| DistroWatch Weekly
|DistroWatch Weekly, Issue 603, 30 March 2015
Welcome to this year's 13th issue of DistroWatch Weekly!
There are many threats lurking on the Internet with all sorts of people monitoring what we do, trying to break into our systems and initiating scams. This week we focus on security and some of the tools available to help protect ourselves when we are on-line. We begin with a review of the Tails distribution. Tails provides users with a live operating system that locks down the web browser and redirects network traffic through Tor for added anonymity. Read on to find out more about Tails and its features. This week we also share a book on Linux firewalls and security tools, a good resource for people who wish to lock down their networks and keep the bad guys out. In our News column we discuss new features coming to Kubuntu, share an update on the Debian Project Leader election and talk about a new on-line office suite based on LibreOffice. Next we discuss some surprising changes happening with the systemd project and its roadmap. We then share the torrents we are seeding in our Torrent Corner and present the distributions released last week. Finally, we have a new feature coming soon and we share the details below in our Ask A Leader column. We wish you all an amazing week and happy reading!
|Feature Story (by Jesse Smith)
Privacy and Tails 1.3
Privacy and security are difficult to come by in our progressively connected world. Advertisers track our browsing habits, employers monitor productivity and government agencies monitor our communications. Most operating systems do not take steps to protect our privacy or our identities, two things which are increasingly difficult to guard. Tails is a Linux distribution that is designed to help us stay anonymous on-line and protect our identity. Tails is a Debian-based live disc that we can use to scrub our files of meta data, browse the web with some degree of anonymity and send private messages. According to the project's website, "Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network; leave no trace on the computer you are using unless you ask it explicitly; use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging."
The latest release of Tails, version 1.3, ships with the Electrum Bitcoin wallet and an updated web browser that limits reading & writing data to specific directories. The developers of Tails go out of their way to point out that while Tails should help to keep people anonymous and secure when on-line, the software does have limitations. In other words, Tails is one tool that can be used to help keep our on-line activities private, but it is not perfect and additional precautions should be taken.
Tails 1.3 -- Browsing the web through Tor
(full image size: 153kB, resolution: 1280x1024 pixels)
I downloaded the 910MB image of Tails 1.3. Booting from the live media brings up a graphical screen. A menu then appears asking if we would like to configure the Tails environment. If we select "No" on this screen, then we are immediately brought to GNOME 3's Classic desktop environment. Selecting "Yes" brings up a configuration screen with a short list of options. The configuration screen allows us to set an administrative password on our live session and enable "camouflage" which makes the desktop environment resemble Windows 8. We can also enable/disable the spoofing of MAC addresses and configure network settings such as the operating system's firewall and proxy settings. At the bottom of the display we find options for switching between two languages (English and German) and changing our keyboard's layout.
Tails uses the GNOME Classic desktop with the application menu and system tray positioned at the top of the screen. The task switcher panel is placed at the bottom of the screen. The desktop's wallpaper is a neutral blue and on the desktop we find icons for opening the file manager, reporting bugs and accessing the Tails documentation. Clicking the icon for reporting a bug opens a web browser which displays the Tails documentation and support portal. The documentation icon opens a local copy of the project's Getting Started guide. In the upper-right corner of the screen we can find an icon that resembles an onion. This onion icon indicates whether we are connected to the Tor network and clicking the icon allows us to view information about Tor and change our network settings as they relate to Tor.
I experimented with running Tails with the Windows 8 themed desktop. I think the Windows theme holds up fairly well, at least if another person merely glances at the screen. The desktop generally resembles Windows 8 and the only icon on the desktop is a recycle bin. The task switcher and system tray are positioned at the bottom of the screen. The main thing which gives away the fact we are not running Windows is the desktop's traditional application menu.
Tails 1.3 -- Blending into the crowd with the Windows desktop theme
(full image size: 533kB, resolution: 1280x1024 pixels)
During my trial, I tried running Tails on a physical desktop computer and in a VirtualBox virtual machine. In both environments Tails performed well. Networking and audio functioned out of the box and my screen was set to its maximum resolution. Tails integrates with VirtualBox well and I was pleased to see Tails will detect when it is running in a virtual machine and display a warning, letting the user know the operating system is running on virtual hardware. When the operating system shuts down it ejects our live media and wipes the computer's memory in an attempt to remove all trace Tails was being used. I found the distribution required about 220MB of memory when sitting idle at the GNOME Classic desktop.
Tails ships with quite a number of applications. We are given the Firefox web browser (version 31), the Claws Mail e-mail application, the Electrum Bitcoin wallet, the Pidgin instant messaging software and the Gobby collaborative document editor. Tails provides us with a copy of the LibreOffice productivity suite, a document viewer, the GNU Image Manipulation Program and the Inkscape vector drawing software. The distribution ships with the Scribus desktop publishing application, a sound recorder and a meta data removal tool to scrub identifying information from files. In the application menu we find the Audacity audio editor, the Brasero disc burning software, the Totem video player and the PiTiVi video editor. The distribution also ships with an audio CD ripper, the Traverso audio recording and editing software and a full compliment of multimedia codecs. The WhisperBack application is available to help us send encrypted bug reports and there are tools for creating and removing persistent volumes. The persistent volume utility appears on only work if we are running Tails from a USB flash drive. Tails ships with accessibility tools, including a virtual keyboard, the Orca screen reader and the Dasher predictive text selection program. Further, Tails ships with an archive manager, a calculator, a text editor and the KeePassX password manager. There is also a program for verifying the checksum hashes of files and text. Java is available with the distribution and there are a number of small configuration tools for changing the look of the GNOME Classic desktop. In the background we find the Linux kernel, version 3.16.
Tails 1.3 -- Scrubbing meta data from files
(full image size: 141kB, resolution: 1280x1024 pixels)
I found the software that ships with Tails generally works well and I did not run into any serious bugs. I do feel there are some applications and characteristics of the distribution that are worth mentioning. One is that the Firefox web browser can be run in one of two modes, Tor and Unsafe. The Unsafe version of the browser does not run network traffic through Tor and should probably not be used if we wish to remain anonymous. The Unsafe version of Firefox has a red theme to remind us it is not the recommended way to browse the web. The Tor version of the browser looks like plain, regular Firefox, but the browser does ship with extra add-ons enabled. The Firefox web browser has AdBlock Plus, HTTPS-Everywhere and NoScript enabled. In addition, the browser has a Tor button in the upper-left quadrant of the window that allows us to change our security settings and select a new Tor identity.
Another aspect of the distribution worth mentioning is Tails allows us to install additional software using the Synaptic package manager. To work with Synaptic we should set a password on the root account first using the configuration screen that is available when we first boot Tails. Using Synaptic we can connect to the Debian, Tails and Tor software repositories to download additional applications. Since Tails is usually run as a live disc the programs we install will not persist across a reboot and should be small enough to fit inside our computer's memory.
I think it should be noted that while our web traffic and, I think, our messaging traffic are routed through Tor, we can still access services on the local network. For example, I was able to connect to OpenSSH servers on my local network by specifying the remote host's IP address. This direct access to servers can be convenient, but it side-steps the anonymity of Tor and should be avoided.
Tails 1.3 -- Checking messages with Claws Mail
(full image size: 172kB, resolution: 1280x1024 pixels)
Tails is one of my favourite types of distributions to review. The project has a clear set of goals: providing anonymous browsing and secure messaging without leaving behind any trace of our activity. The distribution worked well in my test environments, I did not run into any problems and all the software that shipped with Tails worked as expected.
For most people I think setting up something like Tor is probably going to be confusing and some people will make mistakes trying to add security software to their computers. Having a project like Tails means a person interested in privacy can download (or otherwise acquire) a copy of the live disc, put it in their computer and just start using it. While Tails cannot provide perfect security and anonymity, it is probably one of the best "boot and go" security distributions currently available.
I like that the Firefox web browser ships with several extra add-ons to further protect the user and provide additional guards against tracking and man-in-the-middle attacks. I further appreciate that Claws Mail makes it easy to encrypt e-mail messages, assuming we have access to another person's public security keys. I also like that Claws Mail will warn us that parts of our e-mail message may not be encrypted, depending on our settings.
The one thing I missed while using Tails was a simple key/encryption utility such as KGpg. While Claws Mail will send encrypted messages and do some basic key handling for us, I think having a dedicated encryption/key application would be beneficial.
Perhaps my favourite Tails feature is the project's documentation. The user guide is well organized and explains concepts clearly, in a way I feel most users (even less technical minded ones) will understand. It is easy to make mistakes when trying to be secure on-line and the Tails documentation does a great job of warning people about potential dangers and explaining both the features and limitations of the Tails distribution. For people who need to communicate privately on-line, I believe Tails to be a very useful tool.
* * * * *
Hardware used in this review
My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications:
- Processor: Dual-core 2.8GHz AMD A4-3420 APU
- Storage: 500GB Hitachi hard drive
- Memory: 6GB of RAM
- Networking: Realtek RTL8111 wired network card
- Display: AMD Radeon HD 6410D video card
|Miscellaneous News (by Jesse Smith)
Kubuntu prepares to roll out Plasma 5, Debian's Project Leader election update and a web-based LibreOffice in the works
Jonathan Riddell, Kubuntu's lead developer, blogged last week and talked about some of the important changes coming to the Kubuntu distribution. One such change is the switch from using KDE 4 to Plasma 5. Riddell claims Kubuntu will be the first Linux distribution to offer a stable release with the Plasma 5 desktop. Riddell also had some thoughts to share on Ubuntu adopting systemd: "Last week Ubuntu switched over to systemd for [its] boot system. It's complex and faffy but at least we have the same complex and faffy as the rest of the world. There was a strange issue during the switchover where login manager SDDM suddenly disabled itself from starting. If you get that just run: `systemctl enable sddm'."
* * * * *
The election for the next Debian Project Leader (DPL) is now in full swing. The campaigning part of the election where candidates get to discuss their platforms is nearly at an end. Later this week, starting April 1st, Debian developers will begin casting their votes for their next Fearless Leader. There are three nominees for DPL and they have presented their platforms. The nominees are: Mehdi Dogguy, Gergely Nagy and Neil McGovern. The election for DPL will conclude on April 14th.
* * * * *
The Fedora Magazine reported last week that an on-line version of LibreOffice will soon be available. LibreOffice Online will serve as a competitor to Google Docs and Microsoft's Office 365. LibreOffice Online is being developed as a joint project between Collabora and IceWarp and both organizations say they will be working closely with the upstream LibreOffice project. Collabora's announcement has more details: "The lightweight document management features already built into the collaboration and messaging solution, IceWarp Server, allow users to store, manage and preview office documents in the web browser, without having any office suite installed on their computers. To edit the documents, IceWarp provides a seamless connection between its web-based storage and productivity applications installed on [the] user's computer. The growing popularity of these features lead IceWarp developers to consider how best to do without an office suite completely, and move it into the browser." The proposed solution could be attractive to people who need to work from the road or collaborate on documents with peers.
|Humour (by Jesse Smith)
The systemd Project Forks the Linux Kernel
The systemd project began as an alternative implementation of init, the software which brings an operating system on-line when a computer boots. Traditionally, Linux distributions have used either the SysV init software or Upstart. While these older init systems had their benefits, systemd developers saw room for improvement and the chance to leverage several underutilized features available to modern Linux distributions. Using systemd, distributions are able to more easily start services in parallel, simplify service dependencies and make easier use of cgroups.
Many people in the Linux community have welcomed the improvements systemd's init implementation brings and have praised the speed and ease of use systemd provides to the distributions adopting the new init implementation. The benefits of systemd have caused most mainstream Linux distributions, including Fedora, openSUSE, Mageia and Debian, to replace their ageing init software with systemd packages. Later this year, Ubuntu will switch from using Upstart to systemd, with Ubuntu community distributions expected to follow. Only a few conservative or experimental distributions such as Slackware and Void have stuck with alternative init software.
Despite systemd's many benefits and modern features, some people in the Linux community are wary of the project and its rapid expansion. One common concern is the systemd project has a habit of taking on additional features outside the scope of a traditional init implementation. To date, systemd has taken on logging, time synchronization, mounting partitions, a console daemon (replacing the Linux virtual terminal), login sessions and seats, network configuration and device management. Some people feel the systemd project should focus on performing one task well while allowing separate projects to handle other tasks. Detractors of systemd point out the UNIX Philosophy recommends each project have a narrow focus and try to do one thing well while playing nicely with other projects. Lennart Poettering, the founder and lead developer of systemd, argues the systemd project is more UNIX-like than the way Linux distributions have traditionally been developed, in large part because systemd brings many small projects under one umbrella: "In fact the design of systemd as a suite of integrated tools that each have their individual purposes, but when used together are more than just the sum of the parts, that's pretty much at the core of UNIX philosophy. Then, the way our project is handled (i.e. maintaining much of the core OS in a single git repository) is much closer to the BSD model (which is a true UNIX, unlike Linux) of doing things (where most of the core OS is kept in a single CVS/SVN repository) than things on Linux ever were."
The systemd developers have occasionally bumped heads with developers working on other projects, perhaps most notably Linus Torvalds, lead developer of the Linux kernel. Since systemd's init software works to bring the operating system on-line at boot time, systemd needs to work closely with the kernel and this can cause problems. In fact, some conflict and proposed solutions have resulted in at least one systemd developer getting banned from contributing to the Linux kernel.
Now it appears as though the systemd developers have found a solution to kernel compatibility problems and a way to extend their philosophy of placing all key operating system components in one repository. According to Ivan Gotyaovich, one of the developers working on systemd, the project intends to maintain its own fork of the Linux kernel. "There are problems, problems in collaboration, problems with compatibility across versions. Forking the kernel gives us control over these issues, gives us control over almost all key parts of the stack."
In essence, systemd will gain another component, the Linux kernel, which can be patched as needed to work better with other systemd components. Having both the init software and the kernel managed by one project will also allow bug fixes to be addressed more quickly and avoid conflict between Linux and systemd developers. Ivan says systemd developers plan to merge improvements and changes from Torvalds' kernel into the systemd project and, in an e-mail, confirmed systemd developers will make their own patches public so they can be merged back into Linus' Linux.
Having two versions of the Linux kernel raises concerns about compatibility, but Ivan Gotyaovich states the systemd developers will work hard to maintain ABI compatibility and avoid breaking any userspace packages. He also states this could be an exciting time for Linux users: "Since until now development of GNU/Linux has been fragmented, slowed by poor communication and conflicting designs. Our systemd project offers distributions a united core where almost all key components live. Soon we will not need dozens of separate userland components talking with an alien kernel. All components will work together by design. We will no longer need GNU/udev/ntpd/NetworkManager/syslogd/Linux. Instead we will soon have GNU/systemd, [a] much simpler, unified platform. GNU/systemd will be a better target for third-party developers and easier to support."
While some members of the Linux community may not like the idea of a further expanding systemd project, it is hard to deny GNU/Linux has been a difficult platform for independent software vendors, particularly game developers. Products like WPS and Steam tend to target one or two specific distributions and leave porting and compatibility issues up to individual distributions to solve. Having one united core operating system for Linux users may make the platform more attractive to a wider range of companies and developers who do not have the resources to properly support the hundreds of permutations of software found across GNU/Linux distributions.
What do you think of a united GNU/systemd operating system? Is this a way for Linux distributions to become more standardized, the way other platforms like OS X and FreeBSD are? Or is the systemd project expanding too far, taking on more than its developers should? Leave us a comment below with your thoughts on the subject.
|Book Review (by Jesse Smith)
Linux Firewalls (Fourth Edition)
Last November I talked about an educational text called The Book of PF. The Book of PF talks about firewalls and packet filtering on OpenBSD, FreeBSD and other operating systems in the BSD family. The book is filled with short examples and bits of practical wisdom that guide the reader through setting up packet filtering on the BSD family of operating systems. Despite its powerful nature and straight forward syntax, PF is not available on Linux and so I wanted to explore another text that would talk about the powerful firewall technologies available to Linux users. To that end, I picked up a copy of "Linux Firewalls: Enhancing Security with nftables and Beyond" by Steve Suehring.
While I have used Linux for many years and set up many a firewall using Linux distributions, I tend not to deal with the low-level commands that are at the heart of Linux firewalls. In my work I can usually get away with using a convenient front-end to Linux firewall technology such as UFW or FirewallD. It is not often I need to descend deeper to work with iptables and I have not, to date, ever had the need to work with the more modern nftables, which appeared in version 3.13 of the Linux kernel. Reading the book Linux Firewalls seemed like a good opportunity to learn about the benefits of nftables.
One of the first things to stand out about Linux Firewalls is that the author tends to take a high level approach when discussing topics. The book talks a lot about theory and general ideas, more so than diving into practical examples. I suspect the author did this because networking concepts stay more or less the same over time while specific implementations of firewalls and networking tools change. By taking an abstract view of networking, the material covered in Linux Firewalls will probably remain relevant even after iptables and nftables become obsolete. The abstract approach is perhaps most apparent in the chapter on virtual private networks (VPNs). The book talks a bit about what a VPN is and why we might use one and even mentions three VPN packages available for Linux. However, there is no discussion about how to set up a VPN or how to securely configure a VPN. Such information, which is likely to be distribution and/or package specific, is left for the reader to look up in other resources.
Another thing I noticed about Linux Firewalls is the book appears to work from the assumption we are passingly familiar with other firewall technologies, such as iptables, and that we are reading this book to either polish our knowledge of iptables or we want to learn about nftables while using iptables as a reference point. In this way Linux Firewalls is probably not intended as a beginner text and is better suited to either freshen up our existing knowledge or expand our knowledge from one packet filter implementation to another. People already somewhat familiar with iptables will likely appreciate this direct approach and lack of hand holding. However, newcomers to Linux and/or firewalls may feel overwhelmed as the book dives quickly into the subject matter.
One aspect of Linux Firewalls I appreciated was that there are reference implementations of complex firewalls in the book's Appendix B. The Appendix provides a number of examples and scripts for setting up complete firewalls. The scripts include variables and flags we can set, customizing the scripts to our specific network. By just adjusting two or three lines of the provided scripts we can tailor the provided firewall recipe to our network and quickly enable or disable specific services. Usually I recommend against copy/pasting code from a reference into a live network environment, but these examples appear flexible enough to work in many cases with minimal adjustments.
On the other hand, I found Linux Firewalls was often terse in is explanations and instructions. I had the impression the author assumed the reader would have a strong working knowledge of Linux and feel comfortable performing tasks I would consider advanced concepts. As an example, early on we are told we may need to enable a specific feature by "using make config, make menuconfig or make xconfig and then recompile and install the new kernel". To an experienced Linux system administrator this idea may seem straight forward, but less experienced users may be wondering where they can download the kernel's source code, what to select after they run "make menuconfig", what the difference is between "make config" and "make xconfig" and how to compile and install a kernel from source code. The answers to these questions are provided elsewhere and the book does not dive into the details, instead sticking to higher level concepts and moving on to tackle the next firewall-related topic.
Earlier I mentioned The Book of PF and that is mostly so I can contrast the two texts. The Book of PF has a very "hands on" approach to dealing with firewalls. We are shown brief examples and the mechanics of those examples are explored. As the book goes on the examples grow and we see the pieces of firewall configuration snap together like building blocks. The Book of PF shows us the differences between PF implementations and is written for specific versions of PF, OpenBSD and FreeBSD. By comparison, Linux Firewalls is quite a different sort of resource. In Linux Firewalls we deal more with abstract concepts and then we get to see firewall configurations which demonstrate these concepts. While Linux Firewalls does provide examples, I feel individual components are explored less, in favour of dealing with more topics such as security, network monitoring and packet forwarding. I think Linux Firewalls covers more territory as far as big-picture networking is concerned and the material covered is less tied to a specific distribution or technology.
To put it another way, I feel Linux Firewalls is like a chemistry text book where we learn about atoms and molecules bonding and we get to see instructions on how to cause certain reactions. The Book of PF is more like a home chemistry set where we touch and mix bits of material together to see what happens. Both approaches are valid and both are good teaching tools, but chances are each person will have a preference for one style of learning over the other.
I want to stress that one nice thing about Linux Firewalls is the book is distribution agnostic. The nftables examples provided in the text should work with any modern Linux distribution and the iptables examples should work with every Linux distribution. This is nice as it makes the book practical for any Linux administrator without tying us to one distribution. This book does jump straight into advanced concepts, making it more of a resource for upgrading our skills rather than a beginner guide. This is also one of the few texts I've encountered that explores the relatively young nftables packet filtering technology in Linux and I found it useful for exploring the topic.
* * * * *
- Title: Linux Firewalls: Enhancing Security with nftables and Beyond (Fourth Edition)
- Author: Steve Suehring
- Published by: Pearson
- Pages: 432
- ISBN-10: 0-13-400002-1
- ISBN-13: 978-0-13-400002-2
- Available from: InformIT and Amazon
|Ask A Leader
Ask A Leader: Introduction
At DistroWatch we talk about a lot of open source operating systems and we have a great time sharing new technology with you. We always try to focus on distributions and features we feel our readers will find interesting. However, sometimes we overlook things people later tell us they are interested in and, other times, we hear from distribution developers asking why we have not mentioned a special aspect of their project. We love talking about technology, but we just can't cover every characteristic of every distribution.
With this in mind we are going to try an experiment where our readers have a more direct way to communicate with leaders in the open source community. You will be able to ask questions and developers can share their cool new features. We are calling our new column Ask A Leader. Through this column readers will have a chance to submit questions on any subject to a member of the open source community. The open source leader or developer will respond to the questions and talk about the cool new projects they are working on. We will then post their answers and comments here in the Ask A Leader column.
This week we are happy to present several leaders who have kindly volunteered to answer your questions. They are:
To ask these leaders a question, please leave a comment below with "Ask A Leader" in the subject line along with the name of the person you want to answer your question. For example, "Ask A Leader: Matthew Miller". Feel free to ask as many questions as you like. You can also e-mail your questions to email@example.com and put "Ask A Leader" in the subject line of the e-mail with the name of the community leader (or leaders) you wish to have answer your question. Feel free to ask anything about their projects, open source, licenses or community issues.
- Matthew Miller of the Fedora Project
- Jeff Hoogland from Bodhi Linux
- Sunit Kumar Nandi of the SuperX distribution
- Dru Lavigne from the PC-BSD project
We will collect your questions, forward them to the community leaders and, in a future edition of DistroWatch Weekly, we will publish their responses and comments.
We also welcome open source developers and community leaders to join in the discussion. If you are an open source distribution developer and would like to answer some questions, please drop us a line at firstname.lastname@example.org and let us know you are available to respond to our readers' queries.
Bittorrent is a great way to transfer large files, particularly open source operating system images, from one place to another. Most bittorrent clients recover from dropped connections automatically, check the integrity of files and can re-download corrupted bits of data without starting a download over from scratch. These characteristics make bittorrent well suited for distributing open source operating systems, particularly to regions where Internet connections are slow or unstable.
Many Linux and BSD projects offer bittorrent as a download option, partly for the reasons listed above and partly because bittorrent's peer-to-peer nature takes some of the strain off the project's servers. However, some projects do not offer bittorrent as a download option. There can be several reasons for excluding bittorrent as an option. Some projects do not have enough time or volunteers, some may be restricted by their web host provider's terms of service. Whatever the reason, the lack of a bittorrent option puts more strain on a distribution's bandwidth and may prevent some people from downloading their preferred open source operating system.
With this in mind, DistroWatch plans to give back to the open source community by hosting and seeding bittorrent files for distributions that do not offer a bittorrent option themselves. This is a feature we are experimenting with and we are open to feedback on how to improve upon the idea.
For now, we are hosting a small number of distribution torrents, listed below. The list of torrents offered will be updated each week and we invite readers to e-mail us with suggestions as to which distributions we should be hosting. When you message us, please place the word "Torrent" in the subject line, make sure to include a link to the ISO file you want us to seed and please make sure the project you are recommending does not already host its own torrents. We want to primarily help distributions and users who do not already have a torrent option. To help us maintain and grow this free service, please consider making a donation.
The table below provides a list of torrents we currently host. If you do not currently have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found here. All torrents we make available here are also listed on the very useful Linux Tracker website. Thanks to Linux Tracker we are able to share the following torrent statistics.
Torrent Corner statistics:
- Total torrents seeded: 36
- Total downloads completed: 18,543
- Total data uploaded: 3.5TB
|Released Last Week
Pinguy OS 14.04.2
Antoni Norman has announced the release of Pinguy OS 14.04.2, a point update of the project's Ubuntu-based Linux distribution with a customised GNOME Shell desktop: "I am happy to announce the availability of 14.04.2 point release. Apart from bug fixes and updating packages not a lot has changed from 14.04 Papercuts. So if you are running 14.04 Papercuts and have kept it updated there is no need to install the point release. Pinguy OS 14.04.2 is running Linux kernel 3.13 and the UEFI version of GRUB. If you had issues installing Pinguy OS on a UEFI-enabled system in the past, this should now be fixed. List of some of the pre-installed applications: Mozilla Firefox 36.0.4, Mozilla Thunderbird 31.5.0, Synaptic package manager 0.81.1, VLC media player 2.2.0 RC2, GNOME Tweak Tool 3.10.4, LibreOffice 4.2.7, Clementine 1.2.3, Shutter 0.93.1, PlayOnLinux 4.2.2, WINE 1.7.38." Here is the brief release announcement.
Sunit Kumar Nandi has announced the launch of SuperX 3.0, code name "Grace". The new release, which is named after computing pioneer Grace Hopper, focuses on providing an attractive desktop solution on top of a stable platform. The release announcement mentions some of the features that go into making the distribution's desktop responsive. "Grace gives more priority to application responsiveness; you will feel it right from the start - a fast, smooth, responsive system. Grace, by default, compresses unused memory pages within RAM rather than swapping out to the swap partition, making it responsive even when the system memory is low. Commonly used applications are preloaded and cached in memory for faster start-up of your favourite applications." SuperX 3.0 ships with KDE 4.13.3, Linux kernel 3.13 and a full range of multimedia support.
SuperX 3.0 -- Running the KDE desktop
(full image size: 502kB, resolution: 1280x1024 pixels)
antiX 14.4 "MX"
antiX 14.4 "MX" has been released. This is the latest update of the project's special edition developed in collaboration with the MEPIS Community and featuring the Xfce desktop. "MX 14.4 'Symbiosis' available. Upgraded bug-fix editions (PAE and non-PAE) of MX 14 are now available. This version has fixed some bugs found in MX 14.3 and Debian upstream. MX 14.4 is based on Debian 'Wheezy' uses SysVInit so MX 14.4 offers a rock-solid systemd-free experience for those who would prefer to stick with SysVInit. MX is designed to be fast, stable and light on resources. The MX 14 series will be supported until the end of life of Debian 'Wheezy'. Bug-fix and upgrade release including quite a few new enhancements. What applications are used? Clementine for music, VLC for video, full LibreOffice suite, Iceweasel for web browsing, Claws-Mail for email, Mirage for image viewing, Minitube for watching YouTube videos..." Visit the project's wiki page to read the rest of the release announcement.
Ubuntu MATE 14.04.2
Martin Wimpress has announced the release of Ubuntu MATE 14.04.2, an updated build of the Ubuntu-based distribution featuring the MATE desktop environment. Although the DVD image name sports the LTS (long-term support) tag, this version of Ubuntu MATE is not an "official" Ubuntu flavour as the project was formally accepted as an Ubuntu family member just before the recent 15.04 beta 1 release. From the release announcement: "Ubuntu MATE 14.04.2 is available for download. This release fixes a few issues that were present in 14.04.1, adds some new features and updates some packages. It is important to state clearly that Ubuntu MATE 14.04.2 is not an official Ubuntu flavour! The upside of maintaining an unofficial Ubuntu derivative is that we can roll out new features and package updates. So we did, most notably LibreOffice 4.4.1. The advantage of the newer Linux kernel is that it resolves most of the screen tearing issues some people experienced in Ubuntu MATE 14.04.1."
Black Lab Linux 6.5
The Black Lab Linux team has announced the launch of Black Lab Linux 6.5. The new release is available in a number of desktop editions and features improved hardware compatibility and fallback options for older machines. "Today we are pleased to announce the release of Black Lab Linux 6.5. With this release we continue to enhance and improve Black Lab Linux for public consumption. While the base is the same, the Open Distribution Release comes in four flavors. GNOME, MATE, XFCE and KDE. The XFCE release is built into the GNOME release because of customer demand. Some of our users run things like legacy 64-bit hardware, terminal services and certain systems where GNOME may not run all that great." Further information can be found in the distribution's release announcement.
Curtis Gedak has announced the release of a new stable build of GParted Live, a Debian-based live CD with a collection of software applications designed for disk partitioning and data rescue tasks: "The GParted team is proud to announce a new stable release of GParted Live. This live image contains GParted 0.22.0 which now supports reading and writing file systems to disk devices without partition tables, in addition to supporting GPT partition names. Items of note include: based on the Debian's 'Sid' repository as of 2015-03-23; now uses systemd which is the new default system init on Debian; includes GParted 0.22.0: adds read and write support for unpartitioned whole disk devices; adds read and write support for GPT partition names. This release of GParted Live has been successfully tested on VirtualBox, VMware, BIOS, UEFI, and physical computers with AMD/ATI, NVIDIA, and Intel graphics." Here is the brief release announcement.
Alessio Fattorini has announced the release of NethServer 6.6, the new stable version of the project's CentOS-based specialist distribution for servers: "We are proud to announce a new NethServer release. This is a thrilling day for the whole NethServer community. It has been a journey to get to this point and we are so excited about the journey ahead of us. Upgrading from 6.6 RC1 is straightforward. From the Software Center page, just check for available updates. For previous releases, check out the release notes. At first login after system installation, the Server Manager displays the First Configuration wizard, where the administrator (root user) can set the password, change the host name, select the time zone and tune other security-related settings. We simplified the interactive installer removing some sections that were moved to the first configuration wizard. The Package Manager page has been renamed Software Center, and moved to the Administration section." See the release announcement and release notes for further details.
Voyager 14.04.4 "X"
Rodolphe Bachelart has announced the availability of a new edition of Voyager Live. Voyager "X", based on Voyager 14.04.4 LTS, is an experimental version built around the new Xfce 4.12 desktop which was only recently released. It also includes an updated Linux kernel, version 3.16. The entire layout of the desktop has been recoded and the scripts improved to work with the new Xfce. This is a version whose goal is to bring the latest Xfce and kernel improvements to some of the more recent computer systems. Although Xfce 4.12 is final, it has yet to be integrated into Ubuntu's official repositories; as such, it is considered as experimental. At the moment only a 64-bit ISO image is available for download, with a 32-bit variant possibly coming later if needed. This version of Voyager X has been tested extensively and it can be installed as an "official" Voyager. Xfce 4.12, coupled with Linux kernel 3.16, has made Voyager faster and more responsive, with many parameters optimised for better performance and with much improved hardware support. The release announcement (in French) offers more details and several screenshots. The announcement warns that due to the young nature of Xfce 4.12 and some Voyager features, users should backup their data prior to upgrading to the new release.
Voyager 14.04.4 -- Default desktop
(full image size: 366kB, resolution: 1280x1024 pixels)
The Zentyal development team has announced the launch of Zentyal 4.1. The Ubuntu-based server distribution is designed to be easy to install and configure and ships with a powerful collection of web-based system administration modules. "Zentyal development team is proud to announce Zentyal Server 4.1, a new release of the Zentyal open-source Linux small business server with native Microsoft Exchange protocol implementation and Active Directory interoperability. This release is completely focused on improving the stability and set of features delivered by the OpenChange module, based on Ubuntu 14.04.2 LTS to provide the latest stable packages. Zentyal server comes in two different flavors: development version, for bleeding-edge testing of the latest available features and commercial version for stable production environments. Features: support for Microsoft Outlook 2007, 2010, 2013; multiple virtual mail domains; synchronization with mobile devices (ActiveSync support); central domain directory management..." Read the rest of the release announcement for more details.
* * * * *
Development, unannounced and minor bug-fix releases
|Upcoming Releases and Announcements
Summary of expected upcoming releases
Distributions added to waiting list|
- Spike. Spike is a rolling-release Linux distribution based on Sabayon. The distribution ships with the latest versions of several penetration testing utilities.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 6 April 2015. To contact the authors please send email to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, suggestions and corrections: news, donations, distribution submissions, comments)
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip.
(Tips this week: 0, value: US$0.00)
|• Issue 704 (2017-03-20): ToarusOS 1.0.4, Linux Mint's security record, Debian starts Project Leader election, Ubuntu 12.04 reaches end-of-life|
|• Issue 703 (2017-03-13): SolydXK 201701, CloudReady, Solus announces new features, KDE Connect sends text messages from desktop, openSUSE's YaST module for Let's Encrypt|
|• Issue 702 (2017-03-06): Fatdog64 Linux, elementary OS bundled with new netbook, Haiku announces new features, security and the size of a distro's development team|
|• Issue 701 (2017-02-27): OBRevenge 2017.02, Mageia 6 delays, NetBSD reproducible builds, questions about swap space, trying to steam video on a Raspberry Pi|
|• Issue 700 (2017-02-20): RaspBSD, Debian replaces Icedove with Thunderbird, Fedora's licensing guidlines, tips for switching shells, finding battery charge, getting IP address and killing processes|
|• Issue 699 (2017-02-13): Clear Linux, GhostBSD network utility ported to FreeBSD, Ubuntu coming to Fairphone, elementary OS crowd funding an app store|
|• Issue 698 (2017-02-06): Solus 2017.01.01, comparing containers with portable applicatins, Tails dropping 32-bit support, Debian Stretch enters freeze|
|• Issue 697 (2017-01-30): Subgraph OS 2016.12.30, running Ubuntu on an Android phone, Arch Linux phasing out 32-bit support, Linux Mint testing updated LMDE media|
|• Issue 696 (2017-01-23): GoboLinux 016, remotely running desktop applications, Solus adopting Flatpak, KDE neon using Calamares, TrueOS tests OpenRC|
|• Issue 695 (2017-01-16): Zorin OS 12, Peppermint team fixes installer bug, Debian refreshes Jessie media, Ubuntu improves low graphics mode, Exciting things coming in 2017|
|• Issue 694 (2017-01-09): MX Linux 16, Fedora considers systemd security features, DragonFly BSD to support massive swap space, Ubuntu Touch roadmap, Puppy's newsletter, sudo's password prompt|
|• Issue 693 (2017-01-02): Comparing small distros, fig language, video driver comparsion, Debian+PIXEL, Wayland on FreeBSD|
|• Issue 692 (2016-12-19): Bodhi Linux 4.0.0, Cappsule containers, Calculate's new Utilities package, Solus and Ubuntu MATE build new application menu|
|• Issue 691 (2016-12-12): SalentOS 1.0, openSUSE improves YaST, Fedora considers slower release cycle, KDE neon gets LTS branch|
|• Issue 690 (2016-12-05): Fedora 25, Ubuntu adopts rolling HWE kernel, running Android apps on GNU/Linux, Haiku working toward EFI support|
|• Issue 689 (2016-11-28): openSUSE 42.2, Fedora's upgrade path, plans for Korora 25, transitioning from PC-BSD to TrueOS, Webconverger's reproducible builds|
|• Issue 688 (2016-11-21): Endless OS 3.0.5, KDE neon fixes security hole, FreeBSD's Quarterly Status Report, Rolling release trial #2 concludes|
|• Issue 687 (2016-11-14): NAS4Free 10.3.0.3, Fedora gains MP3 playback, budgie-remix becomes Ubuntu Budgie, Ubuntu flavours compared, Rolling release trial #2|
|• Issue 686 (2016-11-07): FreeBSD 11.0, rolling release trial #2, Debian announces supported architectures, Simplicity switching to antiX base, farewell to Mythbuntu|
|• Issue 685 (2016-10-31): elementary OS 0.4, SUSE gains ARM support, Mint improves language support, Dirty COW explained, Rolling release trial #2|
|• Issue 684 (2016-10-24): Ubuntu 16.10, Linux popularity in different markets, Fedora runs on Raspberry Pi, Ubuntu features live kernel patching|
|• Issue 683 (2016-10-17): Refracta 8.0, making packages for distributions, Alpine switches to LibreSSL, 386BSD website publishes classic code|
|• Issue 682 (2016-10-10): KDE neon 20160915, Android-x86 6.0, Fedora warns of update bug, HandyLinux drops English translation, LXQt benchmarks|
|• Issue 681 (2016-10-03): OpenBSD 6.0, DragonFly BSD to support LibreSSL in ports, systemd denial of service bug, upgraded Mintbox Mini|
|• Issue 680 (2016-09-26): Uruk GNU/Linux 1.0, blocking applications at the firewall, Lenovo controversy, Ubuntu running on the Nextcloud Box|
|• Issue 679 (2016-09-19): OpenMandriva 3.0, 32-bit vs 64-bit performance, openSUSE updates, KaOS unveils first run wizard|
|• Issue 678 (2016-09-12): Apricity 07.2016, Mageia adopts DNF, KDE neon to use Wayland, FreeBSD updates Linux compatibility, creating cron jobs|
|• Issue 677 (2016-09-05): Peppermint OS 7, Manjaro updates leadership, TrueOS becomes rolling release, organizing files, creating torrents|
|• Issue 676 (2016-08-29): Korora 24, Fedora 25 to use Wayland by default, Linux turns 25, PC-BSD becomes TrueOS, finding software licensing information|
|• Issue 675 (2016-08-22): Gentoo LiveDVD "Choice Edition", moreutils, Ubuntu improves terminal convergence, MATE packaged for Openindiana, FreeBSD improves video support|
|• Issue 674 (2016-08-15): Zenwalk Linux 8.0, Ubuntu phone follow-up, Lubuntu transitioning to LXQt, Steam running on FreeBSD|
|• Issue 673 (2016-08-03): noop linux and EasyNAS, Debian's GnuPG switch, Fedora "Flock", using "nice"|
|• Issue 672 (2016-08-01): Ubuntu Phone 15.04, Solus embraces rolling release model, interview with Jane Silber, FreeBSD Quarterly Report|
|• Issue 671 (2016-07-25): Slackware 14.2, Point Linux 3.2, OpenBSD disables usermount, KaOS releases significant changes, Fedora 22 reaches end of life.|
|• Issue 670 (2016-07-18): Linux Lite 3.0, Bodhi team plans 4.0.0, pfSense changes licensing, running software across distributions, Linux Mint upgrade path|
|• Issue 669 (2016-07-11): Linux Mint 18, proving a system is secure, LibreSSL in FreeBSD, Ubuntu plans phasing out 32-bit, pfSense status report|
|• Issue 668 (2016-07-04): Fedora 24, Linux Mint plans for 18.1, FreeBSD and DragonFly BSD improve their file systems, comparing Flatpak, Snap and AppImage|
|• Issue 667 (2016-06-27): GeckoLinux 421, Fedora supports Flatpak, Solus unveils new features, running GNU/Linux on tablets|
|• Issue 666 (2016-06-20): Comparing more live update methods, Ubuntu's snap packages, Antergos drops 32-bit media, GeckoLinux unveils Rolling edition, learning Linux resources|
|• Issue 665 (2016-06-13): BunsenLabs Linux Hydrogen, Fedora 24 delayed, NetBSD grows in size, Clonezilla questions|
|• Issue 664 (2016-06-06): Sabayon 16.05, Debian updates install media, the cost of free software, Qubes explains secure build process|
|• Issue 663 (2016-05-30): Comparing live update methods, Ubuntu MATE's progress, distros debate systemd change, DistroWatch turns 15|
|• Issue 662 (2016-05-23): Clonezilla Live, new Fedora community repository, DragonFlyBSD runs Wayland, a live edition of Slackware and kernel components|
|• Issue 661 (2016-05-16): FreeBSD 10.3, OpenMandriva adopts Clang, Debian adds ZFS packages, PCLinuxOS drops 32-bit and comparing CentOS with RHEL|
|• Issue 660 (2016-05-09): Ubuntu MATE 16.04, Mint's xapps, FreeBSD Quarterly Report, Debian updates 32-bit support, addressing GPL violations|
|• Issue 659 (2016-05-02): Ubuntu 16.04, compiling custom kernels, Cinnamon 3.0, Sabayon launches ARM build, Devuan ships Beta release|
|• Issue 658 (2016-04-25): Kali Linux 2016.1, elementary OS 0.3.2, Debian elects Project Leader, Fedora 24 feature preview, Nard reaches 1.0|
|• Issue 657 (2016-04-18): Redox, Linux Mint improves update manager, planned Fedora 24 features, Ubuntu 16.04 getting Snappy packages|
|• Issue 656 (2016-04-11): Qubes OS 3.1, Whonix offers bug bounties, Puppy's family tree, setting up disk partitions and running bash on Windows|
|• Issue 655 (2016-04-04): Parsix 8.5, Sabayon's Community repository, Red Hat offers free subscriptions, Ubuntu tablets, command line tips|
|• Issue 654 (2016-03-28): PCLinuxOS 2016.03, Using signatures to create a web of trust, Arch Linux rolls out Pacman update, GuixSD packages GNOME|
|• Issue 653 (2016-03-21): Antergos 2016.02.21, Debian prepares for election, a Unix-like OS written in Rust, watching Netflix on FreeBSD|
|• Full list of all issues|
|Free Tech Guides
Introduction to nginx
This FREE 69-page eBook introduces you to the magic of nginx, an open-source HTTP and reverse proxy server, a mail proxy server, load balancer and HTTP cache.
|Free Tech Guides
This FREE 177-page guide is for the computer novice who is trying to understand how a database works and what can be done with it.