OpenSSH 7.5 Released

The OpenSSH project has announced the release of version 7.5 that comes with added security features.

"This release deprecates the sshd_config UsePrivilegeSeparation option, thereby making privilege separation mandatory. Privilege separation has been on by default for almost 15 years and sandboxing has been on by default for almost the last five," according to the release notes.

Additionally, portable OpenSSH has removed support for building against OpenSSL versions before 1.0.1, because OpenSSL stopped supporting those versions more than 12 months ago (i.e., they no longer receive fixes for security bugs).

According to Softpedia, "Among other changes, OpenSSH 7.5 updates the format of various log messages emitted by the packet code to include details about the user's authentication state, etc." You also can find the entire changelog onsite.

Ubuntu Touch Not Dead

It would seem that, at least in the short and mid-term, there are no plans on behalf of Canonical of producing a new version of Ubuntu Touch, the operating system for the Ubuntu phones put out by companies like bq and Meizu. It is also true that Canonical's hardware associates seem to have no plans to put out any new devices running the system.

One would be excused for thinking that the Ubuntu Touch/Phone project is dead or, at least, suspended, until such a time when the mobile market is more favorable.

However, this would be wrong on two counts. Firstly, it is now clear Ubuntu Touch, a system running on top of an Android base, was not meant to be the final thing for Canonical. Unity 8 running on Mir and a full Ubuntu Linux stack was the end game. Canonical's vision was one system for all devices, and a Ubuntu Touch was a temporary solution. (We review Unity 8 in the current issue of Ubuntu User, and, spoiler alert, it is not all there yet, but it does seem to be on its way).

Secondly, a free software project (and Ubuntu Touch is free software1) is not dead until there is nobody willing to support it. UBports is a group of independent developers who want to port Ubuntu Touch to as many models of smartphones as possible. Spearheaded by Smoose, a free software company from the Netherlands, and with the blessing from Canonical, the project has made its first target porting Ubuntu Touch to the Fairphone 2. The initiative has proven popular so far and the UBports community grew from 0 to nearly 100 members in its first two months.

The Fairphone is a logical choice for Smoose and UBports since it is consistent with the company's and community's principles. The Fairphone is produced with sustainability and fair trade in mind, and is also fair to the user, since all its components are easily replaced and customizable. Also, the rapid growth in the number of contributing members proves their is a real interest in developing an alternative, community controlled operating system to what is already out there.

Although Fairphone is the main immediate aim, UBports is also working on and improving the ports for the OnePlus One and Two, several Nexus devices, Optimus L90, and several others. This also gives hope to early adopting device owners who may think they were left out in the cold when they discovered no more updates for their handsets were forthcoming from Canonical.

The people of Smoose were at the MWC at the Canonical booth last week showcasing their project. They have also been kind enough to loan us a device for review. We will be talking about this project in depth and trying out the Fairphone with Ubuntu Touch in the next issue of Ubuntu User, on sale in May/June, so you can look forward to that.

Meanwhile, if you are interested in seeing if there is a port of Ubuntu Touch for your phone, or want to contribute, head over to the project's site, join the discussion, and try out some code.

1. Ubuntu Touch's code is mostly distributed under a GPL, with some components distributed under MIT and Apache licenses.

FBI Refuses to Release the Tool Used to Hack Terrorist's iPhone

The FBI has refused to disclose information about the tool it used to hack into the iPhone of San Bernardino shooter Syed Farook.

Initially the FBI asked Apple to create a backdoor so they could access the content of Farook's iPhone. Apple refused to create the backdoor, stating that once there, it can be used over and over.

Now it's clear that Apple's concerns were correct. According to ZDNet, "Justice Dept. officials say that details of a hacking tool used to access a terrorist's iPhone should not be released because it may still be 'useful' to federal investigators."

That contradicts the statement by FBI director James Comey where he tried to downplay the scope of the tool. Last year Comey said that the tool affects only the iPhone 5c running iOS 9. Despite initial considerations to share the vulnerability it exploited to unlock the iPhone with Apple, FBI later refused to disclose any such information with the company.

The FBI reportedly wasted more than $1 million to crack the iPhone in question, even though they did not extract any valuable information from the device. Last year the FBI was sued by three news organizations to disclose more information about the hack.

On March 13, 2017, David Hardy, section chief of the FBI's records management division, said in a court filing, "Disclosure of this information could reasonably be expected to cause serious damage to national security as it would allow hostile entities to discover the current intelligence gathering methods used, as well as the capabilities and limitations of these methods."

The FBI's refusal to share the flaw with Apple and the public is a double-edged sword. It's not just government agencies exploiting such flaws; there are security organizations whose primary business it is to find such flaws and sell them to criminals and repressive governments. By not disclosing information about the tool, the FBI is apparently putting every iPhone 5c user out there at risk of being hacked.


More Online

Linux Magazine

Off the Beat * Bruce Byfield

Unity Enters its Twilight

Unity, Ubuntu's default desktop environment, has always been ironically named. Begun after conflicts between Ubuntu and Gnome, Canonical Software and Ubuntu developed it as a solo effort after other projects ignored Mark Shuttleworth's famous challenge to develop an interface to rival Apple's.

New Guard and Old Guard Clash at Free Software Foundation

Does the Free Software Foundation (FSF) have internal conflicts? An answer is hard to find, because people prefer not to talk about the possibility. However, there are increasing indications that the FSF is having trouble adjusting to modern activism – and that part of the problem might be growing differences between FSF supporters and its founder Richard Stallman (RMS).

Free Software Makes Computers Knowable

A high school class mate of mine posted a comic piece about the problems with new software systems. The unspoken assumptions were that computers always caused problems, but that nothing much could be done about the situation. I smiled, but I realized that I no longer shared this attitude – and that free software was the reason why.

Why Universal Packages Aren't Universal Solutions

The initial announcements of Flatpak and Snap presented them as the solution to all of Linux's packaging problems. These claims soon proved to be ahead of actual development, but they linger in the minds of many users.


Simple HDF5 in Python and Fortran * Jeff Layton

Using the popular HDF5 I/O library with Python and Fortran.

ADMIN Online

Segmenting Networks with VLANsMathias Hein

Network virtualization takes very different approaches at the software and hardware levels to divide or group network resources into logical units independent of the physical layer. It is typically a matter of implementing secure strategies. We show the technical underpinnings of VLANs.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More