snydeq writes: Developers are embracing a range of open source technologies, writes Matt Asay, virtually none of which are supported or sold by Red Hat, the purported open source leader. "Ask a CIO her choice to run mission-critical workloads, and her answer is a near immediate 'Red Hat.' Ask her developers what they prefer, however, and it's Ubuntu. Outside the operating system, according to AngelList data compiled by Leo Polovets, these developers go with MySQL, MongoDB, or PostgreSQL for their database; Chef or Puppet for configuration; and ElasticSearch or Solr for search. None of this technology is developed by Red Hat. Yet all of this technology is what the next generation of developers is using to build modern applications. Given that developers are the new kingmakers, Red Hat needs to get out in front of the developer freight train if it wants to remain relevant for the next 20 years, much less the next two."

ashshy (40594) writes Red Hat CEO Jim Whitehurst likes to post "state of the union" addresses at the end of every year. Last December, he said that open source innovation is going mainstream in 2014. In an interview with The Motley Fool, Whitehurst matches up his expectations against mid-year progress. Spoiler alert: It's mostly good news.

ectoman (594315) writes Opensource.com has a summary of an interview with Michael Tiemann, co-founder of Cygnus Solutions and one of the world's first open source entrepreneurs. Now VP of Open Source Affairs at Red Hat, Tiemann offers an historical perspective on what makes open source businesses successful, and shares how he dealt with the open source movement's early skeptics. "A lot of the skepticism is a response to the abstract; it's a response to the unknown," Tiemann says, "And when you bring a concrete success story with just absolutely stellar credentials that doesn't just outperform the field, but embarrasses the field, then the skeptics begin to look like they're on the wrong side." The full audio interview on Hacker Public radio (~1 hour).

An anonymous reader writes: Yesterday, word came down that Microsoft was starting to lay off some 18,000 workers. As of June 5th, Microsoft reported a total employee headcount of 127,005, so they're cutting about 15% of their jobs. That's actually a pretty huge percentage, even taking into account the redundancies created by the Nokia acquisition. Obviously, there's an upper limit to how much of your workforce you can let go at one time, so I'm willing to bet Microsoft's management thinks thousands more people aren't worth keeping around. How many employees does Microsoft realistically need? The company is famous for its huge teams that don't work together well, and excessive middle management. But they also have a huge number of software projects, and some of the projects, like Windows and Office, need big teams to develop. How would we go about estimating the total workforce Microsoft needs? (Other headcounts for reference: Apple: 80,000, Amazon: 124,600, IBM: 431,212, Red Hat: 5,000+, Facebook: 6,800, Google: 52,000, Intel: 104,900.)

An anonymous reader writes "Today, CentOS project unveiled CentOS Linux 7 for 64 bit x86 compatible machines. CentOS conforms fully with Red Hat's redistribution policy and aims to have full functional compatibility with the upstream product released in last month. The new version includes systemd, firewalld, GRUB2, LXC, docker, xfs instead of ext4 filesystem by default. The Linux kernel updated to 3.10.0, support for Linux Containers, 3d graphics drivers out of the box, OpenJDK 7, support for 40G Ethernet cards, installations in UEFI secure Boot mode on compatible hardware and more. See the complete list of features here and here. You can grab this release by visiting the official mirror site or via torrents. On a related note there is also a CentOS Linux 7 installation screencast here."

ectoman (594315) writes The U.S. Supreme Court issued a groundbreaking decision concerning software patents, claiming that abstract ideas are not by themselves patentable. The ruling was a cause for celebration among those opposed to software patent abuse, like Red Hat's Vice President and Assistant General Counsel, Rob Tiller. Here, Tiller analyzes and offers some context for the Court's ruling, which "uses the traditional common law methodology of comparing one case to previous similar cases and harmonizing with those most similar."

An anonymous reader writes: Today, Red Hat unveiled Red Hat Enterprise Linux 7, with new features designed to meet both modern datacenter and next-generation IT requirements for cloud, Linux Containers, and big data. The new version includes Linux containers (LXC), which let Linux users easily create and manage system or application containers, improved MS Active Directory / Identity Management (IdM) integration, XFS as the default file system, scaling to 500 TB (additional file system choices such as btrfs, ext{3,4} and others are available), a new and improved installation experience, managing Linux servers with OpenLMI, enhancements to both NFS and GFS2, optimized network management, bandwidth, the use of KVM Virtualization technology and more. See the complete list of features here (PDF). CentOS 7 shouldn't be lagging too far behind due to recent cooperation between Red Hat and CentOS project.

A new flaw has been discovered in the GnuTLS cryptographic library that ships with several popular Linux distributions and hundreds of software implementations. According to the bug report, "A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code." A patch is currently available, but it will take time for all of the software maintainers to implement it. A lengthy technical analysis is available. "There don't appear to be any obvious signs that an attack is under way, making it possible to exploit the vulnerability in surreptitious "drive-by" attacks. There are no reports that the vulnerability is actively being exploited in the wild."

darthcamaro (735685) writes "Barely a week after Robyn Bergeron announced her intention to step down, Red Hat today announced that Matthew Miller is now the new Fedora Project Leader. Miller is the guy that came up with the whole Fedora.next proposal which is now reshaping Red Hat's community Linux project. Miller has a clear view of how his leadership will work in the cat-herding world of open source: 'As the FPL, you've got the responsibility, but no actual authority to tell anyone to do things,' Miller said. 'So you have to find people that have an interest and are aligned with the direction you want to go.'"

colinneagle (2544914) writes "The Wall Street Journal recently reported that, based on documents it reviewed, Red Hat "has chosen not to provide support to its commercial Linux customers if they use rival versions of OpenStack." But the big question is: Why would customers have expected that in the first place? Gartner analyst Lydia Leong told Network World that Red Hat isn't really doing anything wrong here. Customers shouldn't have an expectation that Red Hat would support competitors' software. "The norm would be to expect that non-Red Hat software is treated like any other third-party software," Leong says. If Red Hat has done anything wrong, it's that it has not clearly articulated its positioning and support for non-Red Hat OpenStack distros. Red Hat did not immediately respond to a question asking for a clarification on its support policy. The complication in all this comes from the fact that OpenStack is an open source project and there are misconceived notions that all OpenStack clouds are interoperable with one another. But Leong says just because OpenStack is open source doesn't change the expectations around vendors supporting competitors' products."

An anonymous reader writes "Red Hat announced their pending acquisition of Inktank this morning. Sage Weil and a team of researchers at University of California Santa Cruz first published the architecture in 2007. Sage joined DreamHost after college and continued development on Ceph until DreamHost spun off a Inktank, a company focused solely on Ceph. In Sage's blog post on the acquisition, he says 'In particular, joining forces with the Red Hat team will improve our ability to address problems at all layers of the storage stack, including in the kernel.' Sage goes on to announce that Inktank's proprietary management tools for Ceph will now be open sourced, citing Red Hat's pure open source development and business models.

Ceph has seen wide adoption in OpenStack customer deployments, alongside Red Hat's existing Gluster system." Ceph looks pretty cool if you're doing serious storage: CERN has a 3 Petabyte "prototype" cluster in use now (Only tangentially related, but still interesting, is how CERN does storage in general).

Bismillah (993337) writes "A potentially very serious bug in OpenSSL 1.0.1 and 1.0.2 beta has been discovered that can leak just about any information, from keys to content. Better yet, it appears to have been introduced in 2011, and known since March 2012." Quoting the security advisory: "A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server." The attack may be repeated and it appears trivial to acquire the host's private key. If you were running a vulnerable release, it is even suggested that you go as far as revoking all of your keys. Distributions using OpenSSL 0.9.8 are not vulnerable (Debian Squeeze vintage). Debian Wheezy, Ubuntu 12.04.4, Centos 6.5, Fedora 18, SuSE 12.2, OpenBSD 5.4, FreeBSD 8.4, and NetBSD 5.0.2 and all following releases are vulnerable. OpenSSL released 1.0.1g today addressing the vulnerability. Debian's fix is in incoming and should hit mirrors soon, Fedora is having some trouble applying their patches, but a workaround patch to the package .spec (disabling heartbeats) is available for immediate application.

According to an article at Ars Technica, a major security bug faces Linux users, akin to the one recently found in Apple's iOS (and which Apple has since fixed). Says the article:"The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical 'goto fail' flaw that for months put users of Apple's iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug." And while Apple can readily fix a bug in its own software, at least for users who keep up on patches, "Linux" refers to a broad range of systems and vendors, rather than a single company, and the affected systems include some of the biggest names in the Linux world, like Red Hat, Debian, and Ubuntu.

darthcamaro (735685) writes "Red Hat's open source oVirt project hit a major milestone this week with the release of version 3.4. It's got improved storage handling so users can mix and match different resource types, though the big new feature is one that seems painfully obvious. For the first time oVirt users can have the oVirt Manager and oVirt VMs on the same physical machine. 'So, typically, customers deployed the oVirt engine on a physical machine or on a virtual machine that wasn't managed or monitored,' Scott Herold, principal product manager for Red Hat Enterprise Virtualization said. 'The oVirt 3.4 release adds the ability for oVirt to self-host its engine, including monitoring and recovery of the virtual machine.'" (Wikipedia describes oVirt as "a free platform virtualization management web application community project.")

First time accepted submitter BlazeMiskulin writes "With XP approaching end-of-life, I find myself in a situation that I'm guessing is common: What to do with Mom's machine (or 'grandma's machine' for the younger of you). Since a change has to be made, this seems like a good time to move to a Linux distro. My mother (82) uses her computer for e-mail and web-browsing only. I know that any distro will be able to handle her needs. I've been using Linux (Ubuntu, CentOS, and Redhat--usually with KDE interface) for about 10 years now, but I know that my preferences are quite different from hers.

I have my own ideas, but I'm curious what others think: What combination of distro and UI would you recommend for an old, basic-level user who is accustomed to the XP interface and adverse to change?" My Grandmother seems happy running KDE on Debian.

An anonymous reader writes "The Fedora Project is now going to enforce a "Don't Ask, Don't Tell" policy for contributors. What the project's engineering committee is asking their members to conceal is a contributor's nationality, country of origin, or area of residence. There's growing concern about software development contributions coming from export restricted countries by the US (Cuba, Iran, North Korea, Sudan, and Syria) with Red Hat being based out of North Carolina, but should these governmental restrictions apply to an open-source software project?"

sfcrazy writes "It's not The Onion: Red Hat has partnered with Uhuru Software to bring Microsoft .NET Apps and SQL server capabilities to Red Hat's Platform-as-a-Service solution OpenShift." This brings OpenShift to Windows, and not .NET applications to GNU/Linux OpenShift installations. RedHat customers have apparently been asking for this for a while. The source is available: "The consistent model for managing both Linux and Windows systems that OpenShift provides allow organizations to achieve greater efficiency and agility. Windows is now a full-fledged member of the Open Source world of OpenShift. In keeping with the spirit of Open Source, Uhuru has made all of its OpenShift integration software for Windows available to the community and is working to have it officially integrated into OpenShift Origin."

In related news (OpenShift is usually used on top of OpenStack), darthcamaro writes "The OpenStack cloud platform keeps on gaining new converts. The latest is GoDaddy which today announced it is now officially supporting the OpenStack Foundation. How GoDaddy came to officially join the OpenStack Foundation is interesting, apparently the OpenStack Foundation found out that GoDaddy was using OpenStack though job postings."

rjmarvin writes "Karanbir Singh and a handful of other CentOS developers are now full-time Red Hat employees, working in-house on the CentOS distribution with more transparent processes and methods. None of the CentOS developers will be working on Red Hat Enterprise Linux. The CentOS project would become another distribution and community cared for by Red Hat, like Fedora, and Red Hat CTO Brian Stevens says the company is planning its future around OpenStack, not just Linux."

angry tapir writes "Oracle is continuing its legal battle against third-party software support providers it alleges are performing such services in a manner that violates its intellectual property. Last week, Oracle sued StratisCom, a Georgia company that offers customers support for Oracle's Solaris OS, claiming it had 'misappropriated and distributed copyright, proprietary software code, along with the login credentials necessary to download this code from Oracle's password-protected websites.'"

New submitter hymie! writes "Nagios is a commonly used IT tool that monitors computers, networks, and websites. It supports the use of plug-ins, many of which were developed independently by the community. Holger Weiß, formerly of nagios-plugins.org, announced that 'Yesterday, the DNS records [of nagios-plugins.org] were modified to point to web space controlled by Nagios Enterprises instead. This change was done without prior notice. To make things worse, large parts of our web site were copied and are now served (with slight modifications) by Nagios. Again, this was done without contacting us, and without our permission. This means we cannot use the name 'Nagios Plugins' any longer.' Further discussion is available in a Bugzilla thread."