Language Selection

English French German Italian Portuguese Spanish

webOS Open Source Edition 2.1 Released For Continuing The Palm/HP/LG Linux Distro

Filed under
OS
Linux
Gadgets

Released at the end of October to little fanfare was webOS Open Source Edition 2.0, the open-source Linux OS currently in development by LG for use on their Smart TVs and other digital products. With webOS Open Source Edition 2.0, they began setting their sights on automobiles and other potential use-cases. That was then extended by this week's release of webOS OSE 2.1.

WebOS Open Source Edition is the open-source spin of this Linux OS that has been controlled by LG Electronics now for the past number of years. This is the operating system formerly developed at Palm a decade ago already before being acquired by HP. The initial webOS Open-Source Edition came last year while this second installment arrived at the end of October.

Read more

Direct: webOS OSE 2.1.0 Release

webOS OSE 2.0 Adds Support for Rapsberry Pi 4, Dual Displays

Android and iOS may currently dominate the smartphone OS...

  • webOS Open Source Edition adds support for Raspberry Pi 4, dual displays, and more

    Android and iOS may currently dominate the smartphone operating system space, but a one-time rival is still alive and kicking. It’s just not designed to run on phones anymore.

    Last year LG released webOS Open Source Edition in an effort to bring the software to new platforms. And a series of recent updates have added support for new hardware and laid the groundwork for webOS OSE to be used in automotive systems as well as other types of products,

webOS Open Source Edition 2.0 keeps Palm’s spirit alive in cars

  • webOS Open Source Edition 2.0 keeps Palm’s spirit alive in cars and IoT

    Palm’s name may have recently been revived in a small way, quite literally, with a tiny companion Android phone. Ever since it got bought then sold by HP, however, Palm has been nothing more than a historical footnote in the consumer tech market. That’s not to say its legacy doesn’t live on today and at least one effort is trying to keep it on life support thanks to version 2.0 of the webOS Open Source Edition.

    webOS was born in a time when Android and iOS didn’t yet have a duopoly on the mobile market. As the name that has become synonymous with PDAs, Palm tried to reinvent and make itself more relevant with the Linux-based webOS and its card-centric interface for phones. It failed and was later acquired by HP who tried to do the same for tablets. That too failed and webOS was sold off to LG to use for its smart TVs before unleashing an Open Source Edition last year.

    That webOS OSE, as it is called, reached a version 2.0 milestone last month, proving that the project was still alive. Just last week, version 2.1 was also released, proving it was more than just alive, it was also well and kicking. Better yet, at least for fans, it was growing beyond its smart TV confines and into smart homes and smart cars.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security: Patches, Core Infrastructure Initiative (CII), Crypto AG, More Issues

  • Security updates for Tuesday

    Security updates have been issued by Arch Linux (systemd and thunderbird), Debian (clamav, libgd2, php7.3, spamassassin, and webkit2gtk), Fedora (kernel, kernel-headers, and sway), Mageia (firefox, kernel-linus, mutt, python-pillow, sphinx, thunderbird, and webkit2), openSUSE (firefox, nextcloud, and thunderbird), Oracle (firefox and ksh), Red Hat (curl, java-1.7.0-openjdk, kernel, and ruby), Scientific Linux (firefox and ksh), SUSE (sudo and xen), and Ubuntu (clamav, php5, php7.0, php7.2, php7.3, postgresql-10, postgresql-11, and webkit2gtk).

  • The Linux Foundation and Harvard’s Lab for Innovation Science Release Census for Open Source Software Security

    The Linux Foundation’s Core Infrastructure Initiative (CII), a project that helps support best practices and the security of critical open source software projects, and the Laboratory for Innovation Science at Harvard (LISH), today announced the release of ‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software.` This Census II analysis and report represent important steps towards understanding and addressing structural and security complexities in the modern day supply chain where open source is pervasive, but not always understood. Census II identifies the most commonly used free and open source software (FOSS) components in production applications and begins to examine them for potential vulnerabilities, which can inform actions to sustain the long-term security and health of FOSS. Census I (2015) identified which software packages in the Debian Linux distribution were the most critical to the kernel’s operation and security. “The Census II report addresses some of the most important questions facing us as we try to understand the complexity and interdependence among open source software packages and components in the global supply chain,” said Jim Zemlin, executive director at the Linux Foundation. “The report begins to give us an inventory of the most important shared software and potential vulnerabilities and is the first step to understand more about these projects so that we can create tools and standards that results in trust and transparency in software.”

  •                    
  • [Attackers] are demanding nude photos to unlock files in a new ransomware scheme targeting women
                         
                           

    The malware doesn’t appear to be the first to demand explicit images: In 2017, security firm Kaspersky reported another type of ransomware that demanded nude photos in exchange for unlocking access to infected computers. In other cases, scammers on dating apps have requested nude photos from would-be suitors, then held them for ransom by threatening to leak the photos.

  • Alarming ‘Hidden’ Cyber Attack Leaves Millions Of Windows And Linux Systems Vulnerable [Ed: Misleading headline from decades-long Microsoft booster. This isn't an OS level issue.]

    Vulnerabilities that can be hidden away out of sight are amongst the most-coveted by cyber-criminals and spooks alike. That's why zero-day vulnerabilities are deemed so valuable, and cause so much high-level concern when they are exposed. It's also why the CIA secretly purchased an encryption equipment provider to be able to hide backdoors in the products and spy upon more than 100 governments. While we are almost accustomed to reading government warnings about vulnerabilities in the Windows operating system, Linux cybersecurity threat warnings are less common. Which is partly why this report on the hidden exploit threat within both Linux and Windows systems caught my eye. The Eclypsium researchers concentrated on unsigned firmware as this is a known attack vector, which can have devastating implications, yet one in which vendors have appeared to be slow taking seriously enough. The unsigned firmware in question was found in peripherals used in computers from Dell, Lenovo and HP as well as other major manufacturers. They also demonstrated a successful attack using a network interface card with, you guessed it, unsigned firmware that is used by the big three server manufacturers. "Despite previous in-the-wild attacks," the report said, "peripheral manufacturers have been slow to adopt the practice of signing firmware, leaving millions of Windows and Linux systems at risk of firmware attacks that can exfiltrate data, disrupt operations and deliver ransomware." The truth is that, as far as cybersecurity is concerned, much of the defensive effort is focused on the operating system and applications. Hardly surprising, given these are the most visible attack surfaces. By not adding firmware into the threat prevention model, however, organizations are leaving a gaping hole just waiting to be filled by threat actors. "This could lead to implanted backdoors, network traffic sniffing, data exfiltration, and more," says Katie Teitler, a senior analyst at TAG Cyber. "Unfortunately, though, firmware vulnerabilities can be harder to detect and more difficult to patch," she says, "best practice is to deploy automated scanning for vulnerabilities and misconfigurations at the component level, and continuously monitor for new issues or exploits."

  • The Week in Internet News: CIA Had Encryption Backdoor for Decades

    The U.S. CIA secretly had an ownership stake in Swiss encryption company Crypto AG for decades and was able to read encrypted messages sent using the company’s technology, the Washington Post reports. West German intelligence agencies worked with the CIA. Forbes columnist Jody Westby called for a congressional investigation.

  • Insights from Avast/Jumpshot data: Pitfalls of data anonymization

    There has been a surprising development after my previous article on the topic, Avast having announced that they will terminate Jumpshot and stop selling users’ data. That’s not the end of the story however, with the Czech Office for Personal Data Protection starting an investigation into Avast’s practices. I’m very curious to see whether this investigation will confirm Avast’s claims that they were always fully compliant with the GDPR requirements. For my part, I now got a glimpse of what the Jumpshot data actually looks like. And I learned that I massively overestimated Avast’s success when anonymizing this data. [...] The data I saw was an example that Jumpshot provided to potential customers: an excerpt of real data for one week of 2019. Each record included an exact timestamp (milliseconds precision), a persistent user identifier, the platform used (desktop or mobile, which browser), the approximate geographic location (country, city and ZIP code derived from the user’s IP address), a guess for user’s gender and age group. What it didn’t contain was “every click, on every site.” This data sample didn’t belong to the “All Clicks Feed” which has received much media attention. Instead, it was the “Limited Insights Pro Feed” which is supposed to merely cover user’s shopping behavior: which products they looked at, what they added to the cart and whether they completed the order. All of that limited to shopping sites and grouped by country (Germany, UK and USA) as well as product category such as Shoes or Men’s Clothing. This doesn’t sound like there would be all too much personal data? But there is, thanks to a “referrer” field being there. This one is supposed to indicate how the user came to the shopping site, e.g. from a Google search page or by clicking an ad on another website. Given the detailed information collected by Avast, determining this referrer website should have been easy – yet Avast somehow failed this task. And so the supposed referrer is typically a completely unrelated random web page that this user visited, and sometimes not even a page but an image or JSON data. If you extract a list of these referrers (which I did), you see news that people read, their web mail sessions, search queries completely unrelated to shopping, and of course porn. You get a glimpse into what porn sites are most popular, what people watch there and even what they search for. For each user, the “limited insights” actually contain a tiny slice of their entire browsing behavior. Over the course of a week this exposed way too much information on some users however, and Jumpshot customers watching users over longer periods of time could learn a lot about each user even without the “All Clicks Feed.”

  • Byos Cautions RSA Conference 2020 Attendees, Travelers and General Public to “Dirty Half-Dozen” Public Wi-Fi Risks

    Byos, Inc., an endpoint security company focused on concept of Endpoint Microsegmentation through Hardware-Enforced Isolation, recommends caution for attendees of major conferences and events such as the RSA Conference 2020, a leading cybersecurity conference in San Francisco, February 24-28, and travelers in general risks of Free Wi-Fi. Many attendees will access the Internet via multiple free Wi-Fi connection points from Hotels, Airports, Coffee Shops and the Conference itself, and every free Wi-Fi access presents security risks for users that Byos calls “The Dirty Half-Dozen.” [...] The Dirty Half-Dozen risks are: Scanning, enumerating, and fingerprinting Eavesdropping Evil-Twin Wi-Fi Exploits Lateral network infections DNS hijacking

Programming/Development: LLVM, Haskell, Perl and Python

  • LLVM's Go Front-End Was Finally Dropped From The Official Source Tree

    Most probably didn't even realize LLVM had a Go language front-end, but this past week it was dropped from the official source mono repository. This LLVM Go front-end "LLGO" hasn't been maintained in several years and never really took off... Most probably aren't even aware of this Go compiler support for LLVM. So the code has been suffering, it was stuck at Go version 1.5 well behind the latest upstream, it likely has build errors, and there are other nuisances with the code like having an entire copy of Mark Twain's "The Adventures of Tom Sawyer" novel. For those wondering why an entire novel was part of the source tree, it amounted to serving as a compression test case.

  • [llvm-dev] [10.0.0 Release] Release Candidate 2 is here
    Hello everyone,
    
    Release Candidate 2 was tagged earlier today as llvmorg-10.0.0-rc2. It
    includes 98 commits since the previous release candidate.
    
    Source code and docs are available at
    https://prereleases.llvm.org/10.0.0/#rc2 and
    https://github.com/llvm/llvm-project/releases/tag/llvmorg-10.0.0-rc2
    
    Pre-built binaries will be added as they become available.
    
    Please file bug reports for any issues you find as blockers of
    https://llvm.org/pr44555
    
    Release testers: please run the test script, share your results, and
    upload binaries.
    
    I'm hoping we can now start tying up the loose ends, fixing the
    blocking bugs, and getting the branch ready for shipping as a stable
    release soon.
    
    Thanks,
    Hans
    
  • LLVM 10.0's Release Is Very Close With RC2 Available

    The release of LLVM 10.0 is now upon us with the second and last planned release candidate issued at the end of last week. Ongoing LLVM release manager Hans Wennborg tagged LLVM 10.0 RC2 on Thursday with just under one hundred commits since the original release candidate. Since LLVM 10.0 RC1 in January has been a lot of bug fixing and things appear to be settling down for seeing LLVM 10.0 on time or thereabouts with its scheduled release date of 26 February.

  • Excellent Free Tutorials to Learn Haskell

    Haskell is a standardized, general-purpose, polymorphically statically typed, lazy, purely functional language, very different from many programming languages. It enables developers to produce software that’s clear, concise, and correct. This is a mature programming language with the first version defined in 1990. It has a strong, static type system based on Hindley–Milner type inference. The main implementation of Haskell is the Glasgow Haskell Compiler (GHC), an open source native code compiler. Recent innovations include static polymorphic typing, higher-order functions, user-definable algebraic data types, a module system, and more. It has built-in concurrency and parallelism, debuggers, profilers, rich libraries and an active community, with thousands of open source libraries and tools. Haskell offers many advantages to programmers. It helps rapid application development with shorter, clearer code, and higher reliability. It’s suitable for a variety of applications, and often used in academia and industry.

  •      
  • 2020.07 Irky Reblessing
           
             

    Arne Sommer has blogged about a recent breaking change with regards to reblessing objects: Raku and the (Re)blessed Child and Exploring Rebless with Raku. In it, they express frustration with working code suddenly not working anymore. As always, there are two sides to the story, and Arne shows them both.

  •       
  • Python Tools for Record Linking and Fuzzy Matching

    Record linking and fuzzy matching are terms used to describe the process of joining two data sets together that do not have a common unique identifier. Examples include trying to join files based on people’s names or merging data that only have organization’s name and address. This problem is a common business challenge and difficult to solve in a systematic way - especially when the data sets are large. A naive approach using Excel and vlookup statements can work but requires a lot of human intervention. Fortunately, python provides two libraries that are useful for these types of problems and can support complex matching algorithms with a relatively simple API. The first one is called fuzzymatcher and provides a simple interface to link two pandas DataFrames together using probabilistic record linkage. The second option is the appropriately named Python Record Linkage Toolkit which provides a robust set of tools to automate record linkage and perform data deduplication. This article will discuss how to use these two tools to match two different data sets based on name and address information. In addition, the techniques used to do matching can be applied to data deduplication and will be briefly discussed.

  • Slightly Better Iterative Spline Decomposition

    My colleague Bart Massey (who is a CS professor at Portland State University) reviewed my iterative spline algorithm article and had an insightful comment — we don't just want any spline decomposition which is flat enough, what we really want is a decomposition for which every line segment is barely within the specified flatness value. My initial approach was to keep halving the length of the spline segment until it was flat enough. This definitely generates a decomposition which is flat enough everywhere, but some of the segments will be shorter than they need to be, by as much as a factor of two.

Ubuntu: Installing Ubuntu for Raspberry Pi, Canonical's Web and Design, OpenStack Charms and Ceph

  • Canonical Makes It Easier to Download Ubuntu for Raspberry Pi

    Canonical’s Design and Web team have recently updated the official Ubuntu website to make it easier for users to find the right Ubuntu image for their tiny Raspberry Pi computers. In December 2019, Canonical published a support roadmap for the latest Raspberry Pi 4 single-board computer on their Ubuntu Server operating system and pledged to fully support Ubuntu on all Raspberry Pi boards. With the release of Ubuntu 18.04.4 LTS earlier this month, Canonical has also refreshed the Raspberry Pi page on the ubuntu.com website to help users find the right Ubuntu version for their Raspberry Pi boards.

  • Ubuntu Blog: Design and Web team summary – 14 February 2020

    The Web and Design team at Canonical looks after most of our main websites, the brand, our Vanilla CSS framework and several of our products with web front-ends. Here are some of the highlights of our completed work over our last two-week iteration.

  • OpenStack Charms 20.02 – CephFS backend for Manila and more

    The OpenStack Charms 20.02 release introduces support for Ceph File System (CephFS) to be used as storage backed for Manila. CephFS is a POSIX-compliant file system providing a file storage layer on top of Ceph. Manila is an OpenStack project providing shared filesystem services for tenants. Previous releases of OpenStack Charms included manila charm with a generic plugin that could be used to configure the NFS-based backend for Manila. Although this solution was suitable for testing and development, it was not intended for production environments. The CephFS backend for Manila brings the OpenStack shared filesystem service to the enterprise level. This comes through enabling tenants to benefit from all the best features provided by Ceph, such as high availability, fault tolerance, scalability and security. In order to deploy or extend Charmed OpenStack with CephFS backed for Manila, users have to use additional charms (ceph-fs, manila and manila-ganesha). These have been introduced and stabilised in this release. Please refer to the official documentation for information on how to integrate new charms with the existing deployment.

  • Canonical Releases OpenStack Charms 20.02 with CephFS Support, More

    OpenStack Charms 20.02 is available now with CephFS backend for Manila, Policy Overrides for more charms, updated OVN and MySQL 8 previews, and much more.

  • Ceph storage on Ubuntu: An overview

    Ceph is a compelling open-source alternative to proprietary software defined storage solutions from traditional vendors, with a vibrant community collaborating on the technology. Ubuntu was an early supporter of Ceph and its community. That support continues today as Canonical maintains premier member status and serves on the governing board of the Ceph Foundation. With many global enterprises and telco operators running Ceph on Ubuntu, organisations are able to combine block and object storage at scale while tapping into the economic and upstream benefits of open source. Why use Ceph? Ceph is unique because it makes data available in multiple ways: as a POSIX compliant filesystem through CephFS, as block storage volumes via the RBD driver and for object store, compatible with both S3 and Swift protocols, using the RADOS gateway. A common use case for Ceph is to provide block and object store to OpenStack clouds via Cinder and as a Swift replacement. Kubernetes has similarly adopted Ceph as a popular way for physical volumes (PV) as a Container Storage Interface (CSI) plugin. Even as a stand-alone, Ceph is a compelling open-source storage alternative to closed-source, proprietary solutions as it reduces OpEx costs organisations commonly accrue with storage from licensing, upgrades and potential vendor lock-in fees.

Android Leftovers