×
Ubuntu

Canonical Launches Ubuntu Core 24 (ubuntu.com) 5

Canonical, the company behind Ubuntu, has released Ubuntu Core 24, a version of its operating system designed for edge devices and the Internet of Things (IoT). The new release comes with a 12-year Long Term Support commitment and features that enable secure, reliable, and efficient deployment of intelligent devices.

Ubuntu Core 24 introduces validation sets for custom image creation, offline remodelling for air-gapped environments, and new integrations for GPU operations and graphics support. It also offers device management integrations with Landscape and Microsoft Azure IoT Edge. The release is expected to benefit various industries, including automation, healthcare, and robotics, Canonical said.
Input Devices

8BitDo's Reimagining of IBM's Model-M Keyboard Draws Reactions Online (omgubuntu.co.uk) 72

"Few computer keyboards are as iconic, as influential, or as beige as the IBM Model-M," writes the blog OMG Ubuntu adding that it's "no surprise then that it's been given a modern reimagining by 8BitDo." Following on from their Nintendo NES and Famicom and Commodore 64 homages, 8BitDo has unveiled its latest retro-inspired mechanical keyboard. This one pays tribute to a true computing classic: the IBM Model-M keyboard.

Lest anyone familiar with the real thing get too excited I'll mention up front that 8BitDo's Keyboard-M is a mechanical keyboard, using Kailh Box V2 white switches (swappable, of course) and not the buckling spring mechanism synonymous with the original. On Linux you can enable a buckling spring sound effect for every key press though, should you buy this and want the clatter to accompany it...!

Like 8BitDo's other retro keyboards you can use this over Bluetooth, 2.4G wireless (USB adapter sits underneath), or wired. It has a built-in rechargeable 2000mAh Li-on battery that's good for 200 hours between charges.

"It certainly looks the business," writes the Verge, "especially with the slick new wireless numpad / calculator combo pad 8BitDo will sell alongside it for another $44.99."

And Ars Technica adds that "The M Edition's color scheme, chunkier build, and typeface selection, including on the Tab key with arrows and elsewhere, are nods to IBM's Model M," (noting that the Model M first succeeded the Model F keyboard in 1985). "Of course, the keyboard's naming, and the IBM behemoth and floppy disks strategically placed in marketing images, are notes of that, too..."

"The M Edition also comes with the detachable A and B "Super Buttons" that connect to the keyboard via a 3.5 mm jack and are programmable without software."

"The paint job is pretty faithful to the original," notes Windows Central, "with a combination of gray and white throughout, right down to the accurately recreated LED status panel in the right-hand corner. There are even two key caps with an IBM-inspired blue font on them. It's just tremendous."

Ars Technica offers this advice to unconvinced purists: If you want a real Model M, there's a market of found and restored models available online and in thrift stores and electronics stores. For a modern spin, like USB ports and Mac support, Unicomp also makes new Model M keyboards that are truer to the original IBM design, particularly in their use of buckling spring switches.
Ubuntu

Ubuntu Linux 24.04 Now Optimized For Milk-V Mars RISC-V Single Board Computer (betanews.com) 35

BrianFagioli writes: Canonical has officially released the optimized Ubuntu 24.04 image for the Milk-V Mars, a credit-card-sized RISC-V single board computer (SBC) developed by Shenzhen MilkV Technology Co., Ltd.

The Milk-V Mars is the world's first high-performance RISC-V SBC of its size. Powered by the StarFive JH7110 quad-core processor, the board is equipped with up to 8GB of LPDDR4 memory and supports various modern interfaces, including USB 3.0, HDMI 2.0 for 4K output, and Ethernet with PoE capabilities. It also offers comprehensive expansion options with M.2 E-Key and extensive MIPI CSI channels, making it an ideal choice for developers and tech enthusiasts.

Nintendo

Ubuntu 24.04 Now Runs on the Nintendo Switch (Unofficially) (omgubuntu.co.uk) 6

"The fact it's possible at all is a credit to the ingenuity of the open-source community," writes the blog OMG Ubuntu: Switchroot is an open-source project that allows Android and Linux-based distros like Ubuntu to run on the Nintendo Switch — absolutely not something Nintendo approves of much less supports, endorses, or encourages, etc! I covered the loophole that made this possible back in 2018. Back then the NVIDIA Tegra X1-powered Nintendo Switch was still new and Linux support for much of the console's internal hardware in a formative state (a polite way to say 'not everything worked'). But as the popularity of Nintendo's handheld console ballooned (to understate it) so the 'alternative OS' Switch scene grew, and before long Linux support for Switch hardware was in full bloom...

A number of Linux for Switchroot (L4S) distributions have since been released, designated as Linux for Tegra (L4T) builds. As these can boot from a microSD card it's even possible to dualboot the Switch OS with Linux, which is neat! Recently, a fresh set of L4T Ubuntu images were released based on the newest Ubuntu 24.04 LTS release. These builds work on all Switch versions, from the OG (exploit-friendly) unit through to newer, patched models (where a modchip is required)...

I'm told all of the Nintendo Switch internal hardware now works under Linux, including Wi-Fi, Bluetooth, sleep mode, accelerated graphics, the official dock... Everything, basically. And despite being a 7 year old ARM device the performance is said to remain decent.

"Upstream snafus have delayed the release of builds with GNOME Shell..."
Ubuntu

Ubuntu 24.10 to Default to Wayland for NVIDIA Users (omgubuntu.co.uk) 76

An anonymous reader shared this report from the blog OMG Ubuntu: Ubuntu first switched to using Wayland as its default display server in 2017 before reverting the following year. It tried again in 2021 and has stuck with it since. But while Wayland is what most of us now log into after installing Ubuntu, anyone doing so on a PC or laptop with an NVIDIA graphics card present instead logs into an Xorg/X11 session.

This is because NVIDIA's proprietary graphics drivers (which many, especially gamers, opt for to get the best performance, access to full hardware capabilities, etc) have not supported Wayland as well as as they could've. Past tense as, thankfully, things have changed in the past few years. NVIDIA's warmed up to Wayland (partly as it has no choice given that Wayland is now standard and a 'maybe one day' solution, and partly because it wants to: opportunities/benefits/security).

With the NVIDIA + Wayland sitch' now in a better state than before — but not perfect — Canonical's engineers say they feel confident enough in the experience to make the Ubuntu Wayland session default for NVIDIA graphics card users in Ubuntu 24.10.

Open Source

Why a 'Frozen' Distribution Linux Kernel Isn't the Safest Choice for Security (zdnet.com) 104

Jeremy Allison — Sam (Slashdot reader #8,157) is a Distinguished Engineer at Rocky Linux creator CIQ. This week he published a blog post responding to promises of Linux distros "carefully selecting only the most polished and pristine open source patches from the raw upstream open source Linux kernel in order to create the secure distribution kernel you depend on in your business."

But do carefully curated software patches (applied to a known "frozen" Linux kernel) really bring greater security? "After a lot of hard work and data analysis by my CIQ kernel engineering colleagues Ronnie Sahlberg and Jonathan Maple, we finally have an answer to this question. It's no." The data shows that "frozen" vendor Linux kernels, created by branching off a release point and then using a team of engineers to select specific patches to back-port to that branch, are buggier than the upstream "stable" Linux kernel created by Greg Kroah-Hartman. How can this be? If you want the full details the link to the white paper is here. But the results of the analysis couldn't be clearer.

- A "frozen" vendor kernel is an insecure kernel. A vendor kernel released later in the release schedule is doubly so.

- The number of known bugs in a "frozen" vendor kernel grows over time. The growth in the number of bugs even accelerates over time.

- There are too many open bugs in these kernels for it to be feasible to analyze or even classify them....

[T]hinking that you're making a more secure choice by using a "frozen" vendor kernel isn't a luxury we can still afford to believe. As Greg Kroah-Hartman explicitly said in his talk "Demystifying the Linux Kernel Security Process": "If you are not using the latest stable / longterm kernel, your system is insecure."

CIQ describes its report as "a count of all the known bugs from an upstream kernel that were introduced, but never fixed in RHEL 8." For the most recent RHEL 8 kernels, at the time of writing, these counts are: RHEL 8.6 : 5034 RHEL 8.7 : 4767 RHEL 8.8 : 4594

In RHEL 8.8 we have a total of 4594 known bugs with fixes that exist upstream, but for which known fixes have not been back-ported to RHEL 8.8. The situation is worse for RHEL 8.6 and RHEL 8.7 as they cut off back-porting earlier than RHEL 8.8 but of course that did not prevent new bugs from being discovered and fixed upstream....

This whitepaper is not meant as a criticism of the engineers working at any Linux vendors who are dedicated to producing high quality work in their products on behalf of their customers. This problem is extremely difficult to solve. We know this is an open secret amongst many in the industry and would like to put concrete numbers describing the problem to encourage discussion. Our hope is for Linux vendors and the community as a whole to rally behind the kernel.org stable kernels as the best long term supported solution. As engineers, we would prefer this to allow us to spend more time fixing customer specific bugs and submitting feature improvements upstream, rather than the endless grind of backporting upstream changes into vendor kernels, a practice which can introduce more bugs than it fixes.

ZDNet calls it "an open secret in the Linux community." It's not enough to use a long-term support release. You must use the most up-to-date release to be as secure as possible. Unfortunately, almost no one does that. Nevertheless, as Google Linux kernel engineer Kees Cook explained, "So what is a vendor to do? The answer is simple: if painful: Continuously update to the latest kernel release, either major or stable." Why? As Kroah-Hartman explained, "Any bug has the potential of being a security issue at the kernel level...."

Although [CIQ's] programmers examined RHEL 8.8 specifically, this is a general problem. They would have found the same results if they had examined SUSE, Ubuntu, or Debian Linux. Rolling-release Linux distros such as Arch, Gentoo, and OpenSUSE Tumbleweed constantly release the latest updates, but they're not used in businesses.

Jeremy Allison's post points out that "the Linux kernel used by Android devices is based on the upstream kernel and also has a stable internal kernel ABI, so this isn't an insurmountable problem..."
Ubuntu

Ubuntu Criticized For Bug Blocking Installation of .Deb Packages (linux-magazine.com) 118

The blog It's FOSS is "pissed at the casual arrogance of Ubuntu and its parent company Canonical..... The sheer audacity of not caring for its users reeks of Microsoft-esque arrogance." If you download a .deb package of a software, you cannot install it using the official graphical software center on Ubuntu anymore. When you double-click on the downloaded deb package, you'll see this error, "there is no app installed for Debian package files".

If you right-click and choose to open it with Software Center, you are in for another annoyance. The software center will go into eternal loading. It may look as if it is doing something, but it will go on forever. I could even livestream the loading app store on YouTube, and it would continue for the 12 years of its long-term support period.

Canonical software engineer Dennis Loose actually created an issue ticket for the problem himself — back in September of 2023. And two weeks ago he returned to the discussion to announce that fix "will be a priority for the next cycle". (Though "unfortunately we didn't have the capacity to work on this for 24.04...)

But Its Foss accused Canonical of "cleverly booting out deb in favor of Snap, one baby step at a time" (noting the problem started with Ubuntu 23.10): There is also the issue of replacing deb packages with Snap, even with the apt command line tool. You use 'sudo apt install chromium', you get a Snap package of Chromium instead of Debian
The venerable Linux magazine argues that Canonical "has secretly forced Snap installation on users." [I]t looks as if the Software app defaults to Snap packages for everything now. I combed through various apps and found this to be the case.... As far as the auto-installation of downloaded .deb files, you'll have to install something like gdebi to bring back this feature.
Ubuntu

Ubuntu 24.04 LTS 'Noble Numbat' Officially Released (9to5linux.com) 34

prisoninmate shares a report from 9to5Linux: Canonical released today Ubuntu 24.04 LTS (Noble Numbat) as the latest version of its popular Linux-based operating system featuring some of the latest GNU/Linux technologies and Open Source software. Powered by Linux kernel 6.8, Ubuntu 24.04 LTS features the latest GNOME 46 desktop environment, an all-new graphical firmware update tool called Firmware Updater, Netplan 1.0 for state-of-the-art network management, updated Ubuntu font, support for the deb822 format for software sources, increased vm.max_map_count for better gaming, and Mozilla Thunderbird as a Snap by default.

It also comes with an updated Flutter-based graphical desktop installer that's now capable of updating itself and features a bunch of changes like support for accessibility features, guided (unencrypted) ZFS installations, a new option to import auto-install configurations for templated custom provisioning, as well as new default installation options, such as Default selection (previously Minimal) and Extended selection (previously Normal)."

GUI

LXQt 2.0 Released: Lightweight Desktop is Almost Wayland Compatible (9to5linux.com) 66

This week saw the release of the LXQt 2.0 desktop environment, reports 9to5Linux. And besides bringing Qt 6 support (and a new default application menu), it also brings support for the Wayland display protocol to more components: The LXQt development is confident that the next major release, LXQt 2.1, will be fully Wayland compatible. The components that need to be ported to Wayland include ScreenGrab, LXQt Global Shortcuts, LXQt Panel's task-bar and keyboard indicator, some input settings, and settings of monitor, power button, and screen locker.

"Wayland will be the main target for LXQt 2.1.0, as Qt6 was for LXQt 2.0.0" said the devs. "Most Wayland compositors have tools that can be used instead of them, such that an LXQt-Wayland session is already possible for advanced users."

The lightweight Linux distro Lubuntu uses LXQtplace in place of GNOME — and Lubuntu 24.04 LTS will include an optional Wayland session alongside its default Xorg one, according to 9to5Linux:

I said it before and I'll say it again, 2024 is the year of the Wayland desktop... The Lubuntu team plans to support the Xorg session until 2026 to aid users with older GPUs... However, the tables will be turned next year with the Lubuntu 24.10 release, which will be shipping with Wayland by default.
Portables

Volla Successfully Crowdfunds a Privacy-Focused Tablet on Kickstarter (kickstarter.com) 35

It's "the new generation of Tablet for simplicity and privacy..." according to its Kickstarter page. "Top-tier performance, lightweight design and completely Google-free." And it's already reached its funding goal of $53,312 — climbing to over $75,000 from 115 backers with another 26 days still to go. 9to5Linux reports: Volla, the maker of the Volla Phone smartphones, has launched a crowdfunding campaign on Kickstarter for their first tablet device, the Volla Tablet, which will also support the Ubuntu Touch mobile OS.

Featuring a 12.3-inch Quad HD display with 2650Ã--1600 pixel resolution, the Volla Tablet uses a powerful MediaTek Gaming G99 8-core processor, 12 GB RAM, and 256 GB internal storage. It also comes with a long-lasting 10,000 mAh battery, 2G/3G/4G cellular network support, Wi-Fi, Bluetooth, and a 13+5 MP main camera.

By default, Volla Tablet ships with Volla OS 13, Volla's in-house operating system based on the free Android Open Source Project (AOSP), but users will be able to buy the tablet with Ubuntu Touch featuring built-in convergence and support for Android apps with WayDroid container.

"Users will also be able to use desktop apps like Firefox or LibreOffice thanks to the help of the Libertine container," according to the article. ("Volla says that Volla Tablet with Ubuntu Touch is ideal for Linux enthusiasts and minimalists seeking a simplified, efficient, and familiar operating system experience.")

Its Kickstarter page points out the tablet even offers options like "hide.me VPN" and private speech recognition that's "cloud-independent for secure, confidential interactions."

("For U.S. users, please note that only roaming SIM cards from abroad can be used.")
Ubuntu

Ubuntu 24.04 Yields a 20% Performance Advantage Over Windows 11 On Ryzen 7 Framework Laptop (phoronix.com) 63

Michael Larabel reports via Phoronix: With the Framework 16 laptop one of the performance pieces I've been meaning to carry out has been seeing out Linux performs against Microsoft Windows 11 for this AMD Ryzen 7 7840HS powered modular/upgradeable laptop. Recently getting around to it in my benchmarking queue, I also compared the performance of Ubuntu 23.10 to the near final Ubuntu 24.04 LTS on this laptop up against a fully-updated Microsoft Windows 11 installation. The Framework 16 review unit as a reminder was configured with the 8-core / 16-thread AMD Ryzen 7 7840HS Zen 4 SoC with Radeon RX 7700S graphics, a 512GB SN810 NVMe SSD, MediaTek MT7922 WiFi, and a 2560 x 1600 display.

In the few months of testing out the Framework 16 predominantly under Linux it's been working out very well. With also having a Windows 11 partition as shipped by Framework, after updating that install it made for an interesting comparison against the Ubuntu 23.10 and Ubuntu 24.04 performance. The same Framework 16 AMD laptop was used throughout all of the testing for looking at the out-of-the-box performance across Microsoft Windows 11, Ubuntu 23.10, and the near-final state of Ubuntu 24.04. [...]

Out of 101 benchmarks carried out on all three operating systems with the Framework 16 laptop, Ubuntu 24.04 was the fastest in 67% of those tests, the prior Ubuntu 23.10 led in 22% (typically with slim margins to 24.04), and then Microsoft Windows 11 was the front-runner just 10% of the time... If taking the geomean of all 101 benchmark results, Ubuntu 23.10 was 16% faster than Microsoft Windows 11 while Ubuntu 24.04 enhanced the Ubuntu Linux performance by 3% to yield a 20% advantage over Windows 11 on this AMD Ryzen 7 7840HS laptop. Ubuntu 24.04 is looking very good in the performance department and will see its stable release next week.

Ubuntu

Canonical Says Qualcomm Has Joined Ubuntu's 'Silicon Partner' Program (webpronews.com) 8

Intel, Nvidia, AMD, and Arm are among Canonical's "silicon partners," a program that "ensures maximum Ubuntu compatibility and long-term support with certified hardware," according to Web Pro News.

And now Qualcomm is set to be Canonical's next silicon partner, "giving Qualcomm access to optimized versions of Ubuntu for its processors." Companies looking to use Ubuntu on Qualcomm chips will benefit from an OS that provides 10 years of support and security updates.

The collaboration is expected to be a boon for AI, edge computing, and IoT applications. "The combination of Qualcomm Technologies' processors with the popularity of Ubuntu among AI and IoT developers is a game changer for the industry," commented Dev Singh, Vice President, Business Development and Head of Building, Enterprise & Industrial Automation, Qualcomm Technologies, Inc...

"Optimised Ubuntu and Ubuntu Core images will be available for Qualcomm SoCs," according to the announcement, "enabling enterprises to meet their regulatory, compliance and security demands for AI at the edge and the broader IoT market with a secure operating system that is supported for 10 years." Qualcomm Technologies chose to partner with Canonical to create an optimised Ubuntu for Qualcomm IoT chipsets, giving developers an easy path to create safe, compliant, security-focused, and high-performing applications for multiple industries including industrial, robotics and edge automation...

Developers and enterprises can benefit from the Ubuntu Certified Hardware program, which features a growing list of certified ODM boards and devices based on Qualcomm SoCs. These certified devices deliver an optimised Ubuntu experience out-of-the-box, enabling developers to focus on developing applications and bringing products to market.

Debian

APT Interface 'Revamped' For Ubuntu 24.10 and Debian Trixie with Colors and Columns (9to5linux.com) 25

Ubuntu 24.10 [expected this October] and Debian GNU/Linux 13 "Trixie" [expected June-July 2025] "will feature a refined APT command-line interface," reports 9to5Linux: APT developer and Canonical engineer Julian Andres Klode took to LinkedIn to present the revamped APT interface powered by the upcoming APT 3.0 package manager that looks to give users a more concise and well-laid-out command-line output when updating, installing, or removing packages via the terminal emulator.

The new APT 3.0 UI brings a columnar display that will make it easier for users to quickly scan for a package name, support for colors (red for removals and green for other changes), which makes it easier to quickly distinguish commands at a glance, and smoother install progress bars using Unicode blocks.

In addition, the new APT 3.0 command-line interface will be less verbose and offer more padding to make it easier to separate sections and extract the relevant information for you.

"Bleeding-edge users and Linux enthusiasts who want to try this right now can check out Debian Unstable..."
Ubuntu

Canonical Now Doing Manual Reviews For New Packages Due To Scam Apps (gamingonlinux.com) 37

An anonymous reader quotes a report from GamingOnLinux: After repeatedly suffering issues with scam apps making it onto the Snap Store, Canonical maker of Ubuntu Linux have now decided to manually look over submissions. I've covered the issues with the Snap Store a few times now like on March 19th when ten scam crypto apps appeared, got taken down and then reappeared under a different publisher. Also earlier back in February there was an issue where a user actually lost their wallet as a result of a fake app. Multiple fake apps were also put up back in October last year as well, so it was a repeating issue that really needed dealing with properly.

So to try and do something about it, Canonical's Holly Hall has posted on their Discourse forum about how "The Store team and other engineering teams within Canonical have been continuously monitoring new snaps that are being registered, to detect potentially malicious actors" and that they will now do manual reviews whenever people try to register "a new snap name." On top of that soon they will also be releasing a new policy regarding "crypto-wallet and other sensitive snaps" with "guidelines for how to publish such a snap." Currently all of this is not supposed to be long-term, as it's an evolving situation.

Ubuntu

Ubuntu Linux LTS Releases Get Up To 12 Years of Support (betanews.com) 60

BrianFagioli shares a report from BetaNews: Canonical, the company behind the popular Ubuntu operating system, has announced a significant extension to the support lifecycle of its long-term support (LTS) releases. The new paid Legacy Support add-on for Ubuntu Pro subscribers will now provide security maintenance and support for an impressive 12 years, extending the previous 10-year commitment. This enhancement is available starting with Ubuntu 14.04 LTS and will benefit both enterprises and individual users who rely on the stability and security of Ubuntu for their critical systems. By default, Ubuntu LTS releases receive five years of standard security maintenance. However, with Ubuntu Pro, this is expanded to 10 years for both the main and universe repositories, offering access to a broader range of secure open-source software.

The Legacy Support add-on further extends this period by an additional two years, ensuring that organizations can maintain their systems with the latest security patches and support services without the immediate need to upgrade to a newer OS version. This is particularly beneficial for large, established production systems where transitioning to a new OS can be a complex and risky endeavor due to the potential need to update the entire software stack. The extended support includes continuous vulnerability management for critical, high, and medium Common Vulnerabilities and Exposures (CVEs) across all software packages shipped with Ubuntu. Canonical's security team actively backports crucial fixes to all supported Ubuntu LTS releases, providing peace of mind to users and enterprises. In addition to security maintenance, the Legacy Support add-on also offers phone and ticket support, enhancing Canonical's commitment to assisting customers with troubleshooting, break fixes, bug fixes, and guidance.

GNOME

GNOME 46 Released (9to5linux.com) 49

prisoninmate shares a report from 9to5Linux: Dubbed "Kathmandu" after the host city of the GNOME.Asia 2023 conference in Kathmandu, Nepal, the GNOME 46 desktop environment is here to introduce major new features like headless remote desktop support that lets you connect to your GNOME system remotely without there being an existing session. While experimental, Variable Refresh Rate (VRR) support is another major new feature in GNOME 46, which will allow you to change the variable refresh rate of your monitor from the GNOME Settings app in the Displays section. Talking about GNOME Settings, the GNOME 46 release brings a new System panel that incorporates the Region, Language, Date, Time, Users, Remote Desktop, and About panels, as well as new Secure Shell settings. Check out the release notes and the official release video here.

GNOME 46 will be available shortly in many distributions, such as Fedora 40 and Ubuntu 24.04. You can try it today by looking for a beta release here.
Mozilla

Mozilla Ends its Privacy-Friendly GPS-Style Location Service (omgubuntu.co.uk) 17

Mozilla Location Service offered "a free, open way to offer GPS-style location detection features" for developers on devices without GPS hardware, remembers the Linux blog OMG Ubuntu. It used signals like Wi-Fi access points and Bluetooth beacons "without any of the privacy implications most competing geolocation services have."

But Friday they reported that Mozilla "has announced it is ending access to Mozilla Location Service (MLS), which provides accurate, privacy-respecting, and crowdsourced geolocation data." Developers and 3rd-party projects that use MLS to detect a users' location, such as the freedesktop.org location framework GeoClue, which is used by apps like GNOME Maps and Weather, have only a few months left to continue using the service... In late March, POST data submissions will return 403 responses. Finally, on June 12, all 3rd-party API keys will be removed and MLS data only accessible by Mozilla...

MLS' accuracy has declined in recent years. Patent infringement claims in 2019 saw Mozilla reach a settlement to avoid litigation. As part of that settlement it was forced to make changes to MLS that impacted its ability to invest in (commercially exploit?) and improve the service.

The article notes that GeoClue "already supports multiple location detection methods, including IP-based ones," so it should continue operating.

"But the sad reality is that there just aren't a lot of free, open, privacy-friendly, accurate, and (rather importantly for a framework built in to Linux desktops) reliable alternatives to Mozilla Location Services, which has built up a colossal 'signal map' from which to pinpoint locations."

"We are grateful for the contributions of the community to MLS to both the code and the dataset," a Mozilla senior engineering manager said in a statement.
Security

Misconfigured Cloud Servers Targeted with Linux Malware for New Cryptojacking Campaign (cadosecurity.com) 16

Researchers at Cado Security Labs received an alert about a honeypot using the Docker Engine API. "A Docker command was received..." they write, "that spawned a new container, based on Alpine Linux, and created a bind mount for the underlying honeypot server's root directory..." Typically, this is exploited to write out a job for the Cron scheduler to execute... In this particular campaign, the attacker exploits this exact method to write out an executable at the path /usr/bin/vurl, along with registering a Cron job to decode some base64-encoded shell commands and execute them on the fly by piping through bash.

The vurl executable consists solely of a simple shell script function, used to establish a TCP connection with the attacker's Command and Control (C2) infrastructure via the /dev/tcp device file. The Cron jobs mentioned above then utilise the vurl executable to retrieve the first stage payload from the C2 server... To provide redundancy in the event that the vurl payload retrieval method fails, the attackers write out an additional Cron job that attempts to use Python and the urllib2 library to retrieve another payload named t.sh

"Multiple user mode rootkits are deployed to hide malicious processes," they note. And one of the shell scripts "makes use of the shopt (shell options) built-in to prevent additional shell commands from the attacker's session from being appended to the history file... Not only are additional commands prevented from being written to the history file, but the shopt command itself doesn't appear in the shell history once a new session has been spawned."

The same script also inserts "an attacker-controlled SSH key to maintain access to the compromised host," according to the article, retrieves a miner for the Monero cryptocurrency and then "registers persistence in the form of systemd services" for both the miner and an open source Golang reverse shell utility named Platypus.

It also delivers "various utilities," according to the blog Security Week, "including 'masscan' for host discovery." Citing CADO's researchers, they write that the shell script also "weakens the machine by disabling SELinux and other functions and by uninstalling monitoring agents." The Golang payloads deployed in these attacks allow attackers to search for Docker images from the Ubuntu or Alpine repositories and delete them, and identify and exploit misconfigured or vulnerable Hadoop, Confluence, Docker, and Redis instances exposed to the internet... ["For the Docker compromise, the attackers spawn a container and escape from it onto the underlying host," the researchers writes.]

"This extensive attack demonstrates the variety in initial access techniques available to cloud and Linux malware developers," Cado notes. "It's clear that attackers are investing significant time into understanding the types of web-facing services deployed in cloud environments, keeping abreast of reported vulnerabilities in those services and using this knowledge to gain a foothold in target environments."

Communications

To Replace HexChat, Linux Mint is Building a New Desktop Chat App Called 'Jargonaut' (omgubuntu.co.uk) 40

Ubuntu-based Linux Mint includes HexChat software by default "to offer a way for users of the distro to talk to, ask questions, and get support from other users," according to the Linux blog OMG Ubuntu.

But in February HexChat's developer announced its final release... That got devs thinking. As is, IRC isn't user-friendly. It's a kind of an arcane magic involving strange commands. Its onboarding is obtuse. And the protocol doesn't natively support things like media sharing (screenshots are useful when troubleshooting), clickable links, or other modern "niceties". And yet, IRC is a fast, established, open, and versatile protocol... It's free and immediate (no sign-up required to use it) which makes it ideal for 'when you need it' use.

So work has begun on a new dedicated "chat room" app to replace HexChat, called Jargonaut. Linux Mint's goal is not to build a fully-featured IRC client, or even an IRC client at all. Jargonaut is a chat app that just happens to use IRC as its underlying chat protocol. Users won't need to know what IRC is nor learn its syntax, as Jargonaut isn't going to respond to standard IRC commands... When the app is opened Linux Mint's official support channels are there, ready to engage with. A real-time support chat app built on IRC — with additional bells:

"[Jargonaut] will support pastebin/imgur via DND, uploading your system specifications, troubleshooting and many features which have nothing to do with IRC," says Linux Mint lead Clement Lefebvre in the distro's latest monthly update. "HexChat was a great IRC client which helped us make a relatively good support chat room. We're hoping Jargonaut will help us make this chat room even better and much easier to use."

"Like most of Linux Mint's home-grown XApps the new app is hosted on Github," the article points out, "which is where you should go t to check in on Jargonaut's current status, check out the code and compile it, or contribute to its development with your own fair hands."

The article also argues that IRC "isn't as trendy as Discord or Telegram, but it is a free, open standard that no single entity controls, is relatively low-bandwidth, interoperable, and efficient."
Ubuntu

'Canonical Turns 20: Shaping the Ubuntu Linux World' (zdnet.com) 38

"2004 was already an eventful year for Linux," writes ZDNet's Jack Wallen. "As I reported at the time, SCO was trying to drive Linux out of business. Red Hat was abandoning Linux end-user fans for enterprise customers by closing down Red Hat Linux 9 and launching the business-friendly Red Hat Enterprise Linux (RHEL). Oh, and South African tech millionaire and astronaut Mark Shuttleworth [also a Debian Linux developer] launched Canonical, Ubuntu Linux's parent company.

"Little did I — or anyone else — suspect that Canonical would become one of the world's major Linux companies."

Mark Shuttleworth answered questions from Slashdot reader in 2005 and again in 2012. And this year, Canonical celebrates its 20th anniversary. ZDNet reports: Canonical's purpose, from the beginning, was to support and share free software and open-source software... Then, as now, Ubuntu was based on Debian Linux. Unlike Debian, which never met a delivery deadline it couldn't miss, Ubuntu was set to be updated to the latest desktop, kernel, and infrastructure with a new release every six months. Canonical has kept to that cadence — except for the Ubuntu 6.06 release — for 20 years now...

Released in October 2004, Ubuntu Linux quickly became synonymous with ease of use, stability, and security, bridging the gap between the power of Linux and the usability demanded by end users. The early years of Canonical were marked by rapid innovation and community building. The Ubuntu community, a vibrant and passionate group of developers and users, became the heart and soul of the project. Forums, wikis, and IRC channels buzzed with activity as people from all over the world came together to contribute code, report bugs, write documentation, and support each other....

Canonical's influence extends beyond the desktop. Ubuntu Linux, for example, is the number one cloud operating system. Ubuntu started as a community desktop distribution, but it's become a major enterprise Linux power [also widely use as a server and Internet of Things operating system.]

The article notes Canonical's 2011 creation of the Unity desktop. ("While Ubuntu Unity still lives on — open-source projects have nine lives — it's now a sideline. Ubuntu renewed its commitment to the GNOME desktop...")

But the article also argues that "2016, on the other hand, saw the emergence of Ubuntu Snap, a containerized way to install software, which --along with its rival Red Hat's Flatpak — is helping Linux gain some desktop popularity."

Slashdot Top Deals