Skip to main content

Linux News

Ubuntu Desktop in the Hyper-V Gallery, an Interview with Canonical and Microsoft

Linux Journal - Fri, 10/26/2018 - 08:08
by Petros Koutoupis

Late last month, Canonical made an astonishing announcement: an optimized image of Ubuntu Desktop is now available from Microsoft's Hyper-V gallery. This wonderful new feature is primarily intended for Windows 10 Pro desktop users needing to run Ubuntu Desktop guest virtual machines.

Although the announcement itself came as a bit of a surprise, even more so when you consider the long tumultuous history between both Microsoft and Linux, it does, however, indicate that times (and the company) have been changing. In recent years, Microsoft has been making a concerted effort to embrace open source and open-source technologies.

The announcement did leave me with a few questions, so I took the opportunity to sit down with Will Cooke, the Engineering Director for Ubuntu Desktop at Canonical, and Sarah Cooley, Program Manager at Microsoft.

Petros Koutoupis: Please introduce yourselves and describe your primary role both at your company and for this project.

Will Cooke: I am the director of engineering for Ubuntu Desktop at Canonical. Our team is responsible for putting together every Ubuntu Desktop release, selecting which packages and which features we're going to ship, making sure that each release is of the right quality and working with partners on projects around Ubuntu Desktop—for example, OEMs shipping Ubuntu Desktop on their hardware and, in this instance, Microsoft, to improve the virtual guest experience for Ubuntu Desktop on Windows 10. For this project, I worked with our internal teams to line up the requirements for supporting the enhanced session and to make sure the features we needed would be included in 18.04 LTS and with Microsoft engineers and product managers to make sure we were always in sync on the latest progress.

Sarah Cooley: I am a program manager on the virtualization team at Microsoft. We have been working closely with the developer platform team in Microsoft, Will Cooke's team in Canonical, and xRDP's community to improve the Linux virtual machine experience on Windows 10—starting with Ubuntu. To provide the experience you see today, Hyper-V developers contributed to xRDP to make sure open source communities can run Linux virtual machines in enhanced session mode while working with Canonical to provide all of the tools necessary for Ubuntu to run well with Hyper-V with no additional setup. Outside this effort, I also work on the Windows Subsystem for Linux and Linux containers on Windows.

PK: Why Hyper-V and why Ubuntu Desktop?

Go to Full Article
Categories: Linux News

SUSE Joins OpenChain Project, Pine64 Making a Linux Smartphone, Linux Foundation Releases First Dev Kit for Its EdgeX Foundry Project, Mozilla Will Match Donations to the Tor Project and a New Version of RaspEX Linux for RPi Now Available

Linux Journal - Thu, 10/25/2018 - 08:50

News briefs for October 25, 2018.

SUSE recently joined the OpenChain Project, which makes "open source license compliance simpler and more consistent". HPCWire notes that "conformance with the OpenChain Specification confirms that an organization follows the key requirements of a quality open source compliance program, and builds trust between organizations in the supply chain". In addition, SUSE is the "first enterprise Linux distributor to earn conformance with the OpenChain Project Specification".

Pine64 is making a Linux smartphone that runs KDE Plasma. According to the FOSSBYTES post, the devices will be called PinePhone and PineTab, and Pine64 will begin sending the first PinePhone developer kits to selected devs for free in November. The open-source Linux smartphone is expected to start at around $100.

The Linux Foundation has released the first developer kit for its EdgeX Foundry project, which is for "developing open source edge computing middleware". The kit is Ubuntu-based and is "built around an octa-core Samsung Artik 710 Starter Kit teamed with a GrovePi+ I/O board. Future kits will include an Artik 530 kit, and eventually, a Raspberry Pi/GrovePi+ combination."

The Tor Project has announced that Mozilla will match all donations to the project through the end of the year. ZDNet reports that Mozilla matched $200,000 in donations to Tor last year. This year, Tor plans to use the funds to "increase the capacity modularization and scalability of the Tor network"; "better test for, measure, and design solutions around internet censorship"; and "strengthen development of the Tor Browser for Android".

A new version of RaspEX Linux for Raspberry Pi has been released. This new version as based on Ubuntu 18.10 and uses the LXDE desktop. According to Softpedia News, "RaspEX LXDE Build 181022 is powered by the Linux 4.14.76 LTS kernel built for the ARMv8 architecture, which means that it supports the original Raspberry Pi 3 Model B single-board computer, as well as the latest Raspberry Pi 3 Model B+ variant. However, you can also use a 32-bit kernel, Linux 4.14.74 LTS." New packages included in this version are Raspotify (a Spotify Connect client for RPi), Putty, RealVNC and Samba.

News SUSE licensing open source Plasma Pine64 The Linux Foundation Ubuntu Tor Raspberry Pi
Categories: Linux News

Internationalizing the Kernel

Linux Journal - Thu, 10/25/2018 - 07:00
by Zack Brown

At a time when many companies are rushing to internationalize their products and services to appeal to the broadest possible market, the Linux kernel is actively resisting that trend, although it already has taken over the broadest possible market—the infrastructure of the entire world.

David Howells recently created some sample code for a new kernel library, with some complex English-language error messages that were generated from several sources within the code. Pavel Machek objected that it would be difficult to automate any sort of translations for those messages, and that it would be preferable simply to output an error code and let something in userspace interpret the error at its leisure and translate it if needed.

In this case, however, the possible number of errors was truly vast, based on a variety of possible variables. David argued that representing each and every one with a single error code would use a prohibitively large number of error codes.

Ordinarily, I might expect Pavel to be on the winning side of this debate, with Linus Torvalds or some other top developer insisting that support for internationalization was necessary in order to give the best and most useful possible experience to all users.

However, Linus had a very different take on the situation:

We don't internationalize kernel strings. We never have. Yes, some people tried to do some database of kernel messages for translation purposes, but I absolutely refused to make that part of the development process. It's a pain.

For some GUI project, internationalization might be a big deal, and it might be "TheRule(tm)". For the kernel, not so much. We care about the technology, not the language.

So we'll continue to give error numbers for "an error happened". And if/when people need more information about just what _triggered_ that error, they are as English-language strings. You can quote them and google them without having to understand them. That's just how things work.

[...]

There are places where localization is a good idea. The kernel is *not* one of those places.

He added later:

I really think the best option is "Ignore the problem". The system calls will still continue to report the basic error numbers (EINVAL etc), and the extended error strings will be just that: extended error strings. Ignore them if you can't understand them.

That said, people have wanted these kinds of extended error descriptors forever, and the reason we haven't added them is that it generally is more pain than it is necessarily worth.

Go to Full Article
Categories: Linux News

Episode 4: All About Security

Linux Journal - Wed, 10/24/2018 - 10:36
Your browser does not support the audio element. Reality 2.0 - Episode 4: All About Security

Doc Searls and Katherine Druckman talk to Linux Journal's own Kyle Rankin about basic security hardening.

Categories: Linux News

KDE Holding a Bug Day on October 30, Qt Project Creating Its Own Code of Conduct, Linus Torvalds Discusses His Return, Tails 3.10.1 Is Out and OpenIndiana Hipster 2018.10 Released

Linux Journal - Wed, 10/24/2018 - 08:46

News briefs for October 24, 2018.

KDE is holding a Bug Day on October 30, 2018. The Bug Day will focus on Konsole, and you can join the #kde-bugs IRC channel on Freenode at any time to participate.

The Qt Project is creating its own Code of Conduct. Phoronix reports that the motivation is to "establish a formal line-in-the-sand about what is unacceptable behavior. We want new members of the Qt community to feel comfortable and accepted, and we want to foster a healthy working environment for both current and new members." You can find the proposed Code of Conduct here.

Linus Torvalds discusses his return to Linux in an interview with ZDNet, and says he's "starting the usual merge window activity now". Regarding the Code of Conduct, he says: "I want to leave it alone, and wait until we actually have any real issues. I'm hoping there won't be any, but even if there are, I want the input to be colored more by real and *actual* concerns, rather than just people arguing about it." See the article for more details on what he's been doing and other news from the Maintainers Summit.

Tails 3.10.1 is now available. This release fixes several security issues, so update as soon as possible. Also in this version Linux is updated to 4.8, the Tor Browser is updated to 8.0.3 and Thunderbird to 60.2.1. Tails version 3.11 is expected in December.

OpenIndiana Hipster 2018.10 was released today. Notable changes include MATE updated to 1.20, Python 3.5 was added, the Image Packaging System received many updates, and much more. See the release notes for more details, and download it from here.

News KDE qt Code of Conduct Linus Torvalds Tails Distributions OpenIndiana
Categories: Linux News

Simulate Typing with This C Program

Linux Journal - Wed, 10/24/2018 - 07:00
by Jim Hall

I recently created a video demonstration of how to do some work at the command line, but as I tried to record my video, I kept running into problems. I'm just not the kind of person who can type commands at a keyboard and talk about it at the same time. I quickly realized I needed a way to simulate typing, so I could create a "canned" demonstration that I could narrate in my video.

After doing some searching, I couldn't find a command on my distribution that would simulate typing. I wasn't surprised; that's not a common thing people need to do. So instead, I rolled my own program to do it.

Writing a program to simulate typing isn't as difficult as it first might seem. I needed my program to act like the echo command, where it displayed output given as command-line parameters. I added command-line options so I could set a delay between the program "typing" each letter, with an additional delay for spaces and newlines. The program basically did this the following for each character in a given string:

  1. Insert a delay.
  2. Print the character.
  3. Flush the output buffer so it shows up on screen.

First, I needed a way to simulate a delay in typing, such as someone typing slowly, or pausing before typing the next word or pressing Enter. The C function to create a delay is usleep(useconds_t usec). You use usleep() with the number of microseconds you want your program to pause. So if you want to wait one second, you would use usleep(1000000).

Working in microseconds means too many zeroes for me to type, so I wrote a simple wrapper called msleep(int millisec) that does the same thing in milliseconds:

int msleep (int millisec) { useconds_t usec; int ret; /* wrapper to usleep() but values in milliseconds instead */ usec = (useconds_t) millisec *1000; ret = usleep (usec); return (ret); }

Next, I needed to push characters to the screen after each delay. Normally, you can use putchar(int char) to send a single character to standard output (such as the screen), but you won't actually see the output until you send a newline. To get around this, you need to flush the output buffer manually. The C function fflush(FILE *stream) will flush an output stream for you. If you put a delay() before each fflush(), it will appear that someone is pausing slightly between typing each character.

Go to Full Article
Categories: Linux News

Firefox 63 Released, Red Hat Collaborating with NVIDIA, Virtual Box 6.0 Beta Now Available, ODROID Launching a New Intel-Powered SBC and Richard Stallman Announces the GNU Kind Communication Guidelines

Linux Journal - Tue, 10/23/2018 - 08:35

News briefs for October 23, 2018.

Firefox 63.0 was released this morning. With this new version, "users can opt to block third-party tracking cookies or block all trackers and create exceptions for trusted sites that don't work correctly with content blocking enabled". In addition, WebExtensions now run in their own process on Linux, and Firefox also now warns if you have multiple windows and tabs open when you quit via the main menu. You can download it from here.

Red Hat this morning announced it is collaborating with NVIDIA to "bring a new wave of open innovation around emerging workloads like artificial intelligence (AI), deep learning and data science to enterprise datacenters around the world." Leading this partnership is the certification of Red Hat Enterprise Linux on NVIDIA DGX-1 systems, which will provide "a foundation or the rest of the Red Hat portfolio, including Red Hat OpenShift Container Platform, to be deployed and jointly supported on NVIDIA's AI supercomputers."

VirtualBox 6.0 Beta 1 was released today. Note that this is a beta release and shouldn't be used on production machines. Version 6.0 will be a new major release. So far, some of the changes include Oracle Cloud Infrastructure integration and improvements in the GUI design. See the forum for more information.

ODROID recently announced it is launching a new Intel-powered SBC. According to Phoronix, the "ODROID-H2 and is powered by an Intel J4105 Geminilake 2.3GHz quad-core processor, dual channel DDR4 memory via SO-DIMM slots, PCIe NVMe storage slot, dual Gigabit Ethernet, dual SATA 3.0 ports, and HDMI 2.0 / DP 1.2 display outputs". It is expected to be available in late November. See the ODROID forum for further details.

Richard Stallman yesterday announced the "GNU Kind Communication Guidelines". Stallman writes that in contrast to a code of conduct with punishment for people who violate the rules, "the idea of the GNU Kind Communication Guidelines is to start guiding people towards kinder communication at a point well before one would even think of saying, 'You are breaking the rules'." The initial version of the GNU Kind Communications Guidelines is here.

News Firefox Red Hat NVIDIA AI OpenShift VirtualBox ODROID SBCs GNU Linux Richard Stallman Code of Conduct
Categories: Linux News

Pioneers in Open Source--Eren Niazi, Part I: the Start of a Movement and the Open-Source Revolution Redefining the Data Center

Linux Journal - Tue, 10/23/2018 - 08:06
by Petros Koutoupis

The name may not be a familiar one to everyone, but Eren Niazi can be credited with laying the foundation and paving the way to the many software-defined and cloud-centric technologies in use today.

When considering the modern data center, it's difficult to imagine a time when open-source technologies were considered taboo or not production-grade, but that time actually existed. There was a time when the data center meant closed and propriety technologies, developed and distributed by some of the biggest names in the industry—the days when EMC, NetApp, Hewlett Packard (HP), Oracle or even Sun Microsystems owned your data center and the few applications upon which you heavily relied. It also was a time when your choice was limited to one vendor, and you would invest big into that single vendor. If you were an HP shop, you bought HP. If you were an EMC shop, you bought EMC—and so on. From the customer's point of view, needing to interact with only a single vendor for purchasing, management and support was comforting.

However, shifting focus back to the present, the landscape is quite different. Instead, you'll find an environment of mixed offerings provided by an assortment of vendors, both large and small. Proprietary machines work side by side with off the shelf commodity devices hosting software-defined software, most of which are built on top of open-source code. And half the applications are hosted in virtual machines over a Hypervisor or just spun up in one or more containers.

These changes didn't happen overnight. It took visionaries like Eren Niazi to identify the full potential of open-source software technologies. He saw what others did not and, in turn, proved to an entire industry that open source was not merely production-ready, but he also used that same technology to redefine the entire data center.

His story is complicated, filled with ups and downs. Eren faced his fair share of trials and tribulations that gave him everything, just to have it all taken away. But, let's begin at the beginning.

Born in Sunnyvale, California, a little more than 40 years ago, Eren grew up down the street from Steve Jobs, and on many occasions, he engaged the legendary Apple co-founder in inspiring conversations. The two shared many characteristics. Neither ever finished college. Both are entrepreneurs and inventors. Niazi and Jobs each were driven from their own companies, only to return again. Around age 12, Eren became fascinated with computers and learned how to develop code. However, his adventures in open-source technologies didn't truly start until the year 1998.

Go to Full Article
Categories: Linux News

Linux Kernel 4.19 Released, Linus Torvalds Is Back, Linspire 8.0 RC1 Is Out, IPFire 2.21 Now Available and Recently Discovered Apache Vulnerability

Linux Journal - Mon, 10/22/2018 - 08:45

News briefs for October 22, 2018.

Greg Kroah-Hartman released Linux kernel 4.19 this morning and handed the kernel tree back to Linus, writing "You can have the joy of dealing with the merge window."

Linus Torvalds "is meeting with Linux's top 40 or so developers at the Maintainers' Summit", at the Open Source Summit Europe in Edinburgh, Scotland, ZDNet reports. He isn't scheduled to speak, but "this is his first step back in taking over Linux's reins."

Linspire 8.0 RC1 was released over the weekend. The stable release is expected in December (don't use this release in production environments), and RC2, which should be more feature-complete, is expected in November. Among other changes, in this version, iMac Pro support has been improved and Oracle Java is now in the repositories. It uses the MATE 1.20.1 desktop, kernel 4.15 and Chrome 69.

IPFire 2.21 - Core Update 124 is out, and according to the release announcement, it "brings new features and immensely improves security and performance of the whole system". It's now available on AWS EC2, is updated to kernel version 4.14.72 and the security of its SSH daemon has been improved, among other new features.

A recently discovered Apache vulnerability could affect thousands of applications. Dark Reading reports that the issue is with "the way that thousands of code projects are using Apache .htaccess, leaving them vulnerable to unauthorized access and a subsequent file upload attack in which auto-executing code is uploaded to an application."

News kernel Linus Torvalds Linspire IPFire Security Apache
Categories: Linux News

Review: System76 Oryx Pro Laptop

Linux Journal - Mon, 10/22/2018 - 06:30
by Robert J. Hansen

Can "by hackers, for hackers" sell laptops? System76 sold an Oryx Pro to Rob, and he's here to tell you about it.

I should start by saying that although I'm definitely no newbie to Linux, I'm new to the world of dedicated Linux laptops. I started with Linux in 1996, when Red Hat 4.0 had just adopted the 2.0 kernel and Debian 1.3 hadn't yet been released. I've run a variety of distros with varying degrees of satisfaction ever since, always looking for the Holy Grail of a desktop UNIX that just plain worked.

About 15 years ago after becoming frustrated with the state of Linux on laptop hardware (in a phrase, "nonexistent hardware support"), I switched my laptops over to Macs and didn't look back. It was a true-blue UNIX that just plain worked, and I was happy. But I increasingly found myself frustrated by things I expected from Linux that weren't available on macOS, and which things like Homebrew and MacPorts and Fink could only partly address.

My last MacBook Pro is now four years old, so it was time to shop around again. After being underwhelmed by this generation of MacBooks, I decided to take the risk on a Linux laptop again.

Oh my, an awful lot has changed in 15 years!

System76

System76 is a Denver-based firm with a "by hackers, for hackers" ethos. It's not the first outfit to have tried to deliver on this promise, nor will it be the last. It follows in a long line pioneered by Red Hat and VA Research, and it will continue in the future with businesses yet to be founded. At this moment in history though, System76 seems to be doing a pretty good job of maintaining that standard.

Inquiries

My initial contact with System76 came by visiting the website and requesting a quote for one of its third-generation Oryx Pro models. The sales staff were responsive, polite and didn't seem to have their personalities obliterated into uniform perfection like the Stepford Salesforce of Lenovo or Dell. I also never caught a whiff of a hard sell from any of them. On three occasions just before being able to put down my hard-earned dinero on an Oryx Pro, my life went sideways, and my laptop fund went to pay for strange emergencies that arose out of nowhere, but the System76 sales staff were cheerfully uncaring about this. The impression I got was they believed they knew were going to miss a sale right then, but whether they missed it forever depended on how they behaved in that instant. It's an enlightened view from which more vendors could stand to learn.

Go to Full Article
Categories: Linux News

Weekend Reading: Tor and Tails

Linux Journal - Sat, 10/20/2018 - 09:04
by Carlie Fairchild

Tails is a live media Linux distro designed to boot into a highly secure desktop environment. Tor is a browser that prevents somebody watching your internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

Learn why anonymity matters and how you can protect yourself with this Linux Journal Weekend Reading.

Tor Hidden Services 

Why should clients get all the privacy? Give your servers some privacy too!

Tails above the Rest: the Installation

How to get and validate the Tails distribution and install it. We will follow up with what Tails can and can't do to protect your privacy, and how to use Tails in a way that minimizes your risk. Then we will finish with some more advanced features of Tails, including the use of a persistent volume (with this feature, depending on your needs, you could conceivably use Tails as your main Linux distribution).

Tails above the Rest, Part II

Now that you have Tails installed, let's start using it. Read on to find out how to get started.

Tails above the Rest, Part III

In the first two parts on this series, we gave an overview of Tails, including how to get the distribution securely, and once you have it, how to use some of the basic tools. Here, we cover some of the more advanced features of Tails, such as some of its log-in options, its suite of encryption tools and the persistent disk.

Tor Security for Android and Desktop Linux 

The Tor Project presents an effective countermeasure against hostile and disingenuous carriers and ISPs that, on a properly rooted and capable Android device or Linux system, can force all network traffic through Tor encrypted entry points (guard nodes) with custom rules for iptables. This action renders all device network activity opaque to the upstream carrier—barring exceptional intervention, all efforts to track a user are afterwards futile.

A Bundle of Tor

The best way to set up Tor on your personal machine.

Dolphins in the NSA Dragnet

Go to Full Article
Categories: Linux News

When the Problem Is the Story

Linux Journal - Fri, 10/19/2018 - 12:02
by Doc Searls

Linux isn't a story anymore.

That's a good thing, but not an interesting one. Let me explain.

Journalism's main product is the story. In newsrooms, the three words uttered most often by editors to reporters are "What's the story?"

As I was taught by an editor long ago—and as I have found to be true constantly ever since—all stories are about three things:

  1. A character. Usually human, but not always. Could be a cause. A sports team. A political party. Could be good, or bad, or neither. All that matters is that the character is interesting. You can also have more than one, but a single one is better.
  2. A problem or conflict. A situation that challenges the character, or characters, further defining them and making them more interesting. Problems and conflict keep people interested, so they keep reading, watching, listening, turning pages, talking to others about it, and "move the narrative along" (as the news watchers like to say).
  3. Movement toward resolution. Doesn't matter if the end never arrives. Hell, look at soap operas. You just have to keep the story moving in the direction of conclusion. Newsroom aphorism: "No story ever starts with 'Happily ever after'." Another: "If your team is up forty points with five minutes left, your new story is about how you get out of the parking lot ahead of traffic."

All three of those are why Linux isn't much of a story any more, even though it's bigger in the world than it has ever been.

Linux had character when it was easy to cast as an underdog operating system, and the problem was beating Windows. Linus Torvalds, the father of Linux, did his best not to be interesting, but his fans made him interesting anyway:

Us included. The above is from a slide show that was featured in a story I wrote back in 2002 that's off-web at the moment, but also beside the point, which is that Linus and his penguins were characters in stories that were interesting at the time and aren't anymore.

That's because Linux has achieved the world domination it longed for in the early years.

Yes, Linus as a character got interesting for a few minutes last month (top results in a Google News search for "Linus Torvalds" range from 22 to 29 days old), but that story is too stale to be interesting now, even though the issues around it still matter.

Go to Full Article
Categories: Linux News

openSUSE Tumbleweed Snapshots Update, Nominations Now Open for 2019 Red Hat Women in Open Source Awards, OpenSSH 7.9 Released, Some VestaCP Servers Compromised by New Linux/ChachaDDOS Malware and Kraft 0.82 Now Available

Linux Journal - Fri, 10/19/2018 - 08:48

News briefs for October 19, 2018.

Two new openSUSE Tumbleweed snapshots provide KDE users with a newer version of Applications 18.08.2, and all Tumbleweed users can update kernel 4.18.13. Last week's snapshots included newer versions of KDE's Plasma 5.14 and Frameworks 5.50.0. For more info on the recent updates, visit opensuse.org.

Nominations are open for 2019 Red Hat Women in Open Source Awards. This is the fifth year of the awards that "were created and are sponsored by Red Hat to honor women who make important contributions to open source projects and communities, or those making innovative use of open source methodology". Nominations are being accepted until November 12, 2018. See the 2019 Women in Open Source Award Page for further details.

OpenSSH 7.9 was released today. It's available from the mirrors here.

ZDNet reports that some VestaCP servers were compromised by a new malware strain called Linux/ChachaDDOS. The unknown attacker "contaminated the project's source code with malware that logs passwords, open shells, and can launch DDoS attacks." Evidently the malicious code was added to the official GitHub repository on May 31 and removed June 13. See the ESET report for more information.

A new release of Kraft, "the Qt- and KDE based software to help to organize business docs in small companies", is now available. Version 0.82 reworks the calculation dialog that does calculations for templates and also sending documents via email was improved. See the Changelog for more details.

News openSUSE KDE Red Hat Women open source OpenSSH Security Kraft
Categories: Linux News

Doing Date Math on the Command Line - Part II

Linux Journal - Fri, 10/19/2018 - 08:13
by Mitch Frazier

In part II of this series of articles on doing date math from the command line we want to try to solve a problem we noted in part I: passing the date command a date specification something like "the first Monday after some date".

Go to Full Article
Categories: Linux News

Ubuntu 18.10 "Cosmic Cuttlefish" Due Out Today, Arm Launches IoT-Focused Mbed Linux, GitHub's New Security Features, MongoDB Announces New Server Side License and Google to Charge for Apps on Android Handsets Sold in Europe

Linux Journal - Thu, 10/18/2018 - 08:31

News briefs for October 18, 2018.

Ubuntu 18.10 "Cosmic Cuttlefish" expected to be released today. According to Phoronix, the biggest change for users will be the revised default theme for the GNOME Shell experience, now known as "Yaru". Ubuntu 18.10 will also have the Linux 4.18 kernel, "which means better hardware support, various performance improvements, and other optimizations compared to Ubuntu 18.04's Linux 4.15".

Arm launches the IoT-focused Mbed Linux OS and also extends Pelion IoT Platform services. According to Linux.com, Mbed Linux "combines the Linux kernel with tools and recipes from the Intel-backed Yocto Project. The distro also integrates security and IoT connectivity code from its open source Mbed RTOS". In addition, the Pelion IoT Platform "will align with Intel's Secure Device Onboard (SDO) provisioning technology to make it easier for IoT vendors and customers to onboard both x86 and Arm-based devices using a common Pelion platform. Arm also announced Pelion related partnerships with myDevices and Arduino."

GitHub updated its platform this week, which included many developer-centric changes and security features, but the most notable change is the "expansion of the Security Alerts feature, which also now supports Java and .NET projects, on top of the original JavaScript, Ruby and Python", ZDNet reports.

MongoDB recently announced it will be released under the new Server Side Public License: "The SSPL clarifies the conditions for making MongoDB publicly available as a service, to ensure we can continue to invest in building MongoDB for our users rather than in costly litigation over enforcing the AGPL. All subsequent versions and patch releases to prior versions of MongoDB made after October 16th, 2018 will be issued under the new SSPL."

Google plans to charge smartphone makers to pre-install apps like Gmail and YouTube on Android handsets sold in Europe. The Verge quotes Android leader Hiroshi Lockheimer, "Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the [European Economic Area]."

News Ubuntu Distributions GNOME ARM IOT GitHub Security MongoDB licensing Google Android Mobile
Categories: Linux News

Code Review--an Excerpt from VM Brasseur's New Book Forge Your Future with Open Source

Linux Journal - Thu, 10/18/2018 - 07:00
by VM Brasseur

Excerpt from Forge Your Future with Open Source by VM (Vicky) Brasseur, Copyright © 2018 The Pragmatic Programmers LLC. Reproduced with the permission of the publisher.

Even new programmers can provide a lot of value with their code reviews. You don't have to be a Rockstar Ninja 10x Unicorn Diva programmer with years and years of experience to have valuable insights. In fact, you don't even have to be a programmer at all. You just have to be knowledgable enough to spot patterns. While you won't be able to do a complete review without programming knowledge, you may still spot things that could use some work or clarification.

If you're not a Rockstar Ninja 10x Unicorn Diva programmer, not only is your code review feedback still valuable, but you can also learn a great deal in the process: Code layout, programming style, domain knowledge, best practices, neat little programming tricks you'd not have seen otherwise, and sometimes antipatterns (or "how not to do things"). So don't let the fact that you're unfamiliar with the code, the project, or the language hold you back from reviewing code contributions. Give it a go and see what there is to learn and discover.

"But," you may wail, "how is that even possible?! I don't know how to program very well! How could I ever do anything valuable on a code review?" Calm yourself, friend. You have a lot to offer here. Earlier I mentioned pattern-spotting, and that's a good place to start. If the contribution you're reviewing looks a lot more complicated than everything around it, you've just spotted a potential problem. Does the code use different indentations or variable naming than elsewhere in the file? That's another potential problem. Is the code contribution really long, when everything else in the file is much shorter? That could be a sign something is wrong. You don't have to be that Rockstar Ninja 10x Unicorn Diva programmer to spot these things; you only have to be familiar with programming and—most importantly—you only have to be looking at the code.

Do be careful as you start code review for a project with which you're not very familiar. Some projects would rather not receive reviews from people who aren't yet skilled in the code in question, as those reviews often can contain errors or inconsistencies with how the project typically operates. Inexperienced reviewers also can confuse inexperienced contributors, who might not know that the person providing feedback to them is not very familiar with the code or the project. Always check the CONTRIBUTING file or ask a core contributor before you start reviewing code contributions, rather than risk stepping on toes or providing feedback when none is wanted.

Go to Full Article
Categories: Linux News

elementary OS Juno Released, Plasma 5.14.1 Is Out, Chrome 70 Now Available, Docker Raises New Funding and New Badges for Firefox Users

Linux Journal - Wed, 10/17/2018 - 08:30

News briefs for October 17, 2018.

elementary OS Juno is now available. This new major version sports a ton of updates and improvements with three major goals: 1) "provide a more refined user experience; 2) "improve productivity for new and seasoned users alike"; and 3) "take our developer platform to the next level".

The KDE Project yesterday announced the first point release of the KDE Plasma 5.14 desktop series. Plasma 5.14.1 adds new translations and some important bugfixes. See the changelog for further details.

Chrome 70 is now available. This release removes the controversial change from the last version, and now allows users to stop the browser from automatically signing in to their Google accounts after logging in to one of its apps, The Verge reports. You still need to opt-out and specifically change this setting, however. Other changes include support for progressive web apps on Windows. See the "New in Chrome 70" post for more information on this release.

Docker has raised $92 million in new funding. According to TechCrunch, "the new funding is a signal that while Docker may have lost its race with Google's Kubernetes over whose toolkit would be the most widely adopted, the San Francisco-based company has become the champion for businesses that want to move to the modern hybrid application development and information technology operations model of programming."

Mozilla has created badges for Firefox users who want to show their support. You can grab the code for the badges here. Mozilla notes that the "images are hosted on a Mozilla CDN for convenience and performance only. We do no tracking of traffic to the CDN".

News Distributions elementary OS KDE Plasma Desktop Chrome Google Docker Containers Mozilla Firefox
Categories: Linux News

Keeping Control in the Hands of the User

Linux Journal - Wed, 10/17/2018 - 08:05
by Zack Brown

Various efforts always are underway to implement Secure Boot and to add features that will allow vendors to lock users out of controlling their own systems. In that scenario, users would look helplessly on while their systems refused to boot any kernels but those controlled by the vendors.

The vendors' motivation is clear—if they control the kernel, they can then stream media on that computer without risking copyright infringement by the user. If the vendor doesn't control the system, the user might always have some secret piece of software ready to catch and store any streamed media that could then be shared with others who would not pay the media company for the privilege.

Recently, Chen Yu and other developers tried to submit patches to enhance Secure Boot so that when the user hibernated the system, the kernel itself would encrypt its running image. This would appear to be completely unnecessary, since as Pavel Machek pointed out, there is already uswsusp (userspace software suspend), which encrypts the running image before suspending the system. As Pavel said, the only difference was that uswusp ran in userspace and not kernel space.

Perhaps in an effort to draw Chen into admitting the deeper motives behind the patch submission, Pavel asked Chen to elucidate exactly what security hole his patches addressed and how they would deal with them. Pavel would ask that question over and over again before the end of the discussion, and he would not receive an answer.

Chen offered a variety of justifications for the patch, including letting users do less work, but none of them answered the fundamental question: why was this patch needed as a security enhancement in the first place? And eventually, Pavel called it like he saw it. He said, "Purpose here is to prevent the user from reading/modifying kernel memory content on machine he owns. Strange as it may sound, that is what 'secure' boot requires (and what Disney wants)."

The discussion ended inconclusively, but not utterly. It's clear that Pavel, and a group of core kernel developers including Linus Torvalds, will continue to guard against allowing vendors to control user systems. This seems to be one of the fundamental values of the Linux kernel—to prevent the reemergence of the kind of situation we had in the 1980s, where vendors had ultimate control over virtually all software, while users were at the mercy of business decisions they didn't agree with but could do nothing about.

Note: if you're mentioned above and want to post a response above the comment section, send a message with your response text to ljeditor@linuxjournal.com.

Go to Full Article
Categories: Linux News

Canonical Announces Partnership with Eurotech, the Big Four to End Support of TLS 1.0 and 1.1, Sony Using Blockchain for DRM, NETWAYS Web Services Launches IaaS OpenStack, Grey Hat Patching MikroTik Routers and Paul Allen Dies at 65

Linux Journal - Tue, 10/16/2018 - 09:09

News briefs for October 16, 2018.

Canonical announced a partnership with Eurotech to help organizations advance in the IoT realm. In connection with this partnership, Canonical "has published a Snap for the Eclipse Kura project—the popular, open-source Java-based IoT edge framework. Having Kura available as a Snap—the universal Linux application packaging format—will enable a wider availability of Linux users across multiple distributions to take advantage of the framework and ensure it is supported on more hardware. Snap support will also extend on Eurotech's commercially supported version; the Everywhere Software Framework (ESF)."

Apple, Google, Microsoft and Mozilla all announce the end of support for TLS 1.0 and 1.1 standards starting in 2020, ZDNet reports. Chrome and Firefox already support TLS 1.3, and Microsoft and Apple will soon follow suit.

Sony announced it's planning to use the blockchain for digital rights management (DRM). According to the story on Engadget, the company plans to begin with the Sony Global Education written educational materials. This blockchain system is "built on Sony's pre-existing DRM tools, which keep track of the distribution of copyrighted materials, but will have advantages that come with blockchain's inherent security."

NETWAYS Web Services launches IaaS OpenStack. According to the press release, "the Open Source experts from 'NETWAYS Web Services' (NWS) add with OpenStack a customizable, fully managed Infrastructure as a Service (Iaas) to their platform." Customers can choose between SSD or Ceph based packages, and in addition to OpenStack, the platform offers "a diverse selection of Open Source applications for various purposes". If you're interested, you can try NWS OpenStack 30 days for free. For more information and to get started, go here.

A grey-hat hacker is breaking into MikroTik routers and patching them so they can't be compromised by cryptojackers or other attackers. According to ZDNet, the hacker, who goes by Alexey, is a system administrator and claims to have disinfected more then 100,000 MikroTik routers. He told ZDNet that he added firewall rules to block access to the routers from outside the local network, and then "in the comments, I wrote information about the vulnerability and left the address of the @router_os Telegram channel, where it was possible for them to ask questions." Evidently, a few folks have said "thanks", but many are outraged.

Paul Allen—"co-founder of Microsoft and noted technologist, philanthropist, community builder, conservationist, musician and supporter of the arts"—passed away yesterday. See the statements released on behalf of the Allen Family, Vulcan Inc. and the Paul G. Allen network at the Vulcan Inc. website.

News Canonical IOT Snap Apple Microsoft Amazon Mozilla Browsers Sony Blockchain drm OpenStack Security
Categories: Linux News

Have a Plan for Netplan

Linux Journal - Tue, 10/16/2018 - 08:08
by Shawn Powers

Ubuntu changed networking. Embrace the YAML.

If I'm being completely honest, I still dislike the switch from eth0, eth1, eth2 to names like, enp3s0, enp4s0, enp5s0. I've learned to accept it and mutter to myself while I type in unfamiliar interface names. Then I installed the new LTS version of Ubuntu and typed vi /etc/network/interfaces. Yikes. After a technological lifetime of entering my server's IP information in a simple text file, that's no longer how things are done. Sigh. The good news is that while figuring out Netplan for both desktop and server environments, I fixed a nagging DNS issue I've had for years (more on that later).

The Basics of Netplan

The old way of configuring Debian-based network interfaces was based on the ifupdown package. The new default is called Netplan, and although it's not terribly difficult to use, it's drastically different. Netplan is sort of the interface used to configure the back-end dæmons that actually configure the interfaces. Right now, the back ends supported are NetworkManager and networkd.

If you tell Netplan to use NetworkManager, all interface configuration control is handed off to the GUI interface on the desktop. The NetworkManager program itself hasn't changed; it's the same GUI-based interface configuration system you've likely used for years.

If you tell Netplan to use networkd, systemd itself handles the interface configurations. Configuration is still done with Netplan files, but once "applied", Netplan creates the back-end configurations systemd requires. The Netplan files are vastly different from the old /etc/network/interfaces file, but it uses YAML syntax, and it's pretty easy to figure out.

The Desktop and DNS

If you install a GUI version of Ubuntu, Netplan is configured with NetworkManager as the back end by default. Your system should get IP information via DHCP or static entries you add via GUI. This is usually not an issue, but I've had a terrible time with my split-DNS setup and systemd-resolved. I'm sure there is a magical combination of configuration files that will make things work, but I've spent a lot of time, and it always behaves a little oddly. With my internal DNS server resolving domain names differently from external DNS servers (that is, split-DNS), I get random lookup failures. Sometimes ping will resolve, but dig will not. Sometimes the internal A record will resolve, but a CNAME will not. Sometimes I get resolution from an external DNS server (from the internet), even though I never configure anything other than the internal DNS!

Go to Full Article
Categories: Linux News
Syndicate content