Home Blog

Chrome OS 80 will start using Debian 10 Buster on new Linux installations

After months of testing and bug fixing, Google is ready to enable Debian 10 “Buster” as the default Linux container in Chrome OS. According to a recently merged commit we spotted in the Chromium Gerrit, new Crostini (the code-name for Linux apps on Chrome OS) installations will get Debian 10 by default. The commit doesn’t mention how Chromebooks with existing Debian 9 “Stretch” installations will be migrated to the newer version, but users can easily upgrade the container themselves by running a few commands.

Upgrading to the newer version of Debian enables new features and should also bring greater application support. For the truly enterprising, it’s even possible to replace the Debian container with Arch Linux.

[Source: XDA Developers]

Google Stadia’s Upcoming Launch Looking Increasingly Incomplete

Google Stadia is set to debut on November 19. That launch already had several caveats, however, including the fact that not everyone who pre-ordered the Founder’s Edition bundle will receive their hardware in time for the platform’s debut. Now the company has said that many of Stadia’s multiplayer-centric features won’t be ready in time for the game streaming platform’s launch either.

The additional information about Stadia’s launch arrived during an Ask Me Anything (AMA) session with Stadia product director Andrey Doronichev and Beri Lee, who “look[s] after the Publisher experience on Stadia,” on Reddit.

[Source: Tom’s Hardware]

146 New Vulnerabilities All Come Preinstalled on Android Phones

When you buy an Android smartphone, it’s rarely pure Android. Manufacturers squeeze in their own apps or give it a fresh coat of interface. Carriers do it too. The resulting stew of preinstalled software and vanilla Android sometimes turns out to be rancid, putting flaws and vulnerabilities on the phone before you even take it out of the box. For proof of how bad it is, look no further than the 146 vulnerabilities—across 29 Android smartphone makers—that have just been simultaneously revealed.

Yes, that’s 146, all discovered by security firm Kryptowire and detailed one by one in a new gargantuan disclosure. Most of the implicated companies operate primarily in Asia, but the list includes global heavyweights like Samsung and Asus as well.

[Source: Wired]

The ONNX format becomes the newest Linux Foundation project

The Linux Foundation today announced that ONNX, the open format that makes machine learning models more portable, is now a graduate-level project inside of the organization’s AI Foundation. ONNX was originally developed and open-sourced by Microsoft and Facebook in 2017 and has since become somewhat of a standard, with companies ranging from AWS to AMD, ARM, Baudi, HPE, IBM, Nvidia and Qualcomm supporting it. In total, more than 30 companies now contribute to the ONNX code base.

[Source: TechCrunch]

Brave 1.0 is ready for privacy-loving web surfers

Go give the Brave 1.0 browser a whirl as it’s now out of beta and in stable release form. That doesn’t mean it’s a browser for privacy-centric equines, but that it’s now available for Windows, Linux, macOS and iOS. And for folks that hate the idea of being targeted by third-party advertisers, tracked by various brands and having auto-playing videos blasted through their browsers, Brave 1.0 could open up a brave new world of browsing for them.

The browser promises to not only block adverts and trackers but to also offer Brave Ads, which are a form of adverts that will pay people to view them and not gobble their data. Such ads are delivered through push notifications rather than intrusive web page banner ads.

[Source: The Inquirer]

The ByteCode Alliance wants to bring binary apps into your browser

Back in 2015, a consortium including Google, Microsoft, Mozilla, and the WebKit project announced WebAssembly. This week, Mozilla, Intel, Red hat, and Fastly announced a new consortium called the Bytecode Alliance, which aims to foster WebAssembly and other “new software foundations” that will allow secure-by-default ways to run untrusted code, either inside or outside the Web browser environment.

For many, this raises an obvious question: what is WebAssembly? WebAssembly (wasm) was and is a potentially exciting project, offering a way to run native bytecode inside the browser for potentially very large increases in performance over the Javascript engines in use both then and today.

[Source: Ars Technica]

Google releases source code of new on-device machine learning solutions

Google has opened up the source code of two machine learning (ML) on-device systems, MobileNetV3 and MobileNetEdgeTPU, to the open source community. In a blog post, software and silicon engineers Andrew Howard and Suyog Gupta from Google Research said on Wednesday that both the source code and checkpoints for MobileNetV3, as well as the Pixel 4 Edge TPU-optimized counterpart MobileNetEdgeTPU, are now available.

Google says the demand for mobile intelligence has prompted research into algorithmically-efficient neural network models and hardware “capable of performing billions of math operations per second while consuming only a few milliwatts of power,” such as in the case of the Google Pixel 4’s Pixel Neural Core.

[Source: ZDNet]

WhiteSource Acquires Renovate to Automate Dependency Updates

WhiteSource has acquired Renovate, a provider of an open source automated dependency update platform that the company plans to make available for free. Rhys Arkins, co-founder of Renovate who is now director of product for WhiteSource, said that as software projects become more complicated, there’s an increased need for a mechanism to identify and track dependencies and automatically update them as changes and updates are made.

That requirement is becoming especially acute with the rise of microservices-based applications, which substantially increase the number of dependencies that exist within and between applications, added Arkins.

[Source: DevOps.com]

GitHub launches Arctic Code Vault to preserve open source software for 1,000 years

GitHub has shared plans to open the Arctic Code Vault, an effort to store and preserve open source software like Flutter and TensorFlow. Code for all open source projects will be stored here on film with frames that include 8.8 million pixels each, designed to last 1,000 years.

The code will be housed in a decommissioned coal mine in Svalbard, Norway, the same city chosen to host a global seed vault. One of the northernmost cities on Earth, in Svalbard permafrost can extend hundreds of meters below the surface. Archivists believe the cold and near-constant conditions can help in preservation.

[Source: VentureBeat]

Debian Project Releases Linux Security Updates to Patch Latest Intel CPU Flaws

The Debian Project released new Linux kernel security updates for its supported Debian GNU/Linux releases to address the latest vulnerabilities affecting Intel CPU microarchitectures. As reported earlier this week, four new security vulnerabilities have been discovered in the Linux kernel and with an impact on Intel CPUs, namely CVE-2019-11135, CVE-2018-12207, CVE-2019-0154 and CVE-2019-0155, which may lead to privilege escalation, information leak, as well as denial of service.

The Debian Project recommends all users of the Debian GNU/Linux 9 “Stretch” and Debian GNU/Linux 10 “Buster” operating systems to update their installations as soon as possible to the new Linux kernel versions, namely 4.9.189-3+deb9u2 for Debian Stretch and 4.19.67-2+deb10u2 for Debian Buster.

[Source: Softpedia]