Canonical has released the newest version of its Ubuntu Linux distribution, Ubuntu 20.04. This long-term-support (LTS) version is more than just the latest version of one of the most popular Linux distributions; it's a major update for desktop, server, and cloud users. From a news story: Called "Focal Fossa," it is an LTS version, meaning "Long Term Support." Just how long is that support? An impressive five years! Ubuntu 20.04 will feature many new visual cues and tweaks too thanks to a refreshed theme. "Ubuntu has become the platform of choice for Linux workstations. Canonical certifies multiple Dell, HP, and Lenovo workstations, and supports enterprise developer desktops. Machine learning and AI tools from a range of vendors are available immediately for Ubuntu 20.04 LTS, along with 6,000 applications in the Snapcraft Linux App Store including Slack, Skype, Plex, Spotify, the entire JetBrains portfolio and Visual Studio Code. WireGuard is a new, simplified VPN with modern cryptography defaults. WireGuard is included in Ubuntu 20.04 LTS and will be backported to Ubuntu 18.04 LTS to support widespread enterprise adoption," says Canonical.

Remember when BlackBerry reported Advanced Persistent Threat groups have been infiltrating critical Linux servers for at least eight years? What's the lesson to be learned?

LinuxSecurity Founder Dave Wreski argues "Although it may be easy to blame the rise in attacks targeting Linux in recent years on security vulnerabilities in the operating system as a whole, this is simply not the truth. The majority of exploits on Linux systems can be attributed to misconfigured servers and poor administration."

Writing for Linux Security, Slashdot reader b-dayyy gathered some additional responses: Some experts argue that it is the popularity of Linux that makes it a target. Joe McManus, Director of Security at Canonical, explains: "Linux and, particularly Ubuntu, are incredibly secure systems but, that being said, it is their popularity that makes them a target." Ian Thornton-Trump, a threat intelligence expert and the CISO at Cyjax, adds: "From an economic and mission perspective, it makes sense for a threat actor to invest in open-source skills for flexibility and the ability to target the systems where the good stuff is happening."

Despite the increasing number of threats targeting Linux systems, there is still a sound argument for the inherent security of Linux, which can be attributed to the core fundamentals of Open Source. Due to the transparency of open-source code and the constant scrutiny that this code undergoes by a vibrant global community, vulnerabilities are identified and remedied quicker than flaws that exist in the opaque source code of proprietary software and operating systems. Threat actors recognize this, and are still directing the majority of their attacks at proprietary operating systems.

These attacks do; however, serve as a much-needed wakeup call for the security community that more needs to be done to protect Linux servers. BlackBerry's report reveals that security solutions and defensive coverage available within Linux environments is "immature at best". Endpoint protection, detection and response products are inadequately utilized by too many Linux users, and endpoint solutions available for Linux systems are often insufficient in combating advanced exploits. Eric Cornelius, Chief Product Officer at BlackBerry, evaluates: "Security products and services that support Linux, offerings that might detect and give us insight into a threat like this, are relatively lacking compared to other operating systems, and security research about APT use of Linux malware is also relatively sparse."

Paul Cormier became Red Hat's new CEO this week -- while the entire company was working from home. He had to make his inaugural address to over 12,000 employees around the world using BlueJeans videoconferencing tools, reports a North Carolina newspaper: In some ways, Red Hat was well prepared to work through the disruptions of coronavirus. For years, the company has encouraged and accepted employees who have wanted to work from home. It's been a big part of its recruiting efforts, Cormier said. "Especially in engineering, our strategy has always been hire the best person, we don't care where they are."

That doesn't mean it has been unscathed. The company has had to change its sales and product conference this year into a virtual event and social isolation obviously puts a strain on relationships with customers. And while the company wouldn't give out an exact number of employees who have be infected by COVID-19, a spokeswoman for Red Hat said, "We have cases around the globe -- people who are presumed to be sick, people who are sick and, happily, people who have recovered."

Cormier said he's committed to taking care of the thousands of employees affected by work-from-home orders across the globe. Red Hat, he said, will pay all of its employees during this time regardless of whether "you're 140% productive or 40% productive."
Cormier also emphasized he's committed to keeping Red Hat a "totally, totally separate company" from IBM, saying that was agreed upon from the beginning with IBM's new CEO Arvind Krishna. "If we're not independent, then the other cloud guys won't feel safe working with us... Intel, for example, shares their road map, which is super top secret, with us five years in advance, because we have to build the OS to support all their features...." He also noted that Red Hat's finance, legal, communications and human resources teams are all separate from IBM. "IBM doesn't set our road map. We set our road map," he said.

Where the company has seen a lot of success together, though, is in combining sales efforts. In its last earnings call, IBM said Red Hat was seeing an increase in large deals worth more than $10 million after joining IBM. One of them was with Verizon, for example.

Linux malware is real and Advanced Persistent Threat (APT) groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. From a report: In "Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android," security researchers found that these groups have attacked companies around the world and across all industries with goals ranging from simple cybercrime to full-blown economic espionage. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans (RATs) the cybercriminals are using to get and maintain access to Linux servers.

According to the report, the groups appeared to be using WINNTI-style tooling to take aim at Linux servers and remain relatively undetected for almost a decade. These groups are targeting Red Hat Enterprise, CentOS, and Ubuntu Linux environments for espionage and intellectual property theft. The APT groups examined include the original WINNTI GROUP, PASSCV, BRONZE UNION, CASPER (LEAD), and a newly identified group BlackBerry researchers are tracking as WLNXSPLINTER. The BlackBerry researchers think all five groups are working together, given the distinct similarities in their preferred tools, tactics, and procedures.

Microsoft is planning to fully integrate Linux file access into the built-in File Explorer. The Verge reports: A new Linux icon will be available in the left-hand navigation pane in File Explorer, providing access to the root file system for any distros that are installed in Windows 10. The icon that will appear in File Explorer is the famous Tux, the penguin mascot for the Linux kernel. Microsoft is testing the Linux File Explorer integration in a new build of Windows 10 that's available for testers today. Previously, Windows 10 users would have to manually navigate to a UNC path to get access to Linux files from the Windows Subsystem for Linux (WSL). If you have WSL enabled, then the Tux will appear in File Explorer, and Microsoft is now seeking feedback on the integration before it's finalized as part of a future Windows 10 update. The software maker will ship this update to all Windows 10 users later this year.

Microsoft has revealed details about a new project it has been working on for Linux kernel. From a report: Named Integrity Policy Enforcement -- or IPE -- the project is a Linux security module (LSM). LSMs are optional add-ons for the Linux kernel that enable additional security features. According to a documentation page published on Monday, IPE is Microsoft's attempt to solve the code integrity problem for Linux -- an operating system the company broadly uses in its Azure cloud service. On Linux systems where IPE is enabled, system administrators can create a list of binaries that are allowed to execute and then add the verification attributes the kernel needs to check for each binary before allowing it to run. If binaries have been altered by an attacker, IPE can block the execution of the malicious code.

Linux 5.6 "has a bit more changes than I'd like," Linus Torvalds posted on the kernel mailing list, "but they are mostly from davem's networking fixes pulls, and David feels comfy with them. And I looked over the diff, and none of it looks scary..." TechRadar reports that the new changes include support for USB4 and GeForce RTX 2000 series graphics cards with the Nouveau driver: Yes, Turing GPU support has arrived with the open source Nouveau driver, along with the proprietary firmware images, as Phoronix.com reports. However, don't get too excited, as re-clocking doesn't work yet (getting the GPU to operate at stock clocks), and other important pieces of the puzzle are missing (like no Vulkan support with Nouveau). For the unfamiliar, Nouveau is an alternative to Nvidia's proprietary drivers on Linux, and although it remains in a relatively rough state in comparison, it's still good to see things progressing for Linux gamers with one of Nvidia's latest cards in their PC.

Linux 5.6 also introduces fresh elements on the AMD front, with better reset support for Navi and Renoir graphics cards (which helps the GPU recover if it hits a problem)... Another notable move is the introduction of WireGuard support, a newcomer VPN protocol which makes a potentially nifty alternative to OpenVPN.

Linux 5.6 also supports the Amazon Echo speaker, and naturally comes with a raft of other minor improvements...
Linus's post also notes that for the next release's timing they'll "play it by ear... It's not like the merge window is more important than your health, or the health of people around you." But he says he hasn't seen signs that the pandemic could affect its development (other than the possibility of distraction by the news).

"I suspect a lot of us work from home even normally, and my daughter laughed at me and called me a 'social distancing champ' the other day..."

An anonymous reader shares a report: Today, we learn some new details about the upcoming Linux Mint 20. While most of the newly revealed information is positive, there is one thing that is sure to upset many Linux Mint users. First things first, Linux Mint 20 will be based on the upcoming Ubuntu 20.04. This shouldn't come as a surprise, as Mint only uses Long Term Support versions of Ubuntu, and 20.04 will be an LTS. We also now know the name of Linux Mint 20. The Mint team always uses female names, and this time they chose "Ulyana." This is apparently a Russian name meaning "youthful." So far, all of the news is positive, so what exactly will upset some users? The Linux Mint developers are finally dropping 32-bit support and will only produce 64-bit ISOs.

couchslug shares an excerpt from Ars Technica: When software and operating system giant Microsoft announced its support for inclusion of the exFAT filesystem directly into the Linux kernel back in August, it didn't get a ton of press coverage. But filesystem vendor Paragon Software clearly noticed this month's merge of the Microsoft-approved, largely Samsung-authored version of exFAT into the VFS for-next repository, which will in turn merge into Linux 5.7 -- and Paragon doesn't seem happy about it. Yesterday, Paragon issued a press release about European gateway-modem vendor Sagemcom adopting its version of exFAT into an upcoming series of Linux-based routers. Unfortunately, it chose to preface the announcement with a stream of FUD (Fear, Uncertainty, and Doubt) that wouldn't have looked out of place on Steve Ballmer's letterhead in the 1990s.

Linus Torvalds himself "changed around the kernel's pipe code to use exclusive waits when reading or writing," reports Phoronix.

"While this doesn't mean much for traditional/common piping of data, the GNU Make job-server is a big benefactor as it relies upon a pipe for limiting the parallelism" -- especially on high-core-count CPUs.

This drew an interesting follow-up from Slashdot reader rockyb, who was wondering if anyone could verify that GNU Make 4.3 speeds up build times: I updated and released a fork of that called remake which includes hooks to profile a build, and has a complete debugger in it (although most of the time the better tracing that is in there is enough).

The most recent version has a feature though that I really like and use a lot which is adding an option to look in parent directories for a Makefile if none is found in the current directory.

You can download the source code from either github or sourceforge. Both have a full list of the release notes.

Sorry, at the time of this writing no packagers have picked up the newest release. Repology has a list of packages for older versions though.

Today, we get another diminutive desktop option, but this one is designed for Linux and privacy. From a report: Yes, Purism is finally launching a tiny desktop, and it will come pre-installed with the Debian-based PureOS. Called "Librem Mini," the cute bugger has 4 USB-A ports on the front, along with a 3.5mm audio jack, and the power button. On the rear, there are two more USB-A ports, a single USB-C port, Ethernet, HDMI, DisplayPort, and the power port. "Announcing the Purism Librem Mini. Our small form-factor mini-PC that puts freedom, privacy and security first. We're really excited about the Librem Mini, it's a device our community have wanted and we've wanted to offer for some time. The Librem Mini is accessible, small, light and powerful featuring a new 8th gen quad core i7 processor, up to 64 GB of fast DDR4 memory and 4k 60 fps video playback. It's a desktop for your home or oïfce, a media center for your entertainment, or an expandable home server for your files and applications," says Purism.

ZDNet reports that there'll be some changes in Microsoft's second version of the Windows Subsystem for Linux, WSL2: Microsoft has decided to remove the Linux kernel from the Windows OS image with WSL2. Instead, the company will deliver it to users' machines using Windows Update. Users will be able to manually check for new kernel updates by clicking the "Check for Updates" button or by waiting for Windows to do this automatically. "Our end goal is for this change to be seamless, where your Linux kernel is kept up to date without you needing to think about it. By default this will be handled entirely by Windows, just like regular updates on your machine," said Microsoft Program Manager Craig Loewen in a blog post today outlining the coming change...

When Microsoft first introduced WSL in Windows 10 in 2016 WSL was more of an Linux interface at that point designed in partnership with Canonical. But Microsoft has been busy rearchitecting WSL with WSL 2 so that it actually will provide a Microsoft-written Linux kernel running in a lightweight virtual machine that's based on the subset of Hyper V. Users can put basically any Linux distribution of their choice on that kernel.
Engadget reports that the new version "should load and run faster, with reduced memory consumption to free up your RAM for other tasks." And they also speculate about Microsoft's motivations.

"Now that Microsoft is less dependent on Windows sales and more on services like Azure, it benefits when it treats Linux like a first-class citizen."

bobthesungeek76036 writes: COVID-19 has another victim: RedHat has cancelled this year's Summit event in San Francisco and it will now be a virtual event. "We are taking this precautionary measure after closely monitoring developments with coronavirus (COVID-19) and guidance from the CDC, WHO, and other health authorities," reads a statement on Red Hat's website. "We know you have questions, and we will continue to share answers as they become available. Stay tuned to the Red Hat blog for additional information."

The free, multi-day, virtual event will take place April 28-29, 2020. Attendees who were registered for Red Hat Summit will automatically be registered for Red Hat Summit Virtual Experience at no charge. Those who registered will also have the option to either roll over their pass to Red Hat Summit 2021 or receive a refund.

Brian Fagioli, writing for BetaNews: The Raspberry Pi line has provided great little Linux computers to nerds -- its low price and small size makes it ideal for tinkering and doing projects. But also, the device has proven to be a solid media device, wonderful for watching videos and emulating classic video games. In other words, it has been a very versatile computer, serving as many things to many people. With the release of the Raspberry Pi 4, however, it finally became powerful enough to serve as a true desktop computer. By installing a Linux distribution, some people can use it for day-to-day computer use, such as web browsing, playing media, and word processing. Unfortunately, the $35 base model came with a paltry 1GB of RAM. Today, this changes, as the company has dropped the price of the 2GB version to $35, effectively doubling the memory for the base model.

January 19, 2038 is for Linux what Y2K was for mainframe and PC computers in 2000, reports ZDNet. It's the day that the value for time "runs out of numbers" and, in the case of 32-bit Unix-based operating systems like Linux and older versions of macOS, "starts counting time with negative numbers..."

"But the fixes are underway to make sure all goes well when that fatal time rolls around." nickwinlund77 shared their report: Linux developers have seen this coming for decades. So, Linux kernel developer Arnd Bergmann and others have been working on a repair. These corrections are now in the forthcoming Linux 5.6 kernel. Bergmann explained, "Linux-5.6, or my backport of the patches to 5.4, should be the first release that can serve as a base for a 32-bit system designed to run beyond year 2038."

There are some caveats:

- All user space must be compiled with a 64-bit time_t, which will be supported in the coming musl-1.2 and glibc-2.32 releases, along with installed kernel headers from Linux-5.6 or higher.

- Applications that use the system call interfaces directly need to be ported to use the time64 syscalls added in Linux-5.1 in place of the existing system calls.

- Applications that use a private copy of kernel uapi header files or their contents may need to update to the Linux-5.6 version.

- A few remaining interfaces cannot be changed to pass a 64-bit time_t in a compatible way, so they must be configured to use CLOCK_MONOTONIC times...

After we fix this, we won't have to worry about 64-bit Linux running out of seconds until 15:30:08 GMT Sunday, December 4, 29,227,702,659. Personally, I'm not going to worry about that one.

The UK's National Crime Agency (NCA) has publicly said it has nothing to do with a misleading poster designed to put fear into the hearts of parents and urge them to call the police if their children are using Kali Linux. From a report: The poster, made public by Twitter user @G_IW, has reportedly been distributed by local authorities on behalf of the West Midlands Regional Organised Crime Unit (WMROCU). It appears the creators of the poster are aiming to inform parents of what dubious software to look out for if they suspect their children are up to no good on the computer. While a good and reasonable intention, the disinformation on the poster, as described by @G_IW, is "staggering." Virtual machines, the Tor Browser, Kali Linux, WiFi Pineapple, Discord, and Metasploit are all deemed terrible finds and the poster urges parents to call the cops "so we can give advice and engage them into positive diversions."

jrepin writes: The KDE community today announced the release of Plasma 5.18. This version of the popular desktop environment is the latest long-term supported release and brings an emoji selector, user feedback capabilities, a global edit mode, and improvements to System Settings, the Discover software manager, widgets, GTK integration and much more. The full Plasma 5.18.0 changelog is available here.

An anonymous reader quotes a report from ZDNet: In May 2019, South Korea's Interior Ministry announced plans to look into switching to the Linux desktop from Windows. It must have liked what it saw. According to the Korean news site Newsis, the South Korean Ministry of Strategy and Planning has announced the government is exploring moving most of its approximately 3.3 million Windows computers to Linux. The reason for this is simple. It's to reduce software licensing costs and the government's reliance on Windows. As Choi Jang-hyuk, the head of the Ministry of Strategy and Finance, said, "We will resolve our dependency on a single company while reducing the budget by introducing an open-source operating system."

How much? South Korean officials said it would cost 780 billion won (about $655 million) to move government PCs from Windows 7 to Windows 10. [...] Windows will still have a role to play for now on South Korean government computers. As the Aju Business Daily, a South Korean business news site, explained: Government officials currently use two physical, air-gapped PCs. One is external for internet use, and the other is internal for intranet tasks. Only the external one will use a Linux-based distro. Eventually, by 2026, most civil servants will use a single Windows-powered laptop. On that system, Windows will continue to be used for internal work, while Linux will be used as a virtual desktop via a Linux-powered cloud server. This looks to eventually end up as a Desktop-as-a-Service (DaaS) model. The report notes that the Ministry of National Defense and National Police Agency are already using the Ubuntu Linux 18.04 LTS-based Harmonica OS 3.0.

"Meanwhile, the Korean Postal Service division is moving to TMaxOS," reports ZDNet. "The Debian Linux-based South Korean Gooroom Cloud OS is also being used by Defense and the Ministry of Public Administration and Security."

An anonymous reader quotes TechRadar: Intel's Clear Linux distribution looks like it could be the best operating system to run on cheap AMD hardware, with benchmarks showing it outperforms Windows 10 and Ubuntu on a $199 laptop with a budget AMD Ryzen 3200U processor. The Phoronix website ran a series of benchmarks on a super-cheap AMD laptop from Walmart, and found that Intel Clear Linux beat popular Linux distros Fedora and Ubuntu for 78% of the tests.

Not only is it remarkable that a relatively unknown Linux distro is so easily outperforming established operating systems, the fact that Intel is the company behind the distro is particularly ironic. As you can imagine, Clear Linux is optimized for Intel processors, but it seems like it works brilliantly on AMD hardware as well.

In 2017 Elementary OS built a pay-what-you-want app store -- funded with $10,000 raised on IndieGogo. Now they're trying to raise another $10,000 for a one-week, in-person sprint in Denver, Colorado, Forbes reports, to upgrade the store while bringing an even grander concept to reality: That concept comprises 4 main goals:

- Enable open source developers to monetize their apps on every other Linux distribution

- Empower developers to ship apps with cutting-edge technologies

- Improve privacy, security, and stability

- Streamline the payments process

On the technical side of things, the team plans to rebuild AppCenter's backend from the ground up to enable newer technologies developers are asking for, and they're rallying behind the Flatpak packaging format to get it done. They've already been collaborating with the FlatHub team, and plan to bring in developers from Endless and GNOME to ensure that "our solution can be reused and improved by other Flatpak stores and the greater open source desktop ecosystem."
For a donation of $10, "you'll have your name immortalized in the AppCenter code on GitHub," explains a promotional video. (There's already 70 backers who have claimed this perk.) In fact, "Less than 8 hours ago we launched #AppCenterForEveryone, and we're 50% funded," announced an update Friday on Twitter. The campaign's web page shared this note of appreciation.

"With your support, we'll be able to accelerate the timeline on adopting cutting edge technology and making an even more competitive Open Source operating system and a compelling foundation for all Flatpak stores."