Major tech companies including Alibaba, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft, and Red Hat today announced intent to form the Confidential Computing Consortium to improve security for data in use. From a report: Established by the Linux Foundation, the organization plans to bring together hardware vendors, developers, open source experts, and others to promote the use of confidential computing, advance common open source standards, and better protect data. "Confidential computing focuses on securing data in use. Current approaches to securing data often address data at rest (storage) and in transit (network), but encrypting data in use is possibly the most challenging step to providing a fully encrypted lifecycle for sensitive data," the Linux Foundation said today in a joint statement. "Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users."

The consortium also said the group was formed because confidential computing will become more important as more enterprise organizations move between different compute environments like the public cloud, on-premises servers, or the edge. To get things started, companies made a series of open source project contributions including Intel Software Guard Extension (SGX), an SDK for code protection at the hardware layer.

"Slackware is the longest active Linux distribution project, founded in 1993," writes TheBAFH (Slashdot reader #68,624).

"Today there are many Linux distributions available, but I've remained dedicated to this project as I believe it still holds an important place in the Linux ecosystem," writes Patrick J. Volkerding on a new Patreon page. He adds that Slackware's users "know that Slackware can be trusted not to constantly change the way things work, so that your investment in learning Slackware lasts longer than it would with a system that's a moving target... Your support is greatly appreciated, and will make it possible for me to continue to maintain this project."

TheBAFH writes: The authenticity of the Patreon page has been confirmed by Mr. Volkerding in a post in the Slackware forum of LinuxQuestions.org. "I was going to wait to announce it until I had a few more planned updates done in -current that would be getting things closer to an initial 15.0 beta release, but since it's been spotted in the wild I'll confirm it."
Slashdot also emailed Patrick J. Volkerding at Slackware.com last summer and confirmed that that is indeed the account that he's posting from on LinuxQuestions. At the time, he was still trying to find the time to get a Patreon page set up.

"I've been trying to catch up on nearly a decade of neglecting everything other than Slackware, but I'm at least getting more caught up."

New submitter dvda247 writes: A discussion of if people turn off their Windows 10 PCs anymore? Newer hardware and operating system changes make PCs work differently. Do you shut off your Windows 10 PC anymore? Or do you put it in sleep or hibernate mode? We are broadening the discussion to include desktop computers and laptops that are running Linux-based operating systems, or macOS, or ChromeOS. Additionally, how often do you restart your computer?

Earlier this week on the Linux kernel mailing list, Artem S. Tashkinov described a low-memory scenario where "the system will stall hard. You will barely be able to move the mouse pointer. Your disk LED will be flashing incessantly..."

"I'm afraid I have bad news for the people snickering at Linux here," wrote Chris Siebenmann, a sys-admin at the University of Toronto's CS lab. "If you're running without swap space, you can probably get any Unix to behave this way under memory pressure..." In the old days, this usually was not very much of an issue because system RAM was generally large compared to the size of programs and thus the amount of file-backed pages that were likely to be in memory. That's no longer the case today; modern large programs such as Firefox and its shared libraries can have significant amounts of file-backed code and data pages (in addition to their often large use of dynamically allocated memory, ie anonymous pages).
A production engineer (now on Facebook's Web Foundation team) wrote about experiencing similar issues years ago when another company had disabled swapping when they replaced or reinstalled machines -- leading to lots of pages from hosts that had to be dealt with. This week they wrote: I stand by my original position: have some swap. Not a lot. Just a little. Linux boxes just plain act weirdly without it. This is not permission to beat your machine silly in terms of memory allocation, either... If you allocate all of the RAM on the machine, you have screwed the kernel out of buffer cache it sorely needs. Back off.

Put another way, disk I/O that isn't brutally slow costs memory. Network I/O costs memory. All kinds of stuff costs memory. It's not JUST the RSS of your process. Other stuff you do needs space to operate. If you try to fill a 2 GB box with 2 GB of data, something's going to have a bad day! You have to leave room for the actual system to run or it's going to grind to a stop.

Red Hat has joined the RISC-V Foundation to help foster this open-source processor ISA. Phoronix reports: While we're still likely years away from seeing any serious RISC-V powered servers at least that can deliver meaningful performance, Red Hat has been active in promoting RISC-V as an open-source processor instruction set architecture and one of the most promising libre architectures we have seen over the years. Red Hat developers have already helped in working on Fedora's RISC-V support and now the IBM-owned company is helping out more and showing their commitment by joining the RISC-V Foundation. Red Hat joins the likes of Google, NVIDIA, Qualcomm, SiFive, Western Digital, IBM, and Samsung as among the many RISC-V members.

Not too long after Linus Torvalds wrote his own Unix kernel, which he called Linux, in the summer of 1991, a magazine was founded by enthusiasts to focus on the operating system. For nearly three decades Linux Journal has been an authority magazine on all things Linux, but it is now shuttering doors, it said late Wednesday. The announcement comes about two years after the periodical said it would cease to exist, but it was able to find some backing -- from Privacy Internet Access group -- to resume operations later on.

The team said on Wednesday that all staff members had been laid off and the company was left with no operating funds to continue in any capacity. It remains committed to keeping the website afloat for another few weeks.

The last RHEL release, RHEL 7.7, is now available for current Red Hat Enterprise Linux subscribers via the Red Hat Customer Portal. ZDNet reports on what's new: RHEL 7.7's most important updates are support for the latest generation of enterprise hardware and remediation for the recently disclosed ZombieLoad vulnerabilities. The latest RHEL 7 also includes network stack performance enhancements. With this release, you can offload virtual switching operations to network interface card (NIC) hardware. What that means for you is, if you're using virtual switching and network function virtualization (NFV), you'll see better network performance on cloud and container platforms such as Red Hat OpenStack Platform and Red Hat OpenShift.

RHEL 7.7 users can also use Red Hat's new predictive problem shooter: Red Hat Insights. This uses a software-as-a-service (SaaS)-based predictive analytics approach to spot, assess, and mitigate potential problems to their systems before they can cause trouble. For developers, RHEL 7.7 comes with Python 3.6 interpreter, and the pip and setup tools utilities. Previously, Python 3 versions were available only as a part of Red Hat Software Collections. Moving on to the cloud, RHEL 7.7 Red Hat Image Builder is now supported. This feature, which is also in RHEL 8, enables you to easily create custom RHEL system images for cloud and virtualization platforms such as Amazon Web Services (AWS), VMware vSphere, and OpenStack. To help cloud-native developers, RHEL 7.7 includes full support for Red Hat's distributed-container toolkit -- buildah, podman, and skopeo -- on RHEL workstations. After building on the desktop, programmers can use Red Hat Universal Base Image to build, run, and manage containerized applications across the hybrid cloud.

It's been a gripe for many running Linux on low RAM systems especially is that when the Linux desktop is under memory pressure the performance can be quite brutal with the system barely being responsive. The discussion over that behavior has been reignited this week. From a report: Developer Artem S Tashkinov took to the kernel mailing list over the weekend to express his frustration with the kernel's inability to handle low memory pressure in a graceful manner. If booting a system with just 4GB of RAM available, disabling SWAP to accelerate the impact/behavior, and launching a web browser and opening new web pages / tabs can in a matter of minutes bring the system down to its knees.

Artem elaborated on the kernel mailing list, "Once you hit a situation when opening a new tab requires more RAM than is currently available, the system will stall hard. You will barely be able to move the mouse pointer. Your disk LED will be flashing incessantly (I'm not entirely sure why). You will not be able to run new applications or close currently running ones. This little crisis may continue for minutes or even longer. I think that's not how the system should behave in this situation. I believe something must be done about that to avoid this stall."

Canonical's Martin Wimpress addresses Snaps, Flatpak, and other competing standards, and community unease around Canonical's control of the Snap store. intensivevocoder writes: With these advances in hardware support, the last significant challenge users face when switching from Windows or Mac to a Linux distribution is app distribution and installation. While distribution-provided repositories are useful for most open source software, the release model of distributions such as Ubuntu or Fedora lock in users to a major version for programs for the duration of a particular release. Because of differences in how they interact with the underlying system, certain configuration tasks are different between Snaps or Flatpaks than for directly-installed applications. Likewise, initial commits for the Snap and Flatpak formats were days apart -- while the formats were developed essentially in parallel, the existence of two 'universal' package formats has led to disagreement about competing standards. TechRepublic interviewed Martin Wimpress, engineering manager for Snapcraft at Canonical, about Ubuntu's long term plans for Snaps, its adoption and support in other Linux distributions, Canonical's position as the operator of the Snap Store, and the benefits Snaps provide over Flatpak. An excerpt from the interview: TechRepublic: Practically speaking, there are two competing standards for cross-platform application packaging -- three, if you count AppImage. What's the practical benefit that Canonical's Snap format offers over Flatpak or AppImage?
Martin Wimpress: If you look at the initial commits of both of those projects, Snaps have a lineage back to Click packages, which were developed for [Ubuntu Phone] originally. The Snap project developed out of what had been learned from doing the phones, with a view to solving problems in IoT. So, although technically snapd and xdg-apps -- and consequently Flatpak -- look like they emerged around the same time, Snaps can trace their lineage back to the Click project from several years previous. If we're looking at Flatpak specifically, we can probably include AppImage in most of these comparisons as well. Some of the similarities are that Snaps are self-contained software packages, which is something that Flatpak and AppImage strive to be as well. I think that Flatpak achieves that better than AppImage. I think AppImage still makes some assumptions on what's installed on the host operating system. It doesn't bundle everything inside the AppImage. Similarly, Snaps, Flatpak, and AppImage work across all the major Linux distributions without modification. We haven't all arrived at this solution by accident. We've clearly, independently, all realized that this is a problem that we need to solve in order to encourage software vendors to publish their applications on Linux, because Linux is a very broad platform to target. If you can lower the hurdles... to getting your software in front of users on Linux, then that's a good thing. And we're all aiming to do the same thing there.

GNOME and KDE are co-hosting this year's Linux App Summit (LAS) in Barcelona from November 12th to 15th.

An anonymous reader shared the big announcement: LAS is the first collaborative event co-hosted by the two organizations since the Desktop Summit in 2009. Both organizations are eager to bring their communities together in building an application ecosystem that transcends individual distros and broadens the market for everyone involved.

KDE and GNOME will no longer be taking a passive role in the free desktop sector. With the joint influence of the two desktop projects, LAS will shepherd the growth of the FOSS desktop by encouraging the creation of quality applications, seeking opportunities for compensation for FOSS developers, and fostering a vibrant market for the Linux operating system.

• "I am excited to see GNOME and KDE working together on LAS, and I believe that the event will help lay down strong foundations for collaborative cross-project development that would benefit Linux users across all distributions and on any compatible device." -- Christel Dahlskjaer, Private Internet Access and freenode Project Lead.

• "Together with GNOME, counting with the collaboration of many distributions and application developers, we'll have the opportunity to work side by side, share our perspectives and offer the platform that the next generation of solutions will be built on." -- Aleix Pol Gonzalez, KDE e.V Vice-President says about the inaugural effort about LAS.

• "By partnering with KDE we show the desire to build the kind of application ecosystem that demonstrates that Open Source and Free Software are important; the technology and organization we build to achieve this is valuable and necessary." -- GNOME executive director, Neil McGovern

• "The desktop wars is not really a thing any more. It makes more sense to work together and pool resources." -- Paul Brown, a KDE Communications Specialist (quoted by ZDNet)

ZDNet called the collaboration "a major step forward," giving their story the headline "GNOME and KDE work together on the Linux desktop." But the Twitter feed for the KDE community quickly clarified that KDE "is working with GNOME to create a common, fair, sustainable and open app ecosystem, not a desktop."

"The GNOME and KDE communities want to provide users with free and open applications that will respect their privacy and rights. That is what Linux App Summit is about."

The Linux Mint project today released the Linux Mint 19.2 "Tina", which is now available for download as Cinnamon, MATE, and Xfce editions. From a report: If your computer is fairly modern, take my advice and opt for the excellent Cinnamon. MATE and Xfce are solid choices too, although they are more appropriate for computers with meager hardware. For new users, choosing amongst three interfaces can be confusing -- thankfully, the Mint developers stopped using KDE almost two years ago. Linux Mint 19.2 "Tina" is based on the wildly popular Ubuntu operating system, but on 18.04 rather than the new 19.04. Why use an older version of Ubuntu as a base? Because 18.04 is an LTS or "Long Term Support" variant. While version 19.04 will be supported for less than a year, 18.04 is being supported for a mind-boggling 10 years! The Linux kernel is version 4.15 and not part of the newer 5.x series.

mfilion writes: Want to use the GNOME or KDE Linux desktops on your virtual-reality headset? A new open-source project aims to let you play games and use your Linux desktop with your VR head-mounted display. Xrdesktop is an open-source project "designed to let you work with traditional desktop environments, such as GNOME and KDE, in VR," reports ZDNet. "It does this by making window managers aware of VR. It then uses VR runtimes to render desktop windows in 3D space. Once there, you'll be able to work on the desktop using VR controllers in place of a mouse and keyboard."

You can find installation instructions on xrdesktop Wiki. The Valve-backed program is available in packages for Arch Linux and Ubuntu Linux. You can also install it on other distributions, but you'll need to install xrdesktop from source.

Freshly Exhumed writes: When Linus Torvalds first created Linux in 1991, he built it on a 386-powered PC with a floppy drive. Things change. In 2012, Torvalds bid the i386 processor adieu saying, "I'm not sentimental. Good riddance." Now, it's the floppy drive's turn to bid Linux adieu. Torvalds has declared the floppy drive project "orphaned." Why? Because floppy drives have become historical relics. No one's using them. Indeed, Jiri Kosina, the Czech Linux kernel developer in charge of the floppy drive driver, said he "no longer has working hardware." Torvalds continued, "Actual working physical floppy hardware is getting hard to find, and while Willy was able to test this, I think the driver can be considered pretty much dead from an actual hardware standpoint. The hardware that is still sold seems to be mainly USB-based, which doesn't use this legacy driver at all."

An anonymous reader shares a report from VentureBeat: Google today launched Chrome 76 for Windows, Mac, Linux, Android, and iOS. The release includes Adobe Flash blocked by default, Incognito mode detection disabled, multiple PWA improvements, and more developer features. You can update to the latest version now using Chrome's built-in updater or download it directly from google.com/chrome. Google has been taking baby steps to kill off Flash for years. In 2015, Chrome started automatically pausing less important Flash content. In 2016, Chrome started blocking "behind the scenes" Flash content and using HTML5 by default. In July 2017, however, Adobe said it would kill Flash by 2020. With Chrome 76, Flash is now blocked by default. Users can still turn it on in settings, but next year, Flash will be removed from Chrome entirely.

New submitter Grindop53 shares a report: Widespread reports of a "critical security issue" that supposedly impacted users of VLC media player have been debunked as "completely bogus" by developers. Earlier this week, German computer emergency response team CERT-Bund -- part of the Federal Office for Information Security (BSI) -- pushed out an advisory warning network administrators and other users of a high-impact vulnerability in VLC. It seems that this advisory can be traced back to a ticket that was opened on VLC owner VideoLAN's public bug tracker more than four weeks ago. The alleged heap-based buffer overflow flaw was disclosed by a user named "topsec(zhangwy)," who stated that a malicious .mp4 file could be leveraged by an attacker to take control of VLC media player users' devices. The issue was flagged as high-risk on the CERT-Bund site, and the vulnerability was assigned a CVE entry (CVE-2019-13615).

However, according to VideoLAN president Jean-Baptiste Kempf, the exploit does not work on the latest VLC build. In fact, any potential issues relating to the vulnerability were patched more than a year ago. "There is no security issue in VLC," Kempf told The Daily Swig in a phone conversation this morning. "There is a security issue in a third-party library, and a fix was pushed [out] 18 months ago." When asked how or why this oversight generated so much attention, Kempf noted that the reporter of the supposed vulnerability did not approach VideoLAN through its security reporting email address. "The guy never contacted us," said Kempf, who remains a lead developer at the VLC project. "This is why you don't report security issues on a public bug tracker." Kempf and his team were unable to replicate the issue in the latest version of VLC, leading many to believe that the bug reporter was working on a computer running an outdated version of Ubuntu. "If you report a security issue, at least update your Linux distribution," Kempf said.

Melissa Di Donato, SAP's former COO, has been named SUSE's new CEO. ZDNet reports: London-based Di Donato is a well-known technology leader. In particular, she has a proven track record in sales and business operations. Besides being SAP's COO, she was also the company's chief revenue officer. In SAP's latest quarter, SAP saw an increase of 11% year-over-year revenues. Much of that came from the cloud -- where SAP saw 40% year-over-year growth. SAP's cloud is built on SUSE's Linux servers and OpenStack cloud.

Di Donato succeeds Nils Brauckmann. While officially Brauckmann is retiring, there seems to be more to the story. On LinkedIn, Brauckmann wrote: "I care very deeply for the SUSE business and its employees, and this difficult decision is based entirely on personal reasons. I am pleased to be handing over the reins to such a talented and accomplished leader as Melissa Di Donato." In his SUSE statement, Brauckman added: "She is a proven and dynamic change agent, and many of her achievements have occurred in subscription businesses that exist in high-growth cloud environments." In April, then-CEO Nils Brauchmann said his company would soon be the largest independent Linux company. This comes after Brauckmann delivered eight years of continuous expansion during his tenure, including record-breaking revenues in FY18, reports ZDNet.

"Under Di Donato's leadership, SUSE will continue to focus on growth and expansion. What that means is she's expected to advance SUSE's core business and emerging technologies, both organically and through add-on acquisitions."

Speaking of Dropbox, the online storage cloud service has enabled support for ZFS and XFS on 64-bit Linux systems, and eCryptFS and Btrfs on all Linux systems. The move comes after it recently pulled support for all file storage systems on Linux except Ext4. From a report: Dropbox stopped supporting folder syncing to drives with filesystems it deemed "uncommon", which on Linux meant anything but Ext4, upsetting quite a few users. The reason cited for this was that "a supported file system is required as Dropbox relies on extended attributes (X-attrs) to identify files in the Dropbox folder and keep them in sync", which doesn't really make sense since there are many filesystems that support xattr (extended attributes) on Linux. After this change was announced, various workarounds started to appear online, including one that I posted on Linux Uprising. There was even a new unofficial, open source Dropbox client developed for this reason (which is also much lighter than the official client by the way). But this didn't last long though, as last week, the Dropbox 77.3.127 beta changelog says that Dropbox has added back support for ZFS (on 64-bit systems only), XFS (on 64bit systems only), Btrfs and eCryptFS.

diegocg writes: Linux 5.2 has been released. This release includes Sound Open Firmware, a project that brings open source firmware to DSP audio devices; open firmware for many Intel products is also included. This release also improves the Pressure Stall Information resource monitoring to make it usable by Android; the mount API has been redesigned with new syscalls; the BFQ I/O scheduler has gained some performance improvements; a new CLONE_PIDFD flag lets clone(2) return pidfs usable by pidfd_send_signal(2); Ext4 has gained support for case-insensitive name lookups; there is also a new device mapper target that simulates a device that has failing sectors and/or read failures; open source drivers for the ARM Mali t4xx and newer 6xx/7xx have been added. Many other new drivers, features and changes can be found in the changelog.
But there's more besides supporting "a handful of extra ARM-powered single-board computers," according to CRN: The biggest feature in 5.2 is probably support for Intel's forthcoming Comet Lake architecture, which will power the tenth generation of its Core desktop and mobile CPUs due. The new silicon is due to ship late in 2019 and appear in products early the next year.

Linux 5.2 also includes many tweaks that improve its performance on laptops.

intensivevocoder quotes TechRepublic: Following Canonical's pivot away from its internally-developed Unity user interface and Mir display server, Ubuntu has enjoyed two relatively low-drama years, as the Linux Desktop market homogenized during its transition back to a customized GNOME desktop. In a review of the most recent release, TechRepublic's Jack Wallen declared that "Ubuntu 19.04 should seriously impress anyone looking for a fast and reliable Linux desktop platform."

Largely, it's been a slow-and-steady pace for Ubuntu since the pivot from Unity to GNOME, though the distribution made headlines for plans to end support for 32-bit support. This prompted Valve, operators of games marketplace Steam, to re-think its approach toward Ubuntu, which it previously characterized as "as the best-supported path for desktop users."

TechRepublic's James Sanders interviewed Will Cooke, director of engineering for Ubuntu Desktop at Canonical, about the distribution's long-term plans for legacy 32-bit support, shipping a desktop in a post-Unity-era Ubuntu, and why Linux should be the first choice for users migrating from Windows 7 prior to the end of support.
From the interview:
When we did the switch to GNOME Shell from Unity, we did a survey [asking] people straightforward questions like, "What sort of features do you want to see continue in Ubuntu Desktop?" The answer came through very, very clearly that people liked having the launcher on the left, and they wanted to keep that feature there. They liked having desktop icons and they wanted to keep that feature there.

We've made decisions based on data from our user base, from our community. They have provided that feedback and we've done what the majority of people want.

Sometimes that doesn't go with the ideals of GNOME design, but we're comfortable with delivering what we see as value on top of GNOME. That's delivering a product which gives people consistency between the old days of Unity 7, and the new days of GNOME Shell. That transition was as easy as possible, everybody had a chance to have a say in it, and the answers were pretty clear.

sfcrazy writes: Linode today launched new GPU-optimized cloud computing instances tailored specifically for developers and businesses requiring massive parallel computational power. The new instances are built on NVIDIA Quadro RTX 6000 GPU cards with all three major types of processing cores (CUDA, Tensor, and Real-Time Ray Tracing) available to users. Linode is one of the first cloud providers to deploy NVIDIA's latest GPU architecture. These new GPU instances give scientists, artists, and engineers working on artificial intelligence, graphic visualization, and complex modeling a cost-competitive alternative to hyperscale cloud providers.