SUSE Linux joins in with Windows 8 secure boot plans

Well the Secure Boot saga keeps going on and on as Linux distributions far and wide decide how they're going to work around Windows 8's planned restrictions, and this week we heard from yet another project. 

It was SUSE Linux to speak out this time, and what it has proposed amounts in many ways to a hybrid approach between what we've already seen from Ubuntu and Fedora. 

"UEFI Secure Boot is a useful technology, making it harder for attackers to hide a rootkit in the boot chain," began Olaf Kirch, director of the SUSE Linux Enterprise department in SUSE Engineering, in a blog post on Wednesday. "At the same time, already the basics of its operation - establishing a single root of trust - conflict with the principles of Open Source development, which must be independent and distributed to work." 

'It's a smart solution'

 For those who missed it, Windows 8's Unified Extensible Firmware Interface (UEFI) will stipulate that only operating systems with an appropriate digital signature can boot. Both the Free Software Foundation and the Linux Foundation have weighed in with their own views on the matter. 

Yet there are two ways of working around those restrictions, Kirch explained.

"One is to work with hardware vendors to have them endorse a SUSE key which we then sign the boot loader with," he explained. "The other way is to go through Microsoft's Windows Logo Certification program to have the boot loader certified and have Microsoft recognize our signing key."

SUSE plans to use the shim loader originally developed by Fedora, Kirch said: "It's a smart solution which avoids several nasty legal issues, and simplifies the certification/signing step considerably," he explained.

That shim loader will load the GRUB 2 boot loader, verify it, and then load kernels signed by a SUSE key.

Two keys possible

On Thursday, however, Vojt?ch Pavlík, director of SUSE Labs, offered more detail. 

"We start with a shim, based on the Fedora shim, signed by either a certificate signed by the SUSE KEK [Key Exchange Key] or a Microsoft-issued certificate, based on what KEKs are available in the UEFI key database on the system," Pavlík explained.

In other words, two separate versions of the shim will be possible: one signed with SUSE's own key, similar to Ubuntu's approach, and one signed with a key provided by Microsoft, much as in Fedora's strategy. Either way, the shim will verify that the GRUB 2 boot loader is trusted using by default an independent SUSE certificate embedded in its body. In addition, however, the shim will also allow "Machine Owner Keys" (MOKs) to override the default SUSE key, Pavlík explained.

'A wonderfully elegant solution'

So, "GRUB 2, once loaded and verified by the shim, will call back to the shim when it wants to verify the kernel--to avoid duplication of the verification code," he added. "The shim will use the same list of MOKs for this and tell GRUB 2 whether it can load the kernel."

Because MOKs constitute a list and not just a single key, "you can make the shim trust keys from several different vendors, allowing dual- and multi-boot from the GRUB 2 boot loader," Pavlík concluded.

Implementation, of course, may prove more complicated, he added. Still, of paramount importance is that "you can freely modify GRUB2 and your kernel as an owner of a machine" as well as the fact that "the machine didn't get tivoized," he noted.

Red Hat developer Matthew Garrett - who originally called attention to all this back in September - has called SUSE's approach "a wonderfully elegant solution." In fact, "I suspect that we'll adopt this approach in Fedora as well," he said in a blog post on Friday. 

"I'm sure this isn't the last update, however, and it remains to be seen what route openSUSE will take. When more is announced, I'll keep you posted."

 CREDITS : http://news.techworld.com/operating-systems/3375505/suse-linux-joins-in-with-windows-8-secure-boot-plans/

Valve, Linux and the Windows 8 'Catastrophe'

Credits:http://www.technewsworld.com/story/75770.html

By Katherine Noyes
LinuxInsider
Part of the ECT News Network
07/30/12 5:00 AM PT

 

Love knows no bounds, as the old saying goes, and there may be no better example than the Linux community's feelings for Valve.

That, of course, dates back to the magical day in April when the gaming company announced it was bringing its Steam gaming platform to Linux at last, causing no end of jubilation in the Linux blogosphere.
Today, however, the flame of Linux geeks' love for Valve burns brighter than ever before. The reason? None other than a series of comments made by Valve cofounder Gabe Newell at the recent Casual Connect videogame conference in Seattle.
Newell's words may have focused on operating systems and technology platforms, but they fell like so many tender sweet nothings upon the Linux community's collective ears.

The Openness of the Platform'

"In order for innovation to happen, a bunch of things that aren't happening on closed platforms need to occur," Newell reportedly said. "Valve wouldn't exist today without the PC, or Epic, or Zynga, or Google. They all wouldn't have existed without the openness of the platform.
"We are looking at the platform and saying, 'We've been a free rider, and we've been able to benefit from everything that went into PCs and the Internet, and we have to continue to figure out how there will be open platforms,'" Newell added.
Swooning yet? Just wait for what comes next.

'Windows 8 Is a Catastrophe'

"We want to make it as easy as possible for the 2,500 games on Steam to run on Linux as well," Newell said. "It's a hedging strategy.
"I think Windows 8 is a catastrophe for everyone in the PC space," he added. "I think we'll lose some of the top-tier PC/OEMs, who will exit the market. I think margins will be destroyed for a bunch of people. If that's true, then it will be good to have alternatives to hedge against that eventuality."
In no time at all, Linux bloggers everywhere began tripping over themselves in their haste to proclaim their love.

'A Train Wreck'

"I've tried Windows 8, and I couldn't agree with Gabe Newell any more than I do," enthused Google+ blogger Linux Rants, for example.
"Windows 8 is a disaster, plain and simple," he added. "I'd recommend staying as far away from it as possible. If this travesty of an operating system is what it takes to push more users to Linux, we have Microsoft to thank for coming through on delivering that travesty."
That said, however, "Windows 8 doesn't exactly have Gabe Newell's best interests at heart," Linux Rants pointed out. "Valve's Steam is basically a software store, and as such, will compete directly with the Windows Store integrated into Windows 8. If done well, the Windows Store could spell the end for Steam."
Of course, "that's a huge 'if,' as everything else about Windows 8 is a train wreck," he concluded. "I think Steam is safe, and will give many Linux users out there a great opportunity to play their games without WINE."

'That Is Very Insightful'

Indeed, Newell "is not the first to say that about Windows 8, and hedging makes sense," opined Google+ blogger Kevin O'Brien.
Even more significant, however, "is that he says that innovation *requires* openness," O'Brien added.
"That is very insightful, and an attack on the basic idea of Windows," O'Brien pointed out. "I think that as time goes by, more and more companies are going to see that innovation really *does* require openness."

'They Become Less Appealing'

Similarly, "catastrophe might be a little strong, but it is only logical to hedge your bets," agreed Hyperlogos blogger Martin Espinoza. "As Microsoft predictably tries to tighten their grip further, they become less appealing to developers and publishers."
Linux continues to be a viable alternative, "but at the same time, the numbers of users continue to be less than impressive," he noted.
"Still, with many people only buying games through Steam these days, if they can get a significant number of developers (and development houses) to port their games to Linux, it is likely that they will have numerous customers," Espinoza predicted.
"I suspect the majority of these customers will not be new customers, but current Windows Steam customers who shift platforms," he added.

'Steam Is Huge'

And again: "Gaming is one of the niches where GNU/Linux has been excluded by developers," observed blogger Robert Pogson.
"Steam is huge," Pogson added. "If they port to GNU/Linux, many games will be available to GNU/Linux users."
Then, "when '8' flops, users of Steam needing a new PC may well choose GNU/Linux," he said.

'The Boost Linux Needs'

"Basically, Valve is looking at a future where getting their apps to consumers means going through Amazon, Apple, Google, Microsoft or Sony," suggested Roberto Lim, a lawyer and blogger on Mobile Raptor.
"It seems like they are a bit worried about that kind of future," Lim added. "The only platform which guarantees to remain open to apps direct from the publishers is Linux. Valve is supporting Linux to make sure it does not find itself locked in behind apps stores owned by other companies."
That, in turn, "could be the boost Linux needs to make a big splash in the desktop space," he concluded.

'I'll Probably Buy a Few Games'

Consultant and Slashdot blogger Gerhard Mack said he doesn't actually care about Valve's motivations.
"I'll just take it and probably buy a few games if they port some good ones," Mack said. "I'm tired of feeling like Linux is an afterthought when it comes to games."
In any case, Newell's comments couldn't have come as music to Microsoft's ears, noted Chris Travers, a Slashdot blogger who works on the LedgerSMB project.

'The Beginning of the Tipping Point'

"This is on top of Microsoft's shrinking Windows revenue and Dell announcing plans to offer Ubuntu on laptops," Travers pointed out. "It seems to be one thing after another for Microsoft these days.
"This may well be the beginning of the tipping point for the tech giant," he opined.
Meanwhile, the pace of change in desktop operating systems in general and user interfaces in particular "has become breathtaking," Travers observed. "Quite frankly, average users are left out in the cold. I am sure it will settle down again, but it will take some time."

Intel Releases 12.07 Linux Graphics Package

Like usual, the Intel Linux graphics package isn't some new software component release, but rather it's just what Intel recommends their customers and Linux distributions use for appropriate versions of the upstream Linux components to deploy when running Intel integrated graphics. 

The Intel 12.07 graphics package comes down to using the Linux 3.4.x kernel, Mesa 8.0.4, xf86-video-intel 2.20, libdrm 2.4.37, libva 1.0.15, and vaapi-driver-intel 1.0.17. They also recommend using X.Org Server 1.12.1 although the xorg-server isn't officially part of this "package" for Linux. Basically these are all the latest stable package versions available right now, although soon to be succeeded by Mesa 8.1, Linux 3.5/3.6, etc. 

Compared to the previous Intel Linux graphics package, these newer components provide RC6 power-savings (and performance improvements) for Sandy Bridge and Ivy Bridge, support for Ivy Bridge GT2 server graphics, general performance improvements, and many bug-fixes. There's also experimental 2D acceleration support for SNA and GLAMOR to complement the stock UXA 2D acceleration mode. 

Microsoft profits from Linux patent FUD

Microsoft has long made some nice cash from convincing Android vendors that they should pay them for Linux-related patents. Now, for the first time, a company that uses Linux on its servers. Amdocs has publicly paid off Microsoft for patents covering Linux. Mind you, there's never been any proof thatLinux violates any of Microsoft's patents. Despite that, several C level executives have made similar contracts and tell me that Microsoft has been shaking them down for Linux patent licensing agreements for years.

One involved attorney explained, “Microsoft has been doing this for years, although I don't know whether a patent cross license, as compared to a monetary payment, has usually been part of the deal.” An executive added, “ In our case we had no patents of our own. We had to sign an NDA [non-disclosure agreement] barring us from revealing any of the Microsoft's Linux infringement claims.” 

Why would a company do this? A C level executive told me, “We use a lot of Microsoft software as well, and it was cheaper than fighting with them over our contracts. We want to do business, not fight over legal claims that have nothing to do with us.” 

Another told me that, When Microsoft bought the Novell patents  in 2011, “We knew Microsoft had to share those patents under the GPLv2, but our in-house counsel thought that didn't mean that Microsoft still couldn't charge for their use.” So this business decided “It's just part of the cost of doing business with Microsoft if you use Linux in the data-center and who doesn't?”

This doesn't come as much of a surprise for those of us who've been following the business side of Linux. Jim Zemlin, executive director at The Linux Foundation, said, "Microsoft's patent license agreements are not news. The company is trolling for dollars and companies are compelled to settle for less money than it would cost to litigate with Microsoft.”

Zemlin continued, “The key to remember here is this: When Microsoft signs a patent license agreement with a company and that company uses Linux, it doesn't mean that the company concluded they needed a license for Linux. It only indicates that it concluded it needs a license to at least some of the Microsoft patents. Patent license agreements cover any and all technologies between the two companies. In the case of Amdocs: yes, they run their business on Linux servers, as most companies do today, but it is a mistake to conclude that Linux was the impetus for the licensing agreement. For Microsoft this is an attempt at another sound bite for a tired and dying FUD campaign."

Mark Webbink, a visiting professor of law at Duke University, executive director of the Center for Patent Innovations at New York Law School and former Red Hat agreed. “I don't think this is the first MS patent licensing deal covering Linux on servers, and like the others it is a licensing deal with a user, not a Linux 'developer/distributor. (d/d)'"

“What continues to fascinate me, Webbink said, “is that, with the exception of Novell, those d/d's remain license free. You would think if it really had something, MS would have asserted patent infringement against Red Hat a long time ago.”

This was, however, to Daniel B. Ravicher, Executive Director of the Public Patent Foundation (PUBPAT)  the first he'd “heard of MS asserting patents against users of Linux on servers, although it doesn't surprise me. They stopped innovating long ago, so all they can do now is try to become a leech on Linux. They'll have to take cheap payments or eventually go to court, and with the range of equitable defenses that can be asserted against them, including patent misuse, I think they'd have a tough road to hoe there.”

In the meantime, though, until some business decides to fight Microsoft's Linux patent claims, or Microsoft does after a Linux distributor, it appears that, just like with Android, Microsoft will continue to profit from unproven Linux intellectual property claims.


Credits&Full Story:http://www.zdnet.com/microsoft-profits-from-linux-patent-fud-7000001598/

Linux Mint 13 KDE released

The final release of Linux Mint 13 KDE is now available for download. Based on the KDE desktop version of Ubuntu 12.04, this is the current stable release and includes version 4.8.4 of the KDE Software Compilation. A part of the Mint 13 family, it has been created by the Mint development team starting from the main Ubuntu distribution. It is perfect for those who want Ubuntu or Mint on their machines but are not comfortable with Cinnamon or MATE, and feel that Xfce might be downsizing too much.

The ISO DVD installation image is around 900 MB in size and available in 32-bit and 64-bit versions. It is a hybrid ISO image, so you can either burn it on a DVD or copy to a USB Flash drive. You can simply download the image to the USB drive if you have a Linux system. Check out theRelease Notes and What's New documents for more details about the contents of this release.

Here’s a list of what’s included in Linux Mint 13 KDE:

Linux Kernel 3.2.0: Features support for all latest devices to make it work out-of-the-box on any device. You are not going to encounter any driver or screen problems with this release. Network problems, including Bluetooth and 3G cellular modem, are taken care of too.

KDE 4.8.4: The KDE 4.8 desktop is the highlight of this edition. It is powerful and flexible at the same time and carries the traditional charm that most users prefer on their Linux machines.

digiKam 2.5.0: digiKam 2.5.0 takes care of all your photo-management needs. Image editing, cataloging, tagging, geolocating, publishing/sharing and panorama creation are just some of the functions this program is capable of handling.

LibreOffice 3.5.3.2: Apart from Text, Spreadsheet, Presentation, Database and Drawing, LibreOffice 3.5.3.2 can also read MS Office documents and make PDF files.

Firefox 14.0.1: The latest version of Firefox ensures a hassle-free browsing experience.

GIMP Image Editor 2.6.12: GIMP Image Editor is for users who are deeply into photo editing and need something more expert and powerful than digiKam.

Gwenview 2.8.4: Gwenview is a photo viewer with some basic functions related to photo management. A perfect alternative for users who are not into complex photo editing or stuff like that. It simpy lets you view photos and organize them into albums.

Amarok 2.5.0: Amarok 2.5.0 is a feature-rich audio player to take care of your audio files.

Kaffeine 1.2.2: Kaffeine 1.2.2 is a media player with digital TV support.

VLC Player 2.0.1: VLC player is the preferred player for most of us when it comes to watching our favorite video. Of course, it has no problem doubling up as your audio player.

Credits: http://tech2.in.com/news/linux/linux-mint-13-kde-released/332552

Red Hat details next Linux and storage platforms for cloud, big data era

Red Hat is ramping up for the next generation data center by supporting Google’s Open Compute project, software-def ined networking advancements such as OpenvSwitch and OpenFlow and making steady advancements in the operating system, virtualization, storage and networking, company executives said at the summit this week.

Red Hat, for example, is optimizing its Linux, storage and virtualization software platforms to hook into Google’s Open Compute project to provide for a more agile and flexible data center, essential for cloud computing. Red Hat Enterprise Linux is ready for certification on Open Compute Hardware.

“Red Hat Linux is the foundation to ensure hardware enablement happens,” said Red Hat CTO Brian Stevens, noting that RHEL-based nodes can become more compute and network savvvy to better participate in elastic storage services. Later this year, Red Hat plans to debut live migration features to its storage platform.

During the weeklong summit, executives detailed how its next generation software will exploit important new virtualization and cloud technologies.

Red Hat Enterprise Linux 7 clusters, for example, will scale up to 200 hosts and expanded virtual PCI bridge support will enable thousands of PCI devices to be connected to each virtual machine, while the VMware limit is 60 per VM.

Additionally, the RHEL 7 NUMA-based balancing solution will offer new AutoNUMA and SchedNUMA features.

KVM, which is integral to the Linux kernel and Red Hat Enterprise Virtualization for Servers and Desktops, is now used by IBM, ebay, Qualcomm and Dutch Cloud. Red Hat claims the open source hypervisor recently achieved a world record IOPS benchmark and the next generation of Linux KVM will support Microsoft’s Hyper-V, sVirt security, QEMU sandboxing and secure wipe of retired VMs.

Storage is another major area of focus as the cloud and big data eras move forward.

On the storage front, Red Hat this week announced general availability of Red Hat Storage 2.0 based on its acquired Glusters technology designed for unstructured data. Version 2.0 offers a unified file and object store (REST API), geo-replication ailback and high availability or NFS and CIFS and OpenStack SWIFT as well as geo-replication and compatibility with more than 50 dual-socket x86 servers.

Red Hat now has in technical preview a new storage management console and Hadoop Plug-in and plans better support for storage resident applications (MapReduce), storage virtualization and file centric storage.

In the next 2.X Storage release, Red Hat plans to offer multimaster geo-replication and the new management console as well as NFS v 4 and Volume Snapshot. Beyond that, Red Hat is working on storage virtualization enhancements such as extending its virtualization platform and oVirt engine to manage storage pools and file centric storage.

For instance, Red Hat intends to leverage its Linux containers to run applications within storage nodes. This will enable highly scalable storage for unstructured data in physical, virtual and cloud deployments, company execs said.

Red Hat also plans to offer file centric storage support in its storage platform to allow for geo replication multimaster asynchronouous replication, write-once ready many capabilities, and multi-tenancy (with encryption security) capabilities should the storage pool be supporting multiple audiences.

Future generations of Red Hat Storage will also offer next generation of storage will also provide better web administration, a powerful search capability, better history and reports and better supportf or Samba and CIFS and possibly SMB 3.

On the OpenStack front, Red Hat is working on a SWIFT interface for Gluster, Gluster image store and replication support for OpenStack and making its OpenShift PaaS work better on OpenStack. The company is also working on a “Quantum” generalization on oVirt to enable interconnectivity between the storage and networking technologies of Red Hat and OpenStack work seamlessly.

Red Hat has Linux-based storage, cloud and middleware components and the big data movement is dominated by Linux deployments.

Big data is “very open source dominated and that puts Red Hat in a good position,” said Scott McClellan, senior dirctor at Red Hat, who notes that the company is optimizing Hadoop to run on Red Hat Grid.

Credits: http://www.zdnet.com/blog/open-source/red-hat-details-next-linux-and-storage-platforms-for-cloud-big-data-era/11439

Red Hat Summit 2012

Red Hat is this week hosting its Red Hat Summit and JBoss World 2012 developer symposium in the city of Boston, Massachusetts.

The company has been more than vocal in the run up to the event's opening 'pre-keynote', as delivered by VP & GM for middleware Craig Muzilla.

Muzilla along with Red Hat CEO Jim Whitehurst talk with almost aggressive assertion about this being the "time of the season" for Linux as we now see long time open source partner IBM push out more Linux units at the enterprise level than ever before.

Could this be the perfect storm for Linux now then?

To be clear, while many IT industry commentators suggest that Windows 8 will not be as well received as Microsoft would have liked -- and with Java Enterprise Edition and the enterprise level Linux stack including middleware now well out of its adolescence and into mature adulthood... this may be the moment that Linux (and enterprise Linux at that) comes of age.

Red Hat for its part is pushing deep into Java Platform-as-a-Service territory this week with the announcement of JBoss Enterprise Application Platform (EAP) 6.0, which (as an open source Java PaaS solution) will allegedly help "usher in" an era of cloud-enabled application servers for HTML5, mobile and enterprise.

EAP 6.0 is available as a developer preview in OpenShift's free introductory offering via OpenShift.com, creating what Red Hat likes to label as the "industry's first enterprise-grade Java PaaS" no less.

According to Red Hat, "The combination of JBoss EAP and OpenShift validates the importance of openness and hybrid cloud computing. The hybrid cloud is one of the fastest-emerging and most important trends that we strongly believe empowers and preserves open choices for our customers."

Red Hat says says supports a philosophy and strategy for the cloud based upon:

• Flexibility - in terms of a choice of deployment models i.e. on-premise (private), virtualized or in a public or private cloud infrastructure.
• Cloud portability without lock-in - i.e. the ability migrate deployments to the cloud location and type of choice at all times
• Spanning & connecting clouds - for customers running multiple cloud environments concurrently

Secret (middleware) sauce?

So how will all these technologies be underpinned and woven together? Red Hat for its part is banking on the (also announced this week) JBoss Enterprise BRMS 5.3 iteration, which includes "situationally-aware" active decision enterprise Business Rules Management System (BRMS) functions.

"The ability to execute business rules, processes and complex events is the cornerstone to building a highly-intelligent, well-integrated enterprise. JBoss Enterprise BRMS 5.3 drives our customers toward this goal by helping them become more intelligent and agile. It includes a powerful combination of features that, together with our affordable subscription model, offer an enormous amount of business value," said Muzilla.

So the future is open source, the future is complex event processing, the future is the "Internet of things" and connected devices, the future is business process management (BPM) software and the future is open clouds -- it is ALL of these things we are told.

Is Red Hat biting off too big a chunk of the enterprise IT space?

Or has (enterprise) Linux truly come of age?

Credits: http://www.computerweekly.com/blogs/open-source-insider/2012/06/red-hat-summit-2012-linux-comes-of-age.html