An anonymous reader writes: In early 2013, Canonical showed the world Ubuntu Touch, a version of Ubuntu developed specifically for smartphones. Now, the mobile operating system has finally reached "release to manufacturing" status. (Here's the release announcement.) The first phone running Ubuntu Touch, the Meizu MX4, will start shipping in December. "Details are scarce on its hardware, but a leak from iGeek suggests the Pro variant may have a Samsung Exynos 5430 processor, 4GB of RAM, and a 2560x1536 resolution screen. ... This more powerful hardware is good news if true, and it bodes well for Ubuntu's vision of computing convergence." Softpedia has a preview of the RTM version of the OS. They say performance has improved significantly, even on old phones, and that the UI has been polished into a much better state.
Follow Slashdot stories on Twitter
An anonymous reader writes "Open source operating systems vulnerable to the Shellshock bug have already pushed two patches to fix the vulnerability, but Apple has yet to issue one for Mac OS X. Ars Technica speculates that licensing issues may be giving Apple pause: "[T]he current [bash] version is released under the GNU Public License version 3 (GPLv3). Apple has avoided bundling GPLv3-licensed software because of its stricter license terms....Apple executives may feel they have to have their own developers make modifications to the bash code."" It's also worth noting that there are still flaws with the patches issued so far. Meanwhile, Fedora Magazine has published an easy-to-follow description of how Shellshock actually works. The Free Software Foundation has also issued a statement about Shellshock.
jrepin writes OpenMandriva is proud to announce the release of OpenMandriva Lx 2014.1 distribution of the GNU/Linux operating system. Most of developers efforts were focused on reducing system boot up time and memory usage. This version brings Linux kernel 3.15.10 (with special patches for desktop system performance, responsiveness, and realtime capabilities), KDE Software Compilation 4.13.3, Xorg 1.15.1, Mesa 10.2.6, LibreOffice 4.3.1, Firefox 32, GNU bash with latest security fixes, and many other updated software packages.
CowboyRobot writes: HTTPS has evolved into the de facto standard for secure Web browsing. Through the certificate-based authentication protocol, Web services and Internet users first authenticate one another ("shake hands") using a TLS/SSL certificate, encrypt Web communications end-to-end, and show a padlock in the browser to signal that a communication is secure. In recent years, HTTPS has become an essential technology to protect social, political, and economic activities online. At the same time, widely reported security incidents (such as DigiNotar's breach, Apple's #gotofail, and OpenSSL's Heartbleed) have exposed systemic security vulnerabilities of HTTPS to a global audience. The Edward Snowden revelations (notably around operation BULLRUN, MUSCULAR, and the lesser-known FLYING PIG program to query certificate metadata on a dragnet scale) have driven the point home that HTTPS is both a major target of government hacking and eavesdropping, as well as an effective measure against dragnet content surveillance when Internet traffic traverses global networks. HTTPS, in short, is an absolutely critical but fundamentally flawed cybersecurity technology.
The recently disclosed bug in bash was bad enough as a theoretical exploit; now, reports Ars Technica, it could already be being used to launch real attacks. In a blog post yesterday, Robert Graham of Errata Security noted that someone is already using a massive Internet scan to locate vulnerable servers for attack. In a brief scan, he found over 3,000 servers that were vulnerable "just on port 80"—the Internet Protocol port used for normal Web Hypertext Transfer Protocol (HTTP) requests. And his scan broke after a short period, meaning that there could be vast numbers of other servers vulnerable. A Google search by Ars using advanced search parameters yielded over two billion web pages that at least partially fit the profile for the Shellshock exploit. More bad news: "[T]he initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry." And CNET is not the only one to say that Shellshock, which can affect Macs running OS X as well as Linux and Unix systems, could be worse than Heartbleed.
An anonymous reader writes Fedora 21 Alpha has been released. After encountering multiple delays, the first development version is out for the Fedora.NEXT and Fedora 21 products. Fedora 21 features improved Wayland support, GNOME 3.14, many updated packages, greater server and cloud support, and countless other improvements with Fedora 20 already being nearly one year old.
snydeq writes: Deep End's Paul Venezia follows up his call for splitting Linux distros in two by arguing that the new shape of the Linux server is thin, light, and fine-tuned to a single purpose. "Those of us who build and maintain large-scale Linux infrastructures would be happy to see a highly specific, highly stable mainstream distro that had no desktop package or dependency support whatsoever, so was not beholden to architectural changes made due to desktop package requirements. When you're rolling out a few hundred Linux VMs locally, in the cloud, or both, you won't manually log into them, much less need any type of graphical support. Frankly, you could lose the framebuffer too; it wouldn't matter unless you were running certain tests," Venezia writes. "It's only a matter of time before a Linux distribution that caters solely to these considerations becomes mainstream and is offered alongside more traditional distributions."
An anonymous reader writes A boycott of systemd and other backlash around systemd's feature-creep has led to the creation of Uselessd, a new init daemon. Uselessd is a fork of systemd 208 that strips away functionality considered irrelevant to an init system like the systemd journal and udev. Uselessd also adds in functionality not accepted in upstream systemd like support for alternative C libraries (namely uClibc and musl) and it's even being ported to BSD.
An anonymous reader writes A developer who goes by the handle Vladikoff has tweaked Google's App Runtime for Chrome (ARC) to allow any Android app to run on any major desktop operating system, not just the handful announced last week which were also limited to Chrome OS. His tweaked version of ARC is re-packaged as ARChon. The install isn't very straightforward, and you have to be in developer mode on Chrome. But there's a support forum on reddit. The extension will work on any OS running the desktop version of Chrome 37 and up as long as the user also installs chromeos-apk, which converts raw Android app packages (APKs) to a Chrome extension. Ars Technica reports that apps run this way are buggy, fast, and crash often but expresses optimism for when Google officially "opens the floodgates on the Play Store, putting 1.3 million Android apps onto nearly every platform."
An anonymous reader writes: Apple is releasing iOS 8 today, and Ars Technica has posted one of their huge, thorough reviews of the updated operating system. They have this to say about the UI: "iOS 8 tries to fit a whole lot more stuff onto a single screen than iOS 7 did. The operating system was clearly developed in anticipation of iPhones with larger screens." The biggest new feature is Extensions: "Older versions of iOS limited what third-party applications could do to communicate with external services and other third-party applications. ... Extensions remove some (but not all) of those barriers." The biggest examples of extensions are custom keyboards, a feature iOS users have been requesting for years. Downsides to iOS 8 include increased storage and processing requirements, which are bad news for older iPhones, and a host of new bugs associated with the new features.
snydeq writes: Two weeks before the its official unveiling, this article provides a roundup of what to expect and the open questions around Windows 9, given Build 9834 leaks and confirmations springing up all over the Web. The desktop's Start Menu, Metro apps running in resizable windows on the desktop, virtual desktops, Notification Center, and Storage Sense, are among the presumed features in store for Windows 9. Chief among the open questions are the fates of Internet Explorer, Cortana, and the Metro Start Screen. Changes to Windows 9 will provide an inkling of where Nadella will lead Microsoft in the years ahead. What's your litmus test on Windows 9?
An anonymous reader writes MINIX 3 is a small POSIX-compliant operating system aimed at high reliability (embedded) applications. A major new version of MINIX 3 (3.3.0) is now available for download at www.minix3.org. In addition to the x86, the ARM Cortex A8 is now supported, with ports to the BeagleBoard and BeagleBones available. Finally, the entire userland has been redone in 3.3.0 to make it NetBSD compatible, with thousands of NetBSD packages available out of the box. MINIX 3 is based on a tiny (13 KLoC) microkernel with the operating system running as a set of protected user-mode processes. Each device driver is also a separate process. If a driver fails, it is automatically and transparently restarted without rebooting and without applications even noticing, making the system self-healing. The full announcement, with links to the release notes and notes on installation, can be found at the Minix Google Groups page.
jones_supa writes Google has revealed that it's launching the finished 64-bit version of Chrome 39 for OS X this November, which already brought benefits in speed, security and stability on Windows. However at this point the 32-bit build for Mac will cease to exist. Just to make it clear, this decision does not apply to Windows and Linux builds, at least for now. As a side effect, 32-bit NPAPI plugins will not work on Chrome on Mac version 39 onwards. The affected hardware are only the very first x86-based Macs with Intel Core Duo processors. An interesting question remains, whether the open source version of Chrome, which is of course Chromium, could still be compiled for x86-32 on OS X.
DeviceGuru writes: The Open Source Robotics Foundation (OSRF), which maintains the open source Robot Operating System (ROS), has announced its first formal support for an ARM target. The organization will add support for the Qualcomm Snapdragon 600, a smartphone-oriented, quad-core, Cortex-A15-like system-on-chip running up to 1.7GHz. The Linux version of ROS for Snapdragon 600 will be available in Q4 of this year, with the Android version due in the first half of 2015. The OSRF will test, refine, and fully integrate support for the ARM instruction set architecture into ROS development efforts. OSRF will also perform ongoing maintenance to support ROS on the Snapdragon 600.
jrepin writes: The municipality of Turin in Italy hopes to save 6 million Euro over five years by switching from Windows XP to Ubuntu Linux in all of its offices. The move will mean installing the open source operating system on 8,300 PCs, which will generate an immediate saving of roughly €300 per machine (almost €2.5m altogether, made up from the cost of Windows and Office licences) — a sum that will grow over the years as the need for the renewal of proprietary software licences vanishes, and the employees get used to the new machines.
An anonymous reader writes "I currently connect to the internet via a standard router, but I'm looking at bulking up security. Could people provide their experiences with setting up a dedicated firewall machine with VPN capabilities? I am a novice at Linux/BSD, so would appreciate pointers at solutions that require relatively little tweaking. Hardware-wise, I have built PC's, so I'm comfortable with sourcing components and assembling into a case. The setup would reside in my living room, so a quiet solution is required. The firewall would handle home browsing and torrenting traffic. Some of the questions knocking around in my head: 1. Pros and cons of buying an off-the-shelf solution versus building a quiet PC-based solution? 2. Software- versus hardware-based encryption — pros and cons? 3. What are minimum requirements to run a VPN? 4. Which OS to go for? 5. What other security software should I include for maximum protection? I am thinking of anti-virus solutions."
An anonymous reader writes On Thursday, Google launched "App Runtime for Chrome (Beta)" which allows Android apps to run on Chrome OS without the need for porting. At the moment, only Duolingo, Evernote, Sight Words, and Vine are available on the platform with the rest of the Play Store's offerings to come later. Google "built an entire Android stack into Chrome OS using Native Client" in order to achieve this.
Jon Aldama is the Product Marketing Manager for Enea A.B., but he prides himself on being a developer first and a marketer second -- a point he stresses early in today's video. Enea is behind Operating System Embedded, whose Wikipedia page, some say, "appears to be written like an advertisement," which an unkind person could also say about the Enea A.B. Wikipedia page. In any case, Enea works with the Linux Foundation's Yocto Project workgroup, whose main webpage says, "It's not an embedded Linux distribution – it creates a custom one for you." This is all open source, which Jon says is a big corporate principle at Enea -- and he should know, since his previous job was as an Open Source Compliance Officer and Software Analyst at Ericsson. (Alternate Video Link)
snydeq writes Desktop workloads and server workloads have different needs, and it's high time Linux consider a split to more adequately address them, writes Deep End's Paul Venezia. You can take a Linux installation of nearly any distribution and turn it into a server, then back into a workstation by installing and uninstalling various packages. The OS core remains the same, and the stability and performance will be roughly the same, assuming you tune they system along the way. Those two workloads are very different, however, and as computing power continues to increase, the workloads are diverging even more. Maybe it's time Linux is split in two. I suggested this possibility last week when discussing systemd (or that FreeBSD could see higher server adoption), but it's more than systemd coming into play here. It's from the bootloader all the way up. The more we see Linux distributions trying to offer chimera-like operating systems that can be a server or a desktop at a whim, the more we tend to see the dilution of both. You can run stock Debian Jessie on your laptop or on a 64-way server. Does it not make sense to concentrate all efforts on one or the other?"
Jason Hibbets writes: "There are many solved problems in open source. Groupware is not one of them," Georg Greve, co-founder and CEO of Kolab System starts off his post highlighting recent features of the latest release of the Kolab groupware project. He calls out a few newly elected politicians that don't like the current set-up, but says that thousands of users don't have the same experience. "Until today, the city of Munich is using the same stand-alone calendaring and email systems it had used when it was still fully operating on Windows. Updating these systems had a lower priority than the migration to LiMux then. But an upgrade is underway now. And, the solution they chose is agnostic to the desktop platform and will service LiMux and Windows alike. The primary difference made by another migration would likely be due to the perils that come with any migration, such as additional costs and delays. In other words: The very problem used to criticize the LiMux desktop is already being solved."