Canonical Voices

Posts tagged with 'canonical news'

Robbie Williamson

The following is an update on Ubuntu’s response to the latest Internet emergency security issue, POODLE (CVE-2014-3566), in combination with an
SSLv3 downgrade vulnerability.

Vulnerability Summary

“SSL 3.0 is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0, TLS 1.1, and TLS 1.2, many TLS implementations remain backwards­ compatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used.” -https://www.openssl.org/~bodo/ssl-poodle.pdf

A vulnerability was discovered that affects the protocol negotiation between browsers and HTTP servers, where a man-in-the-middle (MITM) attacker is able trigger a protocol downgrade (ie, force downgrade to SSLv3, CVE to be assigned).  Additionally, a new attack was discovered against the CBC block cipher used in SSLv3 (POODLE, CVE-2014-3566).  Because of this new weakness in the CBC block cipher and the known weaknesses in the RC4 stream cipher (both used with SSLv3), attackers who successfully downgrade the victim’s connection to SSLv3 can now exploit the weaknesses of these ciphers to ascertain the plaintext of portions of the connection through brute force attacks.  For example, an attacker who is able to manipulate the encrypted connection is able to steal HTTP cookies.  Note, the protocol downgrade vulnerability exists in web browsers and is not implemented in the ssl libraries.  Therefore, the downgrade attack is currently known to exist only for HTTP.

OpenSSL will be updated to guard against illegal protocol negotiation downgrades (TLS_FALLBACK_SCSV).  When the server and client are updated to use TLS_FALLBACK_SCSV, the protocol cannot be downgraded to below the highest protocol that is supported between the two (so if the client and the server both support TLS 1.2, SSLv3 cannot be used even if the server offers SSLv3).

The recommended course of action is ultimately for sites to disable SSLv3 on their servers, and for browsers to disable SSLv3 by default since the SSLv3 protocol is known to be broken.  However, it will take time for sites to disable SSLv3, and some sites will choose not to, in order to support legacy browsers (eg, IE6).  As a result, immediately disabling SSLv3 in Ubuntu in the openssl libraries, in servers or in browsers, will break sites that still rely on SSLv3.

Ubuntu’s Response:

Unfortunately, this issue cannot be addressed in a single USN because this is a vulnerability in a protocol, and the Internet must respond accordingly (ie SSLv3 must be disabled everywhere).  Ubuntu’s response provides a path forward to transition users towards safe defaults:

  • Add TLS_FALLBACK_SCSV to openssl in a USN:  In progress, upstream openssl is bundling this patch with other fixes that we will incorporate
  • Follow Google’s lead regarding chromium and chromium content api (as used in oxide):
    • Add TLS_FALLBACK_SCSV support to chromium and oxide:  Done – Added by Google months ago.
    • Disable fallback to SSLv3 in next major version:  In Progress
    • Disable SSLv3 in future version:  In Progress
  • Follow Mozilla’s lead regarding Mozilla products:
    • Disable SSLv3 by default in Firefox 34:  In Progress – due Nov 25
    • Add TLS_FALLBACK_SCSV support in Firefox 35:  In Progress

Ubuntu currently will not:

  • Disable SSLv3 in the OpenSSL libraries at this time, so as not to break compatibility where it is needed
  • Disable SSLv3 in Apache, nginx, etc, so as not to break compatibility where it is needed
  • Preempt Google’s and Mozilla’s plans.  The timing of their response is critical to giving sites an opportunity to migrate away from SSLv3 to minimize regressions

For more information on Ubuntu security notices that affect the current supported releases of Ubuntu, or to report a security vulnerability in an Ubuntu package, please visit http://www.ubuntu.com/usn/.

 

Read more
Robin Winslow

On 10th September 2014, Canonical are joining in with Internet Slowdown day to support the fight for net neutrality.

Along with Reddit, Tumblr, Boing Boing, Kickstarter and many more sites, we will be sporting banners on our main sites, www.ubuntu.com and www.canonical.com.

Net neutrality

From Wikipedia:

Net neutrality is the principle that Internet service providers and governments should treat all data on the Internet equally, not discriminating or charging differentially by user, content, site, platform, application, type of attached equipment, and modes of communication.

Internet Slowdown day

#InternetSlowdown day is in protest to the FCC’s plans to allow ISPs in America to offer “paid prioritization” of their traffic to certain companies.

If large companies were allowed to pay ISPs to prioritise their traffic, it would be much harder for competing companies to enter the market, effectively giving large corporations a greater monopoly.

I believe that internet service providers should conform to common carrier laws where the carrier is required to provide service to the general public without discrimination.

If you too support net neutrality, please consider signing the Battle for the net petition.

Also posted on my blog.

Read more
Jane Silber

The social and business value of having a diverse workforce is well documented.  Equally well documented is the relative lack of women in technology, and in open source.

At Canonical we are working hard to build a globally diverse workforce. We are well positioned to do so, particularly building on our open source roots, and in areas such as supporting geographic diversity we are quite successful.   However, in terms of gender diversity, women make up only 13% of Canonical and, slightly more encouragingly, 18% of our managers.   It is disappointing to me that despite having one of the most welcoming, collaborative, flexible and meritocratic environments I have known, we still have such a large gender disparity.

As a woman in technology and a CEO, I am aware of the power of positive examples.  While we need to learn from and eliminate the discouragement, barriers and illegal behaviour which continues to haunt women in technology, we should also celebrate the possibilities, highlight the opportunities and help illuminate a path for others to follow.  In that vein, I’d like to introduce you to a few of the amazing women in technical leadership roles in Canonical.

 

Alexis Bruemmer is the Engineering Manager for Canonical’s Juju team – a team of brilliant engineers working to make cloud orchestration easy, portable and flawless.  Alexis has been working in Linux since her graduation in 2005 and is passionate about open source.  Prior to Canonical, Alexis was at IBM’s Linux Technology Center.  Beyond her work as a professional, she is active in the community promoting STEM outreach as Vice Chair for Saturday Academy and long time member of Society of Women Engineers.

 

Ara Pulido is the Hardware Certification Manager at Canonical, leading the team that defines and ensures the quality bar for desktops and laptops pre-installed with Ubuntu. She discovered Free Software at college, where she was a founding member of the local LUG back in 2002. She joined Canonical 6 years ago in the Ubuntu Engineering QA team. You can follow her at https://twitter.com/arapulido.

 

Leann Ogasawara is the Engineering Manager for our Kernel Team, following a series of promotions at Canonical from Kernel QA to Kernel Engineer to overall team manager.  She has been involved in Linux and Open Source for over a decade.  Before coming to Canonical in 2007, Leann was at the Open Source Development Labs.

 

Pat Gaughen is the Engineering Manager for the fabulous Ubuntu Server and Openstack Development team.  She’s worked in Linux since 1999, and has been in love with Operating System internals for even longer. Prior to Canonical, Pat was at the IBM Linux Technology Center.

 

Roxanne Fan is the Quality Assurance Manager in our Devices Commercial Engineering team. She has been working in data mining for software quality improvement and automation tool development for the past 12 years. She wrote her Masters thesis on the performance of innovative routing for wireless sensor networks in the Ubuntu system. Before Canonical, she was at Pegatron Corp.

 

There are of course many reasons why women join and succeed at Canonical – great technology, inspirational colleagues, the opportunity to innovate, and to fundamentally have an impact on people’s mobile and cloud computing experiences.  Some of the less visible yet fundamental characteristics of Canonical which allow women to succeed in leadership positions include:

  • A commitment to a respectful, collaborative, meritocratic environment sets the stage. One of the earliest manifestations of this commitment was encoded in the Ubuntu Code of Conduct.  This clear statement of expectations has helped make the Ubuntu community a welcoming place for women, and applies in equal measure to Canonical.
  • Our recruitment philosophy of ‘hire only the best people’,  largely unrestricted by geographical boundaries, provides us with the opportunity to grow and support a diverse workforce.   It enables us to consider candidates of varying locations,  economic circumstances, gender, and physical ability.   Like all organisations we want the best person for the role, and leveraging our expertise in distributed, multi-cultural environments allows us to widen our recruiting net significantly.  Across all Canonical companies, our staff is 30% UK, 32% US, and 38% rest of world.  Those percentages are approximately the same when looking at all staff or management/leadership roles, thus providing excellent leadership opportunities in sometimes underserved markets.
  • We operate on a largely distributed environment and strive to support both home-based and office-based workers in equal measure.    With 75% of our employees working remotely we have an extremely high trust environment, thereby empowering employees to integrate working life with home life.  This approach has enabled us to retain men and women who otherwise may have left due to family demands.

I find the women above inspiring and am proud to work with them and many others of the same calibre. But we still have a long road to travel for our diversity figures to be where they should be.    As with the root causes of the problem, the solution is multi-faceted and complex.  We know that there is much more we can do to attract and retain greater diversity at Canonical, and are redoubling our efforts to do so.  As a first step, come join us!

Read more
Jane Silber

Today we are announcing plans to shut down the Ubuntu One file services.  This is a tough decision, particularly when our users rely so heavily on the functionality that Ubuntu One provides.  However, like any company, we want to focus our efforts on our most important strategic initiatives and ensure we are not spread too thin.

Our strategic priority for Ubuntu is making the best converged operating system for phones, tablets, desktops and more. In fact, our user experience, developer tools for apps and scopes, and commercial relationships have been constructed specifically to highlight third party content and services (as opposed to our own); this is one of our many differentiators from our competitors.  Additionally, the free storage wars aren’t a sustainable place for us to be, particularly with other services now regularly offering 25GB-50GB free storage.  If we offer a service, we want it to compete on a global scale, and for Ubuntu One to continue to do that would require more investment than we are willing to make. We choose instead to invest in making the absolute best, open platform  and to highlight the best of our partners’ services and content.

As of today, it will no longer be possible to purchase storage or music from the Ubuntu One store. The Ubuntu One file services will not be included in the upcoming Ubuntu 14.04 LTS release, and the Ubuntu One apps in older versions of Ubuntu and in the Ubuntu, Google, and Apple stores will be updated appropriately. The current services will be unavailable from 1 June 2014; user content will remain available for download until 31 July, at which time it will be deleted.

We will work to ensure that customers have an easy path to download all their content from Ubuntu One to migrate to other personal cloud services.  Additionally, we continue to believe in the Ubuntu One file services, the quality of the code, and the user experience, so will release the code as open source software to give others an opportunity to build on this code to create an open source file syncing platform.

Customers who have an active annual subscription will have their unused fees refunded. We will calculate the refund amount from today’s announcement, even though the service will remain available until 1 June and data available for a further two months.

We will contact customers separately with additional information about what to expect.  We will also publish further blog posts with advice on how to download content and with details on the open sourcing of the code.

The shutdown will not affect the Ubuntu One single sign on service, the Ubuntu One payment service, or the backend U1DB database service.

We’ve always been inspired by the support, feedback and enthusiasm of our users and want to thank you for the support you’ve shown for Ubuntu One. We hope that you’ll continue to support us as together we bring a revolutionary experience to new devices.

UPDATE:  See this post for updated information on downloading all your content from Ubuntu One.  We are aware that in some rare cases (large amount of content or very large number of files), the bulk download to a single archive is failing. Don’t worry – your content is not lost and we’ll post an updated bulk download tool which generates multiple archives rather than a single large one. We know of no issues with the other options discussed in that post.

 

Read more
Mark Baker

It is with great pride that we saw Ubuntu winning W3tech’s Operating System of the year award.

w3techs_Jan2014

For those of us that work on Ubuntu, increased adoption is one of the most satisfying results of our work and is the best measure of the if we are doing the right thing or not. What is most significant about this though, as is highlighted above, this is the third year running that Ubuntu has won the award. The reasoning is fairly simple: the growth of Ubuntu as a platform for online infrastructure has far outstripped that of other operating systems.

w3techs_last3_yrs

In fact, over the last three years only two Linux operating systems showed any growth at all – Debian and Ubuntu, although Gentoo had some traction in 2013.

Ubuntu overtaking CentOS was the most significant change in 2013 and our popularity continues to grow whilst many other decline. Many of the notable web properties of 2013 are confirmed Ubuntu users: Snapchat, Uber, Instagram, Buzzfeed, Hailo, Netflix etc…Developers at fast thinking, innovative companies love Ubuntu for its flexibility and the ability to get the latest frameworks up and running quickly and easily on cloud on or bare metal.

As observers of the industry will know, tech used in Silicon Valley startups quickly filters through to more traditional Enterprises. With the launch of Ubuntu 14.04 LTS in April, Ubuntu is set for continued greatness this year as more and more businesses seek the agility and innovation shown by many of the hot tech properties. It will be fun trying to make it happen too.

Read about the w3tech awards at:

http://w3techs.com/blog/entry/web_technologies_of_the_year_2013

Images courtesy of w3techs.com

Read more
admin

  • Ubuntu Server 13.10 is available from 17th October; first fully supported release of the new OpenStack Havana, with VMWare vSphere integration, faster node installation and a new version of Juju that supports ultra-dense containerised application deployment.

Canonical today announced that the next version of Ubuntu for server and cloud environments will be released on 17 October 2013.

“Ubuntu 13.10 delivers the latest and best version of OpenStack, and is the fastest, most flexible platform for scale-out computing,” says Mark Shuttleworth, Founder of Ubuntu and VP Products for Canonical. “Ubuntu is typically used in very large scale deployments. In this release we’ve tuned the cloud deployment experience for very small clusters as well, to support dev-and-test environments.” This 13.10 release makes it possible to deploy a full OpenStack cloud on only 5 servers and offers a sophisticated Landscape dashboard for the management of Ubuntu OpenStack clouds no matter their size.

Enterprise management of OpenStack clouds and the workloads deployed on them has been a focus for Canonical in the latest development cycle. “With Landscape, we simplify the lives of enterprise compliance and administration teams, with a full suite of compliance, performance monitoring and security update tools that work on all cloud and physical environments. Now we’ve added real-time dashboards for your OpenStack cloud, too” says Federico Lucifredi, who leads Ubuntu server product management.

While Ubuntu itself is an operating system, much of the recent work by Canonical and the Ubuntu community has been to deliver complete solutions and applications on top of it. The breakthrough Juju service orchestration tool from Canonical makes it easy to design, deploy, manage and scale workloads securely from a browser or the command line. In 13.10, Juju can instantly deploy an entire software environment or service as a “bundle” directly from the easy-to-use Juju GUI, improving on the previous deployment of individual components. This reduces complexity and enables administrators to share entire complex workloads consisting of many related parts.

Ubuntu leads the way with integration between OpenStack and VMware vSphere so ESXi users can interoperate with OpenStack. “The ability to deploy Ubuntu OpenStack alongside ESXi with orchestration that spans both properties is extremely valuable, bringing OpenStack right to the centre of common enterprise virtualization practice” said Mark Shuttleworth.

13.10 introduces Juju management of LXC containers, which allow multiple services to run on the same physical or virtual machine. This gives sysadmins the option of greater density, reducing the total number of machines required to run a service, and reducing cost.

A new installer enables very rapid provisioning of thousands of nodes, typically five times faster than the best traditional Linux installation process. Ubuntu is uniquely suited to rapid provisioning and re-provisioning in large-scale data centers. The Ubuntu LXC update in 13.10 provides blindingly fast (less than one second) and efficient cloning of containers for faster scaling of containerized services, unique to Ubuntu.

Ubuntu’s OpenStack distribution brings the famous “Ubuntu Just Works” usability to complex cloud deployment; clouds are simple to design, deploy and scale for private or public purposes. Ubuntu 13.10 includes Havana, the latest version of OpenStack, with new and updated tools such as Ceilometer for metering and monitoring, and Heat for auto-scaling.

Havana is also available to customers on Ubuntu 12.04 LTS thanks to the 12.04 Cloud Archive, from Canonical. This means that LTS users can get access to the latest Ubuntu OpenStack release, tools and features while continuing to enjoy the stability and maintenance commitment that backs our current LTS.

 

Availability
Ubuntu Server 13.10 will be available for download from the 17th October 2013 at: http://www.ubuntu.com/download.  OpenStack Havana release notes: https://wiki.openstack.org/wiki/ReleaseNotes/Havana

 

Read more
Jon Melamut

On 28-29 June, the eighth Open Source China – Open Source World Summit, sponsored by China OSS Promotion Union (COPU), occurred in Beijing at Beihang University1.

UbuntuKylin was the talk of the conference. The UbuntuKylin project is a collaborative effort between CSIP,2 Canonical and NUDT.3 Initially released in April 2013, UbuntuKylin is an official Ubuntu flavour that will follow the Ubuntu six-monthly release cycle.

UbuntuKylin was awarded the Number 1 China Open Source Project for the year. Dr Qiu ShanQin, President of COPU, mentioned the establishment of the CCN as one of the most important achievements to Chinese Open Source Industry in 2013. Jack Yu of NUDT, Project Manager of UbuntuKylin project, was named in the 2013 Top 10 Open Source Outstanding People in China. Dr Wu QinBo, the Dean of NUDT Computer Research Lab, presented the UbuntuKylin project and its impact to Chinese Software industry to the audience.

Also at the event, Mark Shuttleworth delivered a keynote to introduce Ubuntu and Ubuntu Touch to attendees.

Footnotes

1 www.copu.org.cn/en/node/955

2 China Software and Integrated Chip Promotions Centre, a division of the Chinese Ministry of Industry and Information Technology

3 National University of Defense Technology

4 Media Report: special.csdn.net/ocow2013/index.html

Read more
James Troup

As announced previously, there was a security breach on the Ubuntu Forums. The Ubuntu Forums are now back up and running. What follows is a detailed post mortem of the breach and corrective actions taken by the Canonical IS team. In summary, the root cause was a combination of a compromised individual account and the configuration settings in vBulletin, the Forums application software. There was no compromise of Ubuntu itself, or any other Canonical or Ubuntu services. We have repaired and hardened the Ubuntu Forums, and as the problematic settings are the default behaviour in vBulletin, we are working with vBulletin staff to change and/or better document these settings.

What happened

At 16:58 UTC on 14 July 2013, the attacker was able to log in to a moderator account owned by a member of the Ubuntu Community.

This moderator account had permissions to post announcements to the Forums. Announcements in vBulletin, the Forums software, may be allowed to contain unfiltered HTML and do so by default.

The attacker posted an announcement and then sent private messages to three Forum administrators (also members of the Ubuntu community) claiming that there was a server error on the announcement page and asking the Forum administrators to take a look.

One of the Forum administrators quickly looked at the announcement page, saw nothing wrong and replied to the private message from the attacker saying so. 31 seconds after the Forum administrator looked at the announcement page (and before the administrator even had time to reply to the private message), the attacker logged in as that Forum administrator.

Based on the above and conversations with the vBulletin support staff, we believe the attacker added an XSS attack in the announcement they posted which sent the cookies of any visitor to the page to the attacker.

Once the attacker gained administrator access in the Forums they were able to add a hook through the administrator control panel. Hooks in vBulletin are arbitrary PHP code which can be made to run on every page load. The attacker installed a hook allowing them to execute arbitrary PHP passed in a query string argument. They used this mechanism to explore the environment and also to upload and install two widely available PHP shell kits. The attacker used these shell kits to upload and run some custom PHP code to dump the ‘user’ table to a file on disk which they then downloaded.

The attacker returned on 20 July to upload the defacement page.

What the attacker could access

The attacker had full access to the vBulletin environment as an administrator and shell access as the ‘www-data’ user on the Forums app servers.

Having administrator access to the vBulletin environment means they were able to read and write to any table in the Forums database.

They used this access to download the ‘user’ table which contained usernames, email addresses and salted and hashed (using md5) passwords for 1.82 million users.

What the attacker could not access

We believe the attacker was NOT able to escalate past the ‘www-data’ user (i.e. gain root access) on the Forums app servers.

We believe the attacker was NOT able to escalate past remote SQL access to the Forums database on the Forums database servers.

We believe the attacker did NOT gain any access at all to the Forums front end servers.

We believe the attacker was NOT able to gain any access to any other Canonical or Ubuntu services.

We know the attacker was NOT able to gain access to any Ubuntu code repository or update mechanism.

What we don’t know

We don’t know how the attacker gained access to the moderator account used to start the attack.

The announcement the attacker posted was deleted by one of the Forum administrators so we don’t know exactly what XSS attack was used.

What we’ve done

Before bringing the Forums back online, we implemented a series of changes both designed to clean up after this attack and also to defend against and mitigate the fallout from possible attacks in the future.

Clean up

  • We sent individual mails to all Forums users informing them of the breach and that they should consider their Forum password compromised. We advised them to change this password on any other systems where they may have re-used it.
  • We backed up the servers running vBulletin, and then wiped them clean and rebuilt them from the ground up.
  • We randomised all user passwords in the Forums.
  • We reset all system and database passwords.
  • We manually imported data into a fresh database after sanity checking each table.

Hardening

  • We’ve removed the ability to modify or add new hooks except via root access to the database
  • We’ve disabled all potential HTML posting avenues in the Forums for everyone but administrators.
  • We’ve switched the Forums to use Ubuntu SSO for user authentication.
  • We’ve implemented automated expiry of inactive moderator and administrator accounts.
  • We’ve confined vBulletin with an AppArmor profile.
  • We’ve reviewed and further hardened the firewalling around the Forums servers.
  • We’ve reviewed and further hardened the PHP config on the server to close off some vectors used by the attacker.
  • We’ve switched to forcing HTTPS for the administrator and moderator control panels and made it optionally available everywhere else
  • We’ve improved escalation procedures for the Ubuntu Community members who graciously volunteer their time to administer and moderate the Forums.
  • We will continue to work with vBulletin staff to discuss changes to the default settings which could help others avoid similar scenarios as this. The vBulletin support staff have been helpful and cooperative throughout this incident.

Finally, we’d like once again to apologize for the security breach, the data leak and downtime.

Read more
Mark Baker

Ubuntu developer contest offers $10,000 for the most innovative charms

Developers around the world are already saving time and money thanks to Juju, and now they have the opportunity to win money too. Today marks the opening of the Juju Charm Championship, in which developers can reap big rewards for getting creative with Juju charms.

If you haven’t met Juju yet, now’s the ideal time to dive in. Juju is a service orchestration tool, a simple way to build entire cloud environments, deploy scale and manage complex workloads using only a few commands. It takes all the knowledge of an application and wraps it up into a re-usable Juju charm, ready to be quickly deployed anywhere. And you can modify and combine charms to create a custom deployment that meets your needs.

Juju is a powerful tool, and its flexibility means it’s capable of things we haven’t even imagined yet. So we’re kicking off the Charm Championship to discover what happens when the best developers bring Juju into their clouds — with big rewards on offer.

The prizes

As well as showing off the best achievements to the community, our panel of judges will award $10,000 cash prizes to the best charmed solutions in a range of categories.

That’s not all. Qualifying participants will be eligible for a joint marketing programme with Canonical, including featured application slots on ubuntu.com,  joint webinars and more. Win the Charm Championship and your app will reach a whole new audience.

Get started today

If you’re a Juju wizard, we want to see what magic you’re already creating. If you’re not, now’s a great time to start — it only takes five minutes to get going with Juju.

The Charm Championship runs until 1 October 2013, and it’s open to individuals, teams, companies and organisations. For more details and full com

petition rules, visit the Charm Championship page.

Charm Championship page

Read more
Paul Oh

The emergence of public cloud computing has changed the IT landscape for developers and enterprises, making it significantly easier and more cost effective to develop and deploy new applications, services and infrastructure. Enterprises can choose among cloud providers to meet their needs for performance, features, price and flexibility that will support their technology strategy today as well as in the future.

Today, Microsoft Corp. has announced the general availability of Windows Azure Infrastructure Services, its public cloud offering with the ability to create and manage both Windows and Linux virtual machines. As part of Canonical’s Certified Public Cloud Program, Ubuntu on Windows Azure is fully certified and has been tested and optimized by Canonical and Microsoft for excellent performance and reliability. Enterprises that require both Windows and Linux can choose the right operating system for running their workloads based on application performance and availability.

Canonical and Microsoft have been working together to make Ubuntu run seamlessly on Windows Azure. As Bob Kelly, Corporate Vice President, Server and Tools Business at Microsoft commented:

“Windows Azure is committed to openness and interoperability. Having Ubuntu available to Windows Azure users is a big step forward for interoperability in the public cloud. Our customers can deploy mission critical applications on both Windows Server and Linux and across both public and private clouds.”

Ubuntu Server is highly available, secure, built for scale and provides the tools that simplify and reduce the cost of cloud deployments. So, for enterprises looking to deploy demanding cloud oriented workloads such as Hadoop, Cassandra and other scale out type applications,  Ubuntu on Windows Azure will be a familiar and well suited offering that provides maximum deployment flexibility. This includes hybrid clouds where applications and data can remain behind the company firewall for security or compliance reasons, and that are able to access public cloud resources on demand.  As the leading guest OS in most major public clouds, Ubuntu can be deployed across multiple public clouds at scale for pricing and redundancy benefits as well as avoiding lock-in to a single cloud provider.

At Canonical, we invest in the Ubuntu experience to provide the most complete combination of performance, update handling, compliance and reliability in the market. We also extend our commercial offerings of support, systems management, audit compliance and IP assurance to commercial customers using Ubuntu on certified public clouds.

Read more
David Duffey

Today we announced a collaborative support and engineering agreement with Dell.  As part of this agreement Canonical will add Dell 11G & 12G PowerEdge models to the Ubuntu Server 12.04 LTS Certification List and Dell will add Ubuntu Server to its Linux OS Support Matrix.

In May 2012, Dell launched the OpenStack Cloud Reference Architecture using Ubuntu 12.04 LTS on select PowerEdge-C series servers. Today’s announcement expands upon that offering by combining the benefits of Ubuntu Server Certification, Ubuntu Advantage enterprise support, and Dell Hardware ProSupport across the PowerEdge line.

Dell customers can now deploy with confidence when purchasing Dell PowerEdge servers with Dell Hardware ProSupport and Ubuntu Advantage.  When these customers call into Dell, their service tag numbers will be entitled with ProSupport and Ubuntu Advantage, which will create a seamless support experience via the collaborative Dell and Canonical support and engineering relationship.

In preparation for this announcement, Canonical engineers worked with Dell to enable and validate Ubuntu Server running on Dell PowerEdge Servers.  This work resulted in improved Ubuntu Server on Dell PowerEdge support for PCIe SSD (solid state drives), 4K-block drives, EFI booting, Web Services Management, consistent network device naming, and PERC (PowerEdge RAID Controllers).

Dell hardware systems management can be done out-of-band via ipmi, iDRAC, and the Lifecycle Controller.  Dell OMSA Ubuntu packages are also available but it is recommended to use the supported out-of-band systems management tools.  Dell TechCenter is a good resource for additional technical information about running Ubuntu Server on Dell PowerEdge servers.

If you are interested in purchasing Ubuntu Advantage for your Dell PowerEdge servers, please contact the Dell Solutions team at Canonical.  If your business is already using or thinking about using a supported Ubuntu Server infrastructure in your data-center then be sure to fill out the annual Ubuntu Server and Cloud Survey to provide additional feedback.

Read more
login.ubuntu.com-id-hY4GFhr

Ubuntu Phone OS integrates with Orange and Deutsche Telekom in GSMA OneAPI initiative

Mobile World Congress kicks off today and we’re gearing up to show off Ubuntu running on multiple devices. We’ll be demonstrating phones, tablets and desktops at the stand, have Ubuntu developers flashing spare hardware, as well as be showing integration and interoperability with Orange and Deutsche Telekom through the GSMA’s One API initiative.

GSMA’s OneAPI initiative aims to provide application programming interfaces (APIs) that enable applications to exploit mobile network capabilities, such as messaging, authentication, payments and location-finding with a cross-operator reach. For example, a payment network API could be used to add an in-app purchase directly to the user’s mobile phone bill.

Ubuntu is the first smartphone operating system to be able to demonstrate integration and interoperability with a carrier’s authentication and billing systems. Working with Deutsche Telekom and Orange, we’ll show how a single API can be used to instantly log users in with their operator identity and seamlessly link that with Ubuntu One, Ubuntu’s identity and payments services, and provide carrier billing options upon purchase of music and eventually, apps.

This is a massive step forward for the industry as the GSMA and partners such as Canonical, are spearheading an initiative to standardise access to operator facilities via network APIs across all operators. The initiative will benefit operators, developers and consumers:

  • It puts operators in a position to forge stronger relationships with their customers.
  • For developers, OneAPI reduces the time and effort needed to create applications for and content that is portable across mobile operators, increasing reach and ultimately enhancing the consumer experience.
  • For consumers, it makes it really quick and easy to make application purchases directly from their phone. It’s also more secure because it’s not necessary to input credit card details for each purchase.

Also at Mobile World Congress:

  • Mark Shuttleworth, founder of Ubuntu, will participate in a keynote panel discussion alongside Mozilla and Tizen on Tuesday 26th Feb at 18.00 at the MWC Conference Auditorium and broadcast live on Mobile World Live
  • We’ll be taking part in the App Developer Day on Tuesday 26th Feb. Stuart Langridge, technical architect at Canonical will be presenting the Ubuntu phone, SDK, HTML5 and native apps as well as discussing app development for Ubuntu on phones and tablets. We’ll also have engineers available at the event to flash spare handsets with Touch Developer Preview of Ubuntu. This will take place from 9.00-9.30 and 11.40-11.55, and 13.30-14.00 in Hall 8.0, Theatre A.
  • The GSMA Seminar on “Unlocking Value with Network APIs” will run on Thursday 28th from 9am to 10.30 am in Room CC1.1. Canonical’s Stuart Langridge will present and demo the Ubuntu Phone during the session. We’ll also be demonstrating Ubuntu’s OneAPI solution at the GSMA stand daily.
  • Look out for Ubuntu engineers who will flash spare hardware with developer images for phone and tablet throughout the show close to the Ubuntu stand.

Read more
David Pitkin

Starting today, users can install the Steam Client with a few simple clicks in our Software Center, the fastest and safest way to install thousands of paid and free applications on Ubuntu. Canonical and Valve have worked closely together to make Ubuntu the best performing open platform for gaming and now the ultimate entertainment platform is fully supported.

To celebrate this release Steam has every Ubuntu title on sale for 50-75% off until Thursday, 21 February at 10:00am US Pacific time in what is the first of many Steam sales. Steam also brings with it some amazing Valve titles on Ubuntu, Half-Life, Counter-Strike and the free to play Team Fortress 2. As a launch giveaway and for the hardcore gamers who need every item in Team Fortress, for a limited time when you play Team Fortress 2 on Ubuntu you will get a Tux penguin item to keep or trade.

We welcome all the new Steam users who can now upgrade to Ubuntu. Steam Big Picture running on your Ubuntu computer connected to the living room TV is a great way to experience the future today. Canonical looks forward to the steady progress of games from all our partners on Ubuntu on the desktop and soon on the Ubuntu phone and tablet in due course.

Read more
anthony-c-beckley

We are exhibiting at this year’s CeBIT event on March 5-9th, 2013 in Hannover Germany, in conjunction with our partner in the region, Teuto.net and we’re giving away number of free tickets to selected customers and partners. If you are interested in one of these tickets, please contact me at anthony.beckley@canonical.com for more information.

The Canonical/Teuto.net stand will be in the Open Source Arena (Hall 6, Stand F16, (030) and we will be showcasing two enterprise technology areas:

  • The Ubuntu Cloud Stack – demonstrating end user access to applications via an OpenStack cloud, powered by Ubuntu,
  • Ubuntu Landscape Systems Management – demonstrating ease of management of desktop, server and cloud nodes.

We will be running hourly demonstrations on our stand and attendees have the chance to win a Google Nexus 7 tablet! Simply come to out stand and watch a short demo or your chance to win If you would like to pre-register for a demonstration, email me at anthony.beckley@canonical.com

We look forward to seeing you at the show!

CeBIT draws a live audience of more than 3,000 people from over 100 different countries. In just five days the show delivers a panoramic view of the digital world’s mainstay markets: ICT and Telecommunications, Digital Media also Consumer Electronics.
To learn more about CeBIT click here.

Read more
Cristian Parrino

The Ubuntu 12.10 release saw the Dash take another important step towards fulfilling its intended purpose of being an online, global search tool that helps users find anything, instantly, right from their home environment. There are a number of exciting improvements planned for 13.04 that will make the Dash more comprehensive, more online and as a result – slicker and even more useful. Here’s a snapshot of what is likely to land in the next release:

Smart Scopes – Scopes are the daemons capable of presenting local or remote information right in the Dash. In 13.04, we will increase the number of scopes installed by default in Ubuntu (including many existing community developed scopes) and introduce the ability to automatically light up the right ones based on their relevancy to a user’s search query. For example, a search for “The Beatles” is likely to trigger the Music and Video scopes, showing results that will contain local and online sources – with the online sources querying your personal cloud as well as other free and commercial sources like YouTube, Last.fm, Amazon, etc. To achieve this, the Dash will call a new smart scope service which will return ranked online search results, which the Dash will then balance against local results to return the most relevant information to the user. Scopes are becoming a really interesting contribution area for our developer community – and we can’t wait to see what people will submit to make the Dash an even richer experience.

Instant Purchasing – being able to purchase music or apps directly from the Dash, without opening a browser or a separate client. In 13.04, we expect to enable instant payments, powered by Ubuntu One, for both applications from the Software Center and music from the Music Store – to deliver the fastest possible purchasing experience directly from the Dash.

More Suggestions and User Controls – the More Suggestions scope, which currently returns relevant commercial content available from the Ubuntu One Music Store and Amazon, will expand to include more retailers. We are also testing a few additional user controls like filters for local and global searching – more to come on this front as we learn from those sessions. In the meantime, users can already focus a search to local files only with a simple super-f keystroke.

There are several principles around the Dash that are also worth reiterating:

Its raison d’etre is to provide Ubuntu users the fastest, slickest way to find things right from their home environment – independent of whether those “things” are on your machine, available online, free or commercial.  The music and video lenses in the Dash have queried online sources since their introduction, and we will continue to expand our online sources over the next releases. Our testing has overwhelmingly shown that this integrated and unified search feature is the best experience for the vast majority of users – and the best user experience will always be included as a default on Ubuntu.

 
Privacy is extremely important to Canonical. The data we collect is not user-identifiable (we automatically anonymize user logs and that information is never available to the teams delivering services to end users), we make users aware of what data will be collected and which third party services will be queried through a notice right in the Dash, and we only collect data that allows us to deliver a great search experience to Ubuntu users.  We also recognize that there is always a minority of users who prefer complete data protection, often choosing to avoid services like Google, Facebook or Twitter for those reasons – and for those users, we have made it dead easy to switch the online search tools off with a simple toggle in settings.

Onwards and upwards.

Read more
David Pitkin

Another selection of mobile games from the Humble Bundle has been released with the fourth installment of the Humble Bundle for Android. As always we have awesome Ubuntu Desktop debuts: Splice, Walking Mars, Machinarium, and Crayon Physics Deluxe all now available in Ubuntu Software Center which is the easiest way to download and receive game updates on Ubuntu. Not only can you pay what you want for every DRM-free game on Ubuntu, support charity and redeem with Software Center, you can play the games on your mobile phone. This Bundle is a great way to pick up an Android versions of an Ubuntu favorite Superbrothers: Sword & Sworcery. The “Beat the Average” game, Machinarium, is a must play game that challenges and entertains simultaneously.

One Note The Eufloria developers want to focus on Humble Bundle support and polishing before they start selling in the Ubuntu Software Center. That is why Eufloria is set at a unobtainum price, get a copy while you can as part of the bundle. The bundle should tide your gaming needs as the Steam beta from Valve that started this week for Ubuntu rolls out to a wider audience, thanks for playing.

Read more
Sonia Ouarti

OpenStack, your foundation for Cloud computing

14 November 2012 at 4pm GMT

 

The open cloud, based on OpenStack, is fast becoming one of the most popular cloud platforms. OpenStack delivers open standards, modularity and scalability, and avoids vendor lock-in.

Join this webinar to find out why OpenStack is surging ahead, learn about the OpenStack technical architecture and the new features of the recent Folsom release. Find out why, to date, all public cloud providers, such as DreamHost and HP, whom are using OpenStack, are deploying it on ubuntu.

You will also learn about investments that Canonical has made into OpenStack such a as our Continuous Integration efforts, the Ubuntu Cloud Archive and Ceilometer.

Register now

Read more
Sonia Ouarti

If you’re considering the adoption of new technology in your business, there’s a new resource launching today that could give you everything you need to make the right decisions in what can be confusing and sometimes costly field.

With sections on the desktop, server and the hot topic of the moment – cloud computing – it offers useful content for business people of all kinds, regardless of how technical their background might be. It features contributions from IT experts across the Canonical departments, with content available in several formats.
Here are just some of the highlights on the site right now:

  • Cloud and the Enterprise Data Center: Everything Changes – a free ebook that sets out to make the cloud as straightforward as possible.
  • Open Cloud Computing: Mergers and Acquisitions – a fascinating article on how open standards in cloud computing are vital when combining the operations of more than one business.
  • Windows 8 Migration – Let’s Open the Debate – the first article in a series looking at the pros and cons of upgrading business PCs to Microsoft’s controversial new operating system, Windows 8.

Ubuntu Insights is aimed at business people who may not have a technology background, but who are increasingly faced with decisions that involve enterprise computing. We hope it will be useful to you or to some of your colleagues so, if you know of someone who could use a good introduction to the field, please share the link. And we’re always on the look-out for contributors, so if you have any content you’d like to contribute to the site, please don’t hesitate to get in touch.

—-

—-

Ubuntu Insights

Read more
Cristian Parrino

The  “More suggestions” feature (aka the shopping lens) in the Ubuntu 12.10 release, brings the Dash a few steps closer to becoming that go to place for immediate access to “stuff” – whether it resides on the device, in the cloud or is available for purchase online. This mix of personal and commercially available content is still a research area for a number of major platform and online services companies, so in 12.10 we’ll be breaking new ground. And as it happens when you break new ground, we’re bound to get some things wrong at the start. As such, we’ve been furiously sorting through user feedback, and this has helped us focus our efforts on quickly tackling some of the deficiencies introduced a few weeks back.

On Privacy – Communication between client and server has been encrypted by serving results over HTTPS, which went live on September 28th. This has introduced some latency to our search-as-you-type implementation and we’ll be optimizing it over the next several months. Fetching of images is still happening directly from 7digital and Amazon as immediate solutions are either inadequate or unavailable via the Amazon API (such as the suggested ssl-images-amazon.com), so this is an area still requiring attention. Over the next cycle, we will be looking at replicating the solution we already have when searching the Ubuntu One Music Store from the web, which is to proxy images from our servers. We are adding a legal privacy notice to the dash and this will be easily accessible to all users. For reiterated clarity, we have no intention of either storing or sharing user-identifiable data beyond what is necessary to deliver the intended search service. We have always recognized the trust that Ubuntu users place in Canonical and in Ubuntu, and we take data privacy very seriously.

On Unintended Mature Content – Content not safe/suitable for work (NSFW) appearing in search results when not wanted is now being filtered out via a number of client and server side changes and the use of black-listed terms applied to search-as-you-type. While this implementation will cover many NSFW cases, some exceptions may still occasionally happen.

On Improving Search Quality – The team is currently focused on tackling the most obvious search quality issue – the return of commercial content when searching for software and applications on your computer. The Dash gives you what you want – every time. Sometimes that’s a product from Amazon, most often its not, and the better we judge that the better the experience will be. Search quality is an area where we expect to learn a great deal from and we will be looking at other improvements over the next cycle – along with the introduction of more user controls such as filters for personal and online content, and there will be sessions scheduled at the next Ubuntu Development Summit to discuss this.

On the “commercial” factor – Keeping the Ubuntu project sustainable requires the development of services that continuously improve the user experience and can at the same time be “monetized”. Evolving the Dash from a place to search for local files and software into a place that can give users instant access to any content, whether on your device or available online, personal or for purchase – is challenging, behavior changing, and if done right, potentially extremely valuable to users. Online commerce is a real and important part of our everyday experience, and with the Dash, we are inventing faster, slicker and more stylish ways for all of us to get more done with Ubuntu. Introducing it as a default in 12.10 recognizes that, and allows us to learn from intensive usage. For users who wish to opt out of online search altogether, we have introduced an “on/off” toggle in settings.

We’re excited about the journey taken to evolve the Dash, and to get where we want to, we’ll need the continued feedback we’ve enjoyed so far.

Read more
Steve George

Canonical and the Ubuntu community have established a solid position for Ubuntu in the worlds of desktop, server and now cloud computing. We’re continuing to innovate in these areas, nimbly adapting to new ways of computing in a cloud-based, multi-device world. One where Ubuntu will ultimately run on mobiles, tablets and televisions – in fact, any screen, anywhere.

Every day, thousands of community members support the development of their favourite operating system. Even if they’re not software developers they help out with testing, documentation, marketing, brainstorming or answering other users’ questions in online forums. And people who don’t have the time to help out directly have always been able to make a financial contribution, albeit in a not-easy-to-find spot on our website. Many users have been asking for a simpler, more obvious way to do this.

Today, we’re making it easier for people to financially contribute to Ubuntu if they want to. By introducing a ‘contribute’ screen as part of the desktop download process, people can choose to financially support different aspects of Canonical’s work: from gaming and apps, developing the desktop, phone and tablet, to co-ordination of upstreams or supporting Ubuntu flavours. It’s important to note that Ubuntu remains absolutely free, financial contribution remains optional and it is not required in order to download the software.

By allowing Ubuntu users to choose which elements of Ubuntu they’re most excited about, we’ll get direct feedback on which favourite features or projects deserve the bulk of our attention. We’re letting users name their price – depending on the value that they put on the operating system or other aspects of our work. That price can, of course, be zero – but every last cent helps make Ubuntu better.

Ubuntu will always be free to use, share and develop. We hope it will continue to give you everything you want in an operating system – and we hope that you’ll join us in helping to build the future of computing, however you choose to contribute.

Read more