jammag writes "According to this article, 'Whether Ubuntu is declining is still debatable. However, in the last couple of months, one thing is clear: internally and externally, its commercial arm Canonical appears to be throwing the idea of community overboard as though it was ballast in a balloon about to crash.' The author points out instances of community discontent and apparent ham-handedness on Mark Shuttleworth's part. Yet isn't this just routine kvetching in the open source community?"
rjmarvin writes "Docker 0.7 was released today, with 7 major new features including support to run on all Linux distributions. No longer capable solely on running on Debian and Ubuntu Linux, Docker 0.7 adds support for distributions such as Red Hat, SUSE, Gentoo and Arch. From the announcement: 'A key feature of Docker is the ability to create many copies of the same base filesystem almost instantly. Under the hood Docker makes heavy use of AUFS by Junjiro R. Okajima as a copy-on-write storage mechanism. AUFS is an amazing piece of software and at this point it’s safe to say that it has safely copied billions of containers over the last few years, a great many of them in critical production environments. Unfortunately, AUFS is not part of the standard linux kernel and it’s unclear when it will be merged. This has prevented docker from being available on all Linux systems. Docker 0.7 solves this problem by introducing a storage driver API, and shipping with several drivers. Currently 3 drivers are available: AUFS, VFS (which uses simple directories and copy) and DEVICEMAPPER, developed in collaboration with Alex Larsson and the talented team at Red Hat, which uses an advanced variation of LVM snapshots to implement copy-on-write. An experimental BTRFS driver is also being developed, with even more coming soon: ZFS, Gluster, Ceph, etc. When the docker daemon is started it will automatically select a suitable driver depending on its capabilities.'"
sfcrazy writes "Fans of the MATE desktop environment, which is a fork of Gnome 2, will be happy to know that MATE is scheduled to be included in the official Debian repositories. Early 2012, it was requested that MATE be included in said repositories, and almost 2 years later, it appears we're almost there."
jfruh writes "Most day-to-day programmers have only a general idea of how compilers transform human-readable code into the machine language that actually powers computers. In an attempt to streamline applications, many compilers actually remove code that it perceives to be undefined or unstable — and, as a research group at MIT has found, in doing so can make applications less secure. The good news is the researchers have developed a model and a static checker for identifying unstable code. Their checker is called STACK, and it currently works for checking C/C++ code. The idea is that it will warn programmers about unstable code in their applications, so they can fix it, rather than have the compiler simply leave it out. They also hope it will encourage compiler writers to rethink how they can optimize code in more secure ways. STACK was run against a number of systems written in C/C++ and it found 160 new bugs in the systems tested, including the Linux kernel (32 bugs found), Mozilla (3), Postgres (9) and Python (5). They also found that, of the 8,575 packages in the Debian Wheezy archive that contained C/C++ code, STACK detected at least one instance of unstable code in 3,471 of them, which, as the researchers write (PDF), 'suggests that unstable code is a widespread problem.'"
An anonymous reader writes "Debian has been one of the last holdouts using SysVinit over a modern init system, but now after much discussion amongst Debian developers, they are deciding whether to support systemd or Upstart as their default init system. The Debian technical committee has been asked to vote on which init system to use, which could swing in favor of using Upstart due to the Canonical bias present on the committee."
An anonymous reader writes "After nine years of development, The Dark Mod is now a standalone game. Thief fans can now enjoy over 60 fan made missions which capture the essence of the Thief 1 / 2 games. Originally created as a reaction to Thief 3; with the upcoming release of Thief 4, many are comparing what was done here (a faithful extension of the old gameplay) to what Eidos has shown thus far. Can a little Doom 3 mod compete against a blockbuster AAA title? Should we even compare them?" All code in the The Dark Mod is GPLv3+, and the art assets are all CC BY-NC-SA 3.0 Unported which means it, unfortunately, cannot be distributed by even Debian. Still, an impressive feat!
dstates writes "A team of researchers at the University of Michigan has released Zmap, a tool that allows an ordinary server to scan every address on the Internet in just 45 minutes. This is a task that used to take months, but now is accessible to anyone with a fast internet connection. In their announcement Friday , at the Usenix security conference in Washington they provide interesting examples tracking HTTPS deployment over time, the effects of Hurricane Sandy on Internet infrastructure, but also rapid identification of vulnerable hosts for security exploits. A Washington Post Blog discussing the work shows examples of the rate with which of computers on the Internet have been patched to fix Universal Plug and Play, 'Debian weak key' and 'factorable RSA keys' vulnerabilities. Unfortunately, in each case it takes years to deploy patches and in the case of UPnP devices, they found 2.56 million (16.7 percent) devices on the Internet had not yet upgraded years after the vulnerability had been described."
New submitter stderr_dk writes "According to Wikipedia, the initial release of Debian happened 16 August 1993. In other words, it's Debian's birthday and you're all invited. 'During the Debian Birthday, the Debian conference will open its doors to anyone interested in finding out more about Debian and Free Software, inviting enthusiasts, users, and developers to a half day of talks relating to Free Software, the Debian Project, and the Debian operating system.' Over the years, Debian has been forked a number of times. Some of the more well-known forks are Ubuntu and Knoppix. The latest release of Debian pure blend was Debian 7.1 'Wheezy' on June 15th 2013."
An anonymous reader writes "Best Buy and Barnes and Noble have a problem with showrooming — shoppers checking out the merchandise in their stores and then proceeding to order the goods at a discounted prices online. And Red Hat might have a similar problem with people (not just college kids and software professionals boning up on their skills at home, either) using the free-as-in-beer CentOS rather than licensing Red Hat Enterprise Linux and paying support fees. But according to CEO Jim Whitehurst, Red Hat's competitive position may actually be helped by CentOS in the same way that counterfeit Windows products sold on the streets in the Far East may have helped Microsoft — by cementing their position as the technology standard, in a marketplace that also includes entrants from SuSE, Debian, Oracle, and Ubuntu, just among Linux-based entrants. Who does Whitehurst consider to be Red Hat's most direct threat? VMWare."
First time accepted submitter jovius writes "The Matriculation Examination Board of Finland has just opened an international hacking contest to find flaws and exploits in Digabi Live — the Live Debian based operating system to be used in the all-digital final exams by the year 2016. The contest ends on 1st of September, and the winners are about to scoop hefty hardware prizes, also available as cash."
An anonymous reader writes "I'm an Engineer with a need for 3 large monitors on the one PC. I want to run them as 'one big desktop' so I can drag windows around between all three monitors (Windows XP style). I run Debian and an nVidia NVS450. Currently I have been able to do what I want by using Xinerama which is painfully slow (think 1990s), or using TwinView which is hardware accelerated but only supports 2 monitors. I can live without 3D performance, but I need a hardware accelerated 2D desktop at the minimum. What are my options? I will happily give up running X and run something else if I need to (although I would like to keep using Xfce — but am open to anything). I am getting so desperate that I am starting to think of running Windows on my box, but that would be painful in so many other ways given my work environment revolves around the Linux toolset."
DeviceGuru writes "The 2014 Toyota Lexus IS reportedly will be the second major automobile to offer in-vehicle infotainment (IVI) systems based on Linux, following last year's introduction of the Debian-based Cadillac User Experience (CUE) IVI system, which now appears in Cadillac's XTS and SRX models. Cadillac's CUE IVI implementation was developed by GENIVI Alliance members MontaVista and Bosch and uses similar code, but is not listed as GENIVI compliant. Meanwhile, ABI Research projects that Linux will grow to 20 percent IVI market share by 2018, behind Microsoft and market leader QNX."
WebMink writes "A discussion in the Debian community reveals that last month Oracle quietly disclosed a change for the embedded BerkeleyDB database from the quirky Sleepycat License to the Affero General Public License (AGPL) in future versions. AGPL is only compatible with GPLv3 and treats web deployment as a trigger to license compliance, so developers using BerkeleyDB will need to check their code is still legally licensed. Even if they had made the switch in the interests of advancing software freedom it would be questionable to force so many developers into a new license compatibility crisis. But it seems likely their only motivation is to scare more people into buying proprietary licenses. Oracle are well within their rights, but developers are likely to treat this as a betrayal. As a poster in the Debian thread says, "Oracle move just sent the Berkeley DB to oblivion" because there are some great alternatives, like OpenLDAP's LMDB."
hypnosec writes "Knoppix 7.2 has been released for public testing — unlike its predecessor, Knoppix 7.1, which was only made available through the annual Linux Magazine CeBIT edition. Based on Debian "Wheezy", Knoppix 7.2 packs quite a few new features, including newer desktop packages from Debian/testing and Debian/unstable Jessie. The latest version uses the Linux 3.9 kernel and xorg 7.7, and comes loaded with LibreOffice 4.0, GIMP 2.8, Chromium 27 (and Firefox/Iceweasel 21), Wine 1.5, and Virtualbox version 4.2.10. It uses LXDE by default. For users who still want to go for KDE or GNOME, version 4.8.4 and 3.4.2 of the respective desktops are available from the Knoppix DVD."
alphadogg writes "Start-up Cumulus Networks this week has emerged with a Linux network operating system designed for programmable data centers like the ones Google and Facebook are building. The company's Cumulus Linux OS operating system includes IPv4 and IPv6 routing, plus data center and network orchestration hooks. Much like OpenFlow for independent, software-defined control of network forwarding, Cumulus Linux is intended to run on commodity network hardware and bring Open Source extensibility to high capacity data centers. The head of the company used to work for Cisco and Google." The distribution is based on Debian and ported to several router platforms. They claim to release most of their code Open Source, but there are at least a few proprietary bits for interfacing to the routing hardware itself.
Debian warns on its blog: "The unofficial third party repository Debian Multimedia stopped using the domain debian-multimedia.org some months ago. The domain expired and it is now registered again by someone unknown to Debian. (If we're wrong on this point, please sent us an email so we can take over the domain! This means that the repository is no longer safe to use, and you should remove the related entries from your source.list file.)" Update: 06/14 02:58 GMT by U L : If you're wondering where it went, it moved to deb-multimedia.org, after the DPL (at the time) asked the maintainer to stop using the Debian name.
Today's interviewee, Andrew Dougherty, has a Web page that says he is "...an autodidact mathematician and computer scientist specializing in Artificial Intelligence (AI) and Algorithmic Information Theory (AIT). He is the founder of the FRDCSA (Formalized Research Database: Cluster Study & Apply) project, a practical attempt at weak AI aimed primarily at collecting and interrelating existing software with theoretical motivation from AIT. He has made over 90 open source applications, 400 (unofficial) Debian GNU/Linux packages and 800 Perl5 modules (see http://frdcsa.org/frdcsa)." Tim Lord says Andrew's project "brings together a lot of AI algorithms, collects large sets of data for those algorithms to chew on, and writes software to do things like ... guide your whole life." As you might guess, Andrew occupies a pretty far edge of the eccentric programmer world, as you'll see from this video (and transcript). He calls himself "a serious Stallmanite" (his word), and has chosen the GPL for his software in the hopes that it will therefore help the greatest number of people. (Speaking of help, he's looking for interesting data sets and various "life rules" that can be integrated with his planning software, and one of the reasons he presented at the recent YAPC::NA was to solicit help in putting his hundreds of Perl modules onto CPAN.)
coop0030 writes "Thanks to the affordable Raspberry Pi and some clever software, anyone can re-create the classic arcade experience at home. Adafruit brings the genuine 'clicky' arcade controls, you bring the game files and a little crafting skill to build it. Classic game emulation used to require a well-specced PC and specialized adapters for the controls, so it's exciting to see this trickle down to a $40 system. Also, a video of the game system is on YouTube."
New submitter m.alessandrini writes "I've been using Debian for a long time, and I'm not a novice at all; I install system updates almost daily, I avoid risky behaviors on Internet, and like all Linux users I always felt safe. Yesterday my webcam suddenly turned on, and turned off after several minutes. I'm pretty sure it was nothing serious, but I started thinking about malware. At work I use noscript and other tools, but at home I have a more relaxed browser to be used by other family members, too. Here I'm not talking about rootkits or privilege escalation (I trust Debian), I think more of normal user compromise. For example, these days much malware come from malicious scripts in sites, even in advertising banners inside trusted sites, and this is more 'cross-platform' than normal viruses. So, what about non-root user malware? How much could this be real? And how can you diagnose it?"
jrepin writes "The GNU Hurd is the GNU project's replacement for the Unix kernel. It is a collection of servers that run on the Mach microkernel to implement file systems, network protocols, file access control, and other features that are implemented by the Unix kernel or similar kernels (such as Linux). The Debian GNU/Hurd team announces the release of Debian GNU/Hurd 2013. This is a snapshot of Debian 'sid' at the time of the Debian 'wheezy' release (May 2013), so it is mostly based on the same sources. Debian GNU/Hurd is currently available for the i386 architecture with more than 10,000 software packages available (more than 75% of the Debian archive)."