Patches are available to fix the bash vulnerability known as Shellshock, along with three additional security issues recently found in the bash shell. The patches are available for all major Linux distros as well as for Solaris, with the patches being distributed through the various distros.
Since sometime last week the popular Linux site Tux Machines has been under an apparent distributed denial-of-service (DDOS) attack. For the last several days, those trying to visit the site have been redirected to Tech Rights, another site operated by Roy Schestowitz, the owner of Tux Machines, to a post dated Saturday by Schestowitz which reads:
In years past, it wasn't uncommon to rely on a particular operating system because of the software it provided. Mind you, this was before the popularity of web-based applications that can work on any Internet-capable platform. Back then, any task – ranging from word processing down to video editing – had to be done from locally installed software.
Learning Linux empowered me to explore and create in a way I never dreamed possible. Open source was initially very challenging as some parts needed configuration that I was unfamiliar with. However, I learned much of what I needed by using search engines and reading forums at Red Hat, Fedora, and other Linux user groups on the internet.
Spain's Tax Administration Agency has renewed its support contract for development and maintenance of its anti fraud information analysis systems. The proprietary database solution runs on Suse Linux server. The massive database system is built and operated using standard free software components.
Now that OEMs have acknowledged that smaller and cheaper is better (the customer is always right) we should see a lot more GNU/Linux on retail shelves along with all those Android/Linux devices. The market is converging on a system with options not restrictions. Expect to see Android/Linux + GNU/Linux systems being offered in bulk really soon, perhaps by Christmas.
There is new data out showing that Chromebooks--portable computers based on Google's cloud-centric Chrome OS platform--are continuing to eat into Microsoft's share of the portable computing market. The NPD Group is out with research that shows that during the 10-week period from July 4 to Sept. 1, both Chromebooks and Mac portable computers eroded Microsoft's share.
The new systems ramp up ARM's competition with Intel and give data centers greater compute choices.
As to the operating system to use, the team wanted a system, which puts the Afghan staff in a position to perform all the necessary work with as little training as possible and if possible without our support. Over the years, the ZiiK team and its Afghan partners tried out numerous different operating systems, primarily different Linux distributions. The youngest of the computer centers, the IT Center Kandahar (ITCQ), was the first to set up all the servers on the basis of Univention Corporate Server (UCS), which proved to be the best for them in terms of ease of use, flexibility and scope of action due to its App Center, which offers the installation and integration of numerous other proven open source solutions. Until the end of 2015, the other four universities will follow and migrate completely to UCS.
So I was really hoping that I could have left rc6 as the last rc and just releasing 3.17 today, but that was not to be. It's not that anything particularly scary happened, but quite frankly, things just didn't calm down as I hoped for.
While Linus Torvalds was looking at possibly releasing Linux 3.17 this weekend, there's been a chance of course with a 3.17-rc7 kernel instead having been released.
After years of development, more than two dozen versions of the file-system, and real-world deployments in some Linux distributions, OverlayFS is trying again to get in the mainline Linux kernel.
Years ago there was a VA-API state tracker within Gallium3D for offering drivers support for the Video Acceleration API. That implementation, however, was dropped back in 2012 as it was largely unmaintained and the VDPAU state tracker proved to be more popular. Now, however, it seems AMD is working to introduce a new VA-API implementation for Gallium3D.
As another interesting NVIDIA Linux news item before ending out the month are some patches published just before the start of the weekend by NVIDIA. A NVIDIA developer has proposed explicit synchronization support for the Nouveau driver, complete with some "RFC" patches.
While there's no supportive driver out at this time, NVIDIA continues to be working in the direction of supporting non-X11 windowing systems like Mir and Wayland.
It's been a while since hearing anything new about the proposed overhaul of the Linux OpenGL driver ABI, but it's continuing to be pursued by NVIDIA.
Roy Spliet, the student developer behind funded by the X.Org Foundation to work on Nouveau re-clocking, continues making great progress on this critical feature for the open-source NVIDIA graphics driver. With the latest patches, DDR2 / DDR3 / GDDR3 memory re-clocking should be working for a lot more NVIDIA graphics cards.
AMD has released the Catalyst 14.9 Linux graphics driver today with some modest changes but it's not the really big driver update we're waiting for.
Adobe's popular Photoshop software landed on Linux sort of today with a streaming version that will be available to Chromebook users running Chrome OS.
The Adobe Reader is no longer an item of interest for the Linux users and the company that makes it removed the Linux platform from the list of supported OSes.
Five months ago today was when LGP was planning a server migration with minimal downtime, while to this day they've yet to return.
Neverending Nightmares is a black and white psychological horror that looks pretty awesome. There are moments of colour for things like blood, but it's mostly black and white.
The game was funded on Kickstarter last year and hit a tidy $100K, so it's pleasing to see another crowdfunded game have a full release.
Tesla Breaks the World! A platformer that mixes puzzles, adventure and Nikola Tesla into a mixed bag of gameplay.
The current reviews of the game are mixed, so it's one of those hit-or-miss platformers that you may or may not want to pickup. The current issues with the game seem to stem from the imprecise controlling of your character which is noted in multiple reviews.
Following last week's release of Counter-Strike: Global Offensive for Linux I published many AMD/NVIDIA GPU benchmarks of CS:GO. Those initial results were done using the proprietary AMD and NVIDIA Linux graphics drivers while starting today will be the open-source graphics driver results for this highly popular Valve game.
Like this morning's RadeonSI results, the Intel HD Graphics 4600 trial run was done with the current Ubuntu 14.10 development packages -- the Linux 3.16 stable kernel and Mesa 10.2.6, although Mesa 10.3 is in the process of landing. As said in the article as well, I will have Mesa 10.3/10.4 results out soon for the open-source Intel/Radeon/Nouveau graphics on Linux, among other Steam on Linux benchmark results.
Cosmochoria is a funny little game that puts you in the space-suit of little naked cartoon cosmonaut who jet packs around space.
The game although it is in early access is very playable right now, and it's quite fun as well. The Linux version of the game seems to be well done as far as I can see with no immediate problems that I noticed at all, so it's great to see early access games come out that actually work reasonably well. That's a refreshing change of pace from other early access releases.
This instalment of the GOL World Tour visits Germany, differing from the last two in that it will focus on a country more established in the video game industry and that most people will know quite a bit about anyway. So to make it more interesting and less controversial, the History and Culture section has been replaced with some interesting facts.
GNOME "has truly reached new levels of desperation by tying itself to Systemd in an attempt to seem modern, but they've castrated and compromised the user experience," Hyperlogos blogger Martin Espinoza opined. "The same people that made Linux popular to begin with -- systems administrators -- are not interested in a candy-coated UI which wastes screen space."
Black Lab Linux 6.0 Beta 2, a distribution that is now based on Ubuntu 14.04 LTS and is using the Xfce desktop environment, has been released for download and testing.
Today we are pleased to announce the availability of Black Lab Linux 6 Beta 2. As we march on to the release date of November 1, 2014 we have introduced a few new features for Black Lab Linux 6 Beta 2.
We are pleased to announce release of Q4OS 0.5.19 version. An alternative "Kickoff" menu has been significantly improved and more GUI translations has been made. There is new "ipcodecs" installer script for super-easy installation of all kinds of proprietary multimedia codecs that you might need.
OpenMandriva Lx 2014.1 is the latest edition of OpenMandriva, a desktop distribution derived from the old Mandriva Linux.
Though OpenMandriva Lx 2014.1 is a minor update to OpenMandriva Lx 2014.0, which was released back in June (2014), it comes with some significant changes, including, according to the Release Notes, support for booting on computers with UEFI firmware. To quote from the Release Notes: “This is the first release of OpenMandriva Lx that incorporates support for UEFI booting.” Interestingly, the same thing was said of OpenMandriva 2014.0.
Oracle OpenStack for Oracle Linux, based on the latest Icehouse release of OpenStack, is now available for download.
Last December, Oracle became a corporate sponsor of the OpenStack Foundation and announced a set of plans to add OpenStack compatibility or integration to a range of its products.
Matthew Miller, the Fedora Project Leader recently appeared on episode 332 of the Linux Action Show titled Weaponized Bash to talk about the recent flaw discovered in Bash (aka Shellshock). Matthew also covers how the Fedora Security Team works and how they work together with the Red Hat Security team. Additionally, the interview also covered the future of security, including where containers fit into making a more secure Fedora.
In GNOME 3.14 we show any valid application in the software center with an application icon of 32Ãâ32 or larger. Currently a 32Ãâ32 icon has to be padded with 16 pixels of whitespace on all 4 edges, and also has to be scaled x2 to match other UI elements on HiDPI screens. This looks very fuzzy and out of place and lowers the quality of an otherwise beautiful installing experience.
Be careful of headlines, they appeal to our sense of the obvious and the familiar, they entrench rather than challenge established stereotypes and memes. What one doesn’t read about every day is usually more interesting than what’s in the headlines. And in the current round of global unease, what’s not being said – what we’ve failed to admit about our Western selves and our local allies – is central to the problems at hand.
The Ubuntu GNOME makers have been encouraged by an important Ubuntu developer to implement the latest build of the GNOME desktop environment in the future versions of their distro.
Canonical has this week announced the release of a new version of its Ubuntu operating system with the rollout of the new 14.10 beta version which is now available to download and test out.
Canonical made a very good release back in April. Ubuntu 14.04 LTS was very well received and it integrated many features. It was very different from Ubuntu 13.10, so it was spared the "boring" rhetoric. On the other hand, Ubuntu 14.10 will not bring any important visible changes to the operating system and it will be very difficult to set it apart from Ubuntu 14.04 LTS.
Calao Systems unveiled a Linux-ready, industrial “PinBall” SBC based on the Raspberry Pi Compute Module, plus special M2M and home-automation models.
Google posted a developer overview for Android Auto, offering guidelines for designing extensions to existing Android apps for customized IVI interactions.
Music player apps for Android are a dime a dozen. There are lot of paid ones too but one app called Jams is about be offered for free. Apparently, it’s developer, Psaravan on Github.com, is now making the app available for free. To formerly paid app on Google Play Store, it is also now an open source because the developer can no longer provide support for the paid users. He doesn’t want the app to just go offline so he’s releasing the app for free and open sourced it.
Apple's introduction of larger screen iPhones came as no surprise to industry observers, despite the fact that the company had loudly proclaimed the importance of one-handed phone use. But what motivated Apple to finally offer larger screen iPhones? Forbes analyzes the numbers that got Apple to change its tune about big screen phones.
The iPhone 6 era is just 10 days old, but for Apple it was already underway sometime last year. By April 2013, company executives understood they had a strategic vulnerability. The booming smartphone market had expanded remarkably in 2012, growing from 494 million units the year before to 722 million sold. While 70% of the gains occurred in phones below $300 — a market Apple had no intention of partaking in — the rest came from phones with screens larger than the iPhone’s 4-inch display. Worse still, premium-priced phones with 4-inch screens actually was a shrinking segment, down 22 million. That Apple managed to sell more iPhones was a remarkable achievement but it meant challenges lay ahead.
InfoWorld is out with its 2014 Bossies awards--one of the most widely followed award roundups for open source projects. It's always a treat to find out which projects the publication's editors deem to be on the rise. This time around, there are lots of surprises, including xTuple, CyanogenMod, and Scribus--one of our favorite open source desktop publishers.
Clearly, open source is changing the way software is procured. In the era of monster contracts and a few monster software vendors, upper IT management called all the shots and passed down applications and tools the rest of the organization had to live with. Open source is helping to crack that monolith, so businesses and individuals can make their own software decisions.
Make no mistake: Although open source incurs less capital expense, it's not free -- nor even necessarily cheap compared to proprietary software. Generally speaking, at scale, open source solutions require a higher level of effort and expertise to implement and maintain. Open source's rapid pace of innovation often results in more frequent updates, which means a closer eye on dependencies. In addition, professional services and commercial open source contracts result in significant cost.
HHVM, stands for HipHop Virtual Machine, is an open source virtual machine developed by Facebook development team. It is designed for executing massive amount of codes written in Hack and PHP languages. HHVM gives superior performance, and improves the efficiency of PHP execution, and increases the productivity for the developers. The developers says that compared with the regular Zend PHP 5.2 engine + APC, HHVM has realized over a 9x increase in web request throughput and over a 5x reduction in memory consumption for Facebook. This is how Facebook handling millions of active users everyday. According to this blog, the wordpress sites running with HHVM delivers better overall performance, approximately 63%, than the websites which are running using traditional LAMP stack (Apache, MySQL, and PHP). Sounds awesome? Indeed!
OpenDaylight is in good position to do for SDN what OpenStack did for cloud. It has increasing support among the biggest vendors in the networking space and an active membership overall with over more than coders and growing. Brocade, Cisco, Red Hat, IBM and Citrix are among the supporters.
The Linux Foundation's OpenDaylight Collaboration Project is out today with its' Helium SDN platform release.
The Helium is the second major release since the OpenDaylight effort got underway in April of 2013. The first major release for OpenDaylight was the Hydrogen release, which debuted in February of this year.
Open source software-defined networking (SDN) and network-functions virtualization (NFV) are ready for enterprises to start building the networking and cloud computing infrastructure of the future. So says the OpenDaylight Project, which released the second major version of its platform today.
Open source is playing an ever-expanding role in education at all levels. One school board that’s embraced open source is the Penn Manor School District in Pennsylvania. The District has rolled out the largest open source student laptop program in the state, with 3,500 Linux-powered computers distributed to students.
I came back from OSCON this year with a new fire to contribute to an open source project. I’ve been involved in open source for years, but lately I've been more of an enthusiast-evangelist than a hands-on-contributor to an open source community. So, I started some thinking about what to do next. When I was involved in projects before, it was due to a clear progression from user to forum guru to contributor. It’s a great path to take but what do you do if you just want to jump into something?
The Eclipse IoT community is helping Java developers to connect and manage devices in an IoT solution by delivering an Open IoT Stack for Java.
The KVM Forums are a great way to learn and talk about the future of KVM virtualization. The KVM Forum has been co-located with the Linux Foundation’s LinuxCon events for the past several years, and this year too will be held along with LinuxCon EU in Dusseldorf, Germany.
For a long time various people have been telling me there’s not much information on the low-level / plumbing details of the virt stack on Linux. Especially information related to qemu and its various settings, devices, and so on.
[...]
I updated the KVM and QEMU wikis to ensure the Planet gets more visibility, and hope this goes a small way to quell the complaints of not enough available information.
Tor, which is capable of of all that and more, crucially blocks websites from learning any identifying information about you and circumvents censorship. It also stymies eavesdroppers from discovering what you’re doing on the Web. For those reasons, it would be a powerful addition to the arsenal of privacy tools Firefox already possesses.
One of the crowning achievements of cloud computing is the significant reduction in time required to provision new infrastructure and services. Traditional hardware procurement, installation, configuration and deployment were laborious processes requiring careful planning and often took weeks or months. Efficiencies introduced by modern cloud environments have reduced the time required to complete the same procedure down to hours and minutes. How is this achieved? The key is software automation.
NoSQL, object storage and Hadoop have ushered in a brave new world of storage technologies and applications for the cloud and Big Data. But Oracle (ORCL) thinks the future remains bright for MySQL databases, too, and has unveiled new technologies to make the traditional storage platform easier to administer and deploy.
At Oracle OpenWorld 2014, CTO Larry Ellison announced that users will be able use a new cloud database service to send their Oracle Database instances to the cloud with "the push of a button."
eG Innovations, a provider of automated performance monitoring, diagnosis and management solutions and a member of Oracle PartnerNetwork (OPN), today announced support for Oracle Linux and Oracle VM in its flagship offering, eG Enterprise. The company will be showcasing its solution at Oracle OpenWorld, September 28 - October 2 in Moscone South Exhibition Hall at the Oracle Linux and Virtualization Showcase, Booth 611.
You have to hand it to Oracle CEO -- sorry, Chairman -- Larry Ellison: No one can bash a competitor like he can. Unfortunately, while Ellison may have hit the mark with SAP (“I have no idea what runs on HANA, but it ain’t their cloud. That runs on Oracle”), he failed to address his own company problems: an almost complete lack of interest from developers.
"Why not get the open source software that you plan to use for free, and then use the money that you would otherwise have spent on proprietary license fees to modify the open source software to meet your needs more closely?" he asks. "Why pay for software that is the same for all users when you can pay to have something that is unique?"
Instead, libressl is here because of a tragic comedy of other errors. Let's start with the obvious. Why were heartbeats, a feature only useful for the DTLS protocol over UDP, built into the TLS protocol that runs over TCP? And why was this entirely useless feature enabled by default? Then there's some nonsense with the buffer allocator and freelists and exploit mitigation countermeasures, and we keep on digging and we keep on not liking what we're seeing. Bob's talk has all the gory details.
But why fork? Why not start from scratch? Why not start with some other contender? We did look around a bit, but sadly the state of affairs is that the other contenders aren't so great themselves. Not long before Heartbleed, you may recall Apple dealing with goto fail, aka the worst bug ever, but actually about par for the course.
Time for another FreeNAS release! This one fixes a number of issues in 9.2.1.7 as well as addressing the “shellshock” security vulnerability in bash (to which FreeNAS is not generally vulnerable as bash is not the system shell, but it was still worth fixing).
I am pleased to announce a new version of GNU guile-ncurses. guile-ncurses is a library for the creation of text user interfaces in the GNU Guile dialect of the Scheme programming language. It is based on the ncurses project's curses, panel, form, and menu libraries.
The GnuCash development team proudly announces GnuCash 2.6.4, the fourth maintenance release in the 2.6-stable series. Please take the tour of all the new features.
This only affect code maintained by GDB project (not binutils or GCC). Also, support for any other target on MIPS (including embedded ones) will be maintained as is.
Game Politics reports that the company has been accused of stealing code from a number of open-source emulators including the SNES9x (SNES), FCEUMM/FCEUX (NES), VBA NEXT (Game Boy Advance), GenesisPlusGX (Mega Drive and assorted Sega consoles).
After delivering his address at the annual United Nations General Assembly meeting last week, President Obama dropped a tidbit of interest for open data advocates: he promised to produce an open source policy by the end of 2015.
Some of our readers might remember the Microduino Arduino compatible development board that launched last year over on the Kickstarter crowd funding website. This week the same team at Microduino Studio have now unveiled their new Microduino-Joypad in the form of an open source game console.
In this and future columns, I will try to record and analyze the current trends with regard to open-source. Despite the fact that we have seen many open-source products in the market, and also that many people have been involved with these products, the picture remains not-so-clear for the majority of people.
The latest open-source project devising an LLVM back-end is a Common Lisp implementation.
Last year, the web optimization network CloudFlare promised it would double SSL usage on the web in 2014 — and last night, the company made good on its promise. Overnight, CloudFlare deployed its Universal SSL feature, offering free SSL encryption to any site that opted in. All told, that meant two million new sites with the feature, effectively doubling encryption on the web overnight.
On September 25, in Brussels, Belgium, the Russell Tribunal gathered to examine allegations of war crimes and genocidal intent by the Israeli military against residents of the Gaza Strip during Operation Protective Edge. I was among those invited to provide testimony before a jury that included Michael Mansfield, John Dugard, Roger Waters, Ken Loach, Vandana Shiva, Richard Falk, Ahdaf Soueif, and Ronnie Kasrils. The following day, I presented testimony in the European Parliament alongside Israeli journalist David Sheen and Mohammed Omer, a journalist from the Gaza Strip. (Two other invitees from the Gaza Strip, Palestinian Committee on Human Rights director Raji Sourani and filmmaker Ashraf Mashharawi, were prevented from leaving the besieged coastal enclave by the Egyptian regime.)
Changes in the capitalist system's operating procedures, rules and regulations are always presented as if they were in everyone's interest, a kind of "everybody wins" social progress. The changes usually turn out to be mostly or entirely in capitalists' interests since they run their system that way. Are we surprised and shocked?
The inventor of the world wide web has warned that the freedom of the internet is under threat by governments and corporations interested in controlling the web.
Tim Berners-Lee, the British computer scientist who invented the web 25 years ago, called on Saturday for a bill of rights that would guarantee the independence of the internet and ensure users’ privacy.
Some organized "student groups" in Hong Kong tried to occupy government buildings and blocked some streets. The police did what it does everywhere when such things happen. It used anti-riot squads, pepper spray and tear gas to prevent occupations and to clear the streets.
The "western" media are making some issue about this as if "western" governments would behave any differently.