Linux Journal takes a look at the newly announced LinuxBoot project. LWN covered a related talk back in November. “Modern firmware generally consists of two main parts: hardware initialization (early stages) and OS loading (late stages). These parts may be divided further depending on the implementation, but the overall flow is similar across boot firmware. The late stages have gained many capabilities over the years and often have an environment with drivers, utilities, a shell, a graphical menu (sometimes with 3D animations) and much more. Runtime components may remain resident and active after firmware exits. Firmware, which used to fit in an 8 KiB ROM, now contains an OS used to boot another OS and doesn’t always stop running after the OS boots. LinuxBoot replaces the late stages with a Linux kernel and initramfs, which are used to load and execute the next stage, whatever it may be and wherever it may come from. The Linux kernel included in LinuxBoot is called the ‘boot kernel’ to distinguish it from the ‘target kernel’ that is to be booted and may be something other than Linux.”
Karen Sandler has been giving conference talks about free software and open
for the better part of a decade at this point. LWN briefly covered a 2010 LinuxCon talk and a 2012 linux.conf.au (LCA) talk; her talk at
LCA 2012 was her first full-length keynote, she said. In this year’s
reviewed her history (including her love for LCA based in part on that 2012
and gave an update on the status of the source code for the device she
has implanted on her heart.
Back in mid-1997, your editor (Jonathan Corbet) and Liz Coolbaugh were
engaged in a long-running discussion on how to trade our nice, stable,
reliably paying jobs for a life of uncertainty, poverty, and
around-the-clock work. Not that we thought of it in those terms,
naturally. We eventually settled on joining Red Hat’s nascent “support
partner” program; while we were waiting for it to get started, we decided
to start a weekly newsletter as a side project — not big and
professional like the real press — to establish ourselves in the community.
Thus began an amazing journey that has just completed its 20th year.
The 4.15-rc8 kernel prepatch is out for
testing. Among other things, it includes the “retpoline” mechanism
intended to mitigate variant 2 of the Spectre vulnerability. Testing
of this change will be hard, though, since it requires a version of GCC
that almost nobody has — watch LWN for a full article in the near future.
“I’m still hoping that this will be the last
rc, despite all the Meltdown and Spectre hoopla. But we will just have to
see, it obviously requires this upcoming week to not come with any huge
Freedom of the Press Foundation has a
tribute to James Dolan, who died over the holidays at the age of 36. James worked with Aaron Swartz and journalist
Kevin Poulsen to build the original prototype of SecureDrop, an open-source whistleblower
submission system. “He was our first full-time employee at Freedom of
the Press Foundation, and quickly set out to teach other developers,
contributors, and anyone interested in how the system worked. He poured his
heart and soul into the work, traveling to newsrooms around North America
to teach IT staffs and journalists in person how to install and use
SecureDrop. He completely reworked the installation process, he pushed us
to get independent security audits of the system, and he helped us hire the
initial team that would take over SecureDrop once he was gone.” LWN covered a LibrePlanet talk on SecureDrop back in March 2017.
(Thanks to Paul Wise)
Rumors of an undisclosed CPU security issue have been circulating since
before LWN first covered the kernel
page-table isolation patch set in November 2017. Now, finally, the
information is out — and the problem is even worse than had been
expected. Read on for a summary of these issues and what has to be
done to respond to them in the kernel.
Back in October, LWN reported on a talk
state of the GNU Privacy Guard (GnuPG)
project, an asymmetric public-key encryption and
signing tool that had been almost abandoned by its lead developer due to lack
of resources before receiving a significant infusion of funding and community
attention. GnuPG 2 has brought about a number of changes and
at the same time, several efforts are underway to significantly change the way
GnuPG and OpenPGP are used. This article will look at the current
state of GnuPG and the OpenPGP web of trust, as compared to new implementations
of the OpenPGP standard and other trust systems.
Welcome to the first LWN.net feature article for 2018. The holidays are
over and it’s time to get back to work. One of the first orders of
business here at LWN is keeping up with our ill-advised tradition of making
unlikely predictions for the coming year. There can be no doubt that 2018
will be an eventful and interesting year; here’s our attempt at guessing
how it will play out.
The December 21 LWN Weekly Edition will be the final one for 2017; as
usual, we will take the last week of the year off and return on
January 4. It’s that time of year where one is moved to look back
over the last twelve months and ruminate on what happened; at LWN, we also
get the opportunity to mock the predictions we
made back in January. Read on for the scorecard and a year-end note