While we know that Linux app support is coming to a range of Chromebooks from Lenovo, Acer, Dell and others, a post on the Chromium Gerrit reveals that devices running Linux 3.14 or older will miss out. BetaNews: Chrome OS is able to run Linux apps through the use of containers which help to keep the rest of the operating system safe from harm. As container support requires features that are only found in more recent versions of the Linux kernel, it means that many Chromebooks -- whose kernels are usually not updated -- will not be able to run Linux apps.

Here's the full list of Chromebooks that won't be getting the Linux love: AOpen Chromebase Mini (Feb 2017; tiger, veyron_pinky), AOpen Chromebox Mini (Feb 2017; fievel, veyron_pinky), ASUS Chromebook C201 (May 2015; speedy, veyron_pinky), Acer C670 Chromebook 11 (Feb 2015; paine, auron), Acer Chromebase 24 (Apr 2016; buddy, auron), Acer Chromebook 15 (Apr 2015; yuna, auron), Acer Chromebox CXI2 (May 2015; rikku, jecht), Asus Chromebit CS10 (Nov 2015; mickey, veyron_pinky), Asus Chromebook Flip C100PA (Jul 2015; minnie, veyron_pinky), Asus Chromebox CN62 (Aug 2015; guado, jecht), Dell Chromebook 13 7310 (Aug 2015; lulu, auron), Google Chromebook Pixel (Mar 2015; samus), Lenovo ThinkCentre Chromebook (May 2015; tidus, jecht), Toshiba Chromebookk 2 (Sep 2015; gandof, auron).

Slack developer Felix Rieseberg has made Windows 95 into an electron app that you can run on macOS, Windows, and Linux. The source code and app installers are available on GitHub. According to The Verge, "apps like Wordpad, phone dialer, MS Paint, and Minesweeper all run like you'd expect," but "Internet Explorer isn't fully functional as it simply refused to load pages." From the report: The app is only 129MB in size and you can download it over at Github for both macOS and Windows. Once it's running it surprisingly only takes up around 200MB of RAM, even when running all of the old Windows 95 system utilities, apps, and games. If you run into any issues with the app you can always reset the Windows 95 instance inside the app and start over again. Enjoy this quirky trip down memory lane.

Long-time Slashdot reader Bruce Perens writes: The Register reports that Debian is rejecting a new Intel microcode update because of a new license term prohibiting the use of the CPU for benchmarks and profiling.

There is a new license term applied to the new microcode: "You will not, and will not allow any third party to (i) use, copy, distribute, sell or offer to sell the Software or associated documentation; (ii) modify, adapt, enhance, disassemble, decompile, reverse engineer, change or create derivative works from the Software except and only to the extent as specifically required by mandatory applicable laws or any applicable third party license terms accompanying the Software; (iii) use or make the Software available for the use or benefit of third parties; or (iv) use the Software on Your products other than those that include the Intel hardware product(s), platform(s), or software identified in the Software; or (v) publish or provide any Software benchmark or comparison test results." UPDATE:: Intel has reworked the license to no longer prohibit benchmarking. Imad Sousou, corporate VP and general manager of Intel Open Source Technology Center, tweeted on Thursday: "We have simplified the Intel license to make it easier to distribute CPU microcode updates and posted the new version here. As an active member of the open source community, we continue to welcome all feedback and thank the community."

Steam Play -- Valve's name for its cross-platform initiative -- is getting a major update, adding built-in tools that would allow users to run Windows games on Linux. It's now available in beta. From a report: The new tools run on Proton, which is custom distribution of the widely-used Wine compatibility tool. In the most practical terms, this means you can now download and install Windows games directly from the Steam client without any further fuss. Valve is currently checking "the entire Steam catalog" and whitelisting games that run without issue, but you can turn off those guidelines and install whatever you want, too.

Proton should provide enhanced performance over Wine in many cases, according to Valve. DirectX 11 and 12 implementations are now based on Vulkan, and performance in multi-threaded games "has been greatly improved compared to vanilla Wine." You'll also see better fullscreen and controller support with Proton. It's also fully open source.

Long-time Slashdot reader Mike Bouma shares a paper (via OS News) making the case for "a small microkernel as the core of the trusted computing base, with OS services separated into mutually-protected components (servers) -- in contrast to 'monolithic' designs such as Linux, Windows or MacOS." While intuitive, the benefits of the small trusted computing base have not been quantified to date. We address this by a study of critical Linux CVEs [PDF] where we examine whether they would be prevented or mitigated by a microkernel-based design. We find that almost all exploits are at least mitigated to less than critical severity, and 40% completely eliminated by an OS design based on a verified microkernel, such as seL4....

Our results provide very strong evidence that operating system structure has a strong effect on security. 96% of critical Linux exploits would not reach critical severity in a microkernel-based system, 57% would be reduced to low severity, the majority of which would be eliminated altogether if the system was based on a verified microkernel. Even without verification, a microkernel-based design alone would completely prevent 29% of exploits...

The conclusion is inevitable: From the security point of view, the monolithic OS design is flawed and a root cause of the majority of compromises. It is time for the world to move to an OS structure appropriate for 21st century security requirements.

The systems and database administrator for a Fortune 500 company notes that while NFS is "decades old and predating Linux...the most obvious feature missing from NFSv4 is native, standalone encryption." emil (Slashdot reader #695) summarizes this article from Linux Journal: NFS is the most popular remote file system in the Linux, UNIX, and greater POSIX community. The NFS protocol pushes file traffic over cleartext connections in the default configuration, which is poison to sensitive information.

TLS can wrap this traffic, finally bringing wire security to files vulnerable to compromise in transit. Before using a cloud provider's toolset, review NFS usage and encrypt where necessary.
The article's author complains that Google Cloud "makes no mention of data security in its documented procedures," though "the performance penalty for tunneling NFS over stunnel is surprisingly small...."

"While the crusade against telnet may have been largely won, Linux and the greater UNIX community still have areas of willful blindness. NFS should have been secured long ago, and it is objectionable that a workaround with stunnel is even necessary."

BrianFagioli writes: Debian is one of the most important open source projects ever. The Debian Linux operating system is extremely popular in its own right, but also, it is used as the base for countless other distributions. Ubuntu, for instance -- one of the most-used distros -- is Debian-based. Even Linux Mint, which is based on Ubuntu, also has a Debian edition. Not to mention, Raspbian -- the official Raspberry Pi OS -- which is based on Debian too.

Today, Debian is celebrating a very important milestone -- a 25th birthday! Yes, it is seriously that old -- its development was announced on August 16, 1993. When the late Ian Murdock announced 25 years ago in comp.os.linux.development, the imminent completion of a brand-new Linux release, [...] the Debian Linux Release', nobody would have expected the 'Debian Linux Release' would become what's nowadays known as the Debian Project, one of the largest and most influential free software projects. "Its primary product is Debian, a free operating system (OS) for your computer, as well as for plenty of other systems which enhance your life. From the inner workings of your nearby airport to your car entertainment system, and from cloud servers hosting your favorite websites to the IoT devices that communicate with them, Debian can power it all," says Ana Guerrero Lopez of Debian. Further reading: Slackware, Oldest Actively Maintained GNU/Linux Distribution, Turns 25.

"Valve appears to be working on a set of 'compatibility tools,' called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems," writes Kyle Orland from Ars Technica. From the report: Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems." Other unused text in the that GUI file suggests Steam Play will offer official compatibility with "supported tiles" while also letting users test compatibility for "games in your library that have not been verified with a supported compatibility tool." That latter use comes with a warning that "this may not work as expected, and can cause issues with your games, including crashes and breaking save games."

fstack writes: Linus Torvalds has released Linux 4.18 as the newest kernel bringing a Steam Controller kernel driver, Spectre updates for ARM64, power management updates, a "Restartable Services" system call, AMD Radeon graphics driver improvements, V3D DRM as Broadcom's new graphics driver, DM writecache support, USB 3.2 support, and many other updates. Linus Torvalds wrote of the 4.18 final release: "It was a very calm week, and arguably I could just have released on schedule last week, but we did have some minor updates. Mostly networking, but some vfs race fixes (mentioned in the rc8 announcement as 'pending') and a couple of driver fixes (scsi, networking, i2c). Some other minor random things (arm crypto fix, parisc memory ordering fix)." In a separate article, Phoronix details all the changes and new features available in this release.

New submitter rokahasch writes: Starting today, August 10th, most users of the Dropbox desktop app on Linux have been receiving notifications that their Dropbox will stop syncing starting November. Over at the Dropbox forums, Dropbox have declared that the only Linux filesystem supported for storage of the Dropbox sync folder starting the 7th of November will be on a clean ext4 file system. This basically means Dropbox drops Linux support completely, as almost all Linux distributions have other file systems as their standard installation defaults nowadays -- not to mention encryption running on top of even an ext4 file system, which won't qualify as a clean ext4 file system for Dropbox (such as eCryptfs which is the default in, for example, Ubuntu for encrypted home folders).

The thread is trending heavily on Dropbox' forums with the forum's most views since the thread started earlier today. The cries from a large amount of Linux users have so far remained unanswered from Dropbox, with most users finding the explanation given for this change unconvincing. The explanation given so far is that Dropbox requires a file system with support for Extended attributes/Xattrs. Extended attributes however are supported by all major Linux/Posix complaint file systems. Dropbox has, up until today, supported Linux platforms since their services began back in 2007. A number of users have taken to Twitter to protest the move. Twitter user troyvoy88 tweets: "Well, you just let the shitstorm loose @Dropbox dropping support for some linux FS like XFS and BTRFS. No way in hell im going to reformat my @fedora #development station and removing encryption no way!"

Another user by the name of daltux wrote: "It will be time to say goodbye then, @Dropbox. I won't store any personal files on an unencrypted partition."

Hollywood now has its very own open source organization: The Academy of Motion Picture Arts and Sciences has teamed up with the Linux Foundation to launch the Academy Software Foundation, which is dedicated to advance the use of open source in film making and beyond. From a report: The association's founding members include Animal Logic, Autodesk, Blue Sky Studios, Cisco, DNEG, DreamWorks, Epic Games, Foundry, Google Cloud, Intel, SideFX, Walt Disney Studios and Weta Digital. Together, they want to promote open source, help studios and others in Hollywood with open source licensing issues and manage open source projects under the helm of the Software Foundation. The cooperation between the Academy and the Linux Foundation began a little over two years ago, when the Academy's Science and Technology Council began to look into Hollywood's use of open source software. "It's the culmination of a couple of years of work," said Industrial Light & Magic (ILM) head Rob Bredlow in an interview with Variety this week.

One of the findings of that investigation: Almost everyone in Hollywood is using open source software in one way or another. An internal survey found that 80 percent of all companies were using open source. "It's a really big component of the motion picture industry," Bredlow said. Linux Foundation executive director Jim Zemlin argued that this kind of cooperation could be transformative for Hollywood. "I've seen this movie before in other industries," he punned, explaining that automotive companies had seen huge benefits from working together on open source projects.

An anonymous reader quotes a report from ZDNet: Security researchers are warning Linux system users of a bug in the Linux kernel version 4.9 and up that could be used to hit systems with a denial-of-service attack on networking kit. The warning comes from Carnegie Mellon University's CERT/CC, which notes that newer versions of the Linux kernel can be "forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (DoS)".

It lists a number of network-equipment vendors, PC and server manufacturers, mobile vendors, and operating-system makers that may be affected but notes that it hasn't confirmed whether any of them actually are. But, given the widespread use of Linux, the bug could affect every vendor from Amazon and Apple through to Ubuntu and ZyXEL. A remote attacker could cause a DoS by sending specially modified packets within ongoing TCP sessions. But sustaining the DoS condition would mean an attacker needs to have continuous two-way TCP sessions to a reachable and open port. The bug, dubbed "SegmentSmack" by Red Hat, has "no effective workaround/mitigation besides a fixed kernel."

An anonymous reader shares a report: Lenovo is making it easier for their customers running Linux to update their firmware now on ThinkPad, ThinkStation, and ThinkCenter hardware. Lenovo has joined the Linux Vendor Firmware Service (LVFS) and following collaboration with the upstream developers is beginning to roll-out support for offering their device firmware on this platform so it can be easily updated by users with the fwupd stack. Kudos to all involved especially with Lenovo ThinkPads being very popular among Linux users.

Lubuntu, a popular Ubuntu flavor, has gained traction over the years for supporting older hardware. As Brian Fagioli writes at BetaNews, one of the focuses of the Lubuntu developers is to support aging computers. However, that is about to change. He adds: When Lubunu 18.10 is released in October 2018, it will ditch LXDE for the newer LXQt. Despite it also being a desktop environment that is easy on resources, the Lubuntu developers are planning to drop their focus on old hardware after the transition. "[...] Our main focus is shifting from providing a distribution for old hardware to a functional yet modular distribution focused on getting out of the way and letting users use their computer. In essence, this is leveraging something we have always done with Lubuntu; providing an operating system which users can use to revive their old computers, but bringing this to the age of modern computing," says Simon Quigley of Lubuntu team.

An anonymous reader quotes ZDNet: The German state of Lower Saxony is set to follow Munich in migrating thousands of official computers away from Linux to Microsoft's Windows. As initially reported by Heise, the state's tax authority has 13,000 workstations running OpenSuse -- which it adopted in 2006 in a well-received migration from Solaris -- that it now wants to migrate to a "current version" of Windows, presumably Windows 10.

The authority reasons that many of its field workers and telephone support services already use Windows, so standardisation makes sense. An upgrade of some kind would in any case be necessary soon, as the PCs are running OpenSuse versions 12.2 and 13.2, neither of which is supported anymore.

According to the Lower Saxony's draft budget, €5.9m is set aside for the migration in the coming year, with a further €7m annually over the following years; it's not yet clear how many years the migration would take... Munich's shift away from LiMux -- the city's own Ubuntu-based distribution -- is expected to cost more than €50m overall, involving the deployment of around 29,000 Windows-based computers.

Slashdot reader fisted quotes NetBSD.org: The NetBSD Project is pleased to announce NetBSD 8.0, the sixteenth major release of the NetBSD operating system.

This release brings stability improvements, hundreds of bug fixes, and many new features. Some highlights of the NetBSD 8.0 release are:

— USB stack rework, USB3 support added.
— In-kernel audio mixer (audio_system(9)).
— Reproducible builds
— PaX MPROTECT (W^X) memory protection enforced by default
— PaX ASLR enabled by default
— Position independent executables by default
[...]

NetBSD is free. All of the code is under non-restrictive licenses, and may be used without paying royalties to anyone.

Canonical announced on Friday that Microsoft's PowerShell Core is now available on Linux platform as a Snap. From a report: If you aren't familiar, a Snap is essentially a packaged version of a program that can be easily installed on many Linux distributions. Many see it as the future of Linux, as it has the potential to reduce fragmentation. "Built on the .NET Framework, PowerShell is an open source task-based command-line shell and scripting language with the goal of being the ubiquitous language for managing hybrid cloud assets. It is designed specifically for system administrators and power-users to rapidly automate the administration of multiple operating systems and the processes related to the applications that run on those operating systems," says Canonical.

BrianFagioli shares a report from BetaNews: System76 has long been a Linux computer seller, but recently, it has transitioned into a Linux computer maker. What's the difference, you ask? Well, currently, the company doesn't really make its own computers. System76's laptops, for instance, are made by other manufacturers, which it re-brands as its own. No, System76 doesn't just slap its name on other company's laptops and ship them out the door. Actually, it works closely with the manufacturers, tweaks firmware, and verifies that both Ubuntu and its Ubuntu-based Pop!_OS will work well on the hardware. System76 then offers top-notch support too. In other words, the company isn't just selling a computer, but an experience too. Unfortunately, when you rely on other computer manufacturers, you don't fully control the experience. Ultimately, System76 cannot achieve its true vision without building its own laptops. And so, that is exactly what it is going to do! Yes, System76 will be building and selling the computers right here in the USA (Denver, Colorado to be exact). I mean, when your company supports open source ideology and takes pride in being "Made in America," how can you go wrong?

Many folks in the Linux community are excited to see the fruits of System76's labor, and today, we get a small peek. No, the company isn't sharing any of its computer designs, but it is showing off its new manufacturing facility. In a new blog post by System76 customer service all-star Emma, she shares several photos of the new factory. [T]he space is absolutely massive! It seems System76 has very lofty goals. Exactly when these new computers both designed and manufactured by System76 will become available for purchase is anyone's guess. Quite frankly, based on the System76's blog post, it seems they are still at very early stages. With that said, it will be interesting to see what is born inside that factory in Colorado. The Linux community is anxiously awaiting something special.

sombragris writes: Slackware, the oldest GNU/Linux distribution which is still actively maintained, turned 25 this week. The latest stable version, Slackware 14.2, was released two years ago, but the development version (-current) is updated on a fast pace. Today the development version offers kernel 4.14.55, gcc 8.1.1, glibc 2.27. mesa 18.1.4, xorg 1.20, and the Xfce and KDE desktop environments as default, with many more available as third-party packages. Other points of note are that Slackware is systemd-free, opting instead for a simple BSD-style init.

Since its first release ever, this has been a distro with a strong following due to its hallmarks of simplicity, speed, ease of maintenance and configuration. Happy birthday Slackware!

MrBrklyn (Slashdot reader #4,775) writes: Artix Linux, the young systemd free OS based on arch, is reaching a critical point in it's development and calling for new packagers.
Here's more from the ongoing thread on the project's forum: You don't have to be an expert in the occult arts for that; an elementary grasp of Linux in general and how PKGBUILD works should be enough for basic contributions. Help and training will be provided, free of charge!