First time accepted submitter PAjamian writes "Maintainers of the Anaconda installer in Fedora have taken it upon themselves to show passwords in plaintext on the screen as they are entered into the installer. Following on the now recanted statements of security expert Bruce Schneier, Anaconda maintainers have decided that it is not a security risk to show passwords on your screen in the latest Alpha release of Fedora 19. Members of the Fedora community on the Fedora devel mailing list are showing great concern over this change in established security protocols." Note: the change was first reported in the linked thread by Dan Mashal.

An anonymous reader writes with a link to a recent post on Red Hat senior interaction designer Máirín Duffy's blog with an illuminating look at Red Hat's design process, and how things like graphic elements, widget behavior, and bootup time are taken into account. It starts: "So I have this thing on my desk at Red Hat that basically defines a simple design process. (Yes, it also uses the word 'ideate' and yes, it sounds funny but it is a real word apparently!) While the mailing list thread on the topic at this point is high-volume and a bit chaotic, there is a lot of useful information and suggestions in there that I think could be pulled into a design process and sorted out. So I took 3 hours (yes, 3 hours) this morning to wade through the thread and attempt to do this."

darthcamaro writes "The JBoss Application Server is no more. Just like Red Hat killed Red Hat Linux in 2003 to make way for Fedora, the same is now happening with JBoss and the new WildFly project. 'There was of course the application server, there are a number of JBoss commercial products, there was the community site, etc., so when you asked someone "What is JBoss?" the answer was varied,' Jason Andersen, director, product line management, at Red Hat, explained. 'What we wanted to do was cement the idea that JBoss is a portfolio of middleware products and not just the application server.'"

darthcamaro writes "Red Hat still doesn't have a fully supported commercial version of OpenStack in the market yet (coming this summer) as it lags behind Ubuntu and SUSE. But Red Hat is doing something no other distro vendor has done, they are launching a brand new bleeding edge build of OpenStack that will update weekly (or faster). The best part? This isn't a fork. It's all upstream work, meaning everyone in the OpenStack Community benefits. From the article: '"Our developers will continue to work in the upstream OpenStack, and "whenever we find we need to make changes to make RDO work, we get that work done upstream first," Red Hat CTO Brian Stevens said. "RDO won't change in any way our active involvement in the upstream OpenStack development."'

netbuzz writes "A federal judge in Texas, presiding over a district notorious for favoring patent trolls, has summarily dismissed all claims relating to a case brought by Uniloc USA against Rackspace for [Linux] allegedly infringing upon [Uniloc's] patents. Red Hat defended Rackspace in the matter and issued a press release saying: 'In dismissing the case, Chief Judge Leonard Davis found that Uniloc's claim was unpatentable under Supreme Court case law that prohibits the patenting of mathematical algorithms. This is the first reported instance in which the Eastern District of Texas has granted an early motion to dismiss finding a patent invalid because it claimed unpatentable subject matter.'" You can't patent floating point math after all.

psykocrime writes "The crazy kids at Fogbeam Labs have started a discussion about Google and their relationship with the Open Web, and questioning who will step up to defend these principles, even as Google seem to be abdicating their position as such a champion. Some candidates mentioned include Yahoo, IBM, Red Hat, Mozilla, Microsoft and The Wikimedia Foundation, among others. The question is, what organization(s) have both the necessary clout and the required ethical principles, to truly champion the Open Web, in the face of commercial efforts which are clearly inimical to Open Source, Open Standards, Libre Culture and other elements of an Open Web?"

sfcrazy writes "Quite a lot of people raised their eyebrows the way ex-Red Hat developer Matthew Garrett made Microsoft the 'universal' control of any desktops PCs running with UEFI secure boot. Though the intentions of Garrett were clear — to enable GNU/Linux to be able to run Linux on Windows 8 certified PCs with secure boot; it was clearly putting Microsoft in a very powerful position. Linus, while a supporter of secure boot, exploded at Garrett and Howells when they proposed its inclusion in the kernel. Linus responded: 'Guys, this is not a d*#@-sucking contest. If you want to parse PE binaries, go right ahead. If Red Hat wants to deep-throat Microsoft, that's *your* issue. That has nothing what-so-ever to do with the kernel I maintain. It's trivial for you guys to have a signing machine that parses the PE binary, verifies the signatures, and signs the resulting keys with your own key. You already wrote the code, for chissake, it's in that f*cking pull request.'" Update: 02/25 17:24 GMT by U L : The headline/article are misleading, since mjg seems to agree that the patch is a bit complicated : "(I mean, *I'm* fine with the idea that they're *@#$ing idiots and deserve to be miserable, but apparently there's people who think this is a vital part of a business model)". The issue at hand is a set of patches to load and store keys inside of a UEFI PE binary which is then passed to the kernel, which then extracts the keys from the binary. It's absurd, it's messy, and it's only needed because Microsoft will only sign PE binaries so not supporting it makes restricted boot even more difficult to support.

sfcrazy writes "Google has declared Red Hat's RHEL 6 obsolete, showing a notification which says, 'Google Chrome us no longer updating because your operating system is obsolete.' Red Hat evangelist Jan Wilderboer says: 'We release new stable versions of RHEL every 2-3 years. The API/ABI stability is what sets it apart from community distros. Customers need long term stability. Google knows (and uses) that itself internally. By cutting the support of enterprise distributions they simply tell me to move elsewhere. That's not a very encouraging thing.'"

New submitter markfeffer, Senior Editor at Dice, writes "Red Hat's hired about 600 people in its last three fiscal quarters, and it's going to keep hiring – about 900 to 1,000 more this year. The company's primarily looking for software and technical support engineers, along with salespeople who can help strengthen its cloud-technology capabilities. They want people with strong technical skills, of course, but the company puts a premium on those who've taken the time to research its business and send in a resume that's custom-tailored to the job opening."

An anonymous reader writes "Linux kernel developer veteran Alan Cox has lashed out at Red Hat's recent release of Fedora 18. Cox posted comments to his Google+ page saying 'Fedora 18 seems to be the worst Red Hat distro I've ever seen.' He encountered numerous problems with Fedora 18 and then decided to switch to Ubuntu."

kthreadd writes "The Red Hat Enterprise Linux 5 derivative CentOS version 5.9 has been released just 10 days after its upstream provider. According to the release notes a number of changes have been made. New packages available in CentOS 5.9 includes for example OpenJDK 7 and Rsyslog 5. Several drivers have also been updated in the kernel which has been updated to version 2.6.18-348, including support for Microsoft's virtualization environment Hyper-V." CentOS has been plugging away now for nearly 10 years.

ultranerdz writes "Fedora 18 has been released. Featuring a new installer UI, GNOME 3.6, Clojure, DragonEgg, KDE Plasma Workspaces 4.9, MATE Desktop, Samba 4, Secure Boot, and updated major packages versions, this is one of the most anticipated Fedora versions yet. After more than two months of slips and delays, Fedora 18 is finally here." I'm glad to see MATE becoming more widely available; it suits me, as a GNOME 2 fan but not a complete troglodyte.

snydeq writes "Simon Phipps sheds light on a fight for control over Vert.x, an open source project for scalable Web development that 'seems immunized to corporate control.' 'Vert.x is an asynchronous, event-driven open source framework running on the JVM. It supports the most popular Web programming languages, including Java, JavaScript, Groovy, Ruby, and Python. It's getting lots of attention, though not necessarily for the right reasons. A developer by the name of Tim Fox, who worked at VMware until recently, led the Vert.x project — before VMware's lawyers forced him to hand over the Vert.x domain, blog, and Google Group. Ironically, the publicity around this action has helped introduce a great technology with an important future to the world. The dustup also illustrates how corporate politics works in the age of open source: As corporate giants grasp for control, community foresight ensures the open development of innovative technology carries on.'"

TrueSatan writes "Matthew Garrett, formerly of Red Hat, is providing a shim bootloader that will allow installation/booting of secure boot enabled computers. The shim is designed to chain boot GRUB (Grand Universal Bootloader) without the need for a distribution to obtain a key from Microsoft. Garrett asks that further contacts regarding the shim be made to him and not to Red Hat as he no longer works there and they may not have knowledge of the product."

Already available in third party repositories, the GNOME 2 fork MATE and GNOME 3 fork Cinnamon will now be included in Fedora 18. From the H: "After almost two months' delay, the Fedora Project has released the first and final beta of Fedora 18. The distribution, which is code-named 'Spherical Cow,' includes the MATE desktop – a continuation of the classic GNOME 2 interface – in its repositories for the first time. Fedora 18's default edition uses GNOME 3.6.2 as its interface and a separate KDE Spin provides the KDE Software Collection 4.9.3; Xfce 4.10 and version 1.6.7 of Linux Mint's Cinnamon are also available from the distribution's repositories."

DMA-BUF is a recent kernel feature that allows multiple GPUs to quickly copy data into each others' framebuffers. A use case would be the NVIDIA Optimus that pairs a fast GPU with an Intel integrated GPU, where the NVIDIA GPU writes into the Intel framebuffer when it is active. But, NVIDIA won't be able to use this infrastructure because it's GPL. Alan Cox replied on LKML to a request from one of their engineers to mark the API non-GPL: "NAK. This needs at the very least the approval of all rights holders for the files concerned and all code exposed by this change. Also I'd note if you are trying to do this for the purpose of combining it with proprietary code then you are still in my view as a (and the view of many other) rights holder to the kernel likely to be in breach of the GPL requirements for a derivative work. You may consider that formal notification of my viewpoint. Your corporate legal team can explain to you why the fact you are now aware of my view is important to them." The rest of the thread is worth a read (a guy from RedHat agrees that this code is GPL and cannot become non-GPL without relicensing from a major subset of graphics system contributors). This has a ripple effect: it means that all of the ARM SoC GPU drivers can't use it either, and it may prevent any proprietary drivers for the proposed DRI version 3.

hypnosec writes "Red Hat has announced the availability of a preview version of its OpenStack Distribution that would enable it to compete with the likes of Amazon which is considered one of the leaders in infrastructure-as-a-service cloud services. The enterprise Linux maker was a late entrant into the OpenStack world where players like Rackspace, HP and Internap have already made their mark. Red Hat's OpenStack distribution enterprises can build and manage private, public, and hybrid infrastructure-as-a-service clouds. These companies will not only be competing with the likes of Amazon, but will also be competing against themselves to get a bite out of the IaaS cloud. What started as a project has quickly developed into an open source solution that enables organizations to achieve performance, features and greater functionality from their private and/or public clouds. The announcement of OpenStack Foundation acted as a catalyst toward the fast-paced development of the platform."

An anonymous reader writes "OpenBSD founder Theo de Raadt has slammed Red Hat and Canonical for the way they have reacted to Microsoft's introduction of 'secure' boot along with Windows 8, describing both companies as wanting to be the new Microsoft."

sfcrazy writes "The general tendency within the open source community is to a whole new wheel to push your own cart. A majority of open source projects are suffering from duplication. Luckily, we just noticed a great example of such collaboration (or using resources by different competing projects) within the distro community. Ubuntu's popular Unity shell is being ported to Fedora (the distro which leads the development of Gnome shell and its also the breeding ground of many latest technologies which are used by the rest of the GNU/Linux world). Interestingly developers users openSUSE's build service to create this port. openSUSE leads the development of Gnome and KDE along with LibreOffice." Calling Unity "popular" seems like a stretch, but it's certainly where a lot of Ubuntu work has been lavished; the cooperation that open source code fosters at least lets whoever wants to use or develop it do so.

Tmack writes "The last time we had a leap second, sysadmins were taken a bit by surprise when a random smattering of systems locked up (including Slashdot itself) due to a kernel bug causing a race condition specific to the way leap seconds are handled/notified by ntp. The vulnerable kernel versions (prior to 2.6.29) are still common amongst older versions of popular distributions (Debian Lenny, RHEL/CentOS 5) and embedded/black-box style appliances (Switches, load balancers, spam filters/email gateways, NAS devices, etc). Several vendors have released patches and bulletins about the possibility of a repeat of last time. Are you/your team/company ready? Are you upgraded, or are you going to bypass this by simply turning off NTP for the weekend?" Update: 07/01 03:14 GMT by S : ZeroPaid reports that this issue took down the Pirate Bay for a few hours.