One of Windows Subsystem for Linux's more annoying tricks is it's hard to get at your Linux files from Windows. From a report: Oh, you can do it, but you take a real chance of ruining the files. To quote Microsoft, "DO NOT, under ANY circumstances, access, create, and/or modify files in your distro's filesystem using Windows apps, tools, scripts, consoles, etc." In the forthcoming Windows 10 April 2019 Update, aka Windows 10 19H1, this Linux file problem will finally be fixed. According to Craig Loewen, a Microsoft programming manger working on Windows Subsystem for Linux (WSL), "The next Windows update is coming soon and we're bringing exciting new updates to WSL with it! These include accessing the Linux file system from Windows, and improvements to how you manage and configure your distros in the command line."

jrepin writes: Today, KDE launched Plasma 5.15, the first stable release of the popular desktop environment in 2019. For this release the Plasma team has focused on hunting down and removing all the paper cuts that slow you down. Plasma 5.15 brings a number of changes to the configuration interfaces, including more options for complex network configurations. Many icons have been added or redesigned to make them clearer. Integration with third-party technologies like GTK and Firefox has been improved substantially. Discover, Plasma's software and add-on installer, has received tons of improvements to help you stay up-to-date and find the tools you need to get your tasks done. For a more detailed list of features/changes, you can browse the full Plasma 5.15 changelog.

Mark Wycislik-Wilson, writing for BetaNews: Last year, developer Felix Rieseberg released Windows 95 as an Electron app to let 90s computer users relive their younger years. Now he's back with a second version of the Windows 95 app, and it's even better than ever -- gaming classics such as Doom and Wolfenstein3D are now included, for starters! Based on the Electron framework, Windows 95 2.0 is written in JavaScript, and is essentially a 500MB standalone virtual machine. The original release was lacking in a number of areas -- such as no sound or internet access. This second release is described as a "big update" and includes a web browser in the form of Netscape Navigator 2.0.

Writing at Linux Journal, Glyn Moody reports that dozens of government IT systems are switching to open source software.

"The fact that this approach is not already the norm is something of a failure on the part of the Free Software community..." One factor driving this uptake by innovative government departments is the potential to cut costs by avoiding constant upgrade fees. But it's important not to overstate the "free as in beer" element here. All major software projects have associated costs of implementation and support. Departments choosing free software simply because they believe it will save lots of money in obvious ways are likely to be disappointed, and that will be bad for open source's reputation and future projects.

Arguably as important as any cost savings is the use of open standards. This ensures that there is no lock-in to a proprietary solution, and it makes the long-term access and preservation of files much easier. For governments with a broader responsibility to society than simply saving money, that should be a key consideration, even if it hasn't been in the past.... Another is transparency. Recently it emerged that Microsoft has been gathering personal information from 300,000 government users of Microsoft Office ProPlus in the Netherlands, without permission and without documentation.
He includes an inspiring quote from the Free Software Foundation Europe about code produced by the government: "If it is public money, it should be public code as well. But when it comes to the larger issue about the general usage of proprietary vs. non-proprietary software -- what do Slashdot's readers think?

Should all government IT systems be using open source software?

Slashdot reader internet-redstar writes: The Tesla Hacker, Jasper Nuyens -- who uncovered Tesla's "unconfirmed lane change" last year -- now launched at FOSDEM an open-source project called "FreedomEV" to run on top of rooted Teslas. It adds new features to the vehicles, such as a "Hotspot Mode" for in-car Wi-Fi and a "Cloak Mode" to prevent all location tracking and more. It hopes to become available for other cars too. Full presentation video can be found here. The Github project and the website. He is looking for contributors and support from Tesla.

Despite being more than one year old, the Meltdown or Spectre vulnerabilities have remained a theoretical threat, and no malware strain or threat actor has ever used any in a real-world attack. Over the course of the last year, system and network administrators have called on the Linux project for options to disable these protections. A report adds: Many argued that the threat is theoretical and could easily be mitigated with proper perimeter defenses, in some scenarios. Even Linus Torvalds has called for a slowdown in the deployment of some performance-hitting Spectre mitigations. The Linux kernel team has reacted positively towards these requests and has been slowly adding controls to disable some of the more problematic mitigations.

[...] The latest effort to have mitigations turned off -- and stay down -- is the addition of the PR_SPEC_DISABLE_NOEXEC control bit to the Linux kernel. This bit will prevent child processes from starting in a state where the protections for Spectre v4 are still activated, despite being deactivated in the parent process.

"Time and again, security experts and vendors alike will recommend to organizations and end users to keep software and systems updated with the latest patches," reports eWeek. "But what happens when the application infrastructure that is supposed to deliver those patches itself is at risk?" That's what open-source and Linux users were faced with this past week with a pair of projects reporting vulnerabilities. On January 22, the Debian Linux distribution reported a vulnerability in its APT package manager that is used by end users and organizations to get application updates. That disclosure was followed a day later, on January 23, with the PHP PEAR (PHP Extension and Application Repository) shutting down its primary website, warning that it was the victim of a data breach. PHP PEAR is a package manager that is included with many Linux distributions as part of the open-source PHP programming language binaries....

In the Debian APT case, a security researcher found a flaw, reported it, and the open-source project community responded rapidly, fixing the issue. With PHP PEAR issue, researchers with the Paranoids FIRE (Forensics, Incident Response and Engineering) Team reported that they discovered a tainted file on the primary PEAR website... Both PHP PEAR and Debian have issued updates fixing their respective issues. While both projects are undoubtably redoubling their efforts now with different security technologies and techniques, the simple fact is that the two issues highlight a risk with users trusting updating tools and package management systems.

Michael Larabel writes via Phoronix: Wine 4.0 is now officially available as the new annual stable release to Wine for running Windows programs and games on Linux and other operating systems. Following seven weekly release candidates, Wine 4.0 was ready to ship today as judged by Wine founder Alexandre Julliard. Wine 4.0 is a big release bringing initial Vulkan graphics API support, Direct3D CSMT is enabled by default, early Direct3D 12 support via VKD3D, continued HiDPI work, various OpenGL improvements, multi-sample D3D texture support, 64-bit improvements, continued Android support, and much more. The release announcement and notes can be read via WineHQ.org. The source can be downloaded here.

An anonymous reader quotes ZDNet: MongoDB is an open-source document NoSQL database with a problem. While very popular, cloud companies, such as Amazon Web Services (AWS), IBM Cloud, Scalegrid, and ObjectRocket has profited from it by offering it as a service while MongoDB Inc. hasn't been able to monetize it to the same degree. MongoDB's answer? Relicense the program under its new Server Side Public License (SSPL).

Open-source powerhouse Red Hat's reaction? Drop MongoDB from Red Hat Enterprise Linux 8. Red Hat's Technical and Community Outreach Program Manager Tom Callaway explained, in a note stating MongoDB is being removed from Fedora Linux, that "It is the belief of Fedora that the SSPL is intentionally crafted to be aggressively discriminatory towards a specific class of users." Debian Linux had already dropped MongoDB from its distribution....

The business point behind MongoDB's license change is to force cloud companies to use one of MongoDB's commercial cloud offerings. This hasn't worked either. AWS just launched DocumentDB, a database, which "is designed to be compatible with your existing MongoDB applications and tools," wrote AWS evangelist Jeff Barr.

Kevin C. Tofel, writing for About Chromebooks: I've been following the bug report that tracks progress on adding GPU acceleration for the Linux container in Chrome OS and there's good news today. The first two Chrome OS boards should now, or very soon, be able to try GPU hardware acceleration with the new startup parameter found last month. The bug report says the -enable-gpu argument was added to the Eve and Nami boards.

There's only one Eve and that's the Pixelbook. Nami is used on a number of newer devices, including: Dell Inspiron 14, Lenovo Yoga Chromebook C630, Acer Chromebook 13, Acer Chromebook Spin 13, and HP X360 Chromebook 14.

Longtime Slashdot reader ole writes: GNOME Internet Radio Locator 1.6.0 is now freely available for GNOME systems. The 1.6.0 release is a stable release with Internet radio stations from Norway, Sweden, Denmark, England, Scotland, France and Belgium, as well as U.S.A., Canada, Mexico and Guatemala, mapped for GNOME Maps and city text search interface with auto-completion for 76 world cities that are featured in this release. You may download the 1.6.0 release of GNOME Internet Radio Locator here and download packages for Fedora 28 and 29 on x86_64 here

Major Linux distributions are vulnerable to three bugs in systemd, a Linux initialization system and service manager in widespread use, California-based security company Qualys said late yesterday. From a report: The bugs exist in 'journald' service, tasked with collecting and storing log data, and they can be exploited to obtain root privileges on the target machine or to leak information. No patches exist at the moment. Discovered by researchers at Qualys, the flaws are two memory corruption vulnerabilities (stack buffer overflow - CVE-2018-16864, and allocation of memory without limits - CVE-2018-16865) and one out-of-bounds error (CVE-2018-16866). They were able to obtain local root shell on both x86 and x64 machines by exploiting CVE-2018-16865 and CVE-2018-16866. The exploit worked faster on the x86 platform, achieving its purpose in ten minutes; on x64, though, the exploit took 70 minutes to complete. Qualys is planning on publishing the proof-of-concept exploit code in the near future, but they did provide details on how they were able to take advantage of the flaws.

ZDNet reports that by 2020, "many, if not most, new cars will be running with Linux." While some companies, like Tesla, run their own homebrew Linux distros, most rely on Automotive Grade Linux (AGL). AGL is a collaborative cross-industry effort developing an open platform for connected cars with over 140 members... Its membership includes Audi, Ford, Honda, Mazda, Nissan, Mercedes, Suzuki, and the world's biggest automobile company: Toyota. Why? "Automakers are becoming software companies, and just like in the tech industry, they are realizing that open source is the way forward," said Dan Cauchy, AGL's executive director, in a statement.

Car companies know that while horsepower sells, customers also want smart infotainment systems, automated safe drive features, and, eventually, self-driving cars. Linux and open-source company can give them all of that. The AGL's goal is to develop an open-source, common platform for infotainment systems: The Unified Code Base (UCB). This is a Linux distribution and open-source software platform for car infotainment, telematics, and instrument cluster applications... The AGL's hope is that this will serve as a de facto industry standard. It's well on its way.
Yesterday Hyundai announced that they were also joining both the AGL effort and the Linux Foundation.

Hyundai has become the latest car company to explore serious open source alternatives for developing its in-car services. From a report: Ahead of CES 2019, the South Korean automotive giant today announced that it has joined the Linux Foundation and the nonprofit's seven-year-old Automotive Grade Linux (AGL) effort as it looks to contribute to -- and reap benefit from -- software developed by over 140 companies. For Hyundai, open collaboration is crucial as it pursues a "connected car vision," Paul Choo, VP and head of Infotainment Technology Center at Hyundai, said in a statement. Car companies have traditionally taken three years or longer to develop in-vehicle services, such as infotainment systems. The bottleneck usually lies in the quality of code their in-house programmers create. According to a case study published by AGL, a connected car uses some 100 million lines of code, which is about 11 times more than the number that went into the F-35 fighter jet. Getting on AGL's bandwagon would also help Hyundai speed up development of its in-car technologies.

One of the most refreshing aspects of Linux in 2018 was the popularity of Snaps. Canonical revealed that the containerized packages have been a smashing success. Today, the Ubuntu-maker highlights what it feels are the top 10 Snaps of 2018. From a report: "With 2018 drawing to a close, and many of us spending with family during the holiday season, I thought we'd take a look back over some of our favourite Linux applications in the Snap Store. Some have been in the store for over a year, and a few landed only recently, but they're all great," says Alan Pope, Canonical. [...] Canonical shares the Top 10 Snaps: Spotify, Slack, VLC, Nextcloud, Android Studio, Discord, Plex Media Server, Xonotic, Notepad++, and Shotcut.

MojoKid writes: ARM-based server processors have threatened to take on Intel in the data center for some time but not much has materialized thus far in terms of significant deployments. However, a new breed of low cost ARM server implementations may be in the works with a many-core platform called Banana Pi. The latest Banana Pi device being teased is something very different in the form of a 24-core ARM server that speculation suggests might be sold as a Banana Pi server board or as a finished server product.

A video has surfaced that reportedly shows a 24-core ARM Cortex-A53 processor with 32GB of RAM, though the OS only sees 29.4GB of that RAM. The OS is Ubuntu 18.04.1 LTS with MATE desktop. Unless the processor used in this device is something unannounced, and that seems unlikely, the chip itself would likely be a SocioNext SC2A11. The same processor is used in the Linaro Developer Box. The demo shows the server fully loaded at 100% CPU utilization building a Linux kernel and reportedly the system also supports NVMe storage as well as TensorFlow workloads for machine learning. Not much else is known about the system at this time but it's an interesting development in the Linux server space to be sure.

Linus Torvalds has announced the general availability of v4.20 of the Linux kernel. In a post to the Linux Kernel Mailing List, Torvalds said that there was no point in delaying the release of the latest stable version of the kernel just because so many people are taking a break for the holiday season. From a report: He says that while there are no known issues with the release, the shortlog is a little longer than he would have liked. However "nothing screams 'oh, that's scary'", he insists. The most notable features and changes in the new version includes: New hardware support! New hardware support includes bringing up the graphics for AMD Picasso and Raven 2 APUs, continued work on bringing up Vega 20, Intel has continued putting together its Icelake Gen 11 graphics support, there is support for the Hygon Dhyana CPUs out of China based upon AMD Zen, C-SKY 32-bit CPU support, Qualcomm Snapdragon 835 SoC enablement, Intel 2.5G Ethernet controller support for "Foxville", Creative Sound Blaster ZxR and AE-5 sound card support, and a lot of smaller additions.

Besides new hardware support when it comes to graphics processors, in the DRM driver space there is also VCN JPEG acceleration for Raven Ridge, GPUVM performance work resulting in some nice Vulkan gaming boosts, Intel DRM now has full PPGTT support for Haswell/IvyBridge/ValleyView, and HDMI 2.0 support for the NVIDIA/Nouveau driver. On the CPU front there are some early signs of AMD Zen 2 bring-up, nested virtualization now enabled by default for AMD/Intel CPUs, faster context switching for IBM POWER9, and various x86_64 optimizations. Fortunately the STIBP work for cross-hyperthread Spectre V2 mitigation was smoothed out over the release candidates that the performance there is all good now.

Btrfs performance improvements, new F2FS features, faster FUSE performance, and MDRAID improvements for RAID10 round out the file-system/storage work. One of the technical highlights of Linux 4.20 that will be built up moving forward is the PCIe peer-to-peer memory support for device-to-device memory copies over PCIe for use-cases like data going directly from NICs to SSD storage or between multiple GPUs.

Lubuntu, a popular Ubuntu flavor which announced earlier this year that it would stop supporting old hardware, is now dropping support for 32-bit x86 releases. BetaNews adds: "Lubuntu has been and continues to be the go-to Ubuntu flavor for people who want the most from their computers, especially older hardware that cannot handle today's workloads. However, the project and computing as a whole has drastically changed in many ways since its origin ten years ago. Computers have become faster, more secure, and most notably, have moved off of the traditional 32-bit i686 (generalized as i386 in Debian and Ubuntu) architecture," says Simon Quigley, Lubuntu.

Quigley further says , "As an increasing number of Linux distributions have focused their attention on the 64-bit x86 architecture (amd64) and not on i386, we have found that it is harder to support than it once was. With i386-only machines becoming an artifact of the past, it has become increasingly clear to the Lubuntu Team that we need to evaluate its removal from the architectures we support. After careful consideration, we regret to inform our users that Lubuntu 19.04 and future versions will not see a release for the i386 architecture. Please do note that we will continue to support Lubuntu 18.04 LTS i386 users as a first-class citizen until its End of Life date in April of 2021."

quantic_oscillation7 shares a report: The latest notes from the Debian anti-harassment team on Wednesday caught my attention when reading, "We were requested to advice on the appropriateness of a certain package in the Debian archive. Our decision resulted in the package pending removal from the archive." Curiosity got the best of me... What package was deemed too inappropriate for the Debian archive?

When digging further, the package raised to the Debian Anti-Harassment Team was "Weboob." Weboob is short for "Web Outside of Browsers" as it's an open-source collection of software to script and automate the parsing/scraping/gathering-via-API of web data so that it can be consumed by different modules/applications. Weboob.org describes itself as "Weboob is a collection of applications able to interact with websites, without requiring the user to open them in a browser. It also provides well-defined APIs to talk to websites lacking one."

Weboob is Python-based and offers Qt-based user interfaces for accessing these different modules for reading data from different web-sites outside of any conventional web browser. Those interested can learn more about the software at Weboob.org. But, yes, the name is juvenile and likely inappropriate in most professional/corporate environments.

Mark Wilson writes: Earlier in the year open-source software startup Whitewater Foundry brought WLinux to the Windows Subsystem for Linux (WSL). Not content with creating the first native Linux distribution for WSL, the company has now gone a step further, targeting enterprise users with WLinux Enterprise. Whitewater Foundry says that WLinux Enterprise is the first product to support the industry-standard Red Hat Enterprise Linux on Windows Subsystem for Linux.