Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 52 min 58 sec ago

Kügler: Plasma Mobile Roadmap

Tuesday 31st of October 2017 10:15:52 PM
On his blog, Sebastian Kügler sets out a roadmap for Plasma Mobile, which is a project that "aims to become a complete and open software system for mobile devices". There is already a prototype version available, the next step is the "feature phone" milestone (which will be followed by the "basic smartphone" and "featured smartphone" milestones). "The feature phone milestone is what we’re working on right now. This involves taking the prototype and fixing all the basic things to turn it into something usable. Usable doesn’t mean 'usable for everyone', but it should at least be workable for a subset of people that only rely on basic features — 'simple' things. Core features should work flawlessly once this milestone is achieved. With core features, we’re thinking along the lines of making phone calls, using the address book, manage hardware functions such as network connectivity, volume, screen, time, language, etc.. Aside from these very core things for a phone, we want to provide decent integration with a webbrowser (or provide our own), app store integration likely using store.kde.org, so you can get apps on and off the device, taking photos, recording videos and watching these media. Finally, we want to settle for an SDK which allows third party developers to build apps to run on Plasma Mobile devices. Getting this to work is no small feat, but it allows us to receive real-world feedback and provide a stable base for third-party products. It makes Plasma Mobile a viable target for future product development."

[$] Kernel regression tracking, part 1

Tuesday 31st of October 2017 05:11:27 PM
The kernel development community has run for some years without anybody tracking regressions; that changed one year ago when Thorsten Leemhuis stepped up to the task. Two conversations were held on the topic at the 2017 Kernel and Maintainers summits in Prague; this article covers the first of those, held during the open Kernel-Summit track.

Security updates for Tuesday

Tuesday 31st of October 2017 05:10:53 PM
Security updates have been issued by Debian (libav, quagga, wordpress, and wpa), Mageia (exiv2, irssi, opensc_etc, procmail, rpm, and wget), SUSE (kernel), and Ubuntu (kernel, linux, linux-raspi2, linux-gcp, linux-hwe, and linux-lts-xenial).

[$] Restartable sequences and ops vectors

Tuesday 31st of October 2017 08:23:39 AM
Some technologies find their way into the kernel almost immediately; others need to go through multiple iterations over a number of years first. Restartable sequences, a mechanism for lockless concurrency control in user space, fall into the latter category. At the 2017 Kernel Summit, Mathieu Desnoyers discussed yet another implementation of this concept — but this one may not be the last word either.

[$] GStreamer: state of the union

Monday 30th of October 2017 07:13:57 PM

The annual GStreamer conference took place October 21-22 in Prague, (unofficially) co-located with the Embedded Linux Conference Europe. The GStreamer project is a library for connecting media elements such as sources, encoders and decoders, filters, streaming endpoints, and output sinks of all sorts into a fully customizable pipeline. It offers cross-platform support, a large set of plugins, modern streaming and codec formats, and hardware acceleration as some of its features. Kicking off this year's conference was Tim-Philipp Müller with his report on the last 12 months of development and what we can look forward to next.

Security updates for Monday

Monday 30th of October 2017 05:14:09 PM
Security updates have been issued by Arch Linux (apr, apr-util, chromium, and wget), CentOS (tomcat and tomcat6), Debian (curl, git-annex, golang, shadowsocks-libev, and wget), Fedora (libextractor and sssd), Gentoo (apache, asterisk, jython, oracle-jdk-bin, and xorg-server), openSUSE (chromium, curl, gcc48, GraphicsMagick, hostapd, kernel, libjpeg-turbo, libvirt, mysql-community-server, openvpn, SDL2, tcpdump, and wget), Oracle (tomcat and tomcat6), Red Hat (chromium-browser, tomcat, and tomcat6), Scientific Linux (tomcat and tomcat6), Slackware (php and wget), SUSE (firefox, mozilla-nss, kernel, wget, and xen), and Ubuntu (mysql-5.5, poppler, and wget).

Kernel prepatch 4.14-rc7

Monday 30th of October 2017 06:08:13 AM
The 4.14-rc7 kernel prepatch is out for testing. "Still, considering the issues we've had, I likely will do an rc8 unless this upcoming week ends up being _so_ quiet that there's no point. Which while unlikely would be lovely..."

[$] Another attempt to address the tracepoint ABI problem

Friday 27th of October 2017 01:18:43 PM
Tracepoints provide a great deal of visibility into the inner workings of the kernel, which is both a blessing and a curse. The advantages of knowing what the kernel is doing are obvious; the disadvantage is that tracepoints risk becoming a part of the kernel's ABI if applications start to depend on them. The need to maintain tracepoints could impede the ongoing development of the kernel. Ways of avoiding this problem have been discussed for years; at the 2017 Kernel Summit, Steve Rostedt talked about yet another scheme.

Security updates for Friday

Friday 27th of October 2017 12:32:00 PM
Security updates have been issued by CentOS (ntp and wget), Debian (exiv2, mosquitto, and zoneminder), Mageia (upx and virtualbox), Oracle (ntp and wget), Red Hat (wget), Scientific Linux (wget), SUSE (xen), and Ubuntu (irssi, systemd, and wget).

A set of stable kernel updates

Friday 27th of October 2017 09:12:04 AM
The 4.13.10, 4.9.59, 4.4.95, and 3.18.78 stable kernel updates have been released; each contains the usual set of important fixes and updates.

[$] The state of the realtime union

Thursday 26th of October 2017 04:44:18 PM

The 2017 Realtime Summit was held October 21 at Czech Technical University in Prague to discuss all manner of topics related to realtime Linux. Nearly two years ago, a collaborative project was formed with the goal of mainlining the realtime patch set. At the summit, project lead Thomas Gleixner reported on the progress that has been made and the plans for the future.

More in Tux Machines

Security: Uber, Replacing x86 Firmware, 'IoT' and Chromebook

  • Key Dem calls for FTC to investigate Uber data breach

    A key Democrat is calling on the Federal Trade Commission (FTC) to investigate a massive Uber breach that released data on 57 million people, as well as the company's delay in reporting the cyber incident.

  • Multiple states launch probes into massive Uber breach
  • Replacing x86 firmware with Linux and Go

    The problem, Minnich said, is that Linux has lost its control of the hardware. Back in the 1990s, when many of us started working with Linux, it controlled everything in the x86 platform. But today there are at least two and a half kernels between Linux and the hardware. Those kernels are proprietary and, not surprisingly, exploit friendly. They run at a higher privilege level than Linux and can manipulate both the hardware and the operating system in various ways. Worse yet, exploits can be written into the flash of the system so that they persist and are difficult or impossible to remove—shredding the motherboard is likely the only way out.

  • Connected sex-toy allows for code-injection attacks on a robot you wrap around your genitals

    However, the links included base-64 encoded versions of the entire blowjob file, making it vulnerable to code-injection attacks. As Lewis notes, "I will leave you to ponder the consequences of having an XSS vulnerability on a page with no framebusting and preauthed connection to a robot wrapped around or inside someones genitals..."

  • Chromebook exploit earns researcher second $100k bounty
    For Google’s bug bounty accountants, lightning just struck twice. In September 2016, an anonymous hacker called Gzob Qq earned $100,000 (£75,000) for reporting a critical “persistent compromise” exploit of Google’s Chrome OS, used by Chromebooks. Twelve months on and the same researcher was wired an identical pay out for reporting – yes! – a second critical persistent compromise of Google’s Chrome OS. By this point you might think Google was regretting its 2014 boast that it could confidently double its maximum payout for Chrome OS hacks to $100,000 because “since we introduced the $50,000 reward, we haven’t had a successful submission.” More likely, it wasn’t regretting it at all because isn’t being told about nasty vulnerabilities the whole point of bug bounties?
  • Why microservices are a security issue
    And why is that? Well, for those of us with a systems security bent, the world is an interesting place at the moment. We're seeing a growth in distributed systems, as bandwidth is cheap and latency low. Add to this the ease of deploying to the cloud, and more architects are beginning to realise that they can break up applications, not just into multiple layers, but also into multiple components within the layer. Load balancers, of course, help with this when the various components in a layer are performing the same job, but the ability to expose different services as small components has led to a growth in the design, implementation, and deployment of microservices.

Lumina 1.4 Desktop Environment Debuts with New Theme Engine and ZFS Integrations

Lumina 1.4.0 is a major release that introduces several new core components, such as the Lumina Theme Engine to provide enhanced theming capabilities for the desktop environment and apps written in the Qt 5 application framework. The Lumina Theme Engine comes with a configuration utility and makes the previous desktop theme system obsolete, though it's possible to migrate your current settings to the new engine. "The backend of this engine is a standardized theme plugin for the Qt5 toolkit, so that all Qt5 applications will now present a unified appearance (if the application does not enforce a specific appearance/theme of it’s own)," said the developer in today's announcement. "Users of the Lumina desktop will automatically have this plugin enabled: no special action is required." Read more

today's leftovers

  • qBittorrent 4.0 Is a Massive Update of the Open-Source BitTorrent Client
    qBittorrent, the open-source and cross-platform BitTorrent client written in Qt for GNU/Linux, macOS, and Windows systems, has been updated to version 4.0, a major release adding numerous new features and improvements. qBittorrent 4.0 is the first release of the application to drop OS/2 support, as well as support for the old Qt 4 framework as Qt 5.5.1 or later is now required to run it on all supported platforms. It also brings a new logo and a new SVG-based icon theme can be easily scaled. Lots of other cosmetic changes are present in this release, and the WebGUI received multiple enhancements.
  • FFmpeg Continues Working Its "NVDEC" NVIDIA Video Decoding Into Shape
    Earlier this month the FFmpeg project landed its initial NVDEC NVIDIA video decoding support after already supporting NVENC for video encoding. These new NVIDIA APIs for encode/decode are part of the company's Video Codec SDK with CUDA and is the successor to the long-used VDPAU video decoding on NVIDIA Linux boxes. That NVDEC support has continued getting into shape.
  • Kobo firmware 4.6.10075 mega update (KSM, nickel patch, ssh, fonts)
    A new firmware for the Kobo ebook reader came out and I adjusted the mega update pack to use it. According to the comments in the firmware thread it is working faster than previous releases. The most incredible change though is the update from wpa_supplicant 0.7.1 (around 2010) to 2.7-devel (current). Wow.
  • 3.5-inch Apollo Lake SBC has dual mini-PCIe slots and triple displays
    Avalue’s Linux-friendly, 3.5-inch “ECM-APL2” SBC features Apollo Lake SoCs, 2x GbE, 4x USB 3.0, 2x mini-PCIe, triple displays, and optional -40 to 85°C. Avalue’s 3.5-inch, Apollo Lake based ECM-APL single-board computer was announced a year ago, shortly after Intel unveiled its Apollo Lake generation. Now it has followed up with an ECM-APL2 3.5-incher with a slightly different, and reduced, feature set.
  • 7 Best Android Office Apps To Meet Your Productivity Needs
    Office application is an essential suite that allows you to create powerful spreadsheets, documents, presentations, etc., on a smartphone. Moreover, Android office apps come with cloud integration so that you can directly access the reports from the cloud, edit them, or save them online. To meet the productivity need of Android users, the Play Store offers an extensive collection of Android office apps. But, we have saved you the hassle of going through each one of them and provided you a list of the best office apps for Android. The apps that we have picked are all free, although some do have Pro version or extra features available for in-app purchases. You can also refer to this list if you’re looking for Microsoft Office alternatives for your PC.

Servers and Red Hat