Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security

Grinch Vulnerability Could Put a Hole In Your Linux Stocking 95

Posted by timothy
from the pretty-generic-description-there dept.
itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September. Update: 12/19 04:47 GMT by S : Reader deathcamaro points out that Red Hat and others say this is not a flaw at all, but expected behavior.
Android

$35 Quad-core Hacker SBC Offers Raspberry Pi-like Size and I/O 139

Posted by Soulskill
from the more-competition-more-innovation dept.
DeviceGuru writes: Hardkernel has again set its sights on the Raspberry Pi with a new $35 Odroid-C1 hacker board that matches the RPI's board size and offers a mostly similar 40-pin expansion connector. Unlike the previous $30 Odroid-W that used the same Broadcom BCM2835 SoC as the Pi and was soon cancelled due to lack of BCM2835 SoC availability, the Odroid-C1 is based on a quad-core 1.5GHz Cortex-A5 based Amlogic S805 SoC, which integrates the Mali-400 GPU found on Allwinner's popular SoCs. Touted advantages over the similarly priced Raspberry Pi Model B+ include a substantially more powerful processor, double the RAM, an extra USB2.0 port that adds Device/OTG, and GbE rather than 10/100 Ethernet.
Ubuntu

Ubuntu Gets Container-Friendly "Snappy" Core 149

Posted by Soulskill
from the snappy-songbird?-corey-cormorant? dept.
judgecorp writes: Canonical just announced Ubuntu Core, which uses containers instead of packages. It's the biggest Ubuntu shakeup for 20 years, says Canonical's Mark Shuttleworth, and is based on a tiny core, which will run Docker and other container technology better, quicker and with greater security than other Linux distros. Delivered as alpha code today, it's going to become a supported product, designed to compete with both CoreOS and Red Hat Atomic, the two leading container-friendly Linux approaches. Shuttleworth says it came about because Canonical found it had solved the "cloud" problems (delivering and updating apps and keeping security) by accident — in its work on a mobile version of Ubuntu.
Cloud

Fedora 21 Released 106

Posted by Soulskill
from the can-now-drink-in-the-U.S. dept.
linuxscreenshot writes: The Fedora Project has announced the release of Fedora 21. "As part of the Fedora.next initiative, Fedora 21 comes in three flavors: Cloud, Server, and Workstation. Cloud is now a top-level deliverable for Fedora 21, and includes images for use in private cloud environments like OpenStack, as well as AMIs for use on Amazon, and a new "Atomic" image streamlined for running Docker containers. The Fedora Server flavor is a common base platform that is meant to run featured application stacks, which are produced, tested, and distributed by the Server Working Group. The Fedora Workstation is a new take on desktop development from the Fedora community. Our goal is to pick the best components, and integrate and polish them. This work results in a more polished and targeted system than you've previously seen from the Fedora desktop." Here are screenshots for Fedora 21: GNOME, KDE, Xfce, LXDE, and MATE.
Security

Just-Announced X.Org Security Flaws Affect Code Dating Back To 1987 170

Posted by timothy
from the we-have-a-history dept.
An anonymous reader writes Some of the worst X.Org security issues were just publicized in an X.Org security advisory. The vulnerabilities deal with protocol handling issues and led to 12 CVEs published and code dating back to 1987 is affected within X11. Fixes for the X Server are temporarily available via this Git repository.
Ubuntu

Unity 8 Will Bring 'Pure' Linux Experience To Mobile Devices 125

Posted by timothy
from the context-sensitive dept.
sfcrazy writes If you have tried the live images of Ubuntu Next you may worry that Canonical is trying to do a Windows 8 with Ubuntu. That's not true. There is no need to worry though: A great deal of work is happening at a deeper level that may not have yet surfaced. It will surface eventually, however. Will Cooke of Canonical clarifies: "We are trying to make it clear that Unity 8 desktop will look like the traditional desktop and will behave like a normal desktop. We are very aware that our users expect a normal desktop there."

Unity 8 will offer the traditional desktop interface when it detects a desktop. The same OS will switch to a touch-based interface on touch-based devices such as tablets and smartphones.
Security

Stealthy Linux Trojan May Have Infected Victims For Years 129

Posted by Soulskill
from the trojan-penguin dept.
An anonymous reader writes: Researchers from Moscow-based Kaspersky Labs have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.

The malware may have sat unnoticed on at least one victim computer for years, although Kaspersky Lab researchers still have not confirmed that suspicion. The trojan is able to run arbitrary commands even though it requires no elevated system privileges.
Linux

Linux 3.18 Released, Lockup Bug Still Present 106

Posted by samzenpus
from the check-it-out dept.
jones_supa writes As anticipated, Linus Torvalds officially released Linux 3.18. The new version is now out there, though that nasty lockup issue has still yet to be resolved. Dave Jones is nearing the end of dissecting the issue, but since it also affects Linux 3.17 and not too many people seem to get hit by the lockups, Linus Torvalds decided to go ahead and do the 3.18 release on schedule. Linus was also concerned that dragging out the 3.18 release would then complicate the Linux 3.19 merge window due to the holidays later this month. Now the Linux 3.19 kernel merge window is open for two weeks of exciting changes.
Businesses

Ask Slashdot: Paying For Linux Support vs. Rolling Your Own? 118

Posted by Soulskill
from the how-to-train-your-penguin dept.
schmaustech writes: A lot of businesses pay for Linux support. But at what point does that stop being worth the money? When would a company be better served by setting up their own internal support? When does it make sense for them to write their own patches, which could be submitted back to the community? The inherit risk is that the organization is accountable and accepts the risks if a major bug is encountered within any of the open source applications they are using. What's your perspective on this, and how many major corporations are taking this approach?
Software

CoreOS Announces Competitor To Docker 71

Posted by Soulskill
from the if-you-want-something-done-right dept.
New submitter fourbadgers writes: CoreOS, the start-up making the CoreOS Linux distribution, has announced Rocket, a container management system that's an alternative to Docker. CoreOS is derived from Chrome OS and has a focus on lightweight virtualization based on Linux containers. The project has been a long-time supporter of Docker, but saw the need for a simpler container system after what was seen as scope-creep in what Docker provides.
Linux

Linux Mint 17.1 Cinnamon and MATE Editions Released 89

Posted by samzenpus
from the check-it-out dept.
linuxscreenshot writes The team is proud to announce the release of Linux Mint 17.1 'Rebecca' MATE. Linux Mint 17.1 is a long term support release which will be supported until 2019. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use. Linux Mint 17.1 MATE edition comes with two window managers installed and configured by default: Marco (MATE's very own window manager, simple, fast and very stable); Compiz (an advanced compositing window manager which can do wonders if your hardware supports it). Among the various window managers available for Linux, Compiz is certainly the most impressive when it comes to desktop effects. Screenshots can be found here.
Bug

Bad Lockup Bug Plagues Linux 257

Posted by timothy
from the therefore-it-plagues-you dept.
jones_supa (887896) writes "A hard to track system lockup bug seems to have appeared in the span of couple of most recent Linux kernel releases. Dave Jones of Red Hat was the one to first report his experience of frequent lockups with 3.18. Later he found out that the issue is present in 3.17 too. The problem was first suspected to be related to Xen. A patch dating back to 2005 was pushed for Xen to fix a vmalloc_fault() path that was similar to what was reported by Dave. The patch had a comment that read "the line below does not always work. Needs investigating!" But it looks like this issue was never properly investigated. Due to the nature of the bug and its difficulty in tracking down, testers might be finding multiple but similar bugs within the kernel. Linus even suggested taking a look in the watchdog code. He also concluded the Xen bug to be a different issue. The bug hunt continues in the Linux Kernel Mailing List."
Debian

Debian Forked Over Systemd 647

Posted by Soulskill
from the a-house-divided dept.
jaromil writes: The so called "Veteran Unix Admin" collective has announced that the fork of Debian will proceed as a result of the recent systemd controversy. The reasons put forward are not just technical; included is a letter of endorsement by Debian Developer Roger Leigh mentioning that "people rely on Debian for their jobs and businesses, their research and their hobbies. It's not a playground for such radical experimentation." The fork is called "Devuan," pronounced "DevOne." The official website has more information.
Build

Linux On a Motorola 68000 Solder-less Breadboard 147

Posted by Soulskill
from the back-to-basics dept.
New submitter lars_stefan_axelsson writes: When I was an undergrad in the eighties, "building" a computer meant that you got a bunch of chips and a soldering iron and went to work. The art is still alive today, but instead of a running BASIC interpreter as the ultimate proof of success, today the crowning achievement is getting Linux to run: "What does it take to build a little 68000-based protoboard computer, and get it running Linux? In my case, about three weeks of spare time, plenty of coffee, and a strong dose of stubbornness. After banging my head against the wall with problems ranging from the inductance of pushbutton switches to memory leaks in the C standard library, it finally works! (video)"
SuSE

A Brilliant Mind: SUSE's Kernel Guru Speaks 61

Posted by timothy
from the celebrities-are-the-ones-you-celebrate dept.
An anonymous reader writes The man who in every sense sits at the nerve centre of SUSE Linux has no airs about him. At 38, Vojtch Pavlík is disarmingly frank and often seems a bit embarrassed to talk about his achievements, which are many and varied. He is every bit a nerd, but can be candid, though precise. As director of SUSE Labs, it would be no exaggeration to call him the company's kernel guru. Both recent innovations that have come from SUSE — patching a live kernel, technology called kGraft, and creating a means for booting openSUSE on machines locked down with secure boot, have been his babies.
Operating Systems

Ask Slashdot: Workaday Software For BSD On the Desktop? 267

Posted by timothy
from the clever-little-devil dept.
An anonymous reader writes So for a variety of reasons (some related to recent events, some ongoing for a while) I've kinda soured on Linux and have been looking at giving BSD a shot on the desktop. I've been a Gentoo user for many years and am reasonably comfortable diving into stuff, so I don't anticipate user friendliness being a show stopper. I suspect it's more likely something I currently do will have poor support in the BSD world. I have of course been doing some reading and will probably just give it a try at some point regardless, but I was curious what experience and advice other slashdot users could share. There's been many bold comments on slashdot about moving away from Linux, so I suspect I'm not the only one asking these questions. Use-case wise, my list of must haves is: Minecraft, and probably more dubiously, FTB; mplayer or equivalent (very much prefer mplayer as it's what I've used forever); VirtualBox or something equivalent; Firefox (like mplayer, it's just what I've always used, and while I would consider alternatives, that would definitely be a negative); Flash (I hate it, but browsing the web sans-flash is still a pain); OpenRA (this is the one I anticipate giving me the most trouble, but playing it is somewhat of an obsession).

Stuff that would be nice but I can live without: Full disk encryption; Openbox / XFCE (It's what I use now and would like to keep using, but I could probably switch to something else without too much grief); jackd/rakarrack or something equivalent (currently use my computer as a cheap guitar amp/effects stack); Qt (toolkit of choice for my own stuff).
What's the most painless way to transition to BSD for this constellation of uses, and which variety of BSD would you suggest?
Handhelds

Jolla Crowdfunds Its First Tablet 56

Posted by Soulskill
from the pitching-in-for-portable-tux dept.
SmartAboutThings writes: Jolla is another rising star in the tech world, having recently expanded its smartphone sales into more countries across the globe. Jolla's Sailfish OS is based on the Linux kernel, and considered by many to be a direct successor to Nokia and Intel's MeeGo and the N9 mobile phone. Its software is based on the open-sourced components of MeeGo. Now, the company is ready to start production of its first tablet. They're crowdfunding it, and they blew past their $380,000 goal in about two hours.

The tablet has a 7.9-inch screen with a resolution of 2048 x 1536. It's powered by a 1.8GHz 64-bit quad-core Intel processor, comes with a 32GB of storage, an SD card slot, 2GB of RAM and a 5MP rear camera. Judging by its size, we can see this will rival the iPad Mini the new Nokia N1. While there aren't too many Sailfish-specific apps available, as with the phone, Jolla's tablet will be compatible with Android apps.
Debian

Debian Votes Against Mandating Non-systemd Compatibility 581

Posted by Soulskill
from the there-will-be-peace-in-our-time dept.
paskie writes: Voting on a Debian General Resolution that would require packagers to maintain support even for systems not running systemd ended tonight with the resolution failing to gather enough support.

This means that some Debian packages could require users to run systemd on their systems in theory — however, in practice Debian still works fine without systemd (even with e.g. GNOME) and this will certainly stay the case at least for the next stable release Jessie.

However, the controversial general resolution proposed late in the development cycle opened many wounds in the community, prompting some prominent developers to resign or leave altogether, stirring strong emotions — not due to adoption of systemd per se, but because of the emotional burn-out and shortcomings in the decision processes apparent in the wake of the systemd controversy.

Nevertheless, work on the next stable release is well underway and some developers are already trying to mend the community and soothe the wounds.
Linux Business

Crowdfunded Linux Voice Magazine Releases First Issue CC-BY-SA 62

Posted by timothy
from the different-models-can-all-work dept.
M-Saunders (706738) writes Linux Voice, the crowdfunded GNU/Linux magazine that Slashdot has covered previously, had two goals at its launch: to give 50% of its profits back to the community after one year, and release each issue's contents under the Creative Commons after nine months. Well, it's been nine months since issue 1, so the whole thing is now online and free to share. Readers and supporters have also made audio versions of articles, for listening to on the commute to work.
Debian

Longtime Debian Developer Tollef Fog Heen Resigns From Systemd Maintainer Team 550

Posted by timothy
from the tough-gig dept.
An anonymous reader writes Debian developer Tollef Fog Heen submitted his resignation to the Debian Systemd package maintainers team mailing list today (Sun. Nov. 16th, 2014). In his brief post, he praises the team, but claims that he cannot continue to contribute due to the "load of continued attacks...becoming just too much." Presumably, he is referring to the heated and, at times, even vitriolic criticism of Debian's adoption of Systemd as the default init system for its upcoming Jessie release from commenters inside and outside of the Debian community. Currently, it is not known if Tollef will cease contributing to Debian altogether. A message from his twitter feed indicates that he may blog about his departure in the near future.

To avoid criticism, do nothing, say nothing, be nothing. -- Elbert Hubbard

Working...