| DistroWatch Weekly
|DistroWatch Weekly, Issue 815, 20 May 2019
Welcome to this year's 20th issue of DistroWatch Weekly!
Security vulnerabilities, particularly those which affect hardware, such as CPUs, have been in the news media more frequently during the past year. Research into this area has raised awareness about how low-level components, like firmware and kernels, interact with our hardware. All of the terminology around low-level security concerns can be confusing, so this week we link to two articles about recent vulnerabilities. Our News section shares resources from Red Hat and Bleeping Computer to help people understand current threats and their fixes. Plus we talk about Clear Linux showcasing tools and current-edge packages for developers. In our Tips and Tricks column we discuss options for running GNU/Linux and Busybox/Linux distributions on mobile devices and we ask if our readers are using these platforms in our Opinion Poll. First though, we share a review of the Sabayon distribution. Sabayon is part of the Gentoo family and offers several editions for desktop and server roles. Robert Rijkhoff dives into what it's like to use Sabayon in our Feature Story. As usual, we are pleased to share the releases of the past week and provide links to the torrents we are seeding. We wish you all a wonderful week and happy reading!
- Review: Sabayon 19.03
- News: Clear Linux outlines features for developers, Red Hat explains MDS flaws, developers patch Linux networking vulnerability
- Tips and tricks: Overview of options for running open Linux distros on mobile devices (2019 edition)
- Released last week: Emmabuntus DE2-1.04, ArcoLinux 19.05.2, Peppermint OS 10
- Torrent corner: ArchBang, ArcoLinux, Bluestar, Container, deepin, Emmabuntus, IPFire, KDE neon, Obarun, OpenMediaVault, PBXware, Peppermint, Plamo, Robolinux, Ultimate
- Upcoming releases: Tails 3.14, openSUSE 15.1
- Opinion poll: Do you run a GNU/Linux distribution on a mobile device?
- Reader comments
|Feature Story (by Robert Rijkhoff)
Sabayon is an Italian Linux operating system based on Gentoo. According to its home page, Sabayon is a "beginner-friendly" distro in which "everything should just work". What's more, Sabayon describes itself as "a bleeding edge operating system that is both stable and reliable".
There are three flavours to choose from. Apart from the Desktop edition, which I will review in this article, there are also Server and Cloud images. For the Desktop edition you can download a 64-bit ISO for five different desktop environments: GNOME, KDE, Xfce, MATE and Fluxbox. I mainly looked at the GNOME edition but also gave Fluxbox a quick spin.
Live environment and first impressions
The GNOME image is a 2.4GB download and the default option is to run Sabayon as a live environment. You are logged into the GNOME desktop automatically and presented with a "Welcome" window with an install button and links to various online resources. The wallpaper is a colourful, Cubist twirl and features the Sabayon logo with the slogan "simplicity is sophistication".
Sabayon 19.03 -- The welcome screen
(full image size: 1.0MB, resolution: 1366x768 pixels)
Sabayon has made a few tweaks to the GNOME desktop; by default applications use a dark theme and there is an applications menu in the top bar. The menu is quite handy as GNOME's default applications overview has a limited amount of space for application names (11 characters, to be precise). That works fine for GNOME applications, as their names tend to be delightfully short and descriptive ("Files", "Contacts", "Web", etc.). The overview doesn't work so great for applications with longer names. For instance, when I launched the overview I saw names like "Avahi SSH S ...", "Avahi VNC S ..." and "Avahi Zeroc ...". These three applications also use the same icon, making it difficult to quickly see which is which.
Sabayon 19.03 -- GNOME's applications overview
(full image size: 1.1MB, resolution: 1366x768 pixels)
Another thing I noticed while exploring the live environment is that Sabayon isn't as "bleeding edge" as you might expect. Most software was fairly up to date but there were two major exceptions: systemd was at version 239 and the GNOME desktop was at version 3.26.2. When I did the install systemd was at version 241 and GNOME had just released version 3.32.
The last time we reviewed Sabayon, in March 2018, the distro failed to install. For about an hour or so I feared that the 19.03 release suffered from a similar issue. The latest version of Sabayon uses the Calamares installer, which has never caused me any issues. This time, however, the installer would invariably fail to create partitions. Simply relaunching the installer would cause it to hang when trying to get information about existing partitions.
Sabayon 19.03 -- One of the many failed attempts to install Sabayon
(full image size: 720kB, resolution: 1366x768 pixels)
To cut a long story short, the installation failed whenever I selected the option to encrypt my laptop's hard drive, and before I could relaunch the installer I had to wipe (and optionally recreate) existing partitions using GParted or a similar tool. This was disappointing, as "full disk encryption support" was one of the few items in the release notes that had caught my eye.
The GNOME experience
The GNOME edition ships with a fairly standard set of applications. You get everything from Firefox and the Evolution e-mail client to HexChat and Transmission. Among the more unusual applications are the above-mentioned Avahi local networking tools and various applications for writing Python code. There is also a "Sabayon" section in the applications menu, which provides links to online documentation and help.
All applications, with the exception of Firefox, use a dark theme. Oddly, the theme shown as being in use in GNOME Tweaks (which comes pre-installed) is the default, non-dark Arc theme. I am not sure why Tweaks is showing the wrong theme but switching to a lighter theme was easy enough.
Sabayon 19.03 -- LibreOffice and the GNOME calculator
(full image size: 645kB, resolution: 1366x768 pixels)
I also don't quite understand why Sabayon lists five session options on the login page. The options in the drop-down menu are XSession, GNOME, GNOME (again), GNOME Classic and Custom. When I selected XSession I was simply thrown back to the login screen, while the two GNOME options and Custom all logged me into Sabayon's customised GNOME desktop. Sabayon doesn't appear to have support for Wayland.
Those minor issues aside, the GNOME desktop performed very well. The desktop environment was responsive, all applications worked as expected and I could play any type of multimedia file out of the box (Flash is not installed by default but, given the state of Flash, I see that as a bonus).
Another item mentioned in the release notes for Sabayon 19.03 is "work on progress for the new wiki". The new wiki is being developed on GitHub, though at the time of this review it is almost completely empty. The old wiki does indeed need a bit of an overhaul - all the pages I looked at hadn't been updated for several years. As far as I can tell the information is mostly still relevant and I did find the wiki useful.
Unless you are a seasoned Gentoo user you should definitely read the wiki entry about Entropy, which is Sabayon's binary package management system. Sabayon is based on Gentoo and you can use Gentoo's Portage package manager, but most users will probably want to install binary packages rather than compile everything from source. As an aside, using both Entropy and Portage is possible but not recommended.
Entropy's command line package manager is Equo. The basic commands for searching, installing, removing and upgrading packages are intuitive: "equo search <package>" will perform a search, "equo install <package> will install a package and so forth. However, towards the bottom of the Entropy wiki entry are instructions for upgrading a freshly installed copy of Sabayon, which are a lot more involved. It includes information about optimising mirrors (i.e. making sure that you are downloading packages from a fast source), updating and upgrading the system and checking if there are any missing dependencies.
Sabayon 19.03 -- Updating the system using Equo
(full image size: 232kB, resolution: 1366x768 pixels)
Software updates were applied rather slowly - updating a handful of packages could easily take 15 minutes - and I found Equo's output difficult to read because of the use of purple and red text on a black background. Another oddity was that Equo would regularly ask me to read and accept an individual package's license when updating or installing software. This comes across as the command line equivalent of websites forcing you to accept lengthy privacy notices written in Legalese (i.e. it is a nuisance). I couldn't find an option to always accept licenses and therefore had to keep an eye on Equo's output.
Major kernel upgrades and Rigo
The documentation section about upgrading a fresh Sabayon install mentions that Equo is unable to automatically upgrade the kernel to a new major version. Upgrading the kernel appears to be quite a manual process. If you prefer to avoid manually upgrading the kernel by copying and pasting commands from a somewhat out of date wiki, an easy work around is to do a fresh install whenever a new ISO is published (which seems to happen roughly once a year).
Alternatively, you can try upgrading the kernel via Sabayon's graphical application manager, called Rigo Application Browser. You can use Rigo to search for packages, install and remove individual applications, update the system and perform various advanced tasks, such as managing software repositories. Rigo is easy to use and does the job, although it does have a few rough edges. The application didn't prompt me for the root password when I applied updates; buttons were not always clickable and "extremely important" notices Rigo wanted me to review could not always be viewed. I found Rigo pleasant to use though, and toward the end of my trial I even managed to use it to install version 5.0.x of the Linux Sabayon kernel (which, according to Rigo, has already been installed more than half a million times).
Sabayon 19.03 -- Sabayon running Linux kernel 5.0.5
(full image size: 573kB, resolution: 1366x768 pixels)
As an aside, one thing I like about Rigo is the informal language used in the application. The "extremely" important notices I just mentioned can be dismissed by clicking on a "Stop annoying me" button and when you start updates via Rigo the application will tell you to "go make some coffee" (acknowledging the fact that package upgrades are rather slow).
Sabayon 19.03 -- Extremely important notices from the repositories
(full image size: 113kB, resolution: 1366x768 pixels)
I ran Sabayon for about three weeks and during this time I got about 100 updates. In the first week there were just a handful of minor updates and about ten days later there was a much larger batch of 70 updates. Among the latter updates was GNOME Shell itself - it jumped two major versions, to 3.30.2. The only issue I noticed after the second batch of updates was that I got a notification about the VirtualBox kernel service not running every time I logged into the GNOME desktop. I'm not sure if the VirtualBox kernel service ought to be running and the system remained fully functional.
The Fluxbox experience
There really isn't much I can write about using Sabayon's GNOME desktop for everyday tasks. Both the 3.26 and 3.30 versions were almost vanilla GNOME installs and everything worked as it should. As the GNOME versions aren't new and shiny either there also isn't much point in talking about the desktop environment's features. I therefore decided to instead explore Sabayon's Fluxbox edition.
The Fluxbox ISO is 1.6GB in size and described on Sabayon's download page as "Minimal, for hackers". As with the GNOME edition, the default option is to launch a live environment but alas, that didn't work - the boot process stalled after the Sabayon logo appeared on the screen. I could view the boot messages by hitting the Esc key, which revealed that the system was waiting for jobs to finish. I let the system try to sort itself out for about seven minutes before I rebooted the laptop, only to get the same result again. The ISO's MD5 checksum checked out and the issue wasn't a dodgy USB pen - I got the same result when I booted the ISO image in GNOME Boxes.
Luckily, the option to install Sabayon from the boot menu did work. Against my better judgment I did select the option to encrypt the hard drive, just to check if the install would again fail. I indeed encountered exactly the same error as before and this time I had to use fdisk to remove my partitions before I could run the installer again. Fluxbox installed correctly when I opted to not encrypt the hard drive.
The duplicate login sessions I had noticed in the GNOME edition were also present in Fluxbox. On the login screen I got the choice of four sessions: Default, Fluxbox, XSession and Fluxbox (again). Fluxbox itself is, as minimal window managers go, rather sparse. You get the same Cubist wallpaper, a single task bar that stretches two thirds of the bottom of the screen and you can launch an application menu by right-clicking on the desktop.
The Fluxbox edition comes with hardly any pre-installed software. The applications menu lists xterm and Firefox as the only graphical applications and, of the two, Firefox isn't actually installed. Of course, Fluxbox users tend to prefer it that way; the window manager is highly configurable and can be customised to your heart's content.
Sabayon 19.03 -- Installing Firefox (and having to accept another license)
(full image size: 838kB, resolution: 1366x768 pixels)
Fluxbox worked fine when I could get to the login screen. Unfortunately, every other time I booted my laptop I would only get to a blinking cursor on a black screen. The boot error may be related to a dependency issue: when I did the check for missing dependencies Equo reported that sysvinit-2.86-r6 was needed by openrc-0.38.3 but that it couldn't install the former package. Whatever the cause of the issue was, it made using Fluxbox infeasible.
Sabayon's claim that it is a "beginner-friendly" distro that is "bleeding edge" and "stable and reliable" is a bit of a stretch. I doubt "beginners" will comprehend the instructions for what to do after installing Sabayon - and that is assuming inexperienced users will find the information in the first place. Similarly, the systemd and GNOME versions are rather old for a distro that claims to be "bleeding edge". That said, I did find Sabayon's GNOME edition to be stable and reliable, bar a few minor issues (such as the notification about the VirtualBox kernel service not running).
I don't think it is entirely fair to ask if Sabayon lives up to the bold marketing slogans on its home page. Personally, I see Sabayon as a friendly and interesting distro for tinkerers and distro-hoppers, and a very good one at that. I should also mention that, in general, Sabayon's use of language is refreshingly informal; both the graphical Rigo package manager and the wiki put a smile on my face more than once. Even Equo has some jokes built in - the command equo moo prints an ASCII cow that says "Entromoooo!".
Sabayon does still has some way to go to become the sophisticated operating system it wants to be. With 19.03 the distro switched from the Anaconda to the Calamares installer which, to my mind at least, is a good decision. However, contrary to what is claimed in the release notes, the disk encryption issue has not been resolved yet and the wiki still talks about how to find your way through the Anaconda installer. Work on the new wiki announced in the release notes seems to be at a very early stage.
I also couldn't fail to notice that Sabayon's forums are rather quiet. Lively forums don't necessarily equate to a thriving community, but the overall feeling I got is that Sabayon could do with a bit more momentum. That shouldn't discourage you from giving Sabayon a try though. On the contrary, if you are a Linux-loving tinkerer then Sabayon might be the distro for you.
* * * * *
Hardware used for this review
My physical test equipment for this review was a Lenovo Thinkpad X220 with the following specifications:
- Processor: Intel Core i3-2520M, 2.5GHz
- Memory: 8GB of RAM
- Wireless network adaptor: Intel Centrino Advanced-N 6205
- Wired network adaptor: Intel 82579M
* * * * *
Visitor supplied rating
Sabayon has a visitor supplied average rating of: 7.8/10 from 42 review(s).
Have you used Sabayon? You can leave your own review of the project on our ratings page.
|Miscellaneous News (by Jesse Smith)
Clear Linux outlines features for developers, Red Hat explains MDS flaws, developers patch Linux networking vulnerability
Clear Linux is a distribution which is often highly regarded for its performance, typically winning benchmark tests against other, more general purpose, distributions. Clear Linux is not just a testing ground for optimizations though, the project is also hoping to attract developers with rolling release desktop offerings and cutting edge versions of the GNU Compiler Collection. A post on the distribution's blog reports: "For a distro looking to serve developers who pump out optimized code, being on the latest compiler is an absolute necessity. We're currently running GCC9 and are poised to move to GCC10 as soon as it becomes available. The Clear Linux OS has always been very aggressive with applying compiler flags to optimize builds and we look forward to continuing this trend. We'll also continue with our multiple-build approach so that those who aren't flying with Intel Advanced Vector Extensions 512 (Intel AVX-512) optimizations, are still getting bang for their Intel AVX2 buck. Stays in lockstep with upstream. Clear Linux OS's rolling release allows us to ensure that security mitigations that are available are included in the next release without any unreasonable delay."
* * * * *
Tech blogs and security mailing lists have been abuzz this past week with discussions regarding a series of security flaws called Microarchitectural Data Sampling (MDS). These vulnerabilities could be used by a local attacker or process to read privileged data from the CPU cache. The issues appear to affect multiple processors and operating systems. Distributions have already begun publishing updates to address the flaws. The Red Hat website offers details on the MDS issue: "Four new microprocessor flaws have been discovered, the most severe of which is rated by Red Hat Product Security as having an Important impact. These flaws, if exploited by an attacker with local shell access to a system, could allow data in the CPU's cache to be exposed to unauthorized processes. While difficult to execute, a skilled attacker could use these flaws to read memory from a virtual or containerized instance, or the underlying host system..."
* * * * *
Bleeping Computer has published a story covering a vulnerability in the Linux kernel's networking code which may be exploitable. The vulnerability affects Linux kernels prior to version 5.0.8 and has captured attention because it may be remotely exploitable on systems where services are using RDS sockets. Kernel developers have already published a patch and fixed the issue in versions of Linux newer than 5.0.8.
* * * * *
These and other news stories can be found on our Headlines page.
|Tips and Tricks (by Jesse Smith)
Overview of options for running open Linux distros on mobile devices (2019 edition)
A lot of people are interested in running open source, Linux-based operating systems on their mobile devices, but due to the mobile ecosystem often making use of proprietary drivers and locked devices, it can be difficult to find open source friendly mobile platforms. Here are some of the mobile, Linux-powered options that are available now, or should be available by the end of 2019.
People who wish to start using Linux on their phone right away should probably look at the list of compatible devices on the UBports website. Many of the devices listed can be purchased new, or used at a discount. UBports is the project which took over development of Ubuntu Touch. UBports provides a graphical installer which allows the user to plug their phone into a computer and run the installer to download and copy the necessary files to their smart phone to install UBports. When paired with compatible devices, UBports provides a fully functional mobile experience with calling, texting, mobile data, GPS, wi-fi, hotspots, and an application store.
For people who want more of an application platform than a phone-like communication device there is postmarketOS. The postmarketOS project is based on Alpine Linux and provides software and updates for over one hundred devices. While postmarketOS works with a wide range of hardware, it is still in the alpha stage of development. The platform only runs applications and cannot be used to send or receive voice calls.
Though it is not yet available at the time of writing, many Linux fans will probably be interested in the Librem 5, which should be available later this year. The Librem 5 is a rare device that is specifically designed with free Linux distributions in mind and is intended to provide more privacy and security than other mobile platforms. The Purism team behind the Librem 5 has been selling laptops for a few years now bundled with free software and this will be their first adventure with providing mobile devices. The Librem 5 is expected to ship with the PureOS distribution and a modified version of GNOME as its primary interface. KDE's Plasma Mobile will be available as an alternative user interface option. Originally it was thought the phone should be compatible with UBports too for people who wish to install an alternative operating system, however the UBports team has reported they have yet to receive a development kit to aid in porting their operating system to the Librem 5.
Another Linux smart phone on the horizon is the PinePhone. The PinePhone is expected to become available toward the end of 2019 and will likely run software provided by UBports when it launches. The platform strives to be open and, in theory, should be able to run other mobile-oriented flavours of Linux and BSD, such as Purism's PureOS mentioned above.
I feel there are two more projects which deserve honourable mentions, even though they do not quite fit the criteria of providing full, open, traditional Linux distributions. LineageOS is a free and open source operating system based on Android. LineageOS is a libre version of Android/Linux rather than a member of the GNU/Linux and Busybox/Linux families of distributions mentioned above and runs on a large number of devices. Some manual work will be required to install the provided images on a supported phone or tablet. Another Linux-based platform is Sailfish OS which has received a lot of praise for its level of polish. However, Sailfish combines open and proprietary licenses, making it less free than the platforms listed above. Availability is also somewhat limited and I am not able to purchase a copy as Sailfish blocks connections to its store from some countries.
* * * * *
Additional tips can be found in our Tips and Tricks archive.
|Released Last Week
Emmabuntüs is a desktop Linux distribution with editions based Xubuntu and Debian's Stable branch. It strives to be beginner-friendly and reasonably light on resources so that it can be used on older computers. The project has published an update to its Debian-based branch, Emmabuntus Debian Edition 2-1.04, which is based on Debian 9.9. "This update of our distribution is taking over the improvements we implemented in our recent Emmabuntüs DE 3 beta release, based on Debian 10 Buster, and brings an improvement in the size of the ISO by the rationalization of the current software, and the removal of unsupported languages. In addition, it supports pkexec instead of gksu in all our post-installation and customization scripts. We hope that this new version will further facilitate the repackaging work made by the various associations using Emmabuntüs, and the task of our friends JerryClan from France and Africa." Further details and a list of changes to the default software can be found in the distribution's release announcement.
ArcoLinux is an Arch-based distribution which is available in three main branches, which provide a range of complete solutions, minimal editions designed to be customized by the user, and community flavours. The ArcoLinux project has published a new update, version 19.05.2, that adds some short-cuts and trims out features that were causing problems. "Redshift was included in the last ISO. During testing Redshift gave no issues. After the launch some of our users reported it was NOT working. Since reports were partially negative, we have decided not to include it on the ISO. You can install in later, if you want to have it. Software that gives our users frustrations is out as a rule of thumb. SUPER + Q: From the development of Qtile we have learned to use the keyboard shortcut super + q to close a window. We were so used to this shortcut that we have implemented it also in: Xfce, Openbox, i3, Awesome, bspwm, Qtile, xmonad." Further details and screenshots can be found in the project's release announcement.
IPFire 2.23 Core 131
Michael Tremer has announced the release of IPFire 2.23, a major update of the project's specialist Linux distribution for firewalls. The new version brings a brand-new intrusion detection system: "Finally, we are releasing another big release of IPFire. In IPFire 2.23 Core Update 131, we are rolling out our new Intrusion Prevention System (IPS). On top of that, this update also contains a number of other bug fixes and enhancements. We are finally shipping our recently announced IPS - making all of your networks more secure by deeply inspecting packets and trying to identify threats. This new system has many advantages over the old one in terms of performance, security and it simply put - more modern. We have put together some documentation on how to set up the IPS, what rulesets are supported and what hardware resources you will need. Your settings will automatically be converted if you are using the existing Intrusion Detection System (IDS) and replicated with the new IPS." Read the rest of the release announcement for more information.
Peppermint OS 10
Peppermint OS is a lightweight, desktop distribution based on packages from Ubuntu which merges components of the Xfce and LXDE desktop environments. Peppermint OS also tries to integrate web-based applications into the desktop, using site-specific browsers, and local programs. The project's latest version, Peppermint OS 10, is built from Ubuntu 18.04 LTS packages and features improved hardware support. It also includes an updated copy of Ice for managing web-app short-cuts. "Peppermint 10 main changes: Kernel 4.18.0-18 which is now on the rolling HWE-18.04 track so will eventually roll onto the 5.xx kernel automatically as the HWE is updated upstream. Updated X.Org stack, again via the rolling HWE-18.04 track. Proprietary NVIDIA graphics drivers now installed automatically if 'Install third party drivers/software' is selected as part of the installation routine, this includes automatic configuration of NVIDIA Optimus setups up to the NVIDIA-390 drivers. If you intend to install the later 396/410/415/418/430 drivers from the 'Proprietary GPU Drivers' PPA it would probably be best not to select this option during install and add them manually post-install. Ice (6.0.2) - Ice now has support for isolated profiles for Chromium, Chrome, and Vivaldi SSB's (Firefox SSB's are always isolated). Firefox SSB's now also have four bookmarks included by default making the addition of addons and other configuration changes on a per-SSB basis easier. There are also other under the hood changes, such as ICE will now rebuild your SSB profiles should you accidentally delete their directories." Additional information can be found in the project's release announcement.
Peppermint OS 10 -- The default desktop
(full image size: 922kB, resolution: 1366x768 pixels)
Robolinux is a user-friendly and desktop operating system based on the latest long term support release of Ubuntu. The project's latest release of Robolinux 10.5 which includes many security fixes, including a patch for the Zombieland CPU vulnerability and an updated kernel. The project's release announcement reports: "The Robolinux 10 Series Cinnamon, MATE 3D, Xfce, LXDE and GNOME 64-bit Raptor versions have been upgraded with new kernels, hardware drivers, a new installer version and over five hundred fifty security and application updates. We had to rebuild the Cinnamon version from scratch which reduced the ISO and RAM significantly. We also patched the latest Intel chip vulnerability called Zombieland in all five versions of our Robolinux 10 series. All current Robolinux 10.4 users can upgrade to version 10.5 in just one click by using the built in Robolinux Auto Upgrade button in the main menu. Cinnamon Users will need to manually update their extensions."
* * * * *
Development, unannounced and minor bug-fix releases
The table below provides a list of torrents DistroWatch is currently seeding. If you do not have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.
Archives of our previously seeded torrents may be found in our Torrent Archive. We also maintain a Torrents RSS feed for people who wish to have open source torrents delivered to them. To share your own open source torrents of Linux and BSD projects, please visit our Upload Torrents page.
Torrent Corner statistics:
- Total torrents seeded: 1,418
- Total data uploaded: 25.5TB
|Upcoming Releases and Announcements
Summary of expected upcoming releases
Do you run a GNU/Linux distribution on a mobile device?
In our Tips and Tricks column we talked about mobile platforms which are currently available (or coming soon) that run GNU/Linux or Busybox/Linux operating systems. There are a few options available now and a couple more reportedly coming later in 2019. We would like to know how many of our readers currently use, or plan to use, one of these platforms that use a non-Android Linux distribution.
You can see the results of our previous poll on which kernel versions our readers are running in last week's edition. All previous poll results can be found in our poll archives.
Do you run a GNU/Linux distribution on a mobile device?
|I have run a GNU/Linux distro in the past: ||72 (6%)|
| I have run a Busybox/Linux distro in the past: ||33 (3%)|
| I currently run a GNU/Linux distro: ||97 (8%)|
| I currently run a Busybox/Linux distro: ||19 (2%)|
| I plan to run a GNU/Linux distro: ||320 (26%)|
| I plan to run a Busybox/Linux distro: ||58 (5%)|
| I do not plan to run either of these on a mobile device: ||616 (51%)|
DistroWatch database summary
* * * * *
This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 27 May 2019. Past articles and reviews can be found through our Article Search page. To contact the authors please send e-mail to:
- Jesse Smith (feedback, questions and suggestions: distribution reviews/submissions, questions and answers, tips and tricks)
- Ladislav Bodnar (feedback, questions, donations, comments)
- Bruce Patterson (podcast)
|Linux Foundation Training
|Reader Comments • Jump to last comment
1 • Mobile Linux (by DaveW on 2019-05-20 00:53:08 GMT from United States) |
I do not have a mobile device or plans to get one. That leaves only one option to vote for.
2 • mobile (by Tim on 2019-05-20 01:34:59 GMT from United States)
A few years back I bought a very cheap 7 inch tablet with the brand name iRulu. It was running Android and was able to run Debian Wheezy LXDE in a chroot with no trouble.
It was only a toy, but I was struck by how well it ran. LXDE was obviously not designed for cheap bad touch screens, but the experience was actually ok.
The other way I’ve interacted usefully with Linux on a phone was to install an xserver and an ssh app and connect remotely to a computer on my home network. It was a good way to control a media center playing music.
I’ll be interested in both the librem 5 and the PinePhone. I hope they support all Linux apps and not just ones optimized for phones
3 • OS's (by vern on 2019-05-20 01:42:01 GMT from United States)
I never had much success with Sabayon. I had a 10 year old pc at the time. Even so it just didn't fit for me.
I just tried Pepermint. Someone on Ubuntu forums was not liking Lubuntu LXQT. Suggested he might try PeppermintOS 64x LXDE. Intrigued, I spent a hour looking for reviews and FAQ's. Just installed it. Not sure what to expect. The installation went without a hitch.
I also remember the creator of Peppermint left recently or maybe that was another distro.
4 • Clear Linux (6 names) (by gregzeng on 2019-05-20 02:05:46 GMT from United Kingdom)
There are two different & separate versions of "Clear OS". The Intel operating system: "Clear Linux* OS", with the asterisk punctuation. This seems very different from:
(2) Clear Linux
(3) ClearOS (USA)
(4) Clear Linux OS (New Zealand)
(5) Clear Linux 27900 (New Zealand, used by Distrowatch)
(6) Clear Linux 29350 (Intel USA, used by Phoronix)
"Clear Linux* OS" is a wrong use of "*" (asterisk punctuation). Elsewhere in their Intel web site, they replace the asterisk "*" with the superscript "1". So the correct name should be (4) above: "Clear Linux OS". However this proper name "Clear Linux OS", is very often also written as "ClearOS". "Clear Linux" is quite a very different operating system.
"Clear Linux OS", based from the nation New Zealand, is based on Fedora, according to Distrowatch. "Clear Linux" comes from Intel, USA, but seems to be "independent". Distrowatch claims of "independent" is very alarming & inconsistent. Both use RPM (Red Hat) package managers, so are NOT independent, relying on RPM packages. According to Distrowatch, the "latest" is Clear Linux 27900. According to Phoronix, the latest is Clear Linux 29350.
Using Distrowatch, I compared the files inside the two operating systems, Clear Linux 27900 and Intel's ClearOS 7.6.0. Clear Linux 27900 has more user applications, such as Firefox 65.0.1. The "independence" claim is because the RPM-based operating systems cannot be safe with RPM-packages. So "kdenlive.rpm" (a third party video editor) is guaranteed to not run on most RPM-based operating systems. That is why we MIGHT use kdenlive in its appimage format.
5 • Peppermint (by hotdiggettydog on 2019-05-20 03:02:48 GMT from Asia/Pacific Region)
#3 post. I'm pretty sure the developer team for Peppermint is intact. They just released version 10 which I'll be installing soon. I'm a huge Peppermint fan btw.
You must be thinking of Solus. I heard the main man abandoned the project under scandalous clouds.
6 • #5 abandonment (by vern on 2019-05-20 03:20:04 GMT from United States)
I stumbled across what OS I was thinking about. It's '#!' or CrunchBang. Oddly the originator suggested using pure debian when he left. A couple of teams revived #! - #!++ and another.
7 • Beginner-friendly Gentoo (by Arthur Prefect on 2019-05-20 03:35:04 GMT from Australia)
Thanks for the review of Sabayon - this distro always seems to be so close but not quite there, I hope that it reaches its goals eventually. Meanwhile, for a beginner-friendly way to learn Gentoo in a stable environment, I recommend Calculate Linux. I have used it for over two years as my daily driver and it is very stable across many upgrades. Everything works, it is very fast and there is Gentoo underneath to play with!
8 • Zombieland (by bison on 2019-05-20 03:58:37 GMT from United States)
> We also patched the latest Intel chip vulnerability called Zombieland in all five versions of our Robolinux 10 series.
They probably mean ZombieLoad. Zombieland is a movie. :)
9 • Intel FUD (by St. Vincent on 2019-05-20 04:42:25 GMT from United States)
Why won't Distrowatch tell the truth? The MDS vulnerabilities do not affect "multiple processors", they only impact Intel chips. AMD processors are immune.
10 • Mobile Linux (by Antonie van der Tweel on 2019-05-20 05:40:53 GMT from Netherlands)
The only mobile device I own is an old tablet with a no longer supported android version on it. It is only used to read e-books. I am not planning on buying another mobile device, so only one choice remains.
11 • Don't worry about MDS vulnerabilities (by whoKnows on 2019-05-20 09:45:22 GMT from United Kingdom)
9 • Intel FUD (by St. Vincent)
"Why won't Distrowatch tell the truth? The MDS vulnerabilities do not affect "multiple processors", they only impact Intel chips. AMD processors are immune."
Because they don't know.
Because you don't know.
If you're talking solely about the latest one, 'ZombieLoad' ...
Because I also don't know ... and don't care any more.
If we are talking about Meltown & Spectre, all processors which were ever made and use 'hyperthreading' are vulnerable.
AMD or Intel or Qualcomm in your smartphone or the Sparc processors ...
However, it doesn't really matter that much for you and the rest of us, on our home PCs.
All (Google Chrome & FireFox) web browser are getting regularly patched and so, not even that is exploitable.
The problem have only the 'big players' ... Professionals (== Linux servers).
In case where multiple VM’s are running on the same host (== as good as always) and if ‘the bad guy’ starts his ‘hostile’ guest VM on the same server, it can read all (random) data of all other VM’s which run on the exact same processor core/thread in a given moment.
Spectre & Meltdown:
12 • GNU/Linux distribution on a mobile device (by Stan on 2019-05-20 09:48:44 GMT from Netherlands)
I'm very skeptical about this, don't get me wrong I would love to reclaim back my privacy. But mobile device is all about user experience, in which GNU/Linux usually scores very low.
We cannot get it right in a desktop / workstation, let alone a laptop. We have issues with multiple monitors, hi-dpi, battery live, sleep/hibernate, proprietary chips, and the list goes on and on and on...
13 • Mobile Device (by PatH on 2019-05-20 09:58:20 GMT from United States)
I would like to have a GNU Linux powered Kindle Fire HD8 but seems like a daunting task indeed!
14 • I want my next smartphone to have Linux (by TuxRaider on 2019-05-20 11:17:30 GMT from United States)
i would rather have a smartphone that i can install my choice of arm Linux on, i am no longer satisfied with Google's android and the corporate sponsorship it entails which means Google is doing pretty much the same thing facebook is doing, gathering your personal info and more than likely sharing it with cronies and selling it to other corporate & government entities
15 • linux on phones (by Tim on 2019-05-20 12:31:51 GMT from United States)
I'm not sure that's really fair- my desktops and laptops work pretty well with Linux and have for years. They certainly work better than they did with Windows.
You're right though that the phone market is hard though, mostly because it's been deliberately set up to force people to buy new phones constantly. It's not that GNU/Linux wouldn't work well on such devices- they're designed to put barriers to this because it would let people keep phones longer.
That makes me mad, and I'd gladly buy a device that gets me off the upgrade cycle for phones the way I'm not on it for computers anymore.
Whether the market bears that out, I don't know. But it would be better.
16 • Sabayon (by Sam on 2019-05-20 12:50:00 GMT from United States)
Kind of nice and kind of sad to see the review of Sabayon's latest release. Back in my intensive distro-hopping days a few years ago, Sabayon releases were in my list of distros to try out -- usually for a few days before the number of bugs or just awkward work-arounds to getting hardware working became too long and I was back to Mint or openSUSE. Frankly, I've thought the distro was dead for the last two years - the last release was quite a while ago (giving Mageia a run for its long-in-the-tooth releases) and, as the review mentions, the Sabayon forums are a ghost town.
17 • Kernel Patches (by Winchester on 2019-05-20 13:13:19 GMT from United States)
It seems convenient to me that Solus gives updated kernels every weekend,or at least every other weekend. Right now at 5.0.16 and 5.0.15 current and 4.9.176 LTS. Painlessly and without breakage. Symlinks to the most up-to-date .... Current or LTS based on which one used at the time of applying the most recent update. The best systemD distribution in my opinion.
Void Linux kernel updates are also quite painless. Currently at 4.19.142 last I checked a few days ago. But,Void requires manual removal of old,unwanted kernels. Simple command to do it but,manual.
I am guessing that 4.19.142 + is also patched being more recent than 5.0.8 .
PClinuxOS also offers the most recent kernel but,applied by selecting in Synaptic.
All 3 seem much more convenient than the Ubuntu approach ..... which,by the way,is one of the few bases where I have experienced breakage by updating the kernel.
Alpine Linux offers a security hardened kernel but,I have not seen updates for it in some time. They also offer a "vanilla" kernel which is more frequently updated.
18 • Linux (or such) phones (by Orvan on 2019-05-20 13:14:04 GMT from United States)
I have a 'Superbook' (yes, one of the few[?] that actually got the hardware) and the thing is disappointing - but I cannot entirely blame the Superbook hardware. The software, however, needs some work, but is made necessary by the very nature of Android. The idea of having a 'phone' work as more fully User Interfaced computer has appeal. Today's phones might be 'only' as powerful as the 'day before yesterday's' computer, but those machine served. What is needed is an Operating System that isn't all-but touch-screen only and can deal with real multitasking and run not-just-phone/tablet applications. This is where, eventually, I expect the "Linux phone" of some sort to shine. The Superbook will seem quaint then (a mere 1080 screen...) but I expect someone will be along with the hardware. The 'trick' is for the 'any dang phone' and NOT "We're $COMPANY, buy OUR phone and you can use OUR laptop-oid with it." The appeal is/will be that each can be upgraded separately and independently. Lock-in doesn't serve the user, and the user pays the bills.
19 • RPM packages and Intel chips (by Jesse on 2019-05-20 14:13:39 GMT from Canada)
@4: "Distrowatch claims of "independent" is very alarming & inconsistent. Both use RPM (Red Hat) package managers, so are NOT independent, relying on RPM packages. "
Whether a distribution uses a particular package manager or package format does not determine whether the distro is independent. Lots of distros use the RPM package format without using Fedora/Red Hat packages. File archives are not tied to specific distributions.
@9: "Why won't Distrowatch tell the truth? The MDS vulnerabilities do not affect "multiple processors", they only impact Intel chips. AMD processors are immune."
No one here said whether AMD chips were affected or not. Intel makes multiple processors. And, yes, MDS does affect many processors.
20 • mandatory (by mandatory on 2019-05-20 14:45:47 GMT from United States)
21 • Linux on phones (by isndw on 2019-05-20 15:14:42 GMT from Austria)
There are more options for phones, all based on linux for what i know:
22 • Mobile Linux distros (by Roland on 2019-05-20 15:18:07 GMT from United States)
I have tested LuneOS, Plasma Mobile, and UBPorts / Ubuntu Touch and currently use UBPorts on secondary devices. The first two weren't yet usable when I last tested them, but UBPorts ships a distro you can actually use daily if your requirements are simple and if you acquire one of the small number of supported devices. The user experience is good, with mature gesture navigation that other mobile OSes are only now trying to graft onto their GUI. There is no need to drop to the terminal at all in routine use as a mobile phone. The terminal is there though if you want to use it to modify the OS or just work and play with the normal GNU tools. Native apps are strictly confined and relatively small in number (though the app store is growing again), but you can install most software from the Ubuntu ARM repositories in add-on containers (not that many of them are usable on a small touch scree), and there is now experimental support for Android apps using Anbox.
For the past year and a half I have kept a couple of phones stood up with UBPorts for testing and casual use. The main thing keeping me from switching to UBPorts for my daily driver are missing E2E encryption in Telegram and Matrix, and both are being worked on. There are also MMS bugs which could be a problem, but I'm sure those will be fixed in time. Filesystem encryption isn't supported by default, but encrypting home is possible with some cryptsetup work in the terminal.
Android app integration using Anbox is still very primative, but most of the Android apps I use have UBPorts equivalents, and the ones that don't I can leave on an Android tablet at home if/when I switch for good. Anbox runs but doesn't have a lot of hardware passthrough yet, and the kernel supporting it kills my battery. The browser and mail client are both very basic, but I don't need much on a phone. Unav actually works better for me than OSMAnd does on Android. Though not nearly as precise and well-polished as the proprietary Google apps of Maps and Waze, it's more than good enough to find my way around an unfamiliar city.
Aside from the app ecosystem being small and requiring some compromises and finding alternatives (like using Fdroid instead of Google Play does), almost every significant problem (disconnecting bluetooth, camera glitches, video playback failure on some devices, and other bugs) is due to proprietary hardware, which is a problem not just for UBPorts but for all alternative OSes. For the time being, such OSes are making due with Android hardware, using various buggy kludges in order to use closed source Android drivers. That is why it is good that two non-Android options with full open source drivers should be available within the next year. Librem 5 will probably have less OS support out of the box (maybe just PureOS), but many OSes are making good progress with the PinePhone development kits.
The PinePhone should only cost $150 or so, so I expect when it ships many more developers will get interested and involved with UBPorts, LuneOS, Maemo-Leste, Plasma Mobile, Nemo, PostmarketOS, and all the other non-Android mobile Linux distros.
23 • @17 Winchester: (by dragonmouth on 2019-05-20 16:04:03 GMT from United States)
"Solus.....Right now at 5.0.16 and 5.0.15 current and 4.9.176 LTS."
PCLinuxOS offers 4.9.177 LTS and 5.1.3 current.
24 • Sabayon Linux (by Flavio on 2019-05-20 16:27:51 GMT from Brazil)
My first experience with Rigo, from March to May 2017 was not so good and I ended up without most of KDE / KWin.
So, when I installed Sabayon again, back in 2018, I have decided to use just "equo" commands and the first thing I have done was to remove Magneto / Rigo.
Sabayon keeps fine after these 6 months, even if I have done some weird experiences, such as install old Kernel 4.4.0 and then remove it ─ and manually replace Kernel 4.18 with Kernel 4.19 later.
Upgrade Kernel is not so simple as just to install a newer one. You need to make some "eselect" and to test libraries, too.
In fact, updates to Sabayon take more time than in other distros ─ but a few less time with "equo" than with Rigo, IMHO.
I also found that "equo" outputs make more sense than Rigo outputs, and there were not so many questions along this 6 months. ─ Usually, there is an option to say "Yes to all".
Indeed, even if it is a rolling-distro, its updates keep package versions a few behind those in Arch Linux or PCLinuxOS ─ maybe for more insurance and tests, or maybe just because Sabayon has a smaller team.
25 • Open Source Phone (by isndw on 2019-05-20 16:41:40 GMT from Austria)
Here is also an open source phone:
First batch has ended, but there will be a second one.
26 • Mobile Linux (by Dr. E.S. Ktorp on 2019-05-20 16:55:32 GMT from United States)
Though they will never admit it today, it's obvious that Gnome and Canonical had some Googley-eyed visions of sailing their 'flagships' in to mobile waters, but something behind the scenes apparently couldn't float their boats. Maybe if they hadn't been so arrogant and combined their efforts, they could've enticed manufacturers in to software/hardware deals, but instead, Linux desktop users are once again left cleaning up the debris, for years, while the devotees sing songs of praise and pretend that Gnome Shell (and Unity) was always intended for desktop use.
Even Red Hat ships a 'Classic' Gnome 2 styled version of Gnome 3. That alone should tell you what they really think of Gnome Shell and for whom it was truly designed.
How could they have miscalculated such a humongous blunder. It almost seems intentional. Would Red Hat & Canonical torpedo the Linux ecosphere to protect the big business status quo, that dominates the computer & electronics industries? I sure wouldn't put it past them.
27 • Linux on mobile (by Friar Tux on 2019-05-20 18:04:03 GMT from Canada)
Nope, none of the above. I know how much a mobile device should actually cost. Do a simple material and labour comparison with other devices/appliances. The prices asked are WAY too high. Call me cheap, but there is no way I would dish out that kind of money for a mobile.
Having said that, I do have an old Blackberry Playbook that is still going strong that I have wanted to switch to a Linux OS. Haven't found a way to do that, yet. And I've read that it can't be done as the OS is locked to the hardware.
28 • cost (by Tim on 2019-05-20 18:49:11 GMT from United States)
a low end Android smartphone can be had for about $30 and is actually a pretty decent user experience. Only the camera is junk at that pricepoint.
There are many reasons to be opposed to either iOS or Android from a privacy perspective, but I think saying they're overpriced is a bit farfetched at this point. I bought a ZTE burner phone two years ago and have kept it because I liked it so much.
29 • Sabayon review (and remarks here in comments) (by Jordan on 2019-05-20 20:03:12 GMT from United States)
I certainly agree with what's being said about Sabayon here: that it has always "had promise" but honestly just does not deliver, even on the basic level of a successful installation in some versions over the years.
Like others here, I keep trying it and messing with it then having to dump it, "knowing" that it's got to get better at some point and may even feel complete at some point.
That's been for YEARS. It must be a daunting project, trying to make Gentoo a "just works out of the box" distro fork (or sibling or "based on" or whatever). As mentioned here also, there are other Gentoo based distros, but Sabayon has something very intriguing in its spiel and its hope and overall look, etc.
Good luck, Sabayon devs; many of us await its completion as a reliable desktop.
30 • Linux on a mobile device (by Lord Mozart on 2019-05-20 20:03:43 GMT from United Kingdom)
I'd love to give running a Linux distro (not including Adroid), on a mobile device. However, I have absolutely no clue how to do it. With all the various devices out there in circulation, is it possible to do a tutorial? If so, how soon can you do it? :)
31 • Installing UBports (by Jesse on 2019-05-20 20:13:50 GMT from Canada)
@30: We wrote a tutorial on installing UBports on supported devices two years ago: https://distrowatch.com/weekly.php?issue=20170130#tips
These days a tutorial typically isn't needed. If you have a device compatible with UBports, you download their installer, plug in your phone and launch the installer. It takes care of the rest.
32 • encryption and calamares (by lupus on 2019-05-20 20:26:16 GMT from Germany)
There seem to be a known issue with the calamares installer not telling grub the correct UUID for booting from an encrypted disk. Encountered the same Problem on Arcolinux, what a pity!
33 • Mobile prices (by Friar Tux on 2019-05-20 20:38:56 GMT from Canada)
@28 (Tim) The $30 dollar price you mentioned is good. Anything over $100 is overpriced. And paying $1200 for something that will be out of date even in 5 years - well, this is a 'family' site so I'll hold my tongue. Again, do a material and labour study on mobiles as compared to the material and labour in other small electronic items/appliances.
34 • /e/ solutions mobile (by aguador on 2019-05-20 22:00:49 GMT from Bulgaria)
I recently became aware of another mobile entry from Gail Duval, founder of Mandrake: /e/ (https://e.foundation/). This was forked from LineageOS, is privacy oriented and has its own selected apps. Of all the things I have seen, it is the one that gives me the best feeling going forward. Sailfish had great potential, but has not been able to fight the Google head winds. The Librem 5 project is a great one, but the entry will simply be too expensive for most people, like the company's laptops.
One of the biggest problems remains the fragmentation in hardware. Unlike PCs there is no standard, so if you are not using a top selling device it is unlikely that there is an easy to install Linux-based OS other than Android to be had.
With the escalating trade war and moves against Huawei, there may be opportunities for non-Google players to enter. However, the company already has its own OS for wearables, so the trade war may give it a boost rather than providing an opportunity for the options presented here.
35 • CPU vulnerabilities of the past years (by Mike on 2019-05-20 22:07:28 GMT from Germany)
@whoKnows (#11): You're wrong and St. Vincent (#9) is correct. As of today, 05/21/2019, the known situation regarding the most popular CPU vulnerabilities of the past years according to the sources below is:
Meltdown (GPZ V3) / Rogue Data Cache Load (RDCL),
CVE-2017-5754,------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
Spectre V1 / 1.0 / Bounds Check Bypass (BCB)
CVE-2017-5753,------------------------------------------------------------------> Intel: vulnerable, AMD: vulnerable
Spectre V2 / Branch Target Injection (BTI),
CVE-2017-5715,------------------------------------------------------------------> Intel: vulnerable, AMD: vulnerable
Spectre V1.1 / Bounds Check Bypass Store (BCBS),
CVE-2018-3693,------------------------------------------------------------------> Intel: vulnerable, AMD: vulnerable
Spectre(-NG) V3a / Rogue System Register Read (RSRR),
CVE-2018-3640,------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
Spectre-NG: Foreshadow / L1 Terminal Fault-SGX,
CVE-2018-3615,------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
Spectre-NG: Foreshadow-NG / L1 Terminal Fault-OS Kernel/SMM,
CVE-2018-3620,------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
Spectre(-NG) V4 / Speculative Store Bypass (SSB),
CVE-2018-3639,------------------------------------------------------------------> Intel: vulnerable, AMD: vulnerable
Foreshadow-NG / L1 Terminal Fault-VMM,
CVE-2018-3646,------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
Spectre-NG 3 / Lazy FPU state leak,
CVE-2018-3665,------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
CVE-2018-12126,-----------------------------------------------------------------> Intel: vulnerable, AMD: not affected
CVE-2018-12127,-----------------------------------------------------------------> Intel: vulnerable, AMD: not affected
CVE-2019-11091,-----------------------------------------------------------------> Intel: vulnerable, AMD: not affected
CVE-2019-0162,------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
CVE ID unknown or n. a.,--------------------------------------------------------> Intel: vulnerable, AMD: not affected
CVE-2018-12130,-----------------------------------------------------------------> Intel: vulnerable, AMD: not affected
Spectre V1.2 / Read-only protection bypass (RPB),
CVE n. a.,----------------------------------------------------------------------> Intel: vulnerable, AMD: not affected
Alone this list states a vulnerability ratio corresponding to Intel:AMD = 17:4. And of course not everybody takes these vulnerabilities and data leaks as easy as you and "doesn't care" - for professional and/or for personal reasons.
Even if you have nothing important or private on your machines, the corporations, shops, (health) insurances, authorities, cloud storage and VM users and everybody else with whom you interact as a human being and member of a common present days computerized society very likely will have.
Of course, there are plenty of other vulnerabilities and vulnerable systems / system parts (just think of the "Intel Management Engine" e. g.). But why not focus on the known facts and at least try to always get the best security, integrity and protection possible - even if it comes with quiet some but rewarding effort.
Besides that and not least, mitigations - where possible - can reduce performance very nastily. It's much better to have hardware and processors that don't need those often crippling solutions in the first place.
36 • .rpm vs .deb @4 (by Titus_Groan on 2019-05-21 03:08:44 GMT from New Zealand)
RPMs are only different from .debs, in that they are a different compressed file format.
The author/packager determines any dependencies required, so, true, a Redhat sourced RPM may or may not work in another RPM distro, if the required dependencies are un-available.
Likewise, some .debs that are distro specific may or may not work in a .deb based distro different from the authors/packagers target distro.
IIRC, xed and mdm packages from LinuxMint will break other .deb based distros if installed.
37 • Linux Mobile OSs (by Alburgheiro on 2019-05-21 03:47:25 GMT from Russia)
The developers of Linux mobile OSs might want to contact Huawei. A huge, unexpected, opportunity seems to have appeared.
38 • Just think (by whoKnows on 2019-05-21 08:25:43 GMT from United Kingdom)
You're simply missing the point.
'Vulnerability ratio' itself is irrelevant. Having 100 security issues which get fixed is better than having one single which didn't get fixed. Numbers are just numbers and all (good) processors are having the same issues.
It also doesn't help anything when AMD is immune to Meltdown -- that's SW fixable issue and exactly what Google and Mozilla did.
And of course AMD has fewer issues -- they had less different models, their models were more primitively built and had vastly inferior performance because of making bad use of hyper threading.
I'd even bet that there are more yet undiscovered vulnerability issues in AMD processors but, why bother looking for vulnerability issues in some old and technically inferior processors with irrelevant market share?
These vulnerabilities and data leaks are actually completely irrelevant for home users -- there's nothing you or anybody else can do to protect your "oh, so secret and private" data.
I recently traveled to U.S.A. -- the very first thing they did was to make my retina (== eyes) scan and take my fingerprints. My biometric passport contains most of that data too.
My name, my face and my biography are printed in a couple of books. My name and my address are published in a local telephone book. My birthday and my "life", my birth day, family status and such you can get on Facebook.
A copy of my passport, my driving license, my insurance numbers and even a paper copy of my fingerprints are all in Google Drive, Microsoft OneDrive and Yandex Disk -- unencrypted, of course.
"Even if you have nothing important or private on your machines, the corporations, shops, (health) insurances, authorities, cloud storage and VM users and everybody else with whom you interact as a human being and member of a common present days computerized society very likely will have."
So what? Of course they have it and imagine -- I'm still alive and nobody yet hacked my bank account.
When I interact with the authorities, (health) insurances, doctors and lawyers -- it all goes unencrypted (== 'postcard') over Google Mail, Microsoft Mail or Yandex Mail -- they don't accept any encrypted communication/mail.
Or shall I now be concerned that Google lists me every single thing that I ever bought in last 15 years, in easy readable list, that's made out of scanning my mail? At least, I don't need to search the pile of paper when I need proof on when something was bought.
The local supermarket has, by the way, same such list with every single purchase I ever made, be it a bread or butter -- so what? Shall I stop eating?
The only way to protect your 'digital life' is to stop using the computer and internet. The only problem -- not even that is any protection while ...
Each time I go to get another SIM card for a phone, there's another copy of my ID card, scanned and printed out and it lands on an unprotected pile of paper ...
All those typewriter letters are getting scanned by somebody in some office, and they again land in some archive or cloud and get compromised, at one or the other point.
Every single (paper) letter (== old-fashioned mail over the local post office) is getting scanned to collect 'meta-data' -- who send a letter to whom.
Believe me, some very hard to exploit processor vulnerability is the smallest problem in your life.
39 • Peppermint OS 10 (by Niyas C on 2019-05-21 08:54:40 GMT from Singapore)
Comparing to previous versions, I feel Peppermint OS 10 is much more polished and it provides a smooth user experience. However, I would love to have a light color theme by default.
40 • Sabayon - non-bleeding-edge rolling distro; (by Hoos on 2019-05-21 11:49:53 GMT from Singapore)
@24 said: " when I installed Sabayon again, back in 2018, I have decided to use just "equo" commands and the first thing I have done was to remove Magneto / Rigo....
Upgrade Kernel is not so simple as just to install a newer one. You need to make some "eselect" and to test libraries, too...
I also found that "equo" outputs make more sense than Rigo outputs, and there were not so many questions along this 6 months. ─ Usually, there is an option to say "Yes to all".
Indeed, even if it is a rolling-distro, its updates keep package versions a few behind those in Arch Linux or PCLinuxOS ─ maybe for more insurance and tests, or maybe just because Sabayon has a smaller team."
My install of Sabayon has been rolling for about 4 years now, without issue. I didn't have a problem with installation when I first installed Sabayon, but things may have changed now.
I'm not concerned that it's not bleeding edge since you will get the newer Gnome or Plasma or whatever in due course, just at a more leisurely pace.
I chose to go with the KDE Plasma version since I associated Sabayon with KDE when I first tried it out around 2009.
As for kernel installation, Rigo the graphical package manager now makes it easy to install new series of kernels with a dedicated "kernel" category. Previously this category didn't exist. I tested Rigo's kernel installation and it was straightforward. Of course, if user @24 has removed Rigo, they won't be able to make use of that.
While I upgrade my system via the terminal with equo, Rigo has its uses and plus points, namely installation/removal of individual packages, including the kernel.
41 • Sabayon Linux (by Flavio on 2019-05-21 15:44:18 GMT from Brazil)
@40: You are right. Rigo could have helped me in cases of install / remove Kernels.
42 • Linux on mobile devices (by Joerg on 2019-05-21 16:41:11 GMT from Germany)
Im waiting for a long time a suitable mobile open source project will arrive.
The market is still to hot and contested to deliver such a solution.
May be the ban on US supplies to Huawei will do us a favour.
The Huawei case shows what can happen if you misbehave in the eye of your american master and gives a warning to everyone else outside the US.
The company in question should counter that strike by developing an open source mobile system that our game kids understand. It is capable of doing so.
Instead of that they will bring up a Android clone with chinese characteristics, means that the data will end up with the chinese masters.
Another chance is gone
So the times are not good, the circumstances are hard but as Victor Hugo once twittert:
Nothing is more powerfull than a idea whose time had come
43 • rpm and deb (by tim on 2019-05-21 23:40:43 GMT from United States)
@36 continuing what you explained, we should be mindful that a deb file is targeted at systems running a given release of a given distro. A deb file packaged for use on "Debian Stretch" systems may not interact flawlessly with the shared libraries present on a "Debian Jessie" system or a "Ubuntu 19.04" system or a "Ubuntu 18.xx" system...
44 • Linux on mobile devices (by OstroL on 2019-05-22 15:17:53 GMT from Poland)
Used Ubuntu from UBports for sometime on a N5. The N5 was not a terribly used device; the battery stayed longer with the original Android it came with. Ubports installed well, but the battery drying out quite fast, even idling. Then, installed Android Pie 9 fork from XDA, with which the battery stayed much longer. The community made Android was without much Google centred and, in a real way, that OS is a open source one. Interestingly, the N5 is more responsive and faster.
I can, of course, flash the newest UBports any time, but I don't think, the battery life had become better. Linux in general is quite terrible on battery life, but Android appears to find a solution for that somehow. The Unix based iOS also can get a lot out of the battery. I also have a N6 (still on guarantee) with Nitrogen OS (Android 9), which works quite nice, with a pretty good battery life. It is interesting that I got both of them at a fraction of its release price!
Now, Android is open source, and there are many devs at XDA creating lovely OS out of it. Android is based on Linux (Gentoo), so we really shouldn't attack it. If you really want, you can stay away from Google with those OSs. I personally don't have anything against Google. I don't consider it is spying on me, but it helps me in many ways.
The problem with us Linux guys is that we tend to do something against another, who had done something with Linux. Some people wants to create a phone to go against another, for example Google. You waste quite a lot of energy just to be against. And, that way, nothing worthwhile is created. I believe Librem 5 to become a flop -- original thought of creating it was hate, or to do something to hurt someone else.
45 • Linux on mobile devices (by Ricardo on 2019-05-23 03:27:38 GMT from Argentina)
I voted "I have run a GNU/Linux distro in the past" because I own a Nokia N900 (which is absolutely amazing, too bad it only supports 2G in my country), a gorgeous Nokia N9 and an HP TouchPad tablet dual booting WebOS and LuneOS.
Sadly, only the N900 is still functional, but I had great times with the three devices.
But I also "plan to run a GNU/Linux distro", as I'm eagerly awaiting a Librem 5 to try as many mobile distros as possible :)
Oh, I also tried a Sailfish community edition on a Nexus 5, pretty interesting mobile OS.
46 • @45 Sailfish OS on N5 (by OstroL on 2019-05-23 08:58:12 GMT from Poland)
"Oh, I also tried a Sailfish community edition on a Nexus 5, pretty interesting mobile OS."
This is interesting. I cannot find this community edition to flash on N5. Would be nice, if you could direct us to it, a link if possible. Or a how to. Thanks!
47 • Mobile Phones (by Jim on 2019-05-23 10:36:11 GMT from United States)
Until major carriers offer some other Linux operating system than Android I will be forced to use that, I do not have the technical expertise to install any other system on my phone.
48 • advantage of open-source mobile OS (by Tim on 2019-05-24 09:08:16 GMT from United States)
I mostly agree with you about how we fight each other more often than we should and it holds us back. But I think having a truly open source OS for mobile available is essential for two reasons.
1.) I'm starting to get very concerned about the privacy implications of phones recording ambient audio at all times waiting for me to ask them to do something. I think an open source OS would be much easier to control and audit what is happening with this data, and to uninstall any such software if we want to. Right now we're kind of at the mercy of Google, Apple, our carrier, and whoever made our phone. I don't inherently distrust them, I just want a bit more power.
2.) Every smartphone I've owned since 2012 is still usable in some way or another (I guess except the iPhone 5s I sent through the washing machine in a pocket.) But especially in the non-flagship Android world, most of them only got one update over their entire lifetimes. I think this is deliberate and meant to get us to replace phones more often than necessary. A viable mobile GNU/Linux system would presumably have ports to keep older compatible phones running longer.
49 • open-source mobile OS (by Euler on 2019-05-24 17:27:55 GMT from Austria)
The main obstacle for any Android competitor, open source or closed source is the Google store. Google provides the app developers with a opportunity to earn money. To do so the Store must be closed source and linked to the other Google services.
Open source apps can provide all basic functions, but do not offer the enormous choice I have with Google. I believe the Google monopoly (mobile apps and advertising) must be broken, but neither the EU nor the US are willing to do so.
50 • Android (by Andy on 2019-05-25 03:09:38 GMT from United Kingdom)
@48 -Disabling the always-on microphone is really not so difficult. Settings>Apps>Google>Permissions, and toggle "microphone to "off." I keep mine off because I don't use those voice functions, and it's annoying when it pops up offering help unasked, which is often enough.
Anyone wanting to keep their Android phones updated for longer times would do well to search Google, of course. Usually, the closer you get to Google's stock Android, (including Google's own branded hardware) the better off you will be. Also, here's quite a variety of custom ROMs out there. Research on hardware needed for this too. Avoid hardware locked to an ISP or phone service provider. I'm running Cyanogen/Lineage 15 (Oreo) on a Samsung tablet from 2014. Access to Google Play apps, which are really needed for most things can be downloaded separately. On the other hand, someone brought me the same tablet branded by Verizon, and there's nothing can be done with it at this time.
I'd also like to try an full open-source OS. It's possible now, mostly on limited and older phones, (and new promises) but I've found no compelling reason to spend the money and time or bear with the inconvenience.
51 • Ubuntu Touch on Nexus 4 (by Simon on 2019-05-25 08:14:07 GMT from United Kingdom)
I installed Ubuntu Touch to a Nexus 4 without any trouble or issues - escaping the prying eyes of Google and Apple.
It works fine and I have no issues with it. Mind you, I don't spend that much time on mobiles and use it mainly for texts, phone calls and taking pictures.
As a bonus, it runs in my native language (Welsh) without any problems. How cool is that?
Number of Comments: 51
Display mode: DWW Only • Comments Only • Both DWW and Comments
|• Issue 841 (2019-11-18): Emmabuntus DE3-1.00, changing keys in a keyboard layout, Debian phasing out Python 2 and voting on init diversity, Slackware gets unofficial updated live media|
|• Issue 840 (2019-11-11): Fedora 31, monitoring user activity, Fedora working to improve Python performance, FreeBSD gets faster networking|
|• Issue 839 (2019-11-04): MX 19, manipulating PDFs, Ubuntu plans features for 20.04, Fedora 29 nears EOL, Netrunner drops Manjaro-based edition|
|• Issue 838 (2019-10-28): Xubuntu 19.10, how init and service managers work together, DragonFly BSD provides emergency mode for HAMMER, Xfce team plans 4.16|
|• Issue 837 (2019-10-21): CentOS 8.0-1905, Trident finds a new base, Debian plans firewall changes, 15 years of Fedora, how to merge directories|
|• Issue 836 (2019-10-14): Archman 2019.09, Haiku improves ARM support, Project Trident shifting base OS, Unix turns 50|
|• Issue 835 (2019-10-07): Isotop, Mazon OS and, KduxOS, examples of using the find command, Mint's System Reports becomes proactive, Solus updates its desktops|
|• Issue 834 (2019-09-30): FreedomBox "Buster", CentOS gains a rolling release, Librem 5 phones shipping, Redcore updates its package manager|
|• Issue 833 (2019-09-23): Redcore Linux 1908, why Linux distros are free, Ubuntu making list of 32-bit software to keep, Richard M Stallman steps down from FSF leadership|
|• Issue 832 (2019-09-16): BlackWeb 1.2, checking for Wayland session and applications, Fedora to use nftables in firewalld, OpenBSD disables DoH in Firefox|
|• Issue 831 (2019-09-09): Adélie Linux 1.0 beta, using ffmpeg, awk and renice, Mint and elementary improvements, PureOS and Manjaro updates|
|• Issue 930 (2019-09-02): deepin 15.11, working with AppArmor profiles, elementary OS gets new greeter, exFAT support coming to Linux kernel|
|• Issue 829 (2019-08-26): EndeavourOS 2019.07.15, Drauger OS 7.4.1, finding the licenses of kernel modules, NetBSD gets Wayland application, GhostBSD changes base repo|
|• Issue 828 (2019-08-19): AcademiX 2.2, concerns with non-free firmware, UBports working on Unity8, Fedora unveils new EPEL channel, FreeBSD phasing out GCC|
|• Issue 827 (2019-08-12): Q4OS, finding files on the disk, Ubuntu works on ZFS, Haiku improves performance, OSDisc shutting down|
|• Issue 826 (2019-08-05): Quick looks at Resilient, PrimeOS, and BlueLight, flagship distros for desktops,Manjaro introduces new package manager|
|• Issue 825 (2019-07-29): Endless OS 3.6, UBports 16.04, gNewSense maintainer stepping down, Fedora developrs discuss optimizations, Project Trident launches stable branch|
|• Issue 824 (2019-07-22): Hexagon OS 1.0, Mageia publishes updated media, Fedora unveils Fedora CoreOS, managing disk usage with quotas|
|• Issue 823 (2019-07-15): Debian 10, finding 32-bit packages on a 64-bit system, Will Cooke discusses Ubuntu's desktop, IBM finalizes purchase of Red Hat|
|• Issue 822 (2019-07-08): Mageia 7, running development branches of distros, Mint team considers Snap, UBports to address Google account access|
|• Issue 821 (2019-07-01): OpenMandriva 4.0, Ubuntu's plan for 32-bit packages, Fedora Workstation improvements, DragonFly BSD's smaller kernel memory|
|• Issue 820 (2019-06-24): Clear Linux and Guix System 1.0.1, running Android applications using Anbox, Zorin partners with Star Labs, Red Hat explains networking bug, Ubuntu considers no longer updating 32-bit packages|
|• Issue 819 (2019-06-17): OS108 and Venom, renaming multiple files, checking live USB integrity, working with Fedora's Modularity, Ubuntu replacing Chromium package with snap|
|• Issue 818 (2019-06-10): openSUSE 15.1, improving boot times, FreeBSD's status report, DragonFly BSD reduces install media size|
|• Issue 817 (2019-06-03): Manjaro 18.0.4, Ubuntu Security Podcast, new Linux laptops from Dell and System76, Entroware Apollo|
|• Issue 816 (2019-05-27): Red Hat Enterprise Linux 8.0, creating firewall rules, Antergos shuts down, Matthew Miller answers questions about Fedora|
|• Issue 815 (2019-05-20): Sabayon 19.03, Clear Linux's developer features, Red Hat explains MDS flaws, an overview of mobile distro options|
|• Issue 814 (2019-05-13): Fedora 30, distributions publish Firefox fixes, CentOS publishes roadmap to 8.0, Debian plans to use Wayland by default|
|• Issue 813 (2019-05-06): ROSA R11, MX seeks help with systemd-shim, FreeBSD tests unified package management, interview with Gael Duval|
|• Issue 812 (2019-04-29): Ubuntu MATE 19.04, setting up a SOCKS web proxy, Scientific Linux discontinued, Red Hat takes over Java LTS support|
|• Issue 811 (2019-04-22): Alpine 3.9.2, rsync examples, Ubuntu working on ZFS support, Debian elects new Project Leader, Obarun releases S6 tools|
|• Issue 810 (2019-04-15): SolydXK 201902, Bedrock Linux 0.7.2, Fedora phasing out Python 2, NetBSD gets virtual machine monitor|
|• Issue 809 (2019-04-08): PCLinuxOS 2019.02, installing Falkon and problems with portable packages, Mint offers daily build previews, Ubuntu speeds up Snap packages|
|• Issue 808 (2019-04-01): Solus 4.0, security benefits and drawbacks to using a live distro, Gentoo gets GNOME ports working without systemd, Redox OS update|
|• Issue 807 (2019-03-25): Pardus 17.5, finding out which user changed a file, new Budgie features, a tool for browsing FreeBSD's sysctl values|
|• Issue 806 (2019-03-18): Kubuntu vs KDE neon, Nitrux's znx, notes on Debian's election, SUSE becomes an independent entity|
|• Issue 805 (2019-03-11): EasyOS 1.0, managing background services, Devuan team debates machine ID file, Ubuntu Studio works to remain an Ubuntu Community Edition|
|• Issue 804 (2019-03-04): Condres OS 19.02, securely erasing hard drives, new UBports devices coming in 2019, Devuan to host first conference|
|• Issue 803 (2019-02-25): Septor 2019, preventing windows from stealing focus, NetBSD and Nitrux experiment with virtual machines, pfSense upgrading to FreeBSD 12 base|
|• Issue 802 (2019-02-18): Slontoo 18.07.1, NetBSD tests newer compiler, Fedora packaging Deepin desktop, changes in Ubuntu Studio|
|• Issue 801 (2019-02-11): Project Trident 18.12, the meaning of status symbols in top, FreeBSD Foundation lists ongoing projects, Plasma Mobile team answers questions|
|• Issue 800 (2019-02-04): FreeNAS 11.2, using Ubuntu Studio software as an add-on, Nitrux developing znx, matching operating systems to file systems|
|• Issue 799 (2019-01-28): KaOS 2018.12, Linux Basics For Hackers, Debian 10 enters freeze, Ubuntu publishes new version for IoT devices|
|• Issue 798 (2019-01-21): Sculpt OS 18.09, picking a location for swap space, Solus team plans ahead, Fedora trying to get a better user count|
|• Issue 797 (2019-01-14): Reborn OS 2018.11.28, TinyPaw-Linux 1.3, dealing with processes which make the desktop unresponsive, Debian testing Secure Boot support|
|• Issue 796 (2019-01-07): FreeBSD 12.0, Peppermint releases ISO update, picking the best distro of 2018, roundtable interview with Debian, Fedora and elementary developers|
|• Issue 795 (2018-12-24): Running a Pinebook, interview with Bedrock founder, Alpine being ported to RISC-V, Librem 5 dev-kits shipped|
|• Issue 794 (2018-12-17): Void 20181111, avoiding software bloat, improvements to HAMMER2, getting application overview in GNOME Shell|
|• Issue 793 (2018-12-10): openSUSE Tumbleweed, finding non-free packages, Debian migrates to usrmerge, Hyperbola gets FSF approval|
|• Issue 792 (2018-1203): GhostBSD 18.10, when to use swap space, DragonFly BSD's wireless support, Fedora planning to pause development schedule|
|• Issue 791 (2018-11-26): Haiku R1 Beta1, default passwords on live media, Slax and Kodachi update their media, dual booting DragonFly BSD on EFI|
|• Issue 790 (2018-11-19): NetBSD 8.0, Bash tips and short-cuts, Fedora's networking benchmarked with FreeBSD, Ubuntu 18.04 to get ten years of support|
|• Issue 789 (2018-11-12): Fedora 29 Workstation and Silverblue, Haiku recovering from server outage, Fedora turns 15, Debian publishes updated media|
|• Full list of all issues|
Star Labs - Laptops built for Linux.
View our range including the Star Lite, Star LabTop and more. Available with a choice of Ubuntu, Linux Mint or Zorin OS pre-installed with many more distributions supported. Visit Star Labs for information, to buy and get support.
|Random Distribution |
Linare Linux was a desktop-oriented, commercial Linux distribution based on Fedora Core technology. Features of Linare Linux include a full office suite compatible with Microsoft Office, which includes word processing, spreadsheet, drawing and presentation software. It also comes with a full Internet suite, bundled with a GAIM messenger that can be used with Yahoo, MSN, AOL and ICQ protocols. Linare Linux includes Mozilla mail software, the increasingly popular Outlook-styled email program, and the Mozilla Internet browser.