The Debian project announced a new 24 month release cycle for distribution releases a few days ago.  Even greater news this will be going into effect this fall with a new release expected next Spring:

The Debian project has decided to adopt a new policy of time-based development freezes for future releases, on a two-year cycle. Freezes will from now on happen in the December of every odd year, which means that releases will from now on happen sometime in the first half of every even year. To that effect the next freeze will happen in December 2009, with a release expected in spring 2010. The project chose December as a suitable freeze date since spring releases proved successful for the releases of Debian GNU/Linux 4.0 (codenamed Etch) and Debian GNU/Linux 5.0 (Lenny).

This is great news for me. I have long been a fan of Debian on my servers but have found the slower release cycle much more difficult to deal with on my desktop since the packages become out of date fairly fast, even in their testing branch.

The Official Google Blog has announced that Google plans to release an operating system based around the Chrome browser. They intend for it to be an open-source lightweight OS that targets netbooks at first and the source code will become available later this year with a consumer release planned for the 2nd half of 2010.

Speed, simplicity and security are the key aspects of Google Chrome OS. We’re designing the OS to be fast and lightweight, to start up and get you onto the web in a few seconds. The user interface is minimal to stay out of your way, and most of the user experience takes place on the web. And as we did for the Google Chrome browser, we are going back to the basics and completely redesigning the underlying security architecture of the OS so that users don’t have to deal with viruses, malware and security updates. It should just work.

There’s no official word as to what the underlying operating system will be, but I feel it’s safe to assume that it will be a variant of a current Linux distro or the Linux-based Android (they do discuss how Android and Chrome OS will be separate but that doesn’t mean they won’t share pieces ).

I tried out the Moblin 2.0 Beta booting off of a USB key multiple times over the past week and I wanted to share my thoughts on the overall experience without griping too much about incompleteness since this is the first public beta.

The general experience feels pretty good on my EEE PC 1000HA. I like the auto-hiding of the top toolbar and the snappiness of the system in general. The network configuration tool and web browser both work well. The UI looks very nice and is smooth on the 10″ screen, but I am unsure how well it will translate to smaller screens. There are definitely incomplete pieces that I would like to toy around more with such as the twitter tab (difficult to find the account settings – they were under Applications->Settings->Web Services instead of on the tab) and the IM applications (no support for AIM), but those aren’t things that I expect to be fleshed out more as new betas are released.  There are methods for adding new applications and new applications that you install that are not part of the default desktop should also work seamlessly with the UI. There is also a concept of zones that appears to be dynamically created desktop areas to avoid window clutter. There also appears to be some Last.fm integration coming in the future from the Web Services settings box .

The Linux Foundation intends for this to be a base for other distributions and the Linpus team has already announced that they plan to base a new version of Linpus Linux Lite on it. This is definitely a promising start and something that has the potential to bring an influx of new Linux users via netbooks.

Another small week of distribution releases, perhaps they ate too much at the Memorial Day barbecues?

Continue reading

Linux Journal published an article that alerted me to the relaunch of Linux.com. The Linux Foundation acquired the Linux.com domain name from SourceForge earlier this year and has been promising a relaunch. From the LJ article:

One of the most intriguing aspects of the new and improved Web site is the “Linux Guru” feature. Registered users can earn points and work their way up to guru status by participating in various activities around the site. The top five contributors will be invited to the annual Linux Foundation Collaboration Summit, and the top 50 will be showcased in the Foundation’s annual report. Each year, one user will also be crowned the “Ultimate Linux Guru” and win a fully-loaded Linux notebook computer, signed by Linus Torvalds.

The site has five main features that are an important aspect of working with and understanding Linux:

• News – Original content and analysis are featured in this section, along with content from FOSSBazaar, MoblinZone, and other Foundation workgroups.
• Community – Here’s where registered members can connect and network with each other, and create groups that focus on specific niches in open source.
• Distribution Central – Highlights of this section include original content provided by community managers and representatives of each distribution, and also provides a place for leading distros to interact with users right inside the Linux.com ecosystem.
• Learn – This is where users will find Man Pages, HowTos, and other Linux documentation, as well as a forum for posting questions and getting answers from the community.
• Directory – This section houses a collection of user-contributed software and user-reviewed applications, books, hosting services, and the like.

The new look is definitely an improvement from the old site and I see some nice content & links. Congrats to The Linux Foundation on a great relaunch!

Debian recently announced a switch from GLIBC to EGLIBC, the embedded optimized version of GLIBC. Aurelien’s blog post lists the reasons for switching as  (quoted from post):

• More friendly upstream (especially with regard to embedded architectures): “Encourage cooperation, communication, civility, and respect among developers” (as opposed to this).
• Stable branch with fixes for important bugs (a real one, not like the GLIBC one which is left unchanged).
• Better support for embedded architectures.
• Support for different shells (GLIBC only supports bash).
• Support for building with -Os.
• Configurable components (do we really need NIS or RPC support in debian-installer?).
• Better testsuite for optimized or biarch packages.

This is definitely a big change that I haven’t seen any other distributions make before and I wonder what this means for a popular Debian-based distribution such as Ubuntu?

Anthony Lineberry is presenting a new linux kernel rootkit technique at the BlackHat conference in Amsterdam. From the article:

This offers rootkit developers a new way to hide files or processes, or interfere with network traffic. The trick is that, without requiring extensive rights, libmemrk uses the /dev/mem device driver to write arbitrary code from userspace into main memory. /dev/mem is an interface that enables use of the physically addressable memory. For example XServer and DOSEmu, both use it. Lineberry says introducing rootkits via /dev/mem is also less obvious than the established route via loadable kernel modules (LKMs).

….

Lineberry also gives some tips on how the Linux world can protect itself against rootkits of this kind. He believes it should be enough to modify the memory driver so that it doesn’t allow the write/read pointer lseek to look for more than 16 kilobytes in the memory area. Current versions of Red Hat and Fedora are inherently secure, because their kernel already incorporates the features of SELinux (Security Enhanced Linux).

Lineberry says there are also corresponding improvements in version 2.6.26 of the mainline kernel. For that purpose, the kernel was given two new functions: range_is_allowed() and devmem_is_allowed(). But this protection, he says, won’t be effective unless the preprocessor directive CONFIG_STRICT_DEVMEM has been enabled when the kernel is compiled. Otherwise, range_is_allowed() always gives returns success. Lineberry says that the kernel configuration setting STRICT_DEVMEM, which sets CONFIG_STRICT_DEVMEM, is not activated by default during kernel compilation. He was unable to say when libmemrk would be available for downloading, as he was still engaged in eliminating its last weaknesses.

Using /dev/mem was previously theorized in a  Phrack article about using /dev/kmem, but Lineberry is the first to implement this technique.

Time to start recompiling my gentoo kernels!

We have a few distros that are new to our list and quite a few familiar faces this week. Read on for the full list.

Continue reading

The Amarok team announced the availability of Amarok 2.1 Beta 1 codenamed “Nuliajuk”  yesterday. The changelog since the 2.0.2 release is absolutely massive and the longest changelog they’ve had in their history. Notable new features include a completely configurable user playlist that supports drag and drop, cue sheet support, and a new management method for applets in context view. Congrats to the Amarok team on what looks to be a very promising upcoming release!

I’ve been a fan of David Allen’s “Getting Things Done” system for awhile, so seeing the folks over at TuxRadar publish an article on GTD apps for linux and rate them piqued my interest. I found some new apps that I hadn’t had any experience with before, but I think my modified system of using RememberTheMilk (RTM) still works best for me. I use the Google Calendar and GMail widgets so I see them every time I check my email. On my Linux desktop I have Tasque auto-launch and bring up my task lists so I see those every time I login. I also pay for the yearly RTM Pro membership so I can access my tasks on my freedom-hating iPhone. Using this combination, I am never disconnected from my list and that enables me to forget things alot less than I used to and feel like I’m alot more productive at work and at home.

Does anyone else have a favorite Linux GTD app/combination of apps that they use? Or maybe you prefer a different system for being productive?

• Amazon link for David Allen’s Getting Things Done: The Art of Stress-Free Productivity