Previous Page
PCLinuxOS Magazine
Article List
Next Page

Short Topix: Could Microsoft Be Looking To Linux For The Next Version Of Windows?

by Paul Arnote (parnote)

Free Intro to Linux Course Surpasses One Million Enrollments

The Linux Foundation: SAN FRANCISCO, September 22, 2020 -- The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced its Introduction to Linux training course on the edX platform, currently in its sixth edition, has surpassed one million enrollments. The course helps students develop a good working knowledge of Linux using both the graphical interface and command line across the major Linux distribution families. No prior knowledge or experience is required, making the course a popular first step for individuals interested in pursuing a career in IT.

Introduction to Linux has helped countless individuals launch their IT careers. Jules Bashizi Irenge for example, completed the course then proceeded to intermediate Essentials of System Administration training and received a Linux Foundation Certified SysAdmin (LFCS) certification, and now is a PhD candidate who has contributed over 200 patches to the Linux kernel. Fabian Pichardo also followed the introductory course with Essentials of System Administration and LFCS, and now is employed full time as a software developer.

"To have introduced over a million individuals to Linux is a tremendous milestone, said Linux Foundation Executive Director Jim Zemlin. "One of our primary goals is to bring more talent into the open source community, and offering free, high quality training that is accessible to anyone who wants it is essential to achieving that goal. Thank you and congratulations to everyone who has supported these efforts, including our members, instructors, training support team, and the students themselves. We look forward to training the next million!

With Linux powering all of the world's 500 top supercomputers and the vast majority of mobile devices, along with serving as the backbone of the cloud and the internet itself, it is essential to understand Linux to pursue many IT job roles. Upon completion of this course, students possess a good working knowledge of Linux, from both a graphical and command line perspective, allowing them to easily navigate through any of the major Linux distributions. They can then continue their progress as either a user, system administrator or developer using the acquired skill set.

"The Linux Foundation has been an incredible partner of edX for the past six years, bringing dozens of courses in high-tech and in-demand fields to our platform of 34 million learners, said Anant Agarwal, edX Founder and CEO. "Introduction to Linux, their very first offering, has been a true blockbuster -- it's one of our top 10 most popular courses of all time. We're thrilled to congratulate Linux Foundation on reaching 1 million enrollments and look forward to bringing accessible high-tech education to countless more learners, together.

Introduction to Linux remains open for new enrollments. There is no cost to complete the course, and verified certificates of completion are available for $199. The Linux Foundation offers two dozen free training courses on open source projects including Linux, Kubernetes, Hyperledger, and more in partnership with edX.

'Hidden' UEFI Malware Difficult To Detect, Remove

Kapersky cybersecurity researchers have discovered an APT (advanced persistent threat) known as a firmware bootkit, according to an article on TechRadar. It affects a computer's UEFI (Unified Extensive Firmware Interface), and begins running before the computer's operating system or any programs. This means that normal operating system and programming security software cannot detect it, since it's loaded before anything else. It also makes it incredibly difficult to remove.

The Kaspersky researchers found a sample of such malware used in a campaign that deployed variants of a complex, multi-stage modular framework dubbed as MosaicRegressor. Not only does the malware load before the operating system or security software, the UEFI code resides on a flash ROM, separate from the hard drive. This means that even if the end user reinstalls the operating system and all of their software, the bootkit malware will persist.

According to an article on

While it was not possible to detect the exact infection vector that allowed the attackers to overwrite the original UEFI firmware, Kaspersky researchers deduced one option of how it could be done based on what is known about VectorEDK from leaked Hacking Team documents. These suggest, without excluding other options, that infections might have been possible through physical access to the victim's machine, specifically with a bootable USB key, which would contain a special update utility. The patched firmware would then facilitate the installation of a Trojan downloader -- malware that enables any payload suitable for the attacker's needs to be downloaded when the operating system is up and running.

In the majority of cases, however, MosaicRegressor components were delivered to victims using far less sophisticated measures, such as spear phishing delivery of a dropper hidden in an archive together with a decoy file. The multiple modules structure of the framework enabled the attackers to conceal the wider framework from analysis, and deploy components to target machines on demand only. The malware initially installed on the infected device is a Trojan-downloader, a program capable of downloading additional payload and other malware. Depending on the payload downloaded, the malware could download or upload arbitrary files from/to arbitrary URLs and gather information from the targeted machine.

Kapersky researchers have not been able to link the malware to any particular threat actor, but have linked some of the attacks to Russian spearphishing documents, and most of the victims had some connection to North Korea.

Could Microsoft Be Looking To Linux For The Next Version Of Windows?

I know ... it sounds like a horror film, huh? But TechRepublic's Jack Wallen and ZDNet's Steven J. Vaughan-Nichols both think it might be a good idea.

I just know you're screaming at the top of your lungs about now.

If you are like many Linux users, most of whom are Microsoft "refugees anyways, there are many, many reasons for your skepticism and fear. For years, Microsoft professed its intense hatred of Linux. They bragged about how they were planning to "eradicate the cancer known as Linux from the computing world.

Then, almost overnight, Microsoft professed its "love for Linux. Microsoft joined the Linux Foundation. Linux users RAGED! The "enemy was making itself comfortable ... in their OWN HOUSE! Most Linux users were afraid that it was the same ol' Microsoft up to its usual games, which involved the "triple E threat: embrace, extend, extinguish. MICROSOFT WAS GOING TO EXTINGUISH LINUX FROM WITHIN!

Actually, there are still many Linux users who haven't strayed far from initial assessment. Even in the PCLinuxOS forum, we hear it fairly regularly. Ignoring for a moment Microsoft's history of hatred towards Linux, can such a move possibly be all bad?

We don't have to look far to see the possible benefits. Back in 1999, macOS was rebased, partly, on Berkley BSD, leading to Apple joining the *nix family. Anyone would be hard pressed to argue with the results of Mac OS X (we're not talking about the costs associated with Apple products/hardware, nor the restrictive closed environment that constrains Mac OS X).

Believe it or not, Windows isn't the flagship Microsoft product any longer. It doesn't even come close to being a leading income producer for Microsoft. Instead, Microsoft finds its biggest profit leaders to be things like its cloud-based Office 365, and other "software-as-a-service (SaaS) products. Its Azure cloudspace is quite lucrative.

Microsoft migrating Windows to Linux does make sense. Instead of having a whole bevy of programmers working on proprietary, closed-source software, most of the heavy lifting would have been done by the FOSS and Linux community. You can be certain that Microsoft will tinker with the final product. They literally can't help themselves in that regard.

The real questions come with that tinkering. Will their tinkering introduce security vulnerabilities? Will a Linux-based Windows cause a dying off of some Linux distros? Will Microsoft's embracing of Linux make Linux distros everywhere targets for malware and virii? This latter point is a HUGE potential problem. There are many unknowns, and how those unknowns are handled could have huge ramifications across the established Linux community.

Jack Wallen does make a good point that could end up being quite advantageous for Linux users. Microsoft would almost be required to pour efforts into helping support Wine, to help insure that legacy programs/software can run atop a Linux-based version of Windows. Without an ability to run favorite legacy software, user adoption of a Windows based on Linux may be slow and arduous. Even today among Windows users, there are "laggers who hang onto older, more vulnerable versions of Windows because of perceived compatibility issues.

Certainly, this will thrust Linux into the computing mainstream at light speed. Linux market share will sky rocket, overnight. There are many arguments on both sides as to whether this is good or not. Some don't want Linux to have such a high profile. Others think that it will hasten Linux development and improve support across all avenues.

Color me skeptical. Very skeptical. You might even call it "guarded optimism. Very, very guarded. As if peeking between a barely perceptible gap between slats of a set of drawn mini-blinds. I can see both sides of the argument. I can see how such a move might have huge benefit to Linux, but ONLY if it is done correctly, in the spirit and methods of the established open source community, and if profit is NOT occupying the driver's seat.

1Password Password Manager Coming To Linux

For much of the past 10 or so years, one of the most popular password managers for Windows, Android and iOS has been 1Password. And, for all of that time, the most requested "feature has been for a Linux version.

Well, it looks like Linux users are getting their wish, and their request granted. 1Password is coming to Linux, most likely as soon as early 2021. From a forum post on AgileBits community forum:

A full-featured Linux desktop app has been our most requested feature by far and responsible for the longest forum post in our history. Today we're thrilled to announce that 1Password is coming to Linux!

Planned for official release later this year, we couldn't wait to share the news with you so today we're unveiling an alpha a development preview so you can join in on the fun.

Not exactly an LTS release

This isn't a long-term support release! You can expect many updates and changes over the next few months as many features are not complete yet. For example, the app is currently read only: there is no item editing, creation of vaults, or item organization.

As such this initial release should be used for testing and validation purposes only and is not suitable for business critical environments. For a stable experience on Linux you'll want to use 1Password X in your browser.

A true Linux app

Our new app is built to meet the security and performance expectations of Linux users. Its backend is written completely in Rust, a secure systems programming language that has made a lot of waves in the Linux community. We're especially proud to be using the incredible ring crypto library to power the end-to-end encryption that keeps your data safe.

In addition to a secure foundation we've tailored the app to integrate with Desktop Linux with features like:
  • Simple and secure installs using apt and dnf packager managers

Automatic Dark Mode selection based on your GTK theme Open network locations (FTP, SSH, SMB) Tiling window manager support and descriptive window titles Unlock with your Linux user account, including biometrics System tray icon for staying unlocked while closed X11 clipboard integration and clearing Keyboard shortcuts Data export Unlock multiple accounts with different passwords Create collections to organize data across accounts and vaults

And this is just what's available in the preview. There will be many more exciting features that will take advantage of the power of Linux as we get closer to release.

Free accounts for open source teams

Our new app is built on great open source projects like the Rust programming language for the underlying logic, and React for a responsive component-based UI.

Building an app for Linux wouldn't have been possible without these giant shoulders to stand upon so we want to give back to the free software community. If you work on an open source team that needs a password manager, open a PR against our 1Password for Open Source Projects repo and we'll give you and everybody on your team a free account. You and your team will be able to continue using this account even when the development preview ends.

Thank you so much for your contributions and making the world a better place.

apt-get install 1password

If you're excited to report issues, work with us to resolve them, and update to verify fixes, then you're welcome to join us on this journey. To get started read the guide Get to know 1Password for Linux to find installation and troubleshooting instructions.

We maintain signed apt and rpm package repositories for Debian, Ubuntu, CentOS, Fedora, and Red Hat Enterprise Linux. We also have an AppImage for as-of-yet unsupported distributions. Let us know what distribution you use and how well 1Password works there.

We hope you are as excited about a 1Password Linux app as we are. Our development team will be active in this forum so when you find issues please report them here.

Psssst! We Now Know The Name Of Doom Guy!

I'm certain that this has been one of the BIGGEST mysteries in all of gaming for a very long time.

To mark the 26th anniversary of the release of Doom 2 (can you believe that Doom 2 has been around for 26 years?! I know I can hardly believe it!), id Software co-founder John Romero finally answered a question that I'm sure many, many before have asked. He did so on Twitter.

Yep! So there you have it from one of the top guys himself. Doom Guy's name is ... Doom Guy.

Here we are, 26 years later, and it would be foolish to presume that Doom is pulseless. It remains a hugely popular game, and new Doom games are being prepared for the new PlayStation 5 and Xbox Series X gaming systems. On October 20, 2020, a new Doom DLC (downloadable content ... I know ... I had to look that up myself) game, called "The Ancient Gods: Part One, was released. And, users didn't even have to have Doom Eternity to play it!

Now, don't you feel better knowing that Doom Guy's name is Doom Guy?

PCLinuxOS Magazine Short Topix Roundup

COMCAST ENGINEERS have successfully achieved 1.25Gbps throughput over ... are you ready for it ... standard coaxial cable! The significance, if it makes it through to general consumers, is a cheaper way to deliver 1+ Gbps internet to many more people. The savings would be automatic, given that they are using existing infrastructure to deliver the faster internet speeds.

THE GLOBAL PC MARKET SAW ITS GREATEST GROWTH IN 10 YEARS, according to an article on C|Net. After experiencing a weak first quarter, sales of laptops and mobile workstations soared, largely in response to the coronavirus pandemic, as many workers took to working from home.

THE SCHOOL DISTRICT IN JACKSON, MICHIGAN IS USING ITS BUSES AS MOBILE HOTSPOTS to provide internet connectivity to students whose families cannot afford internet access, according to an article on mlive. The coronavirus pandemic forced many schools to shut down face-to-face learning, and switch to virtual learning to replace it. Even though the school district helped ensure that students had access to mobile devices by providing Chromebooks, they found that around 35 percent of students experienced problems with connectivity due to their family's inability to afford internet access. As a result, they equipped their school buses with wifi hotspots, and sent them out into underserved areas of the community from 9:30 a.m. until 12:45 p.m. There, families would gather in the wifi coverage area (a 100 foot to 300 foot radius from the mobile hotspot), to avail themselves of the free internet access.

SEVEN COUNTRIES ARE CALLING ON BIG TECH to provide them with "backdoor access to encryption algorithms and routines (particularly end-to-end encryption), so that they "may keep the public safe from threat actors (real, perceived and imaginary), and to help law enforcement to crack down on those who hide behind internet encryption to commit their crimes, according to an article on ZDNet. Those seven countries are the U.S., U.K., Canada, Australia, New Zealand, India and Japan. The same (or similar) requests have been made by the group to big tech companies in 2018 and 2019. The problem is that if a backdoor exists for governments and law enforcement to crack encrypted communications and/or data, then how long will it be before non-government types (e.g., hackers) are also able to leverage those same backdoors? How do we trust that governments and law enforcement will always follow the law, and not use the "ability to silence dissenters or those whose opinions might not be "mainstream? You can read the entire joint news release from these seven countries, here. Be careful. This should scare the pants off of you, regardless if you have any concerns for privacy.

Previous Page              Top              Next Page