Security

Neutrino Exploit Kit Has a New Way To Detect Security Researchers (csoonline.com) 39

itwbennett writes: [The Neutrino exploit kit] is using passive OS fingerprinting to detect visiting Linux machines, according to Trustwave researchers who found that computers they were using for research couldn't make a connection with servers that delivered Neutrino. Daniel Chechik, senior security researcher at Trustwave's SpiderLabs division wrote that they tried changing IP addresses and Web browsers to avoid whatever was causing the Neutrino server to not respond, but it didn't work. But by fiddling with some data traffic that Trustwave's computers were sending to the Neutrino server, they figured out what was going on.
Cloud

Docker Images To Be Based On Alpine Linux (brianchristner.io) 82

New submitter Tenebrousedge writes: Docker container sizes continue a race to the bottom with a couple of environments weighing in at less than 10MB. Following on the heels of this week's story regarding small images based on Alpine Linux, it appears that the official Docker images will be moving from Debian/Ubuntu to Alpine Linux in the near future. How low will they go?
Desktops (Apple)

Scareware Signed With Apple Cert Targets OS X Machines (threatpost.com) 39

msm1267 writes: A unique scareware campaign targeting Mac OS X machines has been discovered, and it's likely the developer behind the malware has been at it a while since the installer that drops the scareware is signed with a legitimate Apple developer certificate.

"Sadly, this particular developer certificate (assigned to a Maksim Noskov) has been used for probably two years in similar attacks," said Johannes Ullrich, dean of research of the SANS Institute's Internet Storm Center, which on Thursday publicly disclosed the campaign. "So far, it apparently hasn't been revoked by Apple."

Stats

The Performance of Ubuntu Linux Over the Past 10 Years (phoronix.com) 109

An anonymous reader writes: Tests were carried out at Phoronix of all Ubuntu Long-Term Support releases from the 6.06 "Dapper Drake" release to 16.04 "Xenial Xerus," looking at the long-term performance of (Ubuntu) Linux using a dual-socket AMD Opteron server. Their benchmarks of Ubuntu's LTS releases over 10 years found that the Radeon graphics performance improved substantially, the disk performance was similar while taking into account the switch from EXT3 to EXT4, and that the CPU performance had overall improved for many workloads thanks to the continued evolution of the GCC compiler.
Open Source

CFQ In Linux Gets BFQ Characteristics 65

jones_supa writes: Paolo Valente from University of Modena has submitted a Linux kernel patchset which replaces CFQ (Completely Fair Queueing) I/O scheduler with the last version of BFQ (Budget Fair Queuing, a proportional-share scheduler). This patchset first brings CFQ back to its state at the time when BFQ was forked from CFQ. Paolo explains: "Basically, this reduces CFQ to its engine, by removing every heuristic and improvement that has nothing to do with any heuristic or improvement in BFQ, and every heuristic and improvement whose goal is achieved in a different way in BFQ. Then, the second part of the patchset starts by replacing CFQ's engine with BFQ's engine, and goes on by adding current BFQ improvements and extra heuristics." He provides a link to the thread in which it is agreed on this idea, and a direct link to the e-mail describing the steps.
Bug

Have Your iPhone 6 Repaired, Only To Get It Bricked By Apple (theguardian.com) 404

New submitter Nemosoft Unv. writes: In case you had a problem with the fingerprint sensor or some other small defect on your iPhone 6 and had it repaired by a non-official (read: cheaper) shop, you may be in for a nasty surprise: error 53. What happens is that during an OS update or re-install the software checks the internal hardware and if it detects a non-Apple component, it will display an error 53 and brick your phone. Any photos or other data held on the handset is lost – and irretrievable. Thousands of people have flocked to forums to express their dismay at this. What's more insiduous is that the error may only appear weeks or months after the repair. Incredibly, Apple says this cannot be fixed by any hard- or software update, while it is clearly their software that causes the problem in the first place. And then you thought FTDI was being nasty ...
Cloud

CoreOS Launches Rkt 1.0 (eweek.com) 49

darthcamaro writes: Docker is about to get some real competition in the container runtime space, thanks to the lofficial aunch of rkt 1.0. CoreOS started building rkt in 2014 and after more than a year of security, performance and feature improvement are now ready to declare it 'production-ready.' While rkt is a docker runtime rival, docker apps will run in rkt, giving using a new runtime choice: "rkt will remain compatible with the Docker-specific image format, as well as its own native App Container Image (ACI). That means developers can build containers with Docker and run those containers with rkt. In addition, CoreOS will support the growing ecosystem of tools based around the ACI format."
Books

Interviews: Ask 'Ubuntu Unleashed' Author Matthew Helmke 58

Matthew Helmke (personal blog) is the author of the newly published 11th edition of Ubuntu Unleashed (published by Pearson); this updated edition of the book will cover the OS through Ubuntu's 15.10 and (forthcoming) 16.04 releases. Helmke is also a former Ubuntu Forum administrator, a musician, an entrepreneur, and a long-time Slashdot reader who now leads a "nice quiet life in Iowa." Ask Matthew about what it's like to be a Linux book author and community leader, and his thoughts on Canonical, the goods and bads of modern Linux distributions, and the future of Ubuntu -- especially relevant with the upcoming release of the first Ubuntu-based tablet. (Remember, Matthew isn't responsible for gripes you may have with either Ubuntu or Canonical, but he might have some good solutions to particular problems.) Ask as many questions as you'd like; we just ask that you keep them on-topic, and please stick to one question per post.
Ubuntu

Canonical Reveals the BQ Aquaris M10 Ubuntu Tablet (omgubuntu.co.uk) 92

LichtSpektren writes: Several tech sites have now broke the news that Canonical has revealed their BQ Aquaris M10 Ubuntu Tablet. Joey-Elijah Sneddon builds the hype: "A stunning 10.1-inch IPS touch display powered a full HD 1920×1200 pixel resolution at 240 ppi. Inside is a 64-bit MediaTek MT8163A 1.5GHz quad-core processor, 2GB of RAM, and 16GB of internal memory. A micro SD memory card is included, adding storage expansion of up to 64GB. Furthermore, the converged slate includes an 8-megapixel rear camera with autofocus and dual LED flash (and capable of recording in full 1080p), plus a front facing 3-megapixel camera for video chats, vlogs and selfies. Front facing Dolby Atmos speakers will provide a superior sound experience during movie playback. The M10 measure 246mm x 171mm x 8.2mm, weighs just 470 grams — lighter than the Apple iPad Air — and has a 7280 mAh battery to give up to 10 hours of use. ... Tablet mode offers a side stage for running two apps side-by-side, plus a full range of legacy desktop applications, mobile apps and scopes. LibreOffice, Mozilla Firefox, The GIMP and Gedit are among a 'curated collection of legacy apps' to ship pre-installed on the tablet. It will also be possible for developers and enthusiasts to install virtually any ARM compatible app available on Ubuntu using the familiar 'apt-get' command." A photo gallery can also be seen on his website here. The price is not yet announced, but the Android version of the same tablet is currently on sale for €229.
Cloud

New Hack Shrinks Docker Containers (www.iron.io) 130

destinyland writes: Promising "uber tiny Docker images for all the things," Iron.io has released a new library of base images for every major language optimized to be as small as possible by using only the required OS libraries and language dependencies. "By streamlining the cruft that is attached to the node images and installing only the essentials, they reduced the image from 644 MB to 29MB,"explains one technology reporter, noting this makes it quicker to download and distribute the image, and also more secure. "Less code/less programs in the container means less attack surface..." writes Travis Reeder, the co-founder of Iron.io, in a post on the company's blog. "Most people who start using Docker will use Docker's official repositories for their language of choice, but unfortunately if you use them, you'll end up with images the size of the Empire State Building..."
Windows

Windows 10 Passes Windows XP In Market Share 313

An anonymous reader writes: Six months after its release, Windows 10 has finally passed 10 percent market share. Not only that, but the latest and greatest version from Microsoft has also overtaken Windows 8.1 and Windows XP, according to the latest figures from Net Applications. Windows 10 had 9.96 percent market share in December, and gained 1.89 percentage points to hit 11.85 percent in January. Maybe it will jump even faster soon, but not necessarily for the best of reasons.
Windows

Windows 10 Now a 'Recommended Update' For Windows 7 and 8.1 Users (betanews.com) 581

Mark Wilson writes: Microsoft has been accused of pushing Windows 10 rather aggressively, and the company's latest move is going to do nothing to silence these accusations. For Windows 7 and Windows 8.1 users, Windows 10 just became a 'recommended update' in Windows Update.

This is a change from the previous categorization of the upgrade as an 'optional update' and it means that there is renewed potential for unwanted installations. After the launch of Windows 10, there were numerous reports of not only the automatic download of OS installation files, but also unrequested upgrades. The changed status of the update means that, on some machines, the installation of Windows 10 could start automatically.

Operating Systems

GNU Hurd Begins Supporting Sound, Still Working On 64-bit & USB Support (phoronix.com) 312

An anonymous reader writes: GNU developer Samuel Thibault presented at this weekend's FOSDEM conference about the current state of GNU Hurd. He shared that over the past year they've started working on experimental sound support as their big new feature. They also have x86 64-bit support to the point that the kernel can boot, but not much beyond that stage yet. USB and other functionality remains a work-in-progress. Those curious about this GNU kernel project can find more details via the presentation media.
Open Source

Linux Kernel 2.6.32 LTS Reaches End of Life In February 2016 (softpedia.com) 116

An anonymous reader writes: The oldest long-term supported Linux kernel branch finally reaches end of life next month, but before going into the deepest darkest corners of the Internet, it just dropped one more maintenance release, Linux kernel 2.6.32.70 LTS. Willy Tarreau dropped the news about the release of Linux kernel 2.6.32.70 LTS on January 29, 2016, informing all us that this will most likely be the last maintenance release in the series, as starting with February 2016 it will no longer be supported with security patches and bugfixes. Linux 2.6 first came out in December, 2003, and 2.6.16 (the first long-term release) in March 2006.
GUI

Project Neon Will Bring Users Up-to-Date KDE Packages (cio.com) 42

sfcrazy writes: [Kubuntu founder Jonathan Riddell] is going to announce a new project at FOSDEM that brings the KDE experience to users. There is Fedora that offers latest from Gnome, but there is no such distro that offers the same level of integration with KDE software; yes, there is openSUSE but it offers KDE as an option. So Kubuntu based KDE Neon is a project to give KDE users and contributors a way to get KDE's desktop software while it's still fresh. It'll be providing packages of the latest KDE software so users can install it and stay up to date on a stable base.
Networking

FreeBSD-Powered Firewall Distro OPNsense 16.1 Released (phoronix.com) 64

An anonymous reader writes: OPNsense, the open-source firewall project powered by FreeBSD that began as a fork of pfSense, is out with a new release. OPNsense 16.1 was developed over the past half-year and is a big update. OPNsense 16.1 has upgraded to using a FreeBSD 10.2 base, support for a high-speed IPS mode, a redesigned captive portal, firewall improvements, and a wide range of other work.
Cloud

Ask Slashdot: What Are Your Experiences With Online IDEs For Web Development? 168

Qbertino writes: I'm toying with the thought of moving my web development (PHP, HTML, CSS, JavaScript with perhaps a little Python and Ruby thrown in) into the cloud. The upsides I expect would be: 1) No syncing hassles across machines. 2) No installation of toolchains to get working or back to work — a browser and a connection is all that would be required. 3) Easy teamwork. 4) Easy deployment. 5) A move to Chrome OS for ultra-cheap laptop goodness would become realistic.

Is this doable/feasible? What are your experiences? Note, this would be for professional web development, not hobbyist stuff. Serious interactive JS, non-trivial PHP/LAMP development, etc. Has anyone have real world experience doing something like this? Maybe even experience with moving to a completely web-centric environment with Chrome OS? What have you learned? What would you recommend? How has it impacted your productivity and what do you miss from the native pipelines? What keeps you in the cloud, and enables you to stay there? Are you working "totally cloud" with a team and if so, how does it work out/feel? Does it make sense? As for concrete solutions, I'm eyeing Cloud9, CodeAnywhere, CodeEnvy but also semi-FOSS stuff like NeutronDrive. Anything you would recommend for real world productivity? Have you tried this and moved back? If so, what are your experiences and what would need to be improved to make it worthwhile? Thanks for any insights.
Open Source

Linux 4.5 Adds Raspberry Pi 2 Support, AMD GPU Re-Clocking, Intel Kaby Lake (phoronix.com) 147

The Linux 4.5 merge window has been open for the last two weeks; that means that the 4.5-rc1 kernel is expected to emerge, with the official kernel following in about eight weeks. An anonymous reader writes with this top-level list of changes to look for, from Phoronix: Linux 4.5 is set to bring many new features across the kernel's 20 million line code-base. Among the new/improved features are Raspberry Pi 2 support, open-source Raspberry Pi 3D support, NVIDIA Tegra X1 / Jetson TX1 support, an open-source Vivante graphics driver, AMDGPU PowerPlay/re-clocking support, Intel Kaby Lake enablement, a Logitech racing wheel driver, improvements for handling suspended USB devices, new F2FS file-system features, and better Xbox One controller handling.
Businesses

Docker Moves Beyond Containers With Unikernel Systems Purchase (thenewstack.io) 69

joabj writes: Earlier today, Docker announced that it had purchased the Cambridge, U.K.-based Unikernel Systems, makers of the OCaml-based MirageOS, a unikernel or "virtual library-based operating system." Unikernels go beyond containers in stripping virtualization down to the bare essentials in that they only include the specific OS functionality that the application actually needs. Their design builds on decades of research into modular OS design. Although unikernels can be complex to deploy for developers, Docker aims to make the process as standardized as possible, for easier deployment.
GNU is Not Unix

Remix OS in Violation of GPL and Apache Licenses (tlhp.cf) 180

An anonymous reader writes: You may have heard recently of the Remix OS, a fork of Android that targets desktop computing. The operating system, which was created by former Google employees and features a traditional desktop layout in addition to the ability to run Android apps, was previewed on Ars Technica a few weeks ago, but it was not actually released for end-users to download until earlier this week. Now that Remix OS has been released, The Linux Homefront Project is reporting that the Android-based operating system, for which source code is not readily available, violates both the GPL and the Apache License. The RemixOS installer includes a "Remix OS USB Tool" that is really a re-branded copy of popular disk imaging tool UNetbootin, which falls under the GPL. Additionally, browsing through the install image files reveals that the operating system is based on the Apache Licensed Android-x86 project. From the article: "Output is absolutely clear – no differences! No authors, no changed files, no trademarks, just copy-paste development." Is this a blatant disregard for the GPL and Apache licenses by an optimistic startup, or were the authors too eager to release that they forgot to provide access to the repo?

Slashdot Top Deals