Android

postmarketOS Pursues A Linux-Based, LTS OS For Android Phones (liliputing.com) 106

An anonymous reader quotes Liliputing: Buy an iPhone and you might get 4-5 years of official software updates. Android phones typically get 1-3 years of updates... if they get any updates at all. But there are ways to breathe new life into some older Android phones. If you can unlock the bootloader, you may be able to install a custom ROM like LineageOS and get unofficial software updates for a few more years. The folks behind postmarketOS want to go even further: they're developing a Linux-based alternative to Android with the goal of providing up to 10 years of support for old smartphones...

Right now postmarketOS is a touch-friendly operating system based on Alpine Linux that runs on a handful of devices including the Samsung Galaxy Nexus, Google Nexus 4, 5, and 7 (2012), and several other Samsung, HTC, LG, Motorola, and Sony smartphones. There are also ports for some non-Android phones such as the Nokia N900 and work-in-progress builds for the BlackBerry Bolt Touch 9900 and Jolla Phone. Note that when I say the operating system runs on those devices, I basically mean it boots. Some phones only have network access via a USB cable, for instance. None of the devices can actually be used to make phone calls. But here's the cool thing: the developers are hoping to create a single kernel that works with all supported devices, which means that postmarketOS would work a lot like a desktop operating system, allowing you to install the same OS on any smartphone with the proper hardware.

One postmarketOS developer complains that Android's architecture "is based on forking (one might as well say copy-pasting) the entire code-base for each and every device and Android version. And then working on that independent, basically instantly incompatible version. Especially adding device-specific drivers plays an important role... Here is the solution: Bend an existing Linux distribution to run on smartphones. Apply all necessary changes as small patches and upstream them, where it makes sense."
Government

Microsoft Avoids Washington State Taxes, Gives Nevada Schoolkid A Surface Laptop (seattletimes.com) 72

theodp writes: The Official Microsoft Blog hopes a letter from a Nevada middle schooler advising Microsoft President Brad Smith to "keep up the good work running that company" will "inspire you like it did us." Penned as part of a math teacher's assignment to write letters to the businesses that they like, Microsoft says the letter prompted Smith to visit the Nevada school to meet 7th-grader Sky Yi in person as part of the company's effort to draw attention to the importance of math and encourage students and teachers who are passionate about STEM (science, technology, engineering and math) education. In an accompanying video of the surprise meeting, Smith presents Yi with a new Surface Laptop that comes with Windows 10 S, a version of the OS that has been streamlined with schools in mind. "Not bad for a little letter," the Microsoft exec says.

Speaking of Microsoft, Nevada, and education, Bing Maps coincidentally shows the school Smith visited is just a 43-minute drive from the software giant's Reno-based Americas Operations Center. According to the Seattle Times, routing sales through the Reno software-licensing office helps Microsoft minimize its tax bills (NV doesn't tax business income) to the detriment, some say, of Washington State public schools.

Microsoft's state and local taxes will drop to just $30 million for the last year (from an average of $214 milion over the previous 14 years) according to the Seattle Times. "A Microsoft spokesman said the decline in 2017 was caused by the company's deferring taxes on some income to future years and the winding down of the company's smartphone business."
Android

The Verge's Essential Phone Review: An Arcane Artifact From an Unrealized Future (theverge.com) 55

An anonymous reader shares Dieter Bohn's review of the Essential Phone: Even though it was announced less than three months ago at the Code Conference, there's already enough mythology surrounding the Essential Phone to fill a book. It comes from a brand-new billion-dollar startup led by the person who helped create Android itself, Andy Rubin. That origin binds it up with the history of all smartphones in a way that doesn't usually apply to your run-of-the-mill device. The phone was also delayed a bit, a sign that this tiny company hasn't yet quite figured out how to punch above its weight class -- which it's certainly trying to do. Although it runs standard Android, it's meant to act as a vanguard for Essential's new ecosystem of smart home devices and services connected by the mysterious Ambient OS. Even if we trust that Rubin's futuristic vision for a connected home will come to pass, it's not going to happen overnight. Instead, all we really have right now is that future's harbinger, a well-designed Android phone that I've been testing for the past week. Available unlocked or at Sprint, the $699 Essential Phone is an ambitious device. It has a unique way to connect modular accessories, starting with a 360-degree camera. It has a bold take on how to make a big, edge-to-edge screen paired with top-flight materials such as ceramic and titanium. And it has a dual camera system that is meant to compete with other flagship devices without adding any thickness to the phone. That would be a lot for even a massive company like Samsung or Apple to try to do with a single phone. For a tiny company like Essential, the question is simply this: is it trying to do too much? In conclusion, Bohn writes: "The Essential Phone is doing so much right: elegant design, big screen, long battery life, and clean software. And on top of all that, it has ambitions to do even more with those modules. If you asked Android users what they wanted in the abstract, I suspect a great many of them would describe this exact device. But while the camera is pretty good, it doesn't live up to the high bar the rest of the phone market has set. Sometimes artifacts are better to behold than they are to use."
Debian

OpenSource.com Test-Drives Linux Distros From 1993 To 2003 (opensource.com) 80

An anonymous reader quotes OpenSource.com: A unique trait of open source is that it's never truly EOL (End of Life). The disc images mostly remain online, and their licenses don't expire, so going back and installing an old version of Linux in a virtual machine and getting a precise picture of what progress Linux has made over the years is relatively simple... Whether you're new to Linux, or whether you're such an old hand that most of these screenshots have been more biographical than historical, it's good to be able to look back at how one of the largest open source projects in the world has developed. More importantly, it's exciting to think of where Linux is headed and how we can all be a part of that, starting now, and for years to come.
The article looks at seven distros -- Slackware 1.01 (1993), Debian 0.91 (1994), Jurix/S.u.S.E. (1996), SUSE 5.1 (1998), Red Hat 6.0 (1999), Mandrake 8.0 (2001), and Fedora 1 (2003). Click through for some of the highlights.
Operating Systems

Android 8.0's 'Streaming OS Updates' Will Work Even If Your Phone Is Full (arstechnica.com) 40

Regardless of whether or not your phone is full of pictures, or videos, or apps, you will still be able to download and install an OS update with Android 8.0. According to the latest source.android.com documentation, Google has cooked up a scheme to make sure that an "insufficient space" error will never stop an update again. Ars Technica reports: Where the heck can Google store the update if your phone is full, though? If you remember in Android 7.0, Google introduced a new feature called "Seamless Updates." This setup introduced a dual system partition scheme -- a "System A" and "System B" partition. The idea is that, when it comes time to install an update, you can normally use your phone on the online "System A" partition while an update is being applied to the offline "System B" partition in the background. Rather than the many minutes of downtime that would normally occur from an update, all that was needed to apply the update was a quick reboot. At that point, the device would just switch from partition A to the newly updated partition B. When you get that "out of space" error message during an update, you're only "out of space" on the user storage partition, which is just being used as a temporary download spot before the update is applied to the system partition. Starting with Android 8.0, the A/B system partition setup is being upgraded with a "streaming updates" feature. Update data will arrive from the Internet directly to the offline system partition, written block by block, in a ready-to-boot state. Instead of needing ~1GB of free space, Google will be bypassing user storage almost entirely, needing only ~100KB worth of free space for some metadata. Ars Technica goes on to note that the feature will be backported to Google Play Services, and will be enabled on "Android 7.0 and later" devices with a dual system partition setup.
GNOME

GNOME's Text Editor gedit 'No Longer Maintained', Needs New Developers (gnome.org) 239

AmiMoJo brings news about gedit, the default text editor for GNOME: In a post to the gedit mailing list, Sébastien Wilmet states that gedit is no longer maintained and asks "any developer interested to take over the maintenance of gedit?" Just in case you were considering it, he warns "BTW while the gedit core is written in C (with a bit of Objective-C for Mac OS X support), some plugins are written in Vala or Python. If you take over gedit maintenance, you'll need to deal with four programming languages (without counting the build system). The Python code is not compiled, so when doing refactorings in gedit core, good luck to port all the plugins (the Python code is also less "greppable" than C). At least with Vala there is a compiler, even if I would not recommend Vala."
Sébastien's comments were surrounded by a <rant-on-languages> tag, but they're still crying out for some serious discussion. Any Slashdot readers want to share their own insights on Python, some fond thoughts on gedit, or suggestions for maintaining a great piece of open source software?
Open Source

Linux Kernel Hardeners Grsecurity Sue Open Source's Bruce Perens (theregister.co.uk) 307

An anonymous reader shares a report from The Register: In late June, noted open-source programmer Bruce Perens [a longtime Slashdot reader] warned that using Grsecurity's Linux kernel security could invite legal trouble. "As a customer, it's my opinion that you would be subject to both contributory infringement and breach of contract by employing this product in conjunction with the Linux kernel under the no-redistribution policy currently employed by Grsecurity," Perens wrote on his blog. The following month, Perens was invited to court. Grsecurity sued the open-source doyen, his web host, and as-yet-unidentified defendants who may have helped him draft that post, for defamation and business interference. Grsecurity offers Linux kernel security patches on a paid-for subscription basis. The software hardens kernel defenses through checks for common errors like memory overflows. Perens, meanwhile, is known for using the Debian Free Software Guidelines to draft the Open Source Definition, with the help of others.

Grsecurity used to allow others to redistribute its patches, but the biz ended that practice for stable releases two years ago and for test patches in April this year. It offers its GPLv2 licensed software through a subscription agreement. The agreement says that customers who redistribute the code -- a right under the GPLv2 license -- will no longer be customers and will lose the right to distribute subsequent versions of the software. According to Perens, "GPL version 2 section 6 explicitly prohibits the addition of terms such as this redistribution prohibition." A legal complaint (PDF) filed on behalf of Grsecurity in San Francisco, California, insists the company's software complies with the GPLv2. Grsecurity's agreement, the lawsuit states, only applies to future patches, which have yet to be developed. Perens isn't arguing that the GPLv2 applies to unreleased software. Rather, he asserts the GPLv2, under section 6, specifically forbids the addition of contractual terms.

Android

Lenovo Switches To Stock Android For All Future Smartphones (ndtv.com) 80

Lenovo is canning its Vibe Pure UI Android skin in favor of the stock version of Google's mobile OS for its future smartphones, starting with the upcoming K8 Note, according to an interview from Gadgets 360 with Anuj Sharma, Lenovo India's head of marketing. From a report: Lenovo has confirmed that going forward, it will be abandoning its Vibe Pure UI Android customisation which ran on top of its recent Android smartphones in almost all markets. "What we have done in last 11 months is we looked at what we had in terms of software perspective. We have been close to the consumers and we saw what they were asking for. There was a certain trend and we have now decided to cut the Vibe Pure UI off from our phones. So you will now get the stock Android which consumers have been asking for," Sharma told Gadgets 360.
Open Source

OpenMoko: Ten Years After (vanille.de) 48

Michael Lauer, member of the core team at OpenMoko, a project that sought to create a family of open source mobile phones -- which included the hardware specs and the Linux-based OS -- has shared the inside story of what the project wanted to do and why it failed. From his blog post: For the 10th anniversary since the legendary OpenMoko announcement at the "Open Source in Mobile" (7th of November 2006 in Amsterdam), I've been meaning to write an anthology or -- as Paul Fertser suggested on #openmoko-cdevel -- an obituary. I've been thinking about objectively describing the motivation, the momentum, how it all began and -- sadly -- ended. I did even plan to include interviews with Sean, Harald, Werner, and some of the other veterans. But as with oh so many projects of (too) wide scope this would probably never be completed. As November 2016 passed without any progress, I decided to do something different instead. Something way more limited in scope, but something I can actually finish. My subjective view of the project, my participation, and what I think is left behind: My story, as OpenMoko employee #2. On top of that you will see a bunch of previously unreleased photos (bear with me, I'm not a good photographer and the camera sucked as well). [....] Right now my main occupation is writing software for Apple's platforms -- and while it's nice to work on apps using a massive set of luxury frameworks and APIs, you're locked and sandboxed within the software layers Apple allows you. I'd love to be able to work on an open source Linux-based middleware again. However, the sad truth is that it looks like there is no business case anymore for a truly open platform based on custom-designed hardware, since people refuse to spend extra money for tweakability, freedom, and security. Despite us living in times where privacy is massively endangered.
Patents

Apple Ordered To Pay $506 Million In Damages For Processor Patent Infringement (hothardware.com) 119

MojoKid writes from a report via Hot Hardware: Apple has been ordered to feed a recognized patent troll hundreds of millions of dollars for infringing on a patent that has to do with technology built into its A-series mobile processors. Initially Apple was on the hook for $234 million, owed to the University of Wisconsin-Madison Alumni Research Foundation (WARF) after it won a patent dispute against the Cupertino tech giant. However, a judge this week more than doubled the fine by tacking on an additional $272 million. U.S District Judge William Conley in Madison ruled that Apple owed additional damages plus interest because it continued to infringe on the patent all the way up until it expired in 2016. WARF is reportedly a non-practicing entity that exists only currently by defending its patents in litigation. The lawsuit filed in 2014 involves U.S. Patent No. 5,871,752, which describes the use of a predictor circuit that can help processors run more efficiently. WARF claimed the technology was used in Apple's A7, A8, and A8X processors that power the iPhone 5s, iPhone 6, iPhone 6 Plus, and various iterations of the iPad. Apple is not commenting on the matter, though it's being reported that Apple plans to fight and appeal the ruling.
IOS

iOS 11 Will Prevent Your iPhone From Automatically Connecting To Unreliable Wi-Fi Networks (trustedreviews.com) 88

A new feature spotted in iOS 11 beta 2 intelligently manages wireless networks based on their reliability, learning to ignore those that are too far away to provide a consistent experience. TrustedReviews reports: It follows the company's Wi-Fi Assist feature which meant handsets would switch to a data connection when Wi-Fi networks became too slow. Naturally, users weren't thrilled with the resulting data usage issues, and it seems Apple is looking to do better this time around. This new feature will disable "Auto join" for any network which suffers from low speed issues or is deemed to be generally unreliable. Users will, of course, still be able to join these networks manually, but the change should prevent the frustration that comes from iPhones automatically joining networks users know to be inadequate. At this point, there's no way to know how well the feature will work, and there will undoubtedly be issues when it eventually arrives in iOS 11.
Microsoft

Microsoft Confirms It's Not Killing Off Paint After Outpouring of Support (cnbc.com) 244

Microsoft said late Monday that it will not be killing off its Paint app in the next update of Windows 10. It will be made available via the Windows Store for free and will not be completely removed. CNBC reports: The U.S. technology company recently released a list which labeled Paint "deprecated," meaning it was considering removing the app when the Windows 10 Fall Creators Update gets released later this year. Fans on social media decried the potential death of Paint, which has been in existence for 32 years. But Microsoft released a blog post shortly after to clarify that Paint would not be completely removed, but instead made available via the Windows Store for free. "Today, we've seen an incredible outpouring of support and nostalgia around MS Paint. If there's anything we learned, it's that after 32 years, MS Paint has a lot of fans. It's been amazing to see so much love for our trusty old app," Megan Saunders, a general manager at Microsoft, wrote in a blog post on Monday. "Amidst today's commentary around MS Paint we wanted to take this opportunity to set the record straight, clear up some confusion and share some good news: MS Paint is here to stay, it will just have a new home soon, in the Windows Store where it will be available for free."
Debian

Debian 'Stretch' Updated With 9.1 Release (debian.org) 40

An anonymous reader quotes Debian.org: The Debian project is pleased to announce the first update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems... Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media... Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.
Operating Systems

Slackware, Oldest Linux Distro Still In Active Development, Turns 24 70

sombragris writes: July 17 marked the 24th anniversary of Slackware Linux, the oldest GNU/Linux still in active development, being created in 1993 by Patrick Volkerding, who still serves as its BDFL. Version 14.2 was launched last year, and the development version (Slackware-current) currently offers kernel 4.9.38, gcc 7.1, glibc 2.25, mesa 17.1.5, and KDE and Xfce as official desktops, with many others available as 3rd party packages. Slackware is also among the Linux distributions which have not adopted systemd as its init system; instead, it uses a modified BSD init which is quite simple and effective. Slackware is known to be a solid, stable and fast setup, with easy defaults which is appreciated by many Linux users worldwide. Phoronix has a small writeup noting the anniversary and there's also a nice reddit thread.
Ubuntu

Ubuntu 16.10 Reaches End of Life (softpedia.com) 164

prisoninmate shares a report from Softpedia: Today, July 20, 2017, is the last day when the Ubuntu 16.10 (Yakkety Yak) was supported by Canonical as the operating system now reached end of life, and it will no longer receive security and software updates. Dubbed by Canonical and Ubuntu founder Mark Shuttleworth as the Yakkety Yak, Ubuntu 16.10 was launched on October 13, 2016, and it was a short-lived release that only received nine (9) months of support through kernel updates, bug fixes, and security patches for various components. Starting today, you should no longer use Ubuntu 16.10 (Yakkety Yak) on your personal computer, even if it's up-to-date. Why? Because, in time, it will become vulnerable to all sort of attacks as Canonical won't provide security and kernel updates for this release. Therefore, all users are urged to upgrade to Ubuntu 17.04 (Zesty Zapus) immediately using the instructions here.
Android

Samsung's 'Bixby' Voice Assistant Finally Launches In US (theverge.com) 40

After 3 months, Samsung announced that the voice capabilities of its digital assistant are now rolling out to U.S. Galaxy S8 and S8+ owners. Now, if you happen to own a Galaxy S8 or S8+, the physical Bixby button on the lefthand side of your phone will be able to actually do something somewhat useful. The Verge reports: Bixby's voice capabilities have been available in the US as part of an opt-in beta test, and Samsung says that feedback has led to faster response times, improved comprehension of varied phrasing around the same question, better hands-free operation, and more. Over 100,000 users of the flagship devices have enrolled in the early access program and issued over 4 million voice commands. Also, Samsung says Bixby can now read aloud your latest SMS messages and emails -- if you use its stock apps on the Galaxy S8. Bixby can be activated with a push of the dedicated Bixby button located on the side of the Galaxy S8 and S8+, or by saying "hi Bixby." Like Siri and Google Assistant, Bixby can handle alarms, send texts, and so on, but its real power lies in the ability to access granular phone settings or -- in supported apps -- automatically move through several menu screens to perform commands that Google Assistant simply can't do. Samsung says that deep learning should allow Bixby to improve over time as it begins to recognize users' preferences and ways of speaking. Here's a video showing some of the voice commands Bixby can respond to.
Android

Android Backdoor 'GhostCtrl' Can Silently Record Your Audio, Video and More (neowin.net) 69

An anonymous reader quotes a report from Neowin: A new strain of malware designed for Android devices has recently been discovered, which not only can silently record audio and video, but can also monitor texts and calls, modify files, and ultimately spawn ransomware. Dubbed as 'GhostCtrl' by researchers over at Trend Micro, the malware is apparently a variant of OmniRAT, a remote administration tool for Android, which is available to the public. It also appears to be part of a wider campaign that targeted Israeli hospitals, where a worm called RETADUP surfaced back in June. According to the report, there are three versions of the malicious software. The first variant stole information and controlled a device's functionalities, while the second added new features to exploit. The third one combines all the features of the old versions, and adds even more malicious components into its system. The latest iteration of GhostCtrl can now monitor call logs, text messages, contacts, phone numbers, location, and browsing history. Furthermore, it has the ability to record the victim's Android version, battery level, and Bluetooth information. To make make matters worse, it can now also spy on unsuspecting victims by silently recording audio and video. The malware distributes itself via illegitimate apps for WhatsApp or Pokemon GO. Trend Micro suggests you keep your Android devices up to date and data backed up regularly. They also recommend using an app reputation system that can detect suspicious and malicious apps.
Android

Some OnePlus 5s Are Reportedly Rebooting After Dialing 911 (theverge.com) 59

The OnePlus 5, dubbed "the best sub-$500 phone you can buy" when it launched, is having a few problems. Earlier this month, some owners of the new device complained about a weird jelly-like effect that appears when scrolling through apps. OnePlus went on to claim that the effect is normal and not the result of any manufacturing issues. Now, a handful of users are reporting that the OnePlus 5 will reboot itself once 911 is called, preventing them from reaching emergency services. The Verge reports: Reddit user Nick Morrelli noticed the glitch after he tried to call 911 to report a building fire in Seattle, and other users have reported that the OnePlus 5 is unable to dial 911 (or 999 in the UK, as another user reported) without rebooting. While most users haven't reported having the issue, any percentage of devices not being able to reach emergency services is a major issue for OnePlus. In a statement to The Verge, OnePlus says it's looking into the problem. "We have contacted the customer and are currently looking into the issue. We ask anyone experiencing a similar situation to contact us at support@oneplus.net."
Android

End of the Line For Remix OS as Jide Shifts Its Energy Towards the Enterprise (neowin.net) 30

An anonymous reader shares a report: It was only in July last year that Remix OS, an Android-based operating system for PCs, was bumped up to Version 3.0, which featured Android 6.0 Marshmallow under the hood. In fact, news of the upgrade came hot on the heels of an announcement from Chuwi with regards to the release of its $239 Vi10 Plus tablet that dual-booted Remix OS and Windows 10. A little over a month later, Jide Technology then followed up with a "developer preview" of the OS leveraging Android 7.0 Nougat. However, after a somewhat brief period of existence of just a few years, the company has announced that it is shifting its focus away from the consumer segment to the enterprise. In a statement on its website, Jide stated that: "Over the past year, we received an increasing number of inquiries from enterprises in various industries, and began helping them build great tools for their organizations by leveraging Jide software and hardware. We see huge potential in the role that Jide can play to revolutionize how these businesses operate. And given our existing resources, we decided to focus our company efforts solely on the enterprise space moving forward."
Security

Exploit Derived From EternalSynergy Upgraded To Target Newer Windows Versions (bleepingcomputer.com) 61

An anonymous reader writes: "Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system," reports Bleeping Computer. "ETERNALSYNERGY is one of the NSA exploits leaked by the Shadow Brokers hacking group in April this year. According to a Microsoft technical analysis, the exploit can allow an attacker to execute code on Windows machines with SMB services exposed to external connections. The exploit works up to Windows 8. According to Microsoft, the techniques used in the original ETERNALSYNERGY exploit do not work on newer platforms due to several kernel security improvements. Wang says his exploit targets the same vulnerability but uses a different exploitation technique. His method 'should never crash a target,' the expert says. 'Chance should be nearly 0%,' Wang adds." Combining his exploit with the original ETERNALSYNERGY exploit would allow a hacker to target all Windows versions except Windows 10. This is about 75% of all Windows PCs. The exploit code is available for download from Wang's GitHub or ExploitDB. Sheila A. Berta, a security researcher for Telefonica's Eleven Paths security unit, has published a step-by-step guide on how to use Wang's exploit.

Slashdot Top Deals