Ubuntu

Ubuntu 16.10 Reaches End of Life (softpedia.com) 147

prisoninmate shares a report from Softpedia: Today, July 20, 2017, is the last day when the Ubuntu 16.10 (Yakkety Yak) was supported by Canonical as the operating system now reached end of life, and it will no longer receive security and software updates. Dubbed by Canonical and Ubuntu founder Mark Shuttleworth as the Yakkety Yak, Ubuntu 16.10 was launched on October 13, 2016, and it was a short-lived release that only received nine (9) months of support through kernel updates, bug fixes, and security patches for various components. Starting today, you should no longer use Ubuntu 16.10 (Yakkety Yak) on your personal computer, even if it's up-to-date. Why? Because, in time, it will become vulnerable to all sort of attacks as Canonical won't provide security and kernel updates for this release. Therefore, all users are urged to upgrade to Ubuntu 17.04 (Zesty Zapus) immediately using the instructions here.
Android

Samsung's 'Bixby' Voice Assistant Finally Launches In US (theverge.com) 40

After 3 months, Samsung announced that the voice capabilities of its digital assistant are now rolling out to U.S. Galaxy S8 and S8+ owners. Now, if you happen to own a Galaxy S8 or S8+, the physical Bixby button on the lefthand side of your phone will be able to actually do something somewhat useful. The Verge reports: Bixby's voice capabilities have been available in the US as part of an opt-in beta test, and Samsung says that feedback has led to faster response times, improved comprehension of varied phrasing around the same question, better hands-free operation, and more. Over 100,000 users of the flagship devices have enrolled in the early access program and issued over 4 million voice commands. Also, Samsung says Bixby can now read aloud your latest SMS messages and emails -- if you use its stock apps on the Galaxy S8. Bixby can be activated with a push of the dedicated Bixby button located on the side of the Galaxy S8 and S8+, or by saying "hi Bixby." Like Siri and Google Assistant, Bixby can handle alarms, send texts, and so on, but its real power lies in the ability to access granular phone settings or -- in supported apps -- automatically move through several menu screens to perform commands that Google Assistant simply can't do. Samsung says that deep learning should allow Bixby to improve over time as it begins to recognize users' preferences and ways of speaking. Here's a video showing some of the voice commands Bixby can respond to.
Android

Android Backdoor 'GhostCtrl' Can Silently Record Your Audio, Video and More (neowin.net) 69

An anonymous reader quotes a report from Neowin: A new strain of malware designed for Android devices has recently been discovered, which not only can silently record audio and video, but can also monitor texts and calls, modify files, and ultimately spawn ransomware. Dubbed as 'GhostCtrl' by researchers over at Trend Micro, the malware is apparently a variant of OmniRAT, a remote administration tool for Android, which is available to the public. It also appears to be part of a wider campaign that targeted Israeli hospitals, where a worm called RETADUP surfaced back in June. According to the report, there are three versions of the malicious software. The first variant stole information and controlled a device's functionalities, while the second added new features to exploit. The third one combines all the features of the old versions, and adds even more malicious components into its system. The latest iteration of GhostCtrl can now monitor call logs, text messages, contacts, phone numbers, location, and browsing history. Furthermore, it has the ability to record the victim's Android version, battery level, and Bluetooth information. To make make matters worse, it can now also spy on unsuspecting victims by silently recording audio and video. The malware distributes itself via illegitimate apps for WhatsApp or Pokemon GO. Trend Micro suggests you keep your Android devices up to date and data backed up regularly. They also recommend using an app reputation system that can detect suspicious and malicious apps.
Android

Some OnePlus 5s Are Reportedly Rebooting After Dialing 911 (theverge.com) 59

The OnePlus 5, dubbed "the best sub-$500 phone you can buy" when it launched, is having a few problems. Earlier this month, some owners of the new device complained about a weird jelly-like effect that appears when scrolling through apps. OnePlus went on to claim that the effect is normal and not the result of any manufacturing issues. Now, a handful of users are reporting that the OnePlus 5 will reboot itself once 911 is called, preventing them from reaching emergency services. The Verge reports: Reddit user Nick Morrelli noticed the glitch after he tried to call 911 to report a building fire in Seattle, and other users have reported that the OnePlus 5 is unable to dial 911 (or 999 in the UK, as another user reported) without rebooting. While most users haven't reported having the issue, any percentage of devices not being able to reach emergency services is a major issue for OnePlus. In a statement to The Verge, OnePlus says it's looking into the problem. "We have contacted the customer and are currently looking into the issue. We ask anyone experiencing a similar situation to contact us at support@oneplus.net."
Android

End of the Line For Remix OS as Jide Shifts Its Energy Towards the Enterprise (neowin.net) 29

An anonymous reader shares a report: It was only in July last year that Remix OS, an Android-based operating system for PCs, was bumped up to Version 3.0, which featured Android 6.0 Marshmallow under the hood. In fact, news of the upgrade came hot on the heels of an announcement from Chuwi with regards to the release of its $239 Vi10 Plus tablet that dual-booted Remix OS and Windows 10. A little over a month later, Jide Technology then followed up with a "developer preview" of the OS leveraging Android 7.0 Nougat. However, after a somewhat brief period of existence of just a few years, the company has announced that it is shifting its focus away from the consumer segment to the enterprise. In a statement on its website, Jide stated that: "Over the past year, we received an increasing number of inquiries from enterprises in various industries, and began helping them build great tools for their organizations by leveraging Jide software and hardware. We see huge potential in the role that Jide can play to revolutionize how these businesses operate. And given our existing resources, we decided to focus our company efforts solely on the enterprise space moving forward."
Security

Exploit Derived From EternalSynergy Upgraded To Target Newer Windows Versions (bleepingcomputer.com) 61

An anonymous reader writes: "Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system," reports Bleeping Computer. "ETERNALSYNERGY is one of the NSA exploits leaked by the Shadow Brokers hacking group in April this year. According to a Microsoft technical analysis, the exploit can allow an attacker to execute code on Windows machines with SMB services exposed to external connections. The exploit works up to Windows 8. According to Microsoft, the techniques used in the original ETERNALSYNERGY exploit do not work on newer platforms due to several kernel security improvements. Wang says his exploit targets the same vulnerability but uses a different exploitation technique. His method 'should never crash a target,' the expert says. 'Chance should be nearly 0%,' Wang adds." Combining his exploit with the original ETERNALSYNERGY exploit would allow a hacker to target all Windows versions except Windows 10. This is about 75% of all Windows PCs. The exploit code is available for download from Wang's GitHub or ExploitDB. Sheila A. Berta, a security researcher for Telefonica's Eleven Paths security unit, has published a step-by-step guide on how to use Wang's exploit.
Windows

'Windows 10 Is Failing Us' (betanews.com) 549

Reader BrianFagioli writes: While Windows 10 is arguably successful from a market share perspective, it is still failing in one big way -- the user experience. Windows 8.x was an absolute disaster, and Microsoft's latest is certainly better than that, but it is still not an enjoyable experience. Before the company tries to add new features (and misses deadlines) like Timeline and Cloud Clipboard, it should focus more on improving the existing user experience. Right now it is failing us and things are not getting better. Even the third-party solutions that aim to turn this spying off aren't 100-percent successful. Unless you unplug from the internet entirely, you can't stop Windows from phoning home to Microsoft. This is a shame, as some consumers are being made to feel violated when using their own computer. Another issue that I can't believe hasn't been resolved is having two locations for system settings. Seriously, Microsoft? We still have "Settings" and "Control Panel" Live Tiles are still worthless, and it is time for Microsoft to kill them. Nobody opens an app launcher and stares at the icons for information. It is distracting and pointless. If I want the weather, I'll open a weather app and see it -- not stare at the icon for the information. It sort of made sense in the Windows 8.x era since you were presented with a full screen of app icons more often, but with a more traditional start-button design in Windows 10, it is time to retire it. Another example: Microsoft doesn't force you to use Edge and Bing entirely, but it still does force you. Cortana is a hot mess, but if you opt to use her, she will only open things in Edge. Searches are Bing-only. In other words, the virtual assistant ignores your default browser settings. Why? Not for the user's benefit. Sadly, the Windows Store is a garbage dump -- many of the "legit" apps are total trash.
GNOME

Fedora 26 Linux Distro Released (betanews.com) 66

Reader BrianFagioli writes: Today, Fedora 26 sheds its pre-release status and becomes available for download as a stable release. GNOME fans are in for a big treat, as version 3.24 is default. If you stick to stable Fedora releases, this will be your first time experiencing that version of the desktop environment since it was released in March. Also new is LibreOffice 5.3, which is an indispensable suite for productivity. If you still use mp3 music files I've moved onto streaming), support should be baked in for both encoding and decoding. "The latest version of Fedora's desktop-focused edition provides new tools and features for general users as well as developers. GNOME 3.24 is offered with Fedora 26 Workstation, which includes a host of updated functionality including Night Light, an application that subtly changes screen color based on time of day to reduce effect on sleep patterns, and LibreOffice 5.3, the latest update to the popular open source office productivity suite. For developers, GNOME 3.24 provides matured versions of Builder and Flatpak to make application development for a variety of systems, including Rust and Meson, easier across the board," says the Fedora Project.
Android

Windows Phone Dies Today (theverge.com) 233

From a report: Microsoft is killing off Windows Phone 8.1 support today, more than three years after the company first introduced the update. The end of support marks an end to the Windows Phone era, and the millions of devices still running the operating system. While most have accepted that the death of Windows Phone occurred more than a year ago, AdDuplex estimates that nearly 80 percent of all Windows-powered phones are still running Windows Phone 7, Windows Phone 8, or Windows Phone 8.1. All of these handsets are now officially unsupported, and only 20 percent of all Windows phones are running the latest Windows 10 Mobile OS.
Ubuntu

Ubuntu Is Now Available On the Windows Store (windowscentral.com) 121

Ubuntu is now available for download on the Windows Store. "Initially spotted by Rafael Rivera and Necrosoft Core on Twitter, Ubuntu on the Windows Store will let you install and run the Ubuntu terminal on Windows next to your other apps," reports Windows Central. From the report: Ubuntu's arrival, and that of SUSE, are part of a recent push by Microsoft to embrace Linux and the open source community more broadly. This began with the arrival of the Windows Subsystem for Linux in 2016, allowing users to use the Bash shell from within Windows. Keep in mind that this is limited to the Fall Creators Update, which isn't set for a public release until later this year. If you're running a PC testing the Fall Creators Update through the Windows Insider Program, however, you should be able to download and try Ubuntu from the Windows Store just fine.
Microsoft

Microsoft Will Sell Office, Windows as a Bundle (axios.com) 263

An anonymous reader shares a report: Microsoft announced plans on Monday to start offering Windows 10 and Office together in a single subscription service. Microsoft 365, as the service is known, will also include security and management tools and come in two flavors: one for large enterprises and the other for small-to-medium businesses. The company didn't say how much it will charge for either version of the service.
Operating Systems

48-Year-Old Multics Operating System Resurrected (multicians.org) 94

"The seminal operating system Multics has been reborn," writes Slashdot reader doon386: The last native Multics system was shut down in 2000. After more than a dozen years in hibernation a simulator for the Honeywell DPS-8/M CPU was finally realized and, consequently, Multics found new life... Along with the simulator an accompanying new release of Multics -- MR12.6 -- has been created and made available. MR12.6 contains many bug and Y2K fixes and allows Multics to run in a post-Y2K, internet-enabled world.
Besides supporting dates in the 21st century, it offers mail and send_message functionality, and can even simulate tape and disk I/O. (And yes, someone has already installed Multics on a Raspberry Pi.) Version 1.0 of the simulator was released Saturday, and Multicians.org is offering a complete QuickStart installation package with software, compilers, install scripts, and several initial projects (including SysDaemon, SysAdmin, and Daemon). Plus there's also useful Wiki documents about how to get started, noting that Multics emulation runs on Linux, macOS, Windows, and Raspian systems.

The original submission points out that "This revival of Multics allows hobbyists, researchers and students the chance to experience first hand the system that inspired UNIX."
Windows

WikiLeaks Unveils CIA Implants That Steal SSH Credentials From Windows, Linux PCs (thehackernews.com) 140

An anonymous reader quotes a report from The Hacker News: WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors. Secure Shell or SSH is a cryptographic network protocol used for remote login to machines and servers securely over an unsecured network. Dubbed BothanSpy -- implant for Microsoft Windows Xshell client, and Gyrfalcon -- targets the OpenSSH client on various distributions of Linux OS, including CentOS, Debian, RHEL (Red Hat), openSUSE and Ubuntu. Both implants steal user credentials for all active SSH sessions and then sends them to a CIA-controlled server.
Data Storage

OneDrive Has Stopped Working On Non-NTFS Drives (arstechnica.com) 130

An anonymous reader quotes a report from Ars Technica: OneDrive users around the world have been upset to discover that with its latest update, Microsoft's cloud file syncing and storage system no longer works with anything other than disks formatted with the NTFS file system. Both older file systems, such as FAT32 and exFAT, and newer ones, such as ReFS, will now provoke an error message when OneDrive starts up. To continue to use the software, files will have to be stored on an NTFS volume. While FAT disks can be converted, ReFS volumes must be reformatted and wiped. This has left various OneDrive users unhappy. While NTFS is the default file system in Windows, people using SD cards to extend the storage on small laptops and tablets will typically use exFAT. Similarly, people using Storage Spaces to manage large, redundant storage volumes will often use ReFS. The new policy doesn't change anything for most Windows users, but those at the margins will feel hard done by. Microsoft said in a statement that it "discovered a warning message that should have existed was missing when a user attempted to store their OneDrive folder on a non-NTFS filesystem -- which was immediately remedied." According to Ars, Microsoft's position, apparently, is that OneDrive should always have warned about these usage scenarios and that it's only a bug or an oversight that allowed non-NTFS volumes to work.
Operating Systems

OpenBSD Will Get Unique Kernels On Each Reboot (bleepingcomputer.com) 162

An anonymous reader quotes a report from Bleeping Computer: A new feature added in test snapshots for the upcoming OpenBSD 6.2 release will create a unique kernel every time an OpenBSD user reboots or upgrades his computer. This feature is named KARL -- Kernel Address Randomized Link -- and works by relinking internal kernel files in a random order so that it generates a unique kernel binary blob every time. Currently, for stable releases, the OpenBSD kernel uses a predefined order to link and load internal files inside the kernel binary, resulting in the same kernel for all users. Developed by Theo de Raadt, KARL will work by generating a new kernel binary at install, upgrade, and boot time. If the user boots up, upgrades, or reboots his machine, the most recently generated kernel will replace the existing kernel binary, and the OS will generate a new kernel binary that will be used on the next boot/upgrade/reboot, constantly rotating kernels on reboots or upgrades. KARL should not be confused with ASLR -- Address Space Layout Randomization -- a technique that randomizes the memory address where application code is executed, so exploits can't target a specific area of memory where an application or the kernel is known to run. A similar technique exists for randomizing the memory location where the kernel loads -- called KASLR. The difference between the two is that KARL loads a different kernel binary in the same place, while KASLR loads the same binary in random locations. Currently Linux and Windows only support KASLR.
Security

Linux Is Not As Safe As You Think (betanews.com) 237

BrianFagioli writes via BetaNews: Would you be surprised if I told you that threat methods for Linux increased an astonishing 300 percent in 2016, while Microsoft's operating systems saw a decrease? Well, according to a new report, that is true. Does this mean Linux is unsafe? No way, Jose! There are some important takeaways here. Microsoft's Windows operating systems are still the most targeted platforms despite the year over year decline -- far beyond Linux. Also, just because there is an increase in malware attack methods doesn't necessarily mean that more systems will be infected. Let us not forget that it is easier to find a vulnerability with open source too; Microsoft largely uses closed source code. "At the end of November, criminals with other variants of the same Linux malware unleashed devastating attacks against DSL routers of Telekom customers. 900,000 devices were taken down. In October, the Mirai code appeared freely available on the Internet. Since then, the AV-TEST systems have been investigating an increasing number of samples with spikes at the end of October, November and beginning of December," says AV Test of the Mirai malware. "Other Linux malware, such as the Tsunami backdoor, has been causing trouble for several years now and can be easily modified for attacks against IoT devices. The detection systems of AV-TEST first detected the Tsunami malicious code in the year 2003. Although, at that time, practically no IoT devices existed, the Linux backdoor already offered attack functions which even today would be suitable for virtually unprotected attacks on routers: In this manner, Tsunami can download additional malicious code onto infected devices and thus make devices remote controllable for criminals. But the old malware can also be used for DDoS attacks. The Darlloz worm, known since 2013, as well as many other Linux and Unix malware programs, have similar attack patterns which AV-TEST has been detecting and analyzing for years."
Bug

'Severe' Systemd Bug Allowed Remote Code Execution For Two Years (itwire.com) 551

ITWire reports: A flaw in systemd, the init system used on many Linux systems, can be exploited using a malicious DNS query to either crash a system or to run code remotely. The vulnerability resides in the daemon systemd-resolved and can be triggered using a TCP payload, according to Ubuntu developer Chris Coulson. This component can be tricked into allocating less memory than needed for a look-up. When the reply is bigger it overflows the buffer allowing an attacker to overwrite memory. This would result in the process either crashing or it could allow for code execution remotely. "A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it," is how Coulson put it.
Affected Linux vendors have pushed out patches -- but the bug has apparently been present in systemd code since June of 2015. And long-time Slashdot reader walterbyrd also reports a recently-discovered bug where systemd unit files that contain illegal usernames get defaulted to root.
Open Source

Linux Kernel 4.12 Officially Released (softpedia.com) 55

prisoninmate quotes Softpedia: After seven weeks of announcing release candidate versions, Linus Torvalds today informs the Linux community through a mailing list announcement about the general availability of the Linux 4.12 kernel series. Development on the Linux 4.12 kernel kicked off in mid-May with the first release candidate, and now, seven weeks later we can finally get our hands on the final release... A lot of great improvements, new hardware support, and new security features were added during all this time, which makes it one of the biggest releases, after Linux 4.9...

Prominent features of the Linux 4.12 kernel include initial support for AMD Radeon RX Vega graphics cards, intial Nvidia GeForce GTX 1000 "Pascal" accelerated support, implementation of Budget Fair Queueing (BFQ) and storage-I/O schedulers, more MD RAID enhancements, support for Raspberry Pi's Broadcom BCM2835 thermal driver, a lot of F2FS optimizations, as well as ioctl for the GETFSMAP space mapping ioctl for both XFS and EXT4 filesystems.

Linus said in announcing the release that "I think only 4.9 ends up having had more commits," also noting that 4.9 was a Long Term Support kernel, whereas "4.12 is just plain big."

"There's also nothing particularly odd going on in the tree - it's all just normal development, just more of it than usual."
Open Source

23 Years Of The Open Source 'FreeDOS' Project (linuxjournal.com) 123

Jim Hall is celebrating the 23rd birthday of the FreeDOS Project, calling it "a major milestone for any free software or open-source software project," and remembering how it all started. An anonymous reader quotes Linux Journal: If you remember Windows 3.1 at the time, it was a pretty rough environment. I didn't like that you could interact with Windows only via a mouse; there was no command line. I preferred working at the command line. So I was understandably distressed in 1994 when I read via various tech magazines that Microsoft planned to eliminate MS-DOS with the next version of Windows. I decided that if the next evolution of Windows was going to be anything like Windows 3.1, I wanted nothing to do with it... I decided to create my own version of DOS. And on June 29, 1994, I posted an announcement to a discussion group... Our "PD-DOS" project (for "Public Domain DOS") quickly grew into FreeDOS. And 23 years later, FreeDOS is still going strong! Today, many people around the world install FreeDOS to play classic DOS games, run legacy business software or develop embedded systems...

FreeDOS has become a modern DOS, due to the large number of developers that continue to work on it. You can download the FreeDOS 1.2 distribution and immediately start coding in C, Assembly, Pascal, BASIC or a number of other software development languages. The standard FreeDOS editor is quite nice, or you can select from more than 15 different editors, all included in the distribution. You can browse websites with the Dillo graphical web browser, or do it "old school" via the Lynx text-mode web browser. And for those who just want to play some great DOS games, you can try adventure games like Nethack or Beyond the Titanic, arcade games like Wing and Paku Paku, flight simulators, card games and a bunch of other genres of DOS games.

On his "Open Source Software and Usability" blog, Jim says he's been involved with open source software "since before anyone coined the term 'open source'," and first installed Linux on his home PC in 1993. Over on the project's blog, he's also sharing appreciative stories from FreeDOS users and from people involved with maintaining it (including memories of early 1980s computers like the Sinclair ZX80, the Atari 800XL and the Coleco Adam). Any Slashdot readers have their own fond memories to share?
Chrome

While Chrome Dominates, Microsoft Edge Struggles To Attract New Users (neowin.net) 172

An anonymous reader quotes Neowin's report on the newest browser-usage figures from NetMarketShare: Microsoft Edge only commands a market share of 5.65% -- which is an increase of only 0.02 percentage points compared to last month... it only grew by 0.56% year-over-year. On the other hand, Google Chrome has continued its dominance with a market share of 59.49%. As a point of reference, this is a sizeable growth of 10.84 percentage points year-over-year... Data from another firm, StatCounter, depicts an even more depressing situation for Microsoft. According to the report, Edge sits at 3.89%... Chrome is the king of all browsers according to these statistics as well, with a market share of 63.21% -- a decrease of 0.14 percentage points compared to last month. Firefox, Internet Explorer, and Safari command 14%, 9.28%, and 5.16% respectively.
The firm also calculates that when it comes to desktop operating systems, Windows has 91.51% of all users, followed by MacOS at 6.12 and Linux at 2.36%.

Slashdot Top Deals