Yet another post (Jasper) on image based OS deliveries. Jasper is also utilizing ostree which become widely known with the Fedora Atomic or Project Atomic effort. And there is also the idea from the systemd people which got some attention.
It’s not that image based OS delivery is new. oVirt Node is around for some years and is an example of an image based OS with atomic upgrades. Maintaining this small project gives us some experience, and we also see the limitations of our current approach, this is the reason why we are also investigating how to redesign Node, and keep the image based delivery. There are similarities between Node’s requirements and the use cases addressed byostree and the systemd people, so we also keep close eye on those projects. One difference we, especially to ostree is, that Node is an appliance intended to be the OS of a bare-metal machine, which needs to be somewhat customizable at runtime.
You may not know this, but Linux is the most popular operating system in the world. It's at the heart of your Android smartphone or tablet, your smart thermostat, your television, and set top box. Linux runs on the world's most powerful supercomputers, and on the International Space Station. If you've used the Internet today to send an email, you used Linux. Linux powers the Internet. If you searched for cat pictures online, you used Linux. If you sent a letter, the old fashioned way, you probably used Linux as well. Linux runs on the large server farms that create those cool special effects in Hollywood. If you've been to see the latest superhero epic at the local theatre, and were totally blown away by the effects, you can thank Linux for part of that.
Linux is everywhere.
Akkana has a great Openbox-driven setup that relies on keybindings but what’s great about her setup is that she chooses Linux not so much for the philosophy, but for the control it gives her (which I would argue is also philosophical). I always appreciate when people recognize Linux for its technical flexibility and sophistication and not just as something that isn’t Windows or OS X. The politics of Linux is important and fascinating, but it also happens to be a wonderful product.
This report is based on data from an invitation-only survey of The Linux Foundation's Enterprise End User Council as well as companies and organizations with sales of $500 million or more, or 500 or more employees. The surveyed group included Morgan Stanley, Goldman Sachs, Bank of America, Bristol-Myers Squibb, NTT, Deutsche Bank, DreamWorks, ADP, Bank of New York, NYSE, NASDAQ, Goodrich, MetLife, and AIG. Of course, these companies are already invested in Linux. That said, it's noteworthy how many Fortune 500 and financial powerhouses now put their trust in Linux for mission-critical software.
Highlights in this issue: master Vim, understand systemd, solve word puzzles with Bash and Grep, discover the technology behind Bitcoin, and secure your communications with PGP. Plus many more tutorials, features and interviews — 116 pages in total!
While CoreOS is relatively unknown outside of Linux circles and Silicon Valley, it's seen by those in the know as an up and coming Linux distribution for datacenters and clouds. It's not an insignificant company crying foul, because Docker's take on virtualization has proven to be so popular. Indeed, CoreOS currently requires Docker to work well, and Brandon Philips, CoreOS' co-founder and CTO, has been a top Docker contributor and was serving on the Docker governance board.
Following a tumultuos two days in the Docker community, Joyent has announced two open source initiatives and a container service that further its ties to Docker. With the news, Joyent CTO Bryan Cantrill also has some choice remarks about CoreOS “full-frontal assault” on Docker. First, there is the sheer brazenness of the remarks, but also reflects something that could have been predicted.
CoreOS has launched Rocket, which is only the latest open source competitor for Docker's container-based virtualization and app delivery platform.
Docker has easily emerged as one of the top open source stories of the year, and has helped many organizations benefit from container technology. As we’ve reported, even Google is working closely with it, and Microsoft is as well.
A trailer teasing the newest Star Wars film has fans of the franchise very excited. But they're not the only ones; the Disney-owned nightly newscast ABC World News has also found the upcoming Disney film to be an important news story too.
Linux Kernel 3.18 RC8 has been announced by Linus Torvalds and it looks like the development cycle is coming to an end, despite a problem that has been bugging the team for a couple of weeks.
The Linux Foundation, the nonprofit organization dedicated to accelerating the growth of Linux and collaborative development, today announced its 2015 events schedule, which includes LinuxCon and CloudOpen in North America and Europe, the Linux Foundation Collaboration Summit, Embedded Linux Conference, Android Builders Summit and ApacheCon, as well as new events for 2015, open source storage and filesystems conference, Vault, and ContainerCon, focused on the rapidly expanding container industry.
The Linux Foundation, the nonprofit organization dedicated to accelerating the growth of Linux and collaborative development, today announced the immediate release of the "2014 Enterprise End User Trends Report," which shares new and trending data that reveals Linux is the primary platform for the cloud and users consider the operating system more secure than alternative platforms. The findings also show a 14-point increase in Linux deployments over the last four years, while deployments on Windows have experienced a 9-point decline.
The AMDKFD driver, which has been under development in the public spotlight for the past few months as a necessary piece to having AMD HSA open-source support on Linux, will premiere with the Linux 3.19 kernel.
One month ago was the surprising contribution by Qualcomm's Innovation Center that they were adding new hardware support to Freedrenon, the open-source and reverse-engineered Gallium3D driver for Adreno graphics hardware. Qualcomm's contributions haven't ended and they're looking to add more patches -- including for HDCP support.
As you may know, IPtables and NetFilter combine to make the most popular firewall solution in Linux. Given there's only a native command-line interface (CLI) for the two, though, there can be a learning curve. The good news, however, is that there are many graphical user interfaces (GUIs) you can use with Linux. Let's look at some of the most powerful yet easy-to-use options available.
Welcome to our November edition of Linux Software Releases. This month we examine a project which takes software freedom very seriously and attempts to make using and sharing free software as easy as possible. The project is Warzone 2100, an open source real-time strategy game, originally developed by Pumpkin Studios and published by Eidos Interactive. We begin with a short introduction of this software and continue with the list of the projects released during November 2014.
Opera has just released version 26 of its desktop browser, that sees a stable Linux version, a new bookmark sharing feature and a few other small updates.
Opera for Linux is 64-bit only. The company say this decision was made based on ‘what most Linux desktop users have installed’. While annoying it is part of a larger overall trend away from 32-bit software, with Opera for Mac also being 64-bit exclusive, too.
The Deer God has arrived on Linux, and it's in the early access section. With that out of the way, the game does look stunning.
We've had goats in platformers and silly games, but now it's time for the Deer to shine! The graphics actually slightly remind me of Minecraft in a side-scrolling form, and the lighting looks great.
As one of Gaming on Linux's newest contributors I thought I'd introduce myself through the medium of gameplay video. In that spirit I take a look at Goat Simulator's latest downloadable content.
The November 2014 survey results are now out from the Steam Survey that show the current Linux gaming market-share.
It has been almost a month since SoK has started, and my project has kept me quite busy for the last couple of weeks. Here I am going to discuss my experiences with KDE, and a detailed report on the work done by me on my project so far. I think this post is going to be a bit long, so a fair warning to all the readers
When I searched which modules were ported to KF5, I saw that kdegames programs were not ported.
This supplementary release 2.8.7 marks the end of Calligra Suite, and Calligra Active 2.8 series. If you update to 2.8.7 (and you should), you’ll receive over 20 improvements, mostly in Kexi and Krita.
Currently the graphics are one of the weakest part of GCompris, as they were mostly done by the developers, using free graphics assets and sparse graphic artist contributions.
To address this problem, we found Timothée Giet, a talented graphic artist interested in working on a complete graphics redesign. He is a long standing Free-Software contributor, active member of the Krita team and so part of the KDE community. Making new graphics for more than 100 activities is a big work, so we need your help to achieve this goal.
The final version of Linux Lite 2.2, a distribution based on Ubuntu 14.04 LTS created to show people just how easy it is for non-technical folks to use a Linux distribution, has finally arrived and it's packed with a lot of changes and improvements.
It began out of necessity for lead Kali developer Mati Aharoni (known as muts in the community). While doing professional security work he needed a variety of security tools without being able to install any software on his client's systems, and so he took to Linux. We spoke with Mati to learn more about how it started and how the community-driven project has grown and evolved over the years into one of the leading security-focused Linux distributions.
I am generally a man of few words, but I probably need a few more to introduce myself. I have been using Linux for 15.5 years, and Mandrake/Mandriva/Mageia for 15 years. I have been contributing since the summer of 2001 to some degree. I did a fair amount the first few years, not much for the next seven, and have done quite a bit since I joined Mageia at the end of 2011.
I am 33 years old, am a former high school math and computer science teacher, still am involved with high school track & field, and now teach Linux/Unix fundamentals to adults. I am a distance runner and I enjoy watching American football and listening to music.
The final version of Manjaro Xfce 0.8.11, a Linux distribution based on well-tested snapshots of the Arch Linux repositories and 100% compatible with Arch, has been released and is now available for download.
One change that was implemented in openSUSE 13.2 makes Btrfs the default file system for the root (main) partition. That makes openSUSE the first desktop distribution to use Btrfs as a default file system for any partition.
That should be encouraging news for the Btrfs development team, because the core of Btrfs has been marked as “no longer unstable” for sometime. In some circles, that means production-ready. In fact a few companies have been using Btrfs in their products, including Facebook, which was testing it in production in April (2014)
Things are looking good for our scheduled December 9th release. We’re in the process of validating release candidates, and everything seems in great shape.. (And it’s not too late to join in: see the announcement on the test list if you’re interested in helping.) Assuming no unexpected showstoppers, we’ll approve this as official at the Thursday “Go / No-Go” meeting, and then it’ll be off to the mirror network for release next Tuesday morning!
There’s been plenty of controversy in the Debian camp recently, with fiery debates about the default init system, resignations from the Technical Committee, and the systemd package maintainer quitting after receiving piles of abuse. Now a gang of “Veteran Unix Admins” has forked the distro: say hello to Devuan.
The Debian Developer community voted and decided that no General Resolution was needed on init system coupling. The General Resolution init system coupling vote was proposed in response to a Technical Committee decision choosing systemd as the default init system for Linux architectures. Of the 5 available options for voting, option #4 “General Resolution is not required" won the vote.
By now, much of the news and commentary is already out there about a fork of Debian called Devuan — pronounced Dev-One (sharp, folks) — and what it means to the newly minted systemd/anti-systemd rift in the FOSS world. I can’t add anything to the news part, but leave it to me to add to the commentary.
Forking is commonplace in the FOSS world, a part of its natural process. Someone thinks they can do something better — or it may be a group of folks of like mind thinking they can do something better — and they do it for reasons ranging from rational improvement to unabashed ragequit.
So personally, I wish this project luck. They’re going to need it.
Tails, The Amnesic Incognito Live System, version 1.2.1, is out.
This release fixes numerous security issues and all users must upgrade as soon as possible.
Ubuntu MATE 14.10 was just released a couple of weeks ago and the community has received it with open arms, but the system could benefit from a nicer theme. Now, it looks like it's about to receive one.
Although this year the Debian/Ubuntu-based distros took the lion's share of the votes, the "Best Linux Distribution" category is a bit like "Best Kind of Pizza"—even the bottom of the list is still pizza. It's hard to go wrong with Linux, and the wide variety of votes only proves how many different choices exist in our wonderful Open Source world.
The Spotlight feature on Mac OS X has drawn the Linux community’s attention and it looks that at least one developer has tried to replicate its functionality and feel. It works very well in Ubuntu, but the source is provided so it should work just as well in other distros.
Mike Sheldon, one of the Canonical developers has started porting modRana navigation software for Ubuntu Touch. Mike has chosen modRana because it is open-source and is already available on Sailfish OS, Jolla’s Linux based mobile operating system.
Curious how the CPU performance of Ubuntu Linux has evolved from the 12.04 LTS release compared to 14.04 LTS and then the latest 14.10 release? Here's some benchmarks.
Kontron unveiled the first SMARC COM for headless, industrial IoT devices based on Intel’s Quark X1000 CPU. The Linux-ready module runs on just 2 Watts.
Exciting times are ahead for Tizen as we see it being run on SO MANY different development boards. Here is a Demonstration on how to boot Tizen Common on the open source hardware development board Radxa Rock (with Rockchip RK3188 ARM SoC), booting from a MicroSD card.
Last week, I reviewed ChromeOS from a desktop environment perspective as part of my “Linux Desktop-a-Week” series (which, really, has become less of a weekly thing and more of a “Desktop-Every-Few-Weeks-Or-So” thing. But I’m sticking to my original title. Because I’m stubborn).
This “week,” I am spending time with another Linux desktop environment that isn’t exactly traditional. This week, I’m using Android.
Android is generally known as a mobile operating system. But it's quite possible to use it on a desktop computer. And since Android is based on Linux, some would consider it a Linux distribution in its own right. Network World took Android for a spin on the desktop and found it to be surprisingly good.
Material Design has been a big hit in Android 5.0 Lollipop. But now a distro developer has plans to incorporate it into a desktop distribution called Quantum OS.
It's great to see where open source software and the communities that support it are today. Many of those who have worked over the years to develop feature-rich applications and enterprise ready systems, that not only compare to, but exceed proprietary options, must feel like pinching themselves.
The Apache Software Foundation (ASF), which stewards more than 200 Open Source projects and initiatives, has announced that Apache Drill has graduated from the Apache Incubator to become a Top-Level Project (TLP).
Apache Drill is billed as the world's first schema-free SQL query engine that delivers real-time insights by removing the constraint of building and maintaining schemas before data can be analyzed.
At this point in history, arguments for using Linux, FOSS (free and open-source software) and the Internet make themselves. Yet the virtues behind those things—freedom, openness, compatibility, interoperability, substitutability—still tend to be ignored by commercial builders of new stuff.
For example, US health care, like pretty much every business category, is full of Linux and FOSS, and is to some degree connected on the Net. Yet, it remains a vast feudal system of suppliers that nearly all work to lock doctors, hospitals and labs into dependency on closed, proprietary, incompatible, non-interoperable and non-substitutable systems. I've witnessed these up close as a patient. In one case, diagnostic scans by one machine and software system couldn't be read by computers with software designed to read the output of a different company's scans. In another case, records kept by one specialty failed to inform another specialty in the same hospital. The first one gave me a case of pancreatitis, and the second one gave my mother a fatal stroke.
The open source group is admittedly a small team for such a large company. But it indicates a significant shift in the company's approach to development – and one that is gaining in popularity among enterprises, in general. Companies start by using open source software, then advance to participating in open source communities, contributing upstream, and adopting open source practices internally.
Cisco is no stranger to the open-source world and is now expanding its efforts with the OpenSOC (Security Operation Center), which is a project that is freely available on Github.
Canonical has updated the Firefox packages in the repositories for Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 14.10. If you have this application installed right now, the next system update should bring the latest version.
The new tablet UI for Firefox on Android is now available on Nightly and, soon, Aurora! Here’s a quick overview of the design goals, development process, and implementation.
When the Rackspace team first created the idea of an open stack, they knew that the opportunity was not just to build public clouds. Rather, the software was to service companies that were using all kinds of cloud or virtualization technologies. It was built with flexibility in mind. "That involved more than just how they might package it and distribute it," explained Metacloud VP Scott Sanchez.
In a big week for Big Data, Apache Drill becomes a top level project as Hadoop 2.6.0 is released.
It's a big week for Big Data and the open source Hadoop ecosystem. The Apache Hadoop 2.6.0 project was released on Nov. 30, and today the Apache Drill project announced it had become a top level project in the Apache Software Foundation.
We installed the FreeBSD operating system on each of the workstations. FreeBSD is an open source derivative of Unix that is renowned for its speed, customizability and rock-solid stability. We also installed a variety of open source software packages from a repository that we created on the Mini. The second Mini serves as a backup and content mirror, which we aim to sync once per year with new material and as needed.
For both teachers it was their very first exposure to FreeBSD. They enjoyed the control and customizability of the installation process, as well as the wide availability of open source software packages in the repository (more than 20,000).
Netdev 0.1 (year 0, conference 1) is a community-driven conference geared towards Linux netheads. Linux kernel networking and user space utilization of the interfaces to the Linux kernel networking subsystem are the focus. If you are using Linux as a boot system for proprietary networking, then this conference may not be for you.
Streaming movies and TV shows directly from torrents without having to download them is the main purpose of Popcorn Time. The devs have released a small update for the application and they have fixed a number of small problems that have been reported by the community.
Kodi 14.0 RC, the successor of the current XBMC project, has been released and is now available for testing. The famous media hub is preparing for a major name change, but the devs also plan to make the 14.0 branch the best one so far.
The Dutch Data Prize is awarded by the Research Data Netherlands (RDNL), a collaborative partnership between 3TU.Datacentrum, DANS, and SURFsara. The awards were presented by professors Karel Luyben of Delft University of Technology and Kees Aarts of University of Twente, both in the Netherlands. The award session was one of the satellite events adjacent to RDA Plenary 4.
78 percent of UK organisations are not confident that they can fully recover after a disruption
Data loss and downtime cost enterprises $1.7 trillion around the globe in the past year – the equivalent of nearly 50 percent of Germany’s GDP.
Anyone born after Prohibition (i.e., anyone reading this) was likely taught growing up that alcohol is, at its core, a poison. Really fun poison. Poison that leads to dancing. Poison that makes you drunk-text your co-worker and spend the next six days caked in cold sweat and nauseous from dread.
Now, new research published in the Proceedings of the National Academy of Sciences confirms that classification. We actually developed our ability to consume alcohol around 10 million years ago when we started to eat rotten fruit.
Ask an agribusiness exec about sustainable agriculture, and you'll likely get an earful about something called "precision agriculture." What is it? According to Yara, the fertilizer giant, it's technology that "enables farmers to add the specific nutrients needed for their crop, in exactly the right amount, at the right time."
In other words, Ebola is less a story about a bizarre new disease and its unpredictably disastrous capacities, and more a sad old story about poverty and priorities.
Imagine you have a have a web site that people can access via a password. No user name, just a password. There are a number of valid passwords for your service. Determining whether a password is in that set is security-sensitive: if a user has a valid password then they get access to some secret information; otherwise the site emits a 404. How do you determine whether a password is valid?
The go-to solution for this kind of problem for most programmers is a hash table. A hash table is a set of key-value associations, and its nice property is that looking up a value for a key is quick, because it doesn't have to check against each mapping in the set.
Hash tables are commonly implemented as an array of buckets, where each bucket holds a chain. If the bucket array is 32 elements long, for example, then keys whose hash is H are looked for in bucket H mod 32. The chain contains the key-value pairs in a linked list. Looking up a key traverses the list to find the first pair whose key equals the given key; if no pair matches, then the lookup fails.
Unfortunately, storing passwords in a normal hash table is not a great idea. The problem isn't so much in the hash function (the hash in H = hash(K)) as in the equality function; usually the equality function doesn't run in constant time. Attackers can detect differences in response times according to when the "not-equal" decision is made, and use that to break your passwords.
So let's say you ensure that your hash table uses a constant-time string comparator, to protect against the hackers. You're safe! Or not! Because not all chains have the same length, "interested parties" can use lookup timings to distinguish chain lookups that take 2 comparisons compared to 1, for example. In general they will be able to determine the percentage of buckets for each chain length, and given the granularity will probably be able to determine the number of buckets as well (if that's not a secret).
Well, as we all know, small timing differences still leak sensitive information and can lead to complete compromise. So we look for a data structure that takes the same number of algorithmic steps to look up a value. For example, bisection over a sorted array of size SIZE will take ceil(log2(SIZE)) steps to get find the value, independent of what the key is and also independent of what is in the set. At each step, we compare the key and a "mid-point" value to see which is bigger, and recurse on one of the halves.
Security automation can be defined as the use of standardized specifications and protocols to perform specific common security functions.
Which leads us to SCAP – the Security Content Automation Protocol, an industry and government initiative to automate security audits and compliance.
Ever since ISIS commenced its attack on Kobanê the town has been cut off from the outside world. ISIS controlled the western, southern and eastern fronts and the hermetically sealed border with Turkey formed an unsurpassable border in the north. The Turkish armed forces (TSK) have maintained a heavy military presence at the border, with dozens of tanks stationed on hills overlooking Kobanê, regular patrols along the border fence and watch towers and outposts every few kilometers.
When journalist Michael Hastings died in a car crash in Los Angeles last year, rumors immediately began to surface on social media suggesting his death was tied to a federal investigation into his work.
The claims attracted widespread media interest when WikiLeaks tweeted the day after the crash that Hastings had contacted the anti-secrecy group's attorney and said that the FBI was investigating him. The FBI was then bombarded by inquiries from journalists who tried to confirm or deny the allegations, and the bureau struggled to come up with a statement to debunk what it referred to as "rampant conspiracy theories."
[...]
VICE News obtained dozens of internal FBI emails that provide a behind-the-scenes look at how the bureau managed the inquiries into Hastings' death and the rare steps it took to shoot down claims that he was the target of a federal probe. The documents were turned over in response to a Freedom of Information Act (FOIA) lawsuit VICE News jointly filed with Ryan Shapiro, a doctoral candidate at the Massachusetts Institute of Technology who specializes in FOIA research.
[...]
That day, Eimiller also sent out an email to FBI special agents across the country under the subject line "Urgent Media Issue" and linked to a New York magazine report about the growing conspiracy theories surrounding Hastings' death. She said the reports had attracted the interest of then-FBI Director Robert Mueller and the Department of Justice, and that FBI headquarters "would like to debunk growing conspiracy theory if possible (assuming that's what it is)."
"Has anyone's division been contacted in relation to an FBI investigation that may have led to foul play in the car crash death Tuesday of reporter, Michael Hastings," Eimiller wrote. "There are many reports on the Internet that Hastings was being investigated by the FBI. He died in a car accident in LA on Tuesday. Before his death, according to a tweet, he told others he worried he was the subject of an investigation. None of this is confirmed and the LAPD is reporting no foul play in car crash based on evidence. This is getting the attention of DOJ and the Director's Office."
While the measures won't stop people from watching whatever genre of porn they desire, as video shot abroad can still be viewed, they do impose severe restrictions on content created in the UK, and appear to make no distinction between consensual and non-consensual practices between adults.
In his former life, Dr Raj Mattu was an internationally recognised cardiologist. On course for a professorship in London, he nonetheless jumped at the chance to return to his home town of Coventry in 1997, to set up a medical school at Warwick University and help turn the large district Walsgrave hospital into a teaching facility. It was a choice he would live to regret.
Allegations against top officials at the State Department were devastating and had to be suppressed, so the agency’s inspector general quickly obliged, delivering what amounted to a cover-up of a cover-up.
What happened at the State Department is not unusual, recent disclosures show.
Living in limbo with no indication as to when a charge may or may not be brought is a form of punishment in itself. The impact on a person’s day to day life, health and mental wellbeing is profound. Your life is simply put on hold with no right to appeal.
Exhibit A is the fact that members of the audience at a conference laughed when NYPD Police Commissioner William Bratton attributed the drop in New York City's crime rate to "the cops."
The following is a transcript of a recent interview conducted by Mickey Huff and Peter Phillips for the Project Censored Show on Pacifica Radio. They sat down with noted author and scholar Peter Dale Scott to discuss his latest book, The American Deep State: Wall Street, Big Oil and the Attack on U.S. Democracy. This wide-ranging discussion examines the “Deep State,” an evolving level of secret government separate from the elected government. Scott looks at the origins of the deep state, its communications and finances, and its involvement in landmark events, from the JFK assassination to Watergate, to September 11th and beyond.
In May, HBO comedian John Oliver opened his segment on net neutrality by saying, “The cable companies have figured out the great truth of America: If you want to do something evil, put it inside something boring.” He then delivered an incisive 13-minute monologue that was anything but boring, drawing more than 7 million views on YouTube. Indeed, as Oliver demonstrated so effectively, while net neutrality may seem like a dull subject, protecting it is essential to not only the future of the Internet, but also the future of our democracy.
A key House panel has delayed a hearing on the Federal Communications Commission's efforts to write new Internet traffic rules aimed at assuring "net neutrality."
The U.S. House of Representatives Communications and Technology subcommittee had been expected on Dec. 10 to quiz all five FCC commissioners about so-called net neutrality rules that would regulate the how Internet service providers (ISPs) manage web traffic that travels through their networks.
Seven months after the historic vote in the European Parliament on Net neutrality, the Council of the European Union could soon bury this fundamental principle. While its inclusion in French law could be debated in the coming months, it is high time for the government to put an end to is doublespeak and supports an uncompromising defense of Net Neutrality in front of its European partners. However, in Brussels, the French government seems in tune with the lobbying of big telecom operators.