Language Selection

English French German Italian Portuguese Spanish

Ubuntu: Needs more QA

Filed under
Linux

I have been using Ubuntu extensively since 5.10. There are a lot of things I like about it, however here I will spend a few words about one thing that can definitively be improved: Quality Assurance. There are plenty of example of applications that are generally working but shows some bugs that are long since waiting to be fixed. Some are present in all releases, other in only the latests. I am not talking about minor bugs either. Here some:

  • ACPI (resume, suspend) is half-broken in many Centrino based laptops, which resume/suspend only at rare times. Very well documented bug, present in Edgy. People trying out Ubuntu on their new laptop are upsettly turned off by this.
  • System freeze when using ATI radeon 7000. It affects both Dapper and Edgy. A fix for Edgy is available, no sign for one in Dapper. Considering that Dapper offers Long Time Support, I would expect this bug to be fixed by now (it's been around since early 2005). Instead if you need a long time supported release and you use this graphic card (like my Poweredge server), Dapper just doesn't work. Nice.
  • VNC server 4 does not work in edgy. It is waiting for a trivial patch to be made upstream. While it works in Dapper, because of the change in fonts location in Edgy, it is badly broken in Edgy. For people using this tool to control remote machines we have to rely on older and slower versions of VNC.

You may say that those are really minor bugs, and I may agree. However they show not a great deal of care in quality assurance. Lots of resources are spent in improving the user interface, which is a good thing. However I often have the feeling that Canonical is going after new features, without spending too much time producing a really solid
release. I am not talking about exotic hardware, but pretty strightforward mainstream machines.
Am I wrong?

More in Tux Machines

Games: Ostriv, Back to Bed, EVERSPACE, Hiveswap: Act 1

Openwashing and Microsoft FUD

BlueBorne Vulnerability Is Patched in All Supported Ubuntu Releases, Update Now

Canonical released today new kernel updates for all of its supported Ubuntu Linux releases, patching recently discovered security vulnerabilities, including the infamous BlueBorne that exposes billions of Bluetooth devices. The BlueBorne vulnerability (CVE-2017-1000251) appears to affect all supported Ubuntu versions, including Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus) up to 16.04.3, Ubuntu 14.04 LTS (Trusty Tahr) up to 14.04.5, and Ubuntu 12.04 LTS (Precise Pangolin) up to 12.04.5. Read more

Security: Updates, 2017 Linux Security Summit, Software Updates for Embedded Linux and More

  • Security updates for Tuesday
  • The 2017 Linux Security Summit
    The past Thursday and Friday was the 2017 Linux Security Summit, and once again I think it was a great success. A round of thanks to James Morris for leading the effort, the program committee for selecting a solid set of talks (we saw a big increase in submissions this year), the presenters, the attendees, the Linux Foundation, and our sponsor - thank you all! Unfortunately we don't have recordings of the talks, but I've included my notes on each of the presentations below. I've also included links to the slides, but not all of the slides were available at the time of writing; check the LSS 2017 slide archive for updates.
  • Key Considerations for Software Updates for Embedded Linux and IoT
    The Mirai botnet attack that enslaved poorly secured connected embedded devices is yet another tangible example of the importance of security before bringing your embedded devices online. A new strain of Mirai has caused network outages to about a million Deutsche Telekom customers due to poorly secured routers. Many of these embedded devices run a variant of embedded Linux; typically, the distribution size is around 16MB today. Unfortunately, the Linux kernel, although very widely used, is far from immune to critical security vulnerabilities as well. In fact, in a presentation at Linux Security Summit 2016, Kees Cook highlighted two examples of critical security vulnerabilities in the Linux kernel: one being present in kernel versions from 2.6.1 all the way to 3.15, the other from 3.4 to 3.14. He also showed that a myriad of high severity vulnerabilities are continuously being found and addressed—more than 30 in his data set.
  • APNIC-sponsored proposal could vastly improve DNS resilience against DDoS