Linux pioneer Linus Torvalds is a stand-up guy -- he says what he feels. There's no sugarcoating, and he'll admit to faults, like recent issues with the Linux 4.8 kernel.
He was full of surprises at last week's Linaro Connect conference, when he was asked about his favorite chip architecture. He didn't blink before saying it was x86, not ARM.
It may have been the long history of x86 with PCs that influenced his answer. There's little fragmentation of software and hardware with x86, and things just work.
SolidRun has updated its tiny, Linux-ready i.MX6 based MicroSoM modules with optional eMMC and NOR flash, improved FlexCAN, and TI WiLink8 wireless.
SolidRun has refurbished its NXP i.MX6-based MicroSoM computer-on-modules with new rev 1.5 versions featuring optional eMMC and/or NOR flash, among other additions. Despite some minor mechanical redesigns, the modules have the same 47 x 30mm dimensions, and are backward compatible. They can be plugged into existing MicroSoM companion products such as SolidRun’s sandwich-style, open-spec HummingBoard SBCs and CuBox-i mini-PCs. All the modules continue to run Linux or Android.
TODAY'S Legend of Linux is Ralf Flaxa, president of engineering at Suse (that's the one with the gecko logo).
Flaxa has worked on Linux since the beginning and has been at Suse since 2002 in charge of several projects that have been rolled out not just at Suse but across the whole Linux ecosystem.
Qt 5.8 will include IoT-oriented “Qt Lite” technology that enables fine-grained configuration and supports small-footprint IoT gizmos without OpenGL.
The Qt Company announced a Qt Lite project that aims to extend the Qt development framework to smaller footprint Internet of Things devices with as little as 16MB RAM and flash. The Qt Lite technology will initially appear in Qt 5.8, including a more flexible configuration system for the cross-platform development framework, as well as a new 2D renderer for devices that can’t run OpenGL. Qt Lite also provides a more accessible, lightweight set of development tools.
There are plenty of useful and well-thought-out features on Tesla’s 17-in touchscreen, but the internet browser is not one of them. For years now, we have been used to high-speed internet browsing on our laptops, desktop and now even or phones, but Tesla’s browser is so slow that it feels like it’s from another era.
Model S and X owners have been asking for an update to the browser for a long time and unfortunately, it didn’t come with the recent 8.0 update, but Tesla CEO Elon Musk said yesterday that it will with an upcoming update, which will likely be in December.
Tesla’s operating system is built on a modified version of Linux Ubuntu. Musk says that Tesla aims to upgrade the Linux OS to 4.4 in Tesla vehicles in December. That’s when he expects they will be able to update the browser.
After nearly exactly two months, Linus Torvalds released kernel 4.8 into the wild on Sunday, October 2nd. Torvalds dubbed 4.8 Psychotic Stoned Sheep, probably inspired by the news that a flock of woolly ruminants ate some abandoned cannabis and, high as kites, run amok in rural Wales, striking terror into the hearts of the locals.
This has been one of the larger releases, with many patches being sent in before the first release candidate was published. However, Torvalds attributes many of the changes to the switch to a new documentation format -- instead of using the DocBook, documentation must now be submitted in the Sphinx doc format.
Two days after announcing the release of the Linux 4.8 kernel as the latest stable and most advanced kernel branch for GNU/Linux operating systems, Linus Torvalds apologizes on the kernel mailing list for the inclusion of bug.
According to Mr. Torvalds, the bug was left in the last RC8 (Release Candidate 8) build by kernel developer Andrew Morton, which caused problems when attempting to compile it, thus resulting in a dead kernel. If you're curious, the full report is attached to Linus Torvalds' mailing list announcement.
Midway through SUPERSEDE, the EU three-year project backed by €3.25m in funding to make software better, software still sucks.
It's always been thus, but now that computer code has a say in the driving of Teslas, confronts everyone daily on smartphones, and has crept into appliances, medical devices, and infrastructure, it's a more visible problem.
Robert Vamosi, security strategist at Synopsys, told The Register in a phone interview that software quality matters more than ever.
"We're seeing real-world examples of automobiles remotely attacked and medical devices being suspended when they need to keep functioning," he said. "It's becoming life-critical."
The organizations involved in SUPERSEDE – ATOS, Delta Informatica, SEnerCon, Siemens, Universitat Politècnica de Catalunya (UPC), the University of Applied Sciences and Arts Northwestern Switzerland (FHNW), and the University of Zurich (UZH) – aim to improve the user experience of their software products with a toolkit to provide better feedback and analytics data to application developers.
OAuth is an open standard in authorization that allows delegating access to remote resources without sharing the owner's credentials. Instead of credentials, OAuth introduces tokens generated by the authorization server and accepted by the resource owner.
In OAuth 1.0, each registered client was given a client secret and the token was provided in response to an authentication request signed by the client secret. That produced a secure implementation even in the case of communicating through an insecure channel, because the secret itself was only used to sign the request and was not passed across the network.
OAuth 2.0 is a more straightforward protocol passing the client secret with every authentication request. Therefore, this protocol is not backward compatible with OAuth 1.0. Moreover, it is deemed less secure because it relies solely on the SSL/TLS layer. One of OAuth contributors, Eran Hammer, even said that OAuth 2.0 may become "the road to hell," because:
"… OAuth 2.0 at the hand of a developer with deep understanding of web security will likely result in a secure implementation. However, at the hands of most developers – as has been the experience from the past two years – 2.0 is likely to produce insecure implementations."
Despite this opinion, making a secure implementation of OAuth 2.0 is not that hard, because there are frameworks supporting it and best practices listed. SSL itself is a very reliable protocol that is impossible to compromise when proper certificate checks are thoroughly performed.
Of course, if you are using OAuth 1.0, then continue to use it; there is no point in migrating to OAuth 2.0. But if you are developing a new mobile or an Angular web application (and often mobile and web applications come together, sharing the same server), then OAuth 2.0 will be a better choice. It already has some built-in support in the OWIN framework for .NET that can be easily extended to create different clients and use different security settings.
Johnson & Johnson is telling patients that it has learned of a security vulnerability in one of its insulin pumps that a hacker could exploit to overdose diabetic patients with insulin, though it describes the risk as low.
Medical device experts said they believe it was the first time a manufacturer had issued such a warning to patients about a cyber vulnerability, a hot topic in the industry following revelations last month about possible bugs in pacemakers and defibrillators.
J&J executives told Reuters they knew of no examples of attempted hacking attacks on the device, the J&J Animas OneTouch Ping insulin pump. The company is nonetheless warning customers and providing advice on how to fix the problem.
As KrebsOnSecurity observed over the weekend, the source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released. Here’s a look at which devices are being targeted by this malware.
The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default usernames and passwords. Many readers have asked for more information about which devices and hardware makers were being targeted. As it happens, this is fairly easy to tell just from looking at the list of usernames and passwords included in the Mirai source code.
A number of last minute XWayland improvements/fixes landed today in the Git code-base ahead of this month's X.Org Server 1.19 release.
XWayland changes hitting the xorg-server Git today include creating a secondary input device to be used for pointer warping/locking, pointer warp emulation, touch fixes, and other xwayland changes.
If you have a GCN 1.0 Southern Islands or GCN 1.1 Sea Islands graphics card and have been wanting to play with the experimental AMDGPU kernel DRM driver as an alternative to the Radeon DRM driver, here's an opportunity for Ubuntu/Debian users.
With the forthcoming Linux 4.9 kernel is the new experimental Kconfig option to enable GCN 1.0 GPU support in AMDGPU, complementing the existing GCN 1.1 build-time option for turning on support there in this more modern DRM driver. In case you missed my tests this week of the experimental functionality in AMDGPU DRM, see AMDGPU vs. Radeon GCN 1.0/1.1 Performance On Linux 4.9 DRM-Next and Regressed R9 290 Isn't Affected By Issue When Using AMDGPU DRM Driver.
Dave Chinner has submitted his XFS file-system updates for the Linux 4.9 kernel. This time around most of the changes are internal to the open-source file-system rather than boasting new end-user features.
XFS for Linux 4.9 has improvements to the iomap-based DAX infrastructure, iomap fixes and changes, more efficient XFS delayed allocation using iomap, preparation patches for upcoming reflink support, and other prep changes and internal improvements.
More changes in Linux 4.9:
The latest Tizen based smartwatch, the Gear S3, has been launched at the end of August. This gear device builds on the hit features of the Gear S2, the circular screen and rotating bezel immediately come to mind, and adds more features for the fashion and sports conscious amongst us.
We’ve been following the launch of the Samsung Z2 closely, as you would expect from Tizen Experts, and we knew that Kenya was the next market to be graced by the Z2 and its 4G capabilities. Well it looks like today is the day as Samsung has been sending out Press Invites for the event over the last few days.
Many of our readers have been waiting for Xender, a file transfer & sharing app, to be released on the Tizen Store and today it finally has. Do you need to transfer a file between mobile phones or between your phone and the pc? This is what Xender is designed to do and it does it quite well. The app boasts at being the fastest all-in-one file transfer and sharing app!
Samsung and hackster.io had announced an ‘IOT challenge Using ARTIK Cloud” a couple of months ago in order to bring the maker and developer community on board to samsung’s cloud platform. The deadlines for submissions of project ideas are about to close in 5 days at the time of writing. A huge list of entries have been flooding the doors of hackster.io and Samsung ever since the contest was announced.