The FreeBSD.org cluster saw a security breach on two of its machines on Sunday. Following the breach, FreeBSD.org was taken offline, and although most of it is back online now, some deprecated projects are being removed. The FreeBSD project has not been able to confirm the existence of trojans, but users are advised to be vigilant about the possibility.
The breach was made possible by a leaked SSH key, which affected a few clusters. This is not a result of a hack, but a classic example of people being the weakest point in security. FreeBSD has stepped up in its efforts to mitigate this risk, and a part of its response reads,
As a result of this event, a number of operational security changes are being made at the FreeBSD Project, in order to improve our resilience to potential attacks. We plan, therefore, to rapidly deprecate a number of legacy services, such as cvsup distribution of FreeBSD source, in favor of our more robust Subversion, FreeBSD-update, and portsnap models.
Although the rogue developer had no access to the FreeBSD base systems, he did have access enough to compromise the third party packages. FreeBSD.org is conducting security audits and will come out with news of possible breaches if any. The full compromise report and safety precautions are available at this page.
Ubuntu Developer Summit is underway and there have been interesting announcements flowing in all throughout the summit. However, the most exciting announcement made at this USD is perhaps about gaming. Both Valve and Ubuntu are taking gaming on Linux seriously, and this might be the one factor that finally gets more people to use Ubuntu and more importantly, Linux.
Valve has announced that the Steam client for Ubuntu will land sometime mid-November and it has already given beta access to attendees with a Launchpad account. This shows a high level of preparedness on part of Valve, and a vision from Valve’s Drew Bliss, who says,
Open platforms allowed Steam to exist. If we tried today, it probably wouldn’t be possible. We chose Ubuntu to start because of its broad user-base, strong community, and a strong company backing it in Canonical. Ubuntu was a simple choice to make.
If everything goes well, the Ubuntu platform will save Valve some valuable hours spent on performance tuning of games. Moreover, its openness and community-driven nature will also prove to be fruitful for Valve.
Steam Linux beta will have Team Fortress 2, Portal and Serious Sam 3 available.
The summit has started today, and it is a four-day event full of exciting announcements, especially on Ubuntu 13.04 and on Ubuntu as a game development platform. Head over to the UDS page to know about Ubuntu Developer Summit.
A recent file-system bug has been found with EXT4 that has made its way into the stable Linux kernel releases 3.4, 3.5 and 3.6. This EXT4 bug results in data-corruption and it is activated when the file-system is unmounted too frequently within a short period. It might also be triggered by frequent reboots, although the practical chances of that happening are relatively low.
The user reporting the bug writes,
The bug did really quite a lot of damage to my /home fs in only a few minutes of uptime, given how few files I wrote to it. What it could have done to a more conventional distro install with everything including /home on one file system, I shudder to think.
A detailed explanation of the issue is present in this LKML mail. It says that the trouble started with an EXT4 patch made in Kernel 3.6.2, which was later backported to Kernel 3.5 and 3.4 as well, spreading the problem further and further behind. There is no fix for this issue currently, and developers are working on a fix for the latest stable Linux kernel.
Here is the beauty of open source software development. A bug is found, and because the source is open for everyone to see and modify, people jump in to solve it as a community effort. Soon thereafter, a solution is found and the issue is fixed. This is unlike closed source programs, where you have to wait for the organization controlling the code to step up, modify the code and keep updating people about what it is doing. Moreover, in the world of closed software, you would not even know what went wrong to begin with, unless someone digs it up.
Ubuntu has been around for seven years now, and it has seen its ups and downs, but it has been and will always be truly free and open source software. In a recent blog post, Canonical has announced that from now, it will be easier to donate for Ubuntu, as the donations screen is a part of the download process now. Some see this move as a shift in Ubuntu from being free software to becoming donationware.
Donationware is a licensing model that supplies operational unrestricted software to the user and requests an optional donation be paid to the programmer or a third-party beneficiary (usually a non-profit). The amount of the donation may also be stipulated by the author, or it may be left to the discretion of the user, based on individual perceptions of the software’s value.
However, the donations in this case are a lot more purposeful from being simple donations. One can choose the donation amount to be given to each of the Ubuntu features and future plans from Canonical. Currently, donations are accepted for the Ubuntu Desktop project, performance optimizations, hardware support, phone and tablet version of Ubuntu, better co-ordination with upstream, better support for Kubuntu, Lubuntu and other flavors and for Canonical. Currently, the donation page appears only for Ubuntu Desktop edition, but not for the Server or the Cloud Infrastructure downloads.
Is there something wrong with this move or is it our skeptic human mind that is so resistive to change? I personally feel that Canonical has an engaging donation page here, and it will let Ubuntu fans and users choose the features and improvements they want to see next, in the world of Ubuntu.
(Via: Ars Technica)
In a recent development release 1.5.14, Wine has announced a number of new features. Wine is a popular application for Linux, which provides a Windows compatibility layer. It has been used to run games, applications, and a number of tools which are unique to Windows. In a survey conducted in 2007, over 30% of Linux users were found using Wine for running Windows applications.
Wine is a compatibility layer. It duplicates functions of Windows by providing alternative implementations of the DLLs that Windows programs call, and a process to substitute for the Windows NT kernel. This method of duplication differs from other methods that might also be considered emulation, where Windows programs run in a virtual machine. Wine is predominantly written using black-box testing reverse-engineering, to avoid copyright issues.
Valve recently announced a native Steam client for Linux and a native port of Left4Dead 2. As Valve releases more native ports, Wine will see a sharp decline in usage as most Wine users use it solely to run Windows games.
Back in July, Valve started a blog and gave exciting news of Steam being ported over to Linux. This involved porting of Valve’s Steam client and some game titles over to Ubuntu Linux. On making the port, it was seen that Left4Dead 2 runs faster on Linux at a higher FPS, than on Windows. What started as “Steam’d Penguins“ back in July, is nearing its first milestone now, with Steam for Linux ready for internal testing from next week, and due for a private beta testing sometime mid-October.
In a recent blog-post titled “External Beta News“, the Linux blog at Valve has announced,
Things have been going well. We will be having an internal beta starting next week and a private external beta for 1,000 users sometime in October.
The internal beta will run only until next week, after which the Steam client will be released for a private beta. This private beta will be limited to 1000 users, and it is not confirmed whether the availability is on a first-come first-serve basis. However, Valve has talked about a signup page for the external beta, the link for which will be announced later.
As Valve brings Steam to Linux, gaming on Linux will become more exciting with native games being developed exclusively for Linux. Going further, Valve must also release Linux versions of its own game titles to support its Steam client. This porting of Steam will boost gaming on Linux, and create a new ecosystem for gamers and game-publishers.
Canonical is finally taking some serious steps towards monetization of the Ubuntu platform. Ubuntu is the most popular Linux distro and is widely used by home users looking for an alternative to Windows. It has some serious revenue earning potential. The Firefox browser bundled with Ubuntu integrates Google search, which earns a major chunk of revenue for Canonical. Taking this monetization plan further, Ubuntu now wants to integrate affiliate plans from Amazon. Amazon offers an unmatched affiliate program and this will bolster Canonical’s revenue stream from Ubuntu. Olli Ries, the Director of Technology at Canonical has commented on a postat the Ubuntu Forum, saying,
Another addition is that we will be including Launcher web apps icons to Amazon and the Ubuntu One Music Store by default. We feel that these icons will provide convenient access to these resources for our users and also benefit the project with the generation of affiliate revenue in those cases that these resources are used.
The Ubuntu community is not very happy with this decision from Canonical, as this was announced after the feature freeze. People are already upset with Unity, and are increasingly shifting to a different desktop environment or a different flavor altogether. Canonical dominates Ubuntu and its development, and it has every right to make money from the distro it has worked so hard to create. For those that do not want the icon on their Unity dashboard, you can simply drag and drop it to the trashcan to remove it. However, Ubuntu has a close competitor in Linux Mint, without all the antics. It has to take wise decision to stay in the competition.
The Raspberry Pi has been developed from the ground up with freedom in mind. The amount of flexibility and control it offers over the device is commendable, and while this control is really enjoyed by enthusiasts, it comes with a price— a steep learning curve. The Raspberry Pi runs on Linux and getting started on Raspberry Pi includes getting started on Linux as a mandatory step. However, for those who want to enjoy the Raspberry Pi without these antics, Adafruit, a well-known DIY kit manufacturer has designed a Raspberry Pi web IDE that lets us run programs on the Raspberry Pi.
The implementation of the web IDE is such that there is a web-server that runs on the Raspberry Pi and we can connect to the web-server using a web-browser on our PC. All the code written here is stored on the cloud. While some might argue that this defeats the purpose of buying a Pi in the first place, as it requires a PC to program on, others see this as an important step in overcoming a learning curve. We cannot ignore the fact that this will not work towards making the Raspberry Pi accessible to the poor, though it will definitely work towards improving the adoption of the Raspberry Pi.
The $25 Raspberry Pi computer is specially designed and aimed at providing low cost computing. This initiative by Adafruit can significantly help those new to Raspberry Pi overcome some initial hurdles. Visit Adafruit to take a look at all the awesomeness they have created over the last seven years.
Gnome is not in as bad a shape as we thought earlier. Recently, there have been talks of Ubuntu considering a Gnome only edition, like we have Kubuntu or Xubuntu. There is no evidence for this news, but it seems apparent from this Ubuntu forum thread. From what started as a simple question, the thread attracted lots of interested people, developers came together and pretty soon, they were found discussing names for this distro. A true community indeed! there is no fix on the name yet, and the name GNOMEbuntu was dropped recently, as the Gnome Foundation does not permit this naming scheme. The last choice is between GNObuntu and Gnubuntu.
PCWorld discusses the software package for this new distro, saying,
Along with Compiz, the new GNOME Ubuntu will reportedly use the Rhythmbox music player as well as the Epiphany browser, Evolution for e-mail and workgroup functions, the Abiword word processor, and the Gnumeric spreadsheet package. Neither Firefox nor LibreOffice will be preinstalled, according to the report.
While on one hand, Canonical is touting Unity, this community effort brings back Gnome, an environment that most Ubuntu users are familiar with. Nonetheless, the customization offered by Gnome is miles ahead of Unity, and this is something Unity will not be able to match for some days. The development team for ubuntu Gnome edition is already in place, and there are seven members already working on this. The next challenge for GNOMEbuntu was to join the official distro party at Canonical and it has made it! If everything goes well from here, we will definitely see a Gnome version of ubuntu 12.10, due to release in October.
The relation between Nvidia and Linux worsens each day, as Linus Torvalds spills hatred for Nvidia publicly. He even went to the extent of uttering the f-word for Nvidia (with a finger gesture), in a public presentation. That should tell us enough, and it is a known fact that every Linux user has had bad experiences with Nvidia’s driver support for Linux, at some point of time.
While Nvidia provides the best closed-source graphics driver as compared to AMD, it is not good enough. That is because; AMD provides better open-source graphics drivers and some acceptable documentation too. Nvidia only allows its proprietary driver to be reverse engineered as part of the Nouveau project. To make things worse, the Nvidia proprietary driver for Linux just earned fame that is even more notorious.
The proprietary graphics driver released by Nvidia had a serious security flaw, and it was reported to Nvidia more than a month ago. However, Nvidia decided to ignore the vulnerability completely and did not act upon it until someone went public with it. After a month, David Airlie, who is a well-known Linux developer, made the exploit public. It was then that Nvidia came out of its reluctance and decided to do something.
The vulnerability allowed root access, and it was blocked by denying user-space access to the registers which could be programmed to redirect the VGA window unwantedly. The vulnerability affected not only Linux x86 and x86_64 drivers, it also made FreeBSD and Solaris potentially vulnerable. Nvidia has released a new version of its driver for Unix- version 304.32, and patched older versions.