Linux Journal

Minim Debuted the Minim Labs Free Router Security Platform, AWS Launched DocumentDB, Firefox CTO Eric Rescorla Awarded Levchin Prize, Red Hat Ansible Tower 3.4 Now Available and IoT DevCon 2019 Call for Papers

1 week 5 days ago

News briefs for January 10, 2019.

Minim debuted Minim Labs at CES this week. This free version of the Minim router security platform has an open-source Linux-based "Unum" agent for protecting home automation devices, and it runs on Raspbian and OpenWrt Linux devices. See this LinuxGizmos post and the Minim Labs website for more information.

AWS launched DocumentDB yesterday, a "fast, scalable, and highly available document database that is designed to be compatible with your existing MongoDB applications and tools". TechCrunch reports that AWS felt customers found MongoDB difficult to use, so the company built "its own document database, but made it compatible with theApache 2.0 open source MongoDB 3.6 API".

Firefox CTO Eric Rescorla was awarded the Levchin Prize for "significant contributions to solving global, real-world cryptography issues that make the internet safer at scale" yesterday, which was announced at the 2019 Real-World Crypto Conference. According to the Mozilla Blog, Rescorla was chosen for his "involvement in spearheading the latest version of Transport Layer Security (TLS). TLS 1.3 incorporates significant improvements in both security and speed, and was completed in August and already secures 10% of sites."

Red Hat yesterday announced the availability of Red Hat Ansible Tower 3.4. This new release features "workflow enhancements including nested workflows and workflow convergence, designed to simplify challenges inherent in managing complex hybrid cloud infrastructure". In addition this version boasts increased scalability and enhanced security. The press release quotes Vice President, Management at Red Hat, Joe Fitzgerald: "With the new features available in Red Hat Ansible Tower 3.4 organizations are able to increase the scale and scope of their automation activities together with increased control and visibility."

IoT DevCon 2019's call for papers is now open. If you're interested in presenting at the Internet of Things Developers Conference, submission of titles and abstracts deadline is February 28, 2019. The conference will "focus on technologies ranging from ultra-low power microcontrollers to multicore-enabled aggregation hubs and from software strategies to security solutions as well as techniques required to monitor and manage the enormous loads of device-generated data. We are looking for experts to address the audience of managers, developers, engineers and makers". The conference will be held in Santa Clara, California, June 5–6, 2019.

News Minim Labs Security IOT AWS MongoDB Firefox
Jill Franklin

Non-Child Process Exit Notification Support

1 week 5 days ago
by Zack Brown

Daniel Colascione submitted some code to support processes knowing when others have terminated. Normally a process can tell when its own child processes have ended, but not unrelated processes, or at least not trivially. Daniel's patch created a new file in the /proc directory entry for each process—a file called "exithand" that is readable by any other process. If the target process is still running, attempts to read() its exithand file will simply block, forcing the querying process to wait. When the target process ends, the read() operation will complete, and the querying process will thereby know that the target process has ended.

It may not be immediately obvious why such a thing would be useful. After all, non-child processes are by definition unrelated. Why would the kernel want to support them keeping tabs on each other? Daniel gave a concrete example, saying:

Android's lmkd kills processes in order to free memory in response to various memory pressure signals. It's desirable to wait until a killed process actually exits before moving on (if needed) to killing the next process. Since the processes that lmkd kills are not lmkd's children, lmkd currently lacks a way to wait for a process to actually die after being sent SIGKILL.

Daniel explained that on Android, the lmkd process currently would simply keep checking the proc directory for the existence of each process it tried to kill. By implementing this new interface, instead of continually polling the process, lmkd could simply wait until the read() operation completed, thus saving the CPU cycles needed for continuous polling.

And more generally, Daniel said in a later email:

I want to get polling loops out of the system. Polling loops are bad for wakeup attribution, bad for power, bad for priority inheritance, and bad for latency. There's no right answer to the question "How long should I wait before checking $CONDITION again?". If we can have an explicit waitqueue interface to something, we should. Besides, PID polling is vulnerable to PID reuse, whereas this mechanism (just like anything based on struct pid) is immune to it.

Joel Fernandes suggested, as an alternative, using ptrace() to get the process exit notifications, instead of creating a whole new file under /proc. Daniel explained:

Go to Full Article
Zack Brown

Qubes OS 4.0.1 Released, Plasma 5.14.15 Is Out, Software Freedom Conservancy Fundraiser, ClearCube Launches C3xPi Thin Client for RPi 3 Model B+ and Ubuntu Touch Announces OTA-7

1 week 6 days ago

News briefs for January 9, 2019.

Qubes OS 4.0.1 was released today, marking the first stable point release in the 4.0 series. Updates include all 4.0 dom0 updates, Fedora 29 TemplateVM, Debian 9 Template VM, Whonix 14 Gateway and Workstation TemplateVMs, and Linux kernel 4.14. You can get Qubes 4.0.1 from the Downloads Page.

KDE yesterday announced Plasma 5.14.5, the fifth and final point release to the Plasma 5.14 desktop environment series. According to Softpedia News, besides some small but important bug fixes, this release "contains a total of 61 changes across various components like Plasma Workspace, Plasma NetworkManager, Breeze GTK, Plasma Discover, and Plasma Desktop". Plasma 5.15, the start of the next major series, is scheduled to be released on February 12, 2019.

The Software Freedom Conservancy has six more days to collect the remaining $13,369 of the fundraiser that will be matched by Private Internet Access and a group of generous donors. Go here to become an official supporter.

ClearCube recently launched a C3xPi Thin Client for the Raspberry Pi 3 Model B+, LinuxGizmos reports. The C3xPi is $179.95, and ClearCube says it's the "only low-cost, virus-proof, single-case dual monitor thin client in the market". Go to the product page for all the details.

Ubuntu Touch announced its OTA-7 release yesterday. With this release, users now can change the keyboard color scheme; a keyboard layout for Lithuanian was added; the Morph browser received many improvements; and more. See the post for the full changelog and instructions on how to get OTA-7.

News Qubes Security KDE Plasma Software Freedom Conservancy Raspberry Pi ClearCube Ubuntu Touch
Jill Franklin

If Your Privacy Is in the Hands of Others Alone, You Don’t Have Any

1 week 6 days ago
by Doc Searls

If you think regulations are going to protect your privacy, you’re wrong. In fact they can make things worse, especially if they start with the assumption that your privacy is provided only by other parties, most of whom are incentivized to violate it.

Exhibit A for how much worse things can get is the EU’s GDPR (General Data Protection Regulation). As soon as the GDPR went into full effect last May, damn near every corporate entity on the Web put up a “cookie notice” requiring acceptance of terms and privacy policies that allow them to continue with business as usual, harvesting and sharing your personal data, and data about you.

For websites and services in that harvesting business (a population that rounds to the whole commercial web), these notices provide a one-click way to adhere to the letter of the GDPR while violating its spirit.

There’s also big business in the friction that produces. To see how big, look up GDPR+compliance on Google. You’ll get 190 million results (give or take a few dozen million).

None of those results are for you, even though you are who the GDPR is supposed to protect. See, to the GDPR, you are a mere “data subject” and not an independent and fully functional participant in the technical, social and economic ecosystem the internet supports by design. All privacy protections around your data are the burden of other parties.

Or at least that’s the interpretation that nearly every lawmaker, regulatory bureaucrat, lawyer and service provider goes by. (One exception is Elizabeth Renieris @hackylawyer. Her collection of Medium postings are required reading on the GDPR and much else.)  Same goes for those selling GDPR compliance services, comprising most of those 190 million GDPR+compliance search results.

The clients of those services include nearly every website and service on Earth that harvests personal data. These entities have no economic incentive to stop harvesting, sharing and selling personal data the usual ways, beyond fear that the GDPR might actually be enforced, which so far (with few exceptions), it hasn’t been. (See Without enforcement, the GDPR is a fail.)

Go to Full Article
Doc Searls

GitHub Announces that Free Accounts Now Can Create Private Repositories, Bash-5.0 Released, iPhone Apps Linked to Golduck Malware, Godot Game Engine Reaches 3.1 Beta, NSA to Open-Source Its GHIDRA Reverse-Engineering Tool

2 weeks ago

News briefs for January 8, 2019.

GitHub's CEO Nat Friedman yesterday announced that free accounts now can create private repositories (previously only paid accounts could have private repositories). Ars Technica reports that "Now every GitHub account can create an unlimited number of private repositories. These are still restricted—only three people can collaborate on these repositories—but a great many of those projects that once had no option but to be opened up might now be marked as private." The Ars Technica article also expresses concern that one possibility with this change is that "programs that would previously have been published as open source will now be closed up forever".

Bash-5.0 was released yesterday. This release fixes several bugs and introduces many new features. From the release announcement: "The most notable new features are several new shell variables: BASH_ARGV0, EPOCHSECONDS, and EPOCHREALTIME. The `history' builtin can remove ranges of history entries and understands negative arguments as offsets from the end of the history list. There is an option to allow local variables to inherit the value of a variable with the same name at a preceding scope. There is a new shell option that, when enabled, causes the shell to attempt to expand associative array subscripts only once (this is an issue when they are used in arithmetic expressions). The `globasciiranges' shell option is now enabled by default; it can be set to off by default at configuration time."

Security researchers at Wandera recently discovered "more than a dozen iPhone apps covertly communicating with a server associated with Golduck, a historically Android-focused malware that infects popular classic game apps." According to TechCrunch, the malware was discovered more than a year ago and affected retro-style games on Google Play "by embedding backdoor code that allowed malicious payloads to be silently pushed to the device". See the post for more details.

Godot, the open-source, cross-platform game engine, announced it has entered the beta phase for Godot 3.1. New features include the OpenGL ES 2.0 renderer, visual shader editor, improved animation editor, WebSockets support and much more. See the Changelog for the full list. Note that this is a beta build and not intended for use in production.

The NSA plans to open-source its GHIDRA reverse-engineering tool. It's FOSS reports that senior NSA advisor Robert Joyce wrote in his session description for the March RSA Conference 2019, "NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS, and Linux and supports a variety of processor instruction sets. The GHISDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed. and will be released for free public use at RSA."

News GitHub Bash Programming Security Android Mobile gaming NSA open source
Jill Franklin

Back to Basics: Sort and Uniq

2 weeks ago
by Kyle Rankin

Learn the fundamentals of sorting and de-duplicating text on the command line.

If you've been using the command line for a long time, it's easy to take the commands you use every day for granted. But, if you're new to the Linux command line, there are several commands that make your life easier that you may not stumble upon automatically. In this article, I cover the basics of two commands that are essential in anyone's arsenal: sort and uniq.

The sort command does exactly what it says: it takes text data as input and outputs sorted data. There are many scenarios on the command line when you may need to sort output, such as the output from a command that doesn't offer sorting options of its own (or the sort arguments are obscure enough that you just use the sort command instead). In other cases, you may have a text file full of data (perhaps generated with some other script), and you need a quick way to view it in a sorted form.

Let's start with a file named "test" that contains three lines:

Foo Bar Baz

sort can operate either on STDIN redirection, the input from a pipe, or, in the case of a file, you also can just specify the file on the command. So, the three following commands all accomplish the same thing:

cat test | sort sort < test sort test

And the output that you get from all of these commands is:

Bar Baz Foo Sorting Numerical Output

Now, let's complicate the file by adding three more lines:

Foo Bar Baz 1. ZZZ 2. YYY 11. XXX

If you run one of the above sort commands again, this time, you'll see different output:

11. XXX 1. ZZZ 2. YYY Bar Baz Foo

This is likely not the output you wanted, but it points out an important fact about sort. By default, it sorts alphabetically, not numerically. This means that a line that starts with "11." is sorted above a line that starts with "1.", and all of the lines that start with numbers are sorted above lines that start with letters.

To sort numerically, pass sort the -n option:

sort -n test Bar Baz Foo 1. ZZZ 2. YYY 11. XXX Find the Largest Directories on a Filesystem

Numerical sorting comes in handy for a lot of command-line output—in particular, when your command contains a tally of some kind, and you want to see the largest or smallest in the tally. For instance, if you want to find out what files are using the most space in a particular directory and you want to dig down recursively, you would run a command like this:

Go to Full Article
Kyle Rankin

Linux 5.0-rc1 Released, Scratch 3 and Raspberry Pi, Phoronix Test Suite 8.6-Spydeberg Milestone 1 Is Now Available, Elteria Adventures Coming to Linux and Chromium Now Supports VAAPI in Fedora

2 weeks 1 day ago

News briefs for January 7, 2019.

Linux 5.0-rc1 was released yesterday. Linus Torvalds wrote: "The numbering change is not indicative of anything special. If you want to have an official reason, it's that I ran out of fingers and toes to count on, so 4.21 became 5.0. There's no nice git object numerology this time (we're _about_ 6.5M objects in the git repo), and there isn't any major particular feature that made for the release numbering either. Of course, depending on your particular interests, some people might well find a feature _they_ like so much that they think it can do as a reason for incrementing the major number. So go wild. Make up your own reason for why it's 5.0."

MIT recently released Scratch 3, the latest version of its visual programming language. The Raspberry Pi blog announced it has upgraded to make this a smooth transition for those who use its free project resources, "whether that be at a Code Club, CoderDojo, Raspberry Jam, or at home, so we've been busy upgrading our resources to work with Scratch 3". In addition, "Scratch 3 versions of all projects in the Code Club Scratch Modules 1–3 and the CoderDojo Scratch Sushi Cards are already live!" See the post for more details related to Scratch 3 on RPi.

Phoronix Test Suite 8.6-Spydeberg Milestone 1 is out. This is the first development snapshot for the "open-source, cross-platform benchmarking software release due out later in Q1". New features for the Phoronix Test Suite include updates for Microsoft Windows Server 2019 (and it'll be a fully supported platform as well), a new "new phoronix-test-suite compare-results-to-baseline sub-command for comparing two result files with treating the first argument as the performance baseline and providing various statistics off that", a "new ShowPostRunStatistics user configuration" and more. You can get the first development snapshot of Phoronix Test Suite 8.6 at GitHub.

Elteria Adventures is "an open-world RPG MMO with world-building features and it's coming to Linux". GamingOnLinux reports that the developer confirmed it will run on Linux, simply saying ""Yes it will. Also on Mac :)" Evidently the Steam page doesn't give many details on what the game will be like, but GamingOnLinux says "it sounds a bit like Minecraft mixed with an RPG and it has a bunch of platforming as the world is built across many floating islands".

The Chromium web browser in Fedora now has Video Acceleration API (VAAPI) support, making "video playback much smoother while using significantly less resources". Fedora is now the second distribution to include the VAAPI patch in its official Chromium package. See the Fedora Magazine post for more info.

News kernel Programming Scratch Raspberry Pi Phoronix gaming Chromium Fedora
Jill Franklin

IBM Began Buying Red Hat 20 Years Ago

2 weeks 1 day ago
by Glyn Moody

How Big Blue became an open-source company.

News that IBM is buying Red Hat is, of course, a significant moment for the world of free software. It's further proof, as if any were needed, that open source has won, and that even the mighty Big Blue must make its obeisance. Admittedly, the company is not quite the behemoth it was back in the 20th century, when "nobody ever got fired for buying IBM". But it remains a benchmark for serious, mainstream—and yes, slightly boring—computing. Its acquisition of Red Hat for the not inconsiderable sum of $34 billion, therefore, proves that selling free stuff is now regarded as a completely normal business model, acknowledged by even the most conservative corporations.

Many interesting analyses have been and will be written about why IBM bought Red Hat, and what it means for open source, Red Hat, Ubuntu, cloud computing, IBM, Microsoft and Amazon, amongst other things. But one aspect of the deal people may have missed is that in an important sense, IBM actually began buying Red Hat 20 years ago. After all, $34 billion acquisitions do not spring fully formed out of nowhere. Reaching the point where IBM's management agreed it was the right thing to do required a journey. And, it was a particularly drawn-out and difficult journey, given IBM's starting point not just as the embodiment of traditional proprietary computing, but its very inventor.

Even the longest journey begins with a single step, and for IBM, it was taken on June 22, 1998. On that day, IBM announced it would ship the Apache web server with the IBM WebSphere Application Server, a key component of its WebSphere product family. Moreover, in an unprecedented move for the company, it would offer "commercial, enterprise-level support" for that free software.

When I was writing my book Rebel Code: inside Linux and the open source revolution in 2000, I had the good fortune to interview the key IBM employees who made that happen. The events of two years before still were fresh in their minds, and they explained to me why they decided to push IBM toward the bold strategy of adopting free software, which ultimately led to the company buying Red Hat 20 years later.

Go to Full Article
Glyn Moody

Weekend Reading: Ansible

2 weeks 3 days ago
by Shawn Powers

I've written about and trained folks on various DevOps tools through the years, and although they're awesome, it's obvious that most of them are designed from the mind of a developer. There's nothing wrong with that, because approaching configuration management programmatically is the whole point. Still, it wasn't until I started playing with Ansible that I felt like it was something a sysadmin quickly would appreciate.

Part of that appreciation comes from the way Ansible communicates with its client computers—namely, via SSH. As sysadmins, you're all very familiar with connecting to computers via SSH, so right from the word "go", you have a better understanding of Ansible than the other alternatives.

With that in mind, I've written a few articles exploring how to take advantage of Ansible. It's a great system, but when I was first exposed to it, it wasn't clear how to start. It's not that the learning curve is steep. In fact, if anything, the problem was that I didn't really have that much to learn before starting to use Ansible, and that made it confusing. For example, if you don't have to install an agent program (Ansible doesn't have any software installed on the client computers), how do you start?

Ansible, Part I: the Automation Framework That Thinks Like a Sysadmin

How to get started with Ansible. Shawn tells us the reason Ansible was so difficult for him at first was because it's so flexible with how to configure the server/client relationship, he didn't know what he was supposed to do. The truth is that Ansible doesn't really care how you set up the SSH system; it will utilize whatever configuration you have. This article will get you set up.  

Ansible, Part II: Making Things Happen

Finally, an automation framework that thinks like a sysadmin. Ansible, you're hired.

Ansible is supposed to make your job easier, so the first thing you need to learn is how to do familiar tasks. For most sysadmins, that means some simple command-line work. Ansible has a few quirks when it comes to command-line utilities, but it's worth learning the nuances, because it makes for a powerful system.

Ansible, Part III: Playbooks

Playbooks make Ansible even more powerful than before.

Go to Full Article
Shawn Powers

Google's Fuchsia OS to Support Android Apps, Linux Servers with Poorly Configured IPMI Cards Prone to Attack, LinuxGizmos' 2019 SBC Catalog Is Out, USB Type-C Becoming More Secure and Epic Games Not Planning to Provide a Linux Version of Its Store

2 weeks 4 days ago

News briefs for January 4, 2019.

Google's Fuchsia OS will have Android app support via Android Runtime. According to 9To5Google, it was expected that Fuchsia would support Android apps, and now "that suspicion has been confirmed by a new change found in the Android Open Source Project, and we can say with confidence that Fuchsia will be capable of running Android apps using the Android Runtime." The article also notes that "How exactly Fuchsia will use the Android Runtime from there is still unclear. This is includes whether the Android Runtime is able to work as expected to replace Linux kernel calls with equivalents from Fuchsia's Zircon kernel or if ART will run inside of a Linux virtual machine using Machina, Fuchsia's virtual machine system."

Linux servers equipped with poorly configured IPMI (Intelligent Platform Management Interface) cards are prone to attack. ITPro Today reports that "since November, black hat hackers have been using the cards to gain access in order to install JungleSec ransomware that encrypts data and demands a 0.3 bitcoin payment (about $1,100 at the current rate) for the unlock key". The post recommends that to secure against these attacks, make sure the IPMI password isn't the default and "access control lists (ACLs) should be configured to specify the IP addresses that have access the IPMI interface, and to also configure IPMI to only listen on internal IP addresses, which would limit access to admins inside the organization's system."

LinuxGizmos has published its 2019 catalog of open-spec Linux hacker boards. These are all "hacker-friendly, open-spec SBCs that run Linux or Android", and LinuxGizmos provides "recently updated descriptions, specs, pricing, and links to details for all 122 SBCs."

USB Type-C is becoming more secure with the launch of the USB Type-C Authentication Program. eWeek reports that the USB-IF (USB-Implementers Forum) is "taking a cryptographic approach to helping protect USB users and devices against potential risks". In addition, "With the authentication specification, compliance with USB specifications is validated in an effort to prevent potentially dangerous devices and chargers from connecting to a system. The specification can also limit the risk of malicious software that might be embedded within a USB device from attacking a system. According to the USB-IF, the authentication specification enables implementors of the standard to authenticate certified USB Type-C chargers, devices, cables and power sources."

Epic Games says it doesn't currently plan to provide a Linux version of its store. GamingOnLinux, quoted this tweet from Sergey Galyonkin, Director of Publishing Strategy for Epic Games, in response to a question on Reddit: "It really isn't on the roadmap right now. Doesn't mean this won't change in the future, it's just we have so many features to implement."

News Google Fuchsia Android Mobile Servers Security SBCs USB gaming
Jill Franklin

Using Linux for Logic

2 weeks 4 days ago
by Joey Bernard

I've covered tons of different scientific applications you can run on your computer to do rather complex calculations, but so far, I've not really given much thought to the hardware on which this software runs. So in this article, I take a look at a software package that lets you dive deep down to the level of the logic gates used to build up computational units.

At a certain point, you may find yourself asking your hardware to do too much work. In those cases, you need to understand what your hardware is and how it works. So, let's start by looking at the lowest level: the lowly logic gate. To that end, let's use a software package named Logisim in order to play with logic gates in various groupings.

Logisim should be available in most distributions' package management systems. For example, in Debian-based distros, install it with the following command:

sudo apt-get install logisim

You then can start it from your desktop environment's menu, or you can open a terminal, type logisim and press Enter. You should see a main section of the application where you can start to design your logic circuit. On the left-hand side, there's a selection pane with all of the units you can use for your design, including basic elements like wires and logic gates, and more complex units like memory or arithmetic units.

Figure 1. When you first start Logisim, you get a blank project where you can start to design your first logic circuit.

To learn how to start using Logisim, let's look at how to set up one of the most basic logic circuits: an AND gate.

Figure 2. You easily can add logic gates to your circuit to model computations.

If you click the Gates entry on the left-hand side, you'll see a full list of available logic gates. Clicking the AND gate allows you to add them to the design pane by clicking on the location where you want them added. At the bottom of the left-hand side, you'll see a pane that displays the attributes of the selected gate. You can use this pane to edit those attributes to make the gate behave exactly the way you want. For this example, let's change the number of inputs value from 5 to 2. The next step is to add an output pin in order to see when the output is either 1 or 0. You can find pins in the wiring section.

Go to Full Article
Joey Bernard

Unit Testing in the Linux Kernel

2 weeks 5 days ago
by Zack Brown

Brendan Higgins recently proposed adding unit tests to the Linux kernel, supplementing other development infrastructure such as perf, autotest and kselftest. The whole issue of testing is very dear to kernel developers' hearts, because Linux sits at the core of the system and often has a very strong stability/security requirement. Hosts of automated tests regularly churn through kernel source code, reporting any oddities to the mailing list.

Unit tests, Brendan said, specialize in testing standalone code snippets. It was not necessary to run a whole kernel, or even to compile the kernel source tree, in order to perform unit tests. The code to be tested could be completely extracted from the tree and tested independently. Among other benefits, this meant that dozens of unit tests could be performed in less than a second, he explained.

Giving credit where credit was due, Brendan identified JUnit, Python's unittest.mock and Googletest/Googlemock for C++ as the inspirations for this new KUnit testing idea.

Brendan also pointed out that since all code being unit-tested is standalone and has no dependencies, this meant the tests also were deterministic. Unlike on a running Linux system, where any number of pieces of the running system might be responsible for a given problem, unit tests would identify problem code with repeatable certainty.

Daniel Vetter replied extremely enthusiastically to Brendan's work. In particular, he said, "Having proper and standardized infrastructure for kernel unit tests sounds terrific. In other words: I want." He added that he and some others already had been working on a much more specialized set of unit tests for the Direct Rendering Manager (DRM) driver. Brendan's approach, he said, would be much more convenient than his own more localized efforts.

Dan Williams was also very excited about Brendan's work, and he said he had been doing a half-way job of unit tests on the libnvdimm (non-volatile device) project code. He felt Brendan's work was much more general-purpose, and he wanted to convert his own tests to use KUnit.

Go to Full Article
Zack Brown

Several Android Apps Transmitting Sensitive Data to Facebook without Permission, ExTiX Linux Announces Version 19.1 Build 181228, Peppermint 9 Respin-2 Released, Nextcloud Founder's 2019 Predictions and Some Security Updates

2 weeks 5 days ago

News briefs for January 3, 2019.

A recent Privacy International report reveals that "at least 20 out of 34 popular Android apps are transmitting sensitive information to Facebook without asking permission, including Kayak, MyFitnessPal, Skyscanner and TripAdvisor". According to the story on Engadget, "The concern isn't just that apps are oversharing data, but that they may be violating the EU's GDPR privacy rules by both collecting info without consent and potentially identifying users. You can't lay the blame solely at the feet of Facebook or developers, though. Facebook's relevant developer kit didn't provide the option to ask for permission until after GDPR took effect. The social network did develop a fix, but it's not clear that it works or that developers are implementing it properly."

A new version of ExTiX Linux Live DVD—19.1, build 181228—was released yesterday. According to the author, "The best thing with ExTiX 19.1 is that while running the system live (from DVD/USB) or from hard drive you can use Refracta Tools (pre-installed) to create your own live installable Ubuntu system. So easy that a ten year child can do it!" You can download ExTiX 19.1 from SourceForge.

The Peppermint team yesterday announced the release Peppermint 9 Respin-2. This is a bug-fix release, and it fixes three issues in the installation routine. If you have already installed Peppermint 9 Respin successfully (released December 21, 2018), there is not need to re-install this version. See the Release Notes for more information.

Nextcloud founder Frank Karlitschek posted a look back at 2018 and thoughts on the future for 2019. He predicts that "2019 will be a very good year for privacy, open source and decentralized cloud software. Maybe even the mainstream breakthrough of federated and decentralized internet services!" He also writes "I think 2019 could be the year where open source, federated and self-hosted technology hits mainstream, taking on the proprietary, centralized data silos keeping people's personal information hostage. Society becoming more critical about data collection will fuel this development. If you want to make a difference then join Nextcloud or one of the other project that develop open source decentralized and federated solutions. I think 2019 is the year were we can win the internet back!"

Security updates were posted this week for Debian, Fedora, openSUSE and Red Hat. See LWN for links.

News Privacy Android Facebook ExTiX Linux Peppermint Nextcloud Security Debian Fedora openSUSE Red Hat
Jill Franklin

January 2019, #294: The Distributions Issue

2 weeks 6 days ago
by Bryan Lunduke

Do you remember your first distro?

The first version of Linux I truly used, for any length of time, was back at the end of the 1990s—in Ye Olden Times, when 56k modems, 3.5" floppies and VGA CRT monitors reigned supreme.

Linux itself had been a thing for a number of years by this point—with both SUSE (then known as the gloriously mixed-case and punctuation-filled S.u.S.E.) and Red Hat doing good business supporting it—when I decided to really give this "Free" operating system a try.

Because I'm a nerd. And that's what we do.

I remember the day well. It was cold. It was rainy. And I was taking an extended lunch break from my job at Microsoft (seriously). My days—and, all too often, nights—spent testing Windows NT 5 (before it was renamed Windows 2000) had taken a toll. I had reached peak "burn out".

After a mildly rejuvenating, two-hour long, burger-eating (and venting about our job) session with a co-worker, we made our way to the big-box computer store close to Microsoft's main campus. Once inside, we bee-lined it for the Operating System section (this was back when computer stores had rows upon rows of actual boxes that contained actual physical media, which, in turn, contained actual software).

Several versions of Windows were on display, and, lo and behold, right there next to them, was S.u.S.E. Linux—in a box. I grabbed it immediately. It was heavy. There were several CDs inside along with a manual (which would turn out to be necessary simply to get the system to boot).

Fifteen minutes later, we were back in my office installing Linux on one of my little Dell towers.

That's right. My first full-time Linux machine? A Microsoft, company-issued work computer. This was my way of "sticking it to the man"—and boy did it feel good.

Were there problems with my first foray into Linux? You bet. The sound card didn't work. Getting an X Server running (with any sort of GUI) was a mildly mystifying process. And, heck, just getting the darn thing to boot took the better part of an afternoon. But, even with those challenges, I was in love.

Thus, my 20-year long hobby of "installing every Linux distribution I can get my grubby little hands on" was born—right there on Microsoft's main campus, using funds I earned from my job at Microsoft, on Microsoft-owned hardware, using Microsoft-supplied electricity and company time.

Shh. Don't tell Ballmer.

From that point onward, one of the things about Linux that always has made me smile is the wide variety of distributions out there in the world. There seems to be one custom-made for every man, woman and child on planet Earth.

Go to Full Article
Bryan Lunduke

Google Gains Approval to Launch Project Soli, Sony's New 3D Sensors for Face Recognition, the GIMP Team Looks Back at 2018 and Shares Plans for 2019, Thunderbird Also Publishes a Retrospective and Look Forward, and xfce4-panel 4.13.4 Was Released

2 weeks 6 days ago

News briefs for January 2, 2019.

Google has received approval from the FCC to launch Project Soli, a radar-based motion-sensing device. Reuters reports that the FCC "would grant Google a waiver to operate the Soli sensors at higher power levels than currently allowed. The FCC said the sensors can also be operated aboard aircraft. The FCC said the decision 'will serve the public interest by providing for innovative device control features using touchless hand gesture technology.'" Originally Facebook had voiced concern that "the Soli sensors operating in the spectrum band at higher power levels might have issues coexisting with other technologies."

Sony is set to produce the "next generation of visual-processing chips with a set of new 3D sensors". According to The Verge, "the most intriguing aspect of this new tech would appear to be a better form of face identification than we currently have". In addition, Sony's 3D sensor "is said to deploy laser pulses, which, much like a bat's echolocation, creates a depth map of its surroundings by measuring how long a pulse takes to bounce back. Sony's sensor chief argues this produces more detailed models of users' faces, plus it apparently works from as far away as five meters (16 feet)."

The GIMP team has posted look back at 2018 and an outline showing future plans for GIMP, GEGL and babl. Development has been focusing on refactoring, usability, smart colorization, extension management and more. The team plans to ship 2.10.x updates throughout 2019 and version 2.10.10 should be out this month or next. See the blog post for ways you can contribute.

The Thunderbird team has also published a 2018 retrospective and a look at what's ahead for the new year. The team has added more full-time staff members, and they are focusing on "making Thunderbird fly faster" and making a "more beautiful (and useable) Thunderbird". See the Mozilla blog for all the details.

xfce4-panel 4.13.4 was released today. According to the Simon's Secret blog post, this release includes a new plugin icon size feature, correct menu positioning, tasklist fixes and small theming updates. You can get it from here.

Google Sony GIMP Thunderbird XFCE News
Jill Franklin

F2FS Filesystem Enhancements (for Pixel Devices), Wine HQ Dev Release, Gzip v1.10, VideoLan v3.0.5, KaOS Linux Distro v2018.12

3 weeks 1 day ago

To start things off, a ton of bug fixes alongside a few enhancements are coming to the F2FS filesystem (for Pixel devices) in the the Linux 4.21 kernel.

Wine HQ just officially announced the development release of version 4.0 RC4 which also boasts numerous bug fixes.

The release of Gzip version 1.10 has been announced on the Savannah community site.

All while VideoLAN published VLC version 3.0.5.

In distribution news, KaOS, the rolling release Linux distribution, just pushed out version 2018.12.

News
Petros Koutoupis

The State of Desktop Linux 2019

3 weeks 1 day ago
by Bryan Lunduke

A snapshot of the current state of Desktop Linux at the start of 2019—with comparison charts and a roundtable Q&A with the leaders of three top Linux distributions.

I've never been able to stay in one place for long—at least in terms of which Linux distribution I call home. In my time as a self-identified "Linux Person", I've bounced around between a number of truly excellent ones. In my early days, I picked up boxed copies of S.u.S.E. (back before they made the U uppercase and dropped the dots entirely) and Red Hat Linux (before Fedora was a thing) from store shelves at various software outlets.

Side note: remember when we used to buy Operating Systems—and even most software—in actual boxes, with actual physical media and actual printed manuals? I still have big printed manuals for a few early Linux versions, which, back then, were necessary for getting just about everything working (from X11 to networking and sound). Heck, sometimes simply getting a successful boot required a few trips through those heavy manuals. Ah, those were the days.

Debian, Ubuntu, Fedora, openSUSE—I spent a good amount of time living in the biggest distributions around (and many others). All of them were fantastic. Truly stellar. Yet, each had their own quirks and peculiarities.

As I bounced from distro to distro, I developed a strong attachment to just about all of them, learning, as I went, to appreciate each for what it was. Just the same, when asked which distribution I recommend to others, my brain begins to melt down. Offering any single recommendation feels simply inadequate.

Choosing which one to call home, even if simply on a secondary PC, is a deeply personal choice.

Maybe you have an aging desktop computer with limited RAM and an older, but still absolutely functional, CPU. You're going to need something light on system resources that runs on 32-bit processors.

Or, perhaps you work with a wide variety of hardware architectures and need a single operating system that works well on all of them—and standardizing on a single Linux distribution would make it easier for you to administer and update all of them. But what options even are available?

To help make this process a bit easier, I've put together a handy set of charts and graphs to let you quickly glance and find the one that fits your needs (Figures 1 and 2).

Figure 1. Distribution Comparison Chart I

Figure 2. Distribution Comparison Chart II

Go to Full Article
Bryan Lunduke