Plus how PipeWire will improve day-to-day desktop life, Google's push for more kernel investments, and a lot more.

Sponsored By:

• Linode: Sign up using the link on this page and receive a $100 60-day credit towards your new account.
• Ting: Save $25 off your first device, or $25 in service credit if you bring one!

Support Linux Action News

Links:

• Google Calls On Companies To Devote More Engineers To Upstream Linux, Toolchains — The post notes that stable Linux kernel releases see close to 100 new fixes each week, but given that rate of change vendors are not always picking up the latest fixes or in some cases just trying to cherry-pick the "important" fixes. Besides acknowledging the need for more upstream kernel developers, the post also encourages vendors to go the route of chasing the latest Linux stable or LTS kernel releases in order to incorporate all fixes.
• Google Online Security Blog: Linux Kernel Security Done Right
• It’s time to improve Linux’s security | ZDNet
• Google slams Linux kernel, says it needs major security investment | TechRadar
• Bug in Lynx’ SSL certificate validation
• Intel Proposes Linux Kernel Driver Allow/Deny Filtering — Given the VMM is an untrusted entity and the VMM presents emulated hardware to the guest, a threat vector similar to Thunderclap [1] is present. Also, for ease of deployment, it is useful to be able to use the same kernel binary on host and guest, but that presents a wide attack surface given the range of hardware supported in typical builds.
• [PATCH v1] driver: base: Add driver filter support
• PipeWire 0.3.33 Released — Bluetooth can now automatically switch between headset and audio profile
• 0.3.33 · PipeWire / pipewire · GitLab
• Samsung's In-Kernel SMB3 Server Gets Closer to Real — Samsung has been developing "KSMBD" (formerly also known as CIFSD) as an in-kernel SMB3 file sharing server.
• I tried Steam Deck early and it’s AWESOME! - YouTube — It's my lucky day! Valve let me try the Steam Deck early - And it destroyed my expectations. Just how good is it? Let me explain...
• I Have MORE to Say About Steam Deck - WAN Show August 6, 2021 - YouTube
• A major bug fix week over at the KDE project — We are really trying to improve the stability of our software now that it’s starting to be used in more 3rd-party products like the Steam Deck.
• Lutris 0.5.9 Beta Released With Epic Games Store Support — The Lutris 0.5.9 beta delivers on initial support for the Epic Games Store, support for DXVK-NVAPI and DLSS, FidelityFX Super Resolution is now an exposed option for compatible Wine versions, Valve's Gamescope Wayland game compositor is now an option, Esync usage is now enabled by default, the Dolphin emulator is now available as a game source, improved process monitoring, and other enhancements. It's quite a hearty update for this game manager.
• Many Interesting Talks On Deck For The X.Org Developers Conference 2021 - Phoronix
• Join our Telegram Group — jupiterbroadcasting.com/telegram
• Get Linux Action News weekly by subscribing for free

Plus a new magazine from the Raspberry Pi Foundation, several vulnerabilities in Intel's Management Engine, and more!

Support Linux Action News

Links:

• Google collected location data from Android users who didn't know — In a nutshell, the whereabouts of every active Android phone and tablet in the world were tracked even with location services disabled and no carrier SIM card inserted.
• Ubuntu want community input on Mir — However we’re also at the place where we need to reach out to the community and ask what are the aspects of your desktop that you value most, to help us figure out a direction for Mir.
• New magazine from the Raspberry Pi Foundation - Hackspace — The first issue of HackSpace magazine is here! Join us as we explore thinking machines, build a trebuchet, learn how Arduino changed the world, see how far we can overclock a Raspberry Pi using liquid nitrogen, and much more…
• Linus gets heated about kernel security — Linux Lord fires up over proposal to secure Linux by shutting down wonky processes
• Then calmly explains his position — His long post on the matter suggested to security practitioners that “'Do no harm' should be your mantra for any new hardening work.”
• Others act like children — So on the day of Kees' presentation, where he tried to drop a useless 0day on me and talk up how many upstream developers reviewed his code that did the same limitation *right*, I wrote an exploit of my own.
• Vulnerability in Intel Management Engine — Remote attackers could launch commands on a host of Intel-based computers, including laptops and desktops shipped with Intel Core processors since 2015.