Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 4 hours 43 min ago

2018 in perspective (Libre Graphics World)

Tuesday 6th of February 2018 02:39:16 PM
Here's a look at what's coming on the desktop in Libre Graphics World. "After almost 6 years of work, the GIMP team is finalizing the next big update. The plan is to cut a beta of v2.10 once the amount of critical bugs falls further down: it's currently stuck at 20, as new bugs get promoted to blockers, while old blockers get fixed. It's a bit of an uphill battle."

[$] Meltdown and Spectre mitigations — a February update

Monday 5th of February 2018 10:50:23 PM
The initial panic over the Meltdown and Spectre processor vulnerabilities has faded, and work on mitigations in the kernel has slowed since our mid-January report. That work has not stopped, though. Fully equipping the kernel to protect systems from these vulnerabilities is a task that may well require years. Read on for an update on the current status of that work.

Four stable kernels

Monday 5th of February 2018 04:11:13 PM
Greg Kroah-Hartman has released stable kernels 4.15.1, 4.14.17, 4.9.80, and 4.4.115. They all contain important fixes and users should upgrade.

Security updates for Monday

Monday 5th of February 2018 04:02:43 PM
Security updates have been issued by Debian (dokuwiki and p7zip), Fedora (kernel, pdns, rsync, and webkitgtk4), openSUSE (chromium and translate-toolkit), Red Hat (jboss-ec2-eap and Red Hat Satellite 6), Slackware (php), and SUSE (bind and firefox).

Meet India’s women Open Source warriors (Factor Daily)

Monday 5th of February 2018 02:26:31 PM
The Factor Daily site has a look at work to increase the diversity of open-source contributors in India. "Over past two months, we interviewed at least two dozen people from within and outside the open source community to identify a set of women open source contributors from India. While the list is not conclusive by any measure, it’s a good starting point in identifying the women who are quietly shaping the future of open source from this part of the world and how they dealt with gender biases."

[$] 4.16 Merge window part 1

Friday 2nd of February 2018 09:35:28 PM
As of this writing, just over 6,700 non-merge changesets have been pulled into the mainline repository for the 4.16 development cycle. Given that there are a number of significant trees yet to be pulled, the early indications are that 4.16 will be yet another busy development cycle. What follows is a summary of the significant changes merged in the first half of this merge window.

Free Electrons becomes Bootlin

Friday 2nd of February 2018 05:09:01 PM
Longtime embedded Linux development company Free Electrons has just changed its name to Bootlin due to a trademark dispute (with "FREE SAS, a French telecom operator, known as the owner of the free.fr website"). It is possible that Free Electrons may lose access to its "free-electrons.com" domain name as part of the dispute, so links to the many resources that Free Electrons hosts (including documentation and conference videos) should be updated to use "bootlin.com". "The services we offer are different, we target a different audience (professionals instead of individuals), and most of our communication efforts are in English, to reach an international audience. Therefore Michael Opdenacker and Free Electrons’ management believe that there is no risk of confusion between Free Electrons and FREE SAS. However, FREE SAS has filed in excess of 100 oppositions and District Court actions against trademarks or name containing “free”. In view of the resources needed to fight this case, Free Electrons has decided to change name without waiting for the decision of the District Court. This will allow us to stay focused on our projects rather than exhausting ourselves fighting a long legal battle."

GNU C Library 2.27 released

Friday 2nd of February 2018 03:50:46 PM
Version 2.27 of the GNU C Library is out. This release includes support for static PIE executables, a number of security-oriented improvements (and fixes for several CVE numbers), support for memory protection keys, and much more.

Security updates for Friday

Friday 2nd of February 2018 03:21:23 PM
Security updates have been issued by CentOS (systemd and thunderbird), Debian (squid and squid3), Fedora (firefox), Mageia (java-1.8.0-openjdk and sox), openSUSE (ecryptfs-utils and libXfont), Oracle (systemd and thunderbird), Scientific Linux (thunderbird), and Ubuntu (dovecot and w3m).

How I coined the term 'open source' (Opensource.com)

Friday 2nd of February 2018 01:41:44 AM
Over at Opensource.com, Christine Peterson has published her account of coining the term "open source". Originally written in 2006, her story on the origin of the term has now been published for the first time. The 20 year anniversary of the adoption of "open source" is being celebrated this year by the Open Source Initiative at various conferences (recently at linux.conf.au, at FOSDEM on February 3, and others). "Between meetings that week, I was still focused on the need for a better name and came up with the term "open source software." While not ideal, it struck me as good enough. I ran it by at least four others: Eric Drexler, Mark Miller, and Todd Anderson liked it, while a friend in marketing and public relations felt the term "open" had been overused and abused and believed we could do better. He was right in theory; however, I didn't have a better idea, so I thought I would try to go ahead and introduce it. In hindsight, I should have simply proposed it to Eric Raymond, but I didn't know him well at the time, so I took an indirect strategy instead. Todd had agreed strongly about the need for a new term and offered to assist in getting the term introduced. This was helpful because, as a non-programmer, my influence within the free software community was weak. My work in nanotechnology education at Foresight was a plus, but not enough for me to be taken very seriously on free software questions. As a Linux programmer, Todd would be listened to more closely."

[$] Mixed-criticality support in seL4

Thursday 1st of February 2018 11:03:26 PM
Linux tries to be useful for a wide variety of use cases, but there are some situations where it may not be appropriate; safety-critical deployments with tight timing constraints would be near the top of the list for many people. On the other hand, systems that can run safety-critical code in a provably correct manner tend to be restricted in functionality and often have to be dedicated to a single task. In a linux.conf.au 2018 talk, Gernot Heiser presented work that is being done with the seL4 microkernel system to safely support complex systems in a provably safe manner.

Huang: Spectre/Meltdown Pits Transparency Against Liability

Thursday 1st of February 2018 07:36:45 PM
Here's a blog post from "bunnie" Huang on the tension between transparency and product liability around hardware flaws. "The open source community could use the Spectre/Meltdown crisis as an opportunity to reform the status quo. Instead of suing Intel for money, what if we sue Intel for documentation? If documentation and transparency have real value, then this is a chance to finally put that value in economic terms that Intel shareholders can understand. I propose a bargain somewhere along these lines: if Intel releases comprehensive microarchitectural hardware design specifications, microcode, firmware, and all software source code (e.g. for AMT/ME) so that the community can band together to hammer out any other security bugs hiding in their hardware, then Intel is absolved of any payouts related to the Spectre/Meltdown exploits."

Security updates for Thursday

Thursday 1st of February 2018 04:22:09 PM
Security updates have been issued by Debian (chromium-browser, krb5, and smarty3), Fedora (firefox, GraphicsMagick, and moodle), Mageia (rsync), openSUSE (bind, chromium, freeimage, gd, GraphicsMagick, libtasn1, libvirt, nodejs6, php7, systemd, and webkit2gtk3), Red Hat (chromium-browser, systemd, and thunderbird), Scientific Linux (systemd), and Ubuntu (curl, firefox, and ruby2.3).

[$] LWN.net Weekly Edition for February 1, 2018

Thursday 1st of February 2018 02:17:38 AM
The LWN.net Weekly Edition for February 1, 2018 is available.

[$] Too many lords, not enough stewards

Wednesday 31st of January 2018 10:37:44 PM

For anyone who has followed Daniel Vetter's talks over the last year or two, it is fairly clear that he is not happy with the kernel development process and the role played by kernel maintainers. In a strongly worded talk at linux.conf.au (LCA) 2018 in Sydney, he further explored the topic (that he also raised at LCA 2017) in a talk entitled "Burning down the castle". In his view, kernel development is broken and it is unlikely to improve anytime soon.

Schaller: An update on Pipewire – the multimedia revolution

Wednesday 31st of January 2018 08:14:58 PM
Christian Schaller provides us with an update on the state of the new PipeWire multimedia system. "So as you probably noticed one thing we didn’t mention above is how to deal with PulseAudio applications. Handling this usecase is still on the todo list and the plan is to at least initially just keep PulseAudio running on the system outputting its sound through PipeWire. That said we are a bit unsure how many applications would actually be using this path because as mentioned above all GStreamer applications for instance would be PipeWire native automatically through the PipeWire GStreamer plugins."

[$] Containers from user space

Wednesday 31st of January 2018 07:17:36 PM
In a linux.conf.au 2018 keynote called "Containers from user space" — an explicit reference to the cult film "Plan 9 from Outer Space" — Jessie Frazelle took the audience on a fast-moving tour of the past, present, and possible future of container technology. Describing the container craze as "amazing", she covered topics like the definition of a container, security, runtimes, container concepts in programming languages, multi-tenancy, and more.

Some stable kernel updates

Wednesday 31st of January 2018 04:45:55 PM
The latest stable kernel updates are: 4.14.16, 4.9.79, 4.4.114, and 3.18.93. Each contains a relatively large set of important fixes and updates.

[$] The effect of Meltdown and Spectre in our communities

Wednesday 31st of January 2018 04:40:17 PM

A late-breaking development in the computing world led to a somewhat hastily arranged panel discussion at this year's linux.conf.au in Sydney. The embargo for the Meltdown and Spectre vulnerabilities broke on January 4; three weeks later, Jonathan Corbet convened representatives from five separate parts of our community, from cloud to kernel to the BSDs and beyond. As Corbet noted in the opening, the panel itself was organized much like the response to the vulnerabilities themselves, which is why it didn't even make it onto the conference schedule until a few hours earlier.

GDB 8.1 released

Wednesday 31st of January 2018 04:30:29 PM
Version 8.1 of the GDB debugger is out. Changes include better support for the Rust language and various other improvements to make debugging easier; see the announcement and the news file for the full list.

More in Tux Machines

SuiteCRM 7.10 Released

  • SuiteCRM 7.10 released
    SalesAgility, the creators and maintainers of SuiteCRM, are excited to announce a new major release of the world’s most popular open source CRM – SuiteCRM 7.10, including highly anticipated new features and many enhancements. SuiteCRM is a fully featured, highly flexible, open source CRM, which can be installed on-premise or in the cloud, and allows companies and organisations to have full control over their own customer data. It delivers actionable insights into customers, boosts conversions, helps increase sales, bolsters customer care and streamlines business operations. The CRM is as powerful as Salesforce and Dynamics, but with the unique benefit of being completely open source.
  • SuiteCRM 7.10 released
    SuiteCRM is a fork of the formerly open-source SugarCRM customer relationship management system.
  • SuiteCRM 7.10 Released For Open-Source Customer Relationship Management
    SuiteCRM 7.10 is now available as the latest major feature release to this customer relationship management (CRM) software forked from SugarCRM's last open-source release.
  • How startups and SME’s can leverage open source CRM to increase business
    Prominent Open Source CRM in India: – SugarCRM Founded in 2004, Sugar CRM has over 7,000 customers and more than half a million users worldwide. Easily one of the largest open sources CRM in the world, SugarCRM offers versatile functionalities including sales-force automation, marketing campaigns, customer support, collaboration, Mobile CRM, Social CRM and reporting. While SugarCRM has released no open source editions since early 2014, its earlier community versions continued to inspire other open source software, namely Suite CRM, Vtiger CRM and SarvCRM. – SuiteCRM Suite CRM is a popular fork of SugarCRM and was launched as the latest version of the SugarCRM in October 2013. In a short period of its existence, it has won several awards and has been adopted by reputed clientele, including the Govt. of UK’s National Health Scheme (NHS) program. Suite CRM is an enterprise-class open source alternative to proprietary alternatives and offers a series of extension for both free and paid-for enhancements. Prominent additional modules available with SuiteCRM include Teams security, Google Maps, Outlook Plugin, Products, Contracts, Invoices, PDF Templates, workflow, reporting and Responsive Theme.

Open source intelligent solutions to transform work, businesses

New trends are opening up new opportunities and new ways to deal with IT, according to Thomas di Giacomo, SUSE CTO, speaking at the SUSE executive roundtable, which the open source company hosted in partnership with ITWeb last week. There are many new and innovative technologies that can help IT leaders meet these new demands, he added. Open source based technologies have become the driving force behind most of the technologically disruptive innovations, said Di Giacomo. "It is pretty clear that all the new innovation is coming from open source. "For example, open source progress with Linux and virtualisation a couple of decades ago, cloud in the last 10 years, and more recently, containers for applications, software-defined infrastructure, and platform-as-a-service, empowering DevOps principles." However, these trends also present some new challenges, said Di Giacomo. Compared to a couple of decades ago, the number of open source projects today has skyrocketed - from hundreds in the different foundations like the Linux Foundation, Apache, Eclipse and others, to millions of projects on Github. Read more

today's lefftovers

OSS Leftovers

  • Running for the board of the Open Source Initiative – a few words
    Today I would like to explain my reasons for my candidacy at the board of the Open Source Initiative. I can think of two kinds of reason for my decision: one is personal, and the other one is directly related to current state of Open Source and software freedom. Let’s start with the first one: I’m currently helping the Open Information Security Foundation and the Suricata project in my capacity at ANSSI, while contributing in a minor way to the LibreOffice project and the Document Foundation.
  • Tutanota: Encrypted Open Source Email Service for Privacy Minded People
    Since then, I have heard of another email provider that you may be interested in. It’s a little different, but it touts some of the same features ProtonMail does: privacy, security, open-source code, etc. It’s called Tutanota, and like ProtonMail, I am a very big fan.
  • Open FinTech Forum – Event preview, October 10-11, New York City.
  • The tracker will always get through
    A big objection to tracking protection is the idea that the tracker will always get through. Some people suggest that as browsers give users more ability to control how their personal information gets leaked across sites, things won't get better for users, because third-party tracking will just keep up. On this view, today's easy-to-block third-party cookies will be replaced by techniques such as passive fingerprinting where it's hard to tell if the browser is succeeding at protecting the user or not, and users will be stuck in the same place they are now, or worse. I doubt this is the case because we're playing a more complex game than just trackers vs. users. The game has at least five sides, and some of the fastest-moving players with the best understanding of the game are the adfraud hackers. Right now adfraud is losing in some areas where they had been winning, and the resulting shift in adfraud is likely to shift the risks and rewards of tracking techniques.
  • MozMEAO SRE Status Report - February 16, 2018
    Here’s what happened on the MozMEAO SRE team from January 23 - February 16.
  • The major milestones of the Government Digital Service (GDS)
  • PyTorch Should Be Copyleft
    Most people have heard of Google’s Tensorflow which was released at the end of 2015, but there’s an active codebase called PyTorch which is easier to understand, less of a black box, and more dynamic. Tensorflow does have solutions for some of those limitations (such as Tensorflow-fold, and Tensorflow-Eager) but these new capabilities remove the need for other features and complexity of Tensorflow. Google built a great system for doing static computation graphs before realizing that most people want dynamic graphs. Doh! [...] I wish PyTorch used the AGPL license. Most neural networks are run on servers today, it is hardly used on the Linux desktop. Data is central to AI and that can stay owned by FB and the users of course. The ImageNet dataset created a revolution in computer vision, so let’s never forget that open data sets can be useful.
  • Linux on Nintendo Switch, a new Kubernetes ML platform, and more news
    In this edition of our open source news roundup, we take a look at the Mozilla's IoT gateway, a new machine learning platform, Code.mil's revamp, and more.