An anonymous reader shares a report: The official Skype Snap app for Linux has not been updated in nearly six months, and Microsoft is yet to say why. When introducing the cross-distro build in early 2018, the company said the Skype Snap app would give it the "... ability to push the latest features straight to our users, no matter which device or distribution they happen to use." Clearly, not. Because at the time of writing this post the Skype Snap app sits on version 8.34.0.78, which the Snapcraft store reports was 'last updated' in November 2018. However, the "regular" Linux version available to download from the Skype website is on version 8.47.0.73, released June 2019.

IBM closed its $34 billion acquisition of Red Hat, the companies announced Tuesday. From a report: The deal was originally announced in October, when the companies said IBM would buy all shares in Red Hat for $190 each in cash. The acquisition of Red Hat, an open-source, enterprise software maker, marks the close of IBM's largest deal ever. It's one of the biggest in U.S. tech history. Excluding the AOL-Time Warner merger, it follows the $67 billion deal between Dell and EMC in 2016 and JDS Uniphase's $41 billion acquisition of optical-component supplier SDL in 2000. Under the deal, Red Hat will now be a unit of IBM's hybrid cloud division, according to the original announcement. The companies said Red Hat's CEO, Jim Whitehurst, would join IBM's senior management team and report to CEO Ginni Rometty. IBM previously said it hoped its acquisition of Red Hat will help it do more work in the cloud, one of its four key growth drivers, which are also social, mobile and analytics. The company lags behind Amazon and Microsoft in the cloud infrastructure business. IBM has seen three consecutive quarters of declining year-over-year revenue. But some analysts are hopeful about the Red Hat deal's opportunity to bring in new business.

"After 25 months of development the Debian project is proud to present its new stable version 10 (code name 'buster'), which will be supported for the next 5 years thanks to the combined work of the Debian Security team and of the Debian Long Term Support team."

An anonymous reader quotes Debian.org: In this release, GNOME defaults to using the Wayland display server instead of Xorg. Wayland has a simpler and more modern design, which has advantages for security. However, the Xorg display server is still installed by default and the default display manager allows users to choose Xorg as the display server for their next session.

Thanks to the Reproducible Builds project, over 91% of the source packages included in Debian 10 will build bit-for-bit identical binary packages. This is an important verification feature which protects users against malicious attempts to tamper with compilers and build networks. Future Debian releases will include tools and metadata so that end-users can validate the provenance of packages within the archive.

For those in security-sensitive environments AppArmor, a mandatory access control framework for restricting programs' capabilities, is installed and enabled by default. Furthermore, all methods provided by APT (except cdrom, gpgv, and rsh) can optionally make use of "seccomp-BPF" sandboxing. The https method for APT is included in the apt package and does not need to be installed separately... Secure Boot support is included in this release for amd64, i386 and arm64 architectures and should work out of the box on most Secure Boot-enabled machines.
The announcement touts Debian's "traditional wide architecture support," arguing that it shows Debian "once again stays true to its goal of being the universal operating system." It ships with several desktop applications and environments, including the following:

• Cinnamon 3.8

• GNOME 3.30

• KDE Plasma 5.14

• LXDE 0.99.2

• LXQt 0.14

• MATE 1.20

• Xfce 4.12

"If you simply want to try Debian 10 'buster' without installing it, you can use one of the available live images which load and run the complete operating system in a read-only state via your computer's memory... Should you enjoy the operating system you have the option of installing from the live image onto your computer's hard disk."

If you're looking to try out a Linux distro that is not based on Ubuntu, Mageia 7 might be worth your consideration. It arrives two years after the release of Mageia 6 -- so unsurprisingly, the changelog is fairly long. The Mageia developers share the significant packages that have been updated below. Significant package updates include: kernel 5.1.14, rpm 4.14.2, dnf 4.2.6, Mesa 19.1, Plasma 5.15.4, GNOME 3.32, Xfce 4.14pre, Firefox 67, Chromium 73, and LibreOffice 6.2.3. Donald Stewart, Mageia developer, adds: There are lots of new features, exciting updates, and new versions of your favorite programs, as well as support for very recent hardware. There are classical installer images for both 32-bit and 64-bit architectures, as well as live DVDs for 64-bit Plasma, GNOME, Xfce, and 32-bit Xfce.

An anonymous reader shares a report: Three and a half years ago, Mark Russinovich, Azure CTO, Microsoft's cloud, said, "One in four [Azure] instances are Linux." Next, in 2017, Microsoft revealed that 40% of Azure virtual machines (VM) were Linux-based. Then in the fall of 2018, Scott Guthrie, Microsoft's executive VP of the cloud and enterprise group, told me in an exclusive interview, "About half Azure VMs are Linux". Now, Sasha Levin, Microsoft Linux kernel developer, in a request that Microsoft be allowed to join a Linux security list, revealed that "the Linux usage on our cloud has surpassed Windows." Shocking you say? Not really. Linux is largely what runs enterprise computing both on in-house servers and on the cloud. Windows Server has been declining for years. In the most recent IDC Worldwide Operating Systems and Subsystems Market Shares report covering 2017, Linux had 68% of the market. Its share has only increased since then.

Linux founder Linus Torvalds "warns that managing software is about to become a lot more challenging, largely because of two hardware issues that are beyond the control of DevOps teams," reports DevOps.com.

An anonymous reader shares their report about Torvalds remarks at the KubeCon + CloudNative + Open Source Summit China conference: The first, Torvalds said, is the steady stream of patches being generated for new cybersecurity issues related to the speculative execution model that Intel and other processor vendors rely on to accelerate performance... Each of those bugs requires another patch to the Linux kernel that, depending on when they arrive, can require painful updates to the kernel, Torvalds told conference attendees. Short of disabling hyperthreading altogether to eliminate reliance on speculative execution, each patch requires organizations to update both the Linux kernel and the BIOS to ensure security. Turning off hyperthreading eliminates the patch management issue, but also reduces application performance by about 15 percent.

The second major issue hardware issue looms a little further over the horizon, Torvalds said. Moore's Law has guaranteed a doubling of hardware performance every 18 months for decades. But as processor vendors approach the limits of Moore's Law, many developers will need to reoptimize their code to continue achieving increased performance. In many cases, that requirement will be a shock to many development teams that have counted on those performance improvements to make up for inefficient coding processes, he said.

"Linux frontman Linus Torvalds thinks he's 'more self-aware' these days and is 'trying to be less forceful' after his brief absence from directing Linux kernel developers because of his abusive language on the Linux kernel mailing list," reports ZDNet.

"But true to his word, he's still not necessarily diplomatic in his communications with maintainers..." Torvalds' post-hiatus outburst was directed at Dave Chinner, an Australian programmer who maintains the Silicon Graphics (SGI)-created XFS file system supported by many Linux distros. "Bullshit, Dave," Torvalds told Chinner on a mailing list. The comment from Chinner that triggered Torvalds' rebuke was that "the page cache is still far, far slower than direct IO" -- a problem Chinner thinks will become more apparent with the arrival of the newish storage-motherboard interface specification known as Peripheral Express Interconnect Express (PCIe) version 4.0. Chinner believes page cache might be necessary to support disk-based storage, but that it has a performance cost....

"You've made that claim before, and it's been complete bullshit before too, and I've called you out on it then too," wrote Torvalds. "Why do you continue to make this obviously garbage argument?" According to Torvalds, the page cache serves its correct purpose as a cache. "The key word in the 'page cache' name is 'cache'," wrote Torvalds.... "Caches work, Dave. Anybody who thinks caches don't work is incompetent. 99 percent of all filesystem accesses are cached, and they never do any IO at all, and the page cache handles them beautifully," Torvalds wrote.

"When you say the page cache is slower than direct IO, it's because you don't even see or care about the *fast* case. You only get involved once there is actual IO to be done."
"The thing is," reports the Register, "crucially, Chinner was talking in the context of specific IO requests that just don't cache well, and noted that these inefficiencies could become more obvious as the deployment of PCIe 4.0-connected non-volatile storage memory spreads."

Here's how Chinner responded to Torvalds on the mailing list. "You've taken one single statement I made from a huge email about complexities in dealing with IO concurrency, the page cache and architectural flaws in the existing code, quoted it out of context, fabricated a completely new context and started ranting about how I know nothing about how caches or the page cache work."

The Register notes their conversation also illustrates a crucial difference from closed-source software development. "[D]ue to the open nature of the Linux kernel, Linus's rows and spats play out in public for everyone to see, and vultures like us to write up about."

Microsoft's transformation into a fully paid-up member of the Linux love-train continued this week as the Windows giant sought to join the exclusive club that is the official linux-distros mailing list. From a report: The purpose of the linux-distros list is used by Linux distributions to privately report, coordinate, and discuss security issues yet to reach the general public; oss-security is there for stuff that is already out in the open or cannot wait for things to bounce around for a few days first. Sasha Levin, who describes himself as a "Linux kernel hacker" at the beast of Redmond, made the application for his employer to join the list, which if approved would allow Microsoft to tap into private behind-the-scenes chatter about vulnerabilities, patches, and ongoing security issues with the open-source kernel and related code.

These discussions are crucial for getting an early heads up, and coordinating the handling and deployment of fixes before they are made public. To demonstrate that Microsoft qualifies for membership alongside the likes of Ubuntu, Debian, and SUSE, he cited Microsoft's Azure Sphere and the Windows Subsystem For Linux (WSL) 2 as examples of distro-like builds.

Canonical has issued a statement on Ubuntu's 32-bit future, saying it will continue to build and maintain a 32-bit archive going forward. From a report: Of course, there was some negativity surrounding the decision -- as is common with everything in the world today. In particular, developers of WINE were upset, since their Windows compatibility layer depends on 32-bit, apparently. In a statement, Canonical said: "Thanks to the huge amount of feedback this weekend from gamers, Ubuntu Studio, and the WINE community, we will change our plan and build selected 32-bit i386 packages for Ubuntu 19.10 and 20.04 LTS. We will put in place a community process to determine which 32-bit packages are needed to support legacy software, and can add to that list post-release if we miss something that is needed. Community discussions can sometimes take unexpected turns, and this is one of those. The question of support for 32-bit x86 has been raised and seriously discussed in Ubuntu developer and community forums since 2014. That's how we make decisions."

"Some businesses, such as pharmaceuticals, still spend enormous amounts of time and money on intellectual property (IP) fights," reports ZDNet. But "thanks to the Open Invention Network (OIN), the largest patent non-aggression community in history, Linux and related open-source technologies have become mostly free of these expensive entanglements."

And now they're reporting that the OIN's membership has grown to over 3,000 licensees: OIN's mission is to enable Linux, its related software, and its programmers to develop and monetize without being hogtied by patent fights. In Linux's early years, this was a constant threat. Now, thanks largely to the OIN's efforts to get everyone to agree on the basic open-source principle -- that's it's better and more profitable to share than to cling to proprietary property -- open-source software has taken off in the marketplace... The OIN, which has grown by 50% in the last two years, has turned patent non-aggression into policy for thousands of companies. By agreeing to the OIN license, members gain access to patented inventions worth hundreds of millions of dollars while promoting a favorable environment for Linux and related open source software.

The license works by everyone agreeing to patent non-aggression in core open-source technologies by cross-licensing Linux System patents to one another on a royalty-free basis. OIN-owned patents are similarly licensed royalty-free to any organization that agrees not to assert its patents against the Linux System. While it started out just covering the Linux operating system the Linux System has evolved to address Linux and adjacent Linux-related open-source technologies. It now covers open-source programs covering mobile communications, mobile payments, computing, blockchain, cloud, Internet of Things, and embedded and automotive technologies.

"For innovation and invention, open source and Linux are unmatched in the modern world. The open-source community's success is powered by the fact that shared innovation acts as a force multiplier -- where one plus one equals orders of magnitude more than two," said Keith Bergelt, OIN's CEO. "OIN's remarkable growth has been driven by heightened recognition of the importance of open source and a broad-based recognition of patent non-aggression as a cultural norm in the Linux and greater open source community. Joining OIN is viewed by many as a litmus test of authenticity in the open-source community."
The Linux Foundation's executive director says their group's success "has been directly enabled by the patent risk mitigation platform that the OIN has provided.

"Absent the now 3,000 strong member community of patent non-aggression that Keith Bergelt and his team at OIN have painstakingly built over the last dozen or so years, the level of open-source software innovation and unprecedented adoption rates could simply not have been achieved."

An anonymous reader shares a report: The news that Ubuntu will drop support for the 32-bit x86 architecture was discussed recently by the Wine developers, on the Wine-devel mailing list. The Wine developers are concerned with this news because many 64-bit Windows applications still use a 32-bit installer, or some 32-bit components. "In practice, the only cases where 64-bit only wine will be useful are when 64-bit applications are packaged some other way (such as a .zip, Steam Play, or packaging specifically for Wine) or for running Wine builtins like msidb." Ubuntu's solution for using Wine on 32-bit going forward, which is to publish applications as snaps, or use an Ubuntu 18.04 LTS based LXD container that has full access to multiarch 32-bit WINE and related libraries, was also discussed by the Wine developers, with Vincent Povirk of CodeWeavers saying that there's no point putting much effort into this temporary solution. The maintainer of the Wine OBS repository also mentioned that he has no interest in maintaining so many libraries.

Artem S. Tashkinov writes: The Register reports that it is possible to crash network-facing Linux servers, PCs, smartphones and tablets, and gadgets, or slow down their network connections, by sending them a series of maliciously crafted packets. It is also possible to hamper FreeBSD machines with the same attack. Patches and mitigations are available, and can be applied by hand if needed, or you can wait for a security fix to be pushed or offered to your at-risk device. A key workaround is to set /proc/sys/net/ipv4/tcp_sack to 0. At the heart of the drama is a programming flaw dubbed SACK Panic aka CVE-2019-11477: this bug can be exploited to remotely crash systems powered by Linux kernel version 2.6.29 or higher, which was released 10 years ago.

Long-time Slashdot reader jrepin writes: The KDE community has released Plasma 5.16, the newest iteration of the popular desktop environment. It features an improved notification system, Not only can you mute notifications altogether with the Do Not Disturb mode, but the system also groups notifications by app.

Developers also focused on user's privacy. When any application accesses the microphone, an icon will pop up in your system tray, showing that something is listening. Vaults, a built-in utility to encrypt folders, are easier and more convenient to use.

Dolphin file and folder manager now opens folders you click on in new tabs instead of new windows. Discover software manager is cleaner and clearer as it now has two distinct areas for downloading and installing software. The Wallpaper Slideshow settings window displays the images in the folders you selected, and lets you select only the graphics you want to display in the slideshow.

For a more comprehensive overview of what to expect in Plasma 5.16, check out the official announcement or the changelog for the complete list of changes.

JustAnotherOldGuy quotes Threatpost: A high-severity bug impacting two popular command-line text editing applications, Vim and Neovim, allow remote attackers to execute arbitrary OS commands. Security researcher Armin Razmjou warned that exploiting the bug is as easy as tricking a target into clicking on a specially crafted text file in either editor. Razmjou outlined his research and created a proof-of-concept (PoC) attack demonstrating how an adversary can compromise a Linux system via Vim or Neowim. He said Vim versions before 8.1.1365 and Neovim before 0.3.6 are vulnerable to arbitrary code execution...

Vim and Neovim have both released patches for the bug (CVE-2019-12735) that the National Institute of Standards and Technology warns, "allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline."

"Beyond patching, it's recommended to disable modelines in the vimrc (set nomodeline), to use the securemodelinesplugin, or to disable modelineexpr (since patch 8.1.1366, Vim-only) to disallow expressions in modelines," the researcher said.

The System76 Gazelle laptop is finally available. From a report: What makes this laptop so special (besides its pre-installed Linux-based operating System), is its impressive specifications. You see, System76 has supercharged it with a 9th generation Intel Core i7 Processor (9750H) and NVIDIA GTX 16-Series Graphics. It even has something the pricey MacBook Pro doesn't -- the ability to be configure with up to 64GB. Yeah, Apple's laptop can only have a maximum of 32GB. The Gazelle can be configured with additional top specs, such as an NVMe SSD up to 2TB. Actually, it can accommodate two such drives, so you can theoretically have 4TB of speedy storage. You can opt for either a 15 or 17-inch display, both of which have a 1080p resolution. Regardless of screen size, you get a full keyboard too, meaning it has a number pad on the right. It ships with Ubuntu or Pop!_OS pre-installed and starts at $1099.

Microsoft released a new Windows 10 Insider Preview build this week featuring the Windows Subsystem for Linux 2. WSL 2 includes a real Linux kernel that lets you run more Linux software on Windows and with better performance than WSL 1. From a report: This is part of Windows 10 Insider Preview build 18917, released on June 12, 2019. It's part of the fast ring of updates. You can experiment with it today, although you'll have to join the Windows Insider program and get unstable builds of Windows 10 on your PC. Microsoft's Windows Command Line blog offers more information about WSL 2, complete with an install guide, list of user experience changes, and more documentation. To install WSL 2 on the latest insider build, run the following command in a PowerShell window launched with Administrator permissions: Enable-WindowsOptionalFeature -Online -FeatureName VirtualMachinePlatform.

GNOME MPV (now known as Celluloid) will be the default media player in Ubuntu MATE 19.10. From a report: The app supplants the versatile VLC meda player, which the MATE desktop-toting distro has shipped with following the results of a community poll back in 2017. So why the change now? Better desktop integration. That's according to Ubuntu MATE's Martin Wimpress who revealed news of the swap in the latest Ubuntu MATE monthly update on Patreon: "We will be dropping VLC from the pre-installed applications and shipping GNOME MPV instead. GNOME MPV will soon be renamed to Celluloid. The reasons for switching to GNOME MPV are similar to swapping out Thunderbird for Evolution; better desktop integration." Size is another factor. GNOME MPV takes up a comparatively svelte 27MB on the ISO image, whereas Qt5-based VLC requires closer to 70MB.

Long-time Slashdot reader Qbertino is your typical Linux/Apache/MySQL/PHP (LAMP) developer, and writes that "in recent years Docker has been the hottest thing since sliced bread." You are expected to "dockerize" your setups and be able to launch a whole string of processes to boot up various containers with databases and your primary PHP monolith with the launch of a single script. All fine and dandy this far.

However, I can't shake the notion that much of this -- especially in the context of LAMP -- seems overkill. If Apache, MariaDB/MySQL and PHP are running, getting your project or multiple projects to run is trivial. The benefits of having Docker seem negilible, especially having each project lug its own setup along. Yes, you can have your entire compiler and Continuous Integration stack with SASS, Gulp, Babel, Webpack and whatnot in one neat bundle, but that doesn't seem to dimish the usual problems with the recent bloat in frontend tooling, to the contrary....

But shouldn't tooling be standardised anyway? And shouldn't Docker then just be an option, who couldn't be bothered to have (L)AMP on their bare metal? I'm still skeptical of this Dockerization fad. I get it makes sense if you need to scale microsevices easy and fast in production, but for 'traditional' development and traditional setups, it just doesn't seem to fit all that well.

What are your experiences with using Docker in a development environment? Is Dockerization a fad or something really useful? And should I put up with the effort to make Docker a standard for my development and deployment setups?
The original submission ends with "Educated Slashdot opinions requested." So leave your best answers in the comments.

Is Dockerization a fad?

An anonymous reader quotes a report from ZDNet: Russian authorities have moved closer to implementing their plan of replacing the Windows OS on military systems with a locally-developed operating system named Astra Linux. Last month, the Russian Federal Service for Technical and Export Control (FSTEC) granted Astra Linux the security clearance of "special importance," which means the OS can now be used to handle Russian government information of the highest degree of secrecy. Until now, the Russian government had only used special versions of Windows that had been modified, checked, and approved for use by the FSB. Astra Linux is a Debian derivative developed by Russian company RusBITech since 2008, the report says. "RusBITech initially developed the OS for use in the Russian private market, but the company also expanded into the local government sector, where it became very popular with military contractors."

"While Linux-preloaded laptops have been available for years from smaller companies, and have represented a fraction of their own sales with the much-admired XPS 13 developer model, Dell now offers a range of Precision models pre-installed with Ubuntu Linux," writes Slashdot reader Freshly Exhumed. Phoronix reports: At the start of May Dell announced an Ubuntu Linux option for their entry-level ~$700 Precision laptop while now they are closing out May by offering up Ubuntu 18.04 LTS on their higher-tier Precision laptop models. Ubuntu Linux has landed for the rest of Dell's current generation Precision mobile workstation line-up with support for the Precision 5540, 7540, and 7740. The Precision 5540 offers options of Xeon E or 9th Gen Core CPUs with up to 64GB of RAM and options for a NVIDIA Quadro T2000. The Precision 7540/7740 meanwhile are more powerful mobile workstations with supporting up to 128GB of ECC RAM and latest generation processors. The Precision 7740 model can also accomodate NVIDIA Quadro RTX 5000 series graphics. Additional details can be found via this blog post by Dell's Barton George.