• Introducing The Linux Community Challenge #2: openSUSE Tumbleweed

• May we live in interesting times

  In 1966, Robert F Kennedy gave his famous Day of Affirmation Address in Cape Town, which included the allegedly Chinese curse “may you live in interesting times”. This has been widely used since, but is it really an ancient Chinese curse? Much research has been carried out into the origins of this phrase, and while it can be traced back to a speech given by Sir Austen Chamberlain in England in 1936, it has been generally confirmed and accepted by many to not be of Chinese origin. As a result, I’m quite happy to live in interesting times – preferably working in an interesting role, in an interesting company, in an interesting industry and surrounded by interesting people. Working at SUSE, as part of the OpenStack industry, I get to tick all of these boxes daily! Incidentally, at the time of writing this, there were 155 roles open on the SUSE careers page – why not take a look and see if any are interesting to you?

• Is time running out for your SAP Linux support?

  In 60 days, SUSE Linux Enterprise Server for SAP Applications 11 SP4 will reach the March 31, 2019 end date for General Support. This means that it’s no longer possible to purchase a Priority Support subscription with the updates, proactive fixes for bugs and security vulnerabilities, and unlimited technical support that you depend on. More than likely, your SAP systems and services are critical to your business operations, so it’s equally critical that you maintain Linux support for those systems.
  If you’re no longer running your systems on SUSE Linux Enterprise Server for SAP Applications 11 SP4, or have a plan to maintain support with Long Term Service Pack Support (LTSS) then you’re already ahead of the game. Just skip the rest of this blog and enjoy your day. If, on the other hand, you’re wondering what to do next then read on to understand your options.

• Reviewed: The Lenovo Thinkpad T480s Business Laptop

• Clear Linux Outlines How You Can Build Your Own Linux Distro In 10 Minutes

  While Intel's Clear Linux is known to the most of you for its speed, it's also a distribution that is very easy to build off of for specific use-cases should you want your own pre-configured Linux OS. 

  Clear Linux tweeted out this week that with their mixer software you can build your own Clear Linux distribution in "less than 10 minutes" using its mixing software. Spinning your own Clear Linux distribution is done using their Mixer tool that is built around their package management concept of bundles with swupd.

• 19 days of productivity in 2019: The fails

  There seems to be a mad rush at the beginning of every year to find ways to be more productive. New Year's resolutions, the itch to start the year off right, and of course, an "out with the old, in with the new" attitude all contribute to this. And the usual round of recommendations is heavily biased towards closed source and proprietary software. It doesn't have to be that way.

  Part of being productive is accepting that failure happens. I am a big proponent of Howard Tayler's Maxim 70: "Failure is not an option—it is mandatory. The option is whether or not to let failure be the last thing you do." And there were many things I wanted to talk about in this series that I failed to find good answers for.

  So, for the final edition of my 19 new (or new-to-you) open source tools to help you be more productive in 2019, I present the tools I wanted but didn't find. I am hopeful that you, the reader, will be able to help me find some good solutions to the items below. If you do, please share them in the comments.

• Lenovo’s 4K Yoga Chromebook C630 Is Available to Order

  While certain Chrome OS devices already come with high-resolution displays—like the Pixelbook and Pixel Slate—there’s hasn’t been one with a 4K display. Until the Lenovo Yoga Chromebook C630, that is. And now you can buy one.

  We can talk about whether you need a 4K display in your Chromebook (read: you probably don’t), but at the end of the day, there’s always an argument for just how damn good a display looks when it’s absolutely packed with pixels. I’m sure this one is no exception.

• Native backup and restoring of Linux containers in Crostini targeted for Chrome OS 74

  While using Linux on a Chromebook is helpful, if something happens to the Linux container, you could easily lose all of your installed apps, data, and settings. There is a manual method to import and export a container if you’re familiar with LXD in Linux, but Crostini in Chrome OS is getting a native function to do the same according to the Chromium commit log.

Those who haven't already patched a trio of recent vulnerabilities in the Linux world's SystemD have an added incentive to do so: security biz Capsule8 has published exploit code for the holes.

Don't panic, though: the exploit code has been defanged so that it is defeated by basic security measures, and thus shouldn't work in the wild against typical Linux installations. However, Capsule8 or others may reveal ways to bypass those protections, so consider this a heads-up, or an insight into exploit development. Google Project Zero routinely reveals the inner magic of its security exploits, if you're into that.

Back to SystemD.

In mid-January, Qualys, another security firm, released details about three flaws affecting systemd-journald, a systemd component that handles the collection and storage of log data. Patches for the vulnerabilities – CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 – have been issued by various Linux distributions.

Exploitation of these code flaws allows an attacker to alter system memory in order to commandeer systemd-journal, which permits privilege escalation to the root account of the system running the software. In other words, malware running on a system, or rogue logged-in users, can abuse these bugs to gain administrator-level access over the whole box, which is not great in uni labs and similar environments.

Nick Gregory, research scientists at Capsule8, in a blog post this week explains that his firm developed proof-of-concept exploit code for testing and verification. As in testing whether or not computers are at risk, and verifying the patches work.

Also:

• Linux Kernel hid_debug_events_read() Function Local Denial of Service Vulnerability [CVE-2019-3819]

  A vulnerability in the hid_debug_events_read() function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.The vulnerability exists in the hid_debug_events_read() function, as defined in the drivers/hid/hid-debug.c source code file of the affected software. The vulnerability is due to an infinite loop condition that may occur when user-supplied input with certain parameters is passed from a userspace. An attacker with root privileges could exploit this vulnerability by executing a program that submits malicious input to the targeted system. A successful exploit could cause the system to lock, resulting in a DoS condition.Kernel.org has not confirmed the vulnerability, and software updates are not available.

The Linux distro for the security-conscious has been updated with a fresh USB installation method.

Hot on the heels of Apple's latest privacy blunder, The Amnesic Incognito Live System (TAILS) has emitted version 3.12.

The big news this time around is the arrival of a USB image alongside the usual ISO. ISOs, handy for burning to a DVD or spinning up a virtual machine, are not so good when it comes to one of TAILS' strengths – running Linux without a trace.

The faff of needing a couple of USB sticks and around three hours of spare time is gone with this release. A single 8GB USB stick is sufficient to handle the 1.2GB download and TAILS reckons that the whole process should take an hour and a half.

A swift download and burn to USB using Etcher and a user is up, running and able to enjoy the discretion afforded by the Debian-based distro and the Tor network.