Language Selection

English French German Italian Portuguese Spanish

FreeBSD's Executive Director Calls For Linux + BSD Devs To Work Together

Filed under
Linux
BSD

While called the Open-Source Summit, the event is primarily about Linux as after all it's hosted by the Linux Foundation. But at this week's Open-Source Summit in San Diego, Deb Goodkin as the executive director of the FreeBSD Foundation presented. Deb's talk was of course on FreeBSD but also why FreeBSD and Linux developers should work together.

The presentation covered FreeBSD's development workflow and various features of this open-source operating system project for those unfamiliar as well as some of the companies utilizing FreeBSD and their different use-cases. It's a good overview for those not familiar with FreeBSD.

Read more

More in Tux Machines

How App Stores Are Addressing Fragmentation in the Linux Ecosystem

According to DistroWatch, 273 Linux distributions are currently active, with another 56 dormant and 521 discontinued. While some of these have shared underpinnings, it still makes for an extremely varied landscape for companies and developers. It means developers must create multiple versions of their applications to be able to provide their software to all Linux users or just address a fraction of the market. Also, developers require multiple versions of build tools, which inevitably results in significant resource overhead. Desktop application distribution is complex across all operating systems in general; in Linux, this is further compounded by such fragmentation and inter-dependencies both in the packaging and distribution of software. For example, Fedora uses the RPM packaging format, while Debian uses the .deb format. Moreover, packages built for one version of a Linux distribution are often incompatible with other versions of the same distribution and need to be built for each version separately. Read more

Security Leftovers

  • Security updates for Monday

    Security updates have been issued by Debian (ansible, faad2, linux-4.9, and thunderbird), Fedora (jbig2dec, libextractor, sphinx, and thunderbird), Mageia (expat, kconfig, mediawiki, nodejs, openldap, poppler, thunderbird, webkit2, and wireguard), openSUSE (buildah, ghostscript, go1.12, libmirage, python-urllib3, rdesktop, and skopeo), SUSE (python-Django), and Ubuntu (exim4, ibus, and Wireshark).

  • Open Source Security Podcast: Episode 161 - Human nature and ad powered open source

    Josh and Kurt start out discussing human nature and how it affects how we view security. A lot of things that look easy are actually really hard. We also talk about the npm library Standard showing command line ads. Are ads part of the future of open source?

  • Skidmap malware drops LKMs on Linux machines to enable cryptojacking, backdoor access

    Researchers have discovered a sophisticated cryptomining program that uses loadable kernel modules (LKMs) to help infiltrate Linux machines, and hides its malicious activity by displaying fake network traffic stats. Dubbed Skidmap, the malware can also grant attackers backdoor access to affected systems by setting up a secret master password that offers access to any user account in the system, according to Trend Micro threat analysts Augusto Remillano II and Jakub Urbanec in a company blog post today. “Skidmap uses fairly advanced methods to ensure that it and its components remain undetected. For instance, its use of LKM rootkits – given their capability to overwrite or modify parts of the kernel – makes it harder to clean compared to other malware,” the blog post states. “In addition, Skidmap has multiple ways to access affected machines, which allow it to reinfect systems that have been restored or cleaned up.”

  • Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency-Mining Payload

    Cryptocurrency-mining malware is still a prevalent threat, as illustrated by our detections of this threat in the first half of 2019. Cybercriminals, too, increasingly explored new platforms and ways to further cash in on their malware — from mobile devices and Unix and Unix-like systems to servers and cloud environments. They also constantly hone their malware’s resilience against detection. Some, for instance, bundle their malware with a watchdog component that ensures that the illicit cryptocurrency mining activities persist in the infected machine, while others, affecting Linux-based systems, utilize an LD_PRELOAD-based userland rootkit to make their components undetectable by system monitoring tools.

Oracle launches completely autonomous operating system

Together, these two solutions provide automated patching, updates, and tuning. This includes 100 percent automatic daily security updates to the Linux kernel and user space library. In addition, patching can be done while the system is running, instead of a sysadmin having to take systems down to patch them. This reduces downtime and helps to eliminate some of the friction between developers and IT, explained Coekaerts. Read more

Software: Zotero, PulseCaster and Qt Port of SFXR

  • Zotero and LibreOffice

    If you’re working with LibreOffice and need to create a bibliography, this software makes it simple to manage your citations. You can tell how few people use LibreOffice’s Bibliography Database by the fact that a bug that would take 10 minutes to fix has survived since 2002. Instead, those who need bibliographies or citations rely on other software such as Zotero, which can be integrated into LibreOffice with an extension. That robust bug is that the Citation Format in the database table is called the Short Name in the input fields. Even more confusing, the examples give an arbitrary name, when to work with the citation insertion tool in Insert | Table of Contents and Index | Insert Bibliography Entry, it should in a standard form, such as (Byfield: 2016) for the MLA format. Add the fact that a single database is used for all files – an absurdity in these memory-rich days – and the neglect of the Bibliography Database is completely understandable.

  • PulseCaster 0.9 released!

    For starters, PulseCaster is now ported to Python 3. I used Python 3.6 and Python 3.7 to do the porting. Nothing in the code should be particular to either version, though. But you’ll need to have Python 3 installed to use it, as most Linux bistros do these days. Another enhancement is that PulseCaster now relies on the excellent pulsectl library for Python, by George Filipkin and Mike Kazantsev. Hats off to them for doing a great job, which allowed me to remove many, many lines of code from this release. Also, due the use of PyGObject3 in this release, there are numerous improvements that make it easier for me to hack on. Silly issues with the GLib mainloop and other entrance/exit stupidity are hopefully a bit better now. Also, the code for dealing with temporary files is now a bit less ugly. I still want to do more work on the overall design and interface, and have ideas. I’ve gotten way better at time management since the last series of releases and hope to do some of this over the USA holiday season this late fall and winter (but no promises).

  • SFXR Qt 1.3.0

    I just released version 1.3.0 of SFXR Qt, my Qt port of the SFXR sound effect generator.