The H Roundup - NOOBS, Ubuntu's Bug One and a Windows hole
Welcome to The H Roundup, your review of the week with the most read news on The H, the security alerts and open source releases, and the essential feature articles – all in one quick-to-scan news item. This week: whatever happened to Google's commitments to open standards, Tavis Ormandy finds another Windows hole, Shuttleworth closes Ubuntu Bug One, the Raspberry Pi gets a new installation system, and the Arch developers warn their users of update problems.
With Google dropping XMPP and other standards lately, Glyn Moody asks what happened to the company's supposed friendliness towards open source and especially open standards.
In the first part of The H's Kernel Log series, which looks at what is coming in the next release, version 3.10, of Linux, Thorsten Leemhuis examines the networking features that have already been incorporated.
Tavis Ormandy stirred up controversy when he released the details for a security hole in Windows, serious vulnerabilities were discovered in QNAP's storage and surveillance systems, and The H's Lost+Found keeps you informed on everything else that happened in security news this week.
- Google researcher discloses zero-day exploit for Windows
- Serious vulnerabilities in QNAP storage and surveillance systems
- Lost+Found: Google hacks Windows and Android sleeper agents
The Raspberry Pi mini-computer gets a new easy-to-use installation system, the latest version of the creative programming language Processing introduces OpenGL as a core rendering mechanism, and the Arch Linux developers warn about breakage that will happen when users update their Arch systems. Meanwhile, Ubuntu founder Mark Shuttleworth has closed the Ubuntu bug that laments Microsoft's dominance in the PC market and expresses the opinion that this is not the case any more.
- Raspberry Pi gets new installation system
- Processing goes 2.0 with an OpenGL core
- Arch Linux developers warn of update problems
- Ubuntu Bug One fixed? Shuttleworth says it is
Peer-to-peer botnets are a lot harder to shut down than conventional botnets and the bad news is that there are more of them than many researchers had initially assumed. GCC 4.8.1 was declared feature complete for the C++11 language specification and Oracle laid out how it is going to take on Java's security issues.
- P2P botnets much larger than they seemed
- GCC 4.8.1 is C++11 feature complete
- Oracle sets out future Java security plans
Open Source Releases
Open source releases this week included a new version of Chakra Linux, open source API libraries from GitHub and new versions of PulseAudio and UbuntuTweak. Mirantis has also released a new version of its deployment tools for OpenStack and announced financial backing from Red Hat. The edX learning platform completed the open sourcing of all its software and the Apache CloudStack project produced its first post-incubation release.
- Chakra 2013.05 gets graphical package manager
- GitHub releases API libraries for Ruby and Objective-C
- PulseAudio 4.0 improves support for Bluetooth audio
- Snowlinux 4 arrives with frosty MATE and Cinnamon flavours
- Apache CloudStack adds API discovery and messaging
- edX learning platform now all open source
- Ubuntu Tweak ready for Ubuntu 13.04
- Mirantis releases Fuel for OpenStack 3.0
- Calibre ebook manager converts DOCX documents
Users of Apache Struts, the Plesk web hosting panel and the BIND DNS server should be aware of the following security alerts:
- Apache Struts gets another important security fix
- Supposed zero-day exploit for Plesk
- BIND security update closes DoS vulnerability
For everything The H has published in the last week, check out the last seven days of news. To keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.