Updates on Technologies, Trends, and Tools
Linux Pro Online
Off the Beat * Bruce Byfield
Free Fonts for the Working Day Free-licensed fonts are one of the quiet triumphs of free software. A decade ago, the few that existed were poor in quality and selection.
The Typography Toolbar Extension for LibreOffice LibreOffice Writer is not actually a word processor – it is more of an intermediate desktop publisher.
Which Desktop Will Be the Default for the Next Debian Release? Announcing that Debian was considering defaulting to Xfce instead of Gnome, Joey Hess described the news as boring, apparently in the desperate hope that it wouldn't get major media coverage.
Productivity Sauce * Dimitri Popov
Better Power Management on Linux Notebooks with TLP Although your favorite Linux distribution may already include tools for managing power settings, installing TLP on your notebook won't hurt.
Mirakel: Android Task Manager that Syncs with Taskwarrior Another day, another task manager for Android. This time it's Mirakel, a sleek and lightweight open source app that lets you keep tabs on tasks with a minimum of effort.
MediaCrush: Open Source Image Hosting for Privacy-Conscious Users Next time you need to share a photo, an animated GIF, or an audio file, consider using MediaCrush.
Understanding I/O Patterns with strace, Part II By Jeff Layton
The language you use affects I/O patterns and performance. We track a simple write I/O pattern with Fortran 90 and look at how to improve performance.
HPC Cloud Storage By Jeff Layton
Many HPC sites with petabytes of data need some sort of backup solution. Among the many candidates, cloud storage is a serious contender. In this article, we look at one solution with some serious advantages: S3QL.
Denial of Service in the Cloud By Filipe Martins and Anna Kobylinska
In sophisticated DDoS attacks, attackers rely on and target the cloud, which allows them to work around conventional defense mechanisms. We explain how DDoS attacks in the cloud work and how to defend against them.
Free Enterprise Backup with BareosBy Jörg Steffens and Philipp Storz
Available on almost all platforms, the open source backup software Bacula is popular with many administrators – now the Bareos fork is poised to expand its leading role.
New Mint Minted
The Linux Mint team has released of Linux Mint 16 "Petra." Previous versions of Ubuntu-based Mint have made it one of the most popular desktop Linux distributions in the world – and put it in first place on the distrowatch download list. The Mint team appears poised to maintain that momentum, announcing several changes to the desktop environments, as well as system and performance improvements under the hood.
Mint posted separate press announcements for the separate editions centered around the Cinnamon and Mate desktop environments. Both versions include performance improvements for the Software Manager and Update Manager. Mint ISO images are no longer compressed, which means they take more space but perform better in Live boot scenarios. Both versions report system changes resulting in safer kernel updates, faster boot, better EFI support, and better support for the Steam game engine.
Cinnamon has a new user management applet, as well as updates to the Nemo file manager and new edge-snapping feature based on the Snap feature of Xbox One. The Mate edition (based on Gnome 2) gets a new login screen, a new tool for formatting USB sticks, and many artwork improvements.
See the Linux Mint website for information on downloading and installing Mint 16.
New Worm Attacks Linux Devices
Symantec has announced the discovery of a new worm that attacks Linux systems. The potential targets include Linux computers, as well as home routers, set-top boxes, and other devices running embedded Linux. The Linux.Darlloz worm spreads by exploiting a vulnerability in
php-cgi. Security experts have been aware of this exploit for over a year, and patches have been available for Linux systems since May 2012; however, unpatched home computers, and embedded devices that rarely see updates are potentially vulnerable to attack.
According to Symantec's Kaoru Hayashi, who announced the worm on his blog, "… the worm generates IP addresses randomly, accesses a specific path on the machine with a well known ID and passwords, and sends
HTTP POST requests that exploit the vulnerability. If the target is unpatched, it downloads the worm from a malicious server and starts searching for its next target."
Hayashi states that the ultimate target for this attack could be the "Internet of Things." Although the variant discovered in the lab is designed for attacking x86 systems, it appears the attacker has other versions of the worm tailored for ARM, PPC, MIPS, and MIPSEL architectures.
To keep the worm away, Symantec recommends the usual precautions, such as installing the latest software versions and patches and using stronger passwords. Also, Hayashi's blog post recommends configuring the gateway to block incoming
HTTP POST requests to
-/cgi-bin/php and several other specific paths related to
Oracle Releases Enterprise Manager 12c
Oracle announced the arrival of the Oracle Enterprise Manager 12c solution for managing and deploying Oracle 12c databases. The latest release places the emphasis on migrating to DBaaS (Database as a Service) cloud implementations. According to Oracle, the latest release "… adds new automation capabilities to enable quick provisioning of database clouds through self-service, saving administrators time and effort. These capabilities can help customers adopt Oracle Database 12c faster and pave the way to a DBaaS delivery model."
The latest release also includes optimizations to the Real Application Testing feature, which provides easy verification for routine database admin operations. Enterprise Manager 12c also comes with a DBaaS rapid start kit to assist with rolling out DBaaS cloud instances.
Blue Waters and XSEDE Sign Collaboration Pact
The National Center for Supercomputing Application (NCSA) Blue Waters petascale computing project and the Extreme Science and Engineering Discovery Environment (XSEDE) have signed a collaboration agreement. According XSEDE, the agreement "brings together the National Science Foundation's two largest cyberinfrastructure projects."
Blue Waters will participate as a Level 2 XSEDE service provider, offering tools and user support for the XSEDE research community. "Blue Waters and XSEDE have a common mission to accelerate discovery by providing exceptional resources, tools, and support for the national research communities," says Blue Waters project director Bill Kramer. "The Blue Waters project team members look forward to working with XSEDE to expand the impact and productivity of the science and engineering scholarly investigation teams."
Project Sputnik Gets a Boost
Dell Cloud Development head Barton George announced in his blog that Dell is reinvigorating its interest in Project Sputnik. Sputnik is designed to deliver a complete software development system, including a laptop computer, plus easy access to cloud resources for quick deployment of programming and testing environments. According to the Sputnik website, the project consists of:
- The Device – A Dell XPS 13 Ultrabook running Ubuntu 12.04 LTS
- Cloud Launcher – Lets you create "micro-cloud" environments on the laptop for testing and then deploy them to the cloud.
- Profile Tool – A library of profiles for simulating various development environments and toolchains.
By combining a high-end PC with state-of-the-art developer tools and convenient cloud access, Dell hopes to build a system that will become standard equipment for busy developers. George's announcement describes a new development effort, featuring a plan to integrate Sputnik with the Docker Linux container engine. This new investment in Sputnik could be an early indication of an emerging strategy for the newly privatized Dell, which is looking to expand its presence in niche markets that could deliver a greater potential for return than the mass-market consumer computer business.
PRACE Announces Summer of HPC Winners
The Partnership for Advanced Computing in Europe (PRACE) has announced the winners of this year's PRACE Summer of HPC, a program that offers "undergraduate and junior postgraduate university students the opportunity to spend two months of the summer at an HPC center in a PRACE partner country." Students undertake a visualization project based on the outcomes from other PRACE projects.
The prize for Best Visualization went to Niki Loppi of Aalto University, Finland, for a project created during his residency in the Czech Republic titled "Aerodynamic Modeling of a Submarine Spitfire." (Yes, we're talking about the WWII British fighter plane – Niki Loppi is an aeronautical engineering student.)
The HPC Ambassador award went to Vito Simonka, who worked at the Bacelona Supercomputing Center (BSC) in Spain. The HPC Ambassador award goes to the student who "best embodies the outreach spirit of the program." Simonka was recognized for his efforts with blogging and social networking to raise awareness of HPC.
See the Summer of HPC website for more on winners and additional information on the Summer of HPC.
openSUSE 13.1 Appears
The Novell-sponsored openSUSE project has released openSUSE 13.1. The latest release uses a Linux kernel from the 3.11 release branch. Enhancements include better performance under heavy I/O load, as well as improved Btrfs and ext4 filesystem support.
According to the openSUSE project, the developers have taken particular care this time with automated testing and a bug-fixing hackathon. The new release supports openSUSE's Evergreen project, which provides community-based extended maintenance for up to three years. On the desktop, openSUSE 13.1 provides the KDE 4.11, Gnome 3.10, Enlightenment E17, Xfce 4.10, and LXDE desktops. Also inside are LibreOffice 4.1.3 and Firefox 2.7 browser.
For server operations, you'll find Apache 2.4, MySQL 5.6, and MariaDB 5.5, as well as the OpenStack Havana cloud framework. A new feature called s3fs offers a userspace filesystem that stores data in the Amazon S3 service.
OpenSUSE 13.1 is officially available for download in the form of ISO images for various architectures, including i586, x86_64, and ARMv7. ARMv6 and ARMv8 (AArch64) are available as experimental architectures.
Red Hat Rolls out RHEL 6.5
Red Hat has announced Red Hat Enterprise Linux (RHEL) version 6.5. The latest release comes with several improvements to the virtualization toolset. For example, admins can enable or disable dynamic virtual processors (vCPUs) in active guests. KVM now supports configurations of up to 4TB of RAM and offers direct access to GlusterFS volumes.
RHEL 6.5 also offers improvements to the SSD controller interface, as well as support for the NVM Express (NVME) SSD. The admin can configure more than 255 LUNs for a single iSCSI target. Updates to the Kexec/Kdump mechanism allow dump files on systems with very large memory.
Another interesting new feature is the Precision Time Protocol (PTP), which supports application latencies in the microsecond range. The new release also boasts network monitoring improvements, including better monitoring of multicast activity through IGMP (Internet Group Management Protocol).
According to Red Hat VP Jim Totton, "The newest version of Red Hat Enterprise 6 forms the building blocks of the entire Red Hat portfolio, including OpenShift and OpenStack, making it a perfect foundation for enterprises looking to explore the open hybrid cloud."
Sneaky New Linux Attack Discovered in the Wild
Security experts announced the discovery of a Linux backdoor attack that is "more sophisticated than we have seen in the past." This attack apparently breached a large hosting provider, providing access to usernames, passwords, email, financial records, and other personal information. Although some of this information was encrypted, investigators could not rule out the possible theft of encryption keys.
The attack was unique in its ability to conceal its own communication within SSH. According to the report, "… the back door did not open a network socket or attempt to connect to a command and control server. Rather, the back door code was injected into the SSH process to monitor network traffic and look for the following sequence: colon, exclamation mark, semicolon, period (
The backdoor watches for this pattern and parses any traffic after the traffic is received. Hidden commands are encrypted using Blowfish and Base64 encoding. According to the report, once the code is activated, the attacker can submit any command using the syntax:
exec sh -c '[ATTACKER_COMMAND]'>/dev/null 2>/dev/null
The backdoor also supports several pre-configured commands and lets the attacker extract SSH connection data from the system.To detect the attack, search traffic for presence of the initiation string (
:!;.). The report at the Symantec site also describes a way to detect the attack through an SSHD process dump.
New Toshiba SSD Product
Toshiba announced a new solid-state product, the PX03SN. The SSD has a 1.6TB capacity and supports one full drive write per day. The new drive is "optimized for read-intensive read-caching and low-duty storage applications" and comes with a 12GBps serial-attached SCSI (SAS) interface. According to Toshiba, the drive is intended for customers looking for a balance between cost, endurance, and performance.
Toshiba Senior Marketing Director Don Jeanette says, "We are seeing increasing demand for eSSDs that offer an SAS interface and meet customers' endurance and price requirements without sacrificing performance."
Buy this article as PDF
Report from the X-Force group says attackers are using TOR to hide their crimes
Future Firefox extensions will be compatible with Chrome.
Better read this if you bought your computer before 2011
Users should upgrade to the new version as soon as possible
Xen project announces a privilege escalation problem for Qemu host systems
Attackers can compromise an Android phone just by sending a text message
PC vendor will pre-install Ubuntu on portables in India.
More embarrassment for Adobe's embattled multimedia tool
Mozilla’s script blocker add-on could be putting malware sites on the whitelist.
The Internet community officially banishes the notoriously unsafe Secure Sockets Layer protocol.