Language Selection

English French German Italian Portuguese Spanish

Linux

Blacklisting insecure filesystems in openSUSE

Filed under
Linux

The Linux kernel supports a wide variety of filesystem types, many of which have not seen significant use — or maintenance — in many years. Developers in the openSUSE project have concluded that many of these filesystem types are, at this point, more useful to attackers than to openSUSE users and are proposing to blacklist many of them by default. Such changes can be controversial, but it's probably still fair to say that few people expected the massive discussion that resulted, covering everything from the number of OS/2 users to how openSUSE fits into the distribution marketplace.
On January 30, Martin Wilck started the discussion with a proposal to add a blacklist preventing the automatic loading of a set of kernel modules implementing (mostly) old filesystems. These include filesystems like JFS, Minix, cramfs, AFFS, and F2FS. For most of these, the logic is that the filesystems are essentially unused and the modules implementing them have seen little maintenance in recent decades. But those modules can still be automatically loaded if a user inserts a removable drive containing one of those filesystem types. There are a number of fuzz-testing efforts underway in the kernel community, but it seems relatively unlikely that any of them are targeting, say, FreeVxFS filesystem images. So it is not unreasonable to suspect that there just might be exploitable bugs in those modules. Preventing modules for ancient, unmaintained filesystems from automatically loading may thus protect some users against flash-drive attacks.

If there were to be a fight over a proposal like this, one would ordinarily expect it to be concerned with the specific list of unwelcome modules. But there was relatively little of that. One possible exception is F2FS, the presence of which raised some eyebrows since it is under active development, having received 44 changes in the 5.0 development cycle, for example. Interestingly, it turns out that openSUSE stopped shipping F2FS in September. While the filesystem is being actively developed, it seems that, with rare exceptions, nobody is actively backporting fixes, and the filesystem also lacks a mechanism to prevent an old F2FS implementation from being confused by a filesystem created by a newer version. Rather than deal with these issues, openSUSE decided to just drop the filesystem altogether. As it happens, the blacklist proposal looks likely to allow F2FS to return to the distribution since it can be blacklisted by default.

Read more

A Psion Palmtop Successor Has Arrived and It Runs Android and Linux

Filed under
Android
Linux
Gadgets

A lot of people probably remember the 1990s palmtop computers made by Psion fondly. The clamshell-design palmtops were pocketable, black and white, but had a working stylus and a fantastic tactile foldout QWERTY keyboard that you could type pretty substantial documents on or even write code with. A different company -- Planet Computers -- has now produced a spiritual successor to the old Psion palmtops called the Gemini PDA that is much like an old Psion but with the latest Android smartphone hardware in it and a virtually identical tactile keyboard. It can also dual boot to Linux (Debian, Ubuntu, Sailfish) alongside Android. The technical specs are a MediaTek deca-core processor, 4GB RAM, 64GB storage (plus microSD slot), 4G, 802.11c Wi-Fi, GPS, Bluetooth, eSIM support, and 4,220mAh battery. The screen measures in at 5.99-inches with a 2,160 x 1,080 (403ppi) resolution. The only thing missing seems to be the stylus -- but perhaps that would have complicated manufacturing of this niche-device in its first production run.

Read more

Eensy-weensy i.MX8M Mini module also powers SBC

Filed under
Android
Linux

CompuLab’s Linux-driven, 38 x 28mm “UCM-iMX8M-Mini” module features an i.MX8M Mini, WiFi/BT, and up to 4GB RAM and 64GB eMMC. The COM also ships on a sandwich-style “SBC-iMX8M-Mini” SBC.

CompuLab unveiled a Linux-driven computer-on-module with NXP’s new i.MX8M Mini SoC. At 38 x 28 x 4mm, the UCM-iMX8M-Mini is considerably smaller than CompuLab’s i.MX8M-based, 68 x 42mm CL-SOM-iMX. The module is also smaller than the two other Mini-based COMs we’ve seen so far: F&S Elektronik Systeme’s 40 x 35mm PicoCore MX8MM and Variscite’s 55 x 30mm DART-MX8M-Mini.

Read more

HTTP Vs. HTTPS

Filed under
Linux

The internet runs on protocols. Rules and norm defined so that there is some form of standardization. One such protocol is the HyperText Transfer Protocol(HTTP).

Read more

5 of the Best Linux Distros for Developers and Programmers

Filed under
Development
GNU
Linux

One of the reasons Linux is great is because of how flexible it is. For example, it can run on everything from servers to your old laptop to a Raspberry Pi. For this reason, it’s also a fantastic platform for developers.

Whether you’re a seasoned developer or just using Linux to learn to program, you still have to choose a distribution. You could just choose Ubuntu and run with it, but there are plenty of “other options available to you.”

Read more

How To Automatically Change GNOME Background In Intervals Using BASH

Filed under
Linux

Have you ever wanted to have that automatic background switching feature on your GNOME Linux distro? I missed that feature after I switched from Cinnamon to GNOME Sad Searched for apps in the software center and alas there is none that I could find. However, today I’m happy to let you know that there is a workaround to this missing feature through the use of BASH scripting language.

Read more

Arm-based IoT gateway runs on Moxa Industrial Linux

Filed under
Linux
Hardware

Moxa announced a -40 to 85°C tolerant “UC-8200” IoT gateway that runs Moxa Industrial Linux on a dual-core, -A7 SoC and offers dual GbE, RS-232/422/485, and mini-PCIe links, plus a CAN port, WiFi/BT, and optional 4G LTE.

Moxa, which announced its Cortex-A8-based UC 2100 series of Industrial IoT gateways last April, partially unveiled a new IIoT gateway called the UC-8200. The system features an unnamed dual-core, Cortex-A7 SoC that “has been optimised for use in energy monitoring systems but is widely applicable to a variety of industrial solutions,” according to the PR-like Control Engineering story that announced the product along with a shorter Industrial Ethernet Book post.

Eventually, a product page should appear with missing details such as RAM and storage. Yet, even the product page for the similar UC-8100 series fails to describe the Cortex-A8 SoC. Other specs are complete, however, such as the earlier model’s 256MB to 512MB DDR3 and 8GB eMMC. (Update: LinuxGizmos reader Arnd Bergmann spotted the earlier UC-8100’s SoC family in the firmware image’s device tree. It’s a TI Sitara AM33x, perhaps one of the AM335x family, which runs on BeagelBone boards.)

Read more

Also: Arm Neoverse N1 & E1 Platforms Announced For Cloud To Edge Computing

Stable kernels 4.20.11, 4.19.24, 4.14.102, 4.9.159 , 4.4.175 and 3.18.135

Filed under
Linux
  • Linux 4.20.11

    I'm announcing the release of the 4.20.11 kernel.

    All users of the 4.20 kernel series must upgrade.

    The updated 4.20.y git tree can be found at:
    git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.20.y
    and can be browsed at the normal kernel.org git web browser:
    http://git.kernel.org/?p=linux/kernel/git/stable/linux-st...

  • Linux 4.19.24
  • Linux 4.14.102
  • Linux 4.9.159
  • Linux 4.4.175
  • Linux 3.18.135

Do Linux distributions still matter with containers?

Filed under
Linux

Some people say Linux distributions no longer matter with containers. Alternative approaches, like distroless and scratch containers, seem to be all the rage. It appears we are considering and making technology decisions based more on fashion sense and immediate emotional gratification than thinking through the secondary effects of our choices. We should be asking questions like: How will these choices affect maintenance six months down the road? What are the engineering tradeoffs? How does this paradigm shift affect our build systems at scale?

It's frustrating to watch. If we forget that engineering is a zero-sum game with measurable tradeoffs—advantages and disadvantages, with costs and benefits of different approaches— we do ourselves a disservice, we do our employers a disservice, and we do our colleagues who will eventually maintain our code a disservice. Finally, we do all of the maintainers (hail the maintainers!) a disservice by not appreciating the work they do.

Read more

A developer is working on turning a Nintendo Switch into an Android tablet

Filed under
Android
Linux
Gadgets

The Nintendo Switch is Nintendo’s latest console/handheld, and it’s doing really well for itself in terms of sales and appeal. It also marks a change in attitude from Nintendo as well, as the device is not only powered by an Nvidia Tegra system-on-chip, but the company even reportedly wanted to employ the now-defunct Cyanogen Inc. to develop their operating system. Since the discovery of the Fusée Gelée vulnerability, Switch modding has really taken off in the community. Users have theorized for a long time now whether it would be possible to port Android to the Switch. After all, Linux has been ported to it and the device uses the Tegra X1 SoC for which there is documentation to refer to. All that’s left is the blood, sweat, and tears of developers interested enough in porting Android. One developer by the name of ByLaws is taking the challenge of turning a Nintendo Switch into an Android tablet.

Read more

Syndicate content