The Media

LWN.Net Celebrates Its 20th Birthday (lwn.net) 24

Free software/Linux news site LWN.net just celebrated its 20th birthday, with publisher Jonathan Corbet calling the last two decades "an amazing journey." LWN published the first edition of their weekly newsletter on January 22, 1998, and Corbet (who also contributes to the Linux kernel) writes today that "It has been quite a ride. We in the free-software community set out to change the world, and we succeeded beyond our wildest expectations."

Here's how he described their second edition the next week... We were arguably helped by the lead news in that edition: Netscape's decision to open-source its "Communicator" web browser. That quickly brought the world's attention to open-source software, though that term would not be invented for a few months yet, and to Linux in particular. LWN was a shadow of what it is now, but it was evidently good enough to ride on that wave and establish itself as a part of the Linux community.
Corbet reviews the highlights. ("Companies discovered our little hobbyist system and invested billions into it, massively accelerating development at all levels of the system...") But he also adds that "Through all of this, we also got to learn some lessons about successfully running a community information source on the net." For the last 16 years the site has supported itself with $7.00-a-month subscriptions, offering early access to their Weekly Edition plus subscriber-only mailing lists, "allowing our content to quickly become part of the community record."

Plus, through events around the world, "we have met -- and become friends with -- many of our readers and many people in the community as a whole. This community is an amazing group of people; it has been a honor and a joy to be a part of it..."

"The free-software community's work is not done, and neither is ours. "
Intel

Linus Torvalds Calls Intel Patches 'Complete and Utter Garbage' (lkml.org) 507

An anonymous reader writes: On the Linux Kernel Mailing List, Linus Torvalds ended up responding to a long-time kernel developer (and former Intel engineer) who'd been describing a new microcode feature addressing Indirect Branch Restricted Speculation "where a future CPU will advertise 'I am able to be not broken' and then you have to set the IBRS bit once at boot time to *ask* it not to be broken."

Linus calls it "very much part of the whole 'this is complete garbage' issue. The whole IBRS_ALL feature to me very clearly says 'Intel is not serious about this, we'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks'. So instead they try to push the garbage down to us. And they are doing it entirely wrong, even from a technical standpoint. I'm sure there is some lawyer there who says 'we'll have to go through motions to protect against a lawsuit'. But legal reasons do not make for good technology, or good patches that I should apply."

Later Linus says forcefully that these "complete and utter garbage" patches are being pushed by someone "for unclear reasons" -- and adds another criticism. The whole point of having cpuid and flags from the microarchitecture is that we can use those to make decisions. But since we already know that the IBRS overhead is huge on existing hardware, all those hardware capability bits are just complete and utter garbage. Nobody sane will use them, since the cost is too damn high. So you end up having to look at "which CPU stepping is this" anyway. I think we need something better than this garbage.
Desktops (Apple)

Ask Slashdot: What's the Fastest Linux Distro for an Old Macbook 7,1? 248

Long-time Slashdot reader gr8gatzby writes: I have an old beautiful mint condition white Macbook 7,1 with a 2.4Ghz Core 2 Duo and 5GB RAM. Apple cut off the upgrade path of this model at 10.6.8, while a modern-day version of any browser requires at least 10.9 these days, and as a result my browsing is limited to Chrome version 49.0.2623.112.

So this leaves me with Linux. What is the fastest, most efficient and powerful distro for a Mac of this vintage?

It's been nearly eight years since its release, so leave your best thoughts in the comments. What's the best Linux distro for an old Macbook 7,1?
Red Hat Software

Red Hat Reverts Spectre Patches to Address Boot Issues (bleepingcomputer.com) 78

An anonymous reader quotes BleepingComputer: Red Hat is releasing updates for reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715) after customers complained that some systems were failing to boot. "Red Hat is no longer providing microcode to address Spectre, variant 2, due to instabilities introduced that are causing customer systems to not boot," the company said yesterday. "The latest microcode_ctl and linux-firmware packages are reverting these unstable microprocessor firmware changes to versions that were known to be stable and well tested, released prior to the Spectre/Meltdown embargo lift date on Jan 3rd," Red Had added.

Instead, Red Hat is recommending that each customer contact their OEM hardware provider and inquire about mitigations for CVE-2017-5715 on a per-system basis. Besides Red Hat Enterprise Linux, other RHEL-based distros like CentOS and Scientific Linux are also expected to be affected by Red Hat's decision to revert previous Spectre Variant 2 updates, so these users will also have to contact CPU/OEM vendors.

At least one site "characterized the move as Red Hat washing its hands of the responsibility to provide customers with firmware patches," writes Data Center Knowledge, arguing instead that Red Hat "isn't actually involved in writing the firmware updates. It passes the microcode created by chipmakers to its users 'as a customer convenience.'" "What I would have said if they'd asked us ahead of time is that microcode is something that CPU vendors develop," Jon Masters, chief ARM architect at Red Hat, told Data Center Knowledge in a phone interview Thursday. "It's actually an encrypted, signed binary image, so we don't have the capability, even if we wanted to produce microcode. It's a binary blob that we cannot generate. The only people who can actually generate that are the CPU vendors."
Google

Google Moves To Debian For In-house Linux Desktop (zdnet.com) 142

Google has officially confirmed the company is shifting its in-house Linux desktop from the Ubuntu-based Goobuntu to a new Linux distro, the DebianTesting-based gLinux. From a report: Margarita Manterola, a Google Engineer, quietly announced Google would move from Ubuntu to Debian-testing for its desktop Linux at DebConf17 in a lightning talk. Manterola explained that Google was moving to gLinux, a rolling release based on Debian Testing. This move isn't as surprising as it first looks. Ubuntu is based on Debian. In addition, Google has long been a strong Debian supporter. In 2017, Debian credited Google for making [sic] "possible our annual conference, and directly supports the progress of Debian and Free Software." Debian Testing is the beta for the next stable version of Debian. With gLinux, that means it's based on the Debian 10 "Buster" test operating system. Google takes each Debian Testing package, rebuilds it, tests it, files and fixes bugs, and once those are resolved, integrates it into the gLinux release candidate. GLinux went into beta on Aug. 16, 2017.
Wine

Wine 3.0 Released (softpedia.com) 153

prisoninmate shares a report from Softpedia: The Wine (Wine Is Not an Emulator) project has been updated today to version 3.0, a major release that ends 2017 in style for the open-source compatibility layer capable of running Windows apps and games on Linux-based and UNIX-like operating systems. Almost a year in the works, Wine 3.0 comes with amazing new features like an Android driver that lets users run Windows apps and games on Android-powered machines, Direct3D 11 support enabled by default for AMD Radeon and Intel GPUs, AES encryption support on macOS, Progman DDE support, and a task scheduler. In addition, Wine 3.0 introduces the ability to export registry entries with the reg.exe tool, adds various enhancements to the relay debugging and OLE data cache, as well as an extra layer of event support in MSHTML, Microsoft's proprietary HTML layout engine for the Windows version of the Internet Explorer web browser. You can read the full list of features and download Wine 3.0 from WineHQ's website.
Software

Slack Now Available As a Snap For Linux (betanews.com) 140

BrianFagioli writes: Today, yet another wildly popular program gets the Snap treatment, and quite frankly, it is arguably more significant than Spotify. What is it? Slack! Yes, Canonical announces that the ubiquitous communication app can be installed as a Snap. True, Slack was already available on the Linux desktop, but this makes installing it and keeping it updated much easier. "In adopting the universal Linux app packaging format, Slack will open its digital workplace up to an-ever growing community of Linux users, including those using Linux Mint, Manjaro, Debian, Fedora, OpenSUSE, Solus, and Ubuntu. Designed to connect us to the people and tools we work with every day, the Slack snap will help Linux users be more efficient and streamlined in their work. And an intuitive user experience remains central to the snaps' appeal, with automatic updates and rollback features giving developers greater control in the delivery of each offering," says Canonical.
EU

City of Barcelona Dumps Windows For Linux and Open Source Software (europa.eu) 255

An anonymous reader quotes Open Source Observatory: The City of Barcelona is migrating its computer systems away from the Windows platform, reports the Spanish newspaper El País. The City's strategy is first to replace all user applications with open-source alternatives, until the underlying Windows operating system is the only proprietary software remaining. In a final step, the operating system will be replaced with Linux... According to Francesca Bria, the Commissioner of Technology and Digital Innovation at the City Council, the transition will be completed before the current administration's mandate ends in spring 2019. For starters, the Outlook mail client and Exchange Server will be replaced with Open-Xchange. In a similar fashion, Internet Explorer and Office will be replaced with Firefox and LibreOffice, respectively. The Linux distribution eventually used will probably be Ubuntu, since the City of Barcelona is already running 1,000 Ubuntu-based desktops as part of a pilot...

Barcelona is the first municipality to have joined the European campaign 'Public Money, Public Code'. This campaign is an initiative of the Free Software Foundation Europe (FSFE) and revolves around an open letter advocating that publicly funded software should be free. Currently, this call to public agencies is supported by more than 100 organisations and almost 15,000 individuals. With the new open-source strategy, Barcelona's City Council aims to avoid spending large amounts of money on licence-based software and to reduce its dependence on proprietary suppliers through contracts that in some cases have been closed for decades.

Linux

The Linux Kernel Mailing List is Down (lkml.org) 76

Every page on LKML.org is currently displaying this error message along with a picture of Flits the cat. What started out as a power outage while I was on vacation (leading to the computer hosting the backend of this site being unable to boot) became a larger issue as the mainboard in that computer appears to be broken.

Not wanting to let you wait for a spare part to arrive, I'm currently (while being assisted by our cat Flits) busy copying over all data to a VPS, and getting things working from there. The rsync is progressing slowly, having copied over the first 50% in three hours (at 14:30 CET). Please check back later for status updates.

Linux

Can You Install Linux On a 1993 PC? (yeokhengmeng.com) 253

Slashdot reader yeokm1 writes: The oldest x86 CPU that the Lnux kernel supports today is theoretically the 486. However is this theory actually true in practice? I decided to put this theory to the test in my project.
His site describes installing Gentoo Linux on an "ancient" IBM PS/1 Consultant 2133 19C (released in 1993), with 64MB SIMM-72 RAM. (Though to speed things up, he compiled that minimal version of Gentoo on a modern Thinkpad T430 released in 2012.) "Due to the age of the PC, the BIOS only supports booting from the floppy drive or internal HDD," so there was also some disk partitioning and kernel configuration. ("Must disable 64-bit kernel for obvious reasons!") A half-hour video shows that it takes almost 11 minutes just to boot up -- and five and a half minutes to shut down. "Despite the many roadblocks I faced, I was impressed by the level of support Linux has for ancient hardware like this."

And there's one more added bonus. "Given the age of the 486 (1989 technology), it does not support branch prediction... Ironically this makes it safe from the Meltdown and Spectre attacks."
Windows

Lindows Resurrected! Freespire 3.0 and Linspire 7.0 Linux Distros Now Available (betanews.com) 77

BrianFagioli writes: About 16 years ago, a for-pay Linux distribution caused quite a stir all because of its name -- Lindows. Yes, someone actually thought kicking the billion dollar hornets nest that is Microsoft by playing off of the "Windows" name was a good idea. To be honest, from a marketing perspective, it was brilliant -- it got tons of free press. Microsoft eventually killed the Lindows name by use of money and the legal system, however. Ultimately, the Linux distro was renamed "Linspire." Comically, there was a Lindows Insiders program way before Windows Insiders!

After losing the Lindows name, the operating system largely fell out of the spotlight, and its 15 minutes of fame ended. After all, without the gimmicky name, it was hard to compete with free Linux distros with a paid OS. Not to mention, Richard Stallman famously denounced the OS for its non-free ways. The company eventually created a free version of its OS called Freespire, but by 2008, both projects were shut down by its then-owner, Xandros. Today, however, a new Linspire owner emerges -- PC/OpenSystems LLC. And yes, Lindows is rising from the grave -- as Freespire 3.0 and Linspire 7.0!

"Today the development team at PC/Opensystems LLC is pleased to announce the release of Freespire 3.0 and Linspire 7.0. While both contain common kernel and common utilities, they are targeted towards two different user bases. Freespire is a FOSS distribution geared for the general Linux community, making use of only open source components, containing no proprietary applications. This is not necessarily a limitation : through our software center and extensive repositories, Freespire users can install any application that they wish," says PC/OpenSystems LLC.

Back in 2003 the CEO of Lindows answered questions from Slashdot readers.

The first question was "Why oh why?"
Intel

How a Researcher Hacked His Own Computer and Found One of the Worst CPU Bugs Ever Found (reuters.com) 138

Reuters tells the story of how Daniel Gruss, a 31-year-old information security researcher and post-doctoral fellow at Austria's Graz Technical University, hacked his own computer and exposed a flaw in most of the Intel chips made in the past two decades. Prior to his discovery, Gruss and his colleagues Moritz Lipp and Michael Schwarz had thought such an attack on the processor's "kernel" memory, which is meant to be inaccessible to users, was only theoretically possible. From the report: "When I saw my private website addresses from Firefox being dumped by the tool I wrote, I was really shocked," Gruss told Reuters in an email interview, describing how he had unlocked personal data that should be secured. Gruss, Lipp and Schwarz, working from their homes on a weekend in early December, messaged each other furiously to verify the result. "We sat for hours in disbelief until we eliminated any possibility that this result was wrong," said Gruss, whose mind kept racing even after powering down his computer, so he barely caught a wink of sleep.

Gruss and his colleagues had just confirmed the existence of what he regards as "one of the worst CPU bugs ever found." The flaw, now named Meltdown, was revealed on Wednesday and affects most processors manufactured by Intel since 1995. Separately, a second defect called Spectre has been found that also exposes core memory in most computers and mobile devices running on chips made by Intel, Advanced Micro Devices (AMD) and ARM Holdings, a unit of Japan's Softbank.

Intel

Intel Responds To Alleged Chip Flaw, Claims Effects Won't Significantly Impact Average Users (hothardware.com) 375

An anonymous reader quotes a report from Hot Hardware: The tech blogosphere lit up yesterday afternoon after reports of a critical bug in modern Intel processors has the potential to seriously impact systems running Windows, Linux and macOS. The alleged bug is so severe that it cannot be corrected with a microcode update, and instead, OS manufacturers are being forced to address the issue with software updates, which in some instances requires a redesign of the kernel software. Some early performance benchmarks have even suggested that patches to fix the bug could result in a performance hit of as much as 30 percent. Since reports on the issues of exploded over the past 24 hours, Intel is looking to cut through the noise and tell its side of the story. The details of the exploit and software/firmware updates to address the matter at hand were scheduled to go live next week. However, Intel says that it is speaking out early to combat "inaccurate media reports."

Intel acknowledges that the exploit has "the potential to improperly gather sensitive data from computing devices that are operating as designed." The company further goes on state that "these exploits do not have the potential to corrupt, modify or delete data." The company goes on to state that the "average computer user" will be negligibly affected by any software fixes, and that any negative performance outcomes "will be mitigated over time." In a classic case of trying to point fingers at everyone else, Intel says that "many different vendors' processors" are vulnerable to these exploits.
You can read the full statement here.
Operating Systems

Linux Mint 19 Named 'Tara' (betanews.com) 124

BrianFagioli writes: Today, we get some information about the upcoming version 19 of Mint. The biggest news is that it will be called 'Tara.' If you aren't aware, Mint's distros are always named after a woman.

Clement Lefebvre, Linux Mint leader, shares the following information: "The development cycle only just started so it's a bit early to give details about Linux Mint 19, but here's what we can say already: Linux Mint 19 is estimated to be released around May/June 2018. Linux Mint 19.x releases will be based on Ubuntu 18.04 LTS and supported until 2023. Linux Mint 19.x will use GTK 3.22. GTK 3.22 is a major stable release for GTK3. From there on, the theming engine and the APIs are stable. This is a great milestone for GTK3. It also means Linux Mint 19.x (which will become our main development platform) will use the same version of GTK as LMDE 3, and distributions which use components we develop, such as Fedora, Arch..etc. This should ease development and increase the quality of these components outside of Linux Mint."

Bug

'Kernel Memory Leaking' Intel Processor Design Flaw Forces Linux, Windows Redesign (theregister.co.uk) 416

According to The Register, "A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug." From the report: Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in this month's Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December. Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features -- specifically, PCID -- to reduce the performance hit. Similar operating systems, such as Apple's 64-bit macOS, will also need to be updated -- the flaw is in the Intel x86 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or buy a new processor without the design blunder. Details of the vulnerability within Intel's silicon are under wraps: an embargo on the specifics is due to lift early this month, perhaps in time for Microsoft's Patch Tuesday next week. Indeed, patches for the Linux kernel are available for all to see but comments in the source code have been redacted to obfuscate the issue. The report goes on to share some details of the flaw that have surfaced. "It is understood the bug is present in modern Intel processors produced in the past decade," reports The Register. "It allows normal user programs -- from database applications to JavaScript in web browsers -- to discern to some extent the contents of protected kernel memory. The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI."
The Almighty Buck

LinuxJournal, Which Ceased Publication Last Month Citing Poor Financial Condition, Secures Fresh Fund From Readers To Resume Operation (linuxjournal.com) 50

New submitter dataknife2 writes: LinuxJournal announced in Nov 2017 that they were going to cease publication; With some timely intervention by Private Internet Access they are going to be able to continue operation and are currently soliciting feedback for improving the magazine in the future. In a blog post, team at LinuxJournal wrote: Talk about a Happy New Year. The reason: it turns out we're not dead. In fact, we're more alive than ever, thanks to a rescue by readers -- specifically, by the hackers who run Private Internet Access (PIA) VPN, a London Trust Media company. PIA are avid supporters of freenode and the larger FOSS community. They're also all about Linux and the rest of the modern portfolio of allied concerns: privacy, crypto, freedom, personal agency, rewriting the rules of business and government around all of those, and having fun with constructive hacking of all kinds. We couldn't have asked for a better rescue ship to come along for us. In addition, they aren't merely rescuing this ship we were ready to scuttle; they're making it seaworthy again and are committed to making it bigger and better than we were ever in a position to think about during our entirely self-funded past.
Programming

New Year's Resolutions For Linux Admins: Automate More, Learn New Languages (networkworld.com) 139

An anonymous reader writes: A long-time Unix sys-admin is suggesting 18 different New Year's resolutions for Linux systems adminstrators. And #1 is to automate more of your boring stuff. "There are several good reasons to turn tedious tasks into scripts. The first is to make them less annoying. The second is to make them less error-prone. And the last is to make them easier to turn over to new team members who haven't been around long enough to be bored. Add a small dose of meaningful comments to your scripts and you have a better chance of passing on some of your wisdom about how things should be done."

Along with that, they suggest learning a new scripting language. "It's easy to keep using the same tools you've been using for decades (I should know), but you might have more fun and more relevance in the long run if you teach yourself a new scripting language. If you've got bash and Perl down pat, consider adding Python or Ruby or some other new language to your mix of skills."

Other suggestions include trying a new distro -- many of which can now be run in "live mode" on a USB drive -- and investigating the security procedures of cloud services (described in the article as "trusting an outside organization with our data").

"And don't forget... There are now only 20 years until 2038 -- The Unix/Linux clockpocalypse."

Open Source

FSF Adds PureOS To List of Endorsed GNU/Linux Distributions (fsf.org) 46

Long-time Slashdot reader donaldrobertson writes: The Free Software Foundation on Thursday announced PureOS as an endorsed GNU/Linux distro. PureOS is an operating system focused on privacy, security and ease of use. Endorsement means the system meets the FSF's Free System Distribution Guidelines by providing and promoting only free software, with a dedication to making sure the system always remains free.
GUI

Could 2018 Be The Year of the Linux Desktop? (gnome.org) 383

Suren Enfiajyan writes: Red Hat worker and GNOME blogger Christian F.K. Schaller wrote why GNU/Linux failed to become a mainstream desktop OS... "My thesis is that there really isn't one reason, but rather a range of issues that all have contributed to holding the Linux Desktop back from reaching a bigger market. Also to put this into context, success here in my mind would be having something like 10% market share of desktop systems. That to me means we reached critical mass."

He named the following reasons:

- A fragmented market
- Lack of special applications
- Lack of big name applications
- Lack of API and ABI stability
- Apple's resurgence
- Microsoft's aggressive response
- Windows piracy
- Red Hat mostly stayed away
- Canonical's business model not working out
- Lack of original device manufacturer support

Then he ended with some optimism:

"So anyone who has read my blog posts probably knows I am an optimist by nature. This isn't just some kind of genetic disposition towards optimism, but also a philosophical belief that optimism breeds opportunity while pessimism breeds failure. So just because we haven't gotten the Linux Desktop to 10% marketshare so far doesn't mean it will not happen going forward. It just means we haven't achieved it so far.

"One of the key identifiers of open source is that it is incredibly hard to kill, because unlike proprietary software, just because a company goes out of business or decides to shut down a part of its business, the software doesn't go away or stop getting developed. As long as there is a strong community interested in pushing it forward it remains and evolves, and thus when opportunity comes knocking again it is ready to try again."

The essay concludes desktop Linux has evolved and is ready to try again, since from a technical perspective it's better than ever. "The level of polish is higher than ever before, the level of hardware support is better than ever before and the range of software available is better than ever before...

"There is also the chance that it will come in a shape we don't appreciate today. For instance maybe ChromeOS evolves into a more full fledged operating system as it grows in popularity and thus ends up being the Linux on the Desktop end game? Or maybe Valve decides to relaunch their SteamOS effort and it provides the foundation for a major general desktop growth? Or maybe market opportunities arise that will cause us at Red Hat to decide to go after the desktop market in a wider sense than we do today? Or maybe Endless succeeds with their vision for a Linux desktop operating system...."
Open Source

Fleeing Google's Apps and iOS, Mandrake Linux Creator Launches 'eelo' Project (hackernoon.com) 122

Open-source veteran Gaël Duval created Mandrake Linux in 1998. But in a new essay, he writes that "I realized that I had become lazy. Not only wasn't I using Linux anymore as my main operating system, but I was using a proprietary OS on my smartphone. And I was using Google more and more."

Long-time Slashdot reader nuand999 writes: He's creating a non-profit project called eelo.io that's going to release a "privacy-friendly" smartphone OS and associated web-services... eelo is going to be forked fromLineageOS, and will ship with the existing open source bricks put together into a consistent and privacy-enhanced, yet desirable, smartphone OS + web-services. A crowdfunding campaign has just started on Kickstarter to fuel early developments.
"iOS is proprietary and I prefer Open Source Software," Gaël writes on Hacker Noon, while also adding that "like millions of others, I'VE BECOME A PRODUCT OF GOOGLE... I'm not happy because Google has become too big and is tracking us by catching a lot of information about what we do. They want to know us as much as possible to sell advertising..."

"People are free to do what they want. They can choose to be volunteery slaves. But I do not want this situation for me anymore. I want to reconquer my privacy. My data is MY data. And I want to use Open Source software as much as possible."

Slashdot Top Deals