GNOME Dev Schaller Assures Ubuntu Users the Move To Step Away From Unity Will Bring Consistency Across Linux Distros (gnome.org) 104
Canonical Killing Unity For Ubuntu Linux, Will Switch To the Superior GNOME (betanews.com) 386
Ubuntu Linux 17.04 'Zesty Zapus' Final Beta Now Available For Download (betanews.com) 113
"The Ubuntu team is pleased to announce the final beta release of the Ubuntu 17.04 Desktop, Server, and Cloud products. Codenamed 'Zesty Zapus', 17.04 continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution," says Adam Conrad, Canonical. "The team has been hard at work through this cycle, introducing new features and fixing bugs."
Canonical Helps Launch A Snap Store For The Orange Pi Community (ubuntu.com) 55
With snaps developers can distribute their application in a secure, confined package bundled with all its dependencies, so users can install applications that could take half an hour to install in just a few seconds. The Orange Pi App Store uses the whitelabel app store offering from Canonical, which lets them distribute applications to the Orange Pi community under its own brand. The store is a place for developers to share their Orange Pi specific applications. It also benefits from the wealth of applications available in the Ubuntu snap store, also available through the store.
Are there any Slashdot readers who are actually using snaps? Or -- for that matter -- are there any Slashdot readers developing with the Orange Pi?
Edge, VMWare, Safari, And Ubuntu Linux Hacked at Pwn2Own 2017 (trendmicro.com) 83
- Ars Technica reports one team "compromised Microsoft's heavily fortified Edge browser in a way that escapes a VMware Workstation virtual machine it runs in... by exploiting a heap overflow bug in Edge, a type confusion flaw in the Windows kernel and an uninitialized buffer vulnerability in VMware."
- Digital Trends reports "Samuel Grob and Niklas Baumstark used a number of logic bugs to exploit the Safari browser and eventually take root control of the MacOS on a MacBook Pro, [and] impressed onlookers even more by adding a custom message to the Touch Bar which read: "pwned by niklasb and saelo."
- Ubuntu 16.10 Linux was also successfully attacked by exploiting a flaw in the Linux 4.8 kernel, "triggered by a researcher who only had basic user access but was able to elevate privileges with the vulnerability to become the root administrative account user..." reports eWeek. "Chaitin Security Research Lab didn't stop after successfully exploiting Ubuntu. It was also able to successfully demonstrate a chain of six bugs in Apple Safari, gaining root access on macOS."
- Another attacker "leveraged two separate use-after-free bugs in Microsoft Edge and then escalated to SYSTEM using a buffer overflow in the Windows kernel."
None of the attendees registered to attempt an attack on the Apache Web Server on Ubuntu 16.10 Linux, according to eWeek, but the contest's blog reports that "We saw a record 51 bugs come through the program. We paid contestants $833,000 USD in addition to the dozen laptops we handed out to winners. And, we awarded a total of 196 Master of Pwn points."
Firefox Goes PulseAudio Only, Leaves ALSA Users With No Sound (omgubuntu.co.uk) 322
Canonical Preps Security Lifeboat, Yells: Ubuntu 12.04 Hold-Outs, Get In (theregister.co.uk) 88
Dell Doubles Down On High-End Ubuntu Linux Laptops (zdnet.com) 128
Ask Slashdot: What Would Happen If All Software Ran On All Platforms? 383
Example: 3D CAD software that runs on Windows 14, Playstation 7, an Android Smartphone, Nintendo's latest handheld gaming device and an Ubuntu PC in exactly the same way with no compatibility problems whatsoever occurring. What would and would not change in such a computing world?
He also asks an even more important question: will this ever be possible or feasible from a technical standpoint? So leave your best answers in the comments. Will it ever be possible to run all software on all platforms -- and what would happen if we could?
Linux Kernel 4.10 Officially Released With Virtual GPU Support (softpedia.com) 90
It required 13,000 commits, plus over 1,200 merges, Linus wrote in the announcement, adding "On the whole, 4.10 didn't end up as small as it initially looked."
System76 Refreshes Ubuntu Linux Laptops With Intel Kaby Lake, NVIDIA GTX 10 Series, and 4K (betanews.com) 126
LinuxQuestions Users Choose Their Favorite Distro: Slackware (zdnet.com) 145
Linux users love to debate about desktop environments. KDE Plasma Desktop took first by a hair's breadth over the popular lightweight Xfce desktop. Other well-regarded desktop environments, such as Cinnamon and MATE, got surprisingly few votes. The once popular GNOME still hasn't recovered from the blowback from its disliked design change from GNOME 2 to GNOME 3.
Firefox may struggle as a web browser in the larger world, but on Linux it's still popular. Firefox took first place with 51.7 percent of the vote. Chrome came in a distant second place, with the rest of the vote being divided between a multitude of obscure browsers.
LibreOffice won a whopping 89.6% of the vote for "best office suite" -- and Vim beat Emacs.
The City Of Munich Now Wants To Abandon Linux And Switch Back to Windows (techrepublic.com) 557
The use of the open-source Thunderbird email client and LibreOffice suite across the council would also be phased out, in favor of using "market standard products" that offer the "highest possible compatibility" with external and internal software... The full council will vote on whether to back the plan next Wednesday. If all SPD and CSU councillors back the proposal put forward by their party officials, then this new proposal will pass, because the two parties hold the majority.
The leader of the Munich Green Party says the city will lose "many millions of euros" if the change is implemented. The article also reports that Microsoft moved its German headquarters to Munich last year.
Pwn2Own 2017 Offers Big Bounties For Linux, Browser, and Apache Exploits (eweek.com) 56
"We are nine weeks away," TrendMicro posted Wednesday, pointing out that they're giving out over $1 million in bounties, including the following:
- $100,000 for escaping a virtualization hypervisor
- $80,000 for a Microsoft Edge or Google Chrome exploit
- $50,000 for an exploit of Adobe Reader, Microsoft Word, Excel or PowerPoint
- $50,000 for an Apple Safari exploit
- $30,000 for a Firefox exploit
- $30,000, $20,000 and $15,000 for privilege-escalating kernel vulnerabilities on Windows, macOS and Linux (respectively)
- $200,000 for an Apache Web Server exploit
Windows 10 Gets A New Linux: openSUSE (fossbytes.com) 189
Windows 10 Upgrade Bug Disabled Cntrl-C In Bash (infoworld.com) 277
[O]ne major issue in build 15002 is that Ctrl-C in a Bash session no longer works. Microsoft provided an uncommon level of detail for how this bug crept in, saying it had to do with synchronization between the Windows and Bash development teams. The next Insider build should have a fix. But for people doing serious work with Linux command-line apps, not having Ctrl-C is a little like driving a car when only the front brakes work.
Linux.com Announces The Best Linux Distros for 2017 (linux.com) 224
- Best distro for sysadmins : Parrot Linux. "Based on Debian and offers nearly every penetration testing tool you could possibly want. You will also find tools for cryptography, cloud, anonymity, digital forensics, programming, and even productivity."
- Best lightweight distribution: LXLE. "Manages to combine a perfect blend of small footprint with large productivity."
- Best desktop distribution: Elementary OS "I'm certain Elementary OS Loki will do the impossible and usurp Linux Mint from the coveted 'best desktop distribution' for 2017."
- Best Linux for IoT: Snappy Ubuntu Core "Can already be found in the likes of various hacker boards (such as the Raspberry Pi) as well as Erle-Copter drones, Dell Edge Gateways, Nextcloud Box, and LimeSDR."
- Best non-enterprise server distribution: CentOS. "Since 2004, CentOS has enjoyed a massive community-driven support system."
- Best enterprise server distribution: SUSE. "Don't be surprised if, by the end of 2017, SUSE further chips away at the current Red Hat market share."
Wallen also chose Gentoo for "Best distribution for those with something to prove," saying "This is for those who know Linux better than most and want a distribution built specifically to their needs... a source-based Linux distribution that starts out as a live instance and requires you to then build everything you need from source." And surprisingly, he didn't mention his own favorite Linux distro, Bodhi Linux, which he describes elsewhere as "a melding of Ubuntu and Enlightenment".
Android Was 2016's Most Vulnerable Product, Oracle the (bleepingcomputer.com) 147
When it comes to software vendors, the company for which the largest number of new CVE numbers have been assigned was Oracle, with a whopping 798 CVEs, who edged out Google (698 bugs), Adobe (548 bugs), Microsoft (492 bugs), Novell (394), IBM (382 bugs), Cisco (353 bugs), Apple (324 bugs), Debian Project (320 bugs), and Canonical (280 bugs).
Ubuntu Survey Discovers 'Consumers Are Terrible' About Updating Their IoT Devices (ubuntu.com) 181
Canonical has taken the view for some time now that better automatic mechanisms to fix vulnerabilities remotely are needed as an essential step on the way to a secure IoT. We need to remove the burden of performing software updates from the user and we need to actively ban the dreaded 'default password', as Canonical has done with Ubuntu Core 16... It's clear to us that too many of the solutions to IoT security proposed today involve either mitigating security issues after-the-fact, or living in a world where IoT security problems are the accepted norm. This should not and cannot be the case.
They'll be publishing their complete findings in a new paper in January.