The MacBook Pro introduction in October caused unusually negative reactions among professional users due to the realization that Apple no longer caters equally to casual and professional customers as it had in the past [YouTube video]. Instead, the company appears to be following an iOS-focused, margin-driven strategy that essentially relegates professionals to a fringe group. This has well-known developers such as Salvatore Sanfilippo (of the Redis project) consider a move back to Linux. Perhaps that's a good moment to look at the current state of Mac hardware support in the kernel. While Macs are x86 systems, they possess various custom chips and undocumented quirks that the community needs to painstakingly reverse-engineer.
There is an interesting subset of Linux users that prefer to run it on a Mac. Yes, a Mac. That might seem odd given how Apple is known for its closed ecosystems and high cost hardware, but the Linux on Mac folks really do exist out there.
But how well does the Linux kernel support Mac hardware? LWN.net has a “state of the union” article for Linux on the Mac that could be quite helpful if you are thinking about installing Linux on your Mac.
There is yet another new Linux kernel vulnerability being disclosed today that allows for unprivileged processes to gain kernel code execution abilities.
This new vulnerability is CVE-2016-8655 but it doesn't seem to be getting too much attention yet. CVE-2016-8655 comes down to a race condition within the af_packet.c code for gaining local root access. The researcher that found it was able to write an exploit to gain root shell on an Ubuntu 16.04 LTS system and defeats SMEP/SMAP protection too.
Just a quick note: on recent versions of systemd it is relatively easy to block the vulnerability described in CVE-2016-8655 for individual services.
Since systemd release v211 there's an option RestrictAddressFamilies= for service unit files which takes away the right to create sockets of specific address families for processes of the service. In your unit file, add RestrictAddressFamilies=~AF_PACKET to the [Service] section to make AF_PACKET unavailable to it (i.e. a blacklist), which is sufficient to close the attack path. Safer of course is a whitelist of address families whch you can define by dropping the ~ character from the assignment. Here's a trivial example:
The IBM i operating system is proprietary; its Licensed Internal Code (LIC) is private, and good luck getting into the innards of DB2 for i. But for all the top-secret code running in an IBM i server, there's a surprising amount of open source technology available for the platform, too. Here are the top seven open source products every IBM i shop should have, or at least be aware of.
These products are in no particular order. But we would be remiss if we didn't start with the big one from IBM itself.
Docker aims to directly integrate storage capabilities into its container engine, while still leaving room for organizations to choose other storage technologies.
Docker Inc. announced on December 6 that it is acquiring privately-held distributed storage vendor Infinit. Financial terms of the deal are not being publicly disclosed.
Do you like to cook? No, me neither. And that’s largely because I don’t know how to cook.
Could a desktop cooking app help? GNOME’s Matthias Clasen is hoping so, and has started work on a brand-new desktop recipe app that you — and anyone you know — can help contribute to.
Looking for free stop motion animation software? If so, you’ll definitely want to check out Heron Animation.
A free program, Heron Animation lets you take a series of pictures from a connected webcam and assemble each shot into a real moving animation.
The tool, which is written in web technologies, pitches itself as ‘perfect for beginners and more experienced animators alike’. That sort of balance is notoriously hard to achieve.
EasyTAG, an open-source, simple, free, and cross-platform application for viewing and editing tags in audio files, supporting MP3, MP4, FLAC, Ogg, MusePack, Monkey's Audio, and WavPack files, was updated to version 2.4.3.
It's been more than nine months since EasyTAG 2.4.2 was released, and we're now finally able to update the software on our GNU/Linux or Windows operating systems. Version 2.4.3 is out as of December 5, 2016, bringing support for MP4 files that use the .aac file extension, as well as Adwaita-style artist and album icons.
GNUzilla is the GNU version of the Mozilla suite, and GNU IceCat is the GNU version of the Firefox browser. Its main advantage is an ethical one: it is entirely free software. While the Firefox source code from the Mozilla project is free software, they distribute and recommend non-free software as plug-ins and addons. Also their trademark license restricts distribution in several ways incompatible with freedom 0.
The founder and coordinator of the FreeDOS Project writes about FreeDOS 1.2, which is scheduled for a Christmas Day release. There is good news for classic gamers and nostalgia buffs: this one’s got games.
Does it happen to you, too, that there are moments where you ask yourself why others want something from you that is there already since a while? Exactly this happened with https://keyserver.opensuse.org/: the original machine was set up a long time ago to make it easier for people attending the openSUSE GPG key-signing parties, but it looks like nobody officially announced this “new service” for our users…
…and so here we are: the openSUSE Heroes team is pleased to announce that keyserver.opensuse.org is up and running as public GPG keyserver. We are of course also part of the official keyserver pool, which means that some people might already noticed us, as they got redirected to our server with their requests. (And for those who are interested to setup their own SKS keyserver: we have also written a nice monitoring plugin that helps you keeping an eye on the pool status of your machine and the ones of your peers.)
"That was one of the reasons why we chose an open-source model. We want be open, want people to trust us, want to overcome that barrier they have in mind, those strong beliefs that there's nothing but Microsoft Office, that nothing better could be created. We won't change our mind about open source."
Bannov says he ultimately sees OnlyOffice becoming a firm that provides consulting, technical support and remote managed services to companies using its open-source products.
Today, December 7, 2016, Collabora Productivity, through Michael Meeks, is proud to inform Softpedia about the general availability of the long anticipated Collabora Online 2.0 office suite based on the LibreOffice, Nextcloud, and ownCloud technologies.
After being in development for the past six months, Collabora Online 2.0 is finally here as the powerful cloud-based office suite that promises to protect users' privacy and freedom of expression while editing various documents formats online. Collabora Online is mainly targeted at the enterprise world, hosting and cloud businesses.
Ubuntu OTA-14, the latest over the air update to Ubuntu phone and tablet, has begun to roll out to supported devices. “This time not so many changes released in overall but with the goal of introducing less regressions,” says Canonical’s Lukasz Zemczak in the release announcement mailing list post.