An anonymous reader writes: Google Search competitor DuckDuckGo announced it will be giving away a total of $225,000 to support nine open source projects, each project will receive $25,000. DuckDuckGo said it performed 3 billion searches in 2015. It differs from many other search engines as it offers private, anonymous internet search. It doesn't gather information about you to sell ads to marketeers, like Google. Instead, it shows generic ads as it's part of the Microsoft/Bing/Yahoo ad network. It also has revenue-sharing agreements with certain companies in the Linux Open Source worlds, and makes money from select affiliate links. The $225,000 DuckDuckGo is giving away is chump change compared to the $100 million Google gives away in grants ever year. However, for the select projects, it should still be very beneficial. Last year, DuckDuckGo gave away a total of $125,000 to open source projects, so it's nice to see them donate an extra $100,000 to a good cause.

Mark Shuttleworth, founder of Canonical and Ubuntu Foundation, gave an interview to eWeek this week ahead of Ubuntu Online Summit (UOS). In the wide-ranging interview, Shuttleworth teased some features that we could expect in Ubuntu 16.10, and also talked about security and privacy. From the report: One thing that Ubuntu Linux users will also continue to rely on is the strong principled stance that Shuttleworth has on encryption. With the rapid growth of the Linux Foundation's Let's Encrypt free Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate platform this year, Shuttleworth noted that it's a good idea to consider how that might work in an integrated way with Ubuntu. Overall, he said, the move to encryption as a universal expectation is really important. "We don't do encryption to hide things; we do encryption so we can choose what to share," Shuttleworth said. "That's a profound choice we should all be able to make." Shuttleworth emphasized that on the encryption debate, Canonical and Ubuntu are crystal clear. "We will never backdoor Ubuntu; we will never weaken encryption," he said.

Joey-Elijah Sneddon, reporting for OMGUbuntu: You can expect to see a larger Ubuntu desktop installation image by the time the Yakkety Yak yips out. Developers are currently debating the exact size limits that official flavours will adhere to, with some favouring a 2GB hard limit while others are looking to go full-DVD size at 4.7GB+. Canonical's Steven Langasek explains the plans for Ubuntu 16.10 Yakkety Yak: "I've finally gone ahead and bumped the limit on Ubuntu desktop images to 2GB for a minimally-sized USB stick; this gives us a new limit that I think we will care about, while also leaving us headroom so we're not constantly fighting it back down to the line." The Ubuntu ISO is supposed to be around the 1GB mark but has creeped past this in recent releases. The current Ubuntu 16.04 LTS desktop .iso is 1.4GB.

An anonymous reader writes: "Pretty much any device with a USB port will be able to use advanced neural networks," reports PC Magazine, announcing the new Fathom Neural Compute Stick from chip-maker (and Google supplier) Movidius. "Once it's plugged into a Linux-powered device, it will enable that device to perform neural network functions like language comprehension, image recognition, and pattern detection," and without even using an external power supply.

Device manufacturers could now move AI-level processing from the cloud down to end users, PC Magazine reports, with one New York computer science professor saying the technology means that now "every robot, big and small, can now have state-of-the-art vision capabilities."
The article argues that this standalone, ultra-low power neural network could start the creation of a whole new category of next-generation consumer technologies.

An anonymous reader writes: Humble Bundle announced a special "pay what you want" sale for four ebooks from No Starch Press, with proceeds going to the Electronic Frontier Foundation (or to the charity of your choice). This "hacker edition" sale includes two relatively new titles from 2015 -- "Automate the Boring Stuff with Python" and Violet Blue's "Smart Girl's Guide to Privacy," as well as "Hacking the Xbox: An Introduction to Reverse Engineering" by Andrew "bunnie" Huang, and "The Linux Command Line".

Hackers who are willing to pay "more than the average" -- currently $14.87 -- can also unlock a set of five more books, which includes "The Maker's Guide to the Zombie Apocalypse: Defend Your Base with Simple Circuits, Arduino, and Raspberry Pi". (This level also includes "Bitcoin for the Befuddled" and "Designing BSD Rootkits: An Introduction to Kernel Hacking".) And at the $15 level -- just 13 cents more -- four additional books are unlocked. "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software" is available at this level, as well as "Hacking: The Art of Exploitation" and "Black Hat Python."
Nice to see they've already sold 28,506 bundles, which are DRM-free and available in PDF, EPUB, and MOBI format. (I still remember Slashdot's 2012 interview with Make magazine's Andrew "bunnie" Huang, who Samzenpus described as "one of the most famous hardware and software hackers in the world.")

jaromil writes: Devuan beta is released today, following up the Debian fork declaration and progress made during the past two years. Devuan now provides an alternative upgrade path to Debian, and switching is easy from both Wheezy and Jessie. From The Register: "Devuan came into being after a rebellion by a self-described 'Veteran Unix Admin collective' argued that Debian had betrayed its roots and was becoming too desktop-oriented. The item to which they objected most vigorously was the inclusion of the systemd bootloader. The rebels therefore decided to fork Debian and 'preserve Init freedom.' The group renamed itself and its distribution 'Devuan' and got work, promising a fork that looked, felt, and quacked like Debian in all regards other than imposing systemd as the default Init option."

prisoninmate quotes a report from Softpedia: According to Matthew Garrett, a renowned CoreOS security developer, and Linux kernel contributor, Canonical's new snap package format is not secure at all when it is used under X.Org Server (X Window System), which, for now, it is still the default display server of the Ubuntu 16.04 LTS (Xenial Xerus) operating system. The fact of the matter is that X11's old design is well-known for being insecure, and Matthew Garrett took the time to demonstrate this by writing a simple snap package that can steal data from any other X11 software, in this case anything you type on the Mozilla Firefox web browser. As more developers will provide snaps for their apps, Canonical needs to do something about the security of snaps in Ubuntu when using X11 or switch to the Mir display server. In the meantime, the security of snaps remains unaffected for the Ubuntu Server operating system, which is usually used without a display server. Canonical has officially released Ubuntu 16.04 LTS, which is now available to download for those interested.

Reader prisoninmate writes: The latest, and hopefully, the greatest version of Ubuntu is now available to download. On the sidelines, Mozilla today announced the availability of future releases of its popular Firefox web browser in the snap package format for Ubuntu 16.04 LTS. Earlier today, Canonical unleashed the final release of the highly anticipated Ubuntu 16.04 LTS (Xenial Xerus) operating system, bringing users a great set of new features and improvements. Also today, it looks like Canonical has renewed its partnership with Mozilla to offer Firefox as the default web browser on Ubuntu 16.04 LTS and upcoming releases of the Linux kernel-based operating systems. As part of the new partnership, Mozilla is committed to distributing future versions of Firefox as a snap package. Having Firefox distributed in the snap format means that you'll have 0-day releases in Ubuntu 16.04. Yes, just like Windows and Mac OS X, users are enjoying their 0-day releases of Mozilla Firefox and don't have to wait for package maintainers of a particular GNU/Linux distribution to update the software in the main repositories. For Mozilla, having Firefox as a snap package means that they'll be able to continually optimize it for Ubuntu.

An anonymous reader writes: Canonical announced today that it will be releasing Ubuntu 16.04 LTS on Thursday, April 21. The sixth major release of Ubuntu Long-Term Support (LTS) features the new 'snap' package format and LXD pure-container hypervisor. "The addition of 'snaps' for faster and simpler updates, and the LXD container hypervisor for ultra-fast and ultra-dense cloud computing demonstrate a commitment to customer needs that sets Ubuntu apart as the platform for innovation and scale," said Dustin Kirkland who leads platform strategy at Canonical. Ubuntu 16.04 LTS introduces a new application format, the 'snap', which can be installed alongside traditional deb packages. The snap format is much easier to secure and much easier to produce, and offers operational benefits for organizations managing many Ubuntu devices, which will bring more robust updates and more secure applications across all form factors from phone to cloud.

An anonymous reader writes: Cloud computing startup Mesosphere has opted to open-source its data center management platform. This move is backed by Microsoft, Hewlett-Packard Enterprise, Cisco Systems and roughly 60 other tech partners. The three-year-old San Francisco company's datacenter operating system (DCOS) was built as an operating system for all services in a data center to function as one pool of resources. Capabilities include the quick, app store-like installation of more than 20 complex distributed systems, including HDFS, Apache Spark, Apache Kafka and Apache Cassandra, Mesosphere said in an announcement. Although some of the company's technologies were already available as open source, others were propriety until now. Mesosphere said it welcomes additional enterprises interested in partnering on this open source project.Wired has more details on this in its slightly enthusiastic report titled You want to build an empire like Google's? This is your OS.

An anonymous reader quotes a report from ZDNet: One reason Ubuntu is increasing its lead is that Jujo, Canonical's application modeling and deployment DevOps tool, has been gaining in popularity. In the latest OpenStack user survey, we see that OpenStack is finally gaining real momentum in private clouds. We also see that Ubuntu Linux is continuing to dominate OpenStack. As Canonical cloud marketing manager Bill Bauman said, "Ubuntu OpenStack continues to dominate the majority of deployments with 55 percent of production OpenStack clouds. The previous survey showed Ubuntu OpenStack at 33 percent of production clouds. Ubuntu has seen almost 67 percent growth in an area where Ubuntu was already the market leader. These numbers are a huge testament to the community support Ubuntu OpenStack receives every day." The Cloud Market's latest analysis of operating systems on the Amazon Elastic Compute Cloud (EC2) shows Ubuntu with just over 215,000 instances. Ubuntu is followed by Amazon's own Amazon Linux Amazon Machine Image (AMI), with 86,000 instances. Further back, you'll find Windows with 26,000 instances. In fourth and fifth place, respectively, you'll find Red Hat Enterprise Linux (RHEL) with 16,500 instances and then CentOS with 12,500 instances.

An anonymous reader writes: Microsoft has announced a CentOS-based VM image for Azure called 'Linux Data Science Virtual Machine'. The VM has pre-installed tools such as Anaconda Python Distribution, Computational Network Toolkit, and Microsoft R Open. It focuses on machine learning and analytics, making it a great choice for data scientists. "Thanks to Azure's worldwide cloud infrastructure, customers now have on-demand access to a Linux environment to perform a wide range of data science tasks. The VM saves customers the time and effort of having to discover, install, configure and manage these tools individually. Hosting the data science VM on Azure ensures high availability, elastic capacity and a consistent set of tools to foster collaboration across your team", says Gopi Kumar, Senior Program Manager, Microsoft Data Group.

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 50 for Windows, Mac, and Linux, adding the usual slew of developer features. You can update to the latest version now using the browser's built-in silent updater, or download it directly from google.com/chrome. As announced in November 2015, Chrome now no longer supports Windows XP, Windows Vista, OS X 10.6 Snow Leopard, OS X 10.7 Lion, nor OS X 10.8 Mountain Lion. Chrome 50 allows sites to include notification data payloads with their push messages. This eliminates the final server check -- the initial version relied on service workers to proactively fetch the information for a notification from the server, leading to problems when there were multiple messages in flight or when the device was on a poor network connection. Push notification payloads must be encrypted. Sites can now detect when a notification is closed by the user, resulting in better analytics and allowing for cross-device notification dismissal. The look of notifications can now be customized with timestamps and icons. Chrome 50 also brings support for declarative preload.

An anonymous reader points us to a report on Neowin: Canonical, Ubuntu's parent company, has announced that Ubuntu 16.04 LTS (Long Term Support) will come with support for the snap packaging format and tools. As a result, end users will get more up-to-date apps, something that proved tricky in the past due âoethe complexity of packaging and providing updates,â which prevented updates to some apps being delivered. Snaps will make the Ubuntu platform more unified, developers will more easily be able to create software for PC, Server, Mobile, or IoT devices. The other major benefit of snaps is that that they're more secure than software installed through deb packages. Snaps are isolated from the rest of the system, meaning that malware packaged with a snap won't be able to affect your Ubuntu installation.

msm1267 quotes a report from Threatpost: Weeks of anxiety and concern over the Badlock vulnerability ended today with an anticlimactic thud. Badlock was the security boogeyman since the appearance three weeks ago of a website and logo branding the bug as something serious in Samba, an open source implementation of the server message block (SMB) protocol that provides file and print services for Windows clients. As it turns out, Badlock was hardly the remote code execution monster many anticipated. Instead, it's a man-in-the-middle and denial-of-service bug, allowing an attacker to elevate privileges or crash a Windows machine running Samba services. SerNet, a German consultancy behind the discovery of Badlock, fueled the hype at the outset with a number of since-deleted tweets that said any marketing boost as a result of its branding and private disclosure of the bug to Microsoft was a bonus for its business. For its part, Microsoft refused to join the hype machine and today in MS16-047 issued a security update it rated 'Important' for the Windows Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD). The bulletin patches one vulnerability (CVE-2016-0128), an elevation of privilege bug in both SAM and LSAD that could be exploited in a man-in-the-middle attack, forcing a downgrade of the authentication level of both channels, Microsoft said. An attacker could then impersonate an authenticated user.

An anonymous reader shares an article on Ars Technica: A botnet that enslaved about 4,000 Linux computers and caused them to blast the Internet with spam for more than a year has finally been shut down. Sophisticated Mumblehard spamming malware flew under the radar for five years. Known as Mumblehard, the botnet was the product of highly skilled developers. It used a custom "packer" to conceal the Perl-based source code that made it run, a backdoor that gave attackers persistent access, and a mail daemon that was able to send large volumes of spam. Command servers that coordinated the compromised machines' operations could also send messages to Spamhaus requesting the delisting of any Mumblehard-based IP addresses that sneaked into the real-time composite blocking list, or CBL, maintained by the anti-spam service. "There was a script automatically monitoring the CBL for the IP addresses of all the spam-bots," researchers from security firm Eset wrote in a blog post published Thursday. "If one was found to be blacklisted, this script requested the delisting of the IP address. Such requests are protected with a CAPTCHA to avoid automation, but OCR (or an external service if OCR didn't work) was used to break the protection."

prisoninmate writes: To celebrate the launch of Ubuntu 16.04 LTS, due for release later this month, on April 21, Canonical put together an interesting infographic, showing the world how popular Ubuntu is. From the infographic, it looks like there are over 60 million Ubuntu images launched by Docker users, 14 million Vagrant images of Ubuntu 14.04 LTS from HashiCorp, 20 million launches of Ubuntu instances during 2015 in public and private clouds, as well as bare metal, and 2 million new Ubuntu Cloud instances launched in November 2015. Ubuntu is used on the International Space Station, on the servers of popular online services like Netflix, Snapchat, Pinterest, Reddit, Dropbox, PayPal, Wikipedia, and Instagram, in Google, Tesla, George Hotz, and Uber cars. It is also employed at Bloomberg, Weta Digital and Walmart, at the Brigham Young University to control the Mars Rover, and it is even behind the largest supercomputer in the world.

Reader itwbennett writes: Linus Torvalds told attendees at the Embedded Linux Conference that although Linux hasn't dominated the desktop like it 'has in many other areas,' he isn't particularly disappointed and also hasn't given up on that goal. "I actually am very happy with the Linux desktop, and I started the project for my own needs, and my needs are very much fulfilled," Torvalds said. "That's why, to me, it's not a failure. I would obviously love for Linux to take over that world too, but it turns out it's a really hard area to enter. I'm still working on it. It's been 25 years. I can do this for another 25. I'll wear them down."

An anonymous reader writes: Microsoft has released a new Windows 10 preview for PCs. The preview, dubbed build 14316, comes with a range of features including support for Bash, which Microsoft had announced at its developer conference Build last week. Users interested in it can enable the feature by turning on Developer Mode (detailed instructions here), searching for "Windows Features," choosing "Turn Windows features on or off," and enable Windows Subsystem for Linux (Beta). To get Bash installed, open Command Prompt and type in "bash" (without the quotes.) Other features included in the new build include low battery notification, find my phone (ring my phone), and the ability to share map directions across devices. Additionally, the company has also released a new universal Skype app.

Opera co-founder and former CEO Jon von Tetzchner on Wednesday launched the v1.0 of Vivaldi browser. Vivaldi v1.0, which is aimed at "power users", is available to download from the company's website for Windows, OS X, and Linux platforms. The Norway, Oslo company has been working on it since 2013. Vivaldi offers a range of features such as support for Chrome extension, Tab Stacks, Rewind and Fast Forward, and built-in support for custom keyboard shortcuts and mouse gestures. There are plenty of other handy tools including the ability to check how much data a Web page has consumed in real time.