Press "Enter" to skip to content

FOSS Week In Review: ZFS’s Ubuntu Return, the Nigerian Prince Goes AI, Stolen Passwords, Torvalds Does Hutton, and More

In this week’s roundup we look at ZFS’s return to Ubuntu as an install option (and why it was removed in the first place), how the Nigerian Prince is adopting AI for phishing, Linux Torvalds fabulous impersonation of E.F. Hutton, and more.

Linus Torvalds with Dirk Hohndel at LinuxCon North America 2016
Linus Torvalds with Dirk Hohndel at LinuxCon North America 2016. Raysonho @ Open Grid Scheduler / Grid Engine, CC0, via Wikimedia Commons

Good Friday morning to you. Let’s quit the dallying around and get straight to this week roundup…

ZFS Returns to Ubuntu — Kinda Sorta

Evidently, the option to use the ZFS file system when installing Ubuntu is on the way back. Granted, this is probably more important to enterprise users than to everyday Linux users, but there are plenty of everyday Joes running Linux at home who are in the ZFS camp too.

You might remember that Ubuntu offered ZFS as an option during the install process until this April’s release of 23.04 Lunar Lobster, when ZFS was dropped as an option due to an issue with the distro’s new installer, which is written in Google’s Flutter SDK and based-on Ubuntu’s server installer, Subiquity, which doesn’t support ZFS.

Well, not until now, evidently.

The Canonical folks have let the word out that with Mantic Minotaur (or Ubuntu 23.10, whichever you prefer) ZFS support will be included in the the ISO using the Flutter-based installer, which means the devs at Ubuntu have evidently been burning a little midnight oil to get ZFS back in the game. The bad news is that for the time being, the ability to install ZFS is being called “experimental,” which implies that for the time being it might not work for everyone.

EFF and the The Spy Who Droned Me

Exactly a week ago, Electronic Frontier Foundation filed an amicus brief urging the Michigan Supreme Court to find that warrantless drone surveillance of a home violates the Fourth Amendment.

It seems that Long Lake Township hired some drone operators to fly their machines over Todd and Heather Maxon’s home without a warrant to take photos and videos in a zoning investigation, and then used the documentation they gathered in a court case against them. EFF said, “The township’s conduct was governed by and violated the Fourth Amendment and the equivalent section of the Michigan Constitution.”

If you’re not convinced that EFF knows what the frack they’re talking about, follow the link in this section’s first paragraph, and they’ll explain it to you in detail.

That Poor Nigerian Prince Is Now Using AI

Remember the poor Nigerian Prince who was under house arrest or something and was looking for someone to help him get his vast fortune safely out of his corrupt home country? For a while he was so desperate to get his money to safety that he was emailing practically everybody who even might have an email address, trying to find someone to help.

Well, evidently he still hasn’t managed to get his fortune out of his mattress and into the United States, and is now employing AI to help him connect with the right sucker kind and honest person who would be willing to help, according to a company called Abnormal Security.

As reported by Ian Barker in BetaNews:

“Abnormal has uncovered more than a thousand attacks targeting organizations using at least 70 unique email addresses. The subject lines read simply, ‘GREETINGS’ and in addition to wronged Nigerian royalty the messages also impersonate people from the United Nations, Ukraine, the Ivory Coast, Switzerland, the Central African Republic, and even the US.

The pitch for the latest attacks remains largely the same, unlocking substantial funds, although there’s been a shift towards business rather than personal transactions in a twist to the usual 419 scam.”

The article goes on to explain that by using generative AI, the poor Nigerian prince (or whatever) is able to make his emails appear more legit by removing the tell-tale signs of a scam-in-progress, like poor spelling and bad grammar.

Would You Notice if Malware Stole Your Passwords?

According to Ars Technica, someone’s been distributing malware laden Linux software in the guise of “Free Download Manager” for three years, without anyone catching on:

“The site, freedownloadmanager[.]org, offered a benign version of a Linux offering known as the Free Download Manager. Starting in 2020, the same domain at times redirected users to the domain deb.fdmpkg[.]org, which served a malicious version of the app. The version available on the malicious domain contained a script that downloaded two executable files to the /var/tmp/crond and /var/tmp/bs file paths. The script then used the cron job scheduler to cause the file at /var/tmp/crond to launch every 10 minutes. With that, devices that had installed the booby-trapped version of Free Download Manager were permanently backdoored.”

Three years, really? In software that targets Linux users, really? So much for the notion that we Linux users are automatically smarter than Windows users.

Torvalds E.F. Hutton Touch

He may not have the Midas touch, but it appears that Linus Torvalds has the E.F. Hutton touch.

“When E.F. Hutton talks,” they used to say on the TV, “people listen.”

As Larabel reported in Phoronix back in August, during the Linux 6.6 merge window, a pull request submitted the new “GenPD” subsystem, which landed in the 6.6 kernel but not until after Torvalds scratched his head a bit and did a little wondering and complaining aloud…or, on paper actually…well, in pixels I guess would be more correct.

I’m not going to report everything he said (or, wrote actually), you can read Larabel for that, but it started this way:

I was starting to pull this, and then tried to figure out what the heck “genpd” is.

Absolutely nothing in the pull request explains what it might be.

Even after actually pulling it, I couldn’t really find anything useful.

This was followed by something of a long meditation on the meaning or non-meaning of genpd and the importance of naming stuff descriptively.

On Wednesday, Larabell reported this:

“Following the comments by Linus Torvalds and other upstream developers, a pull request was sent out today for renaming the GenPD subsystem to simply ‘pmdomain’ for power management domain.”

So I guess that when Linus Torvalds talks, people listen, which just might be enough to make Torvalds the E.F. Hutton of the 21st Century.

That’s going to do it for this week. Until next time, may the FOSS be with you…

Breaking News: