Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Open Source

Fedora-based Linux Distro Korora (Version 25) Now Available For Download (betanews.com) 23

BrianFagioli writes: If you want to use Fedora but do not want to spend time manually installing packages and repos, there is a solid alternative -- Korora. Despite the funny-sounding name, it is a great way to experience Fedora in a more user-friendly way. Wednesday, version 25, code-named 'Gurgle', became available for release.
Bug

5-Year-Old Critical Linux Vulnerability Patched (threatpost.com) 56

msm1267 quotes Kaspersky Lab's ThreatPost: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip Pettersson, who said the vulnerable code was introd in August 2011.

A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely.

"Basically it's a bait-and-switch," the researcher told Threatpost. "The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react."
NES (Games)

Doyodo RetroEngine Sigma Is a Linux-Powered Classic Video Game Emulation Console (betanews.com) 91

BrianFagioli quotes a report from BetaNews: The Nintendo NES Classic is quite an amazing console. True, it is not as powerful as modern game systems like Xbox One and PlayStation 4, but it comes pre-loaded with many classic NES titles. Unfortunately, its strength is also its weakness -- those pre-loaded titles are the only games you can play. You cannot load other games, so you are stuck with what you got. As an alternative, some folks use software emulation and ROMs on their computers to play countless video game titles. Of course, there are moral concerns here, as you are often downloading the games illegally -- unless you own the physical copy, that is. Even then, it is a gray area. Today, a company called Doyodo launched a new Linux-powered emulation console on Indiegogo. The device not only plays NES games, but Atari, Game Boy, PlayStation 1, Genesis, and more. You play using USB controllers. In addition, it can serve as a media player (with Kodi) or a full-fledged Linux desktop. Some other features include 4K video playback, Wi-Fi networking built in, and a compact and portable design. There's even a deluxe version that ships with Bluetooth, an extra controller and 32GB of storage; the basic configuration includes just one controller and 16GB of storage. You can view the Indiegogo page here.
Open Source

Linux Mint 18.1 'Serena' BETA Ubuntu-based Operating System Now Available For Download (betanews.com) 137

BrianFagioli shares his story on Beta News: Feeling fatigued by Windows 10 and its constant updates and privacy concerns? Can't afford one of those beautiful new MacBook Pro laptops? Don't forget, Linux-based desktop operating systems are just a free download away, folks!

If you do decide to jump on the open source bandwagon, a good place to start is Linux Mint. Both the Mate and Cinnamon desktop environments should prove familiar to Windows converts, and since it is based on Ubuntu, there is a ton of compatible packages. Today, the first beta of Linux Mint 18.1 'Serena' becomes available for download.

Here's the release notes for both Cinammon and MATE.
Open Source

Devuan's Systemd-Free Linux Hits Beta 2 (theregister.co.uk) 330

Long-time Slashdot reader Billly Gates writes, "For all the systemd haters who want a modern distro feel free to rejoice. The Debian fork called Devuan is almost done, completing a daunting task of stripping systemd dependencies from Debian." From The Register: Devuan came about after some users felt [Debian] had become too desktop-friendly. The change the greybeards objected to most was the decision to replace sysvinit init with systemd, a move felt to betray core Unix principles of user choice and keeping bloat to a bare minimum. Supporters of init freedom also dispute assertions that systemd is in all ways superior to sysvinit init, arguing that Debian ignored viable alternatives like sinit, openrc, runit, s6 and shepherd. All are therefore included in Devuan.
Devuan.org now features an "init freedom" logo with the tagline, "watching your first step. Their home page now links to the download site for Devuan Jessie 1.0 Beta2, promising an OS that "avoids entanglement".
Linux

Ask Slashdot: What's the Best Linux Laptop? 284

Long-Time Slashdot reader sconeu is finally replacing his 10-year-old Toshiba Satellite laptop, and needs suggestions on the best current laptops for running Linux. I'm looking to run some flavor of Linux (probably KDE-based UI, but not mandatory) while using a virtual machine to run Windows 7 (for stuff needed for work). For me personally, battery life and weight are more important than raw power. I'm not going to be running games on this. I've been considering an XPS 13 Developer Edition, or something from System76, ZaReason or Emperor Linux. What laptop do you use? Do you have any suggestions?
It's your chance to share useful information, recommendations, and your own experiences with various brands of laptop. So leave your best answers in the comments. What's the best Linux laptop?
Operating Systems

Taking a Stand Against Unofficial Ubuntu Images (ubuntu.com) 103

Canonical isn't pleased with cloud providers who are publishing broken, insecure images of Ubuntu despite being notified several times. In a blogpost, Mark Shuttleworth, the founder of Ubuntu, and the Executive Chairman and VP, Product Strategy at Canonical, made the situation public for all to see. An excerpt from the blog post: We are currently in dispute with a European cloud provider which has breached its contract and is publishing insecure, broken images of Ubuntu despite many months of coaxing to do it properly. The home-grown images on the cloud, VPS and bare metal services of this provider disable fundamental security mechanisms and modify the system in ways that are unsupportable. They are likely to behave unpredictably on update in weirdly creative and mysterious ways (the internet is full of fun examples). We hear about these issues all the time, because users assume there is a problem with Ubuntu on that cloud; users expect that 'all things that claim to be Ubuntu are genuine', and they have a right to expect that. We have spent many months of back and forth in which we unsuccessfully tried to establish the same operational framework on this cloud that already exists on tens of clouds around the world. We have on multiple occasions been promised it will be rectified to no avail. We are now ready to take legal steps to remove these images. We will seek to avoid affecting existing running users, but we must act to prevent future users from being misled. We do not make this move lightly, but have come to the view that the value of Ubuntu to its users rests on these commitments to security, quality and updates.
Microsoft

Microsoft Exec Urges Linux Developers To Try Windows 10 (softpedia.com) 403

An anonymous reader shares a Softpedia article: Microsoft has finally acknowledged the potential that the open-source world in general, and Linux in particular, boasts, so the company is exploring its options to expand in this area with every occasion. Most recently, an episode posted on Channel 9 and entitled "Improvements to Bash on Windows and the Windows Console" with senior program manager Rich Turner calls for Linux developers to give up on their platforms for Windows 10. "Fire up a Windows 10 Insiders' build instance and run your code, run your tools, host your website on Apache, access your MySQL database from your Java code," he explained. Turner went on to point out that the Windows subsystem for Linux is there to provide developers with all the necessary tools to code just like they'd do it on Linux, all without losing the advantages of Windows 10. "Whatever it is that you normally do on Linux to build an application: whether it's in Go, in Erlang, in C, whatever you use, please, give it a try on Bash WSL, and importantly file bugs on us. It really makes our life a lot easier and helps us build a product that we can all use and be far more productive with, he continued. Editor's note: The original title from Softpedia was edited because it was misleading. A Microsoft employee doesn't represent the entire company (at least in this instant he wasn't speaking for the company), and at no point has he asked "all Linux developers" to "give up" on Linux.
Microsoft

Newest Skype For Linux Enables SMS Text Messages From The Desktop (betanews.com) 176

BrianFagioli writes: Microsoft has delivered an incredible feature to Linux-based desktop operating systems by way of the latest Alpha version of its Skype client... The newly-released Skype for Linux 1.13 allows users to send SMS test messages from the operating system! True, web-based solutions such as Google Voice have long allowed the sending of text messages, but needing to use a web browser can be a chore. There is convenience and elegance in using the Skype for Linux client.
Desktops (Apple)

Fedora 25 Now Available -- Makes It Easier To Switch From Windows 10 Or Mac (betanews.com) 154

Reader BrianFagioli writes: After the release of both alpha and beta versions, Fedora 25 is officially here and ready for production machines. If you aren't familiar with the popular Linux-based operating system, please know that it is the distribution of choice for the founder of the Linux kernel, Linus Torvalds. One of the most endearing qualities of Fedora is its focus on only offering truly free open source software. Also, you can always count on a very modern version of the Linux kernel being available. Despite having very up-to-date packages, it is always very stable too. My favorite aspect, however, is the commitment to the GNOME desktop environment; other DEs are available, though. The team says, "Fedora 25 Workstation now makes it easier to for Windows and OS X users to get started, with Fedora Media Writer serving as the default download for those operating systems. This tool helps users find and download the current Fedora release and write it to removable media, like a USB stick, allowing potential Fedora users to 'test drive' the operating system from that media environment. Fedora can then be installed to their systems with the same process".
Open Source

A Windows 10 Alternative: Ubuntu-Based Zorin OS Linux Distro (betanews.com) 191

"With a click of a button, you can change the desktop layout to match that of Windows versions and Gnome 3. The Ultimate edition...also features Ubuntu, Gnome 2 and macOS-like layouts." BrianFagioli shares an article about a Linux-based operating system "designed for Windows-switchers." While the company does charge for an "Ultimate" version, the "Core" edition of Zorin OS 12 is entirely free... "As Zorin OS 12 is based on Ubuntu 16.04 LTS, it will be supported with security updates until April 2021. This makes Zorin OS 12 the ideal choice for large deployments in businesses, governments, schools and organisations", says The Zorin OS Team"... Zorin OS features some really great features, such as Google Drive integration with the file browser.
Although unlike Windows 10, its default browser is Chromium.
Red Hat Software

Red Hat CEO Predicts Open Source Infrastructures With Proprietary Business Functionality (fortune.com) 53

An anonymous reader summarizes the highlights of Fortune's new interview with Red Hat CEO James Whitehurst: A recruiter told Whitehurst the culture at Red Hat was "a little bit like that Blues Brothers movie, when Dan Aykroyd says, 'We're on a mission from God.'" But Whitehurst says geeky passion "makes it a great place to be a part of," and even argues that the success of Microsoft in the 1990s can be attributed to its Microsoft Developer Network, which led developers into Microsoft's platform and infrastructure. "Developers now are heavily using open-source tools and technology and, bluntly, I think that's why Microsoft had to open source .NET and why they're embracing more open source in general. Because open source is where innovation is coming from and is what developers are consuming, it forces vendors to participate."

Looking towards the future, Whitehurst says "A rough line would be almost to say most infrastructure is going to be open source and most business functionality above it is going to be proprietary." And he also warns open source companies, "if you don't have the unique business model that allows you to add value on top of the free functionality, in the end you're going to fail... a lot of open source companies have come and gone because they've been more focused on the functionality versus how they add value around the functionality."

Operating Systems

Antivirus Firm Kaspersky Launches Its Own Hackproof OS, Based On Microkernel (fossbytes.com) 108

An anonymous reader quotes a report from Fossbytes: Kaspersky Lab, a Russian cybersecurity and antivirus company, has announced their new operating system which was in development for the last 14 years. Dubbed as Kaspersky OS, it has made its debut on a Kraftway Layer 3 Switch. Not many details have been revealed by the CEO Eugene Kaspersky in his blog post. The GUI-less OS -- as it appears in the image -- has been designed from scratch and Eugene said it doesn't have "even the slightest smell of Linux." He actually tagged "Kaspersky OS being non-Linux" as one of the three main distinctive features he mentioned. The other two features he briefly described are rather fascinating. The first feature is that the Kaspersky OS is based on microkernel architecture, which basically means using the minimum amount of ingredients to bake your own operating system. The OS can be custom-designed as per requirements by using different modification blocks. The second distinctive feature is the inbuilt security system which can control application behavior and OS modules. It touts Kaspersky OS as practically unhackable, unless a cyber-baddie has a quantum computer -- which will be required to crack the digital signature of the platform -- at his disposal.
Microsoft

Microsoft Joins the Linux Foundation (techcrunch.com) 202

Microsoft today said it is joining the Linux Foundation as a high-paying Platinum member. Linux Foundation executive director Jim Zemlin said, "This may come as a surprise to you, but they were not big fans," describing the two's previous relationship. From a report on TechCrunch: The new Microsoft under CEO Satya Nadella, however, is singing a very different tune. Today's Microsoft is one of the biggest open source contributors around. Over the course of just the last few years, it has essentially built Canonical's Ubuntu distribution into Windows 10, brought SQL Server to Linux, open-sourced core parts of its .NET platform and partnered with Red Hat, SUSE and others. As Zemlin noted, Microsoft has also contributed to a number of Linux Foundation-managed projects like Node.js, OpenDaylight, the Open Container Initiative, the R Consortium and the Open API Initiative.ArsTechnica has more details.
Security

Cryptsetup Vulnerability Grants Root Shell Access On Some Linux Systems (threatpost.com) 89

msm1267 quotes a report from Threatpost: A vulnerability in cryptsetup, a utility used to set up encrypted filesystems on Linux distributions, could allow an attacker to retrieve a root rescue shell on some systems. From there, an attacker could have the ability to copy, modify, or destroy a hard disk, or use the network to exfiltrate data. Cryptsetup, a utility used to setup disk encryption based on the dm-crypt kernel module, is usually deployed in Debian and Ubuntu. Researchers warned late last week that if anyone uses the tool to encrypt system partitions for the operating systems, they're likely vulnerable. Two researchers, Hector Marco of the University of the West of Scotland and Ismael Ripoll, of the Polytechnic University of Valencia, in Spain, disclosed the vulnerability on Friday at DeepSec, a security conference held at the Imperial Riding School Renaissance Vienna Hotel in Austria. According to a post published to the Full Disclosure mailing list, the vulnerability (CVE-2016-4484) affects packages 2.1 and earlier. Systems that use Dracut, an infrastructure commonly deployed on Fedora in lieu of initramfs -- a simple RAM file system directory, are also vulnerable, according to the researchers. The pair say additional Linux distributions outside of Debian and Ubuntu may be vulnerable, they just haven't tested them yet. The report adds: "The problem stems from the incorrect handling of a password check when a partition is ciphered with LUKS, or Linux Unified Key Setup, a disk encryption specification that's standard for Linux. Assuming an attacker has access to the computer's console, when presented with the LUKS password prompt, they could exploit the vulnerability simply by pressing 'Enter' over and over again until a shell appears. The researchers say the exploit could take as few as 70 seconds. After a user exceeds the maximum number of three password tries, the boot sequence continues normally. Another script in the utility doesn't realize this, and drops a BusyBox shell. After carrying out the exploit, the attacker could obtain a root initramfs, or rescue shell. Since the shell can be executed in the initrd, or initial ram disk, environment, it can lead to a handful of scary outcomes, including elevation of privilege, information disclosure, or denial of service."

Slashdot Top Deals