Dell kicked off 2020 by announcing the 10th generation XPS 13 Developer Edition laptop with Ubuntu Linux preloaded, fingerprint-reader support, up to 32GB of RAM, and 10th Gen Intel Core CPUs.
World, please meet the Dell XPS 13 Developer Edition laptop, which continues Dell’s Project Sputnik and its Linux portfolio by offering customers the latest and greatest XPS 13 laptop powered by 10th Gen Intel Core 10nm mobile processors and up to 32GB of RAM.
[Source: Softpedia]
The Linux kernel has around 27.8 million lines of code in its Git repository, up from 26.1 million a year ago, while systemd now has nearly 1.3 million lines of code, according to GitHub stats analysed by Michael Larabel at Phoronix.
There were nearly 75,000 code commits to the kernel during 2019 which is actually slightly down on 2018 (80,000 commits), and the lowest number since 2013. The top contributors by email domain were Intel and Red Hat (Google’s general gmail.com aside) and the top contributing individuals were Linus Torvalds, with 3.19 per cent of the commits, followed by David Miller (Red Hat) and Chris Wilson (Intel). There were 4,189 different contributors overall.
[Source: The Register]
Open source storage is a solution that solves vertical and pain point challenges. There are many scenarios where it is not necessary. Organisations might just want to hold onto the data they have. In this instance, an S3 bucket or Blobstore API will cover them.
But, implementing an open source storage solution makes sense for targeted use cases. Lustre is a good example if your organisation needs to do some aggressive high performance computing. “For those sorts of workloads, Lustre is extremely mature,” said Stephen Manley, chief technologist at Druva. “It’s extremely well integrated into the ecosystem.”
[Source: Information Age]
Last year, lawyer Van Lindberg drafted a software license called the Cryptographic Autonomy License (CAL) on behalf of distributed development platform Holo – and submitted it to the Open Source Initiative (OSI) for approval as an Open Source Definition-compliant (OSD) license.
The debate over whether or not to approve the license, now in its fourth draft, has proven contentious enough to prompt OSI co-founder Bruce Perens to resign from the organization, for a second time, based on concern that OSI members have already made up their minds.
[Source: The Register]
Linux gamers have found yet again that their ubiquitous operating system remains unwelcome in the context of mainstream entertainment. The latest insult comes from Electronic Arts, which appears to have issued a few permanent bans to online Battlefield V players attempting to play the game on Linux systems. Mind you, Battlefield V isn’t intended for Linux; the EA game specifies that a 64-bit version of Windows 7, 8.1, or 10 is required. But those committed to Linux can get around that by using Lutris, a Linux gaming client.
[Source: The Register]
The Kali Linux distribution is going to switch to a new security model by defaulting to a non-root user starting with the upcoming 2020.1 release. This change will come with the release of the 2020.1 version scheduled for late January 2020, but users can already test it via the daily builds. They will also be able to test it by downloading and running the weekly images released until Kali 2020.1 will be officially available.
[Source: BleepingComputer]
Co-authored by Curtis Franklin, Jr
Open source software is often considered safer and more secure than proprietary software because users can, if they want, compile the software from the source code. They know the source of the code running in their environment. Every component that they are running in their environment can be audited and the developer held accountable.
However, users and vendors are moving away from complexity that comes with total control and embracing convenience and ease of use.
“I am often taken aback when I see a talk around security and privacy and then the presenter runs the ‘docker run’ command to install and run some random binary downloaded from the internet,” said Dirk Hohndel, Vice-President and Chief Open Source Officer at VMware. “Those two things seem to be a little bit at odds with each other.”
The software supply chain — the process that takes an application from coding through packaging and distribution to its ultimate user — is complicated. If done wrong, it could be potentially risky, especially for open source software. A malevolent player can get access to the backend and start inserting any random binary code onto a user’s system without that user’s knowledge or control.
It’s not a problem specific to the cloud-native world. It can be seen in modern app development environments, including JavaScript, npm, PyPI, RubyGems, and so on. Even Homebrew on Mac used to be provided through source code that a user would compile themselves.
“Today, you just download the binary and install it, hoping that it’s built from the same source code that you have access to,” said Hohndel. “As an industry, we need to pay more attention to our supply chain. It’s something that is extremely important to me and that I’m trying to get more people interested in it.”
It’s not simply a binary versus source code equation, though. There are huge advantages to just running a binary instead of having to build everything from sources. It allows developers to be more flexible and more responsive in their turnaround. They can cycle very quickly through new development and product releases by reusing some binaries.
“It would be nice if there was a way to sign these binaries and have an ‘on-the-fly’ verification mechanism so users know they can trust these,” said Hohndel.
Linux distributions have solved this problem as the distributions act as gatekeepers who check the integrity of packages that go into supported repositories.
“Packages offered through distributions like Debian are signed with a key. It takes a lot of work to ensure that this is really the software that should be in the distribution. They have solved the supply chain problem,” said Hohndel.
But even on Linux distribution, people want to simplify things and trade correctness and security for speed. There are now projects like AppImage, Snap and Flatpack that have adopted the binary route, bringing the trust issue to Linux distributions. It’s the same problem of docker containers all over again.
“The ideal solution would be to find a way for us as a community to devise a system of trust which ensures that if a binary was signed with a key that is in the network of trust, it can be trusted and provides us with the ability to reliably go back to the sources and do an audit,” suggested Hohndel.
However, all this additional steps incur costs that most projects are either unwilling or unable to afford. Some projects are trying to find ways around the problem. NPM, for example, has begun to encourage those submitting packages to properly authenticate and secure their accounts to improve trustworthiness on the platform.
Open Source Community Is Good At Solving Problems
Hohndel is involved with many efforts to solve the open source supply chain problem and is spreading awareness about it. Last year, VMware acquired Bitnami, which is a great place for curating open source applications that are signed by VMware.
“We are talking with upstream open source communities in various ecosystems to raise awareness about it. We are also discussing technical solutions that will make it easier for these communities to solve the underlying problems,” said Hohndel.
The open source community has historically been diligent at ensuring software quality, including the mechanisms for security and privacy. Still, Hohndel says, “The biggest concern that I have is that, in the excitement about the next new thing, we often ignore the underlying engineering discipline that we really need.”
Ultimately, Hohndel feels that answer will come from the open source community itself. “Open source is an engineering methodology and it’s a social experiment. Open source is all about people trusting each other, working with each other, collaborating across borders, between companies, amongst competitors in ways that we didn’t do before,” he explains.
Open source storage is an emerging phenomenon; data storage software that is developed in a public, collaborative manner under a license that permits the free use, distribution and modification of the source code. Organisations are now dealing with a huge amount of data, petabytes-worth, and it all needs to be stored in manner that is flexible, accessible and secure, while allowing analytics and intelligence-driven solutions to gain actionable insights from it.
Read on to know more about the three trends that have given rise to open source storage…
[Source: Information Age]
Data is often at the heart of science—researchers track velocities, measure light coming from stars, analyze heart rates and cholesterol levels and scan the human brain for electrical impulses. But often, sharing that data with other scientists—or with peer-reviewed journal editors, or funders—is difficult.
A research team has developed an open-source data-management system that the scientists hope will solve all of those problems. The researchers outlined their system today in the journal PLOS ONE.
[Source: Tech Xplore]
While many of us were getting ready to celebrate Christmas and Hanukkah, Linux Mint quietly gifted us with the latest long-term support (LTS) version of its popular desktop Linux desktop, Linux Mint “Tricia” 19.3. This release supports three different Linux desktop interfaces: my own favorite Cinnamon; MATE, a fork of the venerable GNOME 2 desktop; and the lightweight Xfce.
[Source: ZDNet]
