Linus Torvalds is taking a break. In an rc4
email update, he
writes about his scheduling mix-up with the kernel summit and having a
"look yourself in the mirror moment", and then (to summarize), he writes:
"hey, I need to change some of my
behavior, and I want to apologize to the people that my personal
behavior hurt and possibly drove away from kernel development
entirely.
I am going to take time off and get some assistance on how to
understand people's emotions and respond appropriately."
Following Linus Torvalds' apology for his behavior, the Linux Community
has announced it will adopt a "Code
of Conduct", which pledges to make "participation in our project and
our community a harassment-free experience for everyone, regardless of age,
body size, disability, ethnicity, sex characteristics, gender identity and
expression, level of experience, education, socio-economic status,
nationality, personal appearance, race, religion, or sexual identity and
orientation."
Purism launched the Librem
Key, the "first and only OpenPGP smart card providing a
Heads-firmware-integrated tamper-evident boot process". The Librem key is the
size of an average thumb drive, allows you to keep your secret encryption
keys in your pocket, and it alerts you if anyone tampers with your kernel or
BIOS while you're away from your laptop.
The key works with all laptops but has extended features
with Purism's Librem laptop line. You can order one from here for $59. See also Kyle Rankin's post
for more details on the Librem key.
Yubico announced
the launch of the YubiKey 5 series, which are the first
multi-protocol security keys to support FIDO2/WebAuthn and allow you to
replace "weak password-based authentication with strong
hardware-based authentication".
You can purchase them here for $45.
Google Chrome recently has begun automatically signing your browser in to
your
Google account for you every time you log in to a Google property, such as
Gmail, without asking and without notification.
See Matthew
Green's blog post for more information on the huge privacy implications
of this new practice.
Mozilla launched
Firefox Monitor, a free service that alerts you if you've been
part of a data breach. Enter your email at Firefox Monitor for a basic scan.
Tim
Berners-Lee, creator of the world wide web, announced his new project
Solid, "an open-source
project to restore the power and agency of individuals on the web". He
writes "Solid changes the current model where users have to hand over
personal data to digital giants in exchange for perceived value. As
we've all discovered, this hasn't been in our best interests. Solid
is how we evolve the web in order to restore balance—by giving
every one of us complete control over data, personal or not, in a
revolutionary way."
Microsoft has joined the Open Invention Network (OIN), an open-source patent
consortium. According to ZDNet, this means "Microsoft has essentially agreed to
grant a royalty-free and unrestricted license to its entire patent portfolio to
all other OIN members." OIN's CEO Keith Bergelt says "This is everything
Microsoft has, and it covers everything related to older open-source
technologies such as Android, the Linux kernel, and OpenStack; newer
technologies such as LF Energy and HyperLedger, and their predecessor and
successor versions."
The Libre Computer Project recently announced its new open-source, libre ARM
SBC
called La Frite. Phoronix
reports the new 512MB model will ship for $5 USD, or you can get the
1GB version for $10 USD. In addition, "the $5 ARM SBC is said to be 10x
faster than the Raspberry Pi Zero" and also includes real HDMI, Ethernet
and USB ports. La Frite, the miniature version of Le Potato SBC supported by
mainline Linux and Android 8, should be available in November 2018. See the Kickstarter
page for details.
Canonical announced that Plex has arrived in its Snap Store. You
now can download the
multimedia platform as a snap for Ubuntu, KDE Neon,
Debian, Fedora, Manjaro, OpenSUSE and Zorin. For more details, see the Ubuntu
Blog.
A grey-hat hacker is breaking into MikroTik routers and patching them so
they can't be compromised by cryptojackers or other attackers. According
to ZDNet, the hacker, who goes by Alexey, is a system
administrator and claims to have disinfected more then 100,000 MikroTik
routers. He told ZDNet that he added firewall rules to block access to
the routers from outside the local network, and then "in the comments, I wrote
information about the
vulnerability and left the address of the @router_os Telegram channel, where
it was possible for them to ask questions." Evidently, a few folks have said
"thanks", but many are outraged.