DistroWatch Weekly |
DistroWatch Weekly, Issue 692, 19 December 2016 |
Welcome to this year's 51st issue of DistroWatch Weekly!
There is a saying that good things come in small packages and one of the smaller and more visually attractive distributions is Bodhi Linux. The Bodhi Linux project released version 4.0.0 earlier this year and Joshua Allen Holm presents his thoughts on the distribution and its custom Moksha desktop environment in this week's Feature Story. Also in this issue, Jesse Smith explores a security package called Cappsule which is designed to protect the operating system from compromised processes. In our News section we discuss a new configuration suite from Calculate Linux, a collaborative effort between Solus and Ubuntu MATE to improve the application menu and the CoreOS distribution's name change. As usual, we report on the distribution releases of the past week and supply a list of torrents we are seeding. In our Opinion Poll we talk about approaches to process isolation and security. This week we added a new search feature which makes it easier to find old reviews and articles from past editions of the Weekly. Plus we are happy to report this month's DistroWatch donation goes to the UBports project to assist in bringing GNU/Linux to a wider range of smart phones. We will be on holiday next Monday, but we will return with a new DistroWatch Weekly on January 2, 2017. We wish you all a wonderful week and happy reading!
Content:
Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (26MB) and MP3 (34MB) formats.
|
Feature Story (by Joshua Allen Holm) |
Bodhi Linux 4.0.0 review
For users with older computers, some of the modern Linux distributions can be too resource intensive. Bodhi Linux 4.0.0 is a lightweight distribution designed for those users. The minimum system requirements are a 500MHz processor, 128MB of RAM, and 4GB of disk space. The recommended requirements are a 1.0GHz processor, 512MB of RAM, and 10GB of disk space. Available in both 32-bit and 64-bit versions, as well as a "Legacy" release for really old 32-bit systems, Bodhi Linux 4.0.0 can easily bring new life to older computers.
Bodhi Linux offers a couple of download options beyond the 32-bit/64-bit choice. There is a Standard release and an AppPack version. The Standard release is very bare-bones with only a minimal set of pre-installed options, while the AppPack version comes with a larger number of bundled applications. The ISO for the 64-bit Standard version is 647MB and the 64-bit AppPack version is 1.21GB (about twice the size). For the purposes of this review, I opted for the Standard version, so I could customize my system as I wished. However, I will be mentioning some of the AppPack version's additional software throughout this review.
Installing Bodhi Linux
The live USB I made using the ISO file I downloaded booted quickly, and I was presented with a very nice looking desktop with a helpful quick start guide, which provided a lot of useful information about Bodhi. Honestly, I did not spend much time poking around in the live environment and immediately started the installer. Though from my limited experience using the desktop while the installer ran, the live version is very usable.
Bodhi Linux 4.0.0 -- The Quick Start Guide
(full image size: 150kB, resolution: 1366x768 pixels)
Bodhi Linux 4.0.0 is based on Ubuntu 16.04 LTS, so there were no real surprises when it came to installing. The installer is the standard Ubiquity installer with just a few theme changes and Bodhi-specific information screens. The only problem I had was the fact that the custom theme used seems to not have an image for unchecked check boxes and unselected radio buttons. A selected option has a mark, but nothing is displayed in front of non-selected options, making it hard to figure out where to click. Users who have never used Ubiquity before might not even know they are being presented with options they can choose. Overall, it is a minor flaw, but something that should probably be addressed.
The Moksha desktop
Bodhi's desktop environment is called Moksha. The Bodhi website describes this desktop as "a continuation of the Enlightenment 17 desktop," which "consists of the back porting of bug fixes and features from future Enlightenment releases, as well as the removal of half finished/broken things E17 contained."
Bodhi Linux 4.0.0 -- The Moksha desktop
(full image size: 820kB, resolution: 1366x768 pixels)
For a lightweight desktop environment, Moksha is beautiful without needing a lot of system resources. On my system, with no extra applications running, the RAM usage was approximately 120MB, give or take a few megabytes either way. Despite low RAM usage, Moksha and the default applications have some wonderful graphical effects. The mouse cursor has a glowing green outline when the mouse or trackpad button is clicked. Terminology, the terminal application, has a glowing blue text cursor and, when doing something that would trigger a boring error beep on most systems, Terminology's window flashes red. This red flash is not a simple, quick color change, it is actually a polished animation. It alerts the user that something went wrong without being overpowering or needlessly distracting.
While I cannot find much wrong with Moksha overall, beyond a general sense of it being a little rough around the edges, I have to say that the graphical effect for the clock in the system tray is super distracting. The current time is displayed in glowing green numbers, which looks really nice, but all the non-current digits are also displayed in light gray. The effect is similar to a digital alarm clock using various lines to create the various numbers by only lighting certain elements, but in the case of Moksha's clock, the numbers are not the LED-style seen on alarm clocks, so you can see nine other digits stacked underneath the currently active digit. I will admit I am nitpicking here, but I found clock's display to be way too jumbled.
While Moksha is very nice, there are a few minor drawbacks with the default applications. The included text editor, ePad, is one of the most spartan text editors I have ever used. It is functional, but there are very few options to customize it. It is the same way for a lot of the bundled apps in the Standard version. The applications are nice, but basic. They might be enough for some people, but could be very limiting for others. Thankfully, the distribution does provide a nice selection of more robust alternatives through its package manager.
Installing and updating software
Like I noted above, I used the Standard version of the install media, so my system did not have much software installed. It came with the Midori web browser, the Terminology terminal emulator, PCManFM file manager, ePad text editor, ePhoto image viewer, and a handful of system utilities for adjusting various settings and updating software. The AppPack version includes a much longer list of bundled software including key applications like LibreOffice and the VLC media player.
Bodhi Linux 4.0.0 -- The AppCenter software manager
(full image size: 89kB, resolution: 1366x768 pixels)
The default method for installing software in the Standard version is the Bodhi AppCenter. This web-based AppCenter contains a rather limited number of packages, but the ones that are included are the big name applications. For web browsers, Chromium and Firefox are available to install and the office category provides lighter applications, like Abiword and Gnumeric, and full office suites, including both Apache OpenOffice and LibreOffice. It is the same for all the other software categories; the big name applications are there, but overall selection of software is very limited. This drawback can easily be bypassed by installing the Synaptic package manager (which comes included by default in the AppPack version) and installing software from a much larger selection of packages, basically anything available in the Ubuntu 16.04 LTS repositories.
Even without resorting to installing Synaptic, I was able to add enough software to my system to make it usable. I had a web browser, e-mail client, terminal, office suite, video player, and a few other utilities. While I could have easily installed from the AppPack install media and had most of these applications included by default, I like that I could start from a minimal desktop and select the packages I wanted.
Bodhi Linux 4.0.0 -- The update manager
(full image size: 690kB, resolution: 1366x768 pixels)
System updates are handled using the eepDater utility. This basic utility does exactly what it is supposed to, so there is not much to say about it. Run the updater, select which updates you want to install, and it installs them. For the entire time I used Bodhi Linux 4.0.0, I had zero problems with the updater, which is a testament both to the updater and the Bodhi team's ability to make their extra packages mesh with the Ubuntu base. When dealing with distributions that are a base distro plus extras, sometimes things can get broken or messed up, but I saw none of that when I was using Bodhi.
Final thoughts
Bodhi Linux 4.0.0 is an excellent choice for anyone looking for a lightweight Linux distribution for their older computers, or anyone who wants something just a little different. While the Moksha desktop is not perfect and it still has a few minor rough edges, it is a functional, traditional desktop. The only real negative with Bodhi is the small number of applications available though Bodhi's AppCenter, but even that is easily bypassed by installing and using the Synaptic package manager.
* * * * *
Hardware used in this review
My physical test equipment for this review was a Lenovo Ideapad 100-15IBD laptop with the following specifications:
- Processor: 2.2GHz Intel Core i3-5020U CPU
- Storage: Seagate 500GB 5400 RPM hard drive
- Memory: 4GB of RAM
- Networking: Realtek RTL8723BE 802.11n Wireless Network Adapter
- Display: Intel HD Graphics 5500
|
Miscellaneous News (by Jesse Smith) |
Calculate's new Utilities package, Solus and Ubuntu MATE build new application menu, CoreOS becomes Container Linux
The Calculate Linux team has announced their first beta release of Calculate Utilities. The Utilities package features a suite of server configuration tools which will help the administrator perform common tasks. "The first beta of Calculate Utilities 3.5 has been made available. The brand new sys-apps/calculate-utils package now features server configuration tools, even though only basics are supported for the time being, such as database deployment, LDAP server configuration, creating accounts for Unix users, files and configuration backups, etc. We completely rewrote the server utilities. Server templates were moved to the Calculate overlay. Two more USE flags, backup and server, were added to the package, which stand respectively for creating backups and server configuration." Further information on the Utilities suite and its features can be found in the project's blog post.
* * * * *
The Solus and Ubuntu MATE projects are working in collaboration to build a better application menu for the MATE desktop environment. The new menu is called Brisk and is written in C in order to offer better performance. The This Week In Solus newsletter reports: "Brisk Menu will be featured in the ISO snapshot for our Solus MATE Edition and the work done on Brisk Menu will be ported back to Budgie 11. Additionally, we're proud to announce that the Ubuntu MATE project has expressed enthusiasm about Brisk Menu and is helping to fund development of it, so all MATE desktop users can benefit from a fast, modern menu implementation. The Ubuntu MATE project will be integrating Brisk Menu as soon as it can replace the core functionality of MATE Menu, and will see that Brisk Menu is packaged for Debian and made available in the Debian and Ubuntu archives." Ubuntu MATE's lead developer, Martin Wimpress, confirmed the ongoing collaboration in an Google+ post.
* * * * *
The CoreOS distribution is a Linux-based project for servers. The distribution is designed to be streamlined for running containers and provides rolling updates. The project has announced a change in the name of the distribution from CoreOS to Container Linux. "Over the years, CoreOS (the brand) has grown to represent not just a product but the leadership and expertise we provide to our customers and in the open community. So to differentiate our company from this widely used product, we have renamed CoreOS Linux to 'Container Linux by CoreOS' and have given it a new logo as well. Further information can be found in the project's announcement.
* * * * *
These and other news stories can be found on our Headlines page.
|
Technology Review (by Jesse Smith) |
Cappsule - Lightweight virtual machine security
One of our readers sent me a link to Cappsule and recommended I look into it. Cappsule is a product of Quarkslab which strives to improve security by isolating processes. The project's website states:
Cappsule is a new kind of hypervisor developed by Quarkslab (to our knowledge, there's no similar public project). Its goal is to virtualize any software on the fly (e.g. web browser, office suite, media player) into lightweight VMs called cappsules. Attacks are confined inside cappsules and therefore don't have any impact on the host OS. Applications don't need to be repackaged, and their usage remains the same for the end user: it's completely transparent. Moreover, the OS doesn't need to be re-installed nor modified.
At this time, Cappsule is still in development and carries the beta tag. The software can be installed from a Deb package on an existing instance of Ubuntu 16.04. Alternatively, there are VMware and VirtualBox appliances we can download in order to test the Cappsule software before we install it locally.
I decided to try the VirtualBox appliance first. I downloaded the 2.1GB compressed archive, confirmed the appliance's checksum and tried to import it into VirtualBox. Importing the appliance failed due to storage-related errors. I then created a new virtual machine and tried to attach the provided virtual hard disk, which again failed.
Though not off to a great start, I decided to try installing Cappsule directly on an existing copy of Ubuntu 16.04.1. I downloaded the 540kB Deb package and tried to install it. The package was missing a dependency, specifically the xserver-xorg-video-dummy package. I installed this missing item and then installed the Cappsule Deb package.
According to the project's documentation, Cappsule includes a background daemon which we need to start before using Cappsule. After that, we should be able to run commands inside cappsules by prefixing our commands with virt exec. For example, we might run "virt exec firefox" or "virt exec vi". At first, the virt command was not recognized and I found this was due to the program being installed in the /usr/local/cappsule/usr/bin directory which had to be added to my user account's command path. With this done, I tried running virt and got back an error: "Client error: cannot connect to cappsule server."
As it turned out, the server was not running yet. I launched the server (it needs to be run with root or sudo privileges) and tried again. Once more I was told virt could not connect to its server. A little experimenting showed the Cappsule server was terminating immediately upon launch, not running in the background as expected. To work around this, I ran the Cappsule server in debugging mode. The only thing debugging mode offered me was an error which read: "finit_module: File exists", followed by the daemon shutting down.
A trip back to the project's documentation lead me to realize Cappsule is available in two flavours, one apparently for desktop applications and another for command line programs or services. Since the Desktop version appears, judging by the documentation, to be trickier to get working smoothly, I removed the Desktop version of the package and installed the Server edition.
Trying to run the Server edition of Cappsule worked (or did not work) exactly the same as the Desktop edition. The daemon would crash and I could get no helpful error messages out of the debugging mode. A side-effect of installing the Server edition was, when I rebooted Ubuntu, my operating system would only boot to a command line interface. I was no longer brought to a graphical login screen at boot time. Even once the Cappsule packages had been removed, Ubuntu still only booted to a text console. I could login, but not launch a graphical environment as Cappsule had changed my X software settings.
At this point, Cappsule does not appear to be a practical tool. I could not import the virtual machine appliance and neither of the two Deb packages provided me with a working copy of the Cappsule daemon. Adding insult to injury, removing Cappsule effectively removed my ability to run graphical software on my installation of Ubuntu. The project has some documentation, but it's still sparse and mostly covers what Cappsule is without diving a great deal into how it works or how to trouble-shoot issues.
For now, people hoping to isolate their processes would probably be better served by Firejail, Qubes OS or a virtual machine.
|
Released Last Week |
CentOS 7-1611
Karanbir Singh has announced the release of CentOS 7-1611. The new release is derived from Red Hat Enterprise linux 7.3 and offers a number of new features, including SHA2 support in OpenLDAP, Bluetooth LE and a technology preview of Btrfs. "Since release 1503 (abrt>= 2.1.11-19.el7.centos.0.1) CentOS-7 can report bugs directly to bugs.centos.org. You can find information about that feature at this page. Various new packages include among others: python-gssapi, python-netifaces, mod_auth_openidc, pidgin and Qt5. Support for the 7th-generation Core i3, i5, and i7 Intel processors and I2C on 6th-generation Core Processors has been added. Various packages have been rebased. Some of those are samba, squid, systemd, krb5, gcc-libraries, binutils, gfs-utils, libreoffice, GIMP,SELinux, firewalld, libreswan, tomcat and open-vm-tools..." Further information can be found in the project's release notes.
OLPC OS 13.2.8
James Cameron has announced the release of OLPC OS 13.2.8, the latest version of a specialist distribution developed under the initiative of the One Laptop Per Child (OLPC) project to provide children in developing countries with low-cost laptops. This release is still based on Fedora 18, but it ships with updated Sugar, the distribution's default desktop user interface: "We're pleased to announce the release of OLPC OS 13.2.8 for XO-1, XO-1.5, XO-1.75 and XO-4. Features: new Sugar 0.110 with completed translations; updated activities Speak 52, Measure 53, Maze 26.1, Implode 17, GetBooks 16.2, Clock 18.1 and Chat 83; add sugar-erase-bundle feature, for use by deployment scripts. Fixes: fix Fedora secondary mirror references so yum can work; remove Sugar Web Account control panel as it does nothing; remove Simple-English-Wikipedia on XO-1.5 to fit into 2 GB limit for some models; add forward and back buttons in help view; display activity instance title in join requests...." Read the release announcement and release notes for further details and installation instructions.
Proxmox 4.4 "Virtual Environment"
Proxmox Virtual Environment (VE) is a Debian-based distribution used for running virtual appliances and containers. The latest release of Proxmox VE, version 4.4, allows for the creation of unprivileged contains through the distribution's graphical interface. The project has also a new dashboard: "Proxmox Server Solutions GmbH today released version 4.4 of its server virtualization platform Proxmox Virtual Environment (VE). In addition to numerous improvements and updates the open source solution Proxmox VE brings a new dashboard for Ceph and cluster. The new Ceph dashboard gives the administrator a comprehensive overview of the Ceph status, the Ceph monitors, the Ceph OSDs, and the current performance and utilization of the Ceph cluster. Together with the existing disk management the new dashboard simplifies the ease-of-use and administration of Ceph storage and paves the way to the complete software-defined data centre." Additional information can be found in the distribution's release announcement.
MX Linux 16
MX Linux is a mid-weight, Debian-based Linux distribution which uses Xfce as the project's default desktop environment. The project has announced the release of MX 16, code name "Metamorphosis". While based on Debian's Stable branch, MX Linux uses the SysV init software rather than the newer systemd init technology. "MX-16 (Metamorphosis) released. The dev team of MX Linux is pleased to announce the release of MX-16 - code named "Metamorphosis". Built on the reliable and stable Debian Jessie (8.6) base with extra enhancements from the antiX live system, it also comes with numerous up to date applications provided by the MX Linux packagers. Just like previous versions of MX, this release defaults to SysV init. Available in 32- and 64-bit. Both ISO files weigh in at around 1.2GB in size. The new release is available in 32-bit and 64-bit builds with the 32-bit ISO featuring a kernel that does not require PAE support to boot. Further information can be found in the project's release announcement.
MX Linux 16 -- Running the Xfce desktop
(full image size: 1.1MB, resolution: 1280x1024 pixels)
GoboLinux 016
Lucas Villa Real has announced the release of GoboLinux 016, an independently-developed distribution characterised by a custom (and very un-UNIX-like) file system hierarchy. This release of GoboLinux, the first stable version in over 2.5 years, ships with a minimalist desktop based on the Awesome window manager: "We are pleased to present release 016 of GoboLinux, the Linux distribution featuring a re-thought file system structure. GoboLinux was created out of a desire to try new approaches in the Linux distribution design space. GoboLinux 016 continues this journey, with a focus on the exploration of novel ideas aiming to make the system simpler yet functional. The GoboLinux ISO image serves both as an installation disc and a live environment, with a graphical desktop featuring Awesome WM. In fact, due to the modular nature of the GoboLinux file system, every program available in the image can be used directly from the Live environment." Read the detailed release notes for further information.
GoboLinux 016 -- Running the Awesome window manager
(full image size: 713kB, resolution: 1280x1024 pixels)
Linux Mint 18.1
The Linux Mint team has announced the release of an update to the project's 18.x branch. The new version, Linux Mint 18.1, is available in two editions (Cinnamon and MATE) and is available in 32-bit and 64-bit builds. The new release offers Cinnamon users a new screen saver that displays more information and provides media controls even when the screen is locked. On computers which feature accelerometers, the Cinnamon desktop can now rotate when the device's orientation changes. Both editions offer upgrades to the X-apps programs with the Xplayer media player now offering the ability to blank screens not being used to display video. Also, the update manager can display a list of available kernel versions with recommendations. "The screensaver in Cinnamon 3.2 was redesigned and rewritten from scratch in Python. Not only does it look better, but it's also much faster, more responsive and more customizable than the old one. Background slide shows set in Cinnamon continue to play in the new screensaver. On laptops the battery power is shown, so you can see if you're running low without having to log in. We also thought about music fans. You no longer need to unlock the screen to mute the sound, and if you're throwing a party and using your computer as a jukebox, you can have the media controls right there in the screensaver, so you can let people skip to the next song without giving them access to your session. The screensaver can also show if you missed notifications (not their content, for privacy reasons, but how many)." Additional information can be found in the project's release announcements (Cinnamon, MATE).
GeckoLinux 422.161213.0
The GeckoLinux project is an openSUSE-based, desktop oriented distribution. The project provides eight different editions with live discs for testing purposes. The latest version of the distribution, GeckoLinux 422.161213.0, is based on openSUSE 42.2 Leap and includes many package updates. "Changes to all GeckoLinux Static editions: The base system has been updated to openSUSE Leap 42.2, with updated versions of the Linux kernel (4.4.36), systemd (228), GTK3 (3.20), Qt (5.6.1), and glibc (2.22). Also the GeckoLinux language-installer.sh script for non-English language packs has been updated to be more reliable and easy to use. Also the script created by Mindaugas Baranauskas to ensure that Xorg correctly starts has been significantly improved, and SiS graphics support has also been included. Perhaps the most important change is that the old yast2-live-installer that served us well for past releases is no longer supported by openSUSE and no longer works. Therefore, it has been replaced by the Calamares universal installer framework." Further information can be found in the project's release announcement.
* * * * *
Development, unannounced and minor bug-fix releases
|
Torrent Corner |
Weekly Torrents
Bittorrent is a great way to transfer large files, particularly open source operating system images, from one place to another. Most bittorrent clients recover from dropped connections automatically, check the integrity of files and can re-download corrupted bits of data without starting a download over from scratch. These characteristics make bittorrent well suited for distributing open source operating systems, particularly to regions where Internet connections are slow or unstable.
Many Linux and BSD projects offer bittorrent as a download option, partly for the reasons listed above and partly because bittorrent's peer-to-peer nature takes some of the strain off the project's servers. However, some projects do not offer bittorrent as a download option. There can be several reasons for excluding bittorrent as an option. Some projects do not have enough time or volunteers, some may be restricted by their web host provider's terms of service. Whatever the reason, the lack of a bittorrent option puts more strain on a distribution's bandwidth and may prevent some people from downloading their preferred open source operating system.
With this in mind, DistroWatch plans to give back to the open source community by hosting and seeding bittorrent files. For now, we are hosting a small number of distribution torrents, listed below. The list of torrents offered will be updated each week and we invite readers to e-mail us with suggestions as to which distributions we should be hosting. When you message us, please place the word "Torrent" in the subject line, make sure to include a link to the ISO file you want us to seed. To help us maintain and grow this free service, please consider making a donation.
The table below provides a list of torrents we currently host. If you do not currently have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found here. All torrents we make available here are also listed on the very useful Linux Tracker website. Thanks to Linux Tracker we are able to share the following torrent statistics.
Torrent Corner statistics:
- Total torrents seeded: 264
- Total data uploaded: 49.1TB
|
Upcoming Releases and Announcements |
Summary of expected upcoming releases
|
Opinion Poll |
Process isolation
Process isolation can improve security, especially when running network services which may be compromised by outside attackers. This week we discussed Cappsule, a technology created to help isolate running processes from each other. In past articles we have talked about other technologies, such as Qubes OS and Firejail, which seek to isolate processes from the rest of the operating system. There are several other ways to sandbox applications, including using Linux containers, virtual machines and FreeBSD jails.
This week we would like to know what, if any, technology you use to keep your applications and services isolated from the rest of the operating system. If you are using one we do not list here, please tell us about it in the comments.
You can see the results of our previous poll on the types of feature stories we publish here. All previous poll results can be found in our poll archives.
|
Process isolation
Cappsule: | 6 (0%) |
Firejail: | 169 (12%) |
FreeBSD jail: | 79 (5%) |
Linux container: | 79 (5%) |
Qubes OS: | 50 (3%) |
Virtual machine: | 465 (32%) |
Other: | 33 (2%) |
None: | 585 (40%) |
|
|
DistroWatch.com News |
Search for past articles and mobile fonts
DistroWatch has been around, providing reviews and news, for over 15 years now. Over the past decade and a half we have accumulated well over a thousand reviews, tips and Questions & Answers columns. In order to make finding past articles and guides easier, we have introduced a new search page.
The new Articles Search page helps readers find past articles using key words. There are also filters to assist in finding articles of a specific type, such as a distribution review or Tips & Tricks column. We hope this search page will be useful for people looking for tutorials or a look back at older versions of distributions.
Last month, when we introduced the mobile version of the DistroWatch website, we received lots of constructive feedback. One requested feature was the use of larger font sizes, particularly on the front page. This has been implemented and it should now be possible to read the front page of DistroWatch in portrait mode, even on small smart phone screens, without zooming in.
* * * * *
December 2016 DistroWatch.com donation: UBports
We are pleased to announce the recipient of the December 2016 DistroWatch.com donation is UBports. The project receives US$300.00 in cash.
The UBports project works to port the Ubuntu Touch mobile operating system to additional devices, particularly Android-powered smart phones. "UBports is a team of developers and a meeting place for developers that wish to port Ubuntu Touch to as many devices as possible, this is a place where developers can talk to other developers, learn from each other and help push Ubuntu to more devices as a team, or by yourself but with community support if you wish." At the moment, phones with Ubuntu Touch pre-installed are all out of stock and UBports provides a method by which people can get Ubuntu running on their devices with relatively little effort. We reviewed Ubuntu Touch running on the Meizu Pro 5 earlier this year.
Launched in 2004, this monthly donations programme is a DistroWatch initiative to support free and open-source software projects and operating systems with cash contributions. Readers are welcome to nominate their favourite project for future donations. Those readers who wish to contribute towards these donations, please use our advertising page to make a payment (PayPal, credit cards, Yandex Money and crypto currencies are accepted). Here is the list of the projects that have received a DistroWatch donation since the launch of the programme (figures in US dollars):
- 2004: GnuCash ($250), Quanta Plus ($200), PCLinuxOS ($300), The GIMP ($300), Vidalinux ($200), Fluxbox ($200), K3b ($350), Arch Linux ($300), Kile KDE LaTeX Editor ($100) and UNICEF - Tsunami Relief Operation ($340)
- 2005: Vim ($250), AbiWord ($220), BitTorrent ($300), NDISwrapper ($250), Audacity ($250), Debian GNU/Linux ($420), GNOME ($425), Enlightenment ($250), MPlayer ($400), Amarok ($300), KANOTIX ($250) and Cacti ($375)
- 2006: Gambas ($250), Krusader ($250), FreeBSD Foundation ($450), GParted ($360), Doxygen ($260), LilyPond ($250), Lua ($250), Gentoo Linux ($500), Blender ($500), Puppy Linux ($350), Inkscape ($350), Cape Linux Users Group ($130), Mandriva Linux ($405, a Powerpack competition), Digikam ($408) and Sabayon Linux ($450)
- 2007: GQview ($250), Kaffeine ($250), sidux ($350), CentOS ($400), LyX ($350), VectorLinux ($350), KTorrent ($400), FreeNAS ($350), lighttpd ($400), Damn Small Linux ($350), NimbleX ($450), MEPIS Linux ($300), Zenwalk Linux ($300)
- 2008: VLC ($350), Frugalware Linux ($340), cURL ($300), GSPCA ($400), FileZilla ($400), MythDora ($500), Linux Mint ($400), Parsix GNU/Linux ($300), Miro ($300), GoblinX ($250), Dillo ($150), LXDE ($250)
- 2009: Openbox ($250), Wolvix GNU/Linux ($200), smxi ($200), Python ($300), SliTaz GNU/Linux ($200), LiVES ($300), Osmo ($300), LMMS ($250), KompoZer ($360), OpenSSH ($350), Parted Magic ($350) and Krita ($285)
- 2010: Qimo 4 Kids ($250), Squid ($250), Libre Graphics Meeting ($300), Bacula ($250), FileZilla ($300), GCompris ($352), Xiph.org ($250), Clonezilla ($250), Debian Multimedia ($280), Geany ($300), Mageia ($470), gtkpod ($300)
- 2011: CGSecurity ($300), OpenShot ($300), Imagination ($250), Calibre ($300), RIPLinuX ($300), Midori ($310), vsftpd ($300), OpenShot ($350), Trinity Desktop Environment ($300), LibreCAD ($300), LiVES ($300), Transmission ($250)
- 2012: GnuPG ($350), ImageMagick ($350), GNU ddrescue ($350), Slackware Linux ($500), MATE ($250), LibreCAD ($250), BleachBit ($350), cherrytree ($260), Zim ($335), nginx ($250), LFTP ($250), Remastersys ($300)
- 2013: MariaDB ($300), Linux From Scratch ($350), GhostBSD ($340), DHCP ($300), DOSBox ($250), awesome ($300), DVDStyler ($280), Tor ($350), Tiny Tiny RSS ($350), FreeType ($300), GNU Octave ($300), Linux Voice ($510)
- 2014: QupZilla ($250), Pitivi ($370), MediaGoblin ($350), TrueCrypt ($300), Krita ($340), SME Server ($350), OpenStreetMap ($350), iTALC ($350), KDE ($400), The Document Foundation ($400), Tails ($350)
- 2015: AWStats ($300), Haiku ($300), Xiph.Org ($300), GIMP ($350), Kodi ($300), Devuan ($300), hdparm ($350), HardenedBSD ($400), TestDisk ($450)
- 2016: KeePass ($400), Slackware Live Edition ($406), Devil-Linux ($400), FFmpeg ($300), UBports ($300)
Since the launch of the Donations Program in March 2004, DistroWatch has made 146 donations for a total of US$46,381 to various open-source software projects.
* * * * *
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 2 January 2017. Past articles and reviews can be found through our Article Search page. To contact the authors please send e-mail to:
|
|
Tip Jar |
If you've enjoyed this week's issue of DistroWatch Weekly, please consider sending us a tip. (Tips this week: 5, value: US$25.29) |
|
|
|
bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr 86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le paypal.me/distrowatchweekly • patreon.com/distrowatch |
|
Extended Lifecycle Support by TuxCare |
|
Reader Comments • Jump to last comment |
1 • jails (by nolinuxguru on 2016-12-19 10:24:51 GMT from United Kingdom)
I have been using Firejail for a while to isolate Firefox, Icedove [email]. I use the supplied profiles for these applications, but customise them to further restrict the ways programs such as Firefox can propagate any malware. I like the way that I can compile the Firejail program from source [it does not have the usual rats-nest of dependencies, and is small enough that even I can understand how it works].
2 • Bodhi Linux (by aguador on 2016-12-19 10:52:30 GMT from Spain)
Enlightenment is my DE of choice, but I have never quite managed to relate to Bodhi, in part because of its Ubuntu base, but more because of Midori and the AppCenter. Midori, while light on resources, in my experience has always seemed slow as well as limited. Firefox is an option, but (at least in the past) does not come enabled to use the AppCenter. So, one reverts to Synaptics, a great option for most, but more complicated for newbies who might be better served by a more traditional software center approach.
Jeff has made good contributions to Enlightenment, including ePad which has to be the absolute lightest notepad application around given its use of EFL and arguably better than Ecrire in some ways. I understand that E is undergoing constant development -- and improvement, so forking it due to momentary frustrations was a shame. Still, Bodhi seems to have found a niche and I wish the project well.
3 • Brisk Mate Menu (by aguador on 2016-12-19 11:01:23 GMT from Spain)
Mate was my first DE and I am amazed at the progress it has made. A recent test drive of a live version of Ubuntu Mate was a surprisingly pleasant experience with good configuration options. The thing that sets it apart from Linux Mint are the application menu and interface options. Mint Menu is good conceptually, but a bit wanting aesthetically. A faster, more aesthetic (Budgie- or Cinnamon-like) menu will, is sure to welcomed by regular users.
4 • Brisk Mate Menu (by sydneyj on 2016-12-19 11:56:38 GMT from United States)
I very much agree with @3 aguador regarding Brisk menu for Mate. I use Arch/Mate now, with the MintMenu. The menu is quite good, but a bit buggy (a couple of irretrievably broken links), presumably due to GTK2/3 issues. I would be happy to see the Cinnamon menu ported to Mate, since it doesn't require an extra click to get to Favorites, and the menu can grow in size as items are added. A hybrid Cinnamon/Budgie menu might be just the ticket, as well.
5 • Mate Menu (by Pikolo on 2016-12-19 12:19:00 GMT from United Kingdom)
Rewriting a menu in C sounds like a very anti-trend move to me. Isn't Gnome moving from C to Rust? Isn't C famous for buffer overflows? I've seen dozens of articles on "why we should limit the use of C" just this moonth. A truly bizarre development.
I'm surprised there are so many Qubes users on DW. I Joanna Rutkowska has shown a graph, on which there are <7k users, and already 16 of them voted. Though their % will probably drop over time. All in all, 60% of Linux users using process isolation is impressive.
6 • <3 bodhi (by meanpt on 2016-12-19 12:42:25 GMT from Portugal)
... been with bodhi since ... rats, I'm getting older. Since then I only miss one thing: the the original ram's 76 MB landing DE which I proudly showed off to the the wd$sy friends.
7 • New menu in C (by Jesse on 2016-12-19 13:01:38 GMT from Canada)
@5: >> "Rewriting a menu in C sounds like a very anti-trend move to me. Isn't Gnome moving from C to Rust? Isn't C famous for buffer overflows? I've seen dozens of articles on "why we should limit the use of C" just this moonth. A truly bizarre development."
In this case it makes a lot of sense. C is still one of the main languages to use when performance is a primary focus. And, in this case, the risk of buffer overflows or similar memory corruption errors are not really a concern. Remember, the application menu is run as the user who is logged in and sitting physically at the computer. If the user manages to somehow exploit a flaw in the code, all they end up with is the ability to run code at the computer where they are already sitting, running whatever code they want. In this instance, C gives a boost in performance with no practical downside.
8 • @ Joshua (by geert on 2016-12-19 13:06:56 GMT from Netherlands)
>For users with older computers, some of the modern Linux distributions can be too resource intensive. Bodhi Linux 4.0.0 is a lightweight distribution designed for those users. The minimum system requirements are a 500MHz processor, 128MB of RAM, and 4GB of disk space. The recommended requirements are a 1.0GHz processor, 512MB of RAM, and 10GB of disk space.<
Of course, if only you just boot the computer and don't do anything. All processes have to work in RAM, and more you have apps open, you need more RAM. And, remember 32 bit is "legacy" now.
9 • Bodhi Clock (by Thomas on 2016-12-19 13:20:50 GMT from France)
The clock widget in Bodhi mimics clocks made with Nixie Tubes or similar technology.
10 • Re: #2 / Midori (by Jeff Hoogland on 2016-12-19 13:34:03 GMT from United States)
Always amusing that we ship as few applications as possible and yet people still find a reason to dislike them. We know midori is feature light. It is also only 5~ MB to install so it isn't wasting much space like Firefox or Chrome would (because there are plenty of people who hate each of those). We expect and often encourage people to install their full browser of choice.
For reference the latest version of Bodhi as a dedicated "app center" menu launcher that opens a midori browser to just the appcenter URL. Pretty easy for a novice end user to always use that to grab software even if they use something else as a primary web browser.
Also - APTURL (the protocol the AppCenter uses to make the browser call the package manager) works with Chrome and Firefox if you configure them properly.
11 • Greetings (by Thom on 2016-12-19 13:55:41 GMT from Sweden)
A thank you to the team behind DW for another year of dedication and philanthropy. Best wishes for the season and the new year.
12 • Bodhi (by jaws222 on 2016-12-19 15:17:44 GMT from United States)
I've always appreciated the fact that Bodhi was extremely lightweight. As far as the browser I usually go to the app center and install Chromium cause I like it and usually install whatever else I want or think I may need. I've never understood why people complain either Jeff.
13 • Firejail (by a on 2016-12-19 15:56:28 GMT from France)
I tried using firejail but it makes programs crash/exit without any message as to what the problem is.
14 • Firejail (by Jesse on 2016-12-19 16:08:08 GMT from Canada)
@13: If your application is crashing, it is probably because no one has created a Firejail profile for it yet. I ran into this with the Qupzilla browser and submitted a new profile for it to the project for future releases. You can request new application profiels here: https://github.com/netblue30/firejail/issues/825
15 • service isolation with systemd (by Scott Dowdle on 2016-12-19 17:18:03 GMT from United States)
Just wanted to mention that systemd has a number of security related features so you may separate services with isolated filesystems, /tmp, network name spaces, etc.
16 • Bodhi (by Gibson on 2016-12-19 17:35:32 GMT from United States)
I really appreciate that Bodhi offers install images without preinstalled software. Whenever I install a new distro the first thing I normally do is purge a bunch of default applications that I won't use and install my own choices. Bodhi's super lightweight text editor and web browser (which also serves as a software center) are just enough to get going without getting in the way of my own choices. I actually really like their choice to use the web browser as a basic software center. It keeps with the pattern of minimalism and simplicity. I played with Bodhi for a while shortly after being introduced to Linux and as a total amateur I never had a problem with their approach to software installation. In fact their minimal selection of apps made it easier to find what I was looking for. Now that I've been around for a while the midori interface might not meet my needs, but at this point I just use apt-get.
17 • firejail crashes (by nolinuxguru on 2016-12-19 17:57:20 GMT from United Kingdom)
@13 If you haven't reported this elsewhere, it would help if you said which programs crashed [bit quiet this week].
18 • OpinionPoll-Process isolation (by CucumberLinux on 2016-12-19 18:07:39 GMT from Germany)
Nothing to technical, just my uneducated observation, if I may. Thank you. I somewhat did write this in a hurry, but you will understand what I point out;
ISOLATING AND QUBES OS DATING Currently I am not using any software in order to isolate processes from the rest of the operating system from my GNU-Linux or LinuxDistributions, call it what you want. Generally we feel what I am talking about. Because this process is somehow new to me. However I have tried like 1 Year ago to install on quad core 16 Gb Ram PC (Boot Mode -Legacy), the QubesOS Distribution, with zero success. The Anaconda installer from Fedora, was a pain do work with ( freezing itself or just not detecting hardware). Ever sins I never bothered with it. But I find the QubesOS as an very interesting Project in itself. Perhaps not that interesting for people with low specs Hardware.
FRESH INSTALL OF DISTRIBUTION If something happens I have no problem with fresh installs. (Backing up the Data is priority all the time) At the same time I am refreshing my knowledge, by doing fresh Installs of the Distribution. This way I do not forget, the basics, because I am not that clever. Speaking here just for my tiny private needs.
FIREJAIL AND VIRTUALBOX AND MY DATING WITH LINUX Firejail is something I am going to look at, when I get more time and my butt stops hurting from to much sitting in front of the PC, solving GNU-Linux like Sumerian stone Tablets puzzles, like why this stopped working.?. Because our Linux still is a pain to work with, when done some regular updates and they mess up previously made configurations! Or you want to install for Libreoffice the hunspell, but by doing so it removes the Thunderbird.. How can you not fell like the need to throw something against the Wall, when you see this happen over and over again? And yea after, my Eyes recover from the LED monitor constantly bombarding my pretty eyes and my Pineal gland with its fantastic bright energy saving light..(Wait I need to grasp for Air) Now, back to the subject; Wish this Frejail would be already installed on the ISO. And after installation of the Distro to be asked, if I feel like to configure the Firejail, or maybe just maybe later. Now about Virtual boxing everything up; Virtualbox is the easiest, but at the same time I use it only for testing never leave it on for long time, due to the fact that it is like having 2 Distributions pounding at the same time on 1 hardware. PC in my opinion is more vulnerable on top of it if access to the Net is given using same IP and Internet for 2 or more Distributions on one Hardware running long time..
BODHY LINUX I am not using Bodhi Linux 4.0.0, but I have enjoyed the insight look in it from DistroW. Thank you for the detailed and precise as always tutorial of B.Linux. Apologies for my Grammar and Greetings to you all Linux users.
19 • Enlightened Bodhi (by Kragle von Schnitzelbank on 2016-12-19 23:41:58 GMT from United States)
I commend Mr. Hoogland for the virtuosity in forking a DE constantly being re-invented with apparent disregard for those who would build on it. This illustrates just one of the many great strengths in Freed software. . I vaguely remember an Enlightenment GUI for parted that I perceived as better than the popular GTK GUI, but can't easily find it any more. ¿case in point?
20 • security overly locked down (by security sense on 2016-12-20 01:16:44 GMT from Netherlands)
Over time, security distros tend to become increasingly locked down internally and harder to use, like Qubes and Tails have become. i believe this is due to poor thought-out design, and just piling security feature upon security feature. after all, if the user can't easily use the OS what's the point? instead, it's quick nowadays to install linuxen to USB drives. so best form of isolation is to install linux on one USB, secure it from leaks and intrusions, and use it for work and don't connect it to any network. then make another linux USB and use that for network stuff. job done - and without any user restrictions.
@18 "I am refreshing my knowledge, by doing fresh Installs of the Distribution. This way I do not forget, the basics, because I am not that clever." fresh installs are good security too. who said u were dum? people are intelligent in different ways. celebrate your brain - you've only got one!
21 • @20 security lockdown (by nolinuxguru on 2016-12-20 09:15:55 GMT from United Kingdom)
@20 most usb drives are writable, so your proposed solution does not seem to provide any added security. The greatest attack method these days is through the web browser and sites that carry malware: something like Firejail can reduce any damage to the files left writable [config, bookmarks etc].
There is much that can be done to secure your computer without the recourse to the likes of Qubes: good iptables firewall script [or just use ufw], tcpdump to see what gets through the firewall and Firejail to isolate web browsers etc. No actual programming is needed, but care is needed to pick out the bits of tcpdump output that should cause concern.
Someone who can package these simple methods for everyday users would do us all a big favour.
22 • Cappsule (by Al CiD on 2016-12-20 10:03:17 GMT from Portugal)
Perhaps the reason why it didn´t work as espected in VirtualBox
"Cappsule uses hardware virtualization to launch applications into lightweight VMs..."
23 • Stuff (by Andy Mender on 2016-12-20 11:34:19 GMT from Austria)
@7, That's not really how it works. It doesn't matter if a script is run by the user only as long as system libraries are involved (for instance, gtk for the GUI). Any overflow can potentially lead to privilege escalation. C as a programming language is not specifically prone to overflows, but rather it requires extra care to avoid them. The more complex and intertwined the software is, the more difficult it is to avoid said overflows. Rust attempts to address this via more stringent code testing during compile time, though it will take time before it's considered reliable enough to be commonly used instead of C.
@10, Jeff, what about the webkit-gtk engine? Surely it's not a mere ~5 mb. I personally love projects like surf, midori or qupzilla, but in my hands both qupzilla and midori segfault way too often. In addition, on non-Ubuntu distributions Midori would often fail to play Youtube videos via HTML5. I use Firefox simply because it's tried and tested, though it's a different weight class altogether, I agree.
24 • C and Cappsule (by Jesse on 2016-12-20 13:46:59 GMT from Canada)
@23: >> " It doesn't matter if a script is run by the user only as long as system libraries are involved (for instance, gtk for the GUI). Any overflow can potentially lead to privilege escalation.
For a privlege escalation to happen, the code would need to either be run as another user or exploit a bug in another part of the system. (Attacking GTK doesn't help the attacker since its code will run as the same user as the menu, not as root.) Having a buffer overflow in the application menu wouldn't result in a problem in itself. If there is a flaw in a library or system call the application menu uses, then the user (who has physical access to the system, remember) can run any code they like to exploit that component. Exploiting the application menu makes no sense in this scenario since the user can link any code they want to the libraries on the system.
Your argument is basically that the user could exploit a potential flaw in the application menu to try to get at another component on the system, when the user running the application menu (and any un-isolated program they run) can already access that other component of the system directly without exploiting the menu. Attacking the menu just adds an extra, unrequired step to the process.
@22: >> "Perhaps the reason why it didn´t work as espected in VirtualBox..."
The Cappsule project provides VirtualBox appliances for people to run and test their software. Any computer with hardware virtualization capacity should have no problem meeting the requirements. My computers all have hardwre virtualization so that's not the issue.
25 • RE: 24 (by Andy Mender on 2016-12-20 15:06:10 GMT from Austria)
@24, Jesse, thank you for the clarification. It makes more sense to me now. I think my assumption was too far reaching.
26 • Opinion poll > Selection Principals (by Yuri on 2016-12-21 16:00:44 GMT from Russian Federation)
Hi, Jesse.
Why you do not include (widely used) technology like SELinux and AppArmore in your list?
27 • Opinion Poll (by Jesse on 2016-12-21 16:05:52 GMT from Canada)
@26: Because SELinux and AppArmor are not designed to isolate processes so much as use permissions to block them from doing bad things. They're different use cases.
28 • Opinion Poll - Process Isolation (by M0E-lnx on 2016-12-21 21:39:14 GMT from United States)
Docker is a great option for services, and with a few tricks even apps in general. I'm not sure if that was included in the 'Linux containers' option, but it would have been nice to see that option listed.
29 • Follow-up to @15 - systemd security features (by Scott Dowdle on 2016-12-21 22:46:35 GMT from United States)
LWN published a premium article today on security features in systemd. It will become freely available to non-subscribers Thursday, Dec 29. Here is the URL that will work for LWN subscribers and everyone else once freely available:
Using systemd for more secure services in Fedora https://lwn.net/Articles/709755/
Intro paragraph: "The AF_PACKET local privilege escalation (also known as CVE-2016-8655) has been fixed by most distributions at this point; stable kernels addressing the problem were released on December 10. But, as a discussion on the fedora-devel mailing list shows, systemd now provides options that could help mitigate CVE-2016-8655 and, more importantly, other vulnerabilities that remain undiscovered or have yet to be introduced. The genesis for the discussion was a blog post from Lennart Poettering about the RestrictAddressFamilies directive, but recent systemd versions have other sandboxing features that could be used to head off the next vulnerability. "
30 • Bodhi (by slick on 2016-12-22 01:06:40 GMT from United States)
For one have always liked and appreciated Bodhi and especially the e17 Enlightenment experience. Would hope Jeff would consider it being a Debian only distribution.
Don't have Bodhi on my machine because only it's an Ubuntu distribution and to me is just not something desirable. However it is easy enough to install e17 and configure an nice e17 on Devuan without all the bloat.
Have notice that many distributions have drop there connection with Ubuntu and they have experienced a jump in popularity. Those that went back to Ubuntu like WattOs experienced a drop and myself one of them.
Appreciate greatly a small but fast distribution without systemd, Devuan on my desktop runs about 185mb of memory on login, how many distributions can do that?
Star is my distribution of choice and be found on Sourceforge, complimented with many Window manager choices and Xfce DE for a wide choice of flavours! A few applications to have the distro functional and completely non-bloated, very nice!
31 • MX Linux 16 (by PhantomTramp on 2016-12-22 15:29:07 GMT from United States)
Anti and crew seem to always bless us with a holiday season gift. This one looks very cool. Downloading now...
The Tramp
32 • Bodhi (by More Gee on 2016-12-22 17:40:45 GMT from United States)
It has been awhile since I used Bodhi and really liked the wooden desktop environment without the tube clock. It did not have the radio button issues but I do remember them being a problem on the default. I also remember using Opera instead of Midori and it was a much more enjoyable internet experience and the mini version at that time would still keep ram usage under 128mb. I was thinking of making a VM of this for my 2gb RAM machines.
33 • Bodhi (by Simon Wainscott-Plaistowe on 2016-12-23 02:05:47 GMT from New Zealand)
The new Bodhi release looks impressive. In the past I've found Bodhi's enlightenment desktop a bit non-intuitive so I've been using Peppermint to refurbish old computers. Now I think it's time to give the Moksha desktop a try.
34 • Ultimate security (by Dave Postles on 2016-12-23 09:09:12 GMT from United Kingdom)
Tongue in cheek for Christmas: no HD, just run from DVD - slow but sure.
35 • Process isolation & Bodhi (by Greg Zeng on 2016-12-25 05:44:23 GMT from Australia)
Missing isolating types include the Linux container being on a USB-flash-stick, removable drive, or unique partition. My "unique" partition can be started by any of three partition-handlers (Grub-customizer, BIOS & UEFI).
Listing the DW isolation stuff in popularity order:
1. None: 510 (42%) 2. Virtual machine: 385 (31%) 3. Firejail: 136 (11%) 4. FreeBSD jail: 66 (5%) 5. Linux container: 60 (5%) 6. Other: 32 (3%) 7. Qubes OS: 34 (3%) 8. Other: 32 (3%) 9. Cappsule: 5 (0%)
The 5th & 8th favored option is interesting. Bodhi on a very small computer (Raspberry Pi?) as a Linux Container, or Virtualized machine between the main system and the rest of the network?
"Bodhi Linux 4.0.0 is based on Ubuntu 16.04 LTS, so there were no real surprises when it came to installing." is the first sentence of the independent reviwer in this issue of DW. This Ubuntu installation process also applies to the other 58 Ubuntu-based distributions http://distrowatch.com/search.php?basedon=Ubuntu
All of these can easily have their Linux kernels upgraded & downgraded to any already-compiled Linux kernel of any date, of any degree of readiness (alpha, beta, etc). http://kernel.ubuntu.com/~kernel-ppa/mainline/
Besides Bodhi, there are other micro-Linux's also based on Ubuntu: Web OS and Peppermint. All three can be extremely easily upsized into fully fledged Desktops, with all the needed applications, utilities, ear-candy and eye-candy.
It would be very interesting to compare the micro-Linux's with each other. They all show the inadequacies of the other Ubuntu-based distributions: crazy mixes of ethnic languages braille and usually, games. All show the poor selection of "gkrel" and none have DDCOPY (only PCLOS has these two properly available). Mint, another Ubuntu-derivative, persists with their poor flash-stick format & writing programs. All of these, including PCLOS, do not use Synaptic Package Manager at all well.
36 • Process isolation and other pets (by OpenBSD n00b on 2016-12-25 15:09:15 GMT from Brazil)
Firejail, Cappsule, or any other "sandboxing" tool, may be interesting to implement the concept of "security by isolation". But none of them can make an insecure OS like Linux as trustful as an almost invulnerable one like OpenBSD (which emphasizes correctness, proactive security, integrated cryptography, and standardization :).
So I have a recipe for building the perfect OS to surf the Tor network with the ultimate anonymity:
1. Take the latest snapshot of OpenBSD (better yet, the always uptodate FuguIta respin, which has a decent and also lightning fast graphical interface). 2. Configure the native firewall to run immediately after boot-up and make the host system as sthealthed as possible. 3. Install the VirtualBox package, then set it up to run Whonix Linux (both the two VM images: Gateway and Workstation). 4. Release the final result as an installable OpenBSD/FuguIta LiveDVD.
You can now call it "the Tails killer".
37 • "Sceure OS" (by M.Z. on 2016-12-25 18:43:35 GMT from United States)
@36 "...But none of them can make an insecure OS like Linux as trustful as an almost invulnerable one like OpenBSD"
That seems to me to be more than a little disingenuous. In fact the only thing that convinced me you even halfway knew what you were talking about was that you hedged your bets by using the term '_Almost_ invulnerable...' to describe your OS of choice. Now I'm by no means an expert, but I do think about & research these things to some extent & I'd venture to guess that OpenBSD is likely among the most secure OSs around; however, there is no such thing as a secure OS let alone an invulnerable one. There have been deeply insecure OSs like versions ow Windows that basically ran everything as 'Administrator'/root through the 1990s, but that hasn't been an issue on Unix like systems such Linux and the BSDs for much if any of they time they have been around because of rules set up a long time ago on Unix.
At any rate most Unix like systems are reasonably secure by default when properly administered by folks that don't trust so called Nigerian princes, install random stuff from parts unknown, or forget to run updates. That being said no system is truly secure and there is always some funny vid that must be downloaded & viewed with special software that some are naive enough to believe is a real thing rather than malware. Of course there are also some people type in root passwords at the drop of a hat or simply make mistakes about communicating what is legitimate and what is not to be trusted. I think that last thing happened in a rather famous hacking incident just in the past few months, someone neither put big bold text saying 'DO NOT TRUST', nor put the the letters 'il' in front of illegitimate & there was massive fallout political & otherwise.
I firmly believe that security is all relative & it depends both on secure system design, as well as secure user habits & best practices. The truth is that all links in that chain are vulnerable to some extent even in places that use OSs as secure as OpenBSD. If there were a big enough target it would likely be hacked eventually regardless of which OS it used because everyone from the coders to the end users makes some mistakes. Personally I run Linux systems behind a pfSense/BSD firewall computer & I run some kind of security tool on every systems be it firejaill, MSEC, SELinux, or snort. Given all the problems I've had using BSD on my hardware I don't have the patience to try & get it working, but I'd still say I'm relatively secure for a self taught non expert. I'm sure I'm doing some things wrong, but it's all relative & I'm very solid for a tiny home network, and that due in part to all the different tools that I run.
38 • OpenBSD and isolation (by Ben on 2016-12-25 22:52:33 GMT from Canada)
@36: >> "Firejail, Cappsule, or any other "sandboxing" tool, may be interesting to implement the concept of "security by isolation". But none of them can make an insecure OS like Linux as trustful as an almost invulnerable one like OpenBSD (which emphasizes correctness, proactive security, integrated cryptography, and standardization"
Assuming you were not joking, I see a pretty big flaw in that reasoning. OpenBSD only pracitses active security, code audits and correctness on the base OS, not OpenBSD's ports/packages. Running Firefox (for example) on OpenBSD is not any more secure, really, than running Firefox on Debian. It's not any harder to compromise your web browser on OpenBSD than it is on, say, Fedora. The same applies to almost every desktop application or service you plan on running on OpenBSD that is not in the default installation.
So the key question then becomes; What happens after your attacker takes over your web browser? If it's sandboxed with Firejail or SELinux, then the attacker is pretty much stuck. They can read a bunch of files, but they should otherwise be unable to harm your OS or user's files. Without isolation (as on OpenBSD) then the attacker, having taken over your browser, has access to do whatever they like on your account. At that point, having a secure base OS does not do you a lot of good because the attacker has (unrestricted) access to run their code under your account.
I greatly respect the work OpenBSD devs do on their operating system and I'd like to see more Linux distros do the same. But the security of correctness OpenBSD offers doesn't help you much if the software that is being attacked is installed from their ports collection
39 • @34 • Ultimate security (by Marco on 2016-12-27 16:10:04 GMT from United States)
@34 Ultimate security: no HD, just run from DVD - slow but sure.
I know you were joking, but my father used to attract all sorts of malware on his Windows computer. I never converted him to Linux, but I did persuade him to only do his on-line banking off a live Linux DVD image.
40 • OpenBSD/Linux security (by Jordan on 2016-12-27 16:10:44 GMT from United States)
Has anyone posting here ever had their computer taken over and had code run via the browser, etc?
I've seen various virus and malware in the news, but never have I seen or heard of a non-Windows computer being hijacked, with the notable exception of for testing purposes by the owner or commissioned tester of the machine.
But I've only been with Linux since 1996.
41 • System security (by Jesse on 2016-12-27 16:47:04 GMT from Canada)
>> "Has anyone posting here ever had their computer taken over and had code run via the browser, etc? "
@40: While I have not had my machine compromised this way, I have been called in to clean up a few. Generally, I am interested in fixing things rather than figuring out exactly went wrong, but I suspect the Linux boxes I have cleaned up were originally compromised through network services like OpenSSH.
If you're interested strictly in browser compromises, you might want to check out the pwn to own competition as the systems tested are often taken down using browser exploits: https://en.wikipedia.org/wiki/Pwn2Own
>> "I've seen various virus and malware in the news, but never have I seen or heard of a non-Windows computer being hijacked"
Do you mean by people you know personally? There are often reports of macOS or Linux exploits being used in the wild. Particuarly against Linux servers.
42 • Linux hacking (by speaking from experience on 2016-12-27 23:59:14 GMT from United States)
@40 "Has anyone ever had their computer taken over"
Against Windows hackers can use malware that ppl download from the web. But against other OSs where malware is not so prevalent - like Linux - hackers can exploit wireless hardware and software insecurities to capture your login password. One key insecurity is that your wireless is always "on" unless both hardware and software switches are turned off. Attacks can include wireless sniffing, MAC address scanning, port scanning, fake ap's, etc. If they can't get at your computer directly, they can always hack nearby devices - like routers, mobile phones, CCTV cameras, etc - and then target your computer from them. When they get your login password they can then hack your wifi or bluetooth, login, and copy whatever data they want.
Ironically, Linux security distros - like Qubes and TAILS - focus on malware protection mainly coming from the Internet, because they want to promote their OS's as Windows alternatives. But malware is old school, and wireless sniffing and hacking - usually before you even connect to the Internet - is new school (just look at all the wireless exploit tools available). So don't expect any Linux security distro to protect you against persistent hackers.
43 • Attacks on Unix (by M.Z. on 2016-12-28 00:44:17 GMT from United States)
@40 In addition to server systems being commonly targeted (mostly through unpatched software), there have been many attacks on another Unix like desktop system, namely Mac OS X. If you know a bit about the Unix family tree you may know that modern Mac systems are basically a modified version of BSD. I don't think the infections have reached the same proportions on Mac as they have on Windows, but there have been compromises that have affected many thousands of machines. This sort of thing if far more rare on Linux and BSD proper, but I've heard of Linux machines being hit, so it can happen. That's why I think tools like firejail and SSELinux are so valuable, they provide different ways to defend against and limit the damage of a serious compromise and create multiple potential barriers to attack. Of course that's just what I recall from reading up on that sort of thing on occasion, I've gotten an occasional paranoid feeling but never seen any real damage or serious problems since I've been using Linux.
44 • @40 Has a web browser ever hijacked my computer and run code (by imnotrich on 2016-12-28 06:50:08 GMT from Mexico)
Yes, sort of. Google Chrome, and more recently Firefox offer a browser sync feature that syncs history, bookmarks, home page and other stuff across multiple computers. With Chrome if you have a gmail account sync is forced on you. With FF you have to opt in. Anyway, not so long ago running Chrome on my W7 laptop a website was able to change my home page to a windows .exe file, but that fact was hidden from me in the address field I still saw www.google.com. A day or two later I booted up the Linux partition of my W10/Linux desktop and noticed Chrome trying to connect to a Windows .exe file as my home page. Thanks to this helpful "sync" feature I was able to intercept the attack before it did any damage, but it won't be long before evil bad people figure out how to successfully exploit this sync feature from one platform to another.
45 • Attacks on Linux (by Jordan on 2016-12-28 14:36:51 GMT from United States)
Thanks for the responses to my query. I understand the server hacks, as unix based servers are more common out there. But I'm wondering if *users* at their desktop machines/laptops, on a Linux distro, have ever seen their systems compromised, personally. Their own computer. I've never seen it in twenty years of using distros with all manner of browsers and open ports, etc.
46 • @45 (by Ricardo on 2016-12-28 20:30:44 GMT from France)
As a home user, there are quite few chances you'll see an attack on your computer in your life.
On a server, it's another story.
47 • @45 (by Ricardo on 2016-12-28 20:40:34 GMT from France)
I talked about Linux of course, not Windows.
48 • Best Linux Desktop 2016, thoroughly reviewed. (by Greg Zeng on 2016-12-29 05:25:24 GMT from Australia)
https://www.youtube.com/watch?v=1iR6cx0_Zgs&t=323s "Best Linux Desktop 2016", quidsup 7':12".
"Published on Dec 27, 2016 Looking back at my Top 3 Favourite Linux Distributions that I reviewed in 2016, which includes a selection for new and advanced users." (from 21 reviewed)
He summarizes many detailed examinations in the last few weeks of full testing, with clear, detailed on-screen examples of his reasons. Generally myself and most others agree with his choices and biases. Of course the emotional fan boys give their own narrow opinions in the following comments to his videos.
1) KDE NEON (Kubuntu based) 4'28" 2) UBUNTU MATE (Ubuntu-based) 1'59" 3) LINUX LITE (Xubuntu 16.04 based), 0'15"
I gave further opinions of my own, on his YouTube page.
49 • Kodachi or TAILS? (by Dave Postles on 2016-12-30 11:44:25 GMT from United Kingdom)
Would appreciate comments on the relative merits.
50 • Re: Kodachi_or_TAILS? (by k on 2016-12-31 07:13:14 GMT from Finland)
@49 by Dave Postles
"Relative merits"?
Not having used or being familiar with Kodachi, I right away tried to compare package lists -- just see if it is worth downloading, verifying ISO and testing Kodachi --, as there are certain packages needed.
But, starting from TAILS page of Distrowatch, and trying the "compare packages" tool, Kodachi does not appear in the pull down menu.
Best wishes to all for 2017, and beyond.
51 • Re: Kodachi_or_TAILS? (by k on 2016-12-31 07:39:07 GMT from United States)
Again @49 by Dave Postles
Starting from Linux Kodachi page of DW, one can use DW's "compare packages" tool to compare full package lists of Kodachi and Tails.
The old Tails USB with persistence has worked really well for several years now, and even on 32-bit UEFI with 64-bit processor, using hosts' hard disk(s) for more capacious long-term storage, but welcome some experiential knowledge from others.
52 • Kodachi packages (by Jesse on 2016-12-31 13:34:01 GMT from Canada)
>> "But, starting from TAILS page of Distrowatch, and trying the "compare packages" tool, Kodachi does not appear in the pull down menu."
@50: Yes, Kodachi is listed, but it is listed under its proper name, Linux Kodachi. https://distrowatch.com/dwres.php?firstlist=tails&firstversions=0&resource=compare-packages&secondlist=kodachi
53 • Linux Mint 18.1 (by Landor on 2016-12-31 19:24:33 GMT from Canada)
Quite some time ago I was forced to install a "simplistic" distribution for someone, I chose Mint Linux Mint 13 Mate Edition. Recently due to an update their wifi went for a dump. Instead of fixing the problem as 13 is closing in on its end of life, I did the upgrade to 17.3 and here I am typing it on this. I don't follow Linux as keenly as I once did, Gentoo works on what I use and that's enough to know for me. A look here showed me though that not only is 18 released, but now 18.1. Interesting that there is no upgrade to this release. Yet anyway.
@5 Good to see an old face/name kicking around. :) Happy New Year
Enjoy your distribution testing everyone. I for one am glad to see DW and DWW still going strong!
Keep your stick on the ice...
Landor
54 • 53 • Linux Mint 18.1... old timers ... Eventually. (by Greg Zeng on 2017-01-01 02:55:36 GMT from Australia)
"... forced to install a "simplistic" distribution for someone ... their wifi went for a dump"
Another old timer myself, so busy that I never published my works properly, anywhere. On updating any Linux operating system:
All Ubuntu-based operating systems (including Mint 18.1) eventually become "old" and "stale". In Linux, the easiest, simplest cure is just upgrading the Linux kernel. No need to change anything else. This then prevents malware created by past errors, bad hardware, updated hardware (poor drivers for new wifi, in this specific case), etc.
Ubuntu-based distros are days ahead of the other "leading" Linux distributions: Arch, and Arch-based. We have the advantaged of pre-compiled, ready-to install files, for a quick, immediate upgrade into the new kernel.
Using grub-customizer, we can then have an easy menu choice into any Linux kernel, at boot-time. These kernels could be old, the latest stable kernel, or any of the proposed Linux kernels. This has been frequently mentioned by myself here in DW and elsewhere on the internet. Unfortunately DW makes it extremely difficult to url the DW mentions that I have made on this easy solution to aging, atm.
55 • @54 (by Ricardo on 2017-01-01 14:42:11 GMT from France)
> "Ubuntu-based distros are days ahead of the other "leading" Linux distributions"
I hope you're joking because this is quite false... If not, you must have some problems, or you are just a hard Ubuntu fanboy, with all the exaggerations, nonsense etc. corresponding to this unhappy "state"...
Number of Comments: 55
Display mode: DWW Only • Comments Only • Both DWW and Comments
| | |
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Archives |
• Issue 1099 (2024-12-02): AnduinOS 1.0.1, measuring RAM usage, SUSE continues rebranding efforts, UBports prepares for next major version, Murena offering non-NFC phone |
• Issue 1098 (2024-11-25): Linux Lite 7.2, backing up specific folders, Murena and Fairphone partner in fair trade deal, Arch installer gets new text interface, Ubuntu security tool patched |
• Issue 1097 (2024-11-18): Chimera Linux vs Chimera OS, choosing between AlmaLinux and Debian, Fedora elevates KDE spin to an edition, Fedora previews new installer, KDE testing its own distro, Qubes-style isolation coming to FreeBSD |
• Issue 1096 (2024-11-11): Bazzite 40, Playtron OS Alpha 1, Tucana Linux 3.1, detecting Screen sessions, Redox imports COSMIC software centre, FreeBSD booting on the PinePhone Pro, LXQt supports Wayland window managers |
• Issue 1095 (2024-11-04): Fedora 41 Kinoite, transferring applications between computers, openSUSE Tumbleweed receives multiple upgrades, Ubuntu testing compiler optimizations, Mint partners with Framework |
• Issue 1094 (2024-10-28): DebLight OS 1, backing up crontab, AlmaLinux introduces Litten branch, openSUSE unveils refreshed look, Ubuntu turns 20 |
• Issue 1093 (2024-10-21): Kubuntu 24.10, atomic vs immutable distributions, Debian upgrading Perl packages, UBports adding VoLTE support, Android to gain native GNU/Linux application support |
• Issue 1092 (2024-10-14): FunOS 24.04.1, a home directory inside a file, work starts of openSUSE Leap 16.0, improvements in Haiku, KDE neon upgrades its base |
• Issue 1091 (2024-10-07): Redox OS 0.9.0, Unified package management vs universal package formats, Redox begins RISC-V port, Mint polishes interface, Qubes certifies new laptop |
• Issue 1090 (2024-09-30): Rhino Linux 2024.2, commercial distros with alternative desktops, Valve seeks to improve Wayland performance, HardenedBSD parterns with Protectli, Tails merges with Tor Project, Quantum Leap partners with the FreeBSD Foundation |
• Issue 1089 (2024-09-23): Expirion 6.0, openKylin 2.0, managing configuration files, the future of Linux development, fixing bugs in Haiku, Slackware packages dracut |
• Issue 1088 (2024-09-16): PorteuX 1.6, migrating from Windows 10 to which Linux distro, making NetBSD immutable, AlmaLinux offers hardware certification, Mint updates old APT tools |
• Issue 1087 (2024-09-09): COSMIC desktop, running cron jobs at variable times, UBports highlights new apps, HardenedBSD offers work around for FreeBSD change, Debian considers how to cull old packages, systemd ported to musl |
• Issue 1086 (2024-09-02): Vanilla OS 2, command line tips for simple tasks, FreeBSD receives investment from STF, openSUSE Tumbleweed update can break network connections, Debian refreshes media |
• Issue 1085 (2024-08-26): Nobara 40, OpenMandriva 24.07 "ROME", distros which include source code, FreeBSD publishes quarterly report, Microsoft updates breaks Linux in dual-boot environments |
• Issue 1084 (2024-08-19): Liya 2.0, dual boot with encryption, Haiku introduces performance improvements, Gentoo dropping IA-64, Redcore merges major upgrade |
• Issue 1083 (2024-08-12): TrueNAS 24.04.2 "SCALE", Linux distros for smartphones, Redox OS introduces web server, PipeWire exposes battery drain on Linux, Canonical updates kernel version policy |
• Issue 1082 (2024-08-05): Linux Mint 22, taking snapshots of UFS on FreeBSD, openSUSE updates Tumbleweed and Aeon, Debian creates Tiny QA Tasks, Manjaro testing immutable images |
• Issue 1081 (2024-07-29): SysLinuxOS 12.4, OpenBSD gain hardware acceleration, Slackware changes kernel naming, Mint publishes upgrade instructions |
• Issue 1080 (2024-07-22): Running GNU/Linux on Android with Andronix, protecting network services, Solus dropping AppArmor and Snap, openSUSE Aeon Desktop gaining full disk encryption, SUSE asks openSUSE to change its branding |
• Issue 1079 (2024-07-15): Ubuntu Core 24, hiding files on Linux, Fedora dropping X11 packages on Workstation, Red Hat phasing out GRUB, new OpenSSH vulnerability, FreeBSD speeds up release cycle, UBports testing new first-run wizard |
• Issue 1078 (2024-07-08): Changing init software, server machines running desktop environments, OpenSSH vulnerability patched, Peppermint launches new edition, HardenedBSD updates ports |
• Issue 1077 (2024-07-01): The Unity and Lomiri interfaces, different distros for different tasks, Ubuntu plans to run Wayland on NVIDIA cards, openSUSE updates Leap Micro, Debian releases refreshed media, UBports gaining contact synchronisation, FreeDOS celebrates its 30th anniversary |
• Issue 1076 (2024-06-24): openSUSE 15.6, what makes Linux unique, SUSE Liberty Linux to support CentOS Linux 7, SLE receives 19 years of support, openSUSE testing Leap Micro edition |
• Issue 1075 (2024-06-17): Redox OS, X11 and Wayland on the BSDs, AlmaLinux releases Pi build, Canonical announces RISC-V laptop with Ubuntu, key changes in systemd |
• Issue 1074 (2024-06-10): Endless OS 6.0.0, distros with init diversity, Mint to filter unverified Flatpaks, Debian adds systemd-boot options, Redox adopts COSMIC desktop, OpenSSH gains new security features |
• Issue 1073 (2024-06-03): LXQt 2.0.0, an overview of Linux desktop environments, Canonical partners with Milk-V, openSUSE introduces new features in Aeon Desktop, Fedora mirrors see rise in traffic, Wayland adds OpenBSD support |
• Issue 1072 (2024-05-27): Manjaro 24.0, comparing init software, OpenBSD ports Plasma 6, Arch community debates mirror requirements, ThinOS to upgrade its FreeBSD core |
• Issue 1071 (2024-05-20): Archcraft 2024.04.06, common command line mistakes, ReactOS imports WINE improvements, Haiku makes adjusting themes easier, NetBSD takes a stand against code generated by chatbots |
• Issue 1070 (2024-05-13): Damn Small Linux 2024, hiding kernel messages during boot, Red Hat offers AI edition, new web browser for UBports, Fedora Asahi Remix 40 released, Qubes extends support for version 4.1 |
• Issue 1069 (2024-05-06): Ubuntu 24.04, installing packages in alternative locations, systemd creates sudo alternative, Mint encourages XApps collaboration, FreeBSD publishes quarterly update |
• Issue 1068 (2024-04-29): Fedora 40, transforming one distro into another, Debian elects new Project Leader, Red Hat extends support cycle, Emmabuntus adds accessibility features, Canonical's new security features |
• Issue 1067 (2024-04-22): LocalSend for transferring files, detecting supported CPU architecure levels, new visual design for APT, Fedora and openSUSE working on reproducible builds, LXQt released, AlmaLinux re-adds hardware support |
• Issue 1066 (2024-04-15): Fun projects to do with the Raspberry Pi and PinePhone, installing new software on fixed-release distributions, improving GNOME Terminal performance, Mint testing new repository mirrors, Gentoo becomes a Software In the Public Interest project |
• Issue 1065 (2024-04-08): Dr.Parted Live 24.03, answering questions about the xz exploit, Linux Mint to ship HWE kernel, AlmaLinux patches flaw ahead of upstream Red Hat, Calculate changes release model |
• Issue 1064 (2024-04-01): NixOS 23.11, the status of Hurd, liblzma compromised upstream, FreeBSD Foundation focuses on improving wireless networking, Ubuntu Pro offers 12 years of support |
• Issue 1063 (2024-03-25): Redcore Linux 2401, how slowly can a rolling release update, Debian starts new Project Leader election, Red Hat creating new NVIDIA driver, Snap store hit with more malware |
• Issue 1062 (2024-03-18): KDE neon 20240304, changing file permissions, Canonical turns 20, Pop!_OS creates new software centre, openSUSE packages Plasma 6 |
• Issue 1061 (2024-03-11): Using a PinePhone as a workstation, restarting background services on a schedule, NixBSD ports Nix to FreeBSD, Fedora packaging COSMIC, postmarketOS to adopt systemd, Linux Mint replacing HexChat |
• Issue 1060 (2024-03-04): AV Linux MX-23.1, bootstrapping a network connection, key OpenBSD features, Qubes certifies new hardware, LXQt and Plasma migrate to Qt 6 |
• Issue 1059 (2024-02-26): Warp Terminal, navigating manual pages, malware found in the Snap store, Red Hat considering CPU requirement update, UBports organizes ongoing work |
• Issue 1058 (2024-02-19): Drauger OS 7.6, how much disk space to allocate, System76 prepares to launch COSMIC desktop, UBports changes its version scheme, TrueNAS to offer faster deduplication |
• Issue 1057 (2024-02-12): Adelie Linux 1.0 Beta, rolling release vs fixed for a smoother experience, Debian working on 2038 bug, elementary OS to split applications from base system updates, Fedora announces Atomic Desktops |
• Issue 1056 (2024-02-05): wattOS R13, the various write speeds of ISO writing tools, DSL returns, Mint faces Wayland challenges, HardenedBSD blocks foreign USB devices, Gentoo publishes new repository, Linux distros patch glibc flaw |
• Issue 1055 (2024-01-29): CNIX OS 231204, distributions patching packages the most, Gentoo team presents ongoing work, UBports introduces connectivity and battery improvements, interview with Haiku developer |
• Issue 1054 (2024-01-22): Solus 4.5, comparing dd and cp when writing ISO files, openSUSE plans new major Leap version, XeroLinux shutting down, HardenedBSD changes its build schedule |
• Issue 1053 (2024-01-15): Linux AI voice assistants, some distributions running hotter than others, UBports talks about coming changes, Qubes certifies StarBook laptops, Asahi Linux improves energy savings |
• Issue 1052 (2024-01-08): OpenMandriva Lx 5.0, keeping shell commands running when theterminal closes, Mint upgrades Edge kernel, Vanilla OS plans big changes, Canonical working to make Snap more cross-platform |
• Issue 1051 (2024-01-01): Favourite distros of 2023, reloading shell settings, Asahi Linux releases Fedora remix, Gentoo offers binary packages, openSUSE provides full disk encryption |
• Issue 1050 (2023-12-18): rlxos 2023.11, renaming files and opening terminal windows in specific directories, TrueNAS publishes ZFS fixes, Debian publishes delayed install media, Haiku polishes desktop experience |
• Issue 1049 (2023-12-11): Lernstick 12, alternatives to WINE, openSUSE updates its branding, Mint unveils new features, Lubuntu team plans for 24.04 |
• Issue 1048 (2023-12-04): openSUSE MicroOS, the transition from X11 to Wayland, Red Hat phasing out X11 packages, UBports making mobile development easier |
• Issue 1047 (2023-11-27): GhostBSD 23.10.1, Why Linux uses swap when memory is free, Ubuntu Budgie may benefit from Wayland work in Xfce, early issues with FreeBSD 14.0 |
• Issue 1046 (2023-11-20): Slackel 7.7 "Openbox", restricting CPU usage, Haiku improves font handling and software centre performance, Canonical launches MicroCloud |
• Issue 1045 (2023-11-13): Fedora 39, how to trust software packages, ReactOS booting with UEFI, elementary OS plans to default to Wayland, Mir gaining ability to split work across video cards |
• Full list of all issues |
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
Random Distribution |
FTOSX Desktop
FTOSX was the natural next generation UNIX/Linux-based operating System. Based on GNU/Linux, but following its UNIX inheritance, FTOSX offers a fresh, innovative and simple approach because was designed specially for the masses. FTOSX was a RPM-based operating system (based on Red Hat Linux and Fedora Core) and therefore similar to popular Linux distributions. FTOSX offers more than 1,000 software packages redesigned in an harmonically form in its graphical interface, FTGUIX.
Status: Discontinued
|
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|