NEWS

Cutting-Edge Fedora 25 Released

The Fedora Project has announced the release of Fedora 25, the latest version of their fully open source Linux-based operating system. Fedora is known as a cutting edge Linux distribution, and this release comes with some of the latest open source technologies.

"The Fedora operating system seeks to deliver the latest innovations in the world of free and open source software to our users, from next-generation display servers to powerful application development tools," said Matthew Miller, Fedora Project Leader. "Fedora 25 helps to achieve this goal with the long-awaited debut of Wayland, the addition of a streamlined upgrade path, and a new edition designed to take advantage of Linux containers."

Fedora Workstation is targeted at developers and power users, although it is also suitable for average PC users. It's a preferred Linux distribution for many DevOps users, and the choice of packages that comes installed on the Workstation version is evidence of that fact. Fedora 25 Workstation comes with the latest version of Docker 1.12; Node.js 6.5, the latest version of the popular server-side JavaScript engine; multiple Python versions (2.6, 2.7, 3.3, 3.4, and 3.5) to help test across multiple Python configurations; and support for Rust, a programming language that aims to make development faster and more stable.

On the desktop side, Fedora 25 Workstation comes with Wayland, replacing the aging X11 system. Gnome 3.22 is the default desktop environment that includes much-awaited features like batch file renaming, a redesigned keyboard settings tool, and additional user interface improvements. Workstation users will also be pleased with the inclusion of decoding support for the MP3 media format. In addition to these changes, Fedora 25 comes with a wide range of pre-installed desktop applications.

Fedora comes in three versions: Workstation, Atomic Host (previously Cloud), and Server. All versions are available for free download. For more information on obtaining Fedora 25, see the Fedora website.

Say it Ain't So! Microsoft Joins the Linux Foundation

Microsoft has joined the Linux Foundation as a platinum member. Microsoft made the announcement today at the Microsoft Connect 2016 event in New York.

"The Linux Foundation is home not only to Linux, but many of the community's most innovative open source projects," said Scott Guthrie, Executive Vice President, Microsoft Cloud and Enterprise Group. "We are excited to join The Linux Foundation and partner with the community to help developers capitalize on the shift to intelligent cloud and mobile experiences."

Microsoft has also released the public preview of SQL Server for Linux, which allows customers to test SQL Server on Linux and Linux-based Docker containers.

Microsoft is also partnering with Samsung to introduce their Visual Studio Tools for Tizen, a Linux-based operating system that is hosted by the Linux Foundation. The tool allows developers to build .NET apps for the Tizen operating system, which runs on millions of devices, including TVs, wearables, mobile devices, and many IoT devices.

Despite its long-standing reputation as the archenemy of Linux, Microsoft has emerged in recent years as one of the leading contributors to open source projects; their contributions on GitHub are evidence of the fact that the company is investing heavily in Linux and open source technologies. Microsoft has developed an operating system for networking switches in Azure that runs on the Linux kernel and has released many of its core products as open source, including .NET and PowerShell.

How to Bypass Authentication on a Linux System

Researchers have discovered a flaw in the Cryptsetup utility that allows an attacker to bypass the authentication process on some Linux-based systems just by pressing and holding the Enter key for 70 seconds.

Debian/Ubuntu-based systems with encrypted system partitions are affected by this vulnerability. Researchers warn that other distributions using Dracut instead of initramfs are also vulnerable.

Hector Marco and Ismael Ripoll from the Cybersecurity Group explained in their security advisory that the vulnerability allows you to obtain a root initramfs shell on the affected system. "The vulnerability is very reliable because it doesn't depend on specific systems or configurations. Attackers can copy, modify, or destroy the hard disk as well as setup the network to exfiltrate data. This vulnerability is especially serious in environments like libraries, ATMs, airport machines, labs, etc., where the whole boot process is protected (password in BIOS and GRUB) and you only have a keyboard and/or a mouse," Marco and Ripol wrote.

The worst thing about this vulnerability is that you don't need physical access to the machine; it is possible to exploit the vulnerability remotely in cloud environments.

Last year, the same researchers discovered a bug in GRUB 2 that allowed an attacker to bypass all securities on a locked-down Linux machine by hitting the Enter key 28 times when asked for a username.

More Online

Off the Beat * Bruce Byfield

The Obstacles to Linux Security

Improving security and privacy is the most important issue in modern computing. Yet even Linux, whose architecture gives it a built-in advantage, is moving slowly on these issues. The prevailing attitudes and the innate difficulties of bringing security to the desktop mean that the progress is slow.

Ethical Boundaries and Free Software in the Reign of Trump

How far would you compromise your ethics? In the aftermath of the election, this question is suddenly ruthlessly practical for Americans.

Phones are the New Average

A few weeks ago, I traded in my phone. I prepared the way I usually prepare when buying hardware, looking up the specs, and making a spreadsheet for comparisons, but the task didn't motivate me. When I realized I was avoiding the task, I took my spreadsheet down to the nearest mall kiosk and listened to the clerk's description of several of the most popular phones. But somewhere in the middle of the descriptions, I realized I had stopped listening, and bought one at random.

ADMIN HPC

http://hpc.admin-magazine.com/

Diving In * Thorsten Scherf

GlusterFS stores data across the network and can be used as a storage back end in cloud environments.

ADMIN Online

http://www.admin-magazine.com/

Exploring OpenStack's Trove DBaaSMartin Loschwitz

DBaaS moves the database service to the cloud, promising a new database instance at the click of a mouse.

Proactive Monitoring * Dirk Röder

System administrators usually take action after monitoring software indicates the failure of a service or server. In contrast to this reactive approach, a proactive monitoring solution with Riemann allows admins to detect problems in advance.

Countering Embedded Malware AttacksThomas Gronenwald

With the resurgence of sophisticated macro virus attacks, new countermeasures are in order. We offer a few recommendations.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News