Tuesday, October 13, 2009

LinuxCon videos and slides now available!

If you were unable to attend the first annual LinuxCon, but were excited about the subject matter, you're in luck. The Linux Foundation has released video and slides from some the LinuxCon presentations on their website.
To give you a sample of the content that is archived, here is a video of Mark Shuttleworth, CEO of Canonical and founder of the Ubuntu OS talking about coordinated software releases and the Linux ecosystem.

For the more technically oriented, The Linux Plumbers Conference video has also been uploaded, as well. Below is a video of Linus Torvalds giving an in depth tutorial on Git.

Additional video archives (synched with slides) are also available from Linux Pro Magazine. Some of these additional archives have additional fees.

Monday, October 12, 2009

Linux Journal article- Android OS and Palm Pre WebOS virtualization

Today, I was published on the Linux Journal website with an exclusive (two part) Tech Tip. The first Tech Tip describes how to get Google's Android OS easily running as a virtual appliance. The second Tech Tip will focus on getting Palm's WebOS running, which you may find out to be easier than you think. Part two is now out, as well. Enjoy!

Friday, October 9, 2009

Hulu announces Linux client!

This just in, folks! Hulu released a Linux desktop client with 32 and 64 bit packages for Ubuntu and Fedora. I had it downloaded, installed, and running in less than five minutes, and I encourage other Linux users to do the same!


Wednesday, October 7, 2009

VirtualBox 3.0.8 released!

Another maintenance release of VirtualBox (3.0.8) was released!
The changelog is below:
  • VMM: fixed 64 bits guest on 32 bits host regression in 3.0.6 (VT-x only; bug fixed in ... (closed)">#4947)
  • VMM: fixed a recompiler triple fault guru meditation (VT-x & AMD-V only; bug fixed in ... (reopened)">#5058)
  • VMM: fixed hang after guest state restore (AMD-V, 32 bits Windows guest and IO-APIC enabled only; bug fixed in ... (closed)">#5059)
  • VMM: fixed paging issue with OS/2 guests
  • VMM: fixed guru meditation in rare cases (2.0 regression; software virtualization only)
  • VMM: fixed release assertion during state restore when using the Sound Blaster 16 emulation (bug Fixed in ... (closed)">#5042)
  • Security: fixed vulnerability that allowed to execute commands with root privileges
  • Linux hosts: fixed runtime assertion in semaphore implementation which was triggered under certain conditions (bug Fixed in SVN/3.0.6 (closed)">#616)
  • Linux hosts: change the default USB access mode on certain distributions (bugs #3394#4291) and
  • Linux hosts: on hardened Gentoo, the VBoxSVC daemon crashed by opening the VM network settings (bug fixed in ... (closed)">#3732)
  • Linux hosts, Solaris hosts: pass the XAUTHORITY variable along the DISPLAY variable when starting a VM from VBoxManage or from the VM selector (bug #5063)
  • Linux hosts: use sysfs to enumerate host drives if hal is not available
  • Solaris hosts: fixed a bug which would hang the host sporadically as interrupts were not re-enabled everytime
  • Solaris hosts: fixed a kernel panic with bridged and host-only networking (bug #4775)
  • Solaris hosts: fixed incorrectly persistent CD/DVD-ROMs when changing them (bug #5077)
  • X11-based hosts: support additional function keys on Sun keyboards (bug ... (closed)">#4907)
  • Mac OS X hosts (Snow Leopard): fixed problem starting headless VMs without a graphical session (bug fixed in ... (closed)">#5002)
  • Mac OS X hosts: fixed problem listing host-only adapter names with trailing garbage (attached VMs won't start)
  • Windows Additions: now work with Vista 64-bit Home editions (bug #3865)
  • Windows Additions: fixed screen corruption with ZoomText Magnifier
  • Windows Additions: fixed NPGetUniversalName failure (bug Fixed in ... (closed)">#4853)
  • Windows Additions: fixed Windows NT regression (bug Fixed ... (closed)">#4946)
  • Windows Additions: fixed VBoxService not running if no Shared Folders are installed
  • Linux Additions: implemented ftrunctate (bug Fixed in ... (closed)">#4771)
  • VRDP: start VM even if configured VRDP port is in use
  • Networking: the PCnet network device stopped receiving under rare conditions (bug Fixed in SVN/3.0.8 (closed)">#4870)
  • VBoxManage: implemented controlvm vrdpport command
  • iSCSI: fixed issue with NetApp targets ( fixed in SVN/3.0.8 (closed)">#5072)
  • SCSI: add support for virtual disks larger than 2TB
  • USB: fixed potential crash when unplugging USB2 devices (bug Fixed in SVN/3.0.8 (closed)">#5089)
  • NAT: IPSEC did not properly work with Linux guests (bug fixed in ... (closed)">#4801)
The most interesting feature to me appears to be the implementation of the "VBoxManage controlvm vrdpport" command, offering another way to configure VirtualBox's internal RDP server for virtual appliances over the Remote DeskTop (RDP) protocol.

Linux-based Android phones coming to Verizon.

Android Wallpaper

Recently, Google and Verizon announced a landmark partnership to bring several Linux-based Android phones to the Verizon network, a great network that has seriously been lacking in high tech phones unlike T-Mobile (Android), Sprint (Palm Pre), and AT&T (iPhone), who have had high tech phones to peddle to their customers for quite some time.

Rumors contend that the first two devices will most likely be from HTC and/or Motorola. The current rumored list of upcoming Verizon phones includes the Motorola Sholes, HTC Desire, HTC Passion, and HTC Predator.

This is good news for Verizon customers, as it signals a movement in the direction of more 'open' phones, as opposed to previous policies that had been considered somewhat totalitarian. They are also promising "innovative applications" (Google Voice, perhaps?).

I will be watching these developments with interest as the phones are officially announced.

Monday, October 5, 2009

Phoronix benchmarks Ubuntu 9.10 vs. FreeBSD 8

Phoronix released some benchmarks of the upcoming Ubuntu 9.10, the Karmic Koala. The benchmarks compare it to FreeBSD 8. The Phoronix Testing Suite was used to develop the benchmarks. Although the official release date of Ubuntu 9.10 will not be until October 29th, these benchmarks show that the new version should be speedy and fun to use!

Warning! The Phoronix benchmark article is n i n e p a g e s long, so don't go to it if you aren't in the mood for clicking through ads to get to the article.

Friendly reminders about security

Remember this: "The fact that your rig runs Linux does not mean you're home free."
(quote source: Peter Hansteen, Norway)

Recently, the "That Grumpy BSD Guy" blog posted an article concerning the third wave of slow, low intensity distributed brute force attacks on Linux machines that is currently occurring across the world. The number of machines affected is relatively small- about 775, but the reason that it is working on these Linux machines is not necessarily the insecurity of Linux. The attacks are working only on machines that have Administrators with very poor security practices. As the original article states:

Most likely the perpetrators keep going because they occasionally succeed, and when they do, it's because every now and then they luck on a Linux machine with either

  • a maintenance regime that's disorganized enough that software with known and exploitable bugs is left in place for long enough to open the doors to undesirables, or

  • at least one user (whoever is manning root or any of the other user IDs we know they will be sniffing out later) with a guessable password and a system administration regime that lets weak passwords exist in the first place.

This post serves as a friendly, sobering reminder that although Linux is a wonderful, secure operating system, user and administrator carelessness can get you in trouble, regardless of what operating system you run.

Another example of good security circumvented by negligent user activity is when you see a shiny new Mercedes Benz, equipped with one of the best manufacturer security systems in the business (it includes internal motion sensors and towing sensors, among other features), sitting in the grocery store parking lot with the keys in the ignition and running while the owner shops for groceries because the grocery shopper doesn't want to wait for the car to warm up or cool off when they get back into the car.

How do we avoid being at risk?

  • Use good password security.
  • Keep your machines updated with security updates on a timely basis.
  • Disable unneccessary network services.
  • Be aware of current security issues, and respond accordingly.

This stuff isn't rocket science, people. Neither is good oral hygiene, though, and dentists have been struggling to teach that for years.

A list of the affected machines from the attack is available here. If one or more of these machines is yours, please (re-)secure them.

Slashdot has some informative user comments in response to this article, as well.