• Pop!_OS Is Finally Here — System76’s Ubuntu-based Operating System For Developers

  The first ever stable release of Pop!_OS is finally here. You can go ahead and download it from this link. Don’t forget to share your feedback. Earlier this year in June, we reported that System76 is creating its own Linux distro called Pop!_OS.

• Samsung DeX Promises to Bring the Linux PC Experience to Your Mobile Device

  After unveiling its next-generation Bixby 2.0 intelligent assistant, Samsung today announced that it plans to bring the Linux PC experience to the Samsung DeX ecosystem.

• Steps toward a privacy-preserving phone

  What kind of cell phone would emerge from a concerted effort to design privacy in from the beginning, using free software as much as possible? Some answers are provided by a crowdfunding campaign launched in August by Purism SPC, which has used two such campaigns successfully in the past to build a business around secure laptops. The Librem 5, with a five-inch screen and radio chip for communicating with cell phone companies, represents Purism's hope to bring the same privacy-enhancing vision to the mobile space, which is much more demanding in its threats, technology components, and user experience.

  The abuse of mobile phone data has become a matter of worldwide concern. The capture and sale of personal data by apps is so notorious that it has been covered in USA Today; concerns over snooping contribute to the appeal of WhatsApp (which has topped 1.3 billion users) and other encrypted and privacy-conscious apps. But apps are only one attack vector. I got in touch with Todd Weaver, founder and CEO of Purism, to find out what the company is doing to plug the leaks in mobile devices.

• DockerCon EU 17 Panel Debates Docker Container Security

  There are many different security capabilities that are part of the Docker container platform, and there are a number of vendors providing container security offerings. At the DockerCon EU 17 conference in Copenhagen, Denmark, eWEEK moderated a panel of leading vendors—Docker, Hewlett Packard Enterprise, Aqua Security, Twistlock and StackRox—to discuss the state of the market.

  To date, there have been no publicly disclosed data breaches attributed to container usage or flaws. However, that doesn't mean that organizations using containers have not been attacked. In fact, Wei Lien Dang, product manager at StackRox, said one of his firm's financial services customers did have a container-related security incident.

• DockerCon EU: Tips and Tools for Running Container Workloads on AWS

  Amazon Web Services wants to be a welcome home for developers and organizations looking to deploy containers. At the DockerCon EU conference here, a pair of AWS technical evangelists shared their wisdom on the best ways to benefit from container deployments.

  The terms microservices and containers are often used interchangeably by people. Abby Fuller, technical evangelist at AWS, provided the definition of microservices coined by Adrian Crockford, VP of Cloud Architecture at AWS and formerly the cloud architect at Netflix.

• Docker CEO: Embracing Kubernetes Removes Conflict

  Steve Singh has ambitious plans for Docker Inc. that are nothing less than transforming the world of legacy applications into a modern cloud-native approach.

  Singh was named CEO of Docker on May 2 and hosted his first DockerCon event here Oct. 16-19. The highlight of DockerCon EU was the surprise announcement that Docker is going to support the rival open-source Kubernetes container orchestration system.

  In a video interview with eWEEK, Singh explained the rationale behind the Kubernetes support and provided insight into his vision for the company he now leads.

• MongoDB's IPO Beats the Market Out of the Gate

  The folks at MongoDB raised a whole lot of money today in their debut on NASDAQ.

  Yesterday the open source company announced it was going to be asking $24 a share for the 8 million Class A shares it was letting loose in its IPO, which had some Wall Street investors scratching their heads and wondering if the brains at Mongo were suffering from some kind of undiagnosed damage. Analysts had been estimating an opening price of between $20-22 per share, and on October 6 the company had estimated an opening price in the range of $18-20.

• Cramming features into LTS kernel releases

  While the 4.14 development cycle has not been the busiest ever (12,500 changesets merged as of this writing, slightly more than 4.13 at this stage of the cycle), it has been seen as a rougher experience than its predecessors. There are all kinds of reasons why one cycle might be smoother than another, but it is not unreasonable to wonder whether the fact that 4.14 is a long-term support (LTS) release has affected how this cycle has gone. Indeed, when he released 4.14-rc3, Linus Torvalds complained that this cycle was more painful than most, and suggested that the long-term support status may be a part of the problem. A couple of recent pulls into the mainline highlight the pressures that, increasingly, apply to LTS releases.

  As was discussed in this article, the 4.14 kernel will include some changes to the kernel timer API aimed at making it more efficient, more like contemporary in-kernel APIs, and easier to harden. While API changes are normally confined to the merge window, this change was pulled into the mainline for the 4.14-rc3 release. The late merge has led to a small amount of grumbling in the community.

• Improving the kernel timers API

  The kernel's timer interface has been around for a long time, and its API shows it. Beyond a lack of conformance with current in-kernel interface patterns, the timer API is not as efficient as it could be and stands in the way of ongoing kernel-hardening efforts. A late addition to the 4.14 kernel paves the way toward a wholesale change of this API to address these problems.

• What's the best way to prevent kernel pointer leaks?

  An attacker who seeks to compromise a running kernel by overwriting kernel data structures or forcing a jump to specific kernel code must, in either case, have some idea of where the target objects are in memory. Techniques like kernel address-space layout randomization have been created in the hope of denying that knowledge, but that effort is wasted if the kernel leaks information about where it has been placed in memory. Developers have been plugging pointer leaks for years but, as a recent discussion shows, there is still some disagreement over the best way to prevent attackers from learning about the kernel's address-space layout.

  There are a number of ways for a kernel pointer value to find its way out to user space, but the most common path by far is the printk() function. There are on the order of 50,000 printk() calls in the kernel, any of which might include the value of a kernel pointer. Other places in the kernel use the underlying vsprintf() mechanism to format data for virtual files; they, too, often leak pointer values. A blanket ban on printing pointer values could solve this problem — if it could be properly enforced — but it would also prevent printing such values when they are really needed. Debugging kernel problems is one obvious use case for printing pointers, but there are others.

• Continuous-integration testing for Intel graphics

  Two separate talks, at two different venues, give us a look into the kinds of testing that the Intel graphics team is doing. Daniel Vetter had a short presentation as part of the Testing and Fuzzing microconference at the Linux Plumbers Conference (LPC). His colleague, Martin Peres, gave a somewhat longer talk, complete with demos, at the X.Org Developers Conference (XDC). The picture they paint is a pleasing one: there is lots of testing going on there. But there are problems as well; that amount of testing runs afoul of bugs elsewhere in the kernel, which makes the job harder.

  Developing for upstream requires good testing, Peres said. If the development team is not doing that, features that land in the upstream kernel will be broken, which is not desirable. Using continuous-integration (CI) along with pre-merge testing allows the person making a change to make sure they did not break anything else in the process of landing their feature. That scales better as the number of developers grows and it allows developers to concentrate on feature development, rather than bug fixing when someone else finds the problem. It also promotes a better understanding of the code base; developers learn more "by breaking stuff", which lets them see the connections and dependencies between different parts of the code.

The GNU Privacy Guard (GnuPG) is one of the fundamental tools that allows a distributed group to have trust in its communications. Werner Koch, lead developer of GnuPG, spoke about it at Kernel Recipes: what's in the new 2.2 version, when older versions will reach their end of life, and how development will proceed going forward. He also spoke at some length on the issue of best-practice key management and how GnuPG is evolving to assist.

It is less than three years since attention was focused on the perilous position of GnuPG; because of systematic failure of the community to fund its development, Koch was considering packing it all in. The Snowden revelations persuaded him to keep going a little longer, then in the wake of Heartbleed there was a resurgent interest in funding the things we all rely on. Heartbleed led to the founding of the Core Infrastructure Initiative (CII). A grant from CII joined commitments from several companies and other organizations and an upsurge in community funding has put GnuPG on a more secure footing going forward.

• Ubuntu 17.10: We're coming GNOME! Plenty that's Artful in Aardvark, with a few Wayland wails

  Ubuntu has done a good job of integrating a few plugins that improve GNOME's user experience compared to stock GNOME – most notably a modified version of the Dash-to-Dock and the App Indicator extensions, which go a long way toward making GNOME a bit more like Unity. It's worth noting that Ubuntu's fork of Dash-to-Dock lacks some features of the original, but you can uninstall the Ubuntu version in favour of the original if you prefer. In fact you can really revert to a pretty stock GNOME desktop with just a few tweaks. Canonical said it wasn't going to heavily modify GNOME and indeed it hasn't.

• What’s New in Ubuntu 17.10 Artful Aardvark

• Ubuntu Podcast: S10E33 – Aggressive Judicious Frame

  This week we’ve been protecting our privacy with LineageOS and playing Rust. Telegram get fined, your cloud is being used to mine BitCoin, Google announces a new privacy focused product tier, North Korea hacks a UK TV studio, a new fully branded attack vector is unveiled and Purism reach their funding goal for the Librem 5.

• Refreshing the Xubuntu logo

  Earlier this year I worked a bit with our logo to propose a small change to it – first change to the logo in 5 years. The team approved, but for various reasons the new logo did not make it to 17.10. Now we’re ready to push it out to the world.

• Intel Begins Landing GFNI Support In GCC 8

  Intel compiler engineers have begun landing "GFNI" support within the GNU Compiler Collection as one of the new ISA extensions not expected until the Icelake processor debut.

• Control-Flow Enforcement Technology Begins To Land In GCC 8

  Intel Control-flow Enforcement Technology (CET) support has begun landing within the GNU Compiler Collection (GCC) for this code safety feature.

  Patches have been in the works for several months while now the start of the patches are being merged to mainline. Coincidentally, at the same time Intel is also landing their GFNI instruction patches in GCC as well.

• Intel Continues Landing New i915 DRM Features For Linux 4.15

  Jani Nikula has sent in another drm-intel-next update for David Airlie's DRM-Next tree. They continue prepping more updates to their Direct Rendering Manager (DRM) for targeting the upcoming Linux 4.15 cycle.

  There have already been several Intel "i915" DRM driver updates queued in DRM-Next for this new kernel version. Past pulls have included marking Coffeelake graphics as stable, continued Cannonlake "Gen 10" graphics enablement, various display improvements, and quite a lot of other low-level code improvements.

• Many Vega Improvements & Other Fixes Land In Mesa For RADV Vulkan Driver

  With Mesa 17.3 expected to be branched this weekend and this marking the end of feature development for this last stable Mesa series of 2017, the RADV Radeon Vulkan drivers in particular have been busy landing a lot of last minute code.

• Occlusion Queries Land In Etnaviv For Mesa 17.3

  Landing in Mesa Git this morning ahead of the imminent 17.3 branching is support for OpenGL occlusion queries.

• Intel Wires In EGL Context Priority Support For Their Mesa Driver

Over the past year, Mozilla has been working on a series of major changes to the Firefox browser, mainly for performance and security. These changes are referred to as Project Quantum. Some improvements arrived already with no major differences for its users.

Last month the major changes landed in the developer channel. These changes mark a major deadline for how extensions work. This deadline gave third party developers a chance to look at their extensions and make changes to remain compatible. It was an important milestone date for the various Firefox add-ons. Firefox 57 marks an end to the legacy XUL based extensions. Starting with version 57, Firefox supports only a new type of extension, named WebExtension.

The Linux desktop has come a very long way from its humble beginnings. Back in my early days of using Linux, knowledge of the command line was essential—even for the desktop. That’s no longer true. Many users might never touch the command line. For Linux system administrators, however, that’s not the case. In fact, for any Linux admin (be it server or desktop), the command line is a requirement. From managing networks, to security, to application and server settings—there’s nothing like the power of the good ol’ command line.

But, the thing is… there are a lot of commands to be found on a Linux system. Consider /usr/bin alone and you’ll find quite a lot of commands (you can issue ls /usr/bin/ | wc -l to find out exactly how many you have). Of course, these aren’t all user-facing executables, but it gives you a good idea of the scope of Linux commands. On my Elementary OS system, there are 2029 executables within /usr/bin. Even though I will use only a fraction of those commands, how am I supposed to remember even that amount?

Eclipse may not be the first open source organization that pops to mind when thinking about Internet of Things (IoT) projects. After all, the foundation has been around since 2001, long before IoT was a household word, supporting a community for commercially viable open source software development.

September's Eclipse IoT Day, held in conjunction with RedMonk's ThingMonk 2017 event, emphasized the big role Eclipse is taking in IoT development. It currently hosts 28 projects that touch a wide range of IoT needs and projects. While at the conference, I talked with Ian Skerritt, who heads marketing for Eclipse, about Eclipse's IoT projects and how Eclipse thinks about IoT more broadly.

Experienced open source developers are in short supply. To attract top talent, companies often have to do more than hire a recruiter or place an ad on a popular job site. However, if you are running an open source program at your organization, the program itself can be leveraged as a very effective recruiting tool. That is precisely where the new, free online guide Recruiting Open Source Developers comes in. It can help any organization in recruiting developers, or building internal talent, through nurturing an open source culture, contributing to open source communities, and showcasing the utility of new open source projects.

Why does your organization need a recruiting strategy? One reason is that the growing shortage of skilled developers is well documented. According to a recent Cloud Foundry report, there are a quarter-million job openings for software developers in the U.S. alone and half a million unfilled jobs that require tech skills. They’re also forecasting the number of unfillable developer jobs to reach one million within the next decade.

• Fedora meets RHEL

• Fedora 27 Making It Easy To Deploy Free RHEL7 VMs

  For those wanting to use Red Hat Enterprise Linux 7 within a GNOME Boxes driven virtual machine, you can do so for free now with Fedora Workstation 27.

  Red Hat has made it possible to easily deploy RHEL7 from within the GNOME Boxes virtualization software even if you are not a paying Red Hat customer. All that's required is a free Red Hat developer account.

• How to Choose a Linux Container Image

  A comparison of Linux container images talks about the best-practices in choosing an image. Architecture, security and performance are among the factors, while commercial users would also look for support options.

  A Linux container allows separate management of kernel space and user space components by utilizing cgroups and namespaces, which are resource and process isolation mechanisms. Solaris and BSD also have abstractions similar to Linux containers but the article's focus is on the latter only. The host running the container has the operating system kernel and a set of libraries and tools required to run containers. The container image, on the other hand, has the libraries, interpreters and application code required to run the application that is being distributed in the container. These depend on underlying system libraries. This is true for interpreted languages too as the interpreters themselves are written in low level languages.

• The Four Pillars of Cloud-Native Operations

  As organizations shift their application strategies to embrace the cloud-native world, the purpose of the cloud transitions from saving money to delivering and managing applications. Platforms such as Cloud Foundry, Kubernetes, and Docker redefine the possibilities for application environments that utilize the cloud. It’s time for us as operations professionals to rethink how we approach our jobs in this new world. We should be asking, how do our organizations take advantage of cloud-native as a new mode of application delivery?

• How to align your team around microservices

  Microservices have been a focus across the open source world for several years now. Although open source technologies such as Docker, Kubernetes, Prometheus, and Swarm make it easier than ever for organizations to adopt microservice architectures, getting your team on the same page about microservices remains a difficult challenge.

  For a profession that stresses the importance of naming things well, we've done ourselves a disservice with microservices. The problem is that that there is nothing inherently "micro" about microservices. Some can be small, but size is relative and there's no standard measurement unit across organizations. A "small" service at one company might be 1 million lines of code, but far fewer at another organization.

• Hyperledger Stitches in Another Blockchain Project

  The Linux Foundation’s open source Hyperledger Project, which works on blockchain technologies, added a sixth sub project — this one dubbed Quilt.

  Hyperledger Quilt started around 18 months ago and is an implementation of the Interledger Protocol (ILP), which helps facilitate transactions across ledgers.

• Chinese Search Giant Baidu Joins Hyperledger Blockchain Consortium

  Chinese search engine giant Baidu has become the latest member of the Linux Foundation-led Hyperledger blockchain consortium.

  In joining the group – which focuses on developing blockchain technologies for enterprises – Baidu will assist the project's efforts alongside other member companies including Accenture, IBM, JP Morgan, R3, Cisco and SAP, among others.

• The next three major Steam sale dates have been leaked

  Valve never do manage to keep sale dates hidden for long, but for the dates of the three next major sales to slip is a bit embarrassing. Not really much they can do about it though, unless they want to hide the dates from developers for longer, or restrict who is able to actually see them.

• Skirmish Line, a strategy game inspired by classic flash game Mud and Blood 2 is now on Linux

  Skirmish Line [Steam, Official Site], a game inspired by an older flash game Mud and Blood 2 is now in Early Access with Linux support.

• Colony building sim 'Maia' has a huge update with cats, dogs, hurricanes and more

  Pet lovers gather around, as your off-world colonists will now have some pets! This might be one of the biggest updates Maia [itch.io, Steam] has ever had.

• Cyberpunk game Observer gets a Mac and Linux release date

  Blade Runner 2049 might not be a commercial smash, but Denis Villeneuve’s film has fortunately turned out to be an excellent, and worthwhile, follow-up to Ridley Scott’s 1982 future-noir masterpiece.

In October 2010, Mark Shuttleworth, founder of the Ubuntu open-source operating system and CEO of Canonical, announced his grand plan to build a converged Linux desktop that would work on mobile devices, desktops and even TVs. He called the effort "Unity" and poured significant financial resources into it.

Seven years later, the Unity dream is dead.

On Oct. 19, Ubuntu 17.10 was released as the first Ubuntu Linux version since 2010 that didn't use Unity as the default Linux desktop. In a video interview with eWEEK, Shuttleworth details the rationale behind his decision to cancel Unity and why he has now put his company on the path toward an initial public offering (IPO).

Because Ubuntu has moved into the mainstream in a bunch of areas, including the cloud, he said some of the things his company had been doing were never going to be commercially sustainable.

Also: Ubuntu 17.10 delivers new desktop and cloud enhancements

• Samsung Is Bringing Desktop Linux To Its Smartphones

  Samsung is bringing desktop Linux to its smartphones. The 'Linux on Galaxy' project will let users "run Linux-based distributions on mobile devices".

• “Linux On Galaxy” Is Bringing Your Favorite Linux Distros On Smartphones

  echnology companies have worked in the past to let your smartphones work like desktop computers; Microsoft’s Continuum is the most notable effort in this direction. The latest attempt was made by Samsung. The company, with the launch of its flagship Galaxy S8, introduced the new DeX dock.

• Linux on Galaxy

• After Windows 10, Samsung is bringing Linux to Galaxy S8 and Note 8 smartphones

• The power of Linux is coming to select Galaxy devices, via DeX

YouTuber NODE has released a new video unveiling his third generation Handheld Linux Terminal which builds on the features from the previous creations and is once again fantastically awesome.

Check out the video below to learn more about the Handheld Linux Terminal Version 3 powered by a Raspberry Pi 3 mini PC. Great job NODE.

• 7 years of open source: Twilio, Synopsys & Veracode

  “What was once considered fringe and anti-establishment has now become the norm powering some of the largest technological innovations of our times. In the fields of artificial intelligence, machine learning, autonomous driving and block chain, OSS leads the way,” said Mel Llaguno , open source solution manager at Synopsys Software Integrity Group.

• F-Droid, the open-source app repository, has been updated to v1.0

  If you are a big Android enthusiast, then you're probably familiar with the name F-Droid. If not, it's an extensive repository of open source apps, as well as the name of its accompanying client. Today that client has been updated to v1.0.

  If you remember our coverage of v0.103, v1.0 should look pretty familiar. While there have been some significant changes behind the scenes, apart from a general improvement in performance and ease of use, you're not likely to notice much.

• Rackspace ends discount hosting for open source projects

  Rackspace has ended a program under which it offered “generous discounts on hosting for more than 150 OSS projects and communities”, but flubbed the announcement.

  The closure of the program came to our attention after Reg operatives noticed the Tweet below from Eric Holscher, who posted an image in which it appears the fanatical services company planned to withdraw the discount entirely.

• Oracle Joins Serverless Race with Open Source Fn Project

  Oracle has released Fn, a new open-source, cloud-agnostic, serverless platform. While supporting ‘any programming language’, it initially launched with extensive Java capabilities and a JUnit test framework.

  Fn comprises four of main components: Fn Server, Fn FDKs, Fn Flow and Fn Load Balancer. Written in Go, Fn Server is the platform that runs the code.

• CableLabs Hints That It’s Planning an Open Source Group

  In a meeting at the SCTE-ISBE Cable Tec Expo show yesterday, Randy Levensalor, lead architect at CableLabs involved with the group’s software-defined networking (SDN) and network functions virtualization (NFV) work, mentioned that CableLabs is planning to announce an open source group soon. He didn’t provide any further detail other than to say CableLabs will be making an announcement in about a month.

  We can speculate that it relates to CableLabs’ SNAPS initiative. SNAPS stands for “SDN/NFV Application development Platform and Stack.” The key objectives for SNAPS are to make it easier for NFV vendors to onboard their applications and to reduce the complexity of integration testing. The initiative attempts to accelerate the adoption of network virtualization, wrote Levensalor in a recent blog posting.

• Hacktoberfest 2017 @ Tel Aviv

  I gave my “Midburn – creating an open source community” talk in Hacktoberfest 2017 @ Tel Aviv. This is the local version of an initiative by DigitalOcean and GitHub.

• Bringing Mixed Reality to the Web

  Today, Mozilla is announcing a new development program for Mixed Reality that will significantly expand its work in Virtual Reality (VR) and Augmented Reality (AR) for the web. Our initial focus will be on how to get devices, headsets, frameworks and toolsets to work together, so web developers can choose from a variety of tools and publishing methods to bring new immersive experiences online – and have them work together in a fully functional way.

• Facebook open sources concurrent programming debugger

  Learning how to do sequential computing, where one calculation is made after the other, is easy. Anyone who learns programmings gets that. Parallel programming, which empowers super-computing calculations to be made simultaneously, is much harder, but doable. Concurrent computing, where multiple calculations are made within overlapping time frames, now that's hard. It's also extremely useful whether it's tracking multiple trains on a single train-line or multiple comments on a single Facebook page. That's why Facebook has worked hard on concurrent programming. Now, Facebook is sharing its newest debugger tool: RacerD, its new open source race detector.

• DragonFly 5.0 released!

   

  The normal ISO and IMG files are available for download and install, plus an uncompressed ISO image for those installing remotely.  

• NEC Partners with Canonical and Screenly on Ubuntu Digital Signage Platform

• How To Download Ubuntu 17.10 via Torrent

• Ubuntu 17.10 launches welcoming back the laughing GNOME

  Ubuntu 17.10 is the first to return to the GNOME runtime following the decision to abandon Unity 8 and therefore end the company's official involvement with mobile phone development.

• Lubuntu 17.10 (Artful Aardvark) released!

• Xubuntu 17.10 “Artful Aardvark” Released

• How to Install VMware Workstation 14 Pro on Debian 9 (Stretch)

• Splitting the Ion heaps

• More ways to examine network connections on Linux

• DASH trick-mode playback in GStreamer: Fast-forward/rewind without saturating your network and CPU

• How to install curl command on a Ubuntu Linux

• How to import a OpenVPN .ovpn file with Network Manager or Command Line in Linux

• Install Let's Encrypt and Secure Nginx with SSL/TLS in Debian 9