the application-level autonomous software is written in C++. We generally use object oriented programming techniques from C++, although we like to keep things as simple as possible.

"We do use open source libraries, primarily the standard C++ library, plus some others. However, we limit our use of open source libraries to only extremely high quality ones, and often will opt to develop our own libraries when it is feasible so that we can control the code quality ourselves."

TechRepublic calls it "a tectonic shift in the landscape... a massive company showing serious support for both Ubuntu Linux and Red Hat Enterprise Linux."

Forbes reports: Beginning this month, Lenovo will certify its ThinkStation PCs and ThinkPad P Series laptops for both Ubuntu LTS and Red Hat Enterprise Linux. Every single model, every single configuration across the entire workstation portfolio. [ZDNet adds that the two Linux distros will also be preloaded.]

And it doesn't end there. "Going beyond the box, this also includes full web support, dedicated Linux forums, configuration guidance and more," says Rob Herman, General Manager, Executive Director Workstation & Client AI Group at Lenovo. We're not talking about just hardware certification, either. Lenovo will offer both Red Hat Enterprise Linux and Ubuntu LTS distributions pre-installed...

"What's more, Lenovo will also upstream device drivers directly to the Linux kernel, to help maintain stability and compatibility throughout the life of the workstation," says Herman. Lenovo and Fedora are already working together to enable fingerprint sensor support on select ThinkPads, and send that support upstream to benefit all Linux distributions (including firmware being available through LVFS). When I spoke to Mark Pearson, the Senior Linux Software Engineer even mentioned porting certain Windows-only PC management tools to Linux to aid in the overall effort.
TechRepublic notes the news "comes on the heels of a number of new Linux desktop support news. This year we've seen the rise of Purism, Tuxedo Computers, Pine64, Juno Computers, Vikings, Dell's continued support with the XPS Dev edition laptop and the Precision line, and now Lenovo."

They also argue for continued support for the smaller vendors of Linux hardware. "Companies like System76 are a big reason why desktop Linux continued climbing up that steep mountain called 'Acceptance.'" But their article concludes that "No matter which path you take, you now (as a Linux user) have more options."

An anonymous reader quotes a report from ZDNet: Mint's programmers, led by lead developer, Clement "Clem" Lefebvre, has dropped support for Ubuntu's Snap software packing system. [...] So, what's not to like? Well, a lot, thinks Clem. As he wrote in July 2019, the idea is fine: "When snap was announced it was supposed to be a solution, not a problem. It was supposed to make it possible to run newer apps on top of older libraries and to let third-party editors publish their software easily towards multiple distributions, just like Flatpak and AppImage." But, he said, "What we didn't want it to be was for Canonical to control the distribution of software between distributions and third-party editors, to prevent direct distribution from editors, to make it so software worked better in Ubuntu than anywhere else and to make its store a requirement."

Clem was worried then that Canonical was moving in that direction because: "Ubuntu is planning to replace the Chromium [Google's open-source browser and foundation for Chrome] repository package with an empty package, which installs the Chromium snap. In other words, as you install APT [Debian's program for installing and managing DEB files] updates, Snap becomes a requirement for you to continue to use Chromium and installs itself behind your back. This breaks one of the major worries many people had when Snap was announced and a promise from its developers that it would never replace APT. A self-installing Snap Store which overwrites part of our APT package base is a complete NO-NO. It's something we have to stop and it could mean the end of Chromium updates and access to the snap store in Linux Mint."

Fast forward to now, and that's still the case with Chromium, and Clem has had enough: "In the Ubuntu 20.04 package base, the Chromium package is indeed empty and acting, without your consent, as a backdoor by connecting your computer to the Ubuntu Store. Applications in this store cannot be patched, or pinned. You can't audit them, hold them, modify them, or even point snap to a different store. You've as much empowerment with this as if you were using proprietary software, i.e. none. This is in effect similar to a commercial proprietary solution, but with two major differences: It runs as root, and it installs itself without asking you."

"The Linux kernel has officially deprecated its coding style that the length of lines of code comply with 80 columns as the 'strong preferred limit'," reports Phoronix: The Linux kernel like many long-standing open-source projects has a coding style guideline that lines of code be 80 columns or less, but now that while still recommended is no longer going to be enforced. This stems from Linus Torvalds commenting on Friday that excessive linebreaks are bad and he is against ugly wrapped code that is strictly sticking to 80 characters per line. This is part of the broader trend that most are no longer using 80x25 terminals...

This deprecation involves updating the documentation on the kernel's coding style to be more sensible and updating the checkpatch.pl script that checks patches to no longer have a max line length of 80. Instead, the check patch script is using a maximum line length of 100.
Torvalds noted Friday that spreading code over multiple lines created problems for single-line utilities like grep, while longer lines "are fundamentally useful..." [H]onestly, I don't want to see patches that make the kernel reading experience worse for me and likely for the vast majority of people, based on the argument that some odd people have small terminal windows... If you or Christoph have 80 character lines, you'll get possibly ugly wrapped output. Tough. That's _your_ choice. Your hardware limitations shouldn't be a pain for the rest of us...

So no. I do not care about somebody with a 80x25 terminal window getting line wrapping. For exactly the same reason I find it completely irrelevant if somebody says that their kernel compile takes 10 hours because they are doing kernel development on a Raspberry PI with 4GB of RAM. People with restrictive hardware shouldn't make it more inconvenient for people who have better resources...

If you choose to use a 80-column terminal, you can live with the line wrapping. It's just that simple.
"Yes, staying withing 80 columns is certainly still _preferred_," notes the official commit message for this change. "But it's not the hard limit that the checkpatch warnings imply, and other concerns can most certainly dominate. Increase the default limit to 100 characters. Not because 100 characters is some hard limit either, but that's certainly a 'what are you doing' kind of value and less likely to be about the occasional slightly longer lines.'"

Academics say they have discovered 26 new vulnerabilities in the USB driver stack employed by operating systems such as Linux, macOs, Windows, and FreeBSD. From a report: The research team, made up by Hui Peng from Purdue University and Mathias Payer from the Swiss Federal Institute of Technology Lausanne, said all the bugs were discovered with a new tool they created, named USBFuzz. The tool is what security experts call a fuzzer. Fuzzers are applications that let security researchers send large quantities of invalid, unexpected, or random data as inputs to other programs. Security researchers then analyze how the tested software behaves to discover new bugs, some of which may be exploited in a malicious way.

Linus Torvalds released Linux 5.7 rc7 today, saying it "looks very normal... none of the fixes look like there's anything particularly scary going on."

But then he added something else: [T]he biggest excitement this week for me was just that I upgraded my main machine, and for the first time in about 15 years, my desktop isn't Intel-based. No, I didn't switch to ARM yet, but I'm now rocking an AMD Threadripper 3970x. My 'allmodconfig' test builds are now three times faster than they used to be, which doesn't matter so much right now during the calming down period, but I will most definitely notice the upgrade during the next merge window.
The Register writes: Torvalds didn't divulge any further details about his new rig, but the 3970x is quite the beast, boasting 32 cores and 64 threads at 3.7GHz with the ability to burst up to 4.5GHz, all built on TSMC's 7nm FinFET process... Torvalds has probably acquired a whole new PC, as the Threadripper range requires a sTRX4 socket and those debuted on motherboards from late 2019.

Whatever he's running, it has more cores than Intel currently offers in a CPU designed for PCs. Even Chipzilla's high-end CoreX range tops out at 18 cores. AMD will be over the moon that such a high profile IT pro has adopted their kit and pointed to its performance.
Or, as long-time Slashdot reader williamyf puts it, "Good endorsement for AMD, a PR blow for Intel."

Newly-elected politicians in Munich "have decided its administration needs to use open-source software, instead of proprietary products like Microsoft Office," reports ZDNet: "Where it is technologically and financially possible, the city will put emphasis on open standards and free open-source licensed software," a new coalition agreement negotiated between the recently elected Green party and the Social Democrats says. The agreement was finalized May 10 and the parties will be in power until 2026. "We will adhere to the principle of 'public money, public code'. That means that as long as there is no confidential or personal data involved, the source code of the city's software will also be made public," the agreement states...

Munich began the move away from proprietary software at the end of 2006... By 2013, 80% of desktops in the city's administration were meant to be running LiMux software. In reality, the council continued to run the two systems — Microsoft and LiMux — side by side for several years to deal with compatibility issues. As the result of a change in the city's government, a controversial decision was made in 2017 to leave LiMux and move back to Microsoft by 2020. At the time, critics of the decision blamed the mayor and deputy mayor and cast a suspicious eye on the US software giant's decision to move its headquarters to Munich. In interviews, a former Munich mayor, under whose administration the LiMux program began, has been candid about the efforts Microsoft went to to retain their contract with the city.

The migration back to Microsoft and to other proprietary software makers like Oracle and SAP, costing an estimated €86.1m ($93.1m), is still in progress today.

"We're very happy that they're taking on the points in the 'Public Money, Public Code' campaign we started two and a half years ago," Alex Sander, EU public policy manager at the Berlin-based Free Software Foundation Europe, tells ZDNet. But it's also important to note that this is just a statement in a coalition agreement outlining future plans, he says. "Nothing will change from one day to the next, and we wouldn't expect it to," Sander continued, noting that the city would also be waiting for ongoing software contracts to expire. "But the next time there is a new contract, we believe it should involve free software."

An anonymous reader quotes a report from ZDNet: For years, there's been a known security vulnerability hiding in the GNU C Library (glibc). This library, which is critical for Linux and many other operating systems and programs, had a dynamic memory management security hole that could be used for denial of service (DoS) attacks. Now, the security company, Check Point, has issued an open-source patch, which will make it much more difficult to exploit this memory allocation (malloc) problem. Check Point re-encountered this known problem when it discovered that so-called smart light bulbs could be used to hack into networks by exploiting unprotected single-linked-lists. The double-linked-list version of this problem had been fixed back in 2005 with Safe-Unlinking. But, the single-linked-list version, which is present in the memory primitive functions Fast-Bins and Thread Cache (TCache), remained vulnerable.

Now, the fix is in for this problem. This new built-in security mechanism is called Safe-Linking. It protects malloc by signing its single-linked-list pointers with random numbers derived from Linux's Address Space Layout Randomization (ASLR) functionality. Combined with memory chunk alignment integrity checks, it protects the memory pointers from hijacking attempts and thus the system itself. The patch is now being integrated with the most common standard C library implementation, glibc. Safe-Linking will be released in glibc 2.32 in August 2020. It's already up and running in glibc's popular embedded counterpart: uClibc-NG.

At Build 2020 today, Microsoft gave developers a slew of new tools to coax them into using Windows over macOS or Linux. From a report: Windows Terminal is now out of preview for enterprises, and Windows Subsystem for Linux (WSL) 2 is getting support for GPUs, Linux GUI apps, and a simplified install experience. Microsoft even released a Windows Package Manager in preview. Windows 10 runs on 1 billion monthly active devices (PCs, Xbox One consoles, and HoloLens devices), making it a massive platform for developers to target. [...] Microsoft today released Windows Terminal 1.0, which means it is stable for enterprise use. The open source application features multiple tabs, panes, tear-away windows, shortcuts, Unicode and UTF-8 character support, emojis, ligatures, extensions, GPU-accelerated text rendering engine, and custom themes, styles, and configurations. Windows Terminal is for users of PowerShell, Cmd, WSL, and other command-line tools. Microsoft also unveiled WSL improvements today, including support for GPUs, Linux GUI apps, and a simplified install experience. WSL is a compatibility layer for running Linux binary executables natively on Windows. Microsoft first shared it was working on WSL 2 a year ago at Build 2019. WSL 2 is slated to arrive in the next major Windows 10 update coming later this month (brilliantly called the Windows 10 May 2020 Update), but it won't have these new features. In the second half of the year, WSL 2 will get support for GPU compute workflows.

Huawei denied on Monday having any official involvement in an insecure patch submitted to the Linux kernel project over the weekend; patch that introduced a "trivially exploitable" vulnerability. From a report: The buggy patch was submitted to the official Linux kernel project via its mailing list on Sunday. Named HKSP (Huawei Kernel Self Protection), the patch allegedly introduced a series of security-hardening options to the Linux kernel. Big tech companies that heavily use Linux in their data centers and online services, often submit patches to the Linux kernel. Companies like Google, Microsoft, Amazon, and others have been known to have contributed code. On Sunday, the HKSP submission sparked interest in the Linux community as could signal Huawei's wish to possibly contribute to the official kernel. Due to this, the patch came under immediate scrutiny, including from the developers of Grsecurity, a project that provides its own set of security-hardening patches for the Linux kernel. In a blog post published on the same day, the Grsecurity team said that it discovered that the HKSP patch was introducing a "trivially exploitable" vulnerability in the kernel code -- if the patch was to be approved.

Tom's Hardware "put five of the most popular desktop environments up against each other in a no-holds-barred, seven-round face-off. We've rated GNOME, KDE, Cinnamon, Awesome and Regolith on a 10-point scale based on Installation, Applications, User Experience, User Documentation, Performance, Extensions and Configurability."

It's a good read, with a detailed and thoughtful 3,700-word analysis, especially about memory performance: When you use the standard desktops, Gnome and KDE, you will likely notice that you are using a lot of memory... If you haven't noticed yet, try running htop in a separate window while you try out your choices. You should see a substantial difference with Awesome, i3 and, if you are elite, dwm. The difference in memory footprint is staggering when you start measuring. GNOME starts with somewhere in the region of 3GB at boot. This can be trimmed down by serious tweaking, but not very much. In comparison, the Awesome window manager weighs in at around 600MB... You can put a lot of eye candy and daemons before you weigh down your system as much as the others...

Getting the advantage comes at a cost, though: you need to learn a few new habits to use Awesome desktop environment.
Among GNOME, KDE, and Cinnamon, the article ultimately calls KDE "the most polished... decorative and versatile of the bunch. This comes at a cost, though." Cinnamon has the best balance between extensions and ease of use, while it is also fast and responsive. At the same time, it is not that heavy on resources. You can also add a wide range of extensions in the shape of widgets that send you ongoing and updated information.

Regolith requires a bit more training, but it does set itself up for you so you can continue as you did with GNOME. Adding extensions and other gadgets is a bit more tricky, however... With Awesome you have to set up and practice to use it! It's easily the hardest in the group to get started with. When you are up and running, Awesome does deliver the most benefits from a resource point of view...

Overall Winner: Cinnamon...because of its strong combination of user experience, performance and customization.

Click through to read reactions and share your own thoughts. (And to see a short list of some of the article's other highlights.)

Inkscape, the free and open-source vector graphics editor, has released version 1.0 for Linux, Windows, and macOS. It comes after three years in development and over 16 years after Inkscape's initial release. BetaNews reports: "Built with the power of a team of volunteers, this open source vector editor represents the work of many hearts and hands from around the world, ensuring that Inkscape remains available free for everyone to download and enjoy. In fact, translations for over 20 languages were updated for version 1.0, making the software more accessible to people from all over the world. A major milestone was achieved in enabling Inkscape to use a more recent version of the software used to build the editor's user interface (namely GTK+3). Users with HiDPI (high resolution) screens can thank teamwork that took place during the 2018 Boston Hackfest for setting the updated-GTK wheels in motion," explains the developers.

The devs further explain, "The extensions system has undergone some fundamental changes in version 1.0. Over the years, Inkscape users have become used to working with third-party extensions, such as various ones used for laser cutting and exporting to file formats which are not a native part of Inkscape. While outreach to extension developers was undertaken as Inkscape migrates towards Python 3 and a more logical and fully tested extensions API (now hosted in a separate repository), not all third-party extensions have been brought forward to be compatible yet. This will mean that 1.0 may not allow some users to continue with their normal extensions workflow." The blog post, official release notes, and download page are available at their respective links.

Camel Pilot (Slashdot reader #78,781) writes: Leannart Poettering is proposing homed to alter the way Linux systems handle user management. All user information will be placed in a cryptographically signed JSON record, such as username, group membership, and password hashes. The venerable /etc/passwd and /etc/shadow will be a thing of the past. One of the claimed advantages will be home directory portability.

"Because the /home directory will no longer depend on the trifecta of systemd, /etc/passwd, and /etc/shadow, users and admins will then be able to easily migrate directories within /home," writes Jack Wallen at TechRepublic. "Imagine being able to move your /home/USER (where USER is your username) directory to a portable flash drive and use it on any system that works with systemd-homed. You could easily transport your /home/USER directory between home and work, or between systems within your company."

What is not clear is that for portability, systems would have to have identical user_id, group names, group_id, etc. And what mechanism is going to provide user authorization to login to a system?
"At the moment, systemd 245 is still in RC2 status," the article notes, adding "The good news, however, is that systemd 245 should be released sometime this year (2020).

"When that happens, prepare to change the way you manage users and their home directories."

The world's biggest PC company (in terms of shipments) now offers select models with Linux pre-installed. In doing so, it joins the existing club that includes Dell and other smaller players like Purism, ZaReason, and System76. From a report: If Linux has a special place in your heart, you will want to know Lenovo is partnering with the Fedora Project to give you your dream machine in the form of ThinkPad laptops that make it easy even for a newcomer to get started with Fedora. This is supposed to be a pilot program dubbed Linux Community Series -- Fedora Edition, which will include the ThinkPad P1 Gen2, ThinkPad X1 Gen8, ThinkPad P53, with the possibility that the company will expand the selection in the near future if it sees enough demand. These models will come with the newly released Fedora 32 Workstation Linux pre-installed, and will presumably be certified to play nice with it while only using first party repositories. That means the ThinkPad P53 and ThinkPad P1 Gen2 won't come with Nvidia drivers installed by default. However, that's easy to fix by downloading them from proprietary sources.

Today, Fedora 32 becomes available for download. From a report: It comes with GNOME 3.36 which you can read more about here. If you don't like GNOME, it isn't the end of the world -- you can instead choose KDE Plasma, Cinnamon, MATE, and more. There is even a special ARM variant of Fedora 32 that will work with Raspberry Pi devices. "Fedora 32 includes new features aimed at addressing issues facing modern developers and IT teams. Highlights include key updates to Fedora's desktop-focused edition, Fedora 32 Workstation, and a new computational neuroscience lab image, aimed at bringing those working in science fields to open source software. Each Fedora edition is designed to address specific use cases for modern developers and IT teams with Fedora Workstation and Fedora Server providing open operating systems built to meet the needs of forward-looking developers and server projects," says The Fedora Project development team.

Canonical has released the newest version of its Ubuntu Linux distribution, Ubuntu 20.04. This long-term-support (LTS) version is more than just the latest version of one of the most popular Linux distributions; it's a major update for desktop, server, and cloud users. From a news story: Called "Focal Fossa," it is an LTS version, meaning "Long Term Support." Just how long is that support? An impressive five years! Ubuntu 20.04 will feature many new visual cues and tweaks too thanks to a refreshed theme. "Ubuntu has become the platform of choice for Linux workstations. Canonical certifies multiple Dell, HP, and Lenovo workstations, and supports enterprise developer desktops. Machine learning and AI tools from a range of vendors are available immediately for Ubuntu 20.04 LTS, along with 6,000 applications in the Snapcraft Linux App Store including Slack, Skype, Plex, Spotify, the entire JetBrains portfolio and Visual Studio Code. WireGuard is a new, simplified VPN with modern cryptography defaults. WireGuard is included in Ubuntu 20.04 LTS and will be backported to Ubuntu 18.04 LTS to support widespread enterprise adoption," says Canonical.

Remember when BlackBerry reported Advanced Persistent Threat groups have been infiltrating critical Linux servers for at least eight years? What's the lesson to be learned?

LinuxSecurity Founder Dave Wreski argues "Although it may be easy to blame the rise in attacks targeting Linux in recent years on security vulnerabilities in the operating system as a whole, this is simply not the truth. The majority of exploits on Linux systems can be attributed to misconfigured servers and poor administration."

Writing for Linux Security, Slashdot reader b-dayyy gathered some additional responses: Some experts argue that it is the popularity of Linux that makes it a target. Joe McManus, Director of Security at Canonical, explains: "Linux and, particularly Ubuntu, are incredibly secure systems but, that being said, it is their popularity that makes them a target." Ian Thornton-Trump, a threat intelligence expert and the CISO at Cyjax, adds: "From an economic and mission perspective, it makes sense for a threat actor to invest in open-source skills for flexibility and the ability to target the systems where the good stuff is happening."

Despite the increasing number of threats targeting Linux systems, there is still a sound argument for the inherent security of Linux, which can be attributed to the core fundamentals of Open Source. Due to the transparency of open-source code and the constant scrutiny that this code undergoes by a vibrant global community, vulnerabilities are identified and remedied quicker than flaws that exist in the opaque source code of proprietary software and operating systems. Threat actors recognize this, and are still directing the majority of their attacks at proprietary operating systems.

These attacks do; however, serve as a much-needed wakeup call for the security community that more needs to be done to protect Linux servers. BlackBerry's report reveals that security solutions and defensive coverage available within Linux environments is "immature at best". Endpoint protection, detection and response products are inadequately utilized by too many Linux users, and endpoint solutions available for Linux systems are often insufficient in combating advanced exploits. Eric Cornelius, Chief Product Officer at BlackBerry, evaluates: "Security products and services that support Linux, offerings that might detect and give us insight into a threat like this, are relatively lacking compared to other operating systems, and security research about APT use of Linux malware is also relatively sparse."

Paul Cormier became Red Hat's new CEO this week -- while the entire company was working from home. He had to make his inaugural address to over 12,000 employees around the world using BlueJeans videoconferencing tools, reports a North Carolina newspaper: In some ways, Red Hat was well prepared to work through the disruptions of coronavirus. For years, the company has encouraged and accepted employees who have wanted to work from home. It's been a big part of its recruiting efforts, Cormier said. "Especially in engineering, our strategy has always been hire the best person, we don't care where they are."

That doesn't mean it has been unscathed. The company has had to change its sales and product conference this year into a virtual event and social isolation obviously puts a strain on relationships with customers. And while the company wouldn't give out an exact number of employees who have be infected by COVID-19, a spokeswoman for Red Hat said, "We have cases around the globe -- people who are presumed to be sick, people who are sick and, happily, people who have recovered."

Cormier said he's committed to taking care of the thousands of employees affected by work-from-home orders across the globe. Red Hat, he said, will pay all of its employees during this time regardless of whether "you're 140% productive or 40% productive."
Cormier also emphasized he's committed to keeping Red Hat a "totally, totally separate company" from IBM, saying that was agreed upon from the beginning with IBM's new CEO Arvind Krishna. "If we're not independent, then the other cloud guys won't feel safe working with us... Intel, for example, shares their road map, which is super top secret, with us five years in advance, because we have to build the OS to support all their features...." He also noted that Red Hat's finance, legal, communications and human resources teams are all separate from IBM. "IBM doesn't set our road map. We set our road map," he said.

Where the company has seen a lot of success together, though, is in combining sales efforts. In its last earnings call, IBM said Red Hat was seeing an increase in large deals worth more than $10 million after joining IBM. One of them was with Verizon, for example.

Linux malware is real and Advanced Persistent Threat (APT) groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. From a report: In "Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android," security researchers found that these groups have attacked companies around the world and across all industries with goals ranging from simple cybercrime to full-blown economic espionage. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans (RATs) the cybercriminals are using to get and maintain access to Linux servers.

According to the report, the groups appeared to be using WINNTI-style tooling to take aim at Linux servers and remain relatively undetected for almost a decade. These groups are targeting Red Hat Enterprise, CentOS, and Ubuntu Linux environments for espionage and intellectual property theft. The APT groups examined include the original WINNTI GROUP, PASSCV, BRONZE UNION, CASPER (LEAD), and a newly identified group BlackBerry researchers are tracking as WLNXSPLINTER. The BlackBerry researchers think all five groups are working together, given the distinct similarities in their preferred tools, tactics, and procedures.

Microsoft is planning to fully integrate Linux file access into the built-in File Explorer. The Verge reports: A new Linux icon will be available in the left-hand navigation pane in File Explorer, providing access to the root file system for any distros that are installed in Windows 10. The icon that will appear in File Explorer is the famous Tux, the penguin mascot for the Linux kernel. Microsoft is testing the Linux File Explorer integration in a new build of Windows 10 that's available for testers today. Previously, Windows 10 users would have to manually navigate to a UNC path to get access to Linux files from the Windows Subsystem for Linux (WSL). If you have WSL enabled, then the Tux will appear in File Explorer, and Microsoft is now seeking feedback on the integration before it's finalized as part of a future Windows 10 update. The software maker will ship this update to all Windows 10 users later this year.

Microsoft has revealed details about a new project it has been working on for Linux kernel. From a report: Named Integrity Policy Enforcement -- or IPE -- the project is a Linux security module (LSM). LSMs are optional add-ons for the Linux kernel that enable additional security features. According to a documentation page published on Monday, IPE is Microsoft's attempt to solve the code integrity problem for Linux -- an operating system the company broadly uses in its Azure cloud service. On Linux systems where IPE is enabled, system administrators can create a list of binaries that are allowed to execute and then add the verification attributes the kernel needs to check for each binary before allowing it to run. If binaries have been altered by an attacker, IPE can block the execution of the malicious code.

Linux 5.6 "has a bit more changes than I'd like," Linus Torvalds posted on the kernel mailing list, "but they are mostly from davem's networking fixes pulls, and David feels comfy with them. And I looked over the diff, and none of it looks scary..." TechRadar reports that the new changes include support for USB4 and GeForce RTX 2000 series graphics cards with the Nouveau driver: Yes, Turing GPU support has arrived with the open source Nouveau driver, along with the proprietary firmware images, as Phoronix.com reports. However, don't get too excited, as re-clocking doesn't work yet (getting the GPU to operate at stock clocks), and other important pieces of the puzzle are missing (like no Vulkan support with Nouveau). For the unfamiliar, Nouveau is an alternative to Nvidia's proprietary drivers on Linux, and although it remains in a relatively rough state in comparison, it's still good to see things progressing for Linux gamers with one of Nvidia's latest cards in their PC.

Linux 5.6 also introduces fresh elements on the AMD front, with better reset support for Navi and Renoir graphics cards (which helps the GPU recover if it hits a problem)... Another notable move is the introduction of WireGuard support, a newcomer VPN protocol which makes a potentially nifty alternative to OpenVPN.

Linux 5.6 also supports the Amazon Echo speaker, and naturally comes with a raft of other minor improvements...
Linus's post also notes that for the next release's timing they'll "play it by ear... It's not like the merge window is more important than your health, or the health of people around you." But he says he hasn't seen signs that the pandemic could affect its development (other than the possibility of distraction by the news).

"I suspect a lot of us work from home even normally, and my daughter laughed at me and called me a 'social distancing champ' the other day..."

An anonymous reader shares a report: Today, we learn some new details about the upcoming Linux Mint 20. While most of the newly revealed information is positive, there is one thing that is sure to upset many Linux Mint users. First things first, Linux Mint 20 will be based on the upcoming Ubuntu 20.04. This shouldn't come as a surprise, as Mint only uses Long Term Support versions of Ubuntu, and 20.04 will be an LTS. We also now know the name of Linux Mint 20. The Mint team always uses female names, and this time they chose "Ulyana." This is apparently a Russian name meaning "youthful." So far, all of the news is positive, so what exactly will upset some users? The Linux Mint developers are finally dropping 32-bit support and will only produce 64-bit ISOs.

couchslug shares an excerpt from Ars Technica: When software and operating system giant Microsoft announced its support for inclusion of the exFAT filesystem directly into the Linux kernel back in August, it didn't get a ton of press coverage. But filesystem vendor Paragon Software clearly noticed this month's merge of the Microsoft-approved, largely Samsung-authored version of exFAT into the VFS for-next repository, which will in turn merge into Linux 5.7 -- and Paragon doesn't seem happy about it. Yesterday, Paragon issued a press release about European gateway-modem vendor Sagemcom adopting its version of exFAT into an upcoming series of Linux-based routers. Unfortunately, it chose to preface the announcement with a stream of FUD (Fear, Uncertainty, and Doubt) that wouldn't have looked out of place on Steve Ballmer's letterhead in the 1990s.

Linus Torvalds himself "changed around the kernel's pipe code to use exclusive waits when reading or writing," reports Phoronix.

"While this doesn't mean much for traditional/common piping of data, the GNU Make job-server is a big benefactor as it relies upon a pipe for limiting the parallelism" -- especially on high-core-count CPUs.

This drew an interesting follow-up from Slashdot reader rockyb, who was wondering if anyone could verify that GNU Make 4.3 speeds up build times: I updated and released a fork of that called remake which includes hooks to profile a build, and has a complete debugger in it (although most of the time the better tracing that is in there is enough).

The most recent version has a feature though that I really like and use a lot which is adding an option to look in parent directories for a Makefile if none is found in the current directory.

You can download the source code from either github or sourceforge. Both have a full list of the release notes.

Sorry, at the time of this writing no packagers have picked up the newest release. Repology has a list of packages for older versions though.

Today, we get another diminutive desktop option, but this one is designed for Linux and privacy. From a report: Yes, Purism is finally launching a tiny desktop, and it will come pre-installed with the Debian-based PureOS. Called "Librem Mini," the cute bugger has 4 USB-A ports on the front, along with a 3.5mm audio jack, and the power button. On the rear, there are two more USB-A ports, a single USB-C port, Ethernet, HDMI, DisplayPort, and the power port. "Announcing the Purism Librem Mini. Our small form-factor mini-PC that puts freedom, privacy and security first. We're really excited about the Librem Mini, it's a device our community have wanted and we've wanted to offer for some time. The Librem Mini is accessible, small, light and powerful featuring a new 8th gen quad core i7 processor, up to 64 GB of fast DDR4 memory and 4k 60 fps video playback. It's a desktop for your home or oïfce, a media center for your entertainment, or an expandable home server for your files and applications," says Purism.

ZDNet reports that there'll be some changes in Microsoft's second version of the Windows Subsystem for Linux, WSL2: Microsoft has decided to remove the Linux kernel from the Windows OS image with WSL2. Instead, the company will deliver it to users' machines using Windows Update. Users will be able to manually check for new kernel updates by clicking the "Check for Updates" button or by waiting for Windows to do this automatically. "Our end goal is for this change to be seamless, where your Linux kernel is kept up to date without you needing to think about it. By default this will be handled entirely by Windows, just like regular updates on your machine," said Microsoft Program Manager Craig Loewen in a blog post today outlining the coming change...

When Microsoft first introduced WSL in Windows 10 in 2016 WSL was more of an Linux interface at that point designed in partnership with Canonical. But Microsoft has been busy rearchitecting WSL with WSL 2 so that it actually will provide a Microsoft-written Linux kernel running in a lightweight virtual machine that's based on the subset of Hyper V. Users can put basically any Linux distribution of their choice on that kernel.
Engadget reports that the new version "should load and run faster, with reduced memory consumption to free up your RAM for other tasks." And they also speculate about Microsoft's motivations.

"Now that Microsoft is less dependent on Windows sales and more on services like Azure, it benefits when it treats Linux like a first-class citizen."

bobthesungeek76036 writes: COVID-19 has another victim: RedHat has cancelled this year's Summit event in San Francisco and it will now be a virtual event. "We are taking this precautionary measure after closely monitoring developments with coronavirus (COVID-19) and guidance from the CDC, WHO, and other health authorities," reads a statement on Red Hat's website. "We know you have questions, and we will continue to share answers as they become available. Stay tuned to the Red Hat blog for additional information."

The free, multi-day, virtual event will take place April 28-29, 2020. Attendees who were registered for Red Hat Summit will automatically be registered for Red Hat Summit Virtual Experience at no charge. Those who registered will also have the option to either roll over their pass to Red Hat Summit 2021 or receive a refund.

Brian Fagioli, writing for BetaNews: The Raspberry Pi line has provided great little Linux computers to nerds -- its low price and small size makes it ideal for tinkering and doing projects. But also, the device has proven to be a solid media device, wonderful for watching videos and emulating classic video games. In other words, it has been a very versatile computer, serving as many things to many people. With the release of the Raspberry Pi 4, however, it finally became powerful enough to serve as a true desktop computer. By installing a Linux distribution, some people can use it for day-to-day computer use, such as web browsing, playing media, and word processing. Unfortunately, the $35 base model came with a paltry 1GB of RAM. Today, this changes, as the company has dropped the price of the 2GB version to $35, effectively doubling the memory for the base model.

January 19, 2038 is for Linux what Y2K was for mainframe and PC computers in 2000, reports ZDNet. It's the day that the value for time "runs out of numbers" and, in the case of 32-bit Unix-based operating systems like Linux and older versions of macOS, "starts counting time with negative numbers..."

"But the fixes are underway to make sure all goes well when that fatal time rolls around." nickwinlund77 shared their report: Linux developers have seen this coming for decades. So, Linux kernel developer Arnd Bergmann and others have been working on a repair. These corrections are now in the forthcoming Linux 5.6 kernel. Bergmann explained, "Linux-5.6, or my backport of the patches to 5.4, should be the first release that can serve as a base for a 32-bit system designed to run beyond year 2038."

There are some caveats:

- All user space must be compiled with a 64-bit time_t, which will be supported in the coming musl-1.2 and glibc-2.32 releases, along with installed kernel headers from Linux-5.6 or higher.

- Applications that use the system call interfaces directly need to be ported to use the time64 syscalls added in Linux-5.1 in place of the existing system calls.

- Applications that use a private copy of kernel uapi header files or their contents may need to update to the Linux-5.6 version.

- A few remaining interfaces cannot be changed to pass a 64-bit time_t in a compatible way, so they must be configured to use CLOCK_MONOTONIC times...

After we fix this, we won't have to worry about 64-bit Linux running out of seconds until 15:30:08 GMT Sunday, December 4, 29,227,702,659. Personally, I'm not going to worry about that one.

The UK's National Crime Agency (NCA) has publicly said it has nothing to do with a misleading poster designed to put fear into the hearts of parents and urge them to call the police if their children are using Kali Linux. From a report: The poster, made public by Twitter user @G_IW, has reportedly been distributed by local authorities on behalf of the West Midlands Regional Organised Crime Unit (WMROCU). It appears the creators of the poster are aiming to inform parents of what dubious software to look out for if they suspect their children are up to no good on the computer. While a good and reasonable intention, the disinformation on the poster, as described by @G_IW, is "staggering." Virtual machines, the Tor Browser, Kali Linux, WiFi Pineapple, Discord, and Metasploit are all deemed terrible finds and the poster urges parents to call the cops "so we can give advice and engage them into positive diversions."

jrepin writes: The KDE community today announced the release of Plasma 5.18. This version of the popular desktop environment is the latest long-term supported release and brings an emoji selector, user feedback capabilities, a global edit mode, and improvements to System Settings, the Discover software manager, widgets, GTK integration and much more. The full Plasma 5.18.0 changelog is available here.

An anonymous reader quotes a report from ZDNet: In May 2019, South Korea's Interior Ministry announced plans to look into switching to the Linux desktop from Windows. It must have liked what it saw. According to the Korean news site Newsis, the South Korean Ministry of Strategy and Planning has announced the government is exploring moving most of its approximately 3.3 million Windows computers to Linux. The reason for this is simple. It's to reduce software licensing costs and the government's reliance on Windows. As Choi Jang-hyuk, the head of the Ministry of Strategy and Finance, said, "We will resolve our dependency on a single company while reducing the budget by introducing an open-source operating system."

How much? South Korean officials said it would cost 780 billion won (about $655 million) to move government PCs from Windows 7 to Windows 10. [...] Windows will still have a role to play for now on South Korean government computers. As the Aju Business Daily, a South Korean business news site, explained: Government officials currently use two physical, air-gapped PCs. One is external for internet use, and the other is internal for intranet tasks. Only the external one will use a Linux-based distro. Eventually, by 2026, most civil servants will use a single Windows-powered laptop. On that system, Windows will continue to be used for internal work, while Linux will be used as a virtual desktop via a Linux-powered cloud server. This looks to eventually end up as a Desktop-as-a-Service (DaaS) model. The report notes that the Ministry of National Defense and National Police Agency are already using the Ubuntu Linux 18.04 LTS-based Harmonica OS 3.0.

"Meanwhile, the Korean Postal Service division is moving to TMaxOS," reports ZDNet. "The Debian Linux-based South Korean Gooroom Cloud OS is also being used by Defense and the Ministry of Public Administration and Security."

An anonymous reader quotes TechRadar: Intel's Clear Linux distribution looks like it could be the best operating system to run on cheap AMD hardware, with benchmarks showing it outperforms Windows 10 and Ubuntu on a $199 laptop with a budget AMD Ryzen 3200U processor. The Phoronix website ran a series of benchmarks on a super-cheap AMD laptop from Walmart, and found that Intel Clear Linux beat popular Linux distros Fedora and Ubuntu for 78% of the tests.

Not only is it remarkable that a relatively unknown Linux distro is so easily outperforming established operating systems, the fact that Intel is the company behind the distro is particularly ironic. As you can imagine, Clear Linux is optimized for Intel processors, but it seems like it works brilliantly on AMD hardware as well.

In 2017 Elementary OS built a pay-what-you-want app store -- funded with $10,000 raised on IndieGogo. Now they're trying to raise another $10,000 for a one-week, in-person sprint in Denver, Colorado, Forbes reports, to upgrade the store while bringing an even grander concept to reality: That concept comprises 4 main goals:

- Enable open source developers to monetize their apps on every other Linux distribution

- Empower developers to ship apps with cutting-edge technologies

- Improve privacy, security, and stability

- Streamline the payments process

On the technical side of things, the team plans to rebuild AppCenter's backend from the ground up to enable newer technologies developers are asking for, and they're rallying behind the Flatpak packaging format to get it done. They've already been collaborating with the FlatHub team, and plan to bring in developers from Endless and GNOME to ensure that "our solution can be reused and improved by other Flatpak stores and the greater open source desktop ecosystem."
For a donation of $10, "you'll have your name immortalized in the AppCenter code on GitHub," explains a promotional video. (There's already 70 backers who have claimed this perk.) In fact, "Less than 8 hours ago we launched #AppCenterForEveryone, and we're 50% funded," announced an update Friday on Twitter. The campaign's web page shared this note of appreciation.

"With your support, we'll be able to accelerate the timeline on adopting cutting edge technology and making an even more competitive Open Source operating system and a compelling foundation for all Flatpak stores."

Phoronix's Michael Larabel is doing some performance testing on Walmart's $199 Motile-branded M141 laptop (which has an AMD Ryzen 3 3200U processor, Vega 3 graphics, 4GB of RAM, and a 14-inch 1080p display).

But first he compared the performance of its pre-installed Windows 10 OS against the forthcoming Ubuntu 20.04 LTS Linux distribution.

Some highlights: - Java text rendering performance did come out much faster on Ubuntu 20.04 with this Ryzen 3 3200U laptop...

- The GraphicsMagick imaging program tended to run much better on Linux, which we've seen on other systems in the past as well.

- Intel's Embree path-tracer was running faster on Ubuntu...

- Various video benchmarks were generally favoring Ubuntu for better performance though I wouldn't recommend much in the way of video encoding from such a low-end device...

- The GIMP image editing software was running much faster on Ubuntu 20.04 in its development state than GIMP 2.10 on Windows 10...

- Python 3 performance is still much faster on Linux than Windows.

- If planning to do any web/LAMP development from the budget laptop and testing PHP scripts locally, Ubuntu's PHP7 performance continues running much stronger than Windows 10. - Git also continues running much faster on Linux.
Their conclusion? "Out of 63 tests ran on both operating systems, Ubuntu 20.04 was the fastest... coming in front 60% of the time." (This sounds like 38 wins for Ubuntu versus 25 wins for Windows 10.)

"If taking the geometric mean of all 63 tests, the Motile $199 laptop with Ryzen 3 3200U was 15% faster on Ubuntu Linux over Windows 10."

This week a remotely-exploitable vulnerability (granting root privileges) was discovered in OpenSMTPD (OpenBSD's implementation of server-side SMTP).

ZDNet notes that the library's "portable" version "has also been incorporated into other OSes, such as FreeBSD, NetBSD, and some Linux distros, such as Debian, Fedora, Alpine Linux, and more." To exploit this issue, an attacker must craft and send malformed SMTP messages to a vulnerable server... OpenSMTPD developers have confirmed the vulnerability and released a patch earlier Wednesday -- OpenSMTPD version 6.6.2p1...

The good news is that the bug was introduced in the OpenSMTPD code in May 2018 and that many distros may still use older library versions, not affected by this issue. For example, only in-dev Debian releases are affected by this issue, but not Debian stable branches, which ship with older OpenSMTPD versions.

Technical details and proof of concept exploit code are available in the Qualys CVE-2020-7247 security advisory.
Hackaday has a more detailed description of the vulnerability, while the Register looks at the buggy C code.

Interestingly, Qualys researchers exploited this vulnerability using a technique from the Morris Worm of 1988.

Tech pundit Robert X. Cringely has been sharing technology predictions every January for over two decades -- and he made another big one on Friday: IBM has three divisions — Global Technology Services (GTS), Global Business Services (GBS), and Red Hat. GTS is the legacy IT business, GBS is the professional services business invented by Lou Gerstner to save IBM the last time it was in huge trouble, and Red Hat is Linux. GTS — that part of IBM most of us still think of as IBM — will probably be sold by summer. Either it will go to private equity (depends on the total debt load) or it will be sold to HPE or maybe to Oracle. Either way, it's not a likely success story, but [current CEO Ginni] Rometty has no real choice. IBM is, at this point, smoke, mirrors, and buybacks. The GTS windfall will land in Ginni's final quarter, juicing her payout, which might be the major point of the deal...

IBM's new CEO is Arvind Krishna, formerly head of the Cognitive Computing unit — IBM's cloud guy. Except Cognitive Computing was never really cloud. Cognitive has been a mishmash of cloud, supported by revenue streams that are anything but cloud. It's cloud in name only and will be the part that goes next summer, possibly with Mr. Krishna still at its head.

The next chairman of IBM after Rometty will be current Red Hat CEO Jim Whitehurst. If Whitehurst is as smart as I think he is, he started yesterday looking for a new job. It's not that he really intends to leave, but as the next savior of IBM, Ginni et al will pay anything to keep him. Cut your new deal now, Jim, while demand is greatest....Whitehurst will turn IBM into Red Hat, which will take HQ to North Carolina and mean most of the remaining GBS staff will be gone in a year...

It still won't save IBM. They'll go down in the coming year or two along with the rest of the industry we used to call IT...

Let's just say that IBM's loss is AWS's gain.

"The WireGuard VPN protocol will be included into the next Linux kernel as Linus Torvalds has merged it into his source tree for version 5.6," reports TechRadar:
While there are many popular VPN protocols such as OpenVPN, WireGuard has made a name for itself by being easy to configure and deploy as SSH... The WireGuard protocol is a project from security researcher and kernel developer Jason Donenfeld who created it as an alternative to both IPsec and OpenVPN. Since the protocol consists of around just 4,000 lines of code as opposed to the 100,000 lines of code that make up OpenVPN, it is much easier for security experts to review and audit for vulnerabilities.

While WireGuard was initially released for the Linux kernel, the protocol is now cross-platform and can be deployed on Windows, macOS, BSD, iOS and Android.
Ars Technica notes that with Linus having merged WireGuard into the source tree, "the likelihood that it will disappear between now and 5.6's final release (expected sometime in May or early June) is vanishingly small." WireGuard's Jason Donenfeld is also contributing AVX crypto optimizations to the kernel outside the WireGuard project itself. Specifically, Donenfeld has optimized the Poly1305 cipher to take advantage of instruction sets present in modern CPUs. Poly1305 is used for WireGuard's own message authentication but can be used outside the project as well — for example, chacha20-poly1305 is one of the highest-performing SSH ciphers, particularly on CPUs without AES-NI hardware acceleration.

Other interesting features new to the 5.6 kernel will include USB4 support, multipath TCP, AMD and Intel power management improvements, and more.

An anonymous reader writes: IBM named Arvind Krishna as chief executive officer, replacing longtime CEO Virginia Rometty. Krishna, 57, is currently the head of IBM's cloud and cognitive software unit and was a principal architect of the company's purchase of Red Hat, which was completed last year. Rometty, 62, will continue as executive chairman and serve through the end of the year, when she will retire after almost 40 years with the company, IBM said in a statement Thursday. The shares rose about 5% in extended trading.

Since becoming IBM's first female CEO in 2012, Rometty had bet the company's future on the market for hybrid cloud, which allows businesses to store data on both private and public cloud networks run by rivals such as AmazonWebServices and Microsoft Corp.'s Azure. By then Big Blue, once the world leader in technology, had lagged behind competitors for years after largely missing the initial cloud revolution under her predecessor, Sam Palmisano. The announcement comes as a "welcome and overdue leadership change," said Wedbush Securities analyst Moshe Katri. "At least that's how we're looking at it -- and obviously the market seems to agree." "Krishna, her successor, was the mastermind behind the Red Hat deal. He proposed the acquisition to Rometty and the board, suggesting hybrid cloud is the company's best bet for future growth," adds Bloomberg. "He has led the development of many of IBM's newer technologies like artificial intelligence, cloud and quantum computing."

"Prior to IBM adopting its hybrid multi-cloud strategy, the company had a walled-garden approach to cloud computing, largely focusing on its own services. Krishna spearheaded IBM's shift toward hybrid, prompting the company to work with rival providers rather than compete against them."

Slashdot reader celest adds: In case there were still any doubts that IBM is turning into Red Hat, not the other way around, Red Hat CEO Jim Whitehurst has just been named President of IBM. (Full disclosure: I'm the open-source strategy guy at IBM Canada).
While he was CEO of Red Hat, Jim Whitehurst answered questions from Slashdot's readers.

jrepin writes: Linus Torvalds has announced Linux 5.5 release, codenamed as Kleptomaniac Octopus.The latest version of the open source operating system kernel brings RAID1 with 3- and 4- copies to btrfs filesystem, ext4 gets direct I/O via iomap together with fscrypt supporting smaller block sizes, and you can now use SMB as root filesystem. AMD OverDrive overclocking is now supported on Navi GPUS, wake-on-voice on newer Google Chromebooks is now supported. Added was a Logitech keyboard driver. KUnit is a new unit testing framework for the kernel. There are many more new features which you can read about on Kernel Newbies changelog page. For downloads visit The Linux Kernel Archives.

Long-time Slashdot reader Motor writes: Rocket League — a very popular multiplayer game — will no longer "be patched" for Linux and the Mac after March — say the publisher, Psyonix...

The publishers say it's motivated by the need to support unspecified "new technologies".

Thanks Psyonix.
The announcement says their final patch "will disable online functionality (such as in-game purchases) for players on macOS and Linux, but offline features including Local Matches, and splitscreen play will still be accessible."

"Players on Mac can try running Rocket League on Windows with Apple's Boot Camp tool," explains a support page, while adding in the next sentence that "Boot Camp is not something Psyonix officially supports." And if you play Rocket League on Linux, "you can try Steam's Proton app or Wine. These tools are not officially supported by Psyonix."

The support page also includes instructions on how to request a refund.

Slashdot reader PrimeGoat has used Linux for 20 years, "10 of which were during my career as a Linux sysadmin..."

"However, there's more to being a sysadmin than just knowing how to use Linux." There are best practices that evolve, new methods of doing things and new software that constantly comes out and evolves. This is where my challenge comes. In 2012 I stopped my career as a Linux sysadmin... There's a lot of stuff that I missed out on. I'm wondering what I should do to refresh my skills and to catch up on what I've missed?

An obvious solution would be to get a job as a sysadmin again, but this probably isn't going to happen, as I'm changing my trajectory. I'm currently training to become a fullstack web developer, but still have a need to update my sysadmin skills and keep them fresh... Any suggestions on what actions to take on my own to catch up and keep fresh?
Leave your thoughts in the comments. What's the best way to refresh both your Linux and sysadmin skills?

An anonymous reader quotes a report from BleepingComputer: Wine 5.0 has been released today and contains over 7,400 bug fixes and numerous audio and graphics improvements that will increase performance in gaming on Linux. With the release of Wine 5.0, WineHQ hopes to resolve many of these issues, with the main improvements being:

-Builtin modules in PE format: To make games think Wine is a real Windows environment, most Wine 5.0 modules have been converted into the PE format rather than ELF binaries. It is hoped that this will allow copy-protection and anti-cheat programs to not flag games running under Wine as being modified.
-Multi-monitor support: Multiple displays adapters and multi-monitor configurations are now supported under Wine.
-XAudio2 reimplementation: XAudio2 libraries have been added back to Wine and will use the FAudio library for better compatibility.
-Vulkan 1.1 support: "The Vulkan driver supports up to version 1.1.126 of the Vulkan spec." Here are the release notes, download locations for the binary packages (when available) and source.

You can buy an official Kubuntu laptop. Called "Focus". It is an absolutely powerhouse with top specs. From a report: Here's the specs list:
CPU: Core i7-9750H 6c/12t 4.5GHz Turbo
GPU: 6GB GTX-2060
RAM: 32GB Dual Channel DDR4 2666 RAM
Storage: 1TB Samsung 970 EVO Plus NVMe
Display: 16.1" matte 1080p IPS
Keyboard: LED backlit, 3-4mm travel
User expandable SDD, NVMe, and RAM
Superior cooling
The starting price for the Kubuntu Focus Laptop is $2395.

Ars Technica recently ran a rebuttal by author, podcaster, coder, and "mercenary sysadmin" Jim Salter to some comments Linus Torvalds made last week about ZFS.

While it's reasonable for Torvalds to oppose integrating the CDDL-licensed ZFS into the kernel, Salter argues, he believes Torvalds' characterization of the filesystem was "inaccurate and damaging."
Torvalds dips into his own impressions of ZFS itself, both as a project and a filesystem. This is where things go badly off the rails, as Torvalds states, "Don't use ZFS. It's that simple. It was always more of a buzzword than anything else, I feel... [the] benchmarks I've seen do not make ZFS look all that great. And as far as I can tell, it has no real maintenance behind it any more..."

This jaw-dropping statement makes me wonder whether Torvalds has ever actually used or seriously investigated ZFS. Keep in mind, he's not merely making this statement about ZFS now, he's making it about ZFS for the last 15 years -- and is relegating everything from atomic snapshots to rapid replication to on-disk compression to per-block checksumming to automatic data repair and more to the status of "just buzzwords."

[The 2,300-word article goes on to describe ZFS features like per-block checksumming, automatic data repair, rapid replication and atomic snapshots -- as well as "performance wins" including its Adaptive Replacement caching algorithm and its inline compression (which allows datasets to be live-compressed with algorithms.]

The TL;DR here is that it's not really accurate to make blanket statements about ZFS performance, absent a very particular, well-understood workload to measure that performance on. But more importantly, quibbling about the fastest possible benchmark rather loses the main point of ZFS. This filesystem is meant to provide an eminently scalable filesystem that's extremely resistant to data loss; those are points Torvalds notably never so much as touches on....

Meanwhile, OpenZFS is actively consumed, developed, and in some cases commercially supported by organizations ranging from the Lawrence Livermore National Laboratory (where OpenZFS is the underpinning of some of the world's largest supercomputers) through Datto, Delphix, Joyent, ixSystems, Proxmox, Canonical, and more...

It's possible to not have a personal need for ZFS. But to write it off as "more of a buzzword than anything else" seems to expose massive ignorance on the subject... Torvalds' status within the Linux community grants his words an impact that can be entirely out of proportion to Torvalds' own knowledge of a given topic -- and this was clearly one of those topics.