The FSF have released a statement on UEFI secure boot. It explains the fundamental issue here, which isn't something as simple as "will OEMs let me install Linux". It's "Does the end user have the ability to manage their own keys".
Secure boot is a valuable feature. It does neatly deal with the growing threat of pre-OS malware. There is an incentive for it to be supported under Linux. I discussed the technical aspects of implementing support for it here - it's not a huge deal of work, and it is being worked on. So let's not worry about that side of things. The problem is with the keys.
Secure boot is implemented in a straightforward way. Each section of a PE-COFF file is added together and a hash taken[1]. This hash is signed with the private half of a signing key and embedded into the binary. When you attempt to execute a file under UEFI, the firmware attempts to decrypt the embedded hash. This requires that the firmware have a either a copy of the public half of the signing key in its key database, or for there to be a chain of trust from the signing key to a key in its key database. Once it has the decrypted hash, it generates its own hash of the binary and compares them. If they match, the binary is executed.
What happens if it doesn't match? Per the UEFI specification, the firmware can then prompt the user and ask if they want to execute it anyway. If the user accepts then the hash of the binary is remembered[4] and can continue to be executed in future. This is similar to what you get when you visit a self-signed https site, or when you connect to an ssh server for the first time - the user must explicitly state that they trust the software that is being booted.
In our Facebook Story of the Day viewers wanted to know about a computer operating system called Linux. Linux is an alternative operating system such as the popular Windows system or the iOS for Macs.
If you don't know what Ubuntu is by now, we're not sure what tech blog you're reading -- 'cause it sure isn't this one. Ok, so finding a computer with the world's most popular Linux distro preloaded on it isn't exactly easy (there aren't any lurking in your local Best Buy, that's for sure). But, tracking down a machine running the Ocelot in South Africa will be getting a bit simpler. The country's Vodafone affiliate, Vodacom, launched the Webbook -- a 10-inch laptop running Ubuntu 11.10 on a Cortex A8-based Freescale i.MX51 processor (likely 800MHz). Inside is also 512MB of RAM and 4GB of flash storage, enough for basic browsing.
The Z50 is Wyse's premier Linux-based alternative to a high-end desktop PC that provides unparalleled flexibility, performance and user experience but with the security, maintenance and management benefits of a thin client. The Wyse Z50 delivers a richer HD multimedia user experience and greater support of all popular VDI protocols, including Citrix HDX, Microsoft RDP7 and VMware PCoIP. The Wyse Z50 has multiple connectivity and peripheral options, and is Energy Star 5.0 Compliant, consuming a fraction of the energy needed by a PC, at only 15 watts.
IBM on Wednesday introduced mainframe and Power-based systems for analytics in an effort to compete with Oracle's Exadata.
At the tender age of ten, she decided that she wanted to become a computer programmer and, indeed, she has never wavered from that path. While other kids were just playing computer games, Clarissa was reading computer magazines in an effort to learn everything she could about how computers work. In the computer magazines that she read, there weren’t many pages devoted to Linux, but everything that was written was positive—and this is what sparked her interest and kept it burning throughout her formative years. By the time she graduated from high school, Clarissa had already helped assemble home computers, had dabbled in multimedia and HTML, had programmed in Pascal/Delphi and was a member of the local LUG: the Home Unix Machine Brisbane User Group, otherwise known as HUMBUG.
Recent Linux kernels, and distributions based on them, don't make use of some of the power-saving features offered by modern computers because they can cause problems on some systems. The distributions tend to just ignore such difficulties – but it is they who are best placed to remedy them.
Using Steam and/or Desura, it’s quite simple. Just add the code, and download the games. If you are using Desura for Linux, you’ll have to join the Desura group on Desura (yep, its strange, i know), and you need to be accepted that takes about 1 1/2 days, after that you can add the games, but for Frozen Synapse, you’ll have to pick the HIB version, or it will charge you for the game.
Addressing questions regarding the game on their forums, Frozenbyte say that Trine 2 will hover between 6-10 hours in length for the average player, but that the focus is on making the game replayable.
LXDE has been an option for some time now on most distros, but for new-to-intermediate users like me it is easiest to use if it is presented as the master desktop of an entire integral system. I got started in Linux with Ubuntu (9.04) and apart from general distro-hopping I've mostly stayed with it. I don't claim it's the best, it's just what I'm most familiar with. My ticket to escape from the Unity desktop came when a reasonably stable release of Lubuntu tackled the 11.04 version of its parent Ubuntu. Here was a distro that even I could shape the way I liked it.
I first encountered KDE when it was in version 1.1 when a friend in India told me of a distribution which was the same as Red Hat - I was playing around with 5.2 at the time which was using the FVWM window manager - but had KDE instead. This distro was then known as Mandrake; today we know it as Mandriva.
Instead of using Mandrake, I downloaded KDE 1.1 and installed it on Red Hat; it was very nice and light years ahead of all the other DEs with which I had been playing around. Applications like KMail were nicely designed; kppp was really useful because at that time everyone was on a 56k internet connection. Additionally, for a GNU/Linux beginner, kppp was much more user-friendly than tools like minicom.
Over the years, KDE has added a huge number of applications; the one that stands out for me is k3b, the CD/DVD burning application that is quite simply the best of its kind even when one compares other platforms. I have never been able to find an application for this task as good as k3b, no matter whether it be on Windows, the Mac or GNU/Linux.
Having recently switched to KDE, I found one major annoyance. That is not to say that KDE is perfect save for this one thing, but it was pretty glaring to me none the less. Favorites.
I started “pinning” applications to my “favorites” section in the KDE launcher and it didn’t take long to fill it up. In Windows 7, this is not a big deal because the launcher will just get longer to accommodate the content. Not the case with KDE. I set out to find a way to make the KDE launcher longer, to fit my most commonly used applications, but came up short and instead devised this clever way to launch apps without the aid of any 3rd party widgets.
The 2011 GNOME User Survey, an end-user survey that was assembled by independent GNOME users and hosted on Phoronix, began less than 24 hours ago and we're already approaching 2,000 submissions. There's still one month to go, and from these submission so far when simply dumping the comments it amounts to about 148 pages. However, it's not hard to guess what most of these comments are about when it comes to the GNOME desktop.
My studio computer collection includes two custom-built desktop machines and a Hewlett-Packard G60 laptop. As described in my previous article, the primary desktop box has been running an old but rock-steady 64 Studio 2.1 that has recently been replaced by a shiny new 64-bit Arch system. The secondary desktop machine and the laptop are both running the 32-bit version of Ubuntu 10.04. However, while I like and enjoy using Ubuntu I hardly require two identical installations of the same Linux distribution, so I decided to replace one of them with AV Linux.
Mandriva 2011.0 test was one hell of a first date. But as we got to know each other, as brief as the affair was, issues rose, many and great. Even in a single day of fiddling with the distribution, I countered some 29 problems, including some pretty big showstoppers. Now, no matter how great the system is, no matter how beautiful, with problems like a broken package management and a crippled 3D experience, the end result is disappointing.
It's as if Mandriva 2011.0 has two personalities - one slick, modern, smooth, polished, and beautiful, the other ugly, buggy, uncoordinated. Really weird. Now, it's exactly this type of small issues that separates champions from the rest. Personally, I found the lot of smaller bugs more annoying and troubling the lack of proper 3D acceleration, for example. If I were to power up this distro on a new machine with an Nvidia card, I have no doubt things would have worked out fine. But the rest of the issues would remain.
I must admit that this year's release is a big, big drop in quality from the previous edition, especially considering my extremely high expectations. From utterly good to just average is a huge drop. In the same breath, the Mandriva team exercised the most unique and intriguing visual transformation of the KDE desktop yet, so perhaps there's hope, if they can sort out all the little things. We'll see what gives next year. At the moment, Mandriva 2011.0, if you get the package manager to work, deserves something like six out of ten points. Dedoimedo out.
Sabayon Core is the minimal foundation for the Sabayon desktop systems. Core is appropriate for servers, home theaters, customized desktops, and more. There are several "spins" to choose from depending upon your specific needs. For example, CoreCDX comes with Fluxbox while the Spin and Server -Bases do not have an X server included. But they all come with Linux 3.0, btrfs support, encrypted filesystem support, and, of course, Entropy.
Customized Sabayon spin "Forensics" has ditched KDE and GNOME for Xfce. Sabayon Forensics "is geared for Law Enforcement to gain access to a suspects computer to scan and retrieve any and all information." This is the first release with Xfce, but weekly updates will be released. See the announcement for more information on that.
Red Hat, Inc., the world's leading provider of open source solutions, and Virtustream Inc., a leading provider of cloud software solutions and services, today announced that Virtustream has joined Red Hat's cloud ecosystem as a Premier Certified Cloud Provider. With this, Virtustream has added support for Red Hat Enterprise Virtualization to its xStream cloud platform and now offers Red Hat Enterprise Linux on-demand to customers. Virtustream can now offer its customers a more scalable and flexible cloud infrastructure through enhanced support within a unified private and multi-tenanted enterprise cloud, and Red Hat customers can also now easily deploy on xStream.
If you are a Debian (stable) user, then you are undoubtedly used to one of the most rock-solid experiences available in the FOSS community. That of course comes at the expense of having the latest and greatest at your fingertips. Debian users can now rejoice between ice ages as Gnome 3 is finally coming to the unstable branch! That means you only have 400 years to go until it is available in stable. Let the waiting game commence.
Today I hosted an Ubuntu Open Week session on social networking in Ubuntu 11.10. I decided to convert my notes from the session into a blog post, enjoy!
Ubuntu includes a social networking desktop service, Gwibber. Gwibber isn’t new to Ubuntu, it has been included for quite a while now. The intent isn’t just to provide a twitter or facebook client, but it is to provide a means for you to interact with your favorite social networks.
Have you tried out Ubuntu 11.10 yet? Install it using our downloadable guide on How to install Ubuntu 11.10. Let us now compare the most prominent changes in appearance of the dash, launcher and various applications in Ubuntu 11.04 and Ubuntu 11.10.
I have been using Ubuntu 11.10 on ARM now for a couple of days and I have to say: It Rocks! Ubuntu has had a long history of supporting ARM Systems on a Chip (SoC) since 2008, but Ubuntu 11.10 is a significant milestone.
The newest release of Ubuntu Operating System, Ubuntu 11.10, was released 5 days ago. Stir is settled down, and it is a time for me to try new flavour of African Humanity.
It’s October, and that can only mean one thing: the twice-yearly Ubuntu update is out! We’re now up to 11.10 (year and month, geddit?), which seems worlds away from 4.10 with it’s GNOME 2 desktop. Whilst I don’t use it as my primary OS any more, I have a soft spot for Ubuntu, as it got me (and, no doubt, countless others) into Linux. And even though it’s based on Debian, it provides the base for numerous other distros. So, like it or not, it’s a pretty big deal in the Linux world at the moment.
Before I continue, allow me an aside. My philosophy about this whole desktop environment thing is simple. The desktop on my computer should resemble my desktop in real life. On my desk are a lot of things, some important and some not, and none of it is in any particular order. My desk is not limited to a certain number of items neatly tucked on one side; it has things all over it that are immediately accessible when I need them.
With the release of Ubuntu 11.10, the Unity desktop is starting to mature. But what if Unity's just not for you, but you still want the convenience of Ubuntu's large community and Debian-based technology?
You might start by exploring one of Ubuntu's official variants.
According to Distrowatch, Ubuntu is the basis for seventy-seven distributions. However, Ubuntu's official variants are in a category of their own.
Now that Ubuntu Linux has chosen Unity as its default desktop environment, Linux Mint stands out as perhaps the most user-friendly distribution offering a non-Unity default alternative, as I've noted before.
Tizen project developers will need to build "an appealing user experience that seduces consumers to buy Tizen handsets instead of the popular iPhone or Android-enabled devices," said analyst Francisco Jeronimo. Widespread industry support also would be required for Tizen to grab market share at the expense of the current mobile OS leaders.
Silly name aside, Android 4.0, Ice Cream Sandwich (ICS), is perhaps the most important Android release to date. With this release, Google has brought its tablet Android fork, 3.x, back into sync with its smartphone trunk, 2.x. In addition, all of ICS will soon, as I understand it, be made open source.
What that means for you is that independent software vendors (ISV)s can stop wasting time in developing two different versions of programs and focus their energies on making the best possible Android applications. Since, at the end of the day, the success of any operating system is all about its applications, this bodes well for Android.
Google announced Android 4.0 ("Ice Cream Sandwich"), a version of the mobile operating system that for the first time is optimized for both smartphones and tablets. Unveiled with a preliminary software development kit -- and due to appear first on the Samsung Galaxy Nexus -- it sports a revamped user interface, a faster browser, an improved camera interface, plus facial recognition and text-to-speech features.
When Google announced plans in August to acquire Motorola Mobility for $12.5 billion, some assumed the company would start actively involving itself in handset development.
Case in point, I brought my last device, the original 2009 Motorola Droid, from its final 2.2 “Froyo” update to the latest 2.3.5 Gingerbread courtesy of the CyanogenMOD community.
This is an activity fully endorsed and encouraged by Google due to the OS’s Open Source nature — not once have I seen a rooted, custom-ROMed device denied access to the Android Market.
Conversely, while a large “Jailbreaking” community exists for iOS for customizing and adding functionality in an underground manner, custom iOS builds just do not exist openly — they would be considered to be pirated software, like Hackintoshes.
Tablet PC players have recently started to drop their tablet PC prices to attract consumers, especially 7-inch models as the machines can easily attract first-time buyers with their smaller size and US$100-150 cheaper prices compared to 10-inch models, according to sources from tablet PC vendors.
This post is part of our ReadWriteCloud channel, which is dedicated to covering virtualization and cloud computing. The channel is sponsored by Intel and VMware. Read the case study about how Intel Xeon processors and VMware deliver unprecedented reliability in the face of RAM errors.
Aseem Jakhar, open security researcher and OSI Days speaker, talks about his passion for open source solutions and his upcoming project Jugaad that would be a one-shop-stop to learn about *nix malwares function, in an interview with LFY.
ownCloud is a free software alternative to some proprietary web services and it currently includes file management (with built-in file sharing), music streaming, calendar, contacts and more - all running on your computer or server..
Cloud Computing seems to be starting to become a necessary evil. Even if leaders like Richard M. Stallman warns about the dangers of cloud computing, users are lured by offerings like iClouds. How can an Open Source user who wants complete control over her computing, which includes data as well, take advantage of the cloud yet not lose anything in the process? The answer is ownCloud -- a private cloud computing solution. We interviewed Frank Karlitschek, project founder of ownCloud.
LibreOffice, the project forked from OpenOffice.org, is moving into the modern era with developers working on versions that run in Web browsers and on iOS and Android devices.
The Document Foundation announced the moves today at the LibreOffice Conference, but the work isn't available yet for ordinary folks to try.
Creativity trumps financial power. The best ads do play on our fears. What good does it do to have an enormous financial advantage if the best TV ad of the cycle cost nothing? When the work of some anonymous schmoe trumps the work of highly-paid campaign consultants, why depend on them?
If you buy Microsoft’s explanation for the company requiring a version of UEFI (Unified Extensible Firmware Interface) on PCs that can run Windows 8, it’s there to protect users from next-generation malware. If you think that’s the only reason for the UEFI to be in there, I have a nice bridge in Brooklyn to sell you. The UEFI requirement is also there to block Linux and other alternative operating systems from booting on Windows 8 PCs. In response to this open-source operating system threat, the Free Software Foundation (FSF) has started a petition to urge original equipment manufacturers (OEM)s to give people a way to easily opt out of Microsoft’s Windows 8 UEFI cage.
Two years after that, I heard first-hand the reports of that and other projects based on open source software. The job is not easy, and there are definitely challenges, but Cape Verde has fully embraced the concept of democratic participation, and they have built a architecture of open government and open systems based on open source software. It is an exciting validation of Clay Shirky's Cognitive Surplus hypothesis, which is that when technology can lower the barriers to participation, more people become more positively engaged and more productive. Cape Verde has done this, not alone by any means, but with partners like Brazil, who are themselves true leaders in open source and open government.
PHP was the core language of the 1.0 era of the web, bringing scripting to the emerging Internet. PHP vendor Zend now wants PHP to be the language for the cloud and today announced a new service to do just that.
What happened was David Olson, the volunteer who had run the public domain Time Zone and Daylight Saving Time Database was sued by–I’m not making this up–an astrology software company called AstroLab for, they claimed, using data from their ACS Atlas program.
Metasploit Community combines the open source Metasploit Framework with a basic version of the robust commercial user interface available in Metasploit Pro to provide an entry-level response to the evolving threat landscape.
I just got another one of those telephone calls. This time I was prepared for it. What follows in not an exact transcript, but a shortened version.
"Hello sir, I'm calling to inform you that your computer has a virus. We can fix your computer." "You've seen a virus? On my computer?" "Yes sir." "Is that a Windows virus?" "Yes sir." "And you're seeing it right now on my computer?" "Yes sir. We're from the Windows company." "You're from Microsoft?" "We provide Windows support sir."
On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat "Duqu" [dyü-kyü] because it creates files with the file name prefix “~DQ”. The research lab provided us with samples recovered from computer systems located in Europe, as well as a detailed report with their initial findings, including analysis comparing the threat to Stuxnet, which we were able to confirm. Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose.
The Harper government is poised to introduce contentious legislation as early as Thursday to abolish the long-gun registry.
The legislation is bound to once again spark sharp political debate over whether the registry is a much-needed tool for police to keep Canadian communities safe, or whether it has become a costly intrusion into the lives of law-abiding gun-owners.
Using the latest data through June, from EIA Washington, global production of crude oil is currently averaging 73.856 mbpd in 2011. The loss of Libyan production has been offset this year by increased production from Saudi Arabia. (It remains unclear how sustainable Saudi production can be, currently at 9.840 mbpd. Saudi production has been highly variable this year, with month to month swings as much as 1 mbpd). Meanwhile, declining production from Mexico, the North Sea, continues to weigh.
The exceptionalism of Goldman Sachs took another knock this week. For a brief period on Wednesday, shares of the Wall Street firm traded at a bigger discount to book value — or assets minus liabilities — than those of megabank rival JPMorgan. This rarely happens and suggests that investors fear the bank’s franchise, both as a trader of securities and financial adviser to corporations and governments, is somehow damaged.
Last week YouTube announced the opening of its movie rental service. This could be great news for film lovers, offering easy access to the films they want to watch. Exactly how useful this is to consumers depends somewhat on how many films are available through the service.
The availability of legal content online has featured heavily in discussions about the digital economy, most recently in the ongoing roundtables, hosted by the Minister Ed Vaizey MP, about new website blocking powers over sites involved in copyright infringement. The question is whether consumers' demand for films, music and other goods is being satisfied.
ORG, and others such as Consumer Focus, believe that more attention needs to be paid to how well the markets for films and music are serving consumers before we assume that certain kinds of enforcement measures are necessary and proportionate. We want to see thriving and innovative cultural markets that help creators and consumers get the best out of new technology.
In this context, and against the backdrop of the recent injunction won by the film industry that requires BT to block the website Newzbin2, we decided to have a look at the availability of films online. We looked at how many of the recent best-sellers and catalogues of critically acclaimed films, including the top 50 British films, consumers can legally buy or rent online. We searched five content providers, and looked at rental and purchasing prices, and compared them with DVD availability and prices.