FSGSBASE support in Linux "has the possibility of helping Intel/AMD CPU performance especially in areas like context switching that had been hurt badly by Spectre/Meltdown and other CPU vulnerability mitigations largely on the Intel side," Phoronix wrote back in August. As it started its journey into the kernel, they provided a preview on August 10: The FSGSBASE support that was finally mainlined a few days ago for Linux 5.9 is off to providing a nice performance boost for both Intel and AMD systems... FSGSBASE support for the Linux kernel has been around a half-decade in the making and finally carried over the finish line by one of Microsoft's Linux kernel engineers...

FSGSBASE particularly helps out context switching heavy workloads like I/O and allowing user-space software to write to the x86_64 GSBASE without kernel interaction. That in turn has been of interest to Java and others...On Linux 5.9 where FSGSBASE is finally mainlined, it's enabled by default on supported CPUs. FSGSBASE can be disabled at kernel boot time via the "nofsgsbase" kernel option.
Today on the Linux kernel mailing list, Linus Torvalds announced the release of Linux 5.9: Ok, so I'll be honest - I had hoped for quite a bit fewer changes this last week, but at the same time there doesn't really seem to be anything particularly scary in here. It's just more commits and more lines changed than I would have wished for.
And Phoronix reported: Linux 5.9 has a number of exciting improvements including initial support for upcoming Radeon RX 6000 "RDNA 2" graphics cards, initial Intel Rocket Lake graphics, NVMe zoned namespaces (ZNS) support, various storage improvements, IBM's initial work on POWER10 CPU bring-up, the FSGSBASE instruction is now used, 32-bit x86 Clang build support, and more. See our Linux 5.9 feature overview for the whole scoop on the many changes to see with this kernel.

Following up on speculation from Eric Raymond and ZDNet contributing editor Steven J. Vaughan-Nichols, open source advocate Jack Wallen imagines what would happen if Microsoft just switched over altogether from Windows to a Linux distro named "Microsoft Linux": A full-on Linux distribution released by Microsoft would mean less frustration for all involved. Microsoft could shift its development efforts on the Windows 10 desktop to a desktop that would be more stable, dependable, flexible, and proven. Microsoft could select from any number of desktops for its official flavor: GNOME, KDE, Pantheon, Xfce, Mint, Cinnamon... the list goes on and on. Microsoft could use that desktop as is or contribute to it and create something that's more in-line with what its users are accustomed to...

[U]sers would very quickly learn what it's like to work on a desktop computer and not have to deal with the daily frustrations that come with the Windows operating system. Updates are smoother and more trustworthy, it's secure, and the desktop just makes more sense. Microsoft has been doing everything in its power to migrate users from the standard client-based software to cloud and other hosted solutions, and its software cash cow has become web-centric and subscription-based. All of those Linux users could still work with Microsoft 365 and any other Software as a Service (SaaS) solution it has to offer — all from the comfort and security of the Linux operating system...

If Microsoft plays its cards right, the company could re-theme KDE or just about any Linux desktop in such a way that it's not all that different from the Windows 10 interface. Lay this out right, and consumers might not even know the difference — a "Windows 11" would simply be the next evolution of the Microsoft desktop operating system. Speaking of winning, IT pros would spend less time dealing with viruses, malware, and operating system issues and more time on keeping the network (and the servers powering that network) running and secure... Microsoft would be seen as finally shipping an operating system worthy of the consumer; the consumer would have a desktop operating system that didn't deliver as many headaches as it did moments of actual productivity and joy; and the Linux community would finally dominate the desktop.

Last week open-source advocate Eric S. Raymond argued Microsoft was quietly switching over to a Linux kernel that emulates Windows. "He's on to something," says ZDNet's contributing editor Steven J. Vaughan-Nichols: I've long thought that Microsoft was considering migrating the Windows interface to running on the Linux kernel. Why...? [Y]ou can run standard Linux programs now on WSL2 without any trouble.

That's because Linux is well on its way to becoming a first-class citizen on the Windows desktop. Multiple Linux distros, starting with Ubuntu, Red Hat Fedora, and SUSE Linux Enterprise Desktop (SLED), now run smoothly on WSL2. That's because Microsoft has replaced its WSL1 translation layer, which converted Linux kernel calls into Windows calls, with WSL2. With WSL2 Microsoft's own Linux kernel is running on a thin version of the Hyper-V hypervisor. That's not all. With the recent Windows 10 Insider Preview build 20211, you can now access Linux file systems, such as ext4, from Windows File Manager and PowerShell. On top of that, Microsoft developers are making it easy to run Linux graphical applications on Windows...

[Raymond] also observed, correctly, that Microsoft no longer depends on Windows for its cash flow but on its Azure cloud offering. Which, by the way, is running more Linux instances than it is Windows Server instances. So, that being the case, why should Microsoft keep pouring money into the notoriously trouble-prone Windows kernel — over 50 serious bugs fixed in the last Patch Tuesday roundup — when it can use the free-as-in-beer Linux kernel? Good question. He thinks Microsoft can do the math and switch to Linux.

I think he's right. Besides his points, there are others. Microsoft already wants you to replace your existing PC-based software, like Office 2019, with software-as-a-service (SaaS) programs like Office 365. Microsoft also encourages you to move your voice, video, chat, and texting to Microsoft's Azure Communication Services even if you don't use Teams. With SaaS programs, Microsoft doesn't care what operating system you're running. They're still going to get paid whether you run Office 365 on Windows, a Chromebook, or, yes, Linux.

I see two possible paths ahead for Windows. First, there's Linux-based Windows. It simply makes financial sense. Or, the existing Windows desktop being replaced by the Windows Virtual Desktop or other Desktop-as-a-Service (DaaS) offerings.... Google chose to save money and increase security by using Linux as the basis for Chrome OS. This worked out really well for Google. It can for Microsoft with — let's take a blast from the past — and call it Lindows as well.

"POSIX has been the standard file system interface for Unix-based systems (which includes Linux) since its launch more than 30 years ago," writes Enterprise Storage Forum, noting the POSIX-compliant Lustre file system "powers most supercomputers."

Now Slashdot reader storagedude writes: POSIX has scalability and performance limitations that will become increasingly important in data-intensive applications like deep learning, but until now it has retained one key advantage over the infinitely scalable object storage: the ability to process data in memory. That advantage is now gone with the new mmap_obj() function, which paves the way for object storage to become the preferred approach to Big Data applications.
POSIX features like statefulness, prescriptive metadata, and strong consistency "become a performance bottleneck as I/O requests multiply and data scale..." claims the article.

"The mmap_obj() developers note that one piece of work still needs to be done: there needs to be a munmap_obj() function to release data from the user space, similar to the POSIX function."

ZDNet reports: At the Microsoft Build 2020 virtual developers' conference, CEO Satya Nadella announced that Windows Subsystem for Linux (WSL) 2.0 would soon support Linux GUIs and applications. That day is closer now than ever before. At the recent X.Org Developers Conference, Microsoft partner developer lead Steve Pronovost revealed that Microsoft has made it possible to run graphical Linux applications within WSL.

It's always been possible to run Linux graphical programs such as the GIMP graphics editor, Evolution e-mail client, and LibreOffice on WSL. But it wasn't easy. You had to install a third-party X Window display server, such as the VcXsrv Windows X Server in Windows 10, and then do some tuning with both Windows and Linux to get them to work together smoothly. The X Window System underlies almost all Linux graphical user interfaces. Now, Microsoft has ported a Wayland display server to WSL. Wayland is the most popular X Window compatible server. In WSL2, it connects the graphical Linux applications via a Remote Desktop Protocol (RDP) connection to the main Windows display. This means you can run Linux and Windows GUI applications simultaneously on the same desktop screen....

Craig Loewen, Microsoft WSL Program Manager, added in a Twitter thread that the key differences between using a third-party X server and the built-in Wayland server is that: "You don't need to start up or start the server, we'll handle that for you." In addition, it comes with "Lovely integration with Windows," such as drop shadows and Linux icon support. Loewen also said you can run a Linux web browser in it. "We haven't tested it extensively with a full desktop environment yet, as we want to focus on running often asked for apps first, and primarily IDEs [integrated development environment] so you can run those in a full Linux environment," he said.

Don't get too excited about it just yet, though. Loewen continued, "We don't yet have an ETA for the beta channel, however, this work will be available in general for Insiders to try within the next couple of months."

An anonymous reader writes: Linux fans, Ubuntu 20.10 "Groovy Gorilla" Beta is now available for download. This doesn't just include the "vanilla" GNOME version either, but other variants like Kubuntu and Xubuntu as well. "20.10, codenamed 'Groovy Gorilla,' continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, introducing new features and fixing bugs," explains Åukasz Zemczak, Canonical.

Hobbyist developers are trying once again to get a Motorola 68000 back-end merged into the upstream LLVM compiler. Phoronix reports: The Motorola 68000 series processors have been around since the 80's thanks to the likes of the early Apple Macintosh computers. Fast forward to 2020, the Motorola 68000 is still a popular target for vintage computer enthusiasts and hobbyists. Community developers have worked on improving the Linux kernel support for M68k hardware like early Apple Powerbooks as recently as a few years ago and the compiler support is a continued target. GCC 11 due out next year was looking to drop the M68k target over its unmaintained status. Hobbyists though stepped up there so the M68k support will remain in GCC. Now developers are also looking at adding M68k support to the LLVM compiler.

This isn't the first time that M68k support for LLVM has been brought up albeit never successfully landed to date. Building off the past failures to get the Motorola 68000 series support upstreamed, developers last week sent out new patches proposing this back-end -- this time they are showing more clarity about the developers involved and being committed to supporting the code, the sustainability of the code, and responding quickly to code review comments. This patch series is the latest attempt at upstreaming Motorola 68000 series support in LLVM. Besides all the back-end specific code there is also some common LLVM code changes that fall under greater scrutiny.

The Xen Project has ported its hypervisor to the 64-bit Raspberry Pi 4. The Register reports: The idea to do an official port bubbled up from the Xen community and then reached the desk of George Dunlap, chairman of the Xen Project's Advisory Board. Dunlap mentioned the idea to an acquaintance who works at the Raspberry Pi Foundation, and was told that around 40 percent of Pis are sold to business users rather than hobbyists. With more than 30 million Arm-based Pis sold as of December 2019, and sales running at a brisk 600,000-plus a month in April 2020, according to Pi guy Eben Upton, Dunlap saw an opportunity to continue Xen's drive towards embedded and industrial applications.

Stefano Stabellini, who by day works at FPGA outfit Xilinx, and past Apache Foundation director Roman Shaposhnik took on the task of the port. The pair clocked that the RPi 4's system-on-chip used a regular GIC-400 interrupt controller, which Xen supports out of the box, and thought this was a sign this would, overall, be an easy enough job. That, the duo admitted, was dangerous optimism. Forget the IRQs, there was a whole world of physical and virtual memory addresses to navigate. The pair were "utterly oblivious that we were about to embark on an adventure deep in the belly of the Xen memory allocator and Linux address translation layers," we're told. [The article goes on to explain the hurdles that were ahead of them.]

"Once Linux 5.9 is out, we will have Xen working on RPi4 out of the box," the pair said. [...] Stefano Stabellini told The Register that an official Xen-on-RPi port will make a difference in the Internet-of-Things community, because other Arm development boards are more costly than the Pi, and programmers will gravitate towards a cheaper alternative for prototyping. He also outlined scenarios, such as a single edge device running both a real-time operating system alongside another OS, each dedicated to different tasks but inhabiting the same hardware and enjoying the splendid isolation of a virtual machine rather than sharing an OS as containers. George Dunlap also thinks that an official Xen-on-RPi port could also be of use to home lab builders, or perhaps just give developers a more suitable environment for their side projects than a virtual machine or container on their main machines. Stay tuned to Project EVE's Github page for more details about how to build your own Xen-for-RPi. Hacks to get it up and running should also appear on the Xen project blog.

The Linux Foundation has announced that its free Introduction to Linux training course on edX has surpassed one million enrollments. The course helps students develop a good working knowledge of Linux using both the graphical interface and command line across the major Linux distribution families. No prior knowledge or experience is required, making the course a popular first step for individuals interested in pursuing a career in IT.

Introduction to Linux has helped countless individuals launch their IT careers. Jules Bashizi Irenge for example, completed the course then proceeded to intermediate Essentials of System Administration training and received a Linux Foundation Certified SysAdmin (LFCS) certification, and now is a PhD candidate who has contributed over 200 patches to the Linux kernel. Fabian Pichardo also followed the introductory course with Essentials of System Administration and LFCS, and now is employed full time as a software developer.

"To have introduced over a million individuals to Linux is a tremendous milestone," said Linux Foundation Executive Director Jim Zemlin. "One of our primary goals is to bring more talent into the open source community, and offering free, high quality training that is accessible to anyone who wants it is essential to achieving that goal...."

The Linux Foundation has been an incredible partner of edX for the past six years, bringing dozens of courses in high-tech and in-demand fields to our platform of 34 million learners," said Anant Agarwal, edX Founder and CEO. "Introduction to Linux, their very first offering, has been a true blockbuster - it's one of our top 10 most popular courses of all time. We're thrilled to congratulate Linux Foundation on reaching 1 million enrollments and look forward to bringing accessible high-tech education to countless more learners, together."

Introduction to Linux remains open for new enrollments. There is no cost to complete the course, and verified certificates of completion are available for $99. The Linux Foundation offers two dozen free training courses on open source projects including Linux, Kubernetes, Hyperledger, and more in partnership with edX.

"More top-tier computer OEMs are now offering a broad assortment of Linux desktops," reports ZDNet.

"In the latest move, Lenovo, currently the top PC vendor in the world according to Gartner, will roll Ubuntu Linux 20.04 LTS out across 30 of Lenovo's ThinkPads and ThinkStations..." While Lenovo started certifying most of its laptop and PC line on the top Linux distributions since June 2020, this is a much bigger step. Now, instead of simply acknowledging its equipment will be guaranteed to run Linux, Lenovo's selling Ubuntu Linux-powered hardware to ordinary Joe and Jane users.

Previously, you could only buy most of these machines if you were a business and had specified you wanted Ubuntu on a customized bid. Now, nearly 30 Ubuntu-loaded devices will now be available for purchase via Lenovo.com. These include 13 ThinkStation and ThinkPad P Series Workstations and an additional 14 ThinkPad T, X, X1, and L series laptops, all with the 20.04 LTS version of Ubuntu...

No one's predicting a "Year of the Linux desktop." Companies such as Dell and Lenovo aren't predicting such a game-changing event, but they're selling largely to enterprise companies, which have seen the virtues of using high-end Linux desktops for powerful, forward-looking technologies such as AI, ML, containers, and cloud-native computing.
"Our announcement of device certification in June was a step in the right direction to enable customers to more easily install Linux on their own," explains Lenovo's vice president of PCSD software and cloud — but now they're going even further.

"Our goal is to remove the complexity and provide the Linux community with the premium experience that our customers know us for. This is why we have taken this next step to offer Linux-ready devices right out of the box."

Most of Microsoft's money now comes from its cloud service Azure, points out open-source advocate Eric S. Raymond. Now he posits a future where Windows development will "inevitably" become a drag on Microsoft's business: So, you're a Microsoft corporate strategist. What's the profit-maximizing path forward given all these factors? It's this: Microsoft Windows becomes a Proton-like emulation layer over a Linux kernel, with the layer getting thinner over time as more of the support lands in the mainline kernel sources. The economic motive is that Microsoft sheds an ever-larger fraction of its development costs as less and less has to be done in-house. If you think this is fantasy, think again. The best evidence that it's already the plan is that Microsoft has already ported Edge to run under Linux. There is only one way that makes any sense, and that is as a trial run for freeing the rest of the Windows utility suite from depending on any emulation layer.

So, the end state this all points at is: New Windows is mostly a Linux kernel, there's an old-Windows emulation over it, but Edge and the rest of the Windows user-land utilities don't use the emulation. The emulation layer is there for games and other legacy third-party software. Economic pressure will be on Microsoft to deprecate the emulation layer... Every increment of Windows/Linux convergence helps with that — reduces administration and the expected volume of support traffic.

Eventually, Microsoft announces upcoming end-of-life on the Windows emulation. The OS itself , and its userland tools, has for some time already been Linux underneath a carefully preserved old-Windows UI. Third-party software providers stop shipping Windows binaries in favor of ELF binaries with a pure Linux API...

...and Linux finally wins the desktop wars, not by displacing Windows but by co-opting it. Perhaps this is always how it had to be.

Long-time Slashdot reader Bismillah quotes iTnews: A software engineer in Melbourne is whiling away the city's lockdown by creating a tool that DOS users so far have lacked: an integrated Linux environment similar to what Windows 10 users enjoy...

"I first started out just seeing if I could get Linux booting from the DOS command line, and that turned out to be straightforward enough so I thought it'd be fun to see if I could continue executing DOS once Linux was running," Charlie Somerville said. "I'm mostly surprised by how smoothly the whole thing works given how *dodgy* it all is haha," he added. DOS Subsystem for Linux runs a real copy of MS-DOS under the QEMU virtual machine, and starts up from that, Somerville said...

"Helpfully Linux seems to leave the first megabyte of memory (where DOS lives) intact during its own boot process, so it's just a matter of jumping back to the right place to continue DOS execution," he added. Somerville had it pointed out to him that this approach of running DOS under vm8086 is actually how early Windows worked.

"Kinda cool to rediscover the technique so many years later," Somerville said.

On August 7, 2019, Linux Journal laid off all staff members and was left with no operating funds to continue in any capacity. Today, the technology magazine announced that they've secured a deal to keep the site alive indefinitely under the ownership of Slashdot Media. Linux Journal writes: We will begin publishing digital content again as soon as we can. If you're a former Linux Journal contributor or a Linux enthusiast that would like to get involved, please contact us and let us know the capacity in which you'd like to contribute. We're looking for people to cover Linux news, create Linux guides, and moderate the community and comments. We'd also appreciate any other ideas or feedback you might have. Right now, we don't have any immediate plans to resurrect the subscription/issue model, and will be publishing exclusively on LinuxJournal.com free of charge. Our immediate goal is to familiarize ourself with the Linux Journal website and ensure it doesn't ever get shut down again.

We're ecstatic to be able to take the helm at Linux Journal, and ensure that this legendary Linux resource and community not only stays alive forever, but continues to grow and improve. Reach out if you'd like to get involved!

Krystalo writes: Edge is finally coming to Linux. At Ignite 2020 today, Microsoft announced that Edge for Linux will be available in the Dev preview channel starting in October. Linux users will be able to download the preview from the Microsoft Edge Insider website or from their native Linux package manager. Microsoft will start with the Ubuntu and Debian distributions, with support for Fedora and openSUSE coming afterwards. "Linux stands out in that, while it has a relatively small desktop population in terms of what you might call typical consumer or end user, developers are often overrepresented in that population, and especially in areas like test automation, or CI/CD workloads for their web apps," Edge program manager Kyle Pflug told VentureBeat. "Edge on Linux is a natural part of our strategy to reduce fragmentation and test overhead for web developers. By providing the same rendering behavior and tools across platforms, developers can build and test sites and web apps in their preferred environment and be confident in the experience their customers will have."

AmiMoJo writes: The GNOME 3 desktop environment was officially released in 2011, and in 2020 we are still on version 3.x. Yeah, despite many massive changes over the last (almost) decade, we have been stuck with point releases for GNOME 3. For instance, just last week, GNOME 3.38 was released. Historically, the stable releases all ended in even numbers, with pre-release versions ending in odd. For fans of the DE, such as yours truly, we have simply learned to live with this odd versioning scheme. Well, folks, with the next version of GNOME, the developers have finally decided to move on from version 3.x. You are probably thinking the new version will be 4.0, but you'd be very wrong. Actually, following GNOME3.38 will be GNOME 40. "After nearly 10 years of 3.x releases, the minor version number is getting unwieldy. It is also exceedingly clear that we're not going to bump the major version because of technological changes in the core platform, like we did for GNOME 2 and 3, and then piling on a major UX change on top of that. Radical technological and design changes are too disruptive for maintainers, users, and developers; we have become pretty good at iterating design and technologies, to the point that the current GNOME platform, UI, and UX are fairly different from what was released with GNOME 3.0, while still following the same design tenets," says Emmanuele Bassi, The GNOME Foundation.

"Microsoft has submitted a series of patches to Linux kernel developers," reports ZDNet, "requesting that Linux run as the root partition on the Hyper-V, its hypervisor software for running Windows and non-Windows instances on hardware." Microsoft "wants to create a complete virtualization stack with Linux and Microsoft Hypervisor", according to Microsoft principle software engineer Wei Liu. Liu has proposed an RFC or request for comment that for now merely implements what are only the "absolutely necessary components to get things running... There will be a subsequent patch series to provide a device node (/dev/mshv) such that userspace programs can create and run virtual machines. We've also ported Cloud Hypervisor over and have been able to boot a Linux guest with Virtio devices since late July." Cloud Hypervisor is an experimental open-source hypervisor implementation from Intel written in the Rust programming language. It's a virtual-machine monitor that runs on top of KVM, the Kernel-based Virtual Machine hypervisor in the Linux kernel that's designed for cloud workloads...

Liu points out three more changes beyond amendments to the Hyper-V Top-Level Functional Specification. For example, Microsoft wants Linux to set up existing Hyper-V facilities differently. It also wants Linux kernel developers to change the kernel's behavior when accessing hardware memory in a way that affects driver access to the GPU and CPU that's being managed by an operating system memory manager. It's this issue that Microsoft engineers are least confident about and are asking for Linux developer support, according to Liu....

As Microsoft's executive VP of the cloud and enterprise group, Scott Guthrie, told ZDNet last year, Microsoft's shift to Linux and open source started over a decade ago when it open-sourced ASP.NET. "We recognized open source is something that every developer can benefit from. It's not nice, it's essential. It's not just code, it's community," explained Guthrie.

Esther Schindler (Slashdot reader #16,185), shares some thoughts from long-time tech reporter Steven J. Vaughan-Nichols: We'd like an easy way to judge open-source programs. It can be done. But easily? That's another matter... Plenty of people have created systems to collect, judge, and evaluate open-source projects, including information about a project's popularity, reliability, and activity. But each of those review sites — and their methodologies — have flaws.
The article looks at a variety of attempts, including freshmeat.net; Eric Raymond's attempt to revive Freecode; GitHub's star (which Docker's co-founder calls a "bullshit metric"); Synopsys's Black Duck Open Hub (formerly Ohloh); and even Google Trends. But it wraps up by pointing out that Brian Profitt, Red Hat's Open Source Program Office (OSPO) manager, is working with others on "Project CHAOSS," a new Linux Foundation project to make it easy to evaluate open-source projects.
This pulled together Grimoirelab and similar programs, such as Augur and Red Hat's own Prospector... Its metrics include what kinds of contributions are being made; when the contributions are made; and who's making the contributions. All of which are vital to understanding the overall health of a project.

CHAOSS is still a work in progress. Its official release is scheduled for February 2021... Ultimately, this data will be available to all, from end users to the project leads. "In fact, I hope this happens a lot, because we can refine our models more quickly," says Profitt.

Microsoft has submitted a series of patches to the Linux kernel with its aim being "to create a complete virtualization stack with Linux and Microsoft Hypervisor." The Register reports: The patches are designated "RFC" (Request for comments) and are a minimal implementation presented for discussion. The key change is that with the patched kernel, Linux will run as the Hyper-V root partition. In the Hyper-V architecture, the root partition has direct access to hardware and creates child partitions for the VMs it hosts. "Just think of it like Xen's Dom0," said Microsoft principal software engineer Wei Liu. Hyper-V's architecture is more similar to Xen than it is to KVM or to VMware's ESXi, and Liu acknowledged that "we drew inspiration from the Xen code in Linux," specifically for code handing interrupts. Until now, the Hyper-V root partition had to run Windows.

Microsoft has also ported Intel's open-source Cloud Hypervisor, a Virtual Machine Monitor (VMM) written in Rust that normally runs on KVM, the hypervisor that is built into the Linux kernel. Cloud Hypervisor itself is currently in "very early pre-alpha stage." Even when Linux is the root partition, it will still run on top of Microsoft's hypervisor, a thin layer running with ring -1 privileges. It will no longer be necessary to run Windows on that hypervisor, though, enabling Microsoft to call the new arrangement "a complete virtualization stack with Linux."

Researchers at Kaspersky "have warned that sophisticated hackers and crooks are increasingly targeting Linux-based devices — using tools specifically designed to exploit vulnerabilities in the platform," reports TechRepublic: While Windows tends to be more frequently targeted in mass malware attacks, this is not always the case when it comes to advanced persistent threats (APTs), in which an intruder — often a nation-state or state-sponsored group — establishes a long-term presence on a network. According to Kaspersky, these attackers are increasingly diversifying their arsenals to contain Linux tools, giving them a broader reach over the systems they can target.

Many organisations choose Linux for strategically important servers and systems, and with a "significant trend" towards using Linux as a desktop environment by big business as well as government bodies, attackers are in turn developing more malware for the platform... According to Kaspersky, over a dozen APT actors have been observed to use Linux malware or some Linux-based modules. Most recently, this has included the LightSpy and WellMess malware campaigns, both of which targeted both Windows and Linux devices. The LightSpy malware was also found to be capable of targeting iOS and Mac devices.

While targeted attacks on Linux-based systems are still uncommon, a suite of webshells, backdoors, rootkits and custom-made exploits are readily available to those that seek to use them. Kaspersky also suggested that the small number of recorded attacks was not representative of the danger they posed, pointing out that the compromise of a single Linux server "often leads to significant consequences", as the malware travelled through the network to endpoints running Windows or macOS, "thus providing wider access for attackers which might go unnoticed".

"Security researchers from Amsterdam have publicly detailed 'BlindSide' as a new speculative execution attack vector for both Intel and AMD processors," reports Phoronix: BlindSide is self-described as being able to "mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory read gadgets, and enable reliable exploitation. This works even in face of strong randomization schemes, e.g., the recent FGKASLR or fine-grained schemes based on execute-only memory, and state-of-the-art mitigations against Spectre and other transient execution attacks."

From a single buffer overflow in the kernel, researchers claim three BlindSide exploits in being able to break KASLR (Kernel Address Space Layout Randomization), break arbitrary randomization schemes, and even break fine-grained randomization.
There's more information on the researcher's web site, and they've also created an informational video.

And here's a crucial excerpt from their paper shared by Slashdot reader Hmmmmmm: In addition to the Intel Whiskey Lake CPU in our evaluation, we confirmed similar results on Intel Xeon E3-1505M v5, XeonE3-1270 v6 and Core i9-9900K CPUs, based on the Skylake, KabyLake and Coffee Lake microarchitectures, respectively, as well as on AMD Ryzen 7 2700X and Ryzen 7 3700X CPUs, which are based on the Zen+ and Zen2 microarchitectures.

Overall, our results confirm speculative probing is effective on a modern Linux system on different microarchitectures, hardened with the latest mitigations.

rastos1 writes: Starting with Windows Insiders preview build 20211, WSL 2 will be offering a new feature: wsl --mount. This new parameter allows a physical disk to be attached and mounted inside WSL 2, which enables you to access filesystems that aren't natively supported by Windows (such as ext4).

The Amiga Fast File System (AFFS) is making a minor comeback in the new version of the Linux kernel. The Register reports: As noted by chief penguin Linus Torvalds in his weekly state-of-the-kernel report, a change to AFFS popped up among what he described as a collection of "the usual suspects" in new submissions to the kernel over the last week. The Amiga was ahead of its time, but is now largely a curiosity. However Suse developer David Sterba has noticed that "The basic permission bits (protection bits in AmigaOS) have been broken in Linux' AFFS - it would only set bits, but never delete them. Also, contrary to the documentation, the Archived bit was not handled."

"Let's fix this for good, and set the bits such that Linux and classic AmigaOS can coexist in the most peaceful manner," he added. Torvalds appears to have agreed inasmuch as Sterba's code has made it into rc4 of version 5.9 of the Linux kernel. Torvalds said that while rc4 is a big release -- he rated it as "larger than usual" -- it's still "well within the normal range, and not something I'll lose any sleep over."

An anonymous reader shares this enthusiastic report from ZDNet: Earlier this year, Linus Torvalds approved of adding drivers and other components in Rust to Linux.* Last week, at the virtual Linux Plumbers Conference, developers gave serious thought to using the Rust language for new Linux inline code. ["Nothing firm has been determined yet," reported Phoronix, "but it's a topic that is still being discussed."] And, now Amazon Web Services (AWS) has announced that its just-released Bottlerocket Linux for containers is largely written in Rust.

Mozilla may have cut back on Rust's funding, but with Linux embracing Rust, after almost 30-years of nothing but C, Rust's future is assured. Rust was chosen because it lends itself more easily to writing secure software. Samartha Chandrashekar, an AWS Product Manager, said it "helps ensure thread safety and prevent memory-related errors, such as buffer overflows that can lead to security vulnerabilities." Many other developers agree with Chandrashekar.

Bottlerocket also improved its security by using Device-mapper's verity target. This is a Linux kernel feature that provides integrity checking to help prevent attackers from overwriting core system software or other rootkit type attacks. It also includes the extended Berkeley Packet Filter (eBPF), In Linux, eBPF is used for safe and efficient kernel function monitoring.
* Linus's exact words were "people are actively looking at, especially doing drivers and things that are not very central to the kernel itself, and having interfaces to do those, for example, in Rust. People have been looking at that for years now. I'm convinced it's going to happen one day."

The article also reminds readers that AWS's Bottlerocket "is also designed to be quick and easy to maintain... by including the bare essentials needed to run containers..."

"Besides its standard open-source elements, such as the Linux kernel and containerd container runtime, Bottlerocket's own code is licensed under your choice of either the Apache 2.0 or the MIT license."

Artem S. Tashkinov writes: 253 emails have been leaked from private (high-level) mailing lists of Debian, in which its representatives vocally complain about the talk Linus Torvalds gave at the most recent DebConf conference. Some people insist that he should be permanently banned from future conferences because the language he uses is inappropriate and infringes on the project's Code of Conduct. This could set a very bad precedent for the open source community, which has recently seen an influx of various CoC policies applied to a number of high-profile projects mostly after very vocal concerns from the people who barely participate in the open source community. Some observers believe that it's a plot by Microsoft to destroy the open source movement from the inside.
UPDATE: "Note: The complaints and the event itself happened in 2014," the article points out.

Today, Lenovo has released a ThinkPad with Red Hat's community Linux, Fedora. ZDNet reports: First in this new Linux-friendly lineup is the X1 Carbon Gen 8. It will be followed by forthcoming versions of the ThinkPad P1 Gen2 and ThinkPad P53. While ThinkPads are usually meant for business users, Lenovo will be happy to sell the Fedora-powered X1 Carbon to home users as well. The new X1 Carbon runs Fedora Workstation 32. This cutting-edge Linux distribution uses the Linux Kernel 5.6. It includes WireGuard virtual private network (VPN) support and USB4 support. This Fedora version uses the new GNOME 3.36 for its default desktop.

The system itself comes standard with a 10th Generation Intel Core 1.6Ghz i5-10210U CPU, with up to 4.20 GHz with Turbo Boost. This processor boasts 4 Cores, 8 Threads, and a 6 MB cache. It also comes with 8MBs of LPDDR3 RAM. Unfortunately, its memory is soldered in. While that reduces the manufacturing costs, Linux users tend to like to optimize their hardware and this restricts their ability to add RAM. You can upgrade it to 16MBs, of course, when you buy it for an additional $149. For storage, the X1 defaults to a 256GB SSD. You can push it up to a 1TB SSD. That upgrade will cost you $536.

The X1 Carbon Gen 8 has a 14.0" Full High Definition (FHD) (1920 x 1080) screen. For practical purposes, this is as high-a-resolution as you want on a laptop. I've used laptops with Ultra High Definition (UHD), aka 4K, with 3840x2160 resolution, and I've found the text to be painfully small. This display is powered by an integrated Intel HD Graphics chipset. For networking, the X1 uses an Intel Wi-Fi 6 AX201 802.11AX with vPro (2 x 2) & Bluetooth 5.0 chipset. I've used other laptops with this wireless networking hardware and it tends to work extremely well. The entire default package has a base price of $2,145. For now, it's available for $1,287. If you want to order one, be ready for a wait. You can expect to wait three weeks before Lenovo ships it to you.

Phoronix reports: As mentioned back in July, upstream Linux developers have been working to figure out a path for adding Rust code to the Linux kernel. That topic is now being further explored at this week's virtual Linux Plumbers Conference...

To be clear though, these Rust Linux kernel plans do not involve rewriting large parts of the kernel in Rust (at least for the foreseeable future...), there would be caveats on the extent to which Rust code could be used and what functionality, and the Rust support would be optional when building the Linux kernel. C would remain the dominant language of the kernel and then it's just a matter of what new functionality gets added around Rust if concerned by memory safety, concurrency, and other areas where Rust is popular with developers. Various upstream developers have been interested in Rust for those language benefits around memory safety and security as well as its syntax being close to C. There would be a to-be-determined subset of Rust to be supported by the Linux kernel.... While the Rust code would be optional, the developers do acknowledge there are limitations on where Rust is supported due to the LLVM compiler back-ends. But at least for x86/x86_64, ARM/ARM64, POWER, and other prominent targets there is support along with the likes of RISC-V.

Nothing firm has been determined yet but it's a topic that is still being discussed at the virtual LPC this week and surely over the weeks/months ahead on the kernel mailing list. There is Rust-For-Linux on GitHub with a prototype kernel module implementation. There is also the PDF slides from Thursday's talk on the matter.
It's not clear to me that this is a done deal. But the article argues that "it's still looking like it will happen, it's just a matter of when the initial infrastructure will be in place and how slowly the rollout will be..."

A review at the Android Police site calls Pine64's new Linux-based PinePhone "the most interesting smartphone I've tried in years," with 17 different operating systems available (including Fedora, Ubuntu Touch, SailfishOS, openSUSE, and Arch Linux ARM): There's a replaceable battery, which is compatible with batteries designed for older Samsung Galaxy J7 phones. It's good to know that even if PinePhone vanished overnight, you could still purchase new batteries for around $10-15...

There's a microSD card slot above the SIM tray, which supports cards up to 2TB in size. While it can be used as extra storage, just like the SD slots in Android phones and tablets, it can also function as a bootable drive. If you write an operating system image to the SD card and put it in the PinePhone, the phone will boot from the SD card. This means you can move between operating systems on the PinePhone by simply swapping microSD cards, which is amazing for trying out new Linux distributions without wiping data. How great would it be if Android phones could do that?

Finally, the inside of the PinePhone has six hardware killswitches that can be manipulated with a screwdriver. You can use them to turn off the modem, Wi-Fi/Bluetooth, microphone, rear camera, front camera, and headphone jack. No need to put a sticker over the selfie camera if you're worried about malicious software — just flip the switch and never worry about it again.... For a $150 phone produced in limited batches by a company with no previous experience in the smartphone industry, I'm impressed it's built as well as it is...

I look forward to seeing what the community around the PinePhone can accomplish.
A Pine64 blog post this weekend touts "a boat-load of cool and innovative things" being attempted by the PinePhone community, including users working on things like a fingerprint scanner or a thermal camera, plus a community that's 3D-printing their own custom PinePhone cases. And Pine64 has now identified three candidates for a future keyboard option (each of which can be configured as either a slide-out or clamshell keyboard): I feel like we have finally gotten into a good production rhythm; it was only last month we announced the postmarketOS Community Edition of the PinePhone, and this month I am here to tell you that the factory will deliver the phones to us at the end of this month... I don't know about you, but I think that this is a rather good production pace. At the time of writing, and based on current sale rates, the postmarketOS production-run will sell out in a matter of days...

While I have no further announcements at this time, what I will say is that we have no intention of slowing down the pace now until February 2021 (when Chinese New Year begins)...

27 years ago today, in 1993, Debian first appeared in the world. August 16th has since been recognized as "DebianDay," celebrated shortly before the annual Debian Conference — with lots of ways to get involved, according to Debian.org: Today is also an opportunity for you to start or resume your contributions to Debian. For example, you can scratch your creative itch and suggest a wallpaper to be part of the artwork for the next release, have a look at the DebConf20 schedule and register to participate online (August 23rd to 29th, 2020), or put a Debian live image in a DVD or USB and give it to some person near you, who still didn't discover Debian.

Our favorite operating system is the result of all the work we do together. Thanks to everybody who has contributed in these 27 years, and happy birthday Debian!
And the same day is also the 25th anniversary of CPAN, the Comprehensive Perl Archive Network: On the 16th August 1995, Andreas König uploaded Symdump 1.20 to CPAN. There were other things already on CPAN, but this was the first true upload, to be followed by more than 6,500 people who have released over 35,000 distributions in 230k releases.

So it seems appropriate that 16th August be designated CPAN Day, to celebrate CPAN, and all the authors who've made it what it is.
That blog post urges readers to celebrate the anniversary "by doing something related to CPAN: release something, blog about your favourite module, or email its author thanking her or him."

Finally, a Slashdot reader reminds us that Mutt is also enjoying a birthday: The email client that aims to suck a little bit less celebrates its 25th anniversary!

The FBI and NSA have published today a joint security alert containing details about a new strain of Linux malware that the two agencies say was developed and deployed in real-world attacks by Russia's military hackers. From a report: The two agencies say Russian hackers used the malware, named Drovorub, was to plant backdoors inside hacked networks. Based on evidence the two agencies have collected, FBI and NSA officials claim the malware is the work of APT28 (Fancy Bear, Sednit), a codename given to the hackers operating out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main SpecialService Center (GTsSS). Through their joint alert, the two agencies hope to raise awareness in the US private and public sectors so IT administrators can quickly deploy detection rules and prevention measures.

This week saw the release Linux 5.8, which Linus Torvalds called "one of our biggest releases of all time," reports TechRepublic: The new version of the Linux kernel brings a number of updates to Linux 5.7 spanning security, core components, drivers, memory management, networking and improvements to the kernel's design, amongst others. This includes updates for Microsoft's Hyper-V virtualization platform, Intel Tiger Lake Thunderbolt support, improvements to Microsoft's exFAT file system, and support for newer Intel and ARM chips.

Torvalds said the kernel had received over 15,000 merge requests and that around 20% of all the files in the kernel source repository had been modified. "That's really a fairly big percentage, and while some of it is scripted, on the whole it's really just the same pattern: 5.8 has simply seen a lot of development," Torvalds said.

Translated into numbers, Linux 5.8 includes over 800,000 new lines and over 14,000 changed files. It also received one of the biggest number of merge requests during its merge window — over 14,000 non-merge commits and more than 15,000 including merges, according to Torvalds. "5.8 looks big. Really big," he added.

PAjamian writes: A recently released Red Hat update for the BootHole Vulnerability (firehose link) is causing systems to become unbootable. It is widely reported that updates to the shim, grub2 and kernel packages in RHEL and CentOS 7 and 8 are leaving various systems that use secure boot unbootable. Current recommendations are to avoid updating your system until the issue is resolved, or at least avoid updating the shim, grub2 and kernel packages. Update, shared by PAjamian: Red Hat is now recommending that users do not apply grub2, fwupd, fwupdate or shim updates until new packages are available.

SUSE has released the next versions of its flagship operating system, SUSE Linux Enterprise (SLE) 15 Service Pack 2 and its latest infrastructure management program, SUSE Manager 4.1. ZDNet reports: SLE 15 SP2 is available on the x86-64, Arm, IBM POWER, IBM Z, and LinuxONE hardware architectures. This new Linux server edition is based on the Linux 5.3 kernel. This new kernel release includes upstream features such as utilization clamping support in the task scheduler, and power-efficient userspace waiting. Other new and noteworthy features include:

- Support for migration from openSUSE Leap to SUSE Linux Enterprise Server (SLES). With this, you can try the free, community openSUSE Linux distro, and then, if you find it's a good choice for your business, upgrade to SLES.
- Extended Package Search. By using the new Zypper, SUSE's command line package manager, command option -- zypper search-packages -- sysadmins can now search across all SUSE repositories, even unenabled ones. This makes it easier for administrators to find required software packages.
- SLE Software Development Kit (SDK) is now integrated into SLE. Development packages are packaged alongside regular packages. - Python 3: SLE 15 offers full support for Python 3 development. SLE still supports Python 2 for the time being.
- 389 Directory Server replaces OpenLDAP as the LDAP directory service.
- Repository Mirroring Tool (RMT) replaces Subscription Management Tool (SMT). RMT allows mirroring SUSE repositories and custom repositories. You can then register systems directly with RMT. In environments with tightened security, RMT can also proxy other RMT servers.
- Better business continuity with improved SLE Live Patching. SUSE claims Live Patching increases system uptime by up to 12 months. SLE Live Patching is also now available for IBM Z and LinuxONE mainframe architectures.

As for SUSE Manager 4.1, this is an improved open-source infrastructure management and automation solution that lowers costs, identifies risk, enhances availability, and reduces complexity in edge, cloud, and data center environments. With SUSE Manager you can keep servers, VMs, containers, and clusters secure, healthy, compliant, and low maintenance whether in private, public, or hybrid cloud. That's especially important these days thanks to coronavirus pandemic IT staff disruptions. SUSE Manager 4.1 can also be used with the Salt DevOps program. Its vertical-market brother, SUSE Manager for Retail 4.1, is optimized and tailored specifically for retail. This release comes with enhancements for small store operations, enhanced offline capabilities and image management over Wi-Fi, and enhanced virtual machine management and monitoring capabilities. Simultaneously it can scale retail environments to tens of thousands of end-point devices and help modernize point-of-service rollouts.

ProcMon for Linux is Microsoft's newest open-source Linux software. ProcMon is a rewritten and re-imagined version of its Processor Monitor found on Windows within their Sysinternals suite. From a report: Microsoft explains, "The Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system."

The Linux Foundation Public Health initiative has chosen the Covid Tracker Ireland app as one of its first two open-source Covid-19 projects. From a report: Since its launch, more than 1.3m people have downloaded the Covid Tracker Ireland app, which was developed to help track the future spread of the coronavirus. Now, the app has been chosen as one of the first two open-source contact-tracing projects by the newly established Linux Foundation Public Health (LFPH) initiative. Nearform, the Waterford-based company that developed the app with the HSE, has been made one of the initiative's seven premium members, along with Cisco, Doc.ai, Geometer, IBM, Tencent and VMware. Under the project name 'Covid Green', the source code of the Irish app is being made available for other public health authorities and their developers across the world to use and customise. As part of the agreement, Nearform will manage the source code repository on GitHub. In its announcement, the LFPH pointed to the "extraordinarily high" adoption rate of the Covid Tracker Ireland app.

TechRadar reports on Pine64's new "PinePhone Convergence Package" handset, calling it "a Linux desktop you can keep in your pocket" that can be used as a PC when plugged into an external display and a keyboard. The device costs just $199 and is aimed primarily at Linux enthusiasts. The PinePhone Linux smartphone is based on the Alpine Linux-based PostmarketOS that can be used both in smartphone and desktop modes... The main component that transforms the PinePhone into a PC-like device is its USB-C docking bar that features an HDMI display output, two USB Type-A connectors, and a 10/100Mb Ethernet port.

The idea of using a smartphone with an external display and keyboard to run certain applications has not gained much traction neither with HP's Elite x3 Windows Phone 10 handset nor with Samsung's smartphones with its DeX software. Perhaps, since Linux community is generally more inclined to experiment with their gadgets (and their time), Pine64's PinePhone Convergence has a better chance to be actually used as a desktop by its owners.

An intriguing exchange happened on the Linux Kernel Mailing List after a post by Nick Desaulniers, a Google software engineer working on compiling the Linux Kernel with Clang (and LLVM). Hackaday reports: Nick simply tested the waters for a possible future of Rust within the Linux kernel code base, which is something he's planning to bring up for discussion in this year's Linux Plumbers Conference — the annual kernel developer gathering. [Desaulniers thinks that discussion will include "a larger question of 'should we do this?' or 'how might we place limits on where this can be used?'"]

The interesting part is Linus Torvalds's response on the LKML thread, which leaves everyone hoping for a hearty signature Rust rant akin to his C++ one disappointed. Instead, his main concern is that a soft and optional introduction of the support in the build system would leave possible bugs hidden, and therefore should be automatically enabled if a Rust compiler is present — essentially implying that he seems otherwise on board.
Linus also touched on Rust earlier this month in his keynote interview with Dirk Hohndel, the chief open source officer at VMware, during the special virtual edition of the Linux Foundation's annual Open Source Summit and Embedded Linux Conference North America: Dirk Hohndel: Every new project is done in Go or Rust or another new language I've never heard of. Is there a risk that we are becoming the COBOL programmers of the 2030s?

Linus Torvalds: Well, I don't actually think it's true that nobody writes in C any more. I think C is still one of the top 10 languages easily, if you look at any of the statistics.

That said — I mean, people are actively looking at, especially doing drivers and things that are not very central to the kernel itself, and having interfaces to do those, for example, in Rust. People have been looking at that for years now. I'm convinced it's going to happen one day.

I mean, it might not be Rust, but it is going to happen that we will have different models for writing these kinds of things. And C won't be the only one. I mean right now, it's C or assembly, and most people would rather not touch the assembly parts. [Dirk laughs] But it is something that people are looking at. I'm probably the wrong person. Greg has been more involved, since he's the driver maintainer in general. But things are afoot, and these things take a long, long time. I mean, the kind of infrastructure you need to start integrating other languages into a kernel, and making people trust these other languages — that's a big step.

"Linux creator Linus Torvalds had some choice words today on Advanced Vector Extensions 512 (AVX-512) found on select Intel processors," reports Phoronix: In a mailing list discussion stemming from the Phoronix article this week on the compiler instructions Intel is enabling for Alder Lake (and Sapphire Rapids), Linus Torvalds chimed in. The Alder Lake instructions being flipped on in GCC right now make no mention of AVX-512 but only AVX2 and others, likely due to Intel pursuing the subset supported by both the small and large cores in this new hybrid design being pursued.

The lack of seeing AVX512 for Alder Lake led Torvalds to comment:

I hope AVX512 dies a painful death, and that Intel starts fixing real problems instead of trying to create magic instructions to then create benchmarks that they can look good on.

I hope Intel gets back to basics: gets their process working again, and concentrate more on regular code that isn't HPC or some other pointless special case.

I've said this before, and I'll say it again: in the heyday of x86, when Intel was laughing all the way to the bank and killing all their competition, absolutely everybody else did better than Intel on FP loads. Intel's FP performance sucked (relatively speaking), and it matter not one iota.

Because absolutely nobody cares outside of benchmarks.

The same is largely true of AVX512 now - and in the future...
After several more paragraphs, Torvalds reaches his conclusion. "Stop with the special-case garbage, and make all the core common stuff that everybody cares about run as well as you humanly can."

Phoronix notes that Torvalds' comments came "just weeks after he switched to AMD Ryzen Threadripper for his primary development rig."

An anonymous reader quotes ZDNet: Linus Torvalds approved on Friday a new and more inclusive terminology for the Linux kernel code and documentation. Going forward, Linux developers have been asked to use new terms for the master/slave and blacklist/whitelist terminologies...

The Linux team did not recommend any specific terms but asked developers to choose as appropriate. The new terms are to be used for new source code written for the Linux kernel and its associated documentation.

The older terms, considered inadequate now, will only be allowed for maintaining older code and documentation, or "when updating code for an existing (as of 2020) hardware or protocol specification that mandates those terms."
Proposed alternatives for master/slave include:

• primary/secondary
• main/replica or subordinate
• initiator/target
• requester/responder
• controller/device
• host/worker or proxy
• leader/follower
• director/performer

Proposed alternatives for blacklist/whitelist include:

• denylist/allowlist
• blocklist/passlist

An anonymous reader writes: Google is partnering with the Ubuntu Desktop team at Canonical to bring Linux support to its open source UI framework Flutter. Today's Linux alpha announcement also means Flutter developers can now deploy their apps to the Snap Store. Flutter group product manager Tim Sneath argues this is a big milestone because UI frameworks rarely become versatile and powerful enough for an operating system to depend on. He pointed to Windows being written in C++ rather than .NET, even for applets like the Calculator. Sneath also believes this shows Canonical is willing to invest in a first-class way to build apps for Linux, making Flutter on Linux an official part of Ubuntu. Additionally, enterprises can feel confident about picking Flutter -- it's more evidence of its longevity and technical excellence, Sneath said.

SUSE, a Linux distribution company controlled by private equity firm EQT, has agreed to acquire Rancher Labs, a start-up with technology that helps organizations run software in virtual containers across many servers. From a report: The companies announced the deal Wednesday but didn't disclose the terms. Two people familiar with the deal said SUSE is paying $600 million to $700 million. The transaction suggests that even during a recession, demand remains high for technology that can enable companies to operate more efficiently. Talks between the companies began in the spring, and the process became competitive with additional bids, Ursheet Parikh, a partner at Rancher backer Mayfield Fund, told CNBC on Tuesday. There were "lots of Zoom calls," Parikh said. In the past few years, with the rise of start-ups such as Docker, containers became a trendy alternative to more traditional virtualization technology for running applications on each computer server in a company data center. Amazon, Microsoft and other cloud providers came out with services that developers can use to place code in containers, and in 2017 SUSE introduced its own service for managing containers. The companies haven't finalized integration plans as the deal still faces regulatory approval.

This week Linus Torvalds and Dirk Hohndel re-created their keynote conversation for a special all-virtual edition of the Open Source Summit and Embedded Linux Conference North America. ZDNet reports: While COVID-19 has slowed down many technologies, while speeding up other tech developments, it hasn't affected Linux development much at all. "None of my co-developers have been hugely impacted either. I was worried for a while because one of our developers was offline for a month or two.... [But,] it turned out that it was just RSI [repetitive strain injury], and RSI is kind of an occupational hazard to deal with." He added. "One of the things that is so interesting about the Linux community is how much it has always been email-based and remote, how rarely we get together in person...."

Torvalds trusts this new build. Indeed, he ran his end of the videoconference from his new developer machine running the first release candidate of 5.8.

Thinking of his new AMD Threadripper 3970x-based processor-powered developer desktop, Torvalds later added that, although he had been concerned about its fan noise it actually works well for him. Torvalds moved to this new homebrew computer because he needed the speed. "My 'allmodconfig' test builds are now three times faster than they used to be." That's important because Torvalds "strives to do about 20 to 30 [pull requests] a day, which is above my limit, ... [but] in order to do that, [he needs] a lot of computing power.

The Linux Foundation recently uploaded its video from the Open Source Summit and Embedded Linux Conference: Europe. And there was a poignant moment when Linus Torvalds did his traditional keynote conversation with Dirk Hohndel, VMware's vice president and chief open source officer.

Honndel had asked Linus — his hair now uncharacteristically long — what he spends his time on as a kernel maintainer. What's his workflow? "What do you do?"

Linus Torvalds: Um, I read email. [Hohndel laughs] I read email, I write email, I do no coding at all any more.

Most of the code I write, I actually write inside my mail reader. So somebody sends me a patch, or more commonly they send me a pull request or there's a discussion about the next pull request, and there's something I react to and say, 'No, this is fine, but...' And I send out pseudocode, or — I'm so used to sending out patches that I sometimes edit patches and send out the patch without having ever compiled it, ever tested it, because I literally wrote it in the mail reader, and saying 'I think this is how it should be done.' But this is what I do. I'm not a programmer any more.

I read a lot more email than I write, because what my job really is — in the end, my job is to say no. Somebody has to be able to say no to people. Because other developers know that if they do something bad, I will say no. They hopefully, in turn, are more careful. But in order to be able to say no, I have to know the background. Because otherwise I can't do my job. So I spend all my time, basically, reading email about what people are working on... It is an interesting job, but you do end up spending most of your time reading email.

On the developer side, what I hope people are doing is trying to make, not just good code, but these days we've been very good about having explanations for the code. So commit messages to me are almost as important as the code change itself. Sometimes the code change is so obvious that no message is really required, but that is very very rare. And so one of the things I hope developers are thinking about, the people who are actually writing code, is not just the code itself, but explaining why the code does something, and why some change was needed. Because that then in turn helps the managerial side of the equation, where if you can explain your code to me, I will trust the code...

A lot of open source in general is about communication. And part of it is the commit messages, part of it is just the email going back and forth. Communicating what you're trying to do or communicating why something doesn't work for you is really important.

An anonymous reader quotes a report from Ars Technica: Microsoft is moving forward with its promise to extend enterprise security protections to non-Windows platforms with the general release of a Linux version and a preview of one for Android. The software maker is also beefing up Windows security protections to scan for malicious firmware. The Linux and Android moves -- detailed in posts published on Tuesday here, here, and here -- follow a move last year to ship antivirus protections to macOS. Microsoft disclosed the firmware feature last week. All the new protections are available to users of Microsoft Advanced Threat Protection and require Windows 10 Enterprise Edition. Public pricing from Microsoft is either non-existent or difficult to find, but according to this site, costs range from $30 to $72 per machine per year to enterprise customers. "We are just at the beginning of our Linux journey and we are not stopping here!" Tuesday's post announcing the Linux general availability said. "We are committed to continuous expansion of our capabilities for Linux and will be bringing you enhancements in the coming months."

The Android preview, meanwhile, provides several protections, including:

- The blocking of phishing sites and other high-risk domains and URLs accessed through SMS/text, WhatsApp, email, browsers, and other apps. The features use the same Microsoft Defender
- SmartScreen services that are already available for Windows so that decisions to block suspicious sites will apply across all devices on a network.
- Proactive scanning for malicious or potentially unwanted applications and files that may be downloaded to a mobile device.
- Measures to block access to network resources when devices show signs of being compromised with malicious apps or malware.
- Integration to the same Microsoft Defender Security Center that's already available for Windows, macOS, and Linux. As for the new firmware protections, Microsoft's new offering via Microsoft Defender "scans Unified Extensible Firmware Interface, which is the successor to the traditional BIOS that most computers used during the boot process to locate and enumerate hardware installed," adds Ars. "The firmware scanner uses a new component added to virus protection already built into Defender."

Nvidia, Intel and AMD have announced their support for Microsoft's new effort to bring graphics processor support to the Windows 10 Windows Subsystem for Linux to enhance machine-learning training. From a report: GPU support for WSL arrived on Wednesday in the Dev Channel preview of Windows 10 build 20150 under Microsoft's reorganized testing structure, which lets it test Windows 10 builds that aren't tied to a specific future feature release. Microsoft announced upcoming GPU support for WSL a few weeks ago at Build 2020, along with support for running Linux GUI apps. The move on GPU access for WSL is intended to bring the performance of applications running in WSL2 up to par with those running on Windows. GPU compute support is the feature most requested by WSL users, according to Microsoft. The 20150 update includes support for Nvidia's CUDA parallel computing platform and GPUs, as well as GPUs from AMD and Intel. It also supports DirectML (Direct Machine Learning), Microsoft's Windows 10 API for hardware-accelerated machine learning.

Linux computer maker/seller System76 has been offering AMD processors in its Thelio desktop computers, but believe it or not, the company has never offered an AMD-powered laptop -- until now, that is. From a report: You see, starting today, you can buy a "Serval WS" powered by AMD. No, System76 is not offering mobile Ryzen chips in this laptop, but instead, desktop-class processors. As you can expect, this 15-inch portable Linux workstation is quite chunky and heavy as a result. With that said, it is simply impossible to cram this much power into a thin and light notebook. "The Serval WS comes with either the 3rd Gen Ryzen 3600, 3700X, or 3900 CPU. The latter is equipped with 12 Cores and 24 Threads, making this laptop perfect for taking on heavy computational loads. Having this kind of desktop-caliber power in a laptop body helps if you need to run complex simulations at your desk or quickly render 3D scenes while on the road. AMD CPUs are also known for having the an extremely high price per performance, which means you get maximum bang-for-buck," says System76. The laptop starts at $1,300 -- and BetaNews has all the specs.

jrepin writes: The KDE community has released Plasma 5.19, the popular free and open-source desktop environment. "In this release, we have prioritized making Plasma more consistent, correcting and unifying designs of widgets and desktop elements; worked on giving you more control over your desktop by adding configuration options to the System Settings; and improved usability, making Plasma and its components easier to use and an overall more pleasurable experience," reads the announcement. For a complete list of what's new, you can visit the Plasma 5.19 changelog.

Roblimo once called it "a tradition, not just a speech" -- Bryan Lunduke's annual "Linux Sucks" presentations at various Linux conferences. But before you get too upset, in his 2014 interview with Slashdot Lunduke admitted "I love Linux, I have made my whole life around Linux. I work for Linux companies. I write for Linux magazines, but it really blows..."

This year he's releasing a special YouTube version of Linux Sucks 2020, the first time Lunduke has attempted the talk without a live audience, "And it feels really wicked weird." But he's still trying to get a rise out of his audience. "Follow me on this into Journey Into Graphs and Numbers Land," Lunduke says playfully, pulling up one of his 160 x 90 pixel slides showing current market share for Windows, Mac, and then Linux "You might notice that some platforms have a higher market share than Linux does," he says with a laugh, describing one slide showing Linux as "scooping up the bottom of the barrel at 1.6%..."

"But here's the thing. These numbers have been either consistent, or for Linux, slowly dropping." And then he puts up a graph showing the number of searches for Linux. "If you look back at 2004 -- the year 2004, 16 years ago -- that was the high point in interest in searching for the word Linux (or Linux plus other things). 2006 it was about half that -- so about two years later it had dropped down to about half. Here in 2020 it is so low, not only does it not fill up the first bar of pixels there, it's like only three pixels in. That doesn't happen -- that sort of decline does not happen -- unless the platform sucks. That's just the truth of the matter. That's just how it goes, right?"

And there's also some very specific reasons why Lunduke thinks Linux sucks:

"The trend towards open-source software on government computers is gathering pace in Germany," reports ZDNet: In the latest development, during coalition negotiations in the city-state of Hamburg, politicians have declared they are ready to start moving its civil service software away from Microsoft and towards open-source alternatives. The declaration comes as part of a 200-page coalition agreement between the Social Democratic and Green parties, which will define how Hamburg is run for the next five years. It was presented on Tuesday but has yet to be signed off. The political parties in charge in Hamburg are the same as those in Munich, who recently agreed to revert back to that city's own open-source software.

"With this decision, Hamburg joins a growing number of German states and municipalities that have already embarked on this path," said Peter Ganten, chairman of the Open Source Business Alliance, or OSBA, based in Stuttgart. He's referring to similar decisions made in Schleswig-Holstein, Thuringia, Bremen, Dortmund, and Munich. But, he adds: "The Hamburg decision is nevertheless remarkable because the city has always been more aggressively oriented towards Microsoft.

"In the future we will aim to have more open-source software in digital management [systems] and we also want to develop our own code, which will remain open," the head of the local Hamburg-Mitte branch of the Greens, Farid Mueller, wrote on his website. Hamburg wants to be a leading example of digital independence, he stated.
The article also adds a final interesting detail. A Microsoft spokeperson told a Germany technology site "that the company didn't see the desire for more open-source software as an attack on itself. Microsoft now also uses and develops a lot of open source and welcomed fair competition, the spokesperson added."

"A newly uncovered form of ransomware is going after Windows and Linux systems," reports ZDNet, "in what appears to be a targeted campaign." Named Tycoon after references in the code, this ransomware has been active since December 2019 and looks to be the work of cyber criminals who are highly selective in their targeting. The malware also uses an uncommon deployment technique that helps stay hidden on compromised networks. The main targets of Tycoon are organisations in the education and software industries.

Tycoon has been uncovered and detailed by researchers at BlackBerry working with security analysts at KPMG. It's an unusual form of ransomware because it's written in Java, deployed as a trojanised Java Runtime Environment and is compiled in a Java image file (Jimage) to hide the malicious intentions... [T]he first stage of Tycoon ransomware attacks is less uncommon, with the initial intrusion coming via insecure internet-facing Remote Desktop Protocol servers. This is a common attack vector for malware campaigns and it often exploits servers with weak or previously compromised passwords. Once inside the network, the attackers maintain persistence by using Image File Execution Options (IFEO) injection settings that more often provide developers with the ability to debug software. The attackers also use privileges to disable anti-malware software using ProcessHacker in order to stop removal of their attack...

After execution, the ransomware encrypts the network with files encrypted by Tycoon given extensions including .redrum, .grinch and .thanos — and the attackers demand a ransom in exchange for the decryption key. The attackers ask for payment in bitcoin and claim the price depends on how quickly the victim gets in touch via email.

The fact the campaign is still ongoing suggests that those behind it are finding success extorting payments from victims.

Long-time Slashdot reader mrflash818 ("Linux geek since 1999") shared a ZDNet article pointing out that SpaceX's Falcon 9 rocket has an onboard operating system that's "a stripped-down Linux running on three ordinary dual-core x86 processors. The flight software itself runs separately on each processor and is written in C/C++."

Interestingly, back in 2018 a Slashdot headline asked whether C++ was "a really terrible language," and Elon Musk replied on Twitter with his single-word answer. "Yes."

ZDNet points out that "ordinary" processors are often needed because of the multi-year development time for the spacecraft they power. Their article notes that the International Space Station actually runs on 1988-vintage 20 MHz Intel 80386SX CPUs: Of course, while those ancient chips work for the station's command and control multiplexer/demultiplexer, they're not much good for anything else. For ordinary day-in and day-out work, astronauts use HP ZBook 15s running Debian Linux, Scientific Linux, and Windows 10. The Linux systems act as remote terminals to the control multiplexer/demultiplexer, while the Windows systems are used for email, the web, and fun.

Usually, though, chips that go into space aren't ordinary chips. CPUs that stay in space must be radiation-hardened. Otherwise, they tend to fail due to the effects of ionizing radiation and cosmic rays. These customized processors undergo years of design work and then more years of testing before they are certified for spaceflight. For instance, NASA expects its next-generation, general-purpose processor, an ARM A53 variant you may know from the Raspberry Pi 3, to be ready to run in 2021...

The Dragon spacecraft's touchscreen interface is rendered using Chromium and JavaScript. If something were to go wrong with the interface, the astronauts have physical buttons to control the spacecraft.
Today the SpaceX software team answered questions on Reddit, revealing they use Chromium with a reactive library developed in-house, and that "All of our on-board computers either run Linux (with the PREEMPT_RT patch) or are microcontrollers that run bare-metal code...." Later they emphasized that for the Falcon 9 and Dragon software, "All of the application-level autonomous software is written in C++. We generally use object oriented programming techniques from C++, although we like to keep things as simple as possible.

"We do use open source libraries, primarily the standard C++ library, plus some others. However, we limit our use of open source libraries to only extremely high quality ones, and often will opt to develop our own libraries when it is feasible so that we can control the code quality ourselves."