Description :A little confused about what's what with Cloud Foundry, OpenStack and Mesos? Let the Linux Foundation help you with its new guide to open-source cloud technologies.
I make my living from riding technology's bleeding edge. In particular I keep an eye on what's what with Linux and open-source software, but even I have trouble keeping track of what's going on with the open-source cloud technologies. Which is why I'm happy to welcome The Linux Foundation's 2015 report: Guide to the Open Cloud: Open Cloud Projects Profiled, which will be released on January 20th.
According to the Foundation, "The purpose of this guide is to serve as a starting point for users considering which projects to use in building and deploying their own open clouds. Taking a deeper look into cloud infrastructure, the paper includes storage, provisioning and platform projects. New categories outline emerging cloud operating systems, Software-defined Networking (SDN), and Network Functions Virtualization (NFV) technologies"
In a statement, Amanda McPherson, The Linux Foundation's CMO said, "Our new 'Guide To the Open Cloud" is a helpful primer for any organization beginning a migration to the cloud or moving toward web-scale IT. Open source and collaboration are clearly advancing the cloud faster than ever before. Just consider the many OpenStack distributions and ecosystem emerging around Linux containers that didn't even exist a year ago. Yet, as the open-source cloud evolves so quickly, it can sometimes be difficult for enterprises to identify the technologies that best fit their needs."
This is a follow-up to the Foundation's October 2013 cloud guide. Much has changed since then. For example, Docker, the most popular open-source container technology, was barely known then.
This guide, according to its introduction, "is to serve as a starting point for users considering which projects to use in building and deploying their own open clouds." It is not a comprehensive overview of all cloud-related, open-source software. Instead, it's a curated listing of those open cloud projects that the Foundation believes "will continue to drive innovation in enterprise IT in the coming year."
The projects that made the cut have superior relevance to the open cloud, maturity and visibility. In particular, open-source programs that have a large number of contributors, code commits, and are already starting to be used in the enterprise were picked for this listing.
In short, if you're serious about using an open-source cloud, these are the programs that you should seriously consider using.
Summary:Ubuntu 12.10 (Quantal Quetzal)
is shaping up to be a controversial release, with a solution for
dual-booting with Windows 8 and a new online scope for Dash search
providing Amazon shopping suggestions.
GNOME and Windows 8 developments have resulted in some controversial
changes for Ubuntu 12.10 (codenamed Quantal Quetzal), which has now
reached the Beta 2
stage. Fortunately, solutions now seem to be in place in time for the
18 October release to proceed as scheduled. Canonical has generated
further controversy by introducing online scope results, specifically
from Amazon, into the Dash search.
GRUB 2 boot loader The adoption of the UEFI (Unified Extensible Firmware Interface) secure boot by Microsoft complicates the issue of running Linux and Windows 8 as operating system choices on multiple boot systems. Previously, Canonical had considered using the Intel efilinux loader
because of possible legal problems over the terms of the GRUB GPLv3
licence. Now these problems seem to have been resolved and present plans
are for Ubuntu 12.10 to use Microsoft-generated keys with a signed
version of GRUB 2.
The GRUB 2 menu has been streamlined, with boots from earlier kernel
versions now being assigned to a secondary page rather than listed on
the first page.
The login prompt
The login prompt now includes an option for remote desktop access, so
it's not even necessary to log into your local copy of Ubuntu. If
you've set up an Ubuntu Remote Login Account, the Remote Login gives
access to any remote machines you've added to that account, which appear
as entries in the login prompt.
The Nautilus file manager
The GNOME developers have decided to slim down the latest version
(3.6) of the Nautilus file manager, so that it sits more sensibly within
GNOME 3. Unfortunately, Nautilus 3.6 no longer provides the features
felt to be essential to Ubuntu, and so — as already reported in our Beta 1 preview — Ubuntu 12.10 sticks with Nautilus 3.4.
The 3.5 Linux kernel : As usual with Ubuntu, the Linux
kernel shipped with the new release is updated, to a tweaked kernel
based on the 3.5.3 upstream version. Key Linux kernel 3.5 features
include: improved support for DisplayLink monitors and the hybrid
graphics technologies mainly found in notebooks; performance monitoring
support through uprobes;
and the elimination of the cause of the 'leap second' bug. There's also
improved support for FireWire hard disks, while the move to X.org's X Server 1.13 should deliver a general improvement in graphics performance.
Unity 6.6 : Two of the biggest changes in Quantal Quetzal,
already introduced in Beta 1, are the addition of the Unity Dash preview
feature and the removal of the Unity 2D shell to simplify Unity
development.
The Ubuntu developers have been busy porting the OpenGL compositing manager, compiz — and therefore the Unity shell — to GSettings,
the GNOME high-level API for application settings. As a result, Unity
2D has been dropped because the metacity patches won't be ported, and
Unity 2D isn't maintained to port from gconf to GSettings.
New Dash, More suggestions : New online results have been
added to Unity Dash. Entries in the Dash search bar now generate results
from Amazon and Ubuntu One in a 'More suggestions' category in the Dash
display. For example, typing in 'Fir' (en route to 'Firefox')
also generates hits for a Kindle Fire and, among other odd results,
various music download links via the Ubuntu One cloud service.
Following the addition of game, book and magazine recommendations to
the Ubuntu Software Centre, this further move 'to the dark side' of
commercialisation has already provoked a strong response. Mark
Shuttleworth has responded to the criticisms in a blog posted on 23 September.
Canonical's motivation for adding online scope to the appropriate
lenses is that any Amazon purchase made via Ubuntu's servers generates a
small percentage of revenue for Canonical through the affiliates
programme, helping to fund further Ubuntu development.
The most recent news on this feature suggests that the final release may include an easy way to turn it off.
Software Updater :
The Software Updater has been simplified and removed from the
System control menu (accessed through the gear icon at the extreme top
right of the display). Software Updater is now treated like any other
application and is accessed via Dash. On launching, rather than
requiring the user to initiate checks by clicking on a Check button,
Software Updater now immediately checks for updates. The status display
is simpler and smaller and shows just a moving status bar. With checks
complete, details of the available updates are displayed. By default the
technical descriptions of the updates are not shown. To install any
available updates, users must confirm by clicking the Install Now
button.
This
status display appears immediately the Software Updater is launched.
Clicking Stop gives access to the Settings button without waiting for
completion of the update process.
Once the update process has completed, the list of available updates is displayed.
This message appears once the update process completes. The update settings can be accessed from here.
The
tabbed update settings (titled 'Software Sources') dialogue loses the
Statistics tab, but now includes an Additional Drivers tab. Additional
Drivers no longer appears in the System Settings panel.Messaging menu :
If there are no messaging related applications installed, such as
Gwibber or Empathy, the Messaging menu now hides. Chat status is
displayed via a new indicator at the bottom right corner of the
Messaging envelope icon. New versions for the bundled applications :
A new Linux distribution release is always an opportunity to update
to more recent versions of the bundled applications. In Ubuntu 12.10,
for example, LibreOffice is incremented to version 3.6.1.2 and —
although it's not installed by default — GIMP to version 2.8.
Conclusion : The indications from Beta 2 are that the
release of Ubuntu 12.10, scheduled for 18 October, may make more of a
splash than initially expected. According to the release schedule,
further development freezes with the second beta, from which point only
bug fixes and polishing should occur before the final release. However,
there may be further adjustments to features such as the Amazon results
for Dash search. Look out for our review of the final release in
October.
Summary:After several delays, openSUSE 12.2 has finally arrived and it's mostly good news. But along with all the positive experiences, you should watch out for a problem with Grub 2.
It's been over a week now since openSUSE 12.2 was released, and I have been installing it on the various netbooks and laptops around me. It has worked just fine on everything I have tried so far, and my intention was to write a glowing summary of how easy it is to install and how well it works. Then, over the weekend I ran into a small hitch. But first, the good news.
The openSUSE 12.2 submission is available in the regular wide range of variations — KDE and Gnome 3 Stay pictures, and a full-blown 4.7GB Installation software picture. The conventional KDE pc is proven above in a show shot taken on my HP Pavilion DM1-3105EZ sub-notebook, which has a 1,366x768 show.
However, all is not natural and favourable with this submission — well, mostly natural, as seen above, but not entirely favourable. This submission seems to have knowledgeable a particularly challenging growth pattern. There were several setbacks in the routine, what showed up to be a finish quit in growth to re-establish a hold on the procedure and any launch missing the incorporation of a lot of program up-dates.
The most apparent outcome of these problems is that after you set up from one of the live pictures, it is essential that you then run apper or yast to set up the newest up-dates. That upgrade procedure will take a excellent 30 minutes or more because there are so many up-dates to set up.
Once that is done you will have latest variations of fairly much everything, such as Linux program kernel 3.4.6, KDE 3.8.5, Chrome 15.0, digiKam 2.6.0 and such.
I can't create about openSUSE KDE — or any other KDE submission for that issue — without referring to my preferred minilaptop pc, which is involved with the conventional KDE submission. Here is a show shot of that pc, taken on my Acer Desire One 522, which has a 1,024x600 show resolution:
If you have a minilaptop or sub-notebook, there are so many factors to use Linux program instead of Windows seven Stupor Version, such as better performance, no absurd irrelavent restrictions such as not being able to modify the background or not being able to use an exterior observe with an prolonged pc. This amazing KDE minilaptop pc is another fantastic purpose.
But there is one serious issue with the conventional openSUSE 12.2 set up, which I didn't run into the first few periods that I set up it.
I choose Heritage Grub to the more latest Grub 2, because I discover it simpler to set up and sustain. I think that Grub 2 is over-complicated for my requirements, and I like the openSUSE cartoon start show. So I'm in the addiction of modifying the bootloader choice in the openSUSE set up from Grub 2, which is the standard, to Grub.
This previous few days I made the decision to take a look at Grub 2 again, to see how it has designed since the before I tried it. Unfortunately, I ran into a very huge issue. It did not set up on my HP DM1 program, stressing about not being able to finish the mkinitrd control.
That issue seemed unusual and unlikely to me, because I had already set up it on my Acer AO522 with no issue. But another try created the same outcome — and re-installing on the Acer prevailed again. Very unusual.
It changes out that the issue is that it does not effectively acknowledge and assistance the AMD Radeon HD 6310 visual operator in the DM1, but it manages the Radeon HD 6290 operator in the Acer just fantastic. The remedy is to modify the Bootloader from Grub 2 to Grub in the ultimate set up phase. Then everything performs well.
Modern company vocabulary gem: TAM, Complete Addressable Industry. AMD seems that Windows 8 comes with a lot of the things, so it recognizes no professional need to create its approaching product processor -- codenamed Hondo -- perform awesome Android operating system as well. Discussing to The Inquirer, company VP Bob Buckle said it was a "conscious decision" not to go after interface with Google OS, because AMD doesn't want to propagate itself into "other marketplaces." What could this mean for us tablet-buyers? No dual-booting Windows / Android operating system miracle on AMD gadgets, for one factor, which is perhaps a pity now that ASUS has displayed off the combo's prospective. However, Buckle created it obvious that Ford will assistance A linux systemunix, which -- for now, at least -- is more than can be said of Intel's competing low-power rubber, Clover Pathway.
There is one, slightly more devious, technique that websites can use to identify you. This is by amalgamating all information about the capabilities of your browser and system into a digital fingerprint.
Because of the amount of information that your browser will, if asked, reveal about you, this fingerprint can often be used to uniquely identify you to a site. Once again, the EFF is active in this area, and hosts a website to help you understand what your fingerprint is.
Point your browser to panopticlick.eff.org to see how unique you are. At the time of writing, more than two million people had used the site to check their browsers, and we still found that most of our machines could be uniquely identified. This means any website could track us even without cookies, LSOs or any of the other storage techniques.
At the moment, this is a theoretical vulnerability, and there have been no known cases of browser fingerprinting in the wild. If you're concerned about being tracked this way, the best way to prevent it is to stop scripts from running. This reduces massively the amount of information that a website can use to form the fingerprint.
The NoScript extension for Firefox provides an easy way to control which scripts run on a site. However, this will severely limit the function of many interactive websites. Web pages are made up of a number of different elements that your browser reassembles to make a single document. These elements may come from many different places, organisations and servers.
Any of these could contain some degree of monitoring using a technique called web bugging (also known as web beacons or pixel tags). These use images to generate HTTP requests that log your activities with a different server to one hosting the website. These potentially could be able to track you using browser fingerprinting, but they're also used more widely. They're not restricted to web pages, and can be used in any HTML document.
Most commonly, they're used by spammers to identify active email addresses. If you open an email containing one of these images, the spammer will be able to identify that you're checking the address, and can be persuaded to open spam emails. Fortunately, most email clients and web mail providers disable image loading by default.
Locating :
When you connect to the internet, your service provider assigns you an IP (Internet Protocol) address. This tells web servers and other computers you communicate with where to send the information. Any computer you interact with online can tell which IP address you use.
From this, they can find out some information, mainly your service provider and approximate location. Check out www.hostip.info to find out what you're transmitting to the world. Since IP addresses change periodically, web servers can't get closer to you than this. However, government agencies can force your service provider to reveal which subscriber was allocated to which IP address at what time. In short, they can link an online act with a physical computer.
For example, in April 2004 Shi Tao, a Chinese journalist, emailed the Asia Democracy Foundation with details of the Chinese Government's attempts to stifle news reports on the 15th anniversary of the Tiananmen Square massacre via Yahoo web mail. His government got the IP address he used from Yahoo, and since the ISP was state-controlled, could find out exactly where it was sent from. In November, he was arrested, and in March 2005 he was sentenced to ten years in prison.
To protect yourself from this level of scrutiny, you need to make sure that there's no link between you (and your IP) and the server you're communicating with. Simply encrypting your communication isn't enough, because it still allows the server to know who sent it - it just prevents eavesdroppers.
You can achieve the necessary privacy by passing your data through a series of encrypted relays. This technique is called onion routing, and has been implemented by the Tor Project
Step one: Communicate with the Tor directory server, which will reply with three random relays.
Step two: Encrypt your data with keys for each of the relays.
Step three: Send this encrypted package to the first relay. This server knows your IP address, but doesn't know what you're doing, since your data is encrypted with the keys to the other relays. The only piece of information they can access is the location of the second relay.
Step four: The first relay sends the encrypted package to the second relay, that can only decrypt the location of the third relay. This computer knows the location of the other two relays, but not your IP or what you are trying to communicate with.
Step five: The second relay sends the encrypted package to the third. This computer can decrypt your message and send it out of the Tor network on to the intended recipient. The third relay can see the final recipient of your data (and if you're using an unencrypted protocol, the actual data), and the location of the second relay, but he doesn't know your identity.
Step six: The recipient gets your request as though it had come from the third relay. They don't know your identity, or even that there is someone hidden behind the third relay. They respond to the third relay.
Step seven: The third relay passes the information back to you through the Tor network in the same manner as you sent it. No one on the network knows both the identity of the original sender, and the recipient.
However, Tor is an anonymisation system, not an encryption system. While the data is encrypted as it passes through the relays, once it leaves the network, it's no more or less secure than any other information on the internet. To keep your data private, you need to use the same precautions you would if you were not using Tor - ie use one of the encrypted protocols listed on the right of table one.
Sounds complicated? Fortunately, the Tor Project has put all the necessary tools in a single package with a secure version of Firefox. It's on the disk, or available from www.torproject.org - just unzip the file and run start-tor-browser. It will connect to the network and open a secure browser.
If you are on the run (in any sense of the phrase), you can browse securely via Orbot for Android or Covert Browser for iOS. There are potential statistical attacks against the network. For example, if an organisation can see all the data going into the network, and all the data coming out of it, the timing and quantities of packets may reveal which user sent what. However, due to the worldwide nature of the system, this would require co-ordinated and systematic monitoring across many countries.
You may think that using an internet account not linked to a physical location - such as mobile or satellite phones - will improve this situation, but it does the opposite. Mobile phone signals can be triangulated, and many satellite phones include the GPS co-ordinates of the phone in the connection to the service provider.
Polish firm TS2 sells a product that can pinpoint a satellite phone user: www.ts2.pl/en/News/1/151. It's possible that technology similar to this was used by the Syrian regime to target and kill journalists in Homs earlier this year.
Some regimes, most notably in China, appear to have taken steps to stop their citizens accessing Tor. The simplest way of doing this is to download a list of Tor relays and stop all connections to those machines.
To allow users to bypass this, Tor has introduced a series of bridges. These are routes into the network that aren't published. A game of cat and mouse has now begun between the Tor Project and organisations trying to block access to the anonymisation service.
Like many community-based projects, Tor needs volunteers. However, unusually for a free software project, programmers are not the most needed people. Running a relay or bridge will help keep people anonymous.
Translators and people working in advocacy are also in demand. To see how you can help people maintain both their privacy and freedom of speech, check out www.torproject.com/getinvolved/volunteer
Disk encryption :
If you're interested in privacy, then the chances are you use full disk encryption. If you don't then you may wish to consider it. It's easy to set up, usually just a tickbox during the distro install, and on a modern system the performance penalty should be minor for most purposes.
Note that partial disk encryption is considerably less secure - in issue 154 we showed one of many methods for circumventing it. Modern encryption methods using algorithms such as AES are unbreakable without the passphrase, provided a sufficiently long key is used (AES-128 should be considered a minimum. If the CIA is on your tail, then AES-256 is better).
There are a few methods a government agency can use to acquire this passphrase. Unfortunately, the easiest (for them) is torture. The second easiest is to try to guess your passphrase using a dictionary attack. However, let's assume that you've picked an unguessable passphrase, and managed to jump out of the window and flee when the knock at the door came. Your secrets will be safe, right?
Well, not quite. When you're using an encrypted drive, the computer stores the decryption keys in the memory. If they smash through the door just in time to see the computer shutting down, they could put a memory scrubbing tool in your computer and restart it.
Contrary to popular belief, the RAM in your computer isn't wiped when it's powered off, just very soon afterwards. Researchers at Princeton were able to steal encryption keys from the memory of restarted computers. The tools they created to do this are available from https://citp.princeton.edu/research/memory.
If you only locked or suspended your computer, then the situation's even worse. In these cases, the spooks will have time to freeze the memory before rebooting it (or transferring to a computer set up to scrub the memory).
At room temperature, memory typically becomes unusable after a few seconds. If it's frozen to around -50˚C (which is achievable using cheap aerosols), that time increases to several minutes. To avoid this style of attack, you need to stop them being able to access usable memory.
Don't leave your machine locked or suspended. If you have valuable information on it, turn it off. And prevent booting from devices other than the hard drive without a password. This will stop them booting straight into a tool such as the Princeton researchers' USB scrubbing tool. By the time they've managed to bypass your BIOS's security, the memory will be useless.
Using longer encryption keys will also help, since slight errors often creep in during the scrubbing process. The longer your key, the more of these errors it's likely to pick up.
If the men in black are really on your tail, then you could consider running your laptop without its battery. This means that you have only to pull out the power cable before running away.
How Linux Can Help You Protect Your Privacy Online :Parts
Using SSL will keep your data safe from eavesdroppers, but what if the companies that you're communicating with are spying on you?
Google, Facebook, Twitter and others have built business models out of providing users with a free service in return for information about you. This information can then be used to target advertisements at you.
Twitter has even gone a step further and sold users' tweets to market researchers. Some people may consider this a fair trade, but privacy campaigners are becoming increasingly concerned about the shear quantity of data these companies are holding about us. And this data goes way beyond what we voluntarily hand over to them.
Both Google and Facebook have established relationships with literally millions of other websites to help them track your movements around the web using cookies. These may sound like tasty treats, but are actually pieces of information stored on your computer to help sites identify you when your browser reaches them.
To find out just how much these companies are tracking us, we can use Wireshark to monitor our network connection and watch for the cookie data being sent back.
Start Wireshark and capture on your main network interface. In the filter box enter http.cookie
This will now show only packets that relate to cookies that are being sent to web servers. To display a little more of the information that is being acquired, go to the middle pane and click on the arrow next to Hypertext Transfer Protocol.
There are two sections in here that allow the web company to track us: the host and the referrer. Right-click on each of these and select Apply As Column. This will then add these fields to the main view.
Each of these two domains allows the host (the organisation receiving the cookie) to monitor your activity on the referrer. In addition to this, the host uses a unique ID to track your activity between sessions. Google uses its advertising services to monitor what we do, whereas Facebook uses its Like buttons.
There's no way of knowing exactly what these companies are doing with the data they collect - we can see only what they're receiving.
Fortunately, most browsers allow you to control cookies. Depending on your personal feelings, you may choose to limit cookies to certain websites (where they can be useful to remember preferences), or block them completely.
If you use Firefox, go to Edit > Preferences > Privacy, and change Firefox Will to Use Custom Settings for History. If you untick Accept Cookies From Sites, Firefox will not store any cookies.
To do the same in Chromium go to Preferences (the spanner by the address bar) > Under the Bonnet and change Cookies to Block Sites From Setting Any Data. In Konqueror, this can be done through Settings > Configure Konqueror > Cookies and unchecking Enable Cookies. For lightweight KDE users, it can be done in Rekonq by going to Settings (the spanner by the address bar) > Network > Cookies and unchecking Enable Cookies.
As well as allowing you to completely block cookies, both Firefox and Chromium give you the option of blocking third-party cookies (In Konqueror and Rekonq, this is Only Accept Cookies From Originating Server). This means they block cookies from domains other than that of the current website. If you do this, websites can store data about you, such as your preferences, and can track your movements within the site, but other sites won't be able to follow your movements once you leave the domain. This will stop companies from tracking your movements across the web.
If you set this up, then run cookie tracking in Wireshark, as was done above, you will see that the referrer and the host are always the same domain. For many users, this will be a happy medium of letting cookies do their original purpose - letting sites use them to recognise returning viewers - but blocking organisations from following their online movements.
Cookies aren't the only way that websites can track you. Even if you have browser cookies disabled, sites can still store tracking information on your computer using Locally Shared Objects (LSOs). These function exactly like cookies, except that they're accessed through Flash rather than directly through your browser.
To view and control what websites are using these, go to Macromedia's Website Storage Settings Panel.
Webmasters intent on tracking you can use a combination of techniques to create zombie cookies. These store the same information in more than one place so that when you destroy one, they regenerate using the others. For example, if you delete all browser cookies, the website can recreate the cookie from an LSO, and visa versa. As long as one of these remains, all the others can regenerate.
Samy Kamkar has taken this to the extreme at samy.pl/evercookie, where he uses 12 different methods to resurrect the data! We think running the NoScript extension for Firefox should prevent this type of cookie from working, but it also disables the method of testing it! We found that neither Private mode in Firefox, nor Incognito mode in Chromium were able to prevent this.
If you need to be sure that your web browsing isn't being tracked across sessions, the best solution is to use a non-persistent system. That is, a system that doesn't carry any information over from one session to the next. You can still be tracked during a browsing session, but not between them.
For Linux users, the most obvious option is a live DVD. This doesn't have to be a physical disc running live - an ISO running in a virtual machine will do the job. This means that all data that the websites can use to track you is reset each time you restart the virtual machine. You can also run more than one virtual machine simultaneously to prevent anyone linking two sessions.
If it ever comes into being, a live version of Boot To Gecko would be a particularly convenient way to do this, but this is still in development.
How Linux Can Help You Protect Your Privacy Online :Parts
You're not paranoid - they really are watching you. Criminals, web companies and governments all have a reason to spy on your online life, and the methods that they use are becoming increasingly sophisticated.
2011 was the most dangerous year to be an online citizen, particularly if you happened not to agree with everything your government said. 199 people around the world were arrested or detained because of content they posted online. Many are still languishing in jail.
The offending information ranged from exposes of environmental damage to religious instruction and criticism of unelected autocrats.
In addition, there has been a recent increase in the use of netizens' information by web companies. Privacy policies have been extended, and Twitter now sells the rights to users' data.
Some of the self-protection methods shown here will have an impact on how you can use a computer. For most people, implementing all of them would be over the top. What we're aiming to do here is show you who can find out what about you, and how to stop them.
What you do with that information is, of course, up to you. Whether you are concerned about the scale of information gathered by web companies, or you are hiding from a corrupt government, read on to find out how to keep your data yours.
You can find out just how much information you're revealing to the world using Wireshark. This tool captures all information passing through your network interfaces and allows you to search and filter for particular patterns. It takes information from your network interface, so any information displayed in it is visible to other (potentially malicious) people on the network.
Wireshark should be available through your package manager, or from wireshark.org. Once installed, you can start it with: sudo wireshark
You will get a message telling you that you've started it with super user privileges and this isn't a good way of doing it. If you plan on using the tool a lot, you should follow their guide on a better set-up, but for a one-off, you can ignore this
Click on your network device in the interface list (probably eth0 for a wired network and wlan0 a wireless) to start a capture. As soon as you start using the network, the top part of the screen will fill with variously coloured packages. The tool has a filter to help you make some sense of this multi-coloured mess.
For example, you can keep a prying eye on duckduckgo.com searches using the filter: http.request.full_uri contains "duckduckgo.com?q" If you now do a search using http://duckduckgo.com, it will appear in the list, and the search term will be in the Info column.
A similar technique could be used on any of the popular search engines. You may not be concerned about people being able to read your search terms, but exactly the same technique can be used to pull usernames and passwords that are sent in plain text.
For example, most forums send passwords in plain text (because they're not a serious security risk, and secure certificates can be expensive). The www.linuxformat.com forums are set up in this way.
To sniff LinuxFormat.com passwords, fire up Wireshark and start a package capture using the filter: http.request.uri contains "login.php" When you log in to www.linuxformat.com/forums/index.php (you will need to create an account if you don't already have one), the filter will capture the packet. The line-based text data will contain: Username=XXX&password=YYYY&login=Log+in
How many computers are you sharing this information with? Depending on your network set-up, probably every other computer on the LAN or Wireless network.
As well as these, every computer that sits in the route between you and the server you're communicating with. To discover what these are, use traceroute to map the path the packets take.
If your computer's behind a firewall, you may find that this just outputs a series of asterisks. In this case, you can use a web-based traceroute such as the ones indexed at www.traceroute.org. This list is a little out of date, and not all of the servers are still hosting traceroute, but you should be able to find one that works in your area.
Do you know who's running these computers? Or who has remote access to them? Do you want these people to be able to see everything you do online? If you use services with unsecured passwords (and there's no reason you shouldn't, as long as you understand the implications), then it's important not to use the same password for a secure service.
The most basic piece of the web privacy puzzle is the Secure Sockets Layer (SSL). This rather obscure-sounding protocol is a way of creating an encrypted channel between an application running on your computer and an application running on another computer.
For each insecure network protocol, there's a secure one that does the same basic task, but through an SSL channel.
Any time you use an insecure protocol, an eavesdropper can read what you send, but if you use a secured one, only the intended recipient can see the data.
For web browsing, it's HTTPS that's important. As we saw before, many computers can read what we send in HTTP, but if we perform the same test again, but using duckduckgo's secure web page - https://www.duckduckgo.com (note the s) - then you will find that the information does not appear in Wireshark.
Some web browsers show a padlock when connected to a secure website, but this can be spoofed easily using favicons. If you're unsure, click on the icon. A legitimate padlock will open a pop-up telling you about the security on the page.
Of course, this ensures only that the information can't be read as it's being transmitted between your computer and the server. Once there, the organisation running the server could pass it on to third parties, or transmit it insecurely between their data centres. Once you send information, you lose control of it.
Before hitting Submit, always ask yourself, do you trust the organisation receiving the data? If not, don't send it.
HTTPS is a great way to keep your web browsing private. However, because of the way it has been bolted on top of HTTP, it isn't always easy to make sure you use it. For example, if you use https://www.google.com to search for 'wikipedia', it will direct you to the HTTP version of the encyclopaedia, not the HTTPS version.
The Electronic Frontiers Foundation (EFF), a non-profit dedicated to defending digital rights, has developed an extension for Firefox that forces browsers to use HTTPS wherever it's available. A Chrome version is currently in beta. Get this from https://www.eff.org/https-everywhere to keep your web usage away from eavesdroppers.
Like all forms of encryption, SSL has a weakness, and that's the keys which are stored in certificates. Just as a hacker can easily get in to your accounts if they know your password, they can easily eavesdrop on SSL encrypted data - or spoof it - if they can trick your computer into using their certificates.
You should be able to view the current certificates and authorities in your browser's security settings, but it isn't always easy to identify things that shouldn't be there. Here, live distros come to the rescue, since you can carry a trusted operating system with you and use that whenever you are at a computer of dubious provenance.
How Linux Can Help You Protect Your Privacy Online :Parts
There's possibly bad information forward if you're expecting to remove the generate on that upcoming HP Envy X2 and load Ubuntu -- Apple allegedly stated at IDF that Clover Trail-based Atom processor chips "cannot" manage A linux systemunix effectively. As defined in The Inquirer's consideration of activities, the problem is more a issue of marketing than an overall block: A linux systemunix doesn't yet know how to deal all of Clover Trail's power condition changes at the kernel level, which would put any penguin-powered PC at a drawback. Apple would really, really choose that you run Windows 8, as the new Atom and Windows OS are updated to perform hand-in-hand. A linux systemunix might capture up, but the Windows-only focus is a distinct crack from Intel's propensity to bath love on open-source OS tasks across the panel, such as continuous perform like Intel-native Android operating system creates or Tizen.
Summary:Ubuntu 12.10 has just gone beta, here's what we have to look forward to in this forthcoming popular Linux distribution.
Ubuntu is one of the most popular Linux distributions around and the next version, 12.10 aka Quantal Quetzal, has just gone beta. Here's what looking to to be the new Ubuntu's best features so far.
5) Unity Previews
In the Ubuntu Unity desktop, when you get a file, you get a lens that automatically open the file in the appropriate application. So, for instance, if you click on a document file, LibreOffice will open it, if you click on an image, Shotwell, will pop it open for you and so on.
What's new and improved in Ubuntu 12.10 is that you can now right click on files. Besides the usual more detailed information for the file from doing this that you get from most operating systems, you get a ”Preview Pane” for its content type. For instance if you right click a song in Unity's Dash display, you the album artwork and music player controls. This is a handy little feature.
4) Online account and Web service desktop integration.
Ubuntu has long integrated social network accounts, such as Facebook and Twitter, into its desktop. In this version, Canonical, the company behind Ubuntu, is also adding Web applications to its desktop. So, for example, Ubuntu's message indicator can be set to alert you when new mail arrives in your Gmail account.
Technically adept users can also use the application programming interface (API) and an integration script engine to make their own desktop applications.
3) Ubuntu One adds file sharing
Ubuntu One, Ubuntu's built-in personal cloud storage, ala Apple's iCloud and Windows 8's SkyDrive, now includes an easy-to-use file-sharing mechanism, Share Links. With this you can send friends and co-workers a Web link to a file you want to share with them. Of course, they still need your authorization to access the file, but it's still a handy, built-in way to share files.
2) Ubuntu moves to Python 3.
While like any Linux, you can write any program you like in any language that strikes your fancy, Ubuntu recommends “using Python. Many important parts of Ubuntu are already written directly in Python, and we work to make every important API and framework within Ubuntu available from Python.”
In this upcoming version, Kate Stewart, the Ubuntu Release Manager , announced, that “The Ubuntu desktop has begun migrating from Python 2 to Python 3. Most Python applications included in the desktop is now using Python 3, and most Python modules that are included by default are available for both Python 2 and Python 3.” In other words, if you want to develop for Ubuntu's, especially for its Unity and Head Up Display (HUD), you should be doing it in Python.
1) Unified Unity desktop
For graphics, Ubuntu is moving to a new X.org X Window stack. This include the new x.0rg 1.13, and updated X libs and drivers. On top of this, Ubuntu is consolidating its 2D and 3D versions of the GNOME 3.x-based Unity desktop. What all this should mean is that Ubuntu's desktop performance, especially on higher-end systems, should be faster.
Ubuntu is also using GNOME's Nautilus 3.4.2 as its fundamental file manager. This is not the newest version of Nautilus.
The final version of Ubuntu 12.10 is scheduled for release on October 18, 2012. If you want you can give the new Ubuntu a spin today. You cannot, however, run or install Ubuntu 12.10 beta from a standard CD, The minimum Ubuntu test image, at about 800MB, is too big for an ordinary 700MB capacity CD. So, instead you'll need to use a DVD or a USB stick to play with the Ubuntu beta.
Summary:The first beta build of Ubuntu 12.10 drops Unity 2D, retains Nautilus 3.4 and adds a new Dash preview, a Photo lens and new centralised Online Accounts management.
Canonical made the first beta of Ubuntu 12.10 (Quantal Quetzal) available for download on 6 September — a major milestone en route to the final release on 18 October. Two of the biggest changes to the free and open-source (FOSS) operating system are the addition of the Unity Dash preview feature and the removal of the Unity 2D shell. This rationalises Unity development, making it more efficient and presenting users with just one Ubuntu Unity shell. As expected, the Nautilus file manager sticks at the more feature-rich version 3.4, rather than adopting the most recent GNOME version; the beta also includes a new Linux kernel based on the 3.5.3 upstream version.
A Technical Overview of the beta can be found on the Ubuntu Wiki, which contains instructions on how to upgrade to the beta now (at your own risk) should you wish to get a foretaste of what to expect in the final release. Alternatively, a fresh install can be performed using one of the CD images of the beta, which are available for download from the Ubuntu image page.
A right click on any icon displayed in Dash opens the Unity preview for that selected item. The preview mode has left and right scroll arrows for movement to adjacent items, and each preview offers buttons tailored to suitable further actions depending on the previewed item.
Dash gains a new 'Photo lens', which, as well as having the new Preview mode, allows integration with Online Accounts, if enabled.
The Ubuntu One Control Panel gains a new tab, Share Links, along with a search function.
A new sign-on for Online Accounts centralises their management. Online Accounts can be accessed via Dash or from the System Settings.
Ubuntu Greeter gets a graphics makeover for the shell select and log-on dialogues — with, for example, more rounded corners.
Changes to the graphical elements result in a more refined appearance for the Ubuntu default theme, with thinner slider bars and rounded corners on the 'square' check boxes.
Along with these improvements to the user interface and operating system, the beta includes new versions of many of the most popular applications, such as version 3.6.1 of the LibreOffice productivity suite and — although it's not a default install — the new GIMP 2.8.
As expected, this beta release signals no huge changes for Ubuntu 12.10, but rather refinements that should make using the final version more enjoyable and rewarding. There are still a few more changes to come, so stay tuned.
Summary:Microsoft, as it did with Vista, is giving Linux another chance to make the gains in the PC market with Windows 8, but can Linux take advantage of this opportunity?
In 2007, thanks to netbooks and Vista, Linux briefly exploded onto the desktop. Microsoft soon realized they were losing the low-end laptop market and they brought XP back from the dead and practically gave it away to original equipment manufacturers (OEM)s. It worked. Linux's popularity receded. In 2012, Microsoft is once more bringing out a dog of a desktop operating system, Windows 8, so desktop Linux will once more get a chance to shine... if it can.
Linux is more than good enough on the desktop. Just ask Google, which used its own Ubuntu-spin, Goobuntu, not just for its engineering desktops but for everyone's PCs.
While much of the reason why Linux hasn't gone much of anywhere on the desktop has been because of Microsoft's iron-grip on OEMs and anti-Linux FUD, Linux hasn't helped itself much either. So what can Linux do to be as competitive as the Mac with Windows?
5) Give independent software vendors (ISV)s more support. :
I, and a lot more important Linux figures than I am, such as Linus Torvalds, think Miguel de Icaza, one of the GNOME's Linux desktop creators in his article What Killed The Linux Desktop was often off-base. But, de Icaza did make some good points. One of the most important of these was that “no two Linux distributions agreed on which core components the system should use. Either they did not agree, the schedule of the transitions were out of sync or there were competing implementations for the same functionality.”
Sure, fundamental programs work on all versions of Linux, but say you're an ISV, what desktop should you build for? KDE? The slumping GNOME? Ubuntu's Unity? My own favorite Linux Mint Cinnamon?
If I'm an ISV the last thing I want to do is throw money and time into crafting half-a-dozen versions of my user-interface for each significant Linux desktop. On the other hand, some ISVs, such as game maker Valve, has looked at Windows 8, turned its back on it, and are now moving to Linux. That's great but Linux needs to do more to encourage ISVs.
De Icaza thinks the only way Linux on the mainstream desktop will ever take off is “to take one distro, one set of components as a baseline, abandon everything else and everyone should just contribute to this single Linux. Whether this is Canonical's Ubuntu, or Red Hat's Fedora or Debian's system or a new joint effort.”
He's right. I think that's been Canonical plan for Ubuntu all along. Linux pros may not care much for Unity, but even the most un-techie people on the planet can use Ubuntu Linux with Unity. While lots of great distributions, such as Mint, are meant for desktop users, only Ubuntu really targets the mass-market. If I were an ISV, Ubuntu would be my Linux of choice. After all, it's already Valve's pick.
4) Slow down the pace of change. :
I like playing with the newest toys more than most people. Most hardcore Linux users do. Josephine User doesn't want to deal with a major update of her desktop every six months. That's why the successful Linux vendors—Canonical, Red Hat, and SUSE—release long term support versions of their operating systems.
Three years, not six months, is an update cadence that works for most people. Yes, that may mean your desktop release is running the Linux 3.5 kernel. Do you really think most people care about that? They don't. There's a reason why Windows XP, after 11-years in the top desktop spot—has only now been overtaken by Windows 7. People prefer King Log over King Stork. They may say they want the shiniest gizmos but at the end of the day they want their desktop to look and work the same as they did the day before.
That's a lesson that both Microsoft, with Windows 8 Metro, and Linux distributions that default to GNOME 3.x should learn.
3) Work even harder to get low-level hardware vendor support. :
Sure, you really can run Linux on pretty much any PC today—goodness knows I do—but if you want to make the most of your hardware, the vendors, like NVIDIA, still don't deliver the driver goods.
There's not a lot the Linux distributions can do about this. I mean if Red Hat wants a server equipment OEM to listen, they'll pay attention. Red Hat is a major server player. But, no one in the desktop space has that kind of clout. The only thing Linux can do is to offer to build Linux drivers for the OEMs. And, indeed, under Greg Kroah-Hartman's guidance Linux developers have been building free Linux hardware drivers for years. Even now, though, too many OEMs won't accept this free offer.
2) Pound on PC vendors' doors. :
Over the years, Dell, HP, and Lenovo has all fooled around with pre-installed desktop Linux. Even now if you're Joe Consumer you can't just go to their Web sites or a store and be sure you can buy a Linux PC or laptop. Outside of the US and Western Europe, it's actually easier to get Linux PCs.
Yes, it's actually easy to install Linux on a PC—I do it at least every other week—but most people won't go to the trouble.
We must have more vendors supporting pre-installed Linux desktops. It's great that we have System76 and ZaReason, but we need the big vendors to fully commit to the Linux desktop as well. I mean it's nice that Dell is well on its way to producing a high-end laptop, the Sputnik, for Linux developers, but it would be better still if you could currently order a run-of-the-mill Dell with Ubuntu as well.
At the same time, Linux computers should cost less than their Windows relations. After all, Linux doesn't cost an OEM anything like as much as Windows does. Nevertheless, the first Linux Ultrabook laptop costs as much as its Windows brother.
What the Linux distributors can do here is simply promote Linux on the desktop more to the OEMs. As far as I can tell only Canonical, once again, is really making a determined effort to promote the traditional Linux desktop. If you really want to see Fedora, openSUSE, whatever, Linux desktops in the market their distributors need to get on the stick and start pushing and working with OEMs.
1) Linux distributors need to take the traditional desktop seriously. :
You know, I think it's wonderful that Linux, thanks to Android, is ruling smartphones and the new generation of Android tablets, such as the Nexus 7 and the Amazon Kindle Fire HD are finally giving the iPad competition. But, the desktop is not going away anytime soon.
I like my fancy tablets as much as anyone does but when it comes to punching in words or keying in data give me a real computer with a real keyboard any day of the week. That's not going to change.
Only two Linux companies seem to get this. One, of course, is Canonical. The other is Google with its Chrome OS and Chromebooks. Google is trying its best to get you to buy, and now rent, Chromebooks. Google gets it. Google may be the king of the Internet, and Chrome OS may be just the Chrome Web browser on top of a thin layer of Linux, but they know the CPU on the desk with a keyboard in front of it is far from dead.
If we really want to see Linux desktops compete, you have a couple of choices. One, you can start supporting Ubuntu or Chrome OS, since they're only Linux distributions that seem to take the business of the Linux desktop seriously. If not them, then the Linux community must back another distribution to the hilt
You see, de Icaza was right on one fundamental point. For the Linux desktop to really take off, we must “take one distro, one set of components as a baseline, abandon everything else and everyone should just contribute to this single Linux.” Then, and only then, will we have a desktop Linux that will be able to really take advantage of the opportunity that Microsoft is handing us with Windows 8.
Summary:It took longer than expected, but openSUSE 12.2 is now available.
OpenSUSE, SUSE's group Linux system, may not be as attractive as Fedora, Great, or Ie8, but it's still a powerful, well-known Linux system for both hosts and personal computers and it's good to see the latest edition lastly appear after months of wait.
First due on September Eleventh, openSUSE didn't make its launch time frame because, seriously, it wasn't ready for primary time. OpenSUSE launch administrator Stephen "Coolo" Kulow said in May, “our growth venture, is still far too volatile. Things have enhanced.
Andreas Jaeger, openSUSE's system administrator informed ServerWatch's He Eileen Kerner that the openSUSE designers had” focused on backing the discharge.” The producing Linux system submission may not always have the latest software, such as the latest variations of Chrome and KDE, but it should be very constant. Rock-solid stability as well as have long been openSUSE outline.
OpenSUSE, as always, can handle several Linux system personal computers such as KDE 4.x, GNOME 3.4, and Xfce 4.10. KDE, however, is its main pc. OpenSUSE 12.2comes with KDE 4.8, but the designers will be upgrading it to technology, KDE 4.9.1 within the next weeks time.
Under the cover, openSUSE now uses the 3.4.6 Linux system kernel. Thus, it has better Brtfs computer file system and design car owner performance. Hosting server and datacenter directors will like that the kernel allows them to cap CPU utilization across categories of procedures.
When it comes a chance to start the system up, openSUSE now uses GRUB2. Looking forward to the day when Windows 8 techniques try to secure out all other operating-system, openSUSE has a Fedora-like plan in position to deal with Windows 8's Specific Extensible Firmware Interface (UEFI) lock-in.
For pc customers, openSUSE comes with the latest edition of the best open-source office suite: LibreOffice 3.5. When it comes to your Web surfing around needs, openSUSE non-payments to Chrome.
All-in-all, the new openSUSE appears to be very appealing. If you want to check it out for yourself, there are many openSUSE 12.2 variations available for obtain. Individually, I'm going to wait until KDE 4.9.1 is available before trying it on the pc.
One awesome function about openSUSE is that you can do in-place improvements of your current openSUSE set ups, going all the way back to openSUSE 11.2. Since I run openSUSE on my in-house hosts, where the pc doesn't issue so much, I'll give that a try first. If you also like openSUSE for your hosts, I suggest you not wait to provide it a run too. Enjoy!
Summary: It's becoming increasingly apparent that video game development and online distribution company Valve is serious about Linux. But desktop Linux has a 1 percent usage share. Surely there's more to this development effort than meets the eye?
There's no doubt that video game development and online distribution company Valve is looking to broaden its horizons and adding Linux to its list of supported operating systems. But Linux has a usage share of about 1 percent, so what's Valve's plan for Linux?
It's clear that Valve isn't happy with Microsoft.
Gabe Newell, Valve co-founder and managing director, labeled Windows 8 "a catastrophe for everyone in the PC space," fearing that the introduction of the Metro user interface and the new Windows Store -- which will be the only place users can buy Metro apps -- will make Windows even more of a closed platform. This, he fears, will have a serious knock-on effect of Valve's business.
Valve's also been busy optimizing its games for Linux, and claims to have Left 4 Dead 2 running faster on Ubuntu than on Windows 7 -- and not just a little faster either: over 16 percent faster. Considering how much time and effort Valve has spent developing for Windows, that's quite an achievement for Linux.
The word now is that Valve's official Linux push will kick off February 2013, and that this is when a beta of the Steam client for Linux will land. Hit titles such as Counter-Strike: Global Offensive, Team Fortress 2, and Half-Life 2 will be available alongside Left 4 Dead 2.
About the only person unhappy with Valve's move to cover Linux is free software stalwart Richard Stallman, who claims that "non-free programs" are "unethical."
However, I keep coming back to that 1 percent usage share. After all, I doubt that Valve offering games for Linux is going to push that usage share up even a fraction.
The reason why comes down to a single issue: compatibility.
When people buy a Windows license, they're not just buying the right to use operating system on a specific piece of hardware; they're also buying a warm and fuzzy feeling of security that most of the hardware and software they ran on the old operating system will continue to work on the new operating system.
So, what's Valve up to?
Two things spring to mind. First, rumors and job postings suggest that Valve is working on gaming hardware. Given the harsh criticisms of Windows and Microsoft, it's unlikely that any Valve-branded hardware is going to run Windows. That leaves a Linux distro as the obvious alternative because Valve would be free to tweak and customize the operating system to their heart's content.
If Valve plans to use Linux as the base OS for a games console, it needs to get its games working on Linux. All this desktop Linux talk could just be a handy smoke screen.
Another possibility is that Valve is planning to offer a customized Linux distro that users could install on their PCs either standalone or as a dual-boot OS. The idea of a streamlined OS dedicated to playing games appeals to me because a day-to-day Windows installation is not the ideal platform for gaming because of all the unnecessary detritus -- unnecessary to gaming at any rate -- running in the background.
Success of failure seems to hinge on how many Linux-compatible games Valve can come up with. Valve has some popular titles, but I don't see the likes of Left 4 Dead 2 et al being enough to encourage people to buy a Valve console or use Linux as a gaming platform.
Whatever the plan, Valve needs the support of other game developers. If Valve can get that -- and if there's one company that can herd the gaming industry, it's Valve -- then maybe Microsoft needs to start worrying, because while the most important sector for Microsoft as far as Windows revenue is concerned, is the enterprise market, it's not the most influential.
The sector that drives the greatest innovation, and which offers the OEMs the best chance of selling hardware with a decent profit margin is the gaming sector. And Valve could be getting ready to disrupt that sector.
