This month's News

NEWS

Article from Issue 174/2015

Updates on technologies, trends, and tools

Supermicro Announces New High-Density Server Solutions

High-performance server vendor Supermicro has announced a new class of Mini-ITX high-efficiency, low-power server solutions that the company says are "optimized for embedded and hyperscale workloads."

The new systems will be available as motherboard units or through Mini-Tower, rack server, or MicroBlade products. The Mini-ITX features a 64-bit Intel Xeon D-1500 processor with eight cores, 128GB of memory, and integrated 10GB Ethernet. According to president Charles Liang, the new "high-density server and storage solutions address growing demands for energy efficiency in data center and cloud environments."

The new Mini-ITX products are designed to help users achieve better performance per watt per dollar across a wide range of embedded and hyperscale scenarios.

Kernel Developers Adopt Code of Conflict

After many recent controversies and some high-profile critiques from influential developers, the Linux kernel team has posted new rules for developers to guide the often combative code reviewing process. The new guidelines appeared under the title "Code of Conflict." The rules are under the torvalds directory of the kernel Git tree, and Linus Torvalds is listed as the author, although the message itself is not signed by Linus. The document starts by explaining that the code review process requires careful critique to ensure high quality, and all contributors should expect to receive feedback on their work. The next part of the message adds a revolutionary new factor to the process, stating that the behavior of developers, as well as the quality of code, will be subject to review. The guidelines state:

"If however, anyone feels personally abused, threatened, or otherwise uncomfortable due to this process, that is not acceptable. If so, please contact the Linux Foundation's Technical Advisory Board (tab@lists.linux-foundation.org), or the individual members, and they will work to resolve the issue to the best of their ability."

The addition of Linux Foundation Advisory Board as an independent referee and monitor for developer conflicts makes the kernel community a little less hierarchical and autocratic than it has seemed to some in the past. The good news is that, if the process works, the top-tier kernel developers will be able to focus their energies on what they do best – writing and reviewing code, with fewer controversies, rants, and flame wars.

The document ends in an endearing Linux geek flourish that sums up the aspirations of so many: "As a reviewer of code, please strive to keep things civil and focused on the technical issues involved. We are all humans, and frustrations can be high on both sides of the process. Try to keep in mind the immortal words of Bill and Ted, 'Be excellent to each other'."

Linus Torvalds Announces Linux 4.0

Linus Torvalds has announced that the next release of the Linux kernel will have the name Linux 4.0. This release will mark the end of the Linux 3.X series, which began in July, 2011, and will mark the beginning of a new 4.X series. The announcement comes after Linus polled kernel developers to see if they were ready to start a new series. (If the developers had voted down the 4.0 name, the release would have been Linux 3.20.)

The next release has received some significant attention for adding live kernel patching. Still, the casual attitude of Linus and the other developers regarding the release number is strangely comical – seemingly a parody of the commercial software industry, where a new "major release" is accompanied with vast explosions of fanfare and hype. As Linus says in his message to the kernel mailing list, "Because the people have spoken, and while most of it was complete gibberish, numbers don't lie. People preferred 4.0 and 4.0 it shall be. Unless somebody can come up with a good reason against it."

According to Torvalds, the strongest argument for some people wishing for the start of the 4.X series was "… a wish to see 4.1.5, because that was the version of Linux skynet used to the T-800 Terminator," an android played by Arnold Schwarzenegger in the Terminator film series.

He goes on to the report that "… moving to 4.0 does not mean that we somehow changed what people see. It's all just more of the same, just with smaller numbers so that I can do releases without having to take off my socks again." Torvalds plays down the argument that it is better for a major number change to match a major feature release, stating "We don't break compatibility, and we haven't done feature-based releases since basically forever."

The current version of Linux 4.0 is a release candidate. The kernel team will wait for feedback and bug fixes before posting the final release.

Ubuntu Switches to systemd

Ubuntu developer Martin Pitt has announced the official switch to the systemd startup daemon for the upcoming Ubuntu 15.04 "Vivid Vervet" release. Ubuntu's plan to switch to systemd has been known for some time. Canonical founder and Ubuntu godfather Mark Shuttleworth announced the change a year ago after the Debian project (which is the basis for Ubuntu) elected to adopt systemd. Still, the official announcement marks the end of an era for users of the many Ubuntu variants and other derivative distros that depend on the Ubuntu development system.

The init startup daemon served the Unix and Linux communities for years, but many developers believe a change to a newer system is necessary. Those clamoring for the change believe modern methods require a service management system with better parallel processing and more efficient handling of complex dependencies. Debian's migration to systemd caused some controversy within the community and even precipitated a fork, known as Devuan, which will continue to develop around init.

Ubuntu had previously determined init needed replacing and was working on its own init alternative, known as Upstart, in recent releases. With this change to systemd, Ubuntu is discontinuing work on Upstart.

Debian plans to enable systemd by default in the upcoming Debian 8 "Jessie" release. Fedora, Arch, openSUSE, and Mageia have installed systemd by default for two years or more. Red Hat Enterprise and SUSE Linux Enterprise made systemd the default in 2014. Ubuntu's announcement means that systemd is truly the new standard service startup daemon for the Linux universe.

Old Vulnerabilities Are Kept AliveThrough Bad Configuration

HP released its annual Cyber Risk report, which summarizes and attempts to quantify some of the major security problems facing IT departments today.

One of the more interesting findings is that "Well-known attacks are still commonplace." In other words, despite the attention that admins, intruders, and spies pay to new zero-day attacks, many of the vulnerabilities exploited in 2014 have been around for years – or even decades. Misconfigured servers and poorly coded middleware layers keep old vulnerabilities alive even when remedies might be known.

The report also states that new technologies, such as the Internet of Things (IoT) and point of sale credit systems, have led to new avenues of attack. To compound the problems, intruders are more numerous and more sophisticated than ever, and traditional protections such as anti-malware scanners are less reliable with the new generation of attacks. According to the report, anti-malware software catches only about half of all cyberattacks.

An executive summary of the 2015 Cyber Risk report is available for download. You'll need to register with an email address and some basic information.

Big Samba Security Bug Revealed

The Samba team has confirmed a recent CVE report (CVE-2015-0240) regarding a flaw in the smbd file server daemon that could allow a remote user to execute arbitrary code with root privileges. The vulnerability, which was originally discovered by Microsoft, affects Samba versions from 3.5.0 to 4.2.0rc4.

The Samba project has already released a patch and recommends an immediate patch or upgrade. The Samba team also provides a workaround for versions 4.0.0 and later, which consists of disabling rpc_server netlogon.

PrivDog Security App Could Compromise User Security

The PrivDog "security" application by AdTrustMedia has come under fire as yet another SSL manipulation tool that actually compromises security. According to the US_CERT report, PrivDog is supposed to provide "… safer, faster, and more private web browsing." The tool actually behaves as a man-in-the-middle proxy that replaces online ads with different ads.

PrivDog inserts its own trusted root CA certificate into the connection, and according to reports, affected versions of the tool fail to check the certificates of the sites visited by the user properly, which means no warnings will appear when the user visits some spoofed HTTPS web pages. The CERT team has confirmed that the problem affects version PrivDog 3.0.96.0. However, even if you're using another version of the tool, this might be a good time to ask whether your web browsing will really be "safer and more private" if you let a third-party company insert itself into all of your HTTPS connections, which actually seems to defeat the whole purpose of HTTPS.

This discovery comes on the heels of a similar controversy regarding the Superfish tool distributed by PC vendor Lenovo, which allegedly plays similar tricks with SSL connections to inject ads. Lenovo claims it is no longer shipping Superfish, but the recent trend for so-called "security" add-on tools that break the chain of trust for SSL connections shows just how much the IT industry has come to depend on online advertising – and how far some companies are willing to go to cultivate sources of ad revenue.

More Online

Linux Pro Magazine

http://www.linuxpromagazine.com

Off the Beat * Bruce Byfield

Nine Myths About Styles in LibreOffice Writer

As Robin Williams (the designer, not the comedian) once explained in her book title, The PC Is Not A Typewriter. Office and layout programs are not just a keyboard with a screen, but an entirely different way of working. Central to that difference is the idea of styles – a defined set of formatting options comparable to a variable declared in code. Yet many writers refuse to use styles, preferring to format everything manually, even at the cost of making their work slower and more laborious.

Why I'm Switching from Gimp to Krita

I consider myself neither a technophile nor a technophobe. Yet every once or twice a year, I discover a piece of software so well-designed and useful that I spend whatever spare time I have learning it as thoroughly as possible. For the past couple of months, that software has been the paint program Krita.

Flash in the Pan

I've known for several years that development of Adobe's Flash player for Linux has ended except for service updates. In the last couple of months, though, maintaining it on my Debian system has become a series of rear guard actions.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Ubuntu Switches to systemd

    Upstart lands in the dust bin as a new era begins for Linux.

  • Welcome

    The world is left to wonder if the recent news of a Debian fork is an important event or a minor historical footnote. Either way, it seems like a good story, reminiscent of the Linux stories of the past, when the community really looked and behaved like a collection of individuals rather than a corporate fan club.

  • Packages in systemd

    You might need to tweak your Debian or Ubuntu packages to get them to work with systemd.

  • Command Line: Systemd

    Wondering what all the fuss is about systemd? We explain the basic concepts and capabilities of the new system management suite – coming soon to a distro near you.

  • systemd-networkd

    The new networkd component of the systemd project supports basic network configuration. Despite its early stage of development, one thing is clear: This is a daemon with brains.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News