DeviceGuru writes As seen in this year-end summary of 40 hacker-friendly SBCs, 2014 brought us plenty of new Linux and Android friendly single-board computers to tinker with — ranging from $35 bargains, to octa-core powerhouses. Many of the new arrivals feature 1-2GHz multicore SoCs, 1-2GB RAM, generous built-in flash, gigabit Ethernet, WiFi, on-board FPGAs, and other extras. However, most of the growth has been in the sub-$50 segment, where the Raspberry Pi and BeagleBone reign supreme, but are now being challenged by a growing number of feature-enhanced clones, such as the Banana Pi and Orange Pi. Best of all, there's every reason to expect 2015 to accelerate these trends.

An anonymous reader writes Linux 3.18 was recently released, thus making Linux 3.19 the version under development as the year comes to a close. Linux 3.19 as the first big kernel update of 2015 is bringing in the new year with many new features: among them are AMDKFD HSA kernel driver, Intel "Skylake" graphics support, Radeon and NVIDIA driver improvements, RAID5/6 improvements for Btrfs, LZ4 compression for SquashFS, better multi-touch support, new input drivers, x86 laptop improvements, etc.

An anonymous reader writes Developer Jonathan Rudenberg has discovered and pointed out a glaring security hole in Docker's system. He says, "Recently while downloading an 'official' container image with Docker I saw this line: ubuntu:14.04: The image you are pulling has been verified

I assumed this referenced Docker's heavily promoted image signing system and didn't investigate further at the time. Later, while researching the cryptographic digest system that Docker tries to secure images with, I had the opportunity to explore further. What I found was a total systemic failure of all logic related to image security.

Docker's report that a downloaded image is 'verified' is based solely on the presence of a signed manifest, and Docker never verifies the image checksum from the manifest. An attacker could provide any image alongside a signed manifest. This opens the door to a number of serious vulnerabilities." Docker's lead security engineer has responded here.

DeviceGuru writes: Erle Robotics has launched what is claimed to be the first drone to run both a Pixhawk APM autopilot and ROS directly on Linux. Over the last year Erle Robotics and 3DRobotics have collaborated on developing an open source, all-Linux BeagleBone Black-based autopilot for drones using the popular 3DR APM architecture, but without using Nuttx RTOS for the real-time bits. In addition to being used on a new 'Erle-copter' quadcopter drone, the new all-Linux 'Erle-brain' APM will ship in both a two-winged UAV and a four-wheeled robotic vehicle, due next spring.

zdzichu writes: The group of anonymous Italians behind the recent Debian fork have published their first progress report. It covers a wide range of topics: the 4.5k€ of donations received so far, moving distro infrastructure from GitHub to GitLab, progress on LoginKit (which replaces systemd's logind), fraud accusations, logo discussions, and few more important points.

An anonymous reader writes: After ten years of development focused on improving and simplifying Linux networking, NetworkManager 1.0 was released. NetworkManager 1.0 brings many features including an increasingly modernized client library, improved command-line support, a lightweight internal DHCP client, better Bluetooth support, VPN enhancements, WWAN IPv6 support, and other features.

Their website says, 'Come for the code, stay for the people! We have awesome attendees and electrifying parties. Check out the robotics club, the automated home brewing system running on Linux, or the game room for extra conference fun.' This is an all-volunteer conference, and for a change the volunteers who run it are getting things together far in advance instead of having sessions that don't get scheduled until a few days before the conference, which has happened more than once with LFNW.

So if you have an idea for a session, this is the time to start thinking about it. Sponsors are also welcome -- and since LFNW sponsorships regularly sell out, it's not to soon to start thinking about becoming a sponsor -- and if you are part of a non-profit group or FOSS project, LFNW offers free exhibit space because this is a conference that exists for the community, not to make money for a corporate owner. But don't delay. As you can imagine, those free exhibit spots tend to fill up early. (Alternate Video Link)

itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September. Update: 12/19 04:47 GMT by S : Reader deathcamaro points out that Red Hat and others say this is not a flaw at all, but expected behavior.

DeviceGuru writes: Hardkernel has again set its sights on the Raspberry Pi with a new $35 Odroid-C1 hacker board that matches the RPI's board size and offers a mostly similar 40-pin expansion connector. Unlike the previous $30 Odroid-W that used the same Broadcom BCM2835 SoC as the Pi and was soon cancelled due to lack of BCM2835 SoC availability, the Odroid-C1 is based on a quad-core 1.5GHz Cortex-A5 based Amlogic S805 SoC, which integrates the Mali-400 GPU found on Allwinner's popular SoCs. Touted advantages over the similarly priced Raspberry Pi Model B+ include a substantially more powerful processor, double the RAM, an extra USB2.0 port that adds Device/OTG, and GbE rather than 10/100 Ethernet.

judgecorp writes: Canonical just announced Ubuntu Core, which uses containers instead of packages. It's the biggest Ubuntu shakeup for 20 years, says Canonical's Mark Shuttleworth, and is based on a tiny core, which will run Docker and other container technology better, quicker and with greater security than other Linux distros. Delivered as alpha code today, it's going to become a supported product, designed to compete with both CoreOS and Red Hat Atomic, the two leading container-friendly Linux approaches. Shuttleworth says it came about because Canonical found it had solved the "cloud" problems (delivering and updating apps and keeping security) by accident — in its work on a mobile version of Ubuntu.

linuxscreenshot writes: The Fedora Project has announced the release of Fedora 21. "As part of the Fedora.next initiative, Fedora 21 comes in three flavors: Cloud, Server, and Workstation. Cloud is now a top-level deliverable for Fedora 21, and includes images for use in private cloud environments like OpenStack, as well as AMIs for use on Amazon, and a new "Atomic" image streamlined for running Docker containers. The Fedora Server flavor is a common base platform that is meant to run featured application stacks, which are produced, tested, and distributed by the Server Working Group. The Fedora Workstation is a new take on desktop development from the Fedora community. Our goal is to pick the best components, and integrate and polish them. This work results in a more polished and targeted system than you've previously seen from the Fedora desktop." Here are screenshots for Fedora 21: GNOME, KDE, Xfce, LXDE, and MATE.

An anonymous reader writes Some of the worst X.Org security issues were just publicized in an X.Org security advisory. The vulnerabilities deal with protocol handling issues and led to 12 CVEs published and code dating back to 1987 is affected within X11. Fixes for the X Server are temporarily available via this Git repository.

sfcrazy writes If you have tried the live images of Ubuntu Next you may worry that Canonical is trying to do a Windows 8 with Ubuntu. That's not true. There is no need to worry though: A great deal of work is happening at a deeper level that may not have yet surfaced. It will surface eventually, however. Will Cooke of Canonical clarifies: "We are trying to make it clear that Unity 8 desktop will look like the traditional desktop and will behave like a normal desktop. We are very aware that our users expect a normal desktop there."

Unity 8 will offer the traditional desktop interface when it detects a desktop. The same OS will switch to a touch-based interface on touch-based devices such as tablets and smartphones.

An anonymous reader writes: Researchers from Moscow-based Kaspersky Labs have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.

The malware may have sat unnoticed on at least one victim computer for years, although Kaspersky Lab researchers still have not confirmed that suspicion. The trojan is able to run arbitrary commands even though it requires no elevated system privileges.

jones_supa writes As anticipated, Linus Torvalds officially released Linux 3.18. The new version is now out there, though that nasty lockup issue has still yet to be resolved. Dave Jones is nearing the end of dissecting the issue, but since it also affects Linux 3.17 and not too many people seem to get hit by the lockups, Linus Torvalds decided to go ahead and do the 3.18 release on schedule. Linus was also concerned that dragging out the 3.18 release would then complicate the Linux 3.19 merge window due to the holidays later this month. Now the Linux 3.19 kernel merge window is open for two weeks of exciting changes.

schmaustech writes: A lot of businesses pay for Linux support. But at what point does that stop being worth the money? When would a company be better served by setting up their own internal support? When does it make sense for them to write their own patches, which could be submitted back to the community? The inherit risk is that the organization is accountable and accepts the risks if a major bug is encountered within any of the open source applications they are using. What's your perspective on this, and how many major corporations are taking this approach?

New submitter fourbadgers writes: CoreOS, the start-up making the CoreOS Linux distribution, has announced Rocket, a container management system that's an alternative to Docker. CoreOS is derived from Chrome OS and has a focus on lightweight virtualization based on Linux containers. The project has been a long-time supporter of Docker, but saw the need for a simpler container system after what was seen as scope-creep in what Docker provides.

linuxscreenshot writes The team is proud to announce the release of Linux Mint 17.1 'Rebecca' MATE. Linux Mint 17.1 is a long term support release which will be supported until 2019. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use. Linux Mint 17.1 MATE edition comes with two window managers installed and configured by default: Marco (MATE's very own window manager, simple, fast and very stable); Compiz (an advanced compositing window manager which can do wonders if your hardware supports it). Among the various window managers available for Linux, Compiz is certainly the most impressive when it comes to desktop effects. Screenshots can be found here.

jones_supa (887896) writes "A hard to track system lockup bug seems to have appeared in the span of couple of most recent Linux kernel releases. Dave Jones of Red Hat was the one to first report his experience of frequent lockups with 3.18. Later he found out that the issue is present in 3.17 too. The problem was first suspected to be related to Xen. A patch dating back to 2005 was pushed for Xen to fix a vmalloc_fault() path that was similar to what was reported by Dave. The patch had a comment that read "the line below does not always work. Needs investigating!" But it looks like this issue was never properly investigated. Due to the nature of the bug and its difficulty in tracking down, testers might be finding multiple but similar bugs within the kernel. Linus even suggested taking a look in the watchdog code. He also concluded the Xen bug to be a different issue. The bug hunt continues in the Linux Kernel Mailing List."

jaromil writes: The so called "Veteran Unix Admin" collective has announced that the fork of Debian will proceed as a result of the recent systemd controversy. The reasons put forward are not just technical; included is a letter of endorsement by Debian Developer Roger Leigh mentioning that "people rely on Debian for their jobs and businesses, their research and their hobbies. It's not a playground for such radical experimentation." The fork is called "Devuan," pronounced "DevOne." The official website has more information.