An anonymous reader summarizes the highlights of Fortune's new interview with Red Hat CEO James Whitehurst: A recruiter told Whitehurst the culture at Red Hat was "a little bit like that Blues Brothers movie, when Dan Aykroyd says, 'We're on a mission from God.'" But Whitehurst says geeky passion "makes it a great place to be a part of," and even argues that the success of Microsoft in the 1990s can be attributed to its Microsoft Developer Network, which led developers into Microsoft's platform and infrastructure. "Developers now are heavily using open-source tools and technology and, bluntly, I think that's why Microsoft had to open source .NET and why they're embracing more open source in general. Because open source is where innovation is coming from and is what developers are consuming, it forces vendors to participate."

Looking towards the future, Whitehurst says "A rough line would be almost to say most infrastructure is going to be open source and most business functionality above it is going to be proprietary." And he also warns open source companies, "if you don't have the unique business model that allows you to add value on top of the free functionality, in the end you're going to fail... a lot of open source companies have come and gone because they've been more focused on the functionality versus how they add value around the functionality."

Long-time Slashdot reader jrincayc shares news from Red Hat's Fedora Engineering Manager, Tom Callaway. On the Fedora-legal mailing list, Callaway announced: Red Hat has determined that it is now acceptable for Fedora to include MP3 decoding functionality (not specific to any implementation, or binding by any unseen agreement). Encoding functionality is not permitted at this time.
And the same day Christian Schaller announced on the Gnome blog that mp3 playback would be supported in Fedora Workstation 25. You should be able to download the mp3 plugin on Day 1 through GNOME Software or through the missing codec installer in various GStreamer applications. For Fedora Workstation 26 I would not be surprised if we decide to ship it on the install media.
He added, "I know this has been a big wishlist item for a long time for a lot of people..."

Speaking at the "All Things Open" conference, Red Hat CEO Jim Whitehurst remembered when Linux "was just a 'bunch of geeks' getting together figuring it all out on an 8286 chip" 25 years ago. An anonymous reader quotes BizJournals: "It went from being kind of a hacker movement to truly what I'll say [is] a viable alternative to traditional software," Whitehurst says, adding that Red Hat was a part of that push. Over the years, it came out from under the radar, being what Whitehurst calls "the default choice for a next-generation of infrastructure," particularly when it comes to cloud architectures... He points to Google, Microsoft and Facebook, all having open sourced their machine learning systems. "They recognize the company that builds the community around that piece of technology, that technology is going to win."

An anonymous reader quotes InfoWorld: Developers of Mozilla's Rust language, devised for fast and safe system-level programming, have unveiled the first release of the Rust Language Service, a project that provides IDEs and editors with live, contextual information about Rust code. RLS is one of the first implementations of the Language Server Protocol, co-developed by Microsoft, Codenvy, and Red Hat to standardize communications between IDEs and language runtimes.

It's another sign of Rust's effort to be an A-list language across the board -- not only by providing better solutions to common programming problems, but also cultivating first-class, cutting-edge tooling support from beyond its ecosystem...
The Rust Language Service is "pre-alpha", and the whole Language Service Protocol is only currently supported by two IDEs -- Eclipse and Microsoft's Visual Studio Code. Earlier InfoWorld described it as "a JSON-based data exchange protocol for providing language services consistently across different code editors and IDEs," and one of the Rust developers has already developed a sample RLS client for Visual Studio Code.

Reader operator_error shares an ArsTechnica report: A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible. While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

"It's probably the most serious Linux local privilege escalation ever," Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. "The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time." The underlying bug was patched this week by the maintainers of the official Linux kernel. Downstream distributors are in the process of releasing updates that incorporate the fix. Red Hat has classified the vulnerability as "important."

An anonymous Slashdot reader writes: I'm surprised this hasn't surfaced on Slashdot already, but yesterday Phoronix reported that systemd will soon be handling file system mounts, along with all the other stuff that systemd has encompassed. The report generated the usual systemd arguments over on Reddit.com/r/linux with Lennart Poettering, systemd developer and architect, chiming in with a few clarifications.
Lennart argued it will greatly improve the handling of removable media like USB sticks.

Microsoft announced on Thursday that it is open sourcing PowerShell, its system administration, scripting, and configuration management tool that has been a default part of Windows for several years. The company says it will soon release PowerShell on Mac and Linux platforms. PCWorld reports: The company is also releasing alpha versions of PowerShell for Linux (specifically Ubuntu, Centos and Redhat) and Mac OS X. A new PowerShell GitHub page gives people the ability to download binaries of the software, as well as access to the app's source code. PowerShell on Linux and Mac will let people who have already built proficiency with Microsoft's scripting language take those skills and bring them to new platforms. Meanwhile, people who are used to working on those platforms will have access to a new and very powerful tool for getting work done. It's part of Microsoft's ongoing moves to open up products that the company has previously kept locked to platforms that it owned. The company's open sourcing of its .NET programming frameworks in 2014 paved the way for this launch, by making the building blocks of PowerShell available on Linux and OS X. By making PowerShell available on Linux, Microsoft has taken the skills of Windows administrators who are already used to the software, and made them more marketable. It has also made it possible for hardcore Linux users to get access to an additional set of tools that they can use to manage a variety of systems.

On the second day of the Red Hat Summit this week, attendees found themselves invited to a wedding during one of the general sessions. The groom was Matt Hargrave, a Red Hat client from Texas, and, it probably goes without saying, a huge fan of the company. The bride was Shannon Montague, a sign language interpreter, and "maybe the most understanding bride ever," jokes Slashdot reader itwbennett: "Pushing a commit to github isn't the same as committing to a life partner. There is no forking this project," Red Hat EVP Paul Cormier told a Texas couple, as he united them in holy matrimony... Red Hat CEO Jim Whitehurst was ring bearer. You can watch the ceremony on YouTube.
"After today your relationship will have newly architected infrastructure. And, of course, collaboration is...critical." I'm wondering if Slashdot readers can suggest more geeky marriage vows -- or have any other geeky wedding stories to share.

Microsoft on Monday announced the release of .NET Core, the open source .NET runtime platform. Finally! (It was first announced in 2014). The company also released ASP.NET Core 1.0, the open-source version of Microsoft's Web development stack. ArsTechnica reports:Microsoft picked an unusual venue to announce the release: the Red Hat Summit. One of the purposes of .NET Core was to make Linux and OS X into first-class supported platforms, with .NET developers able to reach Windows, OS X, Linux, and (with Xamarin) iOS and Android, too. At the summit today, Red Hat announced that this release would be actively supported by the company on Red Hat Enterprise Linux.

About 50 KDE developers met this week in the Swiss Alps for the annual Randa Meetings, "seven days of intense in-person work, pushing KDE technologies forward and discussing how to address the next-generation demands for software systems." Christoph Cullmann, who maintains the Kate editor, blogs that during this year's sprint, they finally fixed a 13-year-old bug. He'd filed the bug report himself -- back in 2003 -- and writes that over the next 13 years, no one ever found the time to fix it. (Even though the bug received 333 "importance" votes...) After finally being marked Resolved, the bug's tracking page at KDE.org began receiving additional comments marveling at how much time had passed. Just think, when this bug was first reported:
-- The current Linux Kernel was 2.6.31...
-- Windows XP was the most current desktop verison. Vista was still 3 years away.
-- Top 2 Linux verions? Mandrake and Redhat (Fedora wouldn't be released for another 2 months, Ubuntu's first was more than a year away.)

An anonymous reader quotes a report from ZDNet: One reason Ubuntu is increasing its lead is that Jujo, Canonical's application modeling and deployment DevOps tool, has been gaining in popularity. In the latest OpenStack user survey, we see that OpenStack is finally gaining real momentum in private clouds. We also see that Ubuntu Linux is continuing to dominate OpenStack. As Canonical cloud marketing manager Bill Bauman said, "Ubuntu OpenStack continues to dominate the majority of deployments with 55 percent of production OpenStack clouds. The previous survey showed Ubuntu OpenStack at 33 percent of production clouds. Ubuntu has seen almost 67 percent growth in an area where Ubuntu was already the market leader. These numbers are a huge testament to the community support Ubuntu OpenStack receives every day." The Cloud Market's latest analysis of operating systems on the Amazon Elastic Compute Cloud (EC2) shows Ubuntu with just over 215,000 instances. Ubuntu is followed by Amazon's own Amazon Linux Amazon Machine Image (AMI), with 86,000 instances. Further back, you'll find Windows with 26,000 instances. In fourth and fifth place, respectively, you'll find Red Hat Enterprise Linux (RHEL) with 16,500 instances and then CentOS with 12,500 instances.

An anonymous reader shares a report on BetaNews: Red Hat -- fresh from celebrating a historic $2 billion in annual revenue -- releases a developer-focused gift to the world. The Red Hat Enterprise Linux Developer Suite is totally free, including an RHEL license and valuable developer tools, like the JBoss Middleware portfolio. This is through the Red Hat Developer Program. If you want to take advantage of this amazing offer, you can sign up through the company's website Red Hat seems a bit late to the party. Many argue that the company should've made its update-only subscription for individuals free from the beginning -- especially considering it isn't a major source of revenue for the company. Exciting time for developers, nonetheless.

An anonymous reader quotes a report from ZDNet: Red Hat just became the first open-source company to make a cool 2 billion bucks. Not bad considering Red Hat became the first billion dollar Linux company only four years ago. Red Hat did it the old-fashioned way: They earned the money instead of playing upon the gullibility of venture capitalists. Red Hat's total revenue for its fourth quarter was $544 million. That's up 17 percent in U.S. dollars year-over-year, or 21 percent measured constant currency. Subscription revenue for the quarter was $480 million, up 18 percent in U.S. dollars year-over-year, or 22 percent measured in constant currency. Subscription revenue in the quarter was 88 percent of total revenue. Analysts estimated Red Hat would make $534 million. Looking ahead for its 2016 FY Red Hat expects to see between $2.380 billion to $2.420 billion. At this rate, Red Hat should easily become the first $3 billion open-source company.
While Red Hat's president and CEO Jim Whitehurst credits the "hybrid cloud infrastructures," Red Hat's subscription revenue can largely be ascribed to Red Hat's flagship product: Red Hat Enterprise Linux. Still, RHEL, which is now available on Microsoft Azure, is becoming a prominent cloud operating system.

An anonymous reader writes: For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). According to a number of researchers, MITRE has lately been doing a lousy job when it comes to assigning these numbers, forcing researchers to do without them or to delay public disclosure of vulnerabilities indefinitely. The problem is getting worse by the day, and the situation has spurred Kurt Seifried, a "Red Hat Product Security Cloud guy" and a CVE Editorial Board member, to create a complementary system for numbering vulnerabilities.

Mark Wilson writes: The new Microsoft has place an increased importance on the cloud, and with other companies following suit, reliance on server solutions has increased. Today the company announces that it is bringing SQL Server to Linux. Both cloud and on-premises versions will be available, and the news has been welcomed by the likes of Red Hat and Canonical. Although the Linux port of SQL Server is not due to make an appearance until the middle of next year, a private preview version is being available to testers starting today. While the full launch of SQL Server for Linux is not due until the middle of 2017, SQL Server 2016 is expected to launch later this year.

An anonymous reader writes: There was much hope that Fedora 24 would be the first major Linux distribution using Wayland by default in place of an X.Org Server, that didn't pan out with Fedora 24 Workstation developers deciding not to use Wayland by default but it will remain a log-in time option. Fedora Wayland has made a lot of progress but functionality like on-screen keyboard, accessibility, remote displays, USB display hot-plugging, and other functionality is incomplete for the Fedora 24 timeline. At least there are many other Fedora 24 features that made it for this next release due out in June. Wayland will turn eight years old this year.

paroneayea writes: GNU Guix, the functional package manager (and with GuixSD, distribution) got a nice feature yesterday: timely delivery of security updates with grafts. Guix's new grafts feature recursively produces re-linked packages as dependencies without waiting for all to compile when a time-sensitive security upgrade is an issue. This came just in time for this week's OpenSSL security issues, and has been successfully tested by the community. It worked so well that it was able to reproduce the ABI break issue that other traditional distributions experienced also!

An anonymous reader writes: Today Google's online security team publicly disclosed a severe vulnerability in the Gnu C Library's DNS client. Due to the ubiquity of Glibc, this affects an astounding number of machines and software running on the internet, and raises questions about whether Glibc ought to still be the preferred C library when alternatives like musl are gaining maturity. As one example of the range of software affected, nearly every Bitcoin implementation is affected. Reader msm1267 adds some information about the vulnerability, discovered independently by security researchers at Red Hat as well as at Google, which has since been patched: The flaw, CVE-2015-7547, is a stack-based buffer overflow in the glibc DNS client-side resolver that puts Linux machines at risk for remote code execution. The flaw is triggered when the getaddrinfo() library function is used, Google said today in its advisory. "A back of the envelope analysis shows that it should be possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and therefore allow attackers to exploit machines behind such caches," Red Hat said in an advisory. It's likely that all Linux servers and web frameworks such as Rails, PHP and Python are affected, as well as Android apps running glibc.

Bruce66423 points out an analysis at The Guardian of North Korea's Red Star Linux-based OS, based on a presentation Sunday to the Chaos Communication Congress in Berlin : The features of their Fedora based OS include a watermarking system to enable tracking of files — even if unopened. The operating system is not just the pale copy of western ones that many have assumed, said Florian Grunow and Niklaus Schiess of the German IT security company ERNW, who downloaded the software from a website outside North Korea and explored the code in detail. ... This latest version, written around 2013, is based on a version of Linux called Fedora and has eschewed the previous version’s Windows XP feel for Apple’s OS X – perhaps a nod to the country’s leader Kim Jong-un who, like his father, has been photographed near Macs. The OS, unsurprisingly, allowed only tightly fettered access to web sites, using a whitelist approach that gives access to government-controlled or approved sites.

An anonymous reader writes: Satya Nadella has made some interesting reforms to Microsoft. Today, Red Hat and Microsoft announced that they will partner to deliver Red Hat's product suite in Azure. Red Hat will also support .NET core in RHEL. Additionally, Red Hat's CloudForms product will now work with Hyper-V/Azure, RHEV, VMware, and AWS. Microsoft has certainly come a long way from the Halloween Memos. Here are Red Hat's blog post and Microsoft's blog post about the announcement