DistroWatch Weekly |
DistroWatch Weekly, Issue 642, 4 January 2016 |
Welcome to this year's 1st issue of DistroWatch Weekly!
Ringing in a new year is a good opportunity to try new things and this year we decided to start off with a look at a project that does not get much spotlight: paldo GNU/Linux. The paldo distribution offers cutting edge packages and multiple development branches and we begin this week with a review of this interesting project. In our News section we explore such new developments as Fedora moving to a newer version of the GNU Compiler and a UNIX-like operating system built with literate programming techniques. We also talk about new SPARC64 installation images being tested by Debian developers and work being done to speed up the APT package management utilities. We are also sad to report on the death of Ian Murdock, founder of the Debian project and avid open source advocate. In our Questions and Answers column we talk about vetting software in distributions' package repositories and then we share the torrents we are seeding. Plus, we share a long list of distributions released over the past two weeks and ask our readers how often they like to update their operating systems in this year's first Opinion Poll. Finally, we are happy to report we have implemented secure HTTPS connections on DistroWatch and we hope you will join us in testing this new feature. We wish you all a wonderful year ahead and happy reading!
Content:
Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (26MB) and MP3 (20MB) formats
• Music credit: Clouds Fly With Me by Matti Paalanen
|
Feature Story (by Jesse Smith) |
paldo GNU/Linux
The paldo GNU/Linux distribution is a project I have not looked at for some time, but every so often I hear people mention it. The project has a small team, but they have created a functional desktop Linux distribution which is built around the Upkg package manager. The project's website offers further information:
paldo is a Upkg driven GNU/Linux distribution. It's kind of a mix of a source and a binary distribution. Even though it builds packages like a source distribution it provides binary packages.
paldo wants to be a distribution according to the "just-works" principle. It tries to configure automatically as much as possible without user intervention. paldo is task-oriented, means, that we won't provide several programs to do one and the same task, we will select the program which we think does this task best, and include it into paldo. paldo aims to support cutting-edge technologies.
According to the paldo documentation, the project maintains four different branches, similar to Debian's development branches. These branches are called Stable, Testing, Unstable and Experimental, with the names being fairly clear in their meaning. The developers recommend most people use the Stable branch which provides updated installation media four times per year.
While the project's documentation does not appear to state in certain terms what sort of development model paldo uses, it appears as though the project offers its users a rolling release where packages are consistently updated over time. The project's ISO images do not feature versions numbers, so users will probably want to refer to the paldo software they are running using the branch and date, for example "Stable 2015.12". Regardless of what label we assign to the installation images, the distribution is available in 32-bit and 64-bit builds for the x86 architecture and we can download media for the Stable and Unstable branches. I downloaded the latest Stable release, which is 816MB in size.
Booting from the paldo disc brings up the GNOME Shell desktop environment. The desktop is mostly empty, with the Activities menu in the upper-left corner. From the Activities menu we can launch a handful of applications and the project's system installer. In the upper-right corner of the screen we find the user menu where we can adjust desktop settings or sign out of the GNOME Shell session.
paldo GNU/Linux 2015.12 -- The GNOME Shell Activities menu
(full image size: 1.2MB, resolution: 1280x1024 pixels)
Something I noticed at this point was that the paldo installation guide still assumes the installation media ships with the GNOME 2 desktop, which is a bit dated. The section of the documentation which deals with disk partitioning is also out of date and refers to a partition manager which is no longer present in the distribution.
The paldo distribution features a graphical system installer which I think is unique to this operating system. The installer begins by asking us to select our language, keyboard layout and time zone from lists. While my language and keyboard were listed, my time zone was not and, in fact, only ten time zones are listed. I decided to select the time zone closest to me. The installer's next screen gets us to assign disk partitions to mount points in our file system. This screen includes a button which will launch the Disk application, a program which will allow us to reformat partitions. While this may be useful for changing the file system on an existing partition, Disk does not appear to be able to create or remove partitions, greatly limiting its usefulness during the installation process. Luckily, for me at least, paldo includes cfdisk, a text-based partition manager which I was able to launch from the command line. This allowed me to set up my disk the way I wanted it. Then I was able to re-launch paldo's system installer and assign my new partitions to their proper mount points. The installer's third screen gets us to create a password for the root account and assign a hostname to our computer. The fourth screen asks us to create a regular user account. The system installer then shows us a list of the actions it will take and waits for our confirmation. Once we agree to the installer's pending actions, files are copied to our hard drive and we can reboot the computer to try our new copy of paldo.
One unusual feature of paldo is the distribution still uses the GRUB Legacy boot loader rather than the newer GRUB 2 boot loader. While not many distributions still use GRUB Legacy, I find it easier to configure and was happy to see the older boot loader present.
The paldo distribution boots to a graphical login screen. From there we can sign into the account we created during the installation process. paldo ships with the GNOME Shell desktop environment and, from the login screen, we can choose whether to run GNOME in an X session or in a Wayland session. I was a little disappointed to note paldo does not offer a GNOME Classic desktop experience, just the modern GNOME Shell environment.
I tried running paldo in two test environments, a physical desktop machine and a VirtualBox virtual machine. The paldo distribution ran well on the physical computer. My screen was set to it maximum resolution, the desktop was responsive and sound worked out of the box. When run in the virtual environment, paldo was not able to provide full screen resolution until I had installed VirtualBox guest modules from the distribution's software repository. Once guest modules had been installed in the VirtualBox environment, paldo provided full screen resolution and generally worked well. The GNOME desktop was sluggish in the virtual environment, but otherwise worked as expected. In either environment, paldo required about 550MB of memory when sitting idle in GNOME Shell.
paldo GNU/Linux 2015.12 -- Running LibreOffice
(full image size: 119kB, resolution: 1280x1024 pixels)
paldo ships with a fairly standard collection of software for a GNOME-centric distribution, with just a few surprises. We are treated to "Web", a minimal WebKit-based web browser. We also have access to the Evolution e-mail software, the Empathy messaging software and Network Manager is available to help us get on-line. The Brasero disc burning software is included along with the Cheese webcam utility, a document viewer and file manager. paldo provides us with an archive manager, calculator and a text editor. A screen reader is available along with a system monitor and the XChat IRC application. The distribution ships with the Rhythmbox audio player and Totem video player. These multimedia applications are accompanied by media codecs for playing most types of audio and video files. In the background, paldo ships with OpenSSH enabled for remote access. The distribution ships with systemd 228 and version 4.2.6 of the Linux kernel.
With regards to the default collection of software, paldo held a few surprises. For example, not only does the distribution ship with the GNU Compiler Collection, the Clang compiler is also present by default. This makes paldo one of the few Linux distributions to ship with Clang. Though paldo does not offer us any productivity software by default, we can find LibreOffice, AbiWord and Gnumeric in the project's software repositories. Finally, I found I was not a fan of either the Web application or Evolution, but I was pleased to find Firefox and Thunderbird in paldo's repositories.
According to paldo's website, the distribution uses a special package manager called Upkg. Reading through the project's documentation, I was not able to find information on what, specifically, makes Upkg special, though it appears the utility can work with both binary and source packages.
paldo GNU/Linux 2015.12 -- Searching for packages
(full image size: 138kB, resolution: 1280x1024 pixels)
The first thing I tried to do with the Upkg command line utility was synchronize the local package database with the on-line repositories. Running the upkg-sync command, which appeared to be the correct command for the task, produced several screens of errors, mostly related to missing files and the proper usage of the rsync program. Not discouraged, I explored some other Upkg commands with mixed results. For example, upkg-search locates local files that have been installed via packages, rather than finding a specific package. So far as I could tell, the easiest way to locate a package we want to install is to visit the paldo website and search for items by name. Once we know the name of the package we want, there are Upkg commands to install, remove and upgrade packages from the repository. Despite my inability to use the Upkg synchronization command successfully, Upkg always seemed to be up to date with the contents of paldo's repositories and Upkg was able to install software updates for me. The paldo distribution has a relatively small repository of software, with 1,101 packages at the time of writing. Most of the items available appear to be popular ones, such as LibreOffice and Firefox.
paldo GNU/Linux 2015.12 -- Upgrading software packages with Upkg
(full image size: 1.2MB, resolution: 1280x1024 pixels)
Conclusions
While exploring paldo, the impression I got was of a small project that had started as an experiment (perhaps showcasing Upkg) and then never quite achieved critical mass. That is, the project did not seem to attract more developers, packagers or even a large number of users. The project continues to push out regular releases and its software it up to date, but paldo gives the impression it has not been completed, that the distribution is on auto-pilot. The installer, documentation and small software repository suggest development has not been able to move forward in recent years.
Which is too bad. Upkg, seems like a capable package manager and the distribution's packages are cutting-edge. The rolling release model combined with the multiple tiers of development branches would seem to be a good foundation upon which to build. I think paldo has potential, but may be stuck in a catch-22 situation where more developers are needed to make the distribution a practical solution for most users and paldo needs to attract new users who can become contributors to the project.
As it stands, the project's wiki feels unfinished and the forums are quiet. The paldo distribution continues to work and continues to push out regular software updates, but I think the distribution needs an influx of contributors to round out what the developers have created thus far.
* * * * *
Hardware used in this review
My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications:
- Processor: Dual-core 2.8GHz AMD A4-3420 APU
- Storage: 500GB Hitachi hard drive
- Memory: 6GB of RAM
- Networking: Realtek RTL8111 wired network card
- Display: AMD Radeon HD 6410D video card
|
Miscellaneous News (by Jesse Smith) |
Fedora plans to adopt GCC 6, a new UNIX-like OS built with literate programming, Debian's APT performance improved, Debian tests installation media for SPARC64 and Ian Murdock passes
The Fedora project is considering a bold move for their upcoming Fedora 24 release later this year. The Fedora project currently uses version 5 of the GNU Compiler Collection (GCC) to build its many software packages. There is a proposal in place to upgrade Fedora's compiler to GCC 6 in time for Fedora 24. This is an especially ambitious idea when we consider GCC 6 has not been released yet and is not scheduled to reach completion until shortly before Fedora 24's launch. "GCC 6 is currently in stage3, will move to stage4 around mid January, in pre-release state with only regression bug fixes and documentation fixes allowed. The release will happen probably in the middle of April. We are working on scratch GCC RPMs and will perform a test mass rebuild."
* * * * *
The Ulix project is an effort to create a working implementation of a UNIX-like operating system using literate programming techniques. Literate programming is an interesting concept that is designed to make a program's source code readable, like a novel. "Ulix (Literate Unix) is a Unix-like operating system that was developed at University of Erlangen-Nuremberg. We used Donald E. Knuth's concept of literate programming for the implementation and documentation. The intention was to create a fully working system which can be used in operating system courses to show students how OS concepts (such as paging and scheduling) can be implemented. Literate programs are very accessible because they can be read like a book; the order of presentation is not enforced by program logic or compiler restrictions, but instead is guided by the implementer's creative process. Ulix was written in C and Assembler for the Intel x86 architecture; for literate programming we used Norman Ramsey's noweb tool." Ulix is an interesting example of developers accomplishing a familiar task in a new manner and is worth exploring to see how the system is put together.
* * * * *
Julian Andres Klode announced toward the end of December that he had been working on improving the speed of Debian's APT package management utilities. Under some circumstances, APT was running a lot slower than it could have been and Klode set out to improve APT's performance. "APT's performance in applying the Pdiffs files, which are the diff format used for Packages, Sources, and other files in the archive, has been slow. The reason for this is that our I/O is unbuffered, and we were reading one byte at a time in order to read lines. This changed on December 24, by adding read buffering for reading lines, vastly improving the performance of rred." Klode's efforts, which are documented on his blog, were successful, resulting in improving APT's performance up to ten fold. "I measured the run-time of apt-get update, excluding appstream and apt-file files, for the update from today's 07:52 to the 13:52 dinstall run. Configured sources are unstable and experimental with amd64 and i386 architectures. appstream and apt-file indexes are disabled for testing, so only Packages and Sources indexes are fetched. The results are impressive: For APT 1.1.6, updating with PDiffs enabled took 41 seconds. For APT 1.1.7, updating with PDiffs enabled took 4 seconds." APT is already a relatively fast package manager and it is nice to see it being improved even further.
Klode was not the only developer working on Debian while we were on holiday. John Paul Adrian Glaubitz posted to the Debian SPARC mailing list to report he has managed to build net-install images for the SPARC64 architecture. His message calls on brave testers to try out the new installation media: "This has not been tested at all and was just freshly generated, so there is absolutely no warranty it will [not] turn your SPARC box into a toaster. Looking forward to any feedback!"
Finally, some very sad news came out of the Debian project last week. Debian has announced that the project's founder, Ian Murdock, passed away last week. Mr Murdock launched Debian back in 1993 and it remains one of the oldest and largest Linux distributions in the world, with over one thousand contributing developers. "Ian's sharp focus was on creating a distribution and community culture that did the right thing, be it ethically, or technically. Releases went out when they were ready, and the project's staunch stance on software freedom is the gold standard in the free and open source world. Ian's devotion to the right thing guided his work, both in Debian and in the subsequent years, always working towards the best possible future. Ian's dream has lived on, the Debian community remains incredibly active, with thousands of developers working untold hours to bring the world a reliable and secure operating system. The thoughts of the Debian community are with Ian's family in this hard time."
|
Questions and Answers (by Jesse Smith) |
The safety of software in distribution repositories
Watching-the-watchers asks: I keep hearing about how software in Linux repositories is safer than downloading applications from websites. It's supposed to be one of the best security features of Linux. But what guarantees do we have that software in a distribution's repositories has been vetted? What makes it safer than downloading programs from the Web?
DistroWatch answers: This question reminds me of a philosophical query I quite like that asks: "What do we think we know? And why do we think we know it?" In this case what we think we know is that installing software from a Linux distribution's official repositories is safer than downloading and installing packages from websites. But why do we think we know that?
Speaking from personal experience, I would say around one in three of the computers running Windows I serviced last year were infected with malware when people had tried to download programs from websites. They had gone to a search engine, typed in the name of the application they wanted, clicked the first link that came up and it brought them to a website that looked official. Then they downloaded the offered software bundle and installed it, infecting the computer. These people followed a fairly reasonable series of steps that led them to legitimate looking pages that supplied them with malware. Based on these observations I can say, from second-hand experience, that searching the web for programs can certainly lead to an infected operating system.
I mention this because it means that if any vetting takes place, even if just some basic testing is done by the distribution's package maintainers to confirm a program is what it claims to be, then that alone will make installing software from a repository safer than searching the web for software packages.
Having a repository of software is also helpful in that it means everyone using a given distribution is using the same set of packages. If any one of the thousands of people running the distribution notices a problem with any package, they can report it and have the package removed or fixed. In other words, there is a certain safety in numbers. So long as we are all downloading the same packages, it only takes one person to raise the alarm if a problem appears.
I suspect though what the person asking the question means is whether package maintainers comb through a package's source code looking for malicious intent. Usually that does not happen, at least not at the packaging level. Some projects do perform security audits, or have a buddy system where developers sign off on each other's changes, but distribution package maintainers tend not to have time to browse through the source code they are packaging.
This means we may not have strict guarantees a given package is safe to use and is not infected with malware. However, given the number of people who use software from Linux distributions' repositories and given that it only takes one person to report an issue and given the number of security researchers who are constantly poking at software and monitoring their network connections, it does seem highly unlikely that there is hidden malware in your Linux distribution's software repository.
* * * * *
Past Questions and Answers columns can be found in our Q&A Archive.
|
Torrent Corner |
Weekly Torrents
Bittorrent is a great way to transfer large files, particularly open source operating system images, from one place to another. Most bittorrent clients recover from dropped connections automatically, check the integrity of files and can re-download corrupted bits of data without starting a download over from scratch. These characteristics make bittorrent well suited for distributing open source operating systems, particularly to regions where Internet connections are slow or unstable.
Many Linux and BSD projects offer bittorrent as a download option, partly for the reasons listed above and partly because bittorrent's peer-to-peer nature takes some of the strain off the project's servers. However, some projects do not offer bittorrent as a download option. There can be several reasons for excluding bittorrent as an option. Some projects do not have enough time or volunteers, some may be restricted by their web host provider's terms of service. Whatever the reason, the lack of a bittorrent option puts more strain on a distribution's bandwidth and may prevent some people from downloading their preferred open source operating system.
With this in mind, DistroWatch plans to give back to the open source community by hosting and seeding bittorrent files. For now, we are hosting a small number of distribution torrents, listed below. The list of torrents offered will be updated each week and we invite readers to e-mail us with suggestions as to which distributions we should be hosting. When you message us, please place the word "Torrent" in the subject line, make sure to include a link to the ISO file you want us to seed. To help us maintain and grow this free service, please consider making a donation.
The table below provides a list of torrents we currently host. If you do not currently have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found here. All torrents we make available here are also listed on the very useful Linux Tracker website. Thanks to Linux Tracker we are able to share the following torrent statistics.
Torrent Corner statistics:
- Total torrents seeded: 148
- Total data uploaded: 24.2TB
|
Released Last Week |
Ultimate Edition 4.9
Ultimate Edition developer "TheeMahn" has announced the release of Ultimate Edition 4.9, the latest update to the project's Ubuntu-based distribution featuring KDE as the default desktop: "It is tradition here in the Ultimate Edition land to release a special Ultimate Edition release for Christmas and this year will be no exception. Ultimate Edition started in 2006 by releasing a Christmas version to the general populous. You can learn more about that by reading an interview Sourceforge conducted on me in 2009. What is the special release, a Christmas-themed Ultimate Edition? No, ARM steps to the plate in this release, a return to the roots of Ultimate Edition in the form of LTS (long-term support), and a step into the future all in one snap. TheeMahn, please stop being cryptic." Visit the distribution's home page to read the full release announcement.
SparkyLinux 4.2
Paweł Pijanowski has announced the launch of SparkyLinux 4.2, the second update to the project's 4.x series. SparkyLinux is based on Debian's Testing "Stretch" branch and is available in several desktop editions. The new release features LibreOffice 5, Iceweasel (Firefox) 38 ESR and version 4.2 of the Linux kernel. SparkyLinux 4.2 also offers the Tor Messenger for private chat communications via the distribution's repositories. Further, two editions of the distribution have been discontinued and the translation system has been updated: "The latest poll has told which Sparky edition is not too popular, so these two editions have been dropped: JWM and CLI. Most Sparky tools have been re-configured and they use a simple localization system now. All of them use English and Polish language packages, and many of them, thanks to our community members, use other localizations now. The present status and files to be (still) translated are available at our wiki page." Further information can be found in the project's release announcement.
Plop Linux 4.3.1
Elmar Hanlhofer has announced the release of Plop Linux 4.3.1, the latest stable version of the project's distribution designed (among other tasks) for data rescue, system restor and backups: "Version 4.3.1. Minor updates: /etc/issue updated; login.defs and .bash_profiles updated; /etc/skel directory updated; adduser script - user is now also in 'video' group; GTK+ theme updated; Tint2 clock display; Xfce panel - volumeicon2 replaced with Xfce audio mixer plugin; /var/log/boot.log removed; build and compile script updates. Live edition: UTF-8 is now enabled by default; language scripts renamed to 'setlanggerman' and 'setlangczech'. Linux kernels for Banana Pi and Cubietruck added. ARM Linux kernel versions: QEMU - 4.2.8; Raspberry Pi - 4.1.13; Banana Pi - 4.2.3; Cubietruck - 4.4-rc1." Read the rest of the changelog for a full list of changes and improvements.
Plop Linu 4.3.1 -- Running the Xfce desktop
(full image size: 212kB, resolution: 1368 x 768 pixels)
SUSE Linux Enterprise SP1
The SUSE team has announced the availability of the first service pack for SUSE Linux Enterprise 12. The new release, SUSE Linux Enterprise SP1, features rollback functionality through Btrfs, the GNOME 3.10 desktop environment and the ability to download software updates during the installation process. The new release is available in Desktop and Server editions. The Desktop offering includes seven years of support while the Server edition features a thirteen year life cycle. "SUSE Linux Enterprise Desktop 12 introduces a number of innovative changes. Here are some of the highlights: Robustness on administrative errors and improved management capabilities with full system rollback based on Btrfs as the default file system for the operating system partition and SUSE's snapper technology. An overhaul of the installer introduces a new workflow that allows you to register your system and receive all available maintenance updates as part of the installation. New core technologies like systemd, replacing the time honored System V based init process. GNOME 3.10, giving users a modern desktop environment with a choice of several different look and feel options, including a special SLE Classic mode for easier migration from earlier SUSE Linux Enterprise desktop environments..." Further information can be found in the release announcement and in the release notes for the Desktop and Server product lines.
pfSense 2.2.6
Chris Buechler has announced the release of pfSense 2.2.6, an updated build of the project's FreeBSD-based operating system made for firewalls and routers. This release is largely a security update to fix issues with the software's browser-based user interface and several recent OpenSSL vulnerabilities, while it also upgrades the base system to the latest FreeBSD version: "pfSense software version 2.2.6 is now available. This release includes a few bug fixes and security updates. Security fixes and errata: webgui - local file inclusion vulnerability in the pfSense WebGUI; captiveportal - SQL injection vulnerability in the pfSense captive portal logout; webgui - multiple XSS and CSRF vulnerabilities in the pfSense WebGUI; updated to FreeBSD 10.1-RELEASE-p25; openssl - multiple vulnerabilities in OpenSSL; updated strongSwan to 5.3.5; includes fix for CVE-2015-8023 authentication bypass vulnerability in the eap-mschapv2 plugin. As always, you can upgrade from any previous version straight to 2.2.6. For those already running any 2.2.x version, this is a low-risk upgrade. For those on 2.1.x or earlier versions, there are a number of significant changes which may impact you. Pay close attention to the 2.2 upgrade notes for the details." Read the full release announcement for further details.
Manjaro Linux 15.12
Philip Muller has announced the release of a new version of the Arch-based Manjaro Linux distribution. The new release, Manjaro Linux 15.12, ships with Xfce 4.12 and KDE's Plasma 5.5 desktop along with a freshly polished system installer. "Notable changes in our tools: kcm module of Manjaro-Settings got reworked; several enhancements to Pamac and Octopi; optimizations and fixes to Manjaro-Tools; a LVM issue was fixed within Thus. Package-wise we have following changes: KDE Apps got updated to 15.12, VirtualBox is now at 5.0.12, mesa is at 11.0.8, WINE at 1.8 and the kernel at 4.4-rc6. Bumblebee is now also fixed for OpenRC and small fixes went into our Samba share Thunar plugin. To round-up this update, you find here some additional packages. Some Linux 3xx kernels got updated, last-minute fixes for Plasma 5, haskell updates, renewed Deepin desktop 2015 and fixes to Firefox complete Manjaro 15.12." Further information on the latest release of Manjaro Linux can be found in the project's release announcement.
antiX 15 "MX"
The antiX project has released a new version of the distribution's "MX" edition. The new release, antiX 15 "MX", is based on Debian's Stable (Jessie) branch and is designed to work on a variety of hardware, including low-resource computers. "We are extremely pleased to announce the release of MX-15 (code name Fusion) based on the reliable and stable Debian Jessie (8.2) with extra enhancements and up to date applications provided by our packaging team. Just like MX-14, this release defaults to sysVinit (though systemd is available once installed). Available in 32- and 64-bit. The 32-bit version ships with two stable 3.16 Debian kernels (PAE and non-PAE), while the 64-bit comes with the more recent 4.2 Debian backports kernel to cater for newer hardware." The new release offers users version 4.12 of the Xfce desktop environment, Firefox 43 and LibreOffice 4.3. Further information can be found on the antiX News page.
antiX 15 "MX" -- Default desktop layout
(full image size: 1.4MB, resolution: 1280x1024 pixels)
openSUSE 42.1 "Edu Li-f-e"
The developers of the openSUSE educational edition, "Edu Li-f-e", have announced the launch of a new release, based on openSUSE 42.1 Leap. The new version, openSUSE 42.1 "Edu Li-f-e", ships with multiple desktop environments and multimedia support. "The best Linux distribution for education got a whole lot better, your Li-f-e (Linux for Education) takes a `Leap' to 42.1. openSUSE Education community is proud to present this latest edition based on openSUSE 42.1 with all the features, updates and bug fixes available on it to date. This effectively makes it the only enterprise grade long term supported (LTS) distribution for Education. As with previous releases, we have bundled a ton of software on this live DVD/USB specially packaged for education, along with the Plasma, GNOME and MATE desktop environments, full multimedia experience is also provided out of the box thanks to the Packman repositories." Further information and download links can be found in the distribution's release announcement.
SolydXK 201512
Arjen Balfoort has announced the release of SolydXK 201512, the latest stable release of project's distribution that offers a choice of Xfce 4.10 or KDE 4.11 desktops, all based on the stable Debian GNU/Linux 8: "It's time for new releases again! The new ISO images come packed with changes. I'm not going to mention them all but here are a few: the live installer can now encrypt your partitions; the USB creator has been rebuilt and it does create bootable USB pen drives for several distributions; the update manager has new icons to indicate its status; you can right-click to show the legend for the meaning of the icons; left-click has been removed, So you will need to right-click to activate the update manager window. I hope you are going to enjoy these new releases!" Read the rest of the release announcement for further details.
Solus 1.0
Ikey Doherty has announced the release of Solus 1.0, the first stable release from the Linux distribution project that delivers a home-made desktop environment called "Budgie" and a custom package manager named "eopkg": "The Solus project is proud to announce the release of the first version of its operating system. Solus 1.0 is code-named 'Shannon' after the longest river in Ireland. Solus 1.0 is the result of over eight months of work, coalesced from over a dozen contributors, over 2,000 package builds, a rewrite of the premier desktop environment Budgie, and more. Solus is a Linux-based operating system built from scratch for the modern desktop and targeting the x86_64 architecture. The Solus project develops a GTK+-based desktop environment referred to as Budgie. Budgie ships with a multitude of features. Budgie has been tested and refined to ensure that high-contrast theming works out of the box, enabling usage by individuals with visual impairments. This Budgie menu enables quick access to your installed programs and offers category and compact views." Continue to the release announcement for further information and screenshots.
Solus 1.0 -- Running the Budgie desktop
(full image size: 1.1MB, resolution: 1280x1024 pixels)
UberStudent 4.3
Stephen Ewen has announced the release of UberStudent 4.3, an Ubuntu-based distribution with a collection of specialist software applications and tools designed primarily for students: "I'm pleased to announce the release of UberStudent 4.3 'Heraclitus', Xfce edition. UberStudent is a Linux distribution for everyone, especially higher education and college-bound secondary students, people who teach them, and their schools. Researchers, knowledge workers, and life-long learners will equally benefit. It has been specifically designed for complete Linux beginners, while remaining equally satisfying to the most advanced Linux user. System: Ubuntu 14.04.3 long-term stable release base supported until April 2019; Linux kernel 4.2; Xfce 4.12, X.Org Server 1.17; Mesa 10.5.9, LibreOffice 5. There are many, many new features and improvements, including latest versions of all core programs, additions to the UberStudent suite of administration tools, improved language support...." Continue to the release announcement for further information.
Manjaro Linux 15.12 "i3", "bspwm"
The Manjaro Linux project has announced the availability of Manjaro Linux 15.12 "i3" and "bspwm" editions, two interesting variants of the distribution that features two of the less popular, but no less interesting window managers - i3 (a dynamic tiling window manager featuring extended Xinerama support) and bspwm (a tiling window manager that represents windows as the leaves of a full binary tree). The "i3" variant (release announcement with a screenshot is an official Manjaro product, while the "bspwm" flavour is the latest addition to the project's growing number of community-built Manjaro variants: "We are happy to announce a new addition to our community editions, bspwm edition. Bspwm is a manual tiling window manager based on binary space partitioning that features intuitive mouse and keyboard controls. Compared with our i3 edition, it is more minimalistic and CLI-oriented, with the 64-bit edition booting at 105 MB of RAM used. It uses minimal RAM and CPU to be as light as possible without sacrificing functionality. This edition tries to make the command line more accessible for beginners." Read the rest of the release announcement for more details.
deepin 15
One of the last releases of this year comes from deepin, an increasingly popular distribution developed in China and featuring the Deepin desktop environment. This is the project's first version based on Debian GNU/Linux (the "unstable" branch), rather than Ubuntu. From the release announcement: "deepin is a Linux distribution committed to providing an elegant, user-friendly, safe and stable operating system for users all over the world. deepin 15 pays more attention to internationalization, and is enhanced with brand new mirror image acceleration (CDN acceleration). Languages supported are up to 30, thus the infinite charm of deepin can be experienced globally. Newly added languages are Malay, Bulgarian, Swedish, Croatian, Japanese, Korean, Finnish, Spanish (Latin America), Hindi (India), Ukrainian. Besides, we have reached an important cooperative relationship with Intel. We will collaboratively utilize Crosswalk Project to migrate existing web applications to deepin (Linux platform), thus enriching the diversity of applications for deepin and to improve the deepin experience."
Calculate Linux 15.12
The developers of Calculate Linux, a Gentoo-based desktop and server distribution, have announced the release of Calculate Linux 15.12. One of the main changes in this release is the replacement of the Chromium web browser with Qupzilla. "We are happy to announce the release of Calculate Linux 15.12. Calculate Linux Desktop, featuring either the KDE SC 4 (CLD), the MATE (CLDM) or the Xfce (CLDX) environment, Calculate Directory Server (CDS), Calculate Media Center (CMC), Calculate Linux Scratch (CLS) and CLSK with KDE SC 5, Calculate Scratch Server (CSS) are all available for download. Chromium was replaced with the QupZilla web browser on desktop CL versions. A Calculate Linux ISO image can be booted from a live hard drive volume. To do so, select the Live HDD formatting line that was added to the GRUB menu. Current system settings will be default for graphics, locales and the timezone. The open source AMDGPU driver is now supported.... The release announcement contains a full list of changes and updates. Calculate Linux offers users several desktop editions, including KDE, MATE and Xfce, as well as a directory server, media centre and "Scratch" editions.
4MLinux 15.0
The 4MLinux project has started the new year with the release of 4MLinux 15.0. The 4MLinux project produces a small sized, independenctly developed, multi-purpose distribution. The new 15.0 release features mostly software updates. "The status of the 4MLinux 15.0 series has been changed to stable. Major change in the core of the system, which now includes GNU C Library 2.22. As a response to the requests from 4MLinux users, the following applications have been added: Audacity (digital audio editor), GNU GRUB (boot loader), InfraRecorder (CD/DVD writing program), LXInput and LXRandR (small yet powerful setup tools from the LXDE project). Additionally, important change in the 4MLinux LAMP Server, which now uses Postfix to handle emails sent via PHP mail." The release announcement also features a screen shot of 4MLinux 15.0 in action.
* * * * *
Development, unannounced and minor bug-fix releases
|
Upcoming Releases and Announcements |
Summary of expected upcoming releases
|
Opinion Poll |
Frequency of installing software updates
Some of us like to keep our operating systems current, installing available software upgrades and patches as soon as they become available. Others are more cautious, waiting several days while others experiment with new versions of software.
This week we would like to know how frequently our readers install software updates on their computers. Please leave us a comment below with your reasons for upgrading as soon as possible or for waiting before installing updates.
You can see the results of our previous poll on the Let's Encrypt service here. All previous poll results can be found in our poll archives.
|
Frequency of installing software updates
I install updates the same day they are released: | 854 (39%) |
I install updates a few times per week: | 563 (26%) |
I update my software weekly: | 300 (14%) |
I update my software monthly: | 77 (3%) |
I do not maintain a fixed schedule: | 361 (16%) |
Other: | 46 (2%) |
|
|
DistroWatch.com News |
HTTPS connections enabled via Let's Encrypt
Last year we received requests from our readers, asking us to enabling secure (HTTPS) connections to DistroWatch. Though DistroWatch does not deal with sensitive information, such as passwords or credit card data, we do like the idea of making encryption the norm. When website traffic is encrypted, it makes user privacy the default and we think that is a good thing.
Last month we made use of the Let's Encrypt service, which not only automates the much of the process of setting up secure connections, but also offers security certificates free of charge. First, we rolled out encrypted connections to our Torrent Corner downloads as a test run. When that went well, we enabled secure HTTPS connections to the DistroWatch website.
We are keeping plain HTTP connections available for people who want to continue using the unsecured protocol and to avoid breaking people's web browser bookmarks. For those who would like to make use of the new, encrypted connections, please visit us at https://distrowatch.com.
We are also pleased to report the DistroWatch website has been submitted to the HTTPS Everywhere project. HTTPS Everywhere is a web browser plug-in which re-directs unsecured web connections to secure HTTPS connections where available. This means if a person is visiting a website that links to http://distrowatch.com, the HTTPS Everywhere plug-in will automatically change the linked address to https://distrowatch.com, allowing the user to transparently make use of the encrypted connection. The next version of the HTTPS Everywhere plug-in should recognize links to DistroWatch and automatically direct visitors to our secure protocol.
* * * * *
Distributions added to waiting list
- Hamara. Hamara is a community-developed Linux distribution designed for the people of India.
- Oxana Linux. Oxana Linux is an openSUSE-based distribution developed by Colorado State University students.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 11 January 2016. To contact the authors please send email to:
|
|
Tip Jar |
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip. (Tips this week: 0, value: US$0.00) |
|
|
|
bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr 86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le paypal.me/distrowatchweekly • patreon.com/distrowatch |
|
Extended Lifecycle Support by TuxCare |
|
Reader Comments • Jump to last comment |
1 • weekly poll and https (by pcninja on 2016-01-04 00:32:42 GMT from North America)
I update software as soon as it is convenient to do so, but I prefer to do so right away.
As for the https version, the only sensitive information here is the email addresses of people commenting here but it won't be really useful to anybody else.
2 • Updates (by MC on 2016-01-04 01:47:56 GMT from North America)
I voted "Other". Each time I fire up my computer (for the day) I open the terminal and run "update / dist-upgrade". Then install if updates are available.
3 • your HTTPS connection (by John on 2016-01-04 01:51:39 GMT from North America)
Hi - using Opera browser on Elementary OS. Get a warning about certain content being blocked because it's "insecure". Perhaps not all elements on your site are being funnelled through the new certificate?
4 • Installing Programs From Trusted Sources (by Serge on 2016-01-04 03:20:57 GMT from North America)
A typical GNU/Linux-based desktop or server focused operating system usually has a package management system that is preconfigured to install programs that are signed, in a cryptographically secure method, by trusted contributors to the initiative that develops or oversees development of the operating system in question.
In order to verify the signature, we must have a key that can decipher that signature. Usually the scheme that is used resembles a model where the program or other data is "signed" using a special series of digits called a cryptographic key. In the most common model, this "signature" can then only be deciphered using another cryptographic key that is mathematically related to, but not identical to, the first key. Usually, the key that is used to create the signature is held in strict confidence, and is called the private-key, while the key that is used to decipher the signature is called the public-key, and is distributed openly with no fear of what may happen if it may fall into the wrong hands (since, really, nothing bad can happen if it does). This is really a simplification of how the scheme looks, andthere are also other cryptographic schemes that are used for similar purposes, but the general idea and the problems it entails is pretty consistent.
Specifically, there is always a sort of "bootstrap" problem: how do you know that the public-key half of these split assymetric keys is indeed the public-key that corresponds to the private-key of the developers that you trust? How do you know that the public-key(s) that your system uses to verify signatures is not, instead, the public-key half of a split key pair that is actually controlled by some adversary seeking to compromise your system? Typically, your assurance in the integrity of these keys comes from the fact that the keys came pre-installed with your operating system, and if the keys are ever updated as part of normal system update, these keys are only updated in a cryptographically verified manner using the very same scheme already described above.
What's the problem in that? Well, when you first downloaded the installation image for the operating system in question, how did you know that you were downloading a legit installation image, and not, instead, something that looked and functioned like a legit installation image but was instead a specially crafted compromised system under the control of adversaries? TLS (https) helps, but is not a panacea. It also does not avoid the bootstrap problem entirely: you still need public-keys in TLS. It's just that, typically, if you get started with Linux by downloading an installation image on a Windows system, then your TLS session is verified through public-keys that came pre-installed by Windows itself. Of course, the recent Lenovo Superfish scandal and Dell root CA key scandal have shown that these pre-installed public-key stores aren't always worthy of trust, either.
However, the bottom line is that if you only install programs using your operating system's provided package management tools, heed integrity verification warnings, and do not install new public-key halves into your package management tools unless you are absolutely sure of their provenance, then you are really only ever taking this leap of faith once: when you first download the installation image for your operating system. If, on the other hand, you frequently download programs via web browsing, or frequently add third party repositories and third party public-key halves, then you are taking this leap of faith every single time you install or upgrade a program.
5 • HTTPS (by Somewhat Reticent on 2016-01-04 07:06:15 GMT from North America)
Did you also update http://distrowatch.gds.tuwien.ac.at/ ? (sorry if dup :P ) .org and .ch seem OK. "Encrypted web page, but not the connection thereto" Posted comment chains back to http ... small steps.
6 • Tragic loss of Ian Murdock (by cele_reloaded on 2016-01-04 07:52:56 GMT from Europe)
This is a tragic loss for linux community. We WILL REMEMBER you with the apt-get. you're still with us. RIP
7 • Software Security (by Andy Mender on 2016-01-04 08:08:28 GMT from Europe)
It's nice that the matter of software security is discussed from time to time :). It shows we [the open-source community] do actually care about what ends up on our computers.
I think lack of software repositories was for a very long time a losing point for Windows. From today's perspective I am honestly baffled that I myself used to just go online and download from the Internet whatever app I needed, completely oblivious to the multitude of possible threats. Obviously, the antivirus software and firewall would sort of protect me, but as we all know - prevention is better than cure.
I'm also happy to hear APT is running faster now. It made me feel sorry for it every time I was comparing it to Arch's pacman :P.
Finally, RIP for Mr Murdock. You will live on in our memories...
8 • Ian_Murdock_no_longer_a_you_or_victim_of_Manichaean_ego_mind (by k on 2016-01-04 09:24:54 GMT from Europe)
It seems, like Aaron Swartz, it was this burden of certain minds that Ian Murdock freed "true self" from. If living really cherish this/their essence and achievement(s), we really MUST VALUE and SECURE FREEDOM MUCH MORE ACTIVELY.
9 • Security of repos (by MarkW on 2016-01-04 10:27:19 GMT from Europe)
"Based on these observations I can say, from second-hand experience, that searching the web for programs can certainly lead to an infected operating system.
While that is true, there is another aspect; if you use repositories and a package manager you get notifications when a new version of the software is available which fixes security issues (and, an easy way of getting it installed). With the 'ad hoc'/'there is a website on the internet' method, less so.
10 • About Ian Murdock (by César on 2016-01-04 11:11:17 GMT from South America)
Hi!
It's a very sad the pass away of Mr. Murdock, the "IAN" of Debian, i don't believe when a read the news days back in time, terrible lost.
Changin', i run "aptitude update && aptitude safe-upgrade" every day when i turn on the PC, that's my frecuency for install updates.
Greetings from Chile and happy new year!!!
11 • Grub vs Grub2 (by Creek on 2016-01-04 13:19:50 GMT from North America)
Like Jessie in his review of Paldo, I always found it refreshing to see legacy grub as the bootloader. (Though this is a very rare occurance today.) Grub2 has always seemed to me to be a bloated answer to a problem seen by only a very few people. Not having done any kind of survey, I must just assume that legacy Grub (and MSDOS partitioning) can work just fine for 95% or more of us. I have always had up to 10 partions on my computers, and since ever needing a bootloader (LILO then Grub), I can't recall ever having my bootlader fail me. And to configure it - a breeze. Just my 2 cents (about what I find durign each morning's walk).
12 • HTTPS in RSS feed (by a on 2016-01-04 13:38:32 GMT from Europe)
Hi, the Distrowatch weekly RSS feed still points to the http version of Distrowatch, even when subscribed from the https version of the site.
13 • Manjaro OpenRC (by a on 2016-01-04 14:07:52 GMT from Europe)
Glad to see that Manjaro now officially supports OpenRC! Even if it requires a few manual steps that are explained in their wiki.
14 • Poll: Weekly updates (by a on 2016-01-04 14:26:43 GMT from Europe)
I update my Gentoo systems weekly, more or less (this is also what I did when I was using Arch.)
It seems like a good compromise to me: - updates take a limited amount of time and effort. - I’m still quite up to date.
15 • HTTPS in RSS feed (by Jesse on 2016-01-04 16:05:27 GMT from North America)
@12: Thank you, I will look at getting the RSS feeds updated.
16 • paldo (by Poet Nohit on 2016-01-04 16:16:59 GMT from North America)
As a developer, I just can't take Gnome Shell seriously. It seems to be a desktop aimed at non-developers (which might explain the lack of developers for paldo).
17 • What a year! (by Tran Older on 2016-01-04 17:41:33 GMT from Asia)
Riddell Resigned Murdoch Dead Linux Improved Debian Spread
18 • @17 (by Tran Older on 2016-01-04 18:15:22 GMT from Asia)
Very Sorry. I meant Ian Murdock, not another person. RIP. We prefer sudo apt-gt to Software Centers.
19 • @11 (by pivoron@yahoo.com on 2016-01-04 19:49:26 GMT from North America)
I have been using Grub2 since it first came upon us and have not had any problems. However, I much preferred Grub.
Why would the developers spread Grub2 all over the file system in multi directories? I mean, if I had some loose change, would I put pennys in left front pocket, nickels in rear right pocket, quarters in shirt top pocket? What gives here?
Ron
20 • Unattended upgrades on Debian (by Jack on 2016-01-04 20:27:40 GMT from North America)
I used to be addicted to running apt-get update && apt-get dist-upgrade every morning. In my quest to minimize my daily admin tasks, I finally configured unattended-upgrades. It took an hour or so to understand and comfigre all of the appropriate options. But it was well worth it. I haven't done any manual updates in a year and my systems are always up to date.
21 • Launchpad bug #1190696 (by Robert Thompson on 2016-01-04 21:47:00 GMT from North America)
I'm already looking forward to migrating from Xubuntu to Ubuntu MATE when the LTS release becomes available. I was curious to know whether Ubuntu MATE disables the updatedb.mlocate cron or if bug #1190696 still affects all Ubuntu flavors. I thought here or Phoronix would be the best places to ask. Thanks in advance for any insights.
22 • Updates etc (by Scuttlebuck on 2016-01-04 22:44:46 GMT from North America)
I update my arch and Gentoo machines approx every week to 10 days.. I used to try every day but have grown out of that, and being that bleeding edge isnt so important.. Its also useful to have a little buffer to check on any bugs that come up from time to time, and a week is very often plenty of time for them to be found and fixed.
Paldo apart from Gnome desktop would be an interesting distro to play with.. I was investigating its Upkg in the wiki and found a lot of the documentation is written by Philip Muller the Lead developer of Manjaro..though this is back from 2007...
23 • Updates (by Addleboro on 2016-01-04 22:50:59 GMT from North America)
On my Mint computer, I update when the icon tells me there's updates. On my PCLinuxOS computer, I don't have any scheduled time. I just check when I think I haven't done so in a while, but I don't wait too long.
24 • Update what, exactly? (by Kragle von Schnitzelbank on 2016-01-05 00:48:40 GMT from North America)
Any update can break part or all of an operating system; clearly restoration should be built-into any update process. Thus backup-copy should be built-in. Operating systems should be robust; apps should be properly contained.
Some apps may be updated quickly to minimize malware, but this puts them at greatest risk of breakage.
What if the breakage or malware comes from the packager/source?
Hardware is rarely updated; why should the base operating system be updated more frequently? Wasn't it built right to start with?
25 • @24 (by spacex on 2016-01-05 02:40:09 GMT from Europe)
Whether there is a reason to update frequently or not, depends on the distro you are running. For example, there is no reason to update Debian Stable frequently, but you definitely should with testing/unstable. The more cutting egde a system/OS is, the more the need of frequent updates. So there is no real answer to this question. It depends what you are running.
Also, you have to remember that you don't only update the base system, but everything else you have installed also.
26 • Software Updates Frequently (by Andy Figueroa on 2016-01-05 04:54:38 GMT from North America)
I update several times a week, because I don't want to take the time to update daily, but by updating frequently, I can do it in smaller bites, which makes debugging easier in case there are problems. I have been almost exclusively a Gentoo user for about 12 years.
27 • Ian Murdoch (by Buntunub on 2016-01-05 05:45:11 GMT from North America)
Tragic loss for Debian and the Linux world leaving a void that can never be filled. You will be missed Ian.
28 • Frequency of software updates - poll (by Hoos on 2016-01-05 09:08:35 GMT from Asia)
I have various distros which I take turns to use, so my updating of a particular distro tends to be done as and when I boot into it.
For the rolling distros (Manjaro, Semplice, Sabayon), I take more care to make sure I don't go more than 7-14 days without updating them.
However, I don't have any compunction to update them more frequently than once a week. I know some users enjoy updating every day or the minute the notifier informs them of updates, but not me. I agree with poster @22 that it is useful to have a buffer.
29 • Software updates (by Frosch on 2016-01-05 12:44:09 GMT from Europe)
I don't have a fixed schedule for software updates, sometimes I run "zypper dist-upgrade" twice a day, sometimes once a week, but I never wait more than two weeks without upgrading.
30 • update frequency (by Jordan on 2016-01-05 13:47:00 GMT from North America)
Don't you guys get a pop-up or other prompt notifying of available updates for your system? Don't you invoke the update process then?
31 • update frequency (by Frosch on 2016-01-05 15:04:59 GMT from Europe)
In theory, I should get such notifications, but most of the time I have upgraded before GNOME has noticed that updates were available :) I don't know how often GNOME is supposed to check for updates, but probably not so often (once a week or something like that). Since I use a rolling distribution, updates are frequent, so I like to install them manually (which is easy : open a terminal --> su --> zypper dup).
32 • @30 updates notifications (by a on 2016-01-05 15:34:56 GMT from Europe)
"Don't you guys get a pop-up or other prompt notifying of available updates for your system?"
Not as standard in Gentoo or Arch, no.
33 • update notifications (@32) (by Jordan on 2016-01-05 16:30:03 GMT from North America)
Oh. Never ran pure Arch or Gentoo. Manjaro and Sabayon, yeah.
Thanx for the reply.
34 • STUFF. (by Jessey Lawson on 2016-01-05 20:40:45 GMT from North America)
@Updates. I use my PC as a Gameing machine. I use Mint 17 and sevral PPA's. This has tought me that upgradeing is bad. I don't know how many times updateing breaks games on Mint, simply alot. Update muppen oh great it crashes now, update VBAM auido no longer works, update pulse-audio, boom auido broken (ubuntu's fault for removeing it in the first place in 14.04, ass hats!). I tried to update clemintime, boom the update breaks mono runtime. Wine is aweways borken.Upgrade to mint 17.3 (just don't) your intel wifi drivers fail. Yes I know it is not the kernal just the intel kernal drivers, still screw you clem! Update steam, then you have to deal with gigabites of updates and their goes your afternoon. Update love or renpy and you lose your love games because they need an older version and they don't work, same with renpy update came out boom can play my vissule noves. But the things that break most are the emmulators and my set up is mosty for emmualtion and steam games and as of Now Play Linux is not much better, send me hate mail I don't care.
@Ubuntu 16.04: I hope that 16.o4 has more updated community packages, I dought it, but I hope so.
35 • Packaging That Works (by Arch Watcher 402563 on 2016-01-05 22:33:12 GMT from North America)
@Kragle #24 An update will fix a bug far more often than cause one. You suffer software terror. I run auto updates with reboot every 24h. Contrary to Arch Canon Law it works fine thank you. And if I had official help from Arch (a package for the task) I might never need intervention. The Arch Gestapo won't let you believe it's even possible. Gentoo might be more tricky for all the compilation errors. Anyway google my handle to find tips on how to run a rolling distro with throttle if you want. As for rollback there's Arch Build System or NixOS. If NixOS weren't systemd, I'd try it myself. Nice concept.
@Jordan #30 Too few distros do pop-ups properly, particularly given security implications. I trace the issue to the attitude I just discussed. None really do, but a good package manager should emit notifications up the chain to some XDG or DBUS channel. Desktops should not have to poll it. Bigger apps should have update checks built-in (LibreOffice, Firefox).
@Serge #4 Any good package manager should manage keys by itself. Pacman does OK, if AUR helpers fail. Even pacman fails to prompt for key downloads on demand.
Yes there's trust bootstrap, but it's easy to verify key fingerprints for an ISO file check. And I like to see keyrings from one distro housed in another's to cross-install things. Arch has some Debian keyrings in its repos.
The real security threat is twofold, (1) RedHat's involvement with lettered agencies and military as the huge force in Linux it is, and (2) general mass stupidity of devs. Behold webmail firms doing PGP in JavaScript just because browsers haven't yet dropped PGP source code into their tree.
Maybe the name RedHat is a war declaration hidden in plain sight. You know all the terms: white hat, black hat, blue team, red team. Mash them to get 'RedHat.' Are we being war-gamed? I'm awaiting the Linux security apocalypse, when RedHat's system-d-minus announces a "firmware edition" running atop Intel's ring-minus-one blackblob CPU rootkit, while Intel increases firmware flash capacity to 1 GB.
36 • @16 paldo and gnome shell (by subg on 2016-01-06 07:02:59 GMT from North America)
paldo's maintainer is one of the original two developers who later authored Vala, so the Gnome desktop association for the 10+ years paldo has been around is no surprise, really.
It's possible that the use of Mono to power paldo's unique package manager, Upkg, may have been off-putting to some developers.
37 • paldo #36 (by 4tux on 2016-01-06 12:25:23 GMT from Europe)
That may well be true. Also, the first Paldo release was just 2 months after the first of Ubunto and we know about the massive migration of developers both into house or by developing derivative Distros. One thing about Paldo I think it's fantastic and unique: no other distro have so many packages in its stable releases that are the latest versions, as Paldo does. And still ..rock solid!
38 • HTTPS loads insecure content (by Satish on 2016-01-06 22:54:14 GMT from Europe)
I've "HTTPS Everywhere" extension installed, Chrome complains that "This page is trying to load scripts from unauthenticated sources". There is no green lock in the address bar.
39 • Chrome and unauthenticated sources (by Jesse on 2016-01-06 23:05:08 GMT from North America)
@38: Thanks for the heads up. We are still in the process of moving some items over to fully secure connections. The RSS feeds for example. We're trying to arrange it so that people who have a reason to stay on plain HTTP, for whatever reason, can still access everything while me transition to HTTPS. The warning messages you are seeing should be gone within a week.
40 • fedora + wayland (by jon hurt on 2016-01-06 23:22:29 GMT from Oceania)
fedora workstation's move to wayland will probably take some time to become bug free. rebecca black OS with wayland looks good but suffers from both system and application freezes.
41 • updates (by Jeffry Allred on 2016-01-06 23:37:50 GMT from North America)
I update my Linux OSes the same way I update OSX. When there is an update I update. Right? Wrong? I don't know. I tend to run Debian testing/unstable distros like Tanglu and I also can't resist that Icon on the task bar that says "update available". If it breaks then I just fix it. I keep redundant backups of all my important data so I don't worry (too much) about losing stuff.
42 • Deepin has official torrents (by Explorer09 on 2016-01-07 02:47:38 GMT from Asia)
At least for deepin 15, they have official torrent files in their cdimage server. There's no need for DistroWatch team to make one for them (well, expect for joining their list of trackers). Look here for official torrents: http://cdimage.linuxdeepin.com/releases/15/final/
43 • Ian Murdock (by firesheep angrylamb on 2016-01-07 07:45:49 GMT from Oceania)
Having created Debian free for the public, Ian Murdock was one of the better tech people. It looks like an internet bully got inside his head at the last moment. I hope they find him and give him some time in an orange jumpsuit.
44 • @35 / Software Updates (by Serge on 2016-01-07 09:34:16 GMT from North America)
"Any good package manager should manage keys by itself. Pacman does OK, if AUR helpers fail. Even pacman fails to prompt for key downloads on demand."
I meant about what happens when the user would like to install a program from outside the official repositories or mirrors of those official repositories, but would still prefer to have their package management system be aware of this program - in other words, download an unofficial package, install from an unofficial repository, or build the package themselves. I have a suspicion that too often users simply skip key checks in that case.
"Yes there's trust bootstrap, but it's easy to verify key fingerprints for an ISO file check. And I like to see keyrings from one distro housed in another's to cross-install things. Arch has some Debian keyrings in its repos."
This is a good point. If the files you are downloading also have corresponding hash files and corresponding signature files for those hash files, and you can verify that signature using a trusted public-key, then yeah, you've avoided having nothing but a CA cert store to keep you safe. The bootstrap problem is still there (how do you know that when you downloaded the installation image for your current operating system, the operating system you used to download that installation image wasn't compromised, or that that system wasn't downloaded on a compromised system, or or or?), but it's rather academic at that point.
Those who are aware of such things can insist on only downloading via web stuff that we know we can verify with a public-key that we trust. But what about for the average user? When the average user follows step-by-step instructions from a website for how to install a program he or she is downloading from that website, Is the average user going to have some means of trusting the public-key he or she is importing for verifying the signature of the hash? Is the average user even going to bother with: A) import key; B) verify the signature of the hash; and C) verify the hash, all just so that they can install some program? The package management system provides two things here: first, the public-keys it uses for the verifications are trustworthy; and second, all of those verifications are done automatically, without making the user jump through hoops. For those reasons, I still believe that using the operating system's package manager and getting programs from official repositories provides a substantial security benefit.
45 • Upgrades? (by Williamp on 2016-01-07 10:42:21 GMT from Europe)
Have PClinuxOS given up, there is never any news, not even in their excellent magazine. The last solid distribution was December 2014, and it was fine, but it can no longer be used for new installations. It's own help page suggests that upgrades should be made before 60 days are up, and that was the end of February last. Any attempt to install from this iso and then upgrade (now over 1G and it wont let you do things [locale, LibreOffice] unless you do) causes the restart to stall (sign in). Nowhere is there any help to overcome this barrier: it says something about the 'X server' but it is completely outside of my ability to understand, I'm not a geek, just a user. I have been looking for an alternative but found nothing, so much for 'choice' (perhaps Mageia), but what I would really like is my old Pclos back.
46 • @45 PCLOS updated images (by Hoos on 2016-01-07 15:22:24 GMT from Asia)
I recall that in an edition of Distrowatch Weekly in 2015, a poster in the comments section gave a webpage link where updated images of the various versions could be found.
47 • Ian and Debian (by cykodrone on 2016-01-07 15:59:56 GMT from North America)
He lived long enough to see Debian become RH's b1+c#. Sad on both accounts, RIP Sir Murdock.
48 • PCLinuxOS updates (by Jordan on 2016-01-07 17:49:10 GMT from North America)
@45 PCLinuxOS "announcements" section of their forums contains links to updated images and a lot of info about all that.
They haven't given up.
49 • HTTPS + Chrome (by scuttlebuck on 2016-01-07 18:39:48 GMT from North America)
I have seen issues with Chrome complaining about different security type things for at least 2 yrs...even when trying to access Google owned domains etc.. and even when it got google search loaded half my pages where in Thai.. I live in a Spanish speaking country and my default languages is English... I tend to think the problem with HTTPS is with Google Chrome not with anything else as no other browsers have the same problems..
I no longer use Chrome....
50 • HTTPS + Chrome (by Jesse on 2016-01-07 18:47:56 GMT from North America)
@49: The warning Chrome displays occurs any time there are both HTTPS-protected and non-HTTPS-protected items on the same page. Which means the warning will appear on a LOT of pages because many websites only encrypt traffic that is sensitive.
For example, with webmail, often times the login credentials will be sent over an encrypted connection, but the rest of the page (news, images) will be sent in plain-text.
This means the warning Chrome displays is valid, but whether it is important or the whole page is encrypted or not is up to the user. Most of the time it is not an issue, since only sensitive items (credentials, downloads, financial data) usually need encryption while the rest of the page is not security sensitive. It's actually a useful security feature Chrome has, but one most people do not understand which is why other browsers do not implement it, it tends to confuse people.
51 • Many Product Announcements Fall Short (by Ben Myers on 2016-01-08 15:15:23 GMT from North America)
A recent product announcement spoke about a new version, and gave a laundry list of packages that changed in the distro. I won't offend the owners of the product by naming it. Keeping packages up-to-date is all well and good. Packages get updated for good reasons including security fixes, code optimization, and maybe adding features themselves.
But when I read a product announcement on a web site, I want to know what VISIBLE features are new, what is different when I try out the latest distro. So tell me what compels me to try the latest revision of your distro, rather than the previous one.
52 • 51 • Amateur Marketing (by Fossilizing Dinosaur on 2016-01-08 19:02:15 GMT from North America)
Many distro groups can't afford professional editing. Is DW is a paid subscription service? Good editing is rare; many subscribe to the "Confusion to the Enemy" school of Marketing instead of the KISS tenets of Good Communication (or journalism). Cheap copy-and-paste often loses formatting in the process (compare to linked announcements, for example) but that doesn't prevent you from sifting through the pile for nuggets. If your patience lasts, of course. (Us cranky geezers may not have much left.)
53 • Ya gotta make some effort to sell it, or nobody buys it (by Ben Myers on 2016-01-09 02:22:10 GMT from North America)
@52 - AFAIK, Distrowatch is not a paid subscription service. (Jesse can speak more authoritatively than I.) The way it seems to work is that somebody releases a version of a distro tracked by Distrowatch. In turn, Jesse and friends take whatever blurb is submitted to them for the release, and they produce a short abstract.
If the text from the custodians of a distro talks only about package updates, then that's what gets put into the announcement on this web site. After all, it is unreasonable for Jesse & Co to conjure up something out of thin air.
So the responsibility for writing a notice about a new distro release falls squarely on the distro team. If what is written is wanting, people will be less likely to use a distro. I always thought that the purpose of an announcement was to get people to go ahead and use it. Maybe the distro teams need to add people with technical/marketing (a dirty word!) writing skills. People who know what they are writing about and are capable of writing clearly and concisely.
Fortunately, there are people in the trade press who are Linux sympathizers, at minimum. And even some who use Linux. Steven J Vaughn-Nichols is one. JR Watson another. So we hear good and maybe not so good words about the distros they have time to cover. But like the rest of us, their time is at a premium, and they do not have time to sift through a web site panning for nuggets. And they only have time to cover the mainstream distros.
So if nothing compelling is written by anyone about a distro, who is to try it? Jesse also does a wonderful service to the Linux community with his reviews. And again, his time limited, like the rest of us. Honestly, I do not know how he is able to do so much.
54 • Updating frequency (by ddalley on 2016-01-09 06:55:47 GMT from North America)
I update whenever I can. Since I use multiple USB memory sticks, that frequency is random, depending upon which stick-of-the-day that I choose. Linux Mint, and a few others, make updating easy, so I do it often.
55 • @Serge #44 Roger That or Maybe Not (by Arch Watcher 402563 on 2016-01-09 08:08:36 GMT from North America)
Erm, we said the same thing? Your mention of an "unofficial repository" meets my own notice that "pacman fails to prompt for key downloads on demand." Keys are needed for nonstandard packages or repos.
What should happen:
Mr. User runs pacman -S unofficial-thingy pacman detects lack of key(s) for repo and/or thingy pacman downloads key(s) pacman computes fingerprint(s) and prompts user for validation(s) if Y, pacman installs key(s) and unofficial-thingy
What currently happens:
Pacman/pacaur says verification fails Mr. User gets lost...What's a key? Can't you just install already?
I can't follow your bootstrap circles, but for MITM attacks, use SSL Observatory in HTTPS-Everywhere or another known mitigation technique.
56 • mint kde (by peer on 2016-01-10 08:31:03 GMT from Europe)
just upgraded mint kde 17.2 to 17.3
57 • upgrades & Mint KDE (by M.Z. on 2016-01-10 09:33:30 GMT from North America)
@56 - Mint KDE I did the same a few days ago soon after the upgrade was announced. The new mint tools are very nice, especially the upgrades to the software sources tools. LibreOffice 5 is also a nice addition. Trouble free as always, though I did have to run Grub Customizer yet again to into the new kernel after I installed that as well. I guess that's what I get for putting Mageia in charge of GRUB.
@24 - updates Both Mint & PCLinuxOS have kernel updates that are entirely optional, while I find most others like Mageia tend to offer the old kernel as a still installed fallback option. It's also worth noting that Mint in particular puts the user very much on control & only updates 'safe' categories by default, so it is very robust by the standards you mention. Also 'stable' systems like Debian tend to not put out nearly as many updates that Mint designates as level 4 & 5, so they also provide the robustness you speak of.
"why should the base operating system be updated more frequently? Wasn't it built right to start with?"
We are talking about software programmed by human beings, so there is no way to obtain total bug free perfection, even though it might be a nice hypothetical goal. Bugs exist, period, as do design flaws with hardware that often go unnoticed by typical users. The fact is that software is fairly quick & easy to fix, so why not take advantage of that fact, especially if it is unlikely to harm system stability?
Personally I tend to update fairly frequently, usually every day or so on all my main systems & every couple of weeks or so on my secondary system. I also tend to leave most level 4 & 5 updates in Mint completely alone, which keeps everything nice & stable. They way I run my systems I get plenty of stability & robust fallback options, so what's there to complain about?
58 • Survey response (by Leo on 2016-01-10 10:52:30 GMT from North America)
I usually update weekly but put aside 30mins to an 1hr just in case something breaks :)
59 • update\\\\\\upgrade\\\\\\\bugfix\\\\\\change management (by Kragle on 2016-01-10 17:31:18 GMT from North America)
The burned: 34 • "… updating breaks games … simply a lot … oh great it crashes now … audio broken … update clementine, boom the update breaks mono runtime … Wine is always broken … PlayOnLinux is not much better … (upgrade distro version) wifi drivers fail … the things that break most are the emulators … and there goes your afternoon. … upgrading is bad…"
The casually dismissive: 35 • "… fix a bug far more often than cause one. … auto updates with reboot every 24h … works fine …" 57 • "… unlikely to harm system stability … fairly quick & easy to fix … nice hypothetical …"
Clearly, 25 • "It depends …"
… on selectable Preferences (and ratings/categories?) and other controls, and thus … on responsible communication regarding changes (and best-practice packaging, and recovery procedure documentation) … on full-system backup copies that take hours/days/drives? (But will it actually restore? Some systems restore - to day zero!) … or on "incremental" backup copies… (how many?) … on "fall-back"/revert to some prior version? (After configurations were "improved"?) … on spare parts? Spare whole systems?
… and Your_Mileage_May_Vary
60 • anything can happen (by M.Z. on 2016-01-10 19:50:27 GMT from North America)
@59 - It depends... Well it's obviously been said a million times by a huge number of experts that backups are a very smart idea to the point that it has become an obvious refrain. Then again it's also said that you can slip on a banana peel & die suddenly tomorrow. The world is full of risks computerized & otherwise, so instead of hyperventilating about it just act smartly & geo about your business. I have most if not all of my important data on a USB stick & a couple of PCs. My backup hardware is second hand & was essentially free, & with a little technical knowledge most users could easily get & set up such a system, though only the people who worry about backups are likely to do so. Some who don't use backups also walk around public streets without insurance in spite of the risk of being hit by a truck. These folks live by the old French saying 'c'est la vie', and simply pick themselves up after S#^! Happens & try to muddle through.
Personally I live in the lightning capital of the USA, but I don't have a lightning rod in my yard. I even lost at least one tree in my yard to lightning, & in spite of it I don't live in fear. I do consider myself ahead of the game in the event of a total PC failure, because instead of simply saying 'that's life' to my PC failure risks I have copies of my files & I try to administer my systems smartly. Of course it all means nothing if a big enough meteor strikes at just the right angle, or if some rocket of at the Space Center goes careening off course & lands on me because of both mechanical failure & failures in backup detonation systems. There are plenty of terrible scenarios that aren't completely impossible, but it's not worth living life in fear so buckle you seat belts & get on with life. Also in between making your occasional file backups & buckling your seat belt, remember to never start smoking, you'll probably live longer :)
Number of Comments: 60
Display mode: DWW Only • Comments Only • Both DWW and Comments
| | |
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Archives |
• Issue 1099 (2024-12-02): AnduinOS 1.0.1, measuring RAM usage, SUSE continues rebranding efforts, UBports prepares for next major version, Murena offering non-NFC phone |
• Issue 1098 (2024-11-25): Linux Lite 7.2, backing up specific folders, Murena and Fairphone partner in fair trade deal, Arch installer gets new text interface, Ubuntu security tool patched |
• Issue 1097 (2024-11-18): Chimera Linux vs Chimera OS, choosing between AlmaLinux and Debian, Fedora elevates KDE spin to an edition, Fedora previews new installer, KDE testing its own distro, Qubes-style isolation coming to FreeBSD |
• Issue 1096 (2024-11-11): Bazzite 40, Playtron OS Alpha 1, Tucana Linux 3.1, detecting Screen sessions, Redox imports COSMIC software centre, FreeBSD booting on the PinePhone Pro, LXQt supports Wayland window managers |
• Issue 1095 (2024-11-04): Fedora 41 Kinoite, transferring applications between computers, openSUSE Tumbleweed receives multiple upgrades, Ubuntu testing compiler optimizations, Mint partners with Framework |
• Issue 1094 (2024-10-28): DebLight OS 1, backing up crontab, AlmaLinux introduces Litten branch, openSUSE unveils refreshed look, Ubuntu turns 20 |
• Issue 1093 (2024-10-21): Kubuntu 24.10, atomic vs immutable distributions, Debian upgrading Perl packages, UBports adding VoLTE support, Android to gain native GNU/Linux application support |
• Issue 1092 (2024-10-14): FunOS 24.04.1, a home directory inside a file, work starts of openSUSE Leap 16.0, improvements in Haiku, KDE neon upgrades its base |
• Issue 1091 (2024-10-07): Redox OS 0.9.0, Unified package management vs universal package formats, Redox begins RISC-V port, Mint polishes interface, Qubes certifies new laptop |
• Issue 1090 (2024-09-30): Rhino Linux 2024.2, commercial distros with alternative desktops, Valve seeks to improve Wayland performance, HardenedBSD parterns with Protectli, Tails merges with Tor Project, Quantum Leap partners with the FreeBSD Foundation |
• Issue 1089 (2024-09-23): Expirion 6.0, openKylin 2.0, managing configuration files, the future of Linux development, fixing bugs in Haiku, Slackware packages dracut |
• Issue 1088 (2024-09-16): PorteuX 1.6, migrating from Windows 10 to which Linux distro, making NetBSD immutable, AlmaLinux offers hardware certification, Mint updates old APT tools |
• Issue 1087 (2024-09-09): COSMIC desktop, running cron jobs at variable times, UBports highlights new apps, HardenedBSD offers work around for FreeBSD change, Debian considers how to cull old packages, systemd ported to musl |
• Issue 1086 (2024-09-02): Vanilla OS 2, command line tips for simple tasks, FreeBSD receives investment from STF, openSUSE Tumbleweed update can break network connections, Debian refreshes media |
• Issue 1085 (2024-08-26): Nobara 40, OpenMandriva 24.07 "ROME", distros which include source code, FreeBSD publishes quarterly report, Microsoft updates breaks Linux in dual-boot environments |
• Issue 1084 (2024-08-19): Liya 2.0, dual boot with encryption, Haiku introduces performance improvements, Gentoo dropping IA-64, Redcore merges major upgrade |
• Issue 1083 (2024-08-12): TrueNAS 24.04.2 "SCALE", Linux distros for smartphones, Redox OS introduces web server, PipeWire exposes battery drain on Linux, Canonical updates kernel version policy |
• Issue 1082 (2024-08-05): Linux Mint 22, taking snapshots of UFS on FreeBSD, openSUSE updates Tumbleweed and Aeon, Debian creates Tiny QA Tasks, Manjaro testing immutable images |
• Issue 1081 (2024-07-29): SysLinuxOS 12.4, OpenBSD gain hardware acceleration, Slackware changes kernel naming, Mint publishes upgrade instructions |
• Issue 1080 (2024-07-22): Running GNU/Linux on Android with Andronix, protecting network services, Solus dropping AppArmor and Snap, openSUSE Aeon Desktop gaining full disk encryption, SUSE asks openSUSE to change its branding |
• Issue 1079 (2024-07-15): Ubuntu Core 24, hiding files on Linux, Fedora dropping X11 packages on Workstation, Red Hat phasing out GRUB, new OpenSSH vulnerability, FreeBSD speeds up release cycle, UBports testing new first-run wizard |
• Issue 1078 (2024-07-08): Changing init software, server machines running desktop environments, OpenSSH vulnerability patched, Peppermint launches new edition, HardenedBSD updates ports |
• Issue 1077 (2024-07-01): The Unity and Lomiri interfaces, different distros for different tasks, Ubuntu plans to run Wayland on NVIDIA cards, openSUSE updates Leap Micro, Debian releases refreshed media, UBports gaining contact synchronisation, FreeDOS celebrates its 30th anniversary |
• Issue 1076 (2024-06-24): openSUSE 15.6, what makes Linux unique, SUSE Liberty Linux to support CentOS Linux 7, SLE receives 19 years of support, openSUSE testing Leap Micro edition |
• Issue 1075 (2024-06-17): Redox OS, X11 and Wayland on the BSDs, AlmaLinux releases Pi build, Canonical announces RISC-V laptop with Ubuntu, key changes in systemd |
• Issue 1074 (2024-06-10): Endless OS 6.0.0, distros with init diversity, Mint to filter unverified Flatpaks, Debian adds systemd-boot options, Redox adopts COSMIC desktop, OpenSSH gains new security features |
• Issue 1073 (2024-06-03): LXQt 2.0.0, an overview of Linux desktop environments, Canonical partners with Milk-V, openSUSE introduces new features in Aeon Desktop, Fedora mirrors see rise in traffic, Wayland adds OpenBSD support |
• Issue 1072 (2024-05-27): Manjaro 24.0, comparing init software, OpenBSD ports Plasma 6, Arch community debates mirror requirements, ThinOS to upgrade its FreeBSD core |
• Issue 1071 (2024-05-20): Archcraft 2024.04.06, common command line mistakes, ReactOS imports WINE improvements, Haiku makes adjusting themes easier, NetBSD takes a stand against code generated by chatbots |
• Issue 1070 (2024-05-13): Damn Small Linux 2024, hiding kernel messages during boot, Red Hat offers AI edition, new web browser for UBports, Fedora Asahi Remix 40 released, Qubes extends support for version 4.1 |
• Issue 1069 (2024-05-06): Ubuntu 24.04, installing packages in alternative locations, systemd creates sudo alternative, Mint encourages XApps collaboration, FreeBSD publishes quarterly update |
• Issue 1068 (2024-04-29): Fedora 40, transforming one distro into another, Debian elects new Project Leader, Red Hat extends support cycle, Emmabuntus adds accessibility features, Canonical's new security features |
• Issue 1067 (2024-04-22): LocalSend for transferring files, detecting supported CPU architecure levels, new visual design for APT, Fedora and openSUSE working on reproducible builds, LXQt released, AlmaLinux re-adds hardware support |
• Issue 1066 (2024-04-15): Fun projects to do with the Raspberry Pi and PinePhone, installing new software on fixed-release distributions, improving GNOME Terminal performance, Mint testing new repository mirrors, Gentoo becomes a Software In the Public Interest project |
• Issue 1065 (2024-04-08): Dr.Parted Live 24.03, answering questions about the xz exploit, Linux Mint to ship HWE kernel, AlmaLinux patches flaw ahead of upstream Red Hat, Calculate changes release model |
• Issue 1064 (2024-04-01): NixOS 23.11, the status of Hurd, liblzma compromised upstream, FreeBSD Foundation focuses on improving wireless networking, Ubuntu Pro offers 12 years of support |
• Issue 1063 (2024-03-25): Redcore Linux 2401, how slowly can a rolling release update, Debian starts new Project Leader election, Red Hat creating new NVIDIA driver, Snap store hit with more malware |
• Issue 1062 (2024-03-18): KDE neon 20240304, changing file permissions, Canonical turns 20, Pop!_OS creates new software centre, openSUSE packages Plasma 6 |
• Issue 1061 (2024-03-11): Using a PinePhone as a workstation, restarting background services on a schedule, NixBSD ports Nix to FreeBSD, Fedora packaging COSMIC, postmarketOS to adopt systemd, Linux Mint replacing HexChat |
• Issue 1060 (2024-03-04): AV Linux MX-23.1, bootstrapping a network connection, key OpenBSD features, Qubes certifies new hardware, LXQt and Plasma migrate to Qt 6 |
• Issue 1059 (2024-02-26): Warp Terminal, navigating manual pages, malware found in the Snap store, Red Hat considering CPU requirement update, UBports organizes ongoing work |
• Issue 1058 (2024-02-19): Drauger OS 7.6, how much disk space to allocate, System76 prepares to launch COSMIC desktop, UBports changes its version scheme, TrueNAS to offer faster deduplication |
• Issue 1057 (2024-02-12): Adelie Linux 1.0 Beta, rolling release vs fixed for a smoother experience, Debian working on 2038 bug, elementary OS to split applications from base system updates, Fedora announces Atomic Desktops |
• Issue 1056 (2024-02-05): wattOS R13, the various write speeds of ISO writing tools, DSL returns, Mint faces Wayland challenges, HardenedBSD blocks foreign USB devices, Gentoo publishes new repository, Linux distros patch glibc flaw |
• Issue 1055 (2024-01-29): CNIX OS 231204, distributions patching packages the most, Gentoo team presents ongoing work, UBports introduces connectivity and battery improvements, interview with Haiku developer |
• Issue 1054 (2024-01-22): Solus 4.5, comparing dd and cp when writing ISO files, openSUSE plans new major Leap version, XeroLinux shutting down, HardenedBSD changes its build schedule |
• Issue 1053 (2024-01-15): Linux AI voice assistants, some distributions running hotter than others, UBports talks about coming changes, Qubes certifies StarBook laptops, Asahi Linux improves energy savings |
• Issue 1052 (2024-01-08): OpenMandriva Lx 5.0, keeping shell commands running when theterminal closes, Mint upgrades Edge kernel, Vanilla OS plans big changes, Canonical working to make Snap more cross-platform |
• Issue 1051 (2024-01-01): Favourite distros of 2023, reloading shell settings, Asahi Linux releases Fedora remix, Gentoo offers binary packages, openSUSE provides full disk encryption |
• Issue 1050 (2023-12-18): rlxos 2023.11, renaming files and opening terminal windows in specific directories, TrueNAS publishes ZFS fixes, Debian publishes delayed install media, Haiku polishes desktop experience |
• Issue 1049 (2023-12-11): Lernstick 12, alternatives to WINE, openSUSE updates its branding, Mint unveils new features, Lubuntu team plans for 24.04 |
• Issue 1048 (2023-12-04): openSUSE MicroOS, the transition from X11 to Wayland, Red Hat phasing out X11 packages, UBports making mobile development easier |
• Issue 1047 (2023-11-27): GhostBSD 23.10.1, Why Linux uses swap when memory is free, Ubuntu Budgie may benefit from Wayland work in Xfce, early issues with FreeBSD 14.0 |
• Issue 1046 (2023-11-20): Slackel 7.7 "Openbox", restricting CPU usage, Haiku improves font handling and software centre performance, Canonical launches MicroCloud |
• Issue 1045 (2023-11-13): Fedora 39, how to trust software packages, ReactOS booting with UEFI, elementary OS plans to default to Wayland, Mir gaining ability to split work across video cards |
• Full list of all issues |
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
Random Distribution |
Parabola GNU/Linux-libre
Parabola GNU/Linux-libre is an unofficial "libre" variant of Arch Linux. It aims to provide a fully free (as in freedom) distribution based on the packages of the Arch Linux project, with packages optimised for i686 and x86_64 processors. The goal is to give the users complete control over their systems with 100% "libre" software. Parabola GNU/Linux-libre is listed by the Free Software Foundation (FSF) as a fully free software distribution. Besides a standard installation CD image, the project also provides a live/rescue DVD image with MATE as the default desktop environment.
Status: Active
|
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|