DistroWatch Weekly |
DistroWatch Weekly, Issue 424, 26 September 2011 |
Welcome to this year's 39th issue of DistroWatch Weekly! Chakra GNU/Linux is a rapidly evolving distribution, especially after leaving its Arch roots behind and taking the destiny into its own hands. Jesse Smith takes a look at the project's current stable release to find out whether the developers' recent effort resulted in a better and more bug-free KDE distribution than the previous Chakra releases. In the news section, Debian announces an upcoming point release with a new Linux kernel and added functionality, Fedora and openSUSE delay their beta releases due to unsatisfactory states of their respective development trees, and Gentoo's Donnie Berkholz summarises the current state of the distribution before offering a few glimpses into the future. Also in this issue, a security-related story that wonders about the surprising absence of TLS 1.1 and 1.2 support in Chrome and Firefox, an interview with the maintainer of the relaunched LinuxCounter.net, and a brief look at the state of Wayland integration in Ubuntu. All this and more in this week's issue of DistroWatch Weekly - happy reading!
Content:
Join us at irc.freenode.net #distrowatch
|
Feature Story (by Jesse Smith) |
Hello again, Chakra
Regular readers of DistroWatch Weekly may recall I reviewed the Chakra GNU/Linux distribution at the beginning of the year. At the time the project was still young and in its early stages -- the website was a bit sparse, the distribution refused to run on my desktop machine and I couldn't get the installer to work. Obviously it was not a good experience, but the developers had clearly labelled the project as being alpha quality software so rough patches were to be expected. Recently I've been hearing that Chakra has evolved and moved beyond alpha status and that the developers have been doing a really good job of putting together a KDE-centric Linux distribution. With praise for the project ringing in my ears I decided to give Chakra, now at version 2011.09, a second try.
Before we get into my latest experience with Chakra I'd like to take a few seconds to explain why I find this project interesting. Part of it is the exclusive focus on KDE, which isn't a particularly common trait in the Linux community, but mostly it's the approach to package management. Chakra is a semi-rolling release distro. Basically this means the base system stays stable for the duration of a release's life cycle, but the end-user applications are continually updated. So, for instance, the kernel and X packages will probably remain frozen and receive only security updates while programs like web browsers will be kept up to date with the latest releases from the upstream project. That's the theory at any rate and it's a concept which has worked well for the BSD community. Chakra was originally derived from Arch Linux, though the Chakra website repeatedly warns against mixing packages from both projects' repositories. The two projects have similarities, but are not designed to be compatible.
When I tried the alpha release of Chakra I found it would work passably well on my laptop (dual-core 2 GHz CPU, 3 GB of RAM, Intel video card), but it refused to run for any significant length of time on my desktop machine (2.5 GHz CPU, 2 GB of RAM, NVIDIA video card). This is still true of the current release, 2011.09. The live disc refused to boot on the desktop machine, but ran flawlessly on my laptop. For the rest of this review my observations will be from running Chakra on the laptop machine.
Booting from the Chakra disc brings up a screen asking us to pick our preferred language from a menu. Then the system brings up a KDE 4.7 environment. On the desktop we find icons for opening a text file containing default passwords, the project's licenses and the system installer. We also have access to icons for pointing the web browser to various parts of the Chakra website, specifically: documentation, bug reports, a donations page and the forum. There's not much software to explore on the live CD so I quickly moved on to the installer.
Chakra GNU/Linux 2011.09 - desktop settings (full image size: 549kB, screen resolution 1366x768 pixels)
The graphical installer begins by giving us a warning that the software we're using is in development and showing us the release notes. The installer mentions a license agreement screen, but that page isn't actually shown to us. Instead we're asked to pick our time zone from a map of the world and the system tries to guess our preferred language. (If the guess is wrong, we can over-ride the language setting.) We're then given the chance to create user accounts, several if we like, and set login and root password options. The partitioning section of the installer is a bit strange and I found it unintuitive. To divide the disk and assign mount points we are asked to use the KDE Partition Manager. Unfortunately, my first time through, the KDE Partition Manager crashed while I was using it, returning me back to the installer, which refused to proceed. I restarted from the beginning, made it through the partitioning section and, with some trial and error, got the installer to accept my choices. Once we make it through the partitioning screen we can install a boot loader and then we are done. My experience this time was a marked improvement over my previous experiment with the Chakra installer. It's still not what I would call a smooth process, but after a little fumbling around trying to find the right partitioning and mount point options I made it through.
Once I got my local copy of Chakra up and running the first thing I noticed was the desktop was a bit sluggish. I found this was due to desktop search and indexing and, once these features were disabled, performance was noticeably improved. The KDE 4.7 desktop wasn't what I would call light on its feet, but it kept up well enough. What impressed me about Chakra's desktop wasn't the speed, but rather the flexibility. This year we've seen a shift (some might say a split) in desktop styles. On the one side we have the traditional desktop layout as presented by Xfce, GNOME 2 and LXDE. On the other side we're seeing a new look as presented by Unity and GNOME 3. These new styles, which resemble smart phone interfaces, have caused a lot of heat in the open source community. People who like the new interfaces say they're intuitive and attractive to new comers, people who prefer the classic style say the new interfaces require more steps to perform tasks and get in the way. The KDE desktop which ships with Chakra takes the approach of letting the user decide which style they prefer by way of activities.
Back in my openSUSE review I mentioned the activities concept was starting to show promise in KDE 4.6; it has been improved upon. Next to Chakra's application menu there's a button for bringing up the activities menu. There are a few predefined for us and we can switch between these pre-created activities with a single click. One activity gives us the standard KDE desktop with icons in a widget. A second activity gives us the classic look where icons are placed directly on the desktop and there aren't any widgets. A third activity gives us the smart phone treatment, showing a quick-launch bar at the top of the screen with commonly used applications, a search bar where we can bring up programs by name or description and the rest of the desktop is turned into an area for software categories and program icons. In essence this gives each user the ability to have the desktop perform the way they want without need for compatibility modes, logging out or installing multiple GUI environments. I think it's promising that KDE is putting the choice in the user's hands and making it easy for them, all without requiring 3-D support from the video card.
Chakra GNU/Linux 2011.09 - the Search and Launch desktop style (full image size: 636kB, screen resolution 1366x768 pixels)
There aren't many applications included on the Chakra disc. Mostly we're given standard KDE applications, such as text editors, archive managers, an IRC client and the Konqueror web browser. The KDE System Settings application is included, which allows for a good deal of fine tuning of the interface. The Bangarang media player is included, as are a user account manager, the KGpg privacy & encryption app and the Marble Desktop map viewer. We're given codecs for listening to MP3 files, but I couldn't get common video formats to play. There's no Java available in the default install, but the GNU Compiler Collection is included. The distro does not include a Flash player by default, though such extras are available in the repositories. In the background Chakra includes the 3.0 version of the Linux kernel.
Package management on Chakra is a bit unusual. The distro attempts to remain a pure KDE operating system and, as a result, there are two different types of software management: one for most packages, which works much the same way as package management on other Linux systems; and another for dealing with GTK software, which comes in "bundles". Let's look at the regular package manager first. Chakra provides its own package manager and the application has a busy interface composed of three tabs. The first tab shows us project-related news and some statistics on software packages, such as how many items are currently installed and how many more packages are available in the repositories. At the time of writing the repository lists 2,651 available packages.
The second tab handles adding, removing and upgrading packages and allows us to view software (listed in alphabetical order), search for items by name or filter software by categories. We're also able to filter packages by status (available, installed, upgradeable). This second tab is full of lots of buttons and options, which can take some getting used to. Fortunately the buttons are well labelled so new comers can get an idea of what each control does. The third tab is, I believe, for community contributed content, but during my trial nothing was displayed in the third tab and attempting to refresh the display caused the package manager to crash. The application also allows us to make changes to our repositories. By default Chakra pulls from the project's stable (or stable-ish) repository, but we can enable the Testing repo with a single click if we're feeling brave.
Chakra GNU/Linux 2011.09 - the package manager (full image size: 269kB, screen resolution 1366x768 pixels)
The bundle manager is more simplistic. We're shown a small window with a list of available bundles (Firefox, Chromium, XChat, Eclipse, etc) in alphabetical order. Next to each item is a download button and one click causes the bundle to download and install. Once a new bundle is added to the system the bundle appears at the top of the window and we can either launch the item or remove it with a click of the mouse. The only issue I ran into with the bundle manager is that clicking the Remove button next to an item doesn't appear to do anything. As it turns out, if we wait long enough, the bundle does get removed, but there's no feedback, confirmation or progress report. Once installed, bundles appear on the application menu and, to the end-user, work the same way as applications installed using the main package manager.
Given the short time that has gone by since I last tried Chakra, I'm impressed with its progress. Almost everything about the distribution has taken several steps forward. The installer, though still a little picky, worked for me. All of my laptop's hardware worked out of the box, though I'm disappointed to note my desktop machine still doesn't get along with Chakra. Personally, I found the package manager and news app to be a bit intense, the developers seem to be trying to squeeze a lot of functionality into one application. It worked for me, but I suspect the busy interface will give novice users pause. The new KDE environment and its flexibility were highlights of this release and I generally like what the developers (of both KDE and Chakra) are doing with the user interface. Letting end-users pick their preferred desktop style is a good move in my opinion.
I only had a week to experiment with this distribution so I can't comment on how well the semi-rolling release style works for balancing stability with cutting-edge software, but I like the concept. All in all Chakra has advanced quite nicely over the last seven months. I do have a few items on my wish list for future releases. I'd like to see the KDE settings default to trimmer, more responsive configuration, rather than have everything enabled out of the box. I think it would also be nice to see a DVD edition with more software, perhaps with VLC, LibreOffice, Firefox and other common apps included. The CD doesn't have much end-user software on it, which is okay, but a "Full" edition would be handy as it would save people from downloading a lot of software post-install. After this trial I feel if the developers continue to iron out the few remaining bugs Chakra is going to be a hard distribution to beat in 2012.
|
Miscellaneous News (by Ladislav Bodnar) |
Debian readies point release, Fedora and openSUSE beta delays, Ubuntu's Wayland progress, the state of Gentoo
Stable releases of Debian GNU/Linux don't come very often - usually only once every two or three years. Naturally, the developers do keep a watchful eye on any security issues and major bugs in between these major releases and, from time to time, issue a so-called "point" release. In the past these point releases lacked any new features, but the wind of change is blowing strongly across the Debian community and the upcoming point release, version 6.0.3, will have an updated kernel and even new functionality in the form of updated hardware drivers. From the "Upcoming point releases and call for test": "The Debian Project is pleased to announce that the upcoming point releases for Debian 5 'Lenny' and Debian 6 'Squeeze' are scheduled for October 1 and October 8 respectively. Debian 'Squeeze' 6.0.3 will ship updated Linux kernel packages, including bug fixes from the Linux 'longterm' series up to 2.6.32.46, plus updated drivers supporting new Gigabit Ethernet chips from Broadcom, Intel and Realtek. New packages for 32-bit PC, 64-bit PC and PowerPC are already available for installation from the 'stable-proposed-updates' suite. The Debian project invites interested users to test these packages before their release, especially on systems that use the updated drivers."
* * * * *
The much-awaited beta release of Fedora 16, scheduled for later this week, has been delayed by a week - due to "numerous unresolved blockers". Robyn Bergeron announced the disappointing fact on the project's "devel-announce" mailing list: "Late yesterday at the go/no-go meeting it was decided to slip the beta release of Fedora 16 by one week. There are numerous unresolved blockers at this time, resulting in the inability to compose a viable release candidate. As a result, all major milestones, and their dependent tasks, will be pushed out by one week. We will proceed with having the Fedora 16 beta readiness meeting today, 2011-09-22, as previously announced on the Logistics mailing list. We will have another Fedora 16 beta blocker bug meeting this Friday. The adjustments to the Fedora 16 schedule will be done as soon as humanly possible, and published to the wiki page. Thanks for your patience. We will be meeting again next Wednesday for another go/no-go meeting." The final release of Fedora 16 is now scheduled for 8 November 2011, subject to further schedule updates.
* * * * *
Fedora is not the only project that delayed a major milestone release last week. openSUSE too announced a delay in the beta release of version 12.1, with the biggest culprit being Systemd: "Last Friday Stephan Kulow, our openSUSE release manager, started a discussion on the Factory mailing list about show stoppers for the 12.1 beta release scheduled for 2011-09-22. It became clear that Factory still needs some polishing to become a useful beta for large numbers of testers to try out. Particularly, one of the reasons is the challenge relating to the switch to use Systemd by default, which means that it is also the man in construction hat working on pipes used during install and first boot (which have special configuration stuff). And between the timing of last week's openSUSE Conference and next week's planned Hackweek, the Factory team agreed that it was better to take the time to ensure a release that meets the level of quality that our openSUSE distro is known for." Despite the postponement, the final release of openSUSE 12.1 has not been revised, with the target date still 10 November 2011.
* * * * *
Almost a year has gone since Mark Shuttleworth's blog post suggesting a future switch of Ubuntu's Unity desktop to Wayland. Has there been any progress in integrating the OpenGL-based display management system into the distribution or is it just another idea that will be slowly forgotten? The VAR Guy investigates: "Since the Ubuntu Wayland buzz last year, the project has been steadily progressing, and its slow integration into the Ubuntu world has begun. Packages for it exist in Ubuntu 11.04 and 11.10, and a Launchpad PPA (which is currently not public) has been created. So far, though, Wayland currently can't do much. Nonetheless, these proof-of-concept demonstrations show Wayland works, and Canonical seems to remain firmly committed to its adoption when it's mature. It's uncertain when that may be, but it's clear at this point it will not happen in time for the next long-term support (LTS) version of Ubuntu, 12.04. When Wayland finally does arrive, though, it will mean important changes for both users and developers. On the surface, Ubuntu running Wayland won't look very different, as the changes are all on the back end. But the system should feel different -- and, hopefully, faster -- since Wayland's minimalist design promises much greater efficiency than megalithic X, which was not written with the needs of modern desktop computers and mobile devices."
* * * * *
Finally, a link to an excellent article written by Donnie Berkholz, a Gentoo Linux developer and a member of the Gentoo Council. The feature, entitled "The state of Gentoo", touches on many of the current issues the distribution faces, including statistics on developer activity, recently-introduced features, security updates and release strategy: "Gentoo follows a rolling-release model, with constant updates to individual packages showing up hourly, 24 hours a day. Previously, it made releases semi-annually by taking snapshots of its package database, performing lots of QA on them, and creating live CDs — a process that required intensive manual effort. Gentoo then moved to a "rolling release" strategy for its releases by creating weekly automatic builds rather than formal releases. This was a big win in terms of reducing developer effort but came with an unexpected loss of PR for Gentoo. When coupled with the current lack of a weekly or monthly newsletter, Gentoo has nearly disappeared from news sites. It turns out that official releases drive news articles; without a major reason to write about an open-source project, like a release announcement, news sites often ignore it. For that reason, as well as users clamoring for full-featured live DVDs with pretty artwork, Gentoo again started producing DVD releases, with the most recent being 11.2 in August. "
|
Security (by Robert Storey) |
Beauty and the BEAST: Is TLS 1.0 compromised?
The modern tech world is filled with acronyms: FAQ, USB, HTML, as well as less polite ones like TSHTF, FUBAR, and FOAD. Buried within this alphabet soup is the relatively obscure acronym TLS (Transport Layer Security), successor to the slightly better-known SSL (Secure Sockets Layer). TLS is a protocol that allows client-server applications to communicate over the Internet while preventing eavesdropping and tampering. TLS is built into modern browsers and websites that require encryption. Every time you log on to a site requiring a password, you're using TLS.
The predecessor of TLS, SSL, was developed in ancient times (circa 1995) by Netscape. Version 1.0 was never publicly released, version 2.0 made it into Netscape but was soon found to be flawed. Version 3.0 was considered PDG (pretty damn good), but further refinements caused it to morph into TLS 1.0 (released 1999), very similar to SSL but incompatible with it (thus, the renaming). However, this version of TLS does have the ability to downgrade the encrypted connection to SSL 3.0, a nice feature for backwards compatibility but also a potential weakness.
TLS 1.0 was considered bulletproof, but developers continued to make it bombproof with the release of version 1.1 in 2006, and nukeproof with version 1.2 in 2008. This last version of TLS cannot downgrade its connection to SSL, so backwards compatibility is thrown out the window. One would think that in 2011 we should all be using TLS 1.2 with its nukeproof security, but inertia and incompatibility issues have caused many websites (and browsers) to stick with the tried and tested TLS 1.0 or even SSL 3.0, considered to be "good enough"... until now.
At the Ekoparty security conference in Buenos Aires last week, researchers Thai Duong and Juliano Rizzo demonstrated BEAST (Browser Exploit Against SSL/TLS). Written in JavaScript, this proof-of-concept exploit can eavesdrop on TLS 1.0 secure connections. Since Duong and Rizzo are considered to be "white hats" in the geek community, they have been nice enough to keep the details under wraps while working with browser vendors on security fixes since last May. One of those vendors, Google, says they have a fix already in their most recent developer version of Chrome, which should be released "real soon now." Of course, security upgrades only work if users install them. Considering that IE6 still holds a 40% market share in 2011, one should not assume that the general public is very security conscious. One friend of mine is still running unpatched Windows 98.
Google says that their fix for Chrome does not require upgrading to TLS 1.1 or 1.2, but will work with the ancient version 1.0 protocol. The advantage of that approach is that websites will not have to upgrade either. Moving to TLS 1.2 - the most secure approach - would break many existing online vendor sites which don't support the new improved version.
There is no word yet about Firefox preparing a fix of its own. Which I find just a bit scary.
For me personally, I'm just a bit flustered to learn that neither Chrome nor Firefox supports TLS 1.1 or 1.2. That's particularly disappointing when you discover that both Internet Explorer and Opera do support these later versions, though it's not turned on by default. But at least you do have the option available. True, website owners are partly to blame for this state of affairs by sticking with TLS 1.0, but one would expect the highly competitive browser industry to be leading the way when it comes to implementing rock-solid security standards.
Since only a small percentage of my online time is spent doing financial transactions, I will probably be content to continuing using Firefox and Chrome for most of what I do. But when it comes to online shopping, I've decided that I will use Opera, with TLS 1.2 turned on. Of course, if the online vendor doesn't support that protocol, it won't really do much good other than to give me a warm, fuzzy feeling. But at least it's a good start.
You can download Opera from the Opera website. Note that this is not an open-source browser, but it is free and available in native Linux and FreeBSD variants. To turn on TLS 1.1 and 1.2, click on the upper-left "Opera" icon and navigate the menus Settings-Preferences-Advanced-Security-Security Protocols.
Theoretically, release of the BEAST should be causing panic in the online shopping and banking industries.
The good news about the BEAST is that it's just a proof-of-concept exploit, and requires considerable time and computing resources to succeed at breaking encryption. However, black hats have proven that they are nothing if not resourceful. The beauty of the BEAST is that if it causes a little bit of panic in security circles, maybe it will provide the needed impetus to make everyone move forward to ultra-secure TLS 1.2 before TSHTF. Panic - that ancient survival instinct - can sometimes be a good thing.
|
Interviews (by Jesse Smith) |
The new and improved Linux Counter
How many Linux users are there in the world? It's a question that has been raised countless times, yet remains difficult to answer. One of the projects trying to collect data on this subject is the Linux Counter. Though the project has been dormant for several years it is getting a second life thanks to the work of Alexander Mieland. This week Alex was kind enough to tell us a little about himself, the project and his motivation for bringing it back to life.
DW: Can you give us a little background on yourself? Where are you from and how long have you been using Linux?
AM: My name is Alexander Mieland and I was born in Berlin in 1972. I've been using Linux since 1997 and I'm registered in the counter only since 2001. Therefore my counter number is not very low.
DW: The Linux Counter has been dormant for several years. What motivated you to re-launch the project?
AM: I'm a great fan of the good old counter from when I took notice of it. And since I'm also a great fan of everything related to numbers and statistics and calculations, I decided to revive it.
I already tried to create a statistics page related to Gentoo Linux some years ago ( gentoo-stats.org and the update script named "basc"), but this was not wanted by some Gentoo developers so they simply revived their own statistics project on stats.gentoo.org that had been dead for some years - in order to just boycott my project. That was the reason why I stopped my gentoo-stats project.
Then I was on counter.li.org again some months ago, the first time since some years and noticed that the counted number of Linux users was still the same as from my last visit. I repeated my visits and one day I decided to revive the counter. For that I've created the linuxcounter.net domain and I also created the very basic engine with a neat design (dark, three columns). Maybe a week or two after I started this project, I got the idea to ask Harald [Tveit Alvestrand] to take over the old project and to revive that one instead of creating a completely new and unknown project. Things came together and here we are. It is now about five weeks since I started to work on a completely new version of the good old counter.
DW: Since you announced the new website, how many people have registered or logged in to their old accounts?
AM: Since the 12th of August (the official start of the new project), there were 5,914 new user registrations and 7,123 new machines. On the same day emails were sent to all active users of the old database (around 125,000 users). These emails were split into 2,000-user chunks. So each evening at 17:00 GMT 2,000 emails were sent to the next bunch of active users of this 125,000 users pool. At this rate the script will send the last emails somewhere around mid-October. Because I get a short notification email when a user requests a new password or when a frozen account gets reactivated, I can say that about 25% of all users that receives this email every evening, are trying to login to the new project.
DW: Are the historical statistics data from the old Linux Counter still available?
AM: Of course! I've imported the whole database of the old counter and the statistics simply continue. Every old user can log in to the new project with his old user data (counter number and password). The database was imported and migrated to the new project without problems. There were of course massive changes related to the engine (innodb instead of myisam), field types and indexes, but this was no problem to convert.
DW: Are you hoping to achieve anything from running the Linux Counter? Perhaps as a service or to demonstrate usage growth to hardware and software vendors? Or are you doing this for the fun of it?
AM: I'm hoping nothing, this is just for me, for the fun of it. Nothing more. I simply wanted to prevent a really good project from dying.
DW: Linux users are notoriously hard to count. Estimates are all over the map as to the number of users and their share of the desktop market. Do you think the Linux Counter reflects an accurate picture of the number of users out there?
AM: Yes, I do. It simply is impossible to count all users. But it is possible to get an image of how great the number is when doing statistics, calculating some factors and bringing this together. This is why people are doing statistics. An example: There are about 1,000 people and each one is asking 100 other people about their household and their family. The government or whoever then counts this together, creates statistics and factors and then they say: We actually have a population of xxx people. And everybody accepts that. Why shouldn't that work with the Linux users?
DW: Have you been receiving feature requests? Any popular ones?
AM: Oh yes, of course. There have been many feature requests already and many of them have been developed and implemented. We have a Trac wiki with a bug tracker. There you can see all feature requests and bugs (including closed ones). There are, of course, also normal emails directly sent to me with feature requests. I review each of them and most of them will get implemented. The most popular one was a machine-update script that doesn't rely on a local mail server.This will be done as soon as I've solved the actual performance problems.
DW: If a volunteer would like to get involved, how can they help with the project?
AM: The project just started five weeks ago and the whole engine behind it was developed from scratch. As long as the basis is not finished, there is no need for any other managers than the developer of this project (me). Actually the new project has no administration interface because until now there was no need for it. Nevertheless, I will of course need help. For example in translating the project or for reacting on support requests (later on when the number of users will grow). But this will get announced then. Actually, this project is a one-man show and I first want to finish things before thinking about volunteers or a team around me.
DW: Which distribution (or distributions) are you using now?
AM: I've used Gentoo for a really long time. I've also used Linux From Scratch, but since I'm getting older, I'm now thinking that there is no need for investing time in compiling things all the time. I've been using Ubuntu for several years while on the server side I am running Debian GNU/Linux.
DW: Alex, thank you very much for your time. Best of luck with your project.
Linux users who would like to get counted can visit the new Linux Counter at LinuxCounter.net.
|
Released Last Week |
CAINE 2.5
Nanni Bassetti has announced the release of CAINE 2.5, a specialist Ubuntu-based live CD designed for computer forensics and related tasks: "CAINE 2.5 'Supernova' is out. CAINE is GNU/Linux live distribution offering a complete forensic environment that integrates existing software tools as software modules and provides a friendly graphical interface. The main design objectives are: an interoperable environment that supports the digital investigator during the four phases of the digital investigation; a user friendly graphical interface; a semi-automated compilation of the final report." This release comes with some interesting new features, such as the new Nautilus scripts: "CAINE includes scripts activated within the Nautilus web browser designed to make examination of allocated files simple. Currently, the scripts can render many databases, Internet histories, Windows registries, deleted files, and extract EXIF data to text files for easy examination." See the release announcement for more information and screenshots.
CAINE 2.5 - an Ubuntu-based distribution for computer forensics (full image size: 590kB, screen resolution 1280x1024 pixels)
Pardus Linux 2011.2
Gökçen Eraslan has announced the release of Pardus Linux 2011.2, an updated version of the project's desktop Linux distribution with custom package management and many user-friendly features: "Pardus Linux 2011.2 is now available. Here are the important updates shipped with Pardus 2011.2: NetworkManager is updated to 0.8.5.91, problems about adding VPN connections have been fixed, handle WLAN security passwords gracefully while upgrading distribution; ModemManager is updated to 0.5, improvements for Samsung modems, support access technology reporting for Qualcomm Gobi modems, fix communication with Nokia N900 devices; CUPS is updated to 1.4.8; LibreOffice is updated to 3.4.3, fixed crash closing document with footnotes; MPlayer - fixed crash playing subtitled videos which was triggered by FreeType 2.4.6 security update." Read the complete release announcement for a full list of bug fixes.
Fuduntu 14.11
Andrew Wyatt has announced the release of Fuduntu 14.11, the latest update of the Fedora-based desktop distribution and live DVD: "The Fuduntu quarterly installation ISO image (14.11) is now available for immediate download. As with all Fuduntu releases, this release continues our tradition of small incremental improvements. It is important to note that existing Fuduntu users will roll up to this version through the normal update process, and do not need to download or install from this media to benefit from this release. This release is considered the first official Fuduntu 'rolling-release' ISO image. Major updates included in this release: Linux kernel 3.0.3, Chromium 13, Flash 10.3.183.7, VLC 1.1.11. This quarterly release also includes a roll-up of the latest patches." Here is the brief release announcement with two screenshots.
LliureX 11.09
LliureX, a project of the Council of Culture, Education and Sport at the Municipality of Valencia in Spain, is an Ubuntu-based distribution with support for Valencian (a dialect of Catalan) and Spanish. A new release, version 11.09, was announced earlier today. One of the major new features of this release is the possibility to upgrade the distribution from 10.09 without re-installing, so users already running LliureX 10.09 don't need to download the DVD image. LliureX 11.09 is based on Ubuntu 10.04, which is a long-term support release and LliureX users can also benefit from extended security support. Two LliureX editions were released today - "Escriptori" (Desktop) and "Infantil" with a number of new educational programs and other features. For more information please read the complete release announcement (in Spanish).
Lliurex 11.09 - an Ubuntu-based distribution with support for Valencian (full image size: 239kB, screen resolution 1280x1024 pixels)
Kororaa Linux 15
Chris Smart has announced the release of Kororaa Linux 15, a Fedora-based distribution with GNOME or KDE desktops and various beginner-friendly enhancements: "Kororaa 15 has been released and is available for download, in 32-bit and 64-bit variants with KDE 4.6 and GNOME 3. This release includes Ubuntu's Jockey Device Driver manager, which has replaced the Add/Remove Extras script for configuring third-party drivers. Kororaa 15 comes with an RPM meta-package to install and configure Adobe Flash. Users still on Kororaa 14 may wish to upgrade to 15 and should do so via a new install. Users who wish to stay with GNOME 2.x should not upgrade to 15, as it comes with GNOME 3. The KDE desktop has a custom layout with specific default applications, such as Firefox for the web and VLC for media." Read the rest of the release announcement for a full list of major changes and a couple of screenshots.
Kororaa Linux 15 - the KDE edition (full image size: 2,464kB, screen resolution 1280x1024 pixels)
Incognito Live System 0.8
Incognito Live System, also known as "Tails", is a Debian-based live CD/USB with the goal of providing complete Internet anonymity for the user. A major new release, version 0.8, was announced yesterday: "The Amnesic Incognito Live System, version 0.8, is out. All users must upgrade as soon as possible. Notable user-visible changes include: Tor 0.2.2.33, I2P 0.8.8, Linux kernel 3.0.0, Iceweasel 3.5.16, Torbutton 1.4.3, HTTPS Everywhere 1.0.1; more random looking nicknames in Pidgin; replace the on-board virtual keyboard with Florence; PiTiVi non-linear audio/video editor; support for arbitrary DNS queries; use XZ compression to get much smaller ISO images and a bit faster boot. Plus the usual bunch of minor bug reports and improvements." Read the rest of the release announcement additional details and upgrade instructions.
Linux Portable Security 1.2.4
A new maintenance release of Linux Portable Security (LPS), a Linux live CD whose goal is to allow users to work on a computer without the risk of exposing their credentials and private data to malware, is ready for download. What's new in this version? "Added more support for RealTek wireless drivers; added additional broadband cellular drivers; added additional SmartCard drivers; revised About Box to show licensing info; removed GMail S/MIME add-on, which no longer works with GMail; updated Flash to 10.3.183.7; updated Firefox to 3.6.22; updated DOD Configuration add-on to 1.3.3; updated Java to 6u27; updated OpenSSH to 5.9p1; updated DOD Root CAs." See the complete changelog for further details.
IPCop 2.0.0
Olaf Westrik has announced the release of IPCop 2.0.0, a major new release of the Linux firewall distribution geared towards home and SOHO users: "IPCop 2.0.0 is released. IPCop 2.0.0 can be installed using the installation images or as an update from version 1.9.20. For those familiar with earlier IPCop versions, IPCop 2 is different; read the installation and administration manuals to get an overview. Noteworthy: the GUI uses port 8443 instead of 445; SSH uses port 8022 instead of 222; access to IPCop and to the Internet from internal networks (aka Green, Blue, Orange) is very much different. Spend some time with the various options you will find under 'Firewall Settings' and the online administration manual. Danish, Dutch, English, French, German, Greek, Italian, Russian, Spanish and Turkish translations are complete, other languages are work in progress; backups from 1.4 series can not be used; add-ons made for the 1.4-series will not work." Here is the brief release announcement.
* * * * *
Development, unannounced and minor bug-fix releases
- Ubuntu, Kubuntu, Xubuntu, Lubuntu, Edubuntu, Ubuntu Studio, Mythbuntu 11.10-beta2, the release announcement
- ClearOS 6.1-beta (Enterprise), the release announcement
- GhostBSD 2.5-beta2, the release announcement
- GParted Live 0.9.1-1
- ArchBang Linux 2011.09-rc, 2011.09-rc2
- Clonezilla Live 1.2.10-14
|
Upcoming Releases and Announcements |
Summary of expected upcoming releases
|
DistroWatch.com News |
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 3 October 2011.
Jesse Smith, Ladislav Bodnar and Robert Storey
|
|
Tip Jar |
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip. (Tips this week: 0, value: US$0.00) |
|
|
|
bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr 86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le paypal.me/distrowatchweekly • patreon.com/distrowatch |
|
Extended Lifecycle Support by TuxCare |
|
Reader Comments • Jump to last comment |
1 • Wayland when (by manmath sahu on 2011-09-26 09:10:31 GMT from India)
Seems, it'll take at least 4-5 years till wayland becomes the mainstay. Pity! Linux is great in the kernel, but beyond it, especially the graphics/rendering stack in association with X is much complicated. The earlier wayland comes into major distros, the better.
2 • Good review (by Anony Moss on 2011-09-26 09:18:51 GMT from India)
I'm glad to know Chakra's making progress. I have tried Chakra twice in the past, and both times was very impressed, although the distro was obviously incomplete then.
Best of luck to their team. I like their approach. Whe
3 • Hello again, Chakra (by Dr.Saleem Khan on 2011-09-26 09:55:51 GMT from Pakistan)
Hi Jesse Smith ,
Thank you for yet another nicely written review , I like all your reviews everytime . I am glad this time Chakra Linux did work for you and you could install and test it for us .
Chakra have steadily progressed from day one and is much stable than before . As far as the installer you mentioned is not Chakra`s default one , Appset-QT works equally great on Arch Linux and Chakra team has adopted it for a while and will be replaced by their default one i.e Akabei ( http://chakra-project.org/wiki/index.php/Akabei ) once it is stable enough .
I hope you test review more distros for us depending upon the time you can spare.
Regards,
4 • Hello again, Chakra (by Dr.Saleem Khan on 2011-09-26 09:58:30 GMT from Pakistan)
Sorry i meant the package manager not the installer ( Tribe is the installer )
Regards,
5 • Re: Beauty and the BEAST (by megadriver on 2011-09-26 10:25:47 GMT from Spain)
So, are you still vulnerable to this if you use RequestPolicy and NoScript?
http://requestpolicy.com http://noscript.net
6 • Chakra (by P. M. on 2011-09-26 10:36:21 GMT from Iran)
I tried Chakra Linux for the first time 4 days ago and I'm very impressed. I love the way it handles GTK applications and its use of BURG as the default BM. This is how a KDE 4 distribution should be done.
7 • it was a nice thought (by Anonymous on 2011-09-26 10:43:49 GMT from United States)
To turn on TLS 1.1 and 1.2, click on the upper-left "Opera" icon and navigate the menus Settings-Preferences-Advanced-Security-Security Protocols.
This locks you out of every site you are going to need to use this feature on.
8 • Wayland and TLS (by Jesse on 2011-09-26 11:18:33 GMT from Canada)
I suspect it will take a while for Wayland to be adopted. The X system is quite flexible and works well enough that there really isn't a need to replace it. (A desire, perhaps, but not really a need.) With X slowly improving I don't see much motivation to move to a different graphics system. At least not for servers and desktop machines.
>> "To turn on TLS 1.1 and 1.2, click on the upper-left "Opera" icon and navigate the menus Settings-Preferences-Advanced-Security-Security Protocols. >> This locks you out of every site you are going to need to use this feature on."
No, it doesn't lock you out of anything. If the more modern TLS 1.1 and 1.2 protocols aren't available Opera automatically falls back to using 1.0. I've got both TLS 1.1 and 1.2 enabled in Opera and I can browse to sites using the older implementation without any problems.
9 • TSL and stuff (by Anonymous Coward on 2011-09-26 11:41:27 GMT from Spain)
megadriver wrote: ---------------------------- So, are you still vulnerable to this if you use RequestPolicy and NoScript?
http://requestpolicy.com http://noscript.net --------------------------
Have a look here:
http://luxsci.com/blog/is-ssltls-really-broken-by-the-beast-attack-what-is-the-real-story-what-should-i-do.html
BEAST is based on JavaScript. NoScript should give some protection to you, but you shouldn't relay only on it.
I want to thank Distrowatch for informing about such a dangerous threat.
10 • Re: 7, it was a nice thought ... (by Coffee on 2011-09-26 11:51:41 GMT from France)
> This locks you out of every site you are going to need to use this feature on.
No it doesn't, at least not here. I have all security protocols enabled in Opera 11.51 and I've never been locked out anywhere. But I've never checked which of the 4 security protocols secure website choose. I just looked up my Google mail account. They use TLS v1.0 128 bit ARC4 (1024 bit RSA/SHA) although TLS v1.1 and TLS v1.2 are enabled ... in my opinion not good enough for such a dominant technology company.
11 • SSL FUD and scary news. (by Anonymous Coward on 2011-09-26 13:21:48 GMT from Spain)
I have been looking around for information about the SSL/TSL issue. I think this is a serious threat, but it is being greatly magnified by the media anyway.
In order for the mentioned exploit to work, you have to hit a malicious page that runs a malicious JavaScript code in order to start gathering information for breaking your SSL/TSL via a watermarking vulnerability (by the way, vulnerabilities in CBC encryption modes are know from long time ago). Information gathering takes from 10 minutes to 30 minutes.
So how would you get exploited?
You visit www.evil_place.com, which executes it's evil JavaScript code.
You spend 30 minutes browsing in trivial places.
You then enter www.paypal.com
The attacker decrypts your session cookies, ONLY if the SSL/TSL uses a watermarkable implementation, ONLY if the malicious JavaScript you ran was expecting you to login into paypal.
If you browse with JavaScript disabled/limited or the service you are accessing uses a non CBC encryption, this attack will surely not affect you, even with old SSL versions.
12 • To make a distribution (by Sven on 2011-09-26 15:16:53 GMT from Sweden)
There are lot of distributions, but there is only one Linux Setup named CTKArch. It comes with Openbox and minimal amounts of programs. If you need Gnome or KDE, all you have to do is install them, and you install what you want and have a rolling distribution of your own, thanks to a 20 year old Frenchman.
Try!
13 • TLS 1.2: chicken and egg problem (by Robert Storey on 2011-09-26 16:26:34 GMT from Taiwan)
Re: 7, it was a nice thought > This locks you out of every site you are going to need to use this feature on.
As No. 10 said, it doesn't lock you out. At this very moment I've got my online banking open right now in Opera 11.51 with all security levels enabled, and it works fine.
As for whether or not it really does any good, that's another issue. My online bank probably defaults to TLS 1.0 or maybe even SSL 3.0.
But as I see it, this is a chicken and egg problem. Web sites don't want to move to TLS 1.2 because not all browsers support it. And at least some browsers (sadly, Firefox and Chrome) don't support it. Someone needs to hold their feet to the fire to get this done. So perhaps if enough people switch to Opera, perhaps Mozilla/Google will get on this and get it done.
Right now, there are no known exploits in the wild to take down TLS 1.0. But the BEAST shows how it can be done. Cybercrime is a lucrative business , and I would not underestimate the black hats. There's really no good reason not to use the strongest encryption available for doing online financial transactions.
14 • Chakra (by Duncan Snowden on 2011-09-26 19:07:27 GMT from United Kingdom)
The stable-base/rolling-apps distribution is an idea that's been rattling around my head for years (but I lack the skill/motivation to do anything about it). Glad to see Chakra giving it a try.
For what it's worth, I think it's a model that would work well for the likes of Ubuntu and Mint, where the focus is on a non-technical userbase. It's much closer to what people are used to from commercial OSes - where the gaps between OS releases are measured in years, but new apps come out and update all the time - than the monolithic all-or-nothing biannual release cycle.
15 • SSL/TLS (by Jesse on 2011-09-26 19:09:21 GMT from Canada)
@11 In response to post 11 I don't think the attack needs to be as shot-in-the-dark as this post makes it sound. For a few reasons. 1. People often get infected visiting familiar websites, not "evil" websites. Well known and trafficked servers are often injected with malicious code. Or serve third-party ads which contain tainted code.
2. The attacker doesn't have to guess which website the user will visit. Not entirely. Using a little JavaScript an attacker can find out if a target regularly visits any websites in a list. So they might check to see if amazon.com, paypal.com, cibc.com, facebook.com etc etc are in the user's history. This makes it much easier to focus the attack.
3. Most users browse the web for more than ten minutes at a time, giving the attack lots of data to use.
So, given the lax defaults in modern browsers (and web hosts) infecting any mainstream website could yield thousands of comprised accounts with relative ease.
As the poster in comment 11 also states, turning off JavaScript in your browser's security settings should prevent the attack.
16 • The BEAST attack (by Anonymous Coward on 2011-09-26 19:35:01 GMT from Spain)
I have been looking around in the Mozilla bug trackers. It seems we won't have TSL 1.2 in the next release.
Jesse wrote: -------------------------- As the poster in comment 11 also states, turning off JavaScript in your browser's security settings should prevent the attack. --------------------------
My problem is that I approach security issues from the point of view of my own system. I do think this is a serious problem, but not one that must force us to panic... because I browse without JavaScript enabled and I would not be easily affected.
I am more concerned about how did the WWW crowd allow these watermarkable protocols to be around for so long.
17 • Chakra's stability and speed (by YAAC on 2011-09-26 21:20:12 GMT from United States)
I've been running Chakra on my desktop for over a month. I work from home on this machine and am impressed with the distribution. Stable and fast!
18 • @14 (by Brandon Sniadajewski on 2011-09-26 23:08:35 GMT from United States)
That would be a good one for any of the top distros. It would make dist-uprgade operations more smoother and smaller (only the kernel and core/supporting libs). One question though, where would DE/WM upgrades fit in?
19 • SSL / TLS (by Dylan Roesthoff on 2011-09-27 00:21:29 GMT from Canada)
I am surprised Firefox does not even have TLS 1.1 and 1.2 support.
I have a severely locked down Windows 7 computer, using my own software and disabled freakin' UAC (I still hate it)
I downloaded Opera, enabled TLS 1.1 and 1.2, disabled TLS 1.0, then used Opera to go to my bank. My two banks does not support TLS 1.1 and 1.2, I cannot log in ....
20 • Semi-rolling distros (by Joseph on 2011-09-27 01:29:17 GMT from United States)
>That would be a good one for any of the top distros. It would make dist-uprgade > operations more smoother and smaller (only the kernel and core/supporting libs). One >question though, where would DE/WM upgrades fit in?
You can already obtain this using OpenSUSE. There are repositories for the latest builds from Mozilla, Banshee, KDE & Gnome desktops, OpenOffice, KDE & Gnome backported apps, kernels, the OpenSUSE Build Service, WINE, proprietary graphics drivers, databases, etc. For instance I stick with the release versions of the kernel and KDE and the programs I use all day like LibreOffice, but have my web browser and Banshee updated to the latest versions through the appropriate repositories. You could also get the latest stable versions of everything by using the Tumbleweed stable/rolling repository, or stick with the default and only get security updates and bug fixes until the next release (or use Factory and get the unstable work-in-progress builds of everything). OpenSUSE really lets you have things your way.
21 • Security (by 123 on 2011-09-27 01:37:28 GMT from United States)
Hi, I use FireFox with NoScript and Request Policy. I run Tiger, Aide, Clamav, Chkrootkit, Rkhunter,etc. I keep my Os constantly updated. Is there anything else I can or should do? Am I doing too much? Is Linux really invincible? Thanks.
22 • @20 (by Brandon Sniadajewski on 2011-09-27 02:47:26 GMT from United States)
Tumbleweed looks good, but I would rather be able to use the NVIDIA prop drivers without having to reset them after every kernel or driver update. Besides, I can do the same thing with the PPA's for (K)Ubuntu(-based distros). Something like KDE bigfix releases can be had from the Kubuntu Updates PPA (http://ppa.launchpad.net/kubuntu-ppa/), for example.
23 • Tiny Core (by Allison on 2011-09-27 04:09:25 GMT from United States)
the Linux kernel is about 36 MB, whereas Tiny Core is only 11.8 MB. How come Robert Shingledecker make a whole distro less than the size of Linux kernel it self?
24 • Tiny Core (by Allison on 2011-09-27 04:22:12 GMT from United States)
If one reads "Why is Tiny Core special?" in this link http://distro.ibiblio.org/tinycorelinux/intro.html, one might wonder what had gone wrong with other massive Linux distributions.
25 • wrong numbers (by ix on 2011-09-27 06:04:36 GMT from Romania)
IE6 has 2.65% of the browser market share, not 40%, as Robert Storey says. In fact, all versions of IE put together have less than 40% (wikimedia stats).
Aren't you contradicting yourself by saying that browsers and sites should have TLD 1.2, and then you say that most people use old browsers anyway so it does not matter?
26 • The Number of the BEAST (by Anonymous Coward on 2011-09-27 07:20:17 GMT from Spain)
Dylan Roesthoff wrote: ---------------------- downloaded Opera, enabled TLS 1.1 and 1.2, disabled TLS 1.0, then used Opera to go to my bank. My two banks does not support TLS 1.1 and 1.2, I cannot log in .... ----------------------
This is the real problem. You can have the most secure browser in the world, but if you trust your data to an insecure server, your data is not secure anymore. If you give your banking data to a firm and the firm stores it in a weak server, you are at risk even if you use an unbreakable browser for passing the data to them.
If you use a super-browser that supports TLS 5.6 (just saying) and the firm supports SSL 2 only, then the data is not much more secured than if you used an usual browser.
The problem is that most services out there do not support the latest TLS protocol, so even if your browser does, you will be forced to use a weaker security channel. Now the BEAST has revealed itself, the removal of old implementations is just a matter of time, at least for web services (as SSL remains unexploited for other encryption operations).
However, I bet many administrators that use old versions of SSL/TSL will prefer to switch to a not exploitable cipher algorithm than to switch to another TLS version.
27 • chakra (by Pera on 2011-09-27 08:27:00 GMT from Serbia)
Chakra brings Arch Linux to the masses.Arch Linux for beginners,deadly combination. No one can beat that.
28 • Chakra Review 2011.09 (Edn) (by Phil MIller on 2011-09-27 10:06:01 GMT from Germany)
Thx again Jesse for trying out our nice little distribution. Sorry to hear that your desktop PC still don't work with our distribution. I've almost the same Hardware as you and I'm running it without any issues. Maybe you send me a full list of used hardware you have on that box.
KDE ------------
The services running out of the box in live-mode are default settings by KDE. We only disabled compositing. Indexing seems to be an issue and appset-qt fills up the ram somehow on several machines. We are thinking about reducing default services and let the user decide what he want to start.
Installer ------------
We are working hard to get this part of our tools done. Manjaro-Linux (also Arch-Based), which has a focus on XFCE will help us out with some tools like simplified hardware detection and maybe I'll adopt their installer or parts of it. We started to exchange some source-code in both projects. 2012 versions of Chakra will have a better installer for sure.
Packagemanagement ------------------------------------
Till now we still use pacman and appset-qt as simple User-Interface. This will be replaced by akabei and shaman2 as UI. Both are developed internally and will be public available when ready. Till then we try to do our best with the current tools we have.
Users Choice and DVD Edition ----------------------------------------------
As you mentioned earlier, our repositories grow alot each day.The CD is a minimal setup to start with. Users can build their own desktop on top of it. We have Takeoff a new launcher similar like mission-control by Apple, lancelot and others in our repositories. There is a GTK-Free Libreoffice which starts faster on our setup as the GTK-pendant. Lot's of simplified UI's are in our pipeline to come. A DVD Edition will come. I think we will start a blog or some for that one to know what tools most of our users will like to have on it so we reduce un-installs. Also we think of making it more flexible to stay on the basic setup and give some extra-packages as option during the install process.
Stay tuned for what will come and ask any questions how to get your desktop running.
regards
Phil Miller - Chakra Project-Leader
29 • Review and hardwae (by Jesse on 2011-09-27 15:31:04 GMT from Canada)
@28 Thanks for the feedback, Phil. I will send you an e-mail to provide data on my test hardware. Looking forward to seeing Chakra's DVD edition.
30 • chakra + torrents (by klu9 on 2011-09-27 16:04:10 GMT from Mexico)
I had already downloaded Chakra to try it out, so it was great to see this review and use it a headsup/guide.
BTW it's not easy finding torrents for Chakra: they're not on the homepage, and on Linuxtracker, they don't have their own category: they're still listed under Archlinux.
Here's the link for Archlinux (inc. Chakra) torrents: http://linuxtracker.org/index.php?page=torrents&search=&category=39&active=1&tracker=0
31 • Chakra (by Blue Knight on 2011-09-27 23:19:49 GMT from France)
Chakra can be interesting but for instance its "KDE-centric", pure KDE, approach is somewhat ridiculous... Really.
Also, unfortunately, in Linux the "semi-rolling" thing is not possible for everything...
> "After this trial I feel if the developers continue to iron out the few remaining bugs Chakra is going to be a hard distribution to beat in 2012."
I don't think so at all. Sorry.
32 • Various odds and ends (by Jesse on 2011-09-28 00:46:33 GMT from Canada)
@21: Yes, there are other security things you can be doing. Whether you should do them or not depends on how much effort you want to put into securing your system. Security isn't a black and white situation, it's a sliding bar. On one end of the bar is a very secure system, on the other end is convenience and usability. It's a big topic, too big to get into here, but I'd suggest reading up on passwords, shutting down unneeded services and SELinux. Linux definitely isn't invincible, as demonstrated by the recent successful attacks against linux.com and kernel.org
@23: >> "the Linux kernel is about 36 MB, whereas Tiny Core is only 11.8 MB. How come Robert Shingledecker make a whole distro less than the size of Linux kernel it self?"
The Linux kernel source code, when archived, is around 36MB. The binary of a compiled Linux kernel is generally much, much smaller. I think a fairly standard Linux kernel now is around 4MB. If you trimmed out a lot of optional features it would be even smaller.
@31: >> "Chakra can be interesting but for instance its "KDE-centric", pure KDE, approach is somewhat ridiculous... Really."
Why? Most major distributions are focused on one desktop environment. Red Hat and Fedora are heavily Gnome centric, Mandriva is KDE centric, Kubuntu is very KDE centric, etc etc. And all of those, like Chakra, supply a way for users to easily install non-KDE software.
>> "Also, unfortunately, in Linux the "semi-rolling" thing is not possible for everything..."
Such as? As I pointed out in the review, it's worked well for the BSDs for several years, maintaining stable releases of the core while supplying rolling versions of end-user software. Why do you think the same approach won't work on Linux?
33 • Re:32 (by 123 on 2011-09-28 02:33:45 GMT from United States)
Thanks Jesse, I was unaware of the recent successful attacks against linux.com and kernel.org. Now I've got to go and look them up, since I've missed them totally. SeLinux always intrigued me, as well as MLS systems, it just seems like a lot of effort for me to fully learn all about it by casual reading on the net. Someday though..... Thanks again.
34 • Security and kernel.org under attack (by Anonimous Coward on 2011-09-28 09:55:45 GMT from Spain)
123 wrote: ------------------------------- I was unaware of the recent successful attacks against linux.com and kernel.org. Now I've got to go and look them up, since I've missed them totally. -------------------------------
Have a look here: http://www.linuxquestions.org/questions/linux-security-4/security-breach-at-kernel-org-900485/
This thread contains a copy of the official announcement by the kernel guys.
Jesse wrote: ------------------------------- (Security) is a big topic, too big to get into here, but I'd suggest reading up on passwords, shutting down unneeded services and SELinux. -------------------------------
I just suggest reading some documentation and ensuring you have a brain inside of your head. Unaware users are more likely to be attacked by some shape of social engineering than by a dangerous exploit. Common sense is worth more than having all your packages up to date, and having an up to date system is very worthy!
Now, implementing MAC and RBAC in a personal computer represents a big maintenance burden most people can live without. SElinux, GRsecurity, PAX, and many other security patches will block many exploits or, at least, reduce their severity, so they are worth some thoughts. The problem is that most of these things are true aliens: you are adding a layer of stuff that changes how the operating system handles users, memory, code execution and turns the system in something that is "less Linux". Usually, this leads to some apps breaking (for example, Firefox will break with PAX until you configure some flags by your own). In addition, these measures, while protecting you from many common attacks, can bring NEW security weaknesses with them.
This is a topic long debated by the OpenBSD advocates, as they use to defend that proper code auditing is far better that adding a security patch that can silently disrupt your system or introduce new vulnerabilities, just in order to have a questionable defense.
My approach? I would not install SElinux or GRsecurity, or whatever, in a computer which only network access is for casual web browsing. Why? Because the only likely attack vector for a computer that is behind a firewall is your web browser. You can have a very good secured browser just by having it up to date, installing security extensions, keeping a tight configuration and avoiding suspicious sites (read: porn sites). Additional security measures could mean that you would have to recompile your kernel very often and do a lot of administrative work. You can, however, benefit from these measures if you keep services running (i.e: Amule ot rTorrnet) and listening to wide opened ports.
Now, if you really want to experiment (and I encourage everybody to do so) and see how does all this thing work, you should have a look here:
http://grsecurity.net
GRsecurity includes the following interesting features (and many others):
--> Chroot protection (prevents a chrooted app that has been compromised from jeopardizing the whole computer) --> Role Based Access Control (think about this as a more powerful permission system) --> PAX (which can be installed separately. It protects your computer against common abuses) --> It Is not SElinux (which I don't like at all!)
35 • the new linux OS: WillBeSomeshingNoOneKnowsForEver (by meanpt on 2011-09-28 12:03:55 GMT from Portugal)
There you go. The linux foundation has an ever to be grown up baby in its hands. Now they call it Tizen. I call it "will", cause "it will support", "it will be" ... "it will do this", it will do that" ... on so on. Moreover "Tizen development will be open and led by a technical steering team composed of Intel and Samsung.". You got it? I did.
http://news.cnet.com/8301-13924_3-20112580-64/intel-finds-a-way-to-let-go-of-meego/
36 • @35 (by Patrick on 2011-09-28 14:17:03 GMT from United States)
Sigh. I used to be a very happy Maemo user. I was even developing an app for it. Then Nokia bought Qt and Maemo merged with Moblin to become Meego. "Throw out all the GTK stuff you've been doing and the .deb base, we're going to go Qt and .rpm." Yay, my GTK project came to a grinding halt. Then followed years of delay from a perfectly working system back to a system under development with no products in the market. "Meego will come to N900. No, it won't, at least not officially. Or maybe it will." Whatever! I switched to an Android phone. Surely a downgrade from the awesome N900 hardware, but some stability and vision is worth a lot. Now we get Tizen. "Throw out all the Qt stuff we forced you into, now we're going to do HTML5." Glad I didn't bother with Meego. I also won't be bothering with Tizen anytime soon. I'm getting sick of these "let's get one product on the market and then drop the platform" projects. What an awesome way to piss of your customers and developers!
37 • @36 (by meanpt on 2011-09-28 15:29:10 GMT from Portugal)
I don't like Google but there is a huge strength beyond their brand name: working with and caring for opensource communities.
38 • Attack vectors (by Anonymous Coward on 2011-09-28 18:05:28 GMT from Spain)
I wrote: --------------------------- Because the only likely attack vector for a computer that is behind a firewall is your web browser. ----------------------------
I wrote that assuming that the administrator does not install untrusted software or leaves the computer physically unsecured, of course.
39 • installing linux in computers bought with legacy os (by sam on 2011-09-29 14:02:23 GMT from Italy)
There is a story elsewhere that major oem's might soon sell desktops and laptops with a boot system that will only allow the dominant os in the market. Might be good for the few computer manufactures who preinstall linux ditros and who cannot count on many linux users at the moment. Could be something positive for linux in the long run.
40 • SliTaz ... (by Coffee on 2011-09-29 17:41:33 GMT from France)
For those who've been wondering what has happened to the SliTaz website ... the project hasn't been off-line since days, as I falsely thought, but moved to a new URL, apparently without letting anybody know in advance. The new address is ... http://scn.slitaz.org/
41 • @ 32 (by Blue Knight on 2011-09-30 00:50:15 GMT from France)
> "it's worked well for the BSDs for several years, maintaining stable releases of the core while supplying rolling versions of end-user software. Why do you think the same approach won't work on Linux?"
I have not said it is not possible, just it is perhaps not possible for everything... Well, we talk about a stable base system, right? Well, you'll not be able to update every apps without update some system libs and so, you can say good bye to a stable base system and you are just in a rolling release. Or you don't update every apps and you are almost in a "classic" system.
And I don't consider "it's worked well for the BSDs". E.g. when I have used/tried FreeBSD I have wanted updating Firefox to the last version. For that, I had to update the whole X! Thanks FreeBSD. And the FreeBSD developers found this normal... pfff
42 • Thanks Gurus! (by Bob on 2011-09-30 01:50:46 GMT from Australia)
Many thanks to the Linux and BSD geniuses. I'm just a point and click bloke but I've got GhostBSD up and running and it's looking good!
43 • An easy way to come up with a sane SELinux policy (by Caitlyn Martin on 2011-09-30 03:17:50 GMT from United States)
Regarding some of the comments above on security, what many people find daunting about SELinux is the necessity to write a policy that provides adequate protection without blocking the things they want and need. The easiest way to do that is to enable SELinux is permissive mode. What permissive mode does is block nothing but log everything that could have conceivably been blocked. The resulting log becomes the template for a policy -- one tailored to your usage patterns.
44 • @41 @32 (by JR on 2011-09-30 03:25:12 GMT from Brazil)
The rolling-release model is not unstable by definition. The problem is that all updates must be thoroughly tested before being applied to the final system, you feel like you're eternally preparing a version of a system to launch it, is not as easy as it seems for some people, however, I do not think is necessary to maintain a system with fixed versions and rolling applications as long as all updates are tested and approved for the final system, if this condition is met, no matter whether it was the system or applications that have been modified ! It's like being done by LMDE with a separate repository from debian testing, apparently debian testing updates are tested before being imported into the repository of LMDE, if the quality control is done well it should be a great system !
45 • Semi-rolling (by Jesse on 2011-09-30 11:08:29 GMT from Canada)
>> " E.g. when I have used/tried FreeBSD I have wanted updating Firefox to the last version. For that, I had to update the whole X! Thanks FreeBSD. And the FreeBSD developers found this normal... pfff"
I think there may have been a problem with the way you were trying to update Firefox. The underlying X does not have to be updated in order to update Firefox. I'd also like to point out that X is not part of the FreeBSD base, it is part of the ports system. The base system does not have to be updated when you are upgrading software in ports.
46 • @ Jesse (by Blue Knight on 2011-09-30 12:10:05 GMT from France)
> "I think there may have been a problem with the way you were trying to update Firefox. "
No. By the way, at this time, there was some discuss with FreeBSD developers and they said well this was normal because etc... (This was some times ago, I have somewhat forgotten what reasons he gave as I am no more really interested in FreeBSD currently, thanks to them.) But yes, the base system SHOULD NOT be updated when you are upgrading software. But this time, it wanted...
47 • Firefox upgrade (by Jesse on 2011-09-30 15:17:44 GMT from Canada)
>> "But yes, the base system SHOULD NOT be updated when you are upgrading software. But this time, it wanted..."
I think you misunderstood what I was saying. The X server is not part of the FreeBSD base, it's a part of ports. Even if you did need additional pieces of X to support a new version of Firefox that does not mean you were required to update the base install. In other words, the base system was not being updated when you tried to install Firefox.
48 • Semi-rolling (by abveritas on 2011-09-30 15:33:51 GMT from United States)
Perhaps a deeper clarification is needed how Chakra is implementing the half-rolling release model. There are the base repo's (core & platform) and 3 repo's that are build on top of that (desktop, apps & games). The latter 3 are rolling, desktop is for KDE sc and any new KDE moves to stable after a period of minimal 7 days in testing. Core and Platform are updated when needed, slowly and conservatively, not held for a period of time, and then all updated at once. Updates there are thoroughly tested before moving to stable.
49 • Jesse (by Blue Knight on 2011-09-30 15:40:57 GMT from France)
Maybe, if you say. :-) All what I know is what I said in my first post about Firefox upgrade. And this came in a "normal" upgrade procedure. Even if maybe the things can have evolved since...
But forget it, at that time there was already had a discussion tough, harsh, enough with some FreeBSD developers to try to make them understand the things, to stay polite, without success. Currently, I don't care about this and I no more use FreeBSD...
So long :D
P.S.= @44 Rolling release is a broken model by default for me. You'll have some breakages, even in LMDE... Btw, see their forum.
50 • 49 continued (end) (by Blue Knight on 2011-09-30 17:28:38 GMT from France)
I'd add just one thing, and this is valuable for Linux and BSD, at least in Windows we can install at any time the version we want for every application. (even several versions of the same app at the same time)
51 • @Blue knight @Jesse (by JR on 2011-09-30 18:27:18 GMT from Brazil)
I think it's too early to give a definitive opinion on the LMDE, how to update it is still being developed (and rethought in the way), but there is a system that is always forgotten by us which package manager is responsible for updating with success very early versions of the system, is foresihgt linux with conary package manager, just install an old ISO and type "sudo conary updateall" that the system will be upgraded to the latest stable version successfully.
I know it's an unusual example, but in my tests worked without manual intervention. I tried to update, for example, a PCLOS Gnome 2009 to the latest version, and besides having to manually add new repositories, the work has resulted in kernel panic. Call me crazy if you want but I think it should work if it is a rolling distribution!
there is a description of the process of updating foresight that I found on wikipedia that maybe help understand these issues:
"Foresight uses the Conary package management system. This system only updates those specific files in packages which need to be updated, in contrast to other package managers such as RPM and dpkg which install whole packages. Conary also has the advantage of very granular dependency resolution, and a relatively easy packaging process, with repositories provided to the community, free of charge, by rPath, Inc.
All packages are updated in a rolling release style, i.e. as updates are released upstream, or packagers get to them. Packages move between three branches of the foresight repositories, originating usually at the development branch or in the personal repositories of packagers, after which they are promoted to the Quality Assurance branch, and finally to the Stable branch, intended for users. Snapshots are taken every few months, and new ISO images are produced."
The three repositories, the way they are updated, and the way that conary works is what we should pay attention! It really works, it is a pity that the system is not popular!
52 • @50, It Depends. (by Eddie on 2011-09-30 18:46:49 GMT from United States)
The comment about installing in Windows, any version, any time, is not completely correct. For one thing it depends on which version of Windows you are using and which version of the software applications you are using. Some will surely not install and run in Windows 7 if made for Windows XP or earlier. Not even in XP mode. Furthermore a lot of programs made for Windows 98 would not even install in XP or in 2000. But in Linux, using Firefox as an example, I have had several different versions installed and operational at the same time. So there you have it for what it's worth. This is more my experience than my opinion.
53 • 50&52 (by 123 on 2011-10-01 01:54:12 GMT from United States)
Oh yes, I currently have Firefox v2, v3, v3.6 ,v5 ,v6 and v7 installed and runnable. What I need to brush up on is having old aout and new elf libs installed. Or at least old glibc's with new ones. This is all on Debian stable, using stable's version of libs. I myself have seen windows programs install and change system libs causing problems for other versions. Although I am sure there is a windows way to fix that. But I know I am running multi-versions on Linux. ....
Number of Comments: 53
Display mode: DWW Only • Comments Only • Both DWW and Comments
| | |
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Archives |
• Issue 1099 (2024-12-02): AnduinOS 1.0.1, measuring RAM usage, SUSE continues rebranding efforts, UBports prepares for next major version, Murena offering non-NFC phone |
• Issue 1098 (2024-11-25): Linux Lite 7.2, backing up specific folders, Murena and Fairphone partner in fair trade deal, Arch installer gets new text interface, Ubuntu security tool patched |
• Issue 1097 (2024-11-18): Chimera Linux vs Chimera OS, choosing between AlmaLinux and Debian, Fedora elevates KDE spin to an edition, Fedora previews new installer, KDE testing its own distro, Qubes-style isolation coming to FreeBSD |
• Issue 1096 (2024-11-11): Bazzite 40, Playtron OS Alpha 1, Tucana Linux 3.1, detecting Screen sessions, Redox imports COSMIC software centre, FreeBSD booting on the PinePhone Pro, LXQt supports Wayland window managers |
• Issue 1095 (2024-11-04): Fedora 41 Kinoite, transferring applications between computers, openSUSE Tumbleweed receives multiple upgrades, Ubuntu testing compiler optimizations, Mint partners with Framework |
• Issue 1094 (2024-10-28): DebLight OS 1, backing up crontab, AlmaLinux introduces Litten branch, openSUSE unveils refreshed look, Ubuntu turns 20 |
• Issue 1093 (2024-10-21): Kubuntu 24.10, atomic vs immutable distributions, Debian upgrading Perl packages, UBports adding VoLTE support, Android to gain native GNU/Linux application support |
• Issue 1092 (2024-10-14): FunOS 24.04.1, a home directory inside a file, work starts of openSUSE Leap 16.0, improvements in Haiku, KDE neon upgrades its base |
• Issue 1091 (2024-10-07): Redox OS 0.9.0, Unified package management vs universal package formats, Redox begins RISC-V port, Mint polishes interface, Qubes certifies new laptop |
• Issue 1090 (2024-09-30): Rhino Linux 2024.2, commercial distros with alternative desktops, Valve seeks to improve Wayland performance, HardenedBSD parterns with Protectli, Tails merges with Tor Project, Quantum Leap partners with the FreeBSD Foundation |
• Issue 1089 (2024-09-23): Expirion 6.0, openKylin 2.0, managing configuration files, the future of Linux development, fixing bugs in Haiku, Slackware packages dracut |
• Issue 1088 (2024-09-16): PorteuX 1.6, migrating from Windows 10 to which Linux distro, making NetBSD immutable, AlmaLinux offers hardware certification, Mint updates old APT tools |
• Issue 1087 (2024-09-09): COSMIC desktop, running cron jobs at variable times, UBports highlights new apps, HardenedBSD offers work around for FreeBSD change, Debian considers how to cull old packages, systemd ported to musl |
• Issue 1086 (2024-09-02): Vanilla OS 2, command line tips for simple tasks, FreeBSD receives investment from STF, openSUSE Tumbleweed update can break network connections, Debian refreshes media |
• Issue 1085 (2024-08-26): Nobara 40, OpenMandriva 24.07 "ROME", distros which include source code, FreeBSD publishes quarterly report, Microsoft updates breaks Linux in dual-boot environments |
• Issue 1084 (2024-08-19): Liya 2.0, dual boot with encryption, Haiku introduces performance improvements, Gentoo dropping IA-64, Redcore merges major upgrade |
• Issue 1083 (2024-08-12): TrueNAS 24.04.2 "SCALE", Linux distros for smartphones, Redox OS introduces web server, PipeWire exposes battery drain on Linux, Canonical updates kernel version policy |
• Issue 1082 (2024-08-05): Linux Mint 22, taking snapshots of UFS on FreeBSD, openSUSE updates Tumbleweed and Aeon, Debian creates Tiny QA Tasks, Manjaro testing immutable images |
• Issue 1081 (2024-07-29): SysLinuxOS 12.4, OpenBSD gain hardware acceleration, Slackware changes kernel naming, Mint publishes upgrade instructions |
• Issue 1080 (2024-07-22): Running GNU/Linux on Android with Andronix, protecting network services, Solus dropping AppArmor and Snap, openSUSE Aeon Desktop gaining full disk encryption, SUSE asks openSUSE to change its branding |
• Issue 1079 (2024-07-15): Ubuntu Core 24, hiding files on Linux, Fedora dropping X11 packages on Workstation, Red Hat phasing out GRUB, new OpenSSH vulnerability, FreeBSD speeds up release cycle, UBports testing new first-run wizard |
• Issue 1078 (2024-07-08): Changing init software, server machines running desktop environments, OpenSSH vulnerability patched, Peppermint launches new edition, HardenedBSD updates ports |
• Issue 1077 (2024-07-01): The Unity and Lomiri interfaces, different distros for different tasks, Ubuntu plans to run Wayland on NVIDIA cards, openSUSE updates Leap Micro, Debian releases refreshed media, UBports gaining contact synchronisation, FreeDOS celebrates its 30th anniversary |
• Issue 1076 (2024-06-24): openSUSE 15.6, what makes Linux unique, SUSE Liberty Linux to support CentOS Linux 7, SLE receives 19 years of support, openSUSE testing Leap Micro edition |
• Issue 1075 (2024-06-17): Redox OS, X11 and Wayland on the BSDs, AlmaLinux releases Pi build, Canonical announces RISC-V laptop with Ubuntu, key changes in systemd |
• Issue 1074 (2024-06-10): Endless OS 6.0.0, distros with init diversity, Mint to filter unverified Flatpaks, Debian adds systemd-boot options, Redox adopts COSMIC desktop, OpenSSH gains new security features |
• Issue 1073 (2024-06-03): LXQt 2.0.0, an overview of Linux desktop environments, Canonical partners with Milk-V, openSUSE introduces new features in Aeon Desktop, Fedora mirrors see rise in traffic, Wayland adds OpenBSD support |
• Issue 1072 (2024-05-27): Manjaro 24.0, comparing init software, OpenBSD ports Plasma 6, Arch community debates mirror requirements, ThinOS to upgrade its FreeBSD core |
• Issue 1071 (2024-05-20): Archcraft 2024.04.06, common command line mistakes, ReactOS imports WINE improvements, Haiku makes adjusting themes easier, NetBSD takes a stand against code generated by chatbots |
• Issue 1070 (2024-05-13): Damn Small Linux 2024, hiding kernel messages during boot, Red Hat offers AI edition, new web browser for UBports, Fedora Asahi Remix 40 released, Qubes extends support for version 4.1 |
• Issue 1069 (2024-05-06): Ubuntu 24.04, installing packages in alternative locations, systemd creates sudo alternative, Mint encourages XApps collaboration, FreeBSD publishes quarterly update |
• Issue 1068 (2024-04-29): Fedora 40, transforming one distro into another, Debian elects new Project Leader, Red Hat extends support cycle, Emmabuntus adds accessibility features, Canonical's new security features |
• Issue 1067 (2024-04-22): LocalSend for transferring files, detecting supported CPU architecure levels, new visual design for APT, Fedora and openSUSE working on reproducible builds, LXQt released, AlmaLinux re-adds hardware support |
• Issue 1066 (2024-04-15): Fun projects to do with the Raspberry Pi and PinePhone, installing new software on fixed-release distributions, improving GNOME Terminal performance, Mint testing new repository mirrors, Gentoo becomes a Software In the Public Interest project |
• Issue 1065 (2024-04-08): Dr.Parted Live 24.03, answering questions about the xz exploit, Linux Mint to ship HWE kernel, AlmaLinux patches flaw ahead of upstream Red Hat, Calculate changes release model |
• Issue 1064 (2024-04-01): NixOS 23.11, the status of Hurd, liblzma compromised upstream, FreeBSD Foundation focuses on improving wireless networking, Ubuntu Pro offers 12 years of support |
• Issue 1063 (2024-03-25): Redcore Linux 2401, how slowly can a rolling release update, Debian starts new Project Leader election, Red Hat creating new NVIDIA driver, Snap store hit with more malware |
• Issue 1062 (2024-03-18): KDE neon 20240304, changing file permissions, Canonical turns 20, Pop!_OS creates new software centre, openSUSE packages Plasma 6 |
• Issue 1061 (2024-03-11): Using a PinePhone as a workstation, restarting background services on a schedule, NixBSD ports Nix to FreeBSD, Fedora packaging COSMIC, postmarketOS to adopt systemd, Linux Mint replacing HexChat |
• Issue 1060 (2024-03-04): AV Linux MX-23.1, bootstrapping a network connection, key OpenBSD features, Qubes certifies new hardware, LXQt and Plasma migrate to Qt 6 |
• Issue 1059 (2024-02-26): Warp Terminal, navigating manual pages, malware found in the Snap store, Red Hat considering CPU requirement update, UBports organizes ongoing work |
• Issue 1058 (2024-02-19): Drauger OS 7.6, how much disk space to allocate, System76 prepares to launch COSMIC desktop, UBports changes its version scheme, TrueNAS to offer faster deduplication |
• Issue 1057 (2024-02-12): Adelie Linux 1.0 Beta, rolling release vs fixed for a smoother experience, Debian working on 2038 bug, elementary OS to split applications from base system updates, Fedora announces Atomic Desktops |
• Issue 1056 (2024-02-05): wattOS R13, the various write speeds of ISO writing tools, DSL returns, Mint faces Wayland challenges, HardenedBSD blocks foreign USB devices, Gentoo publishes new repository, Linux distros patch glibc flaw |
• Issue 1055 (2024-01-29): CNIX OS 231204, distributions patching packages the most, Gentoo team presents ongoing work, UBports introduces connectivity and battery improvements, interview with Haiku developer |
• Issue 1054 (2024-01-22): Solus 4.5, comparing dd and cp when writing ISO files, openSUSE plans new major Leap version, XeroLinux shutting down, HardenedBSD changes its build schedule |
• Issue 1053 (2024-01-15): Linux AI voice assistants, some distributions running hotter than others, UBports talks about coming changes, Qubes certifies StarBook laptops, Asahi Linux improves energy savings |
• Issue 1052 (2024-01-08): OpenMandriva Lx 5.0, keeping shell commands running when theterminal closes, Mint upgrades Edge kernel, Vanilla OS plans big changes, Canonical working to make Snap more cross-platform |
• Issue 1051 (2024-01-01): Favourite distros of 2023, reloading shell settings, Asahi Linux releases Fedora remix, Gentoo offers binary packages, openSUSE provides full disk encryption |
• Issue 1050 (2023-12-18): rlxos 2023.11, renaming files and opening terminal windows in specific directories, TrueNAS publishes ZFS fixes, Debian publishes delayed install media, Haiku polishes desktop experience |
• Issue 1049 (2023-12-11): Lernstick 12, alternatives to WINE, openSUSE updates its branding, Mint unveils new features, Lubuntu team plans for 24.04 |
• Issue 1048 (2023-12-04): openSUSE MicroOS, the transition from X11 to Wayland, Red Hat phasing out X11 packages, UBports making mobile development easier |
• Issue 1047 (2023-11-27): GhostBSD 23.10.1, Why Linux uses swap when memory is free, Ubuntu Budgie may benefit from Wayland work in Xfce, early issues with FreeBSD 14.0 |
• Issue 1046 (2023-11-20): Slackel 7.7 "Openbox", restricting CPU usage, Haiku improves font handling and software centre performance, Canonical launches MicroCloud |
• Issue 1045 (2023-11-13): Fedora 39, how to trust software packages, ReactOS booting with UEFI, elementary OS plans to default to Wayland, Mir gaining ability to split work across video cards |
• Full list of all issues |
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
Random Distribution |
Slamd64 Linux
Slamd64 was an unofficial port of Slackware Linux to the x86_64 architecture.
Status: Discontinued
| Tips, Tricks, Q&As | Questions and answers: Using systemd to hide files |
Questions and answers: Anbox, ZFS on root, init software for Linux Mint Debian Edition 3, Debian's many kernels |
Questions and answers: Longest supported distribution |
Questions and answers: Recovering open files, starting a new Linux distro |
Myths and misunderstandings: Can Netflix run on a Raspberry Pi? |
Tips and tricks: How to find files by multiple criteria in Linux |
Tips and tricks: Copying columns of text, organizing files, creating torrents |
Tips and tricks: Shell switching, battery charge, getting the system's IP address and dealing with stubborn processes |
Tips and tricks: UBports as a home server with media sharing |
Tips and tricks: Konqueror & Kate make an excellent remote admin team... and a killer casserole |
More Tips & Tricks and Questions & Answers |
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|