FOSS Week in Review
As Linux Mint scrambles to get security back on track, numerous prototypes of Linux phones are on display and Ubuntu gathers awards at the Mobile World Conference in Barcelona.
What a week in the FOSS world. So much has happened since our last Week in Review that I think I’ll skip the idle chitchat about the weather and such and get straight to business. Well, I will take the time to tell you that it’s been damned cold in these parts and I’m more than ready for spring…
The Great 2016 Linux Mint Hack: The hack at one of the crown jewels of Linux distros has undoubtedly been the biggest story this week. I’ll not bore you by repeating details which most of you have probably already read by now, but will direct those of you who don’t know to FOSS Force’s coverage on Sunday, and to our report on Monday in which Freedom Penguin Matt Hartley helps me take a look at the nature of the crack/hack.
The good news is that things are slowly — very slowly — returning to normal for the Mint team. By midweek, things were under control enough that the switch could be flipped on Mint’s server, putting the website back online. On Thursday I had a very brief email discussion with the distro’s project leader Clem Lefebvre — “very brief” because Lefebvre was more than little busy at the time. He and his team are in up to their elbows, working to make sure that everything works and plays well with the hardening they’ve done to Mint’s server, as well as working overtime to find any niggling security issues. In other words, they have it all under control, even as they work to get it more under control.
Lefebvre made it clear that he’s very much aware that inquiring minds want to know more about the hack and the steps that he and his team have and are taking to assure nothing like this happens again. Expect him to make a statement soon, most likely on the Linux Mint website.
Intel brings Debian to Android phone: On Wednesday we learned from ValueWalk that Intel unveiled a prototype of its own version of convergence — a phone running both Android and Debian — at the Mobile World Congress now underway in Barcelona. When being used as a mobile device, this one works pretty much like any other Android phone, but hook it up to a keyboard and monitor and suddenly it’s running Debian in full desktop mode. How does it work? According to Intel’s Nir Metzer: “Android is based on a Linux kernel, so we’re running one kernel, we have an Android stack and a Linux stack, and we’re sharing the same context, so the file system is identical. The phone stays fully functional.”
This has been an eventful week for the melding of Linux and phones. Also on display at the Mobile World Congress is the Meizu PRO 5 Ubuntu Edition, which became available for pre-order on Monday for $369.99. The good news is that this is the most powerful Ubuntu phone ever. The bad news? It’s only available in China and Europe, which probably means that like BT — which also makes Ubuntu phones — Meizu has no intention to try to untangle the un-standardized mess the U.S. wireless carriers have created.
Also on Monday we learned that Samsung has begun testing a new phone in India — the Z5 SM-Z510FD, but you can just call it the Z5 — running the Linux based Tizen operating system. This comes on the heels of last year’s release of two Tizen phones by Samsung — the Z1 and Z3.
Quote of the Week: Just put this one in the “but-honestly-Monica” file.
Chris Vickery, a white hat hacker, discovered a vulnerability in uKnowKids — monitoring software that alerts parents to things like their children’s location, social media activity and text messages sent from their cellphones — that could expose private information about users’ children that should be kept private. On finding the bug, he did the right thing and notified the uKnowKids folks about the vulnerability. But instead of saying “thank you,” quietly fixing the bug and pushing a security update, the company decides to shoot itself in the foot by releasing a misleading and alarmist notice to its subscribers:
“It is with significant personal regret that I share with you the news that uKnow had a private database repeatedly breached by a hacker using two different IP addresses on February 16, 2016 and February 17, 2016.”
The notice goes on to name Vickery and to insinuate that he had evil intentions and was probably wearing a black hat underneath the white one.
Another day, another distro: Tiny Core Linux 7.0 was released on Tuesday. Although the distro uses an older version of the Linux kernel (version 4.2.9) which reached its end of life in December, the kernel is still being maintained by Ubuntu and in Tiny Core comes with the latest stable patch… The beta release of Ubuntu 16.04 has been released. So far, it comes with out-of-the-box support for the openZFS file system. That’s subject to change, however, as the Software Freedom Conservancy is crying foul as the license under which ZFS is licensed, the Common Development and Distribution License, is not compatible with the GPL, and is calling on Oracle to change the license. Meanwhile, Canonical says it’s all moot as neither Linux nor the file system are derivative works, so no compatibility is needed. Stay tuned…
Passing notes: On Monday, computer pioneer Wesley A. Clark died at 88. Clark did so much during his career that it would be hard to single out only one or two of his accomplishments to hold up as examples. Just for starters, he had a key role in the development of ARPANET, which was the predecessor to the modern Internet. For more information, I’d recommend Evan Koblentz’s obit which ran on TechRepublic on Tuesday.
Quick takes: Debian users will have to get used to Iceweasel’s name reverting back to Firefox, as a 10-year-old trademark dispute has been settled — at least enough to make the change possible… Canonical’s been racking up awards all over the place at Mobile World Congress. So far they’ve recieved two “Best of MWC” awards, from Tom’s Hardware and Trusted Reviews, as well as a “Best IoT Startup” award from 4YFN.
Parting shot: Last week in this space, I told you that our Indiegogo campaign had stalled at $1,922, which is 52 percent of our goal of $3,700. Since then, it’s only gotten worse, as the total since then has only gone up by $10. I’m not going to make a big deal over this as begging doesn’t become us, but with less than two weeks to go in our fundraising campaign we have to do better than this. If we don’t come much closer than we are now to making our goal, the FOSS Force you know now will not be the FOSS Force you’ll know in the future.
That’s all I have to say for now. Until next week, may the FOSS be with you…