prisoninmate quotes a report from Softpedia: UbuntuBSD maintainer and lead developer Jon Boden is now looking for a way for his operating system to contribute to the Ubuntu community and, eventually, become an official Ubuntu flavor. Just two weeks ago, [Softpedia] introduced the ubuntuBSD project, whose main design goal is to bring users an operating system powered by the FreeBSD kernel while offering them the familiarity of the Ubuntu Linux OS. Right now, ubuntuBSD is in heavy development, with a fourth Beta build out the door, and it looks like the developer already seeks official status and wants to contribute all of his work to the main Ubuntu channels. [Canonical has yet to respond.]

prisoninmate writes: To celebrate the launch of Ubuntu 16.04 LTS, due for release later this month, on April 21, Canonical put together an interesting infographic, showing the world how popular Ubuntu is. From the infographic, it looks like there are over 60 million Ubuntu images launched by Docker users, 14 million Vagrant images of Ubuntu 14.04 LTS from HashiCorp, 20 million launches of Ubuntu instances during 2015 in public and private clouds, as well as bare metal, and 2 million new Ubuntu Cloud instances launched in November 2015. Ubuntu is used on the International Space Station, on the servers of popular online services like Netflix, Snapchat, Pinterest, Reddit, Dropbox, PayPal, Wikipedia, and Instagram, in Google, Tesla, George Hotz, and Uber cars. It is also employed at Bloomberg, Weta Digital and Walmart, at the Brigham Young University to control the Mars Rover, and it is even behind the largest supercomputer in the world.

Andrey Akselrod, CTO and a co-founder of Smartling, writes for TechCrunch: DevOps, as we know it, is dead. Perhaps not many people agree with me, but the age of DevOps is just about over. It's a "Perfect Storm" scenario in some ways. Lots of events coming together that drastically change the status quo. And where it all began was the concept and eventual widespread adoption of agile development and continuous deployment practices. DevOps was invented as a way to unite developers and IT operations (system administrators) to help them find a common ground. The premise was to automate the development and deployment tools that require collaborations between both disciplines. But someone still has to come in and write the required tool set. Thus, most companies resolved to create DevOps teams that combined the expertise of both sides to support their developers. The old model of throwing the code over the wall to system administrators who would deploy it stopped working with agile processes and continuous deployment practices. Whose responsibility is it when something goes wrong -- the person deploying the code or the developer? Developers don't know much about deploying and systems administrators don't know much about how the code is supposed to work.

v3rgEz writes: Jeff Bezos is bullish on the cloud, pegging AWS' sales for this year at $10 billion in a recent letter to shareholders. But he said there was a surprising source of that success: The company's willingness to fail. That said, with AWS now spanning 70 different services, Amazon can afford to fail some as long as few, like EC2 and S3, keep winning. Bezos wrote: "One area where I think we are especially distinctive is failure. I believe we are the best place in the world to fail (we have plenty of practice!), and failure and invention are inseparable twins. To invent you have to experiment, and if you know in advance that it's going to work, it's not an experiment. Most large organizations embrace the idea of invention, but are not willing to suffer the string of failed experiments necessary to get there."

An anonymous reader quotes a report from VentureBeat: Google today launched Android Studio 2.0, the latest version of its integrated development environment (IDE), with a long list of new features. You can download the new version for Windows, Mac, and Linux now directly from Android.com/SDK. In November, Google unveiled Android Studio 2.0, the second major version of its IDE. Version 2.0 brings a slew of improvements, including Instant Run, a faster Android emulator, and app indexing improvements. Google released a beta in February, though it didn't say when the final version would be ready ([VentureBeat] speculated in time for its I/O developer conference in May, and the company debuted with a month to spare). The full feature list includes Instant Run, Android Emulator, Cloud Test Lab, App Indexing, and GPU Debugger Preview.

An anonymous reader writes: Google has plans to make Apple's Swift object-oriented language a "first-class" language for Android, reports The Next Web. The publication, citing sources, adds that Google doesn't mean to replace the current first-class language for Android -- Java -- at least, "initially." Google sees an "upside" in using Swift, which Apple made open source last year. But a ton of things need to fall into place for this to work. From the report, "All told, Google would have to effectively recreate its efforts with Java -- for Swift. If the company is motivated enough, it's very possible to do so without compromising on its open source values or ruffling any developer feathers along the way." The company is also discussing internally about making Kotlin as a first-class language for Android. "Unlike Swift, Kotlin works with Android Studio, Google's IDE for Android development. Unfortunately, sources tell The Next Web that Google's current mindset is that Kotlin is a bit too slow when compiling."

An anonymous reader writes: Blizzard is threatening legal action against the popular "pirate" servers for World of Warcraft. The Nostalrius servers have been operating for nearly a year, running version 1.12 of the original World of Warcraft as it existed in 2006. Admins say that 800K registered accounts and 150K active players were working through quest progressions reproduced to precisely match the game of a decade ago. Nostalrius' team says its French hosting provider has been issued a formal letter asking it to shut down the servers or face a potential copyright infringement lawsuit as hosting private servers is explicitly against Blizzard's Terms of Use. Blizzard says the rule "isn't an issue because of 'lost' subscription fees from players choosing these illegitimate servers over the real WoW servers -- it simply boils down to the fact that private servers are illegal, and that's that." Nostalrius' servers will be shut down on April 10, but the team says it "will still be publicly providing everything needed in order to setup your own 'Nostalrius' if you are willing to."

darthcamaro writes: The 13th release of OpenStack, codenamed Mitaka is now generally available with updates across all major projects. Among the biggest new capabilities in OpenStack Mitaka however isn't a new project or a new feature in a single existing project, but rather the official debut of the OpenStack Client, which creates for the first time a unified command line interface to control the cloud.

According to eWEEK: "The OpenStack client is a command line client that unifies access across all the main projects," Jonathan Bryce, executive director of the OpenStack Foundation, told eWEEK. So if an administrator wants to create a user, a block storage device or a virtual server, or attach to a network, all those functions are now enabled in the single tool that is the OpenStack client. The OpenStack client provides a standardized set of commands, whereas previously, each project had its own command line client, Bryce said. He added that the OpenStack client can be run locally or in the cloud, and can be configured to control multiple OpenStack clouds.

An anonymous reader quotes a report from WordPress Tavern: Authorities have not yet identified the hacker behind the Panama Papers breach, nor have they isolated the exact attack vector. It is clear that Mossack Fonseca, the Panamanian law firm that protected the assets of the rich and powerful by setting up shell companies, had employed a dangerously loose policy towards web security and communications. The firm ran its unencrypted emails through an outdated (2009) version of Microsoft's Outlook Web Access. Outdated open source software running the frontend of the firm's websites is also now suspected to have provided a vector for the compromise. Forbes has identified outdated WordPress and Drupal installations as security holes that may have led to the data leak. [WordPress Tavern Editor Sarah Gooding] found that the firm's WordPress-powered site is currently running on version 4.1 (released in December 2014), based on its version of autosave.js, which is identical to the autosave.js file shipped in 4.1. The main site is also loading a number of outdated scripts and plugins. Its active theme is a three-year-old version of Twenty Eleven (1.5), which oddly resides in a directory labeled for /twentyten/. The Mossack Fonseca client portal changelog.txt file is public, showing that its Drupal installation hasn't been updated for three years. Since the release of version 7.23, the software has received 25 security updates, which means that the version it is running includes highly critical known vulnerabilities that could have given the hacker access to the server.

TechnoidNash quotes a report from Techie News: Rembrandt van Rijn was one of the most influential classical painters, and the world lost his amazing talent when he died nearly four centuries ago. And yet his newest masterpiece was unveiled only yesterday. How? By scanning and analyzing Rembrandt's works, a computer was able to create a new painting in near-perfect mimicry of Rembrandt's style. It has been named, appropriately, "The Next Rembrandt." The computer used machine-learning algorithms to create the portrait, which was then 3D-printed to give it the same texture as an oil painting. "The Next Rembrant," was a collaboration between Microsoft, ING, Delft University of Technology and two Dutch art museums -- Mauritshuis and Rembrandthuis.

An anonymous reader writes: The scenario which all parents hate seems to have materialized in the form of an Android app [called Magic Kinder] that lets strangers send texts, images, and videos to kids. All of this is facilitated by a simple app design and lack of encryption, which allows attackers to manipulate HTTP requests and send any content they like to any of the app's users. Currently, because the app developer did not respond, the issues are still present in the app. Fortunately, the app hasn't been installed on more than 11,000 devices.

prisoninmate writes: Budgie-Remix maintainer David Mohammed informs Softpedia about the progress made with the upcoming operating system, whose ultimate goal is to become an official Ubuntu Linux flavor, possibly under the name of Ubuntu Budgie. Even Canonical founder Mark Shuttleworth said in a Google+ comment last month that it will definitely support if there is a community around the packaging. Since their initial report, it looks like the developer managed to get in contact with the Ubuntu MATE project leader Martin Wimpress, who urged him to target Ubuntu 16.10 for an official status of his soon-to-be-named Ubuntu flavor built on top of the Budgie desktop environment created by the team of developers from Solus Project.

An anonymous reader quotes a report from BBC: China appears to be censoring social media posts on the Panama Papers document leak which has named several members of China's elite, including President Xi Jinping's brother-in-law. Hundreds of posts on networks such as Sina Weibo and Wechat on the topic have been deleted since Monday morning. According to the International Consortium of Investigative Journalists (ICIJ), the Panama Papers show that Mr. Deng acquired two offshore companies in 2009, at a time when Mr. Xi was rising in politics. State media appeared to black out the news. But many on microblogging network Sina Weibo and mobile chat network Wechat were discussing the topic on Monday morning, sharing Chinese translations of details of the story, including information on Mr. Deng. A hashtag created on the topic quickly trended. Checks by the BBC found that by the end of the day many of those posts had disappeared, with at least 481 discussions deleted from the hashtag's Weibo topic page, and other posts shared on Wechat also deleted. The website Freeweibo.com, which actively tracks censorship on Weibo, listed "Panama" as the second-most censored term on the network.

An anonymous reader quotes a report from USA TODAY: Toyota announced an enhanced relationship with Microsoft on Monday aimed at delivering "connected car" services to drivers in ways they probably never could have imagined. Already, drivers ask the infotainment system in their cars for restaurant recommendations, but many locations often would require that a driver turn around. But with Toyota Connected, the system might be modified to only recommend restaurants on the highway ahead -- and then only the kinds of food that the driver usually prefers. Road information can be delivered to drivers based on driving patterns -- knowing the routes they usually take. Auto insurance could be priced more accurately because the system could report on a driver's actual miles and routes traveled. Medical-related sensors could also be built into the car, like heartbeat monitors or sensors on the steering wheel. Some of the services could be offered to customers wirelessly by being beamed directly into their cars, but Lobenstein said that customer privacy considerations will be paramount. Toyota Connected hopes to have its first products within a year. Toyota Connected, as it's called, is built on Microsoft's Azure cloud computing platform. Toyota plans to invest $5.5 million in the new venture, even though much of the technology will be based on their current research and development for smart automobiles.

An anonymous reader writes: For those of you who have traveled through U.S. airports in recent years, you may have noticed the Transport Security Administration (TSA) use a Randomizer app to randomly search travelers in the Pre-Check lane. The app randomly chooses whether travelers go left or right in the Pre-Check lane so they can't predict which lane each person is assigned to and can't figure out how to avoid the random checks. Developer Kevin Burke submitted a Freedom of Information Act request asking for details about the app. The documents he received reveals the TSA purchased the Randomizer iPad app for $336,413.59. That's $336,413.59 for an app, which is incredibly simple to make as most programming languages of choice have a randomizing function available to use. What may be even more intriguing is that the contract for the TSA Randomizer app was won by IBM. The total amount paid for the project is actually $1.4 million, but the cost is not broken down in Burke's documents. It's possible IBM supplied all the iPads and training in addition to the app itself.

An anonymous reader quotes a report from Business Insider: The entire Turkish citizenship database has allegedly been hacked and leaked online. A website with purportedly leaked details of 49,611,709 Turkish citizens is online and allegedly gives the following details of each citizen -- including the Turkish President Tayyip Erdogan: National Identifier (TC Kimlik No), First Name, Last Name, Mother's First Name, Father's First Name, Gender, City of Birth, Date of Birth, ID Registration City and District, and Full Address. The apparent hack seems to be politically motivated. The website reads: "Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?" The hack amounts to about 6.6GB worth of uncompressed files, which may make it one of the biggest data leaks of its kind in history. While The Register has also reported on the leak, some claim the leak has correct information but is just a decrypted version of data that was leaked over a couple of months ago. Specifically, the info contains data of Turkish citizens who voted in 2009 elections.

An anonymous reader writes: Wim Coekaerts, formerly Oracle's Senior VP of Linux and Virtualization Engineering, has left Oracle for Microsoft. Many of you may know of Coekaerts as "Mr. Linux" as he delivered the first Linux products, transitioned Oracle's programming staff from Windows to Linux desktops, and turned Oracle into a Linux distributor with the launch of its Red Hat Enterprise Linux (RHEL) clone, Oracle Linux. Mike Neil, Microsoft's Corporate Vice President of the Enterprise Cloud, told ZDNet, "Wim Coekaerts has joined Microsoft as Corp VP of Open Source in our Enterprise Cloud Group. As we continue to deepen our commitment to open source, Wim will focus on deepening our engagement, contributions and innovation to the open-source community."

An anonymous reader shares a report on BetaNews: Red Hat -- fresh from celebrating a historic $2 billion in annual revenue -- releases a developer-focused gift to the world. The Red Hat Enterprise Linux Developer Suite is totally free, including an RHEL license and valuable developer tools, like the JBoss Middleware portfolio. This is through the Red Hat Developer Program. If you want to take advantage of this amazing offer, you can sign up through the company's website Red Hat seems a bit late to the party. Many argue that the company should've made its update-only subscription for individuals free from the beginning -- especially considering it isn't a major source of revenue for the company. Exciting time for developers, nonetheless.

An anonymous reader shares an article on Ars Technica: The teenager who grabbed headlines earlier this week for hacking a fake game listing on to Valve's Steam store says there are "definitely" more vulnerabilities to be found in the popular game distribution service. But he won't be the one to find them, thanks to what he sees as Valve "giv[ing] so little of a shit about people's [security] findings." Ruby Nealon, a 16-year-old university student from England, says that probing various corporate servers for vulnerabilities has been a hobby of his since the age of 11. His efforts came to the attention of Valve (and the wider world) after an HTML-based hack let him post a game called "Watch paint dry" on Steam without Valve's approval over the weekend."It looks like their website hasn't been updated for years," Nealon told Ars. "Compared to even other smaller Web startups, they're really lacking. This stuff was like the lowest of the lowest hanging fruit."

An anonymous reader writes: Four years after the release of a groundbreaking study on the state of SSL/TLS certificates in non-browser applications (APIs [to be exact]), some programming languages fail to provide developers with the appropriate tools to validate certificates. Using three simple test scripts connected to a list of known vulnerable HTTPS servers, researchers logged their results to see which programming languages detected any problems. According to the results, all tested programming languages (PHP, Python, Go), in various configurations, failed to detect HTTPS connections that used revoked SSL/TLS certificates. This is a problem for HTTPS-protected APIs since users aren't visually warned, like in browsers, that they're on an insecure connection. "PHP, Python, and Google Go perform no revocation checks by default, neither does the cURL library. If the certificate was compromised and revoked by the owner, you will never know about it," noted Sucuri's Peter Kankowski.