nerdyH writes "An architect of the Moblin Project has announced that Moblin 2.0 for netbooks and nettops is the first Linux distribution to run the X server as the logged-in user, rather than SUID'd to root. The fix to this decades-old security liability comes thanks to 'NRX' (No-root X) technology reportedly developed by Intel, Red Hat, and others in the X community, and the Moblin-sponsored 'Secure X' project. Besides making Linux netbooks a lot more snoop-proof, it seems like this could lead to an X-hosting renaissance of sorts, since you wouldn't be risking the whole system just to open up a specific user's account to remote X servers."

twitter writes "There's been a lot of fuss about mono lately. After SCO and MS suing over FAT patents, you would think avoiding anything MS would be a matter of common sense. RMS now steps into the fray to warn against a serious mistake: 'Debian's decision to include Mono in the default installation, for the sake of Tomboy which is an application written in C#, leads the community in a risky direction. It is dangerous to depend on C#, so we need to discourage its use. .... This is not to say that implementing C# is a bad thing. ... [writing and using applications in mono] is taking a gratuitous risk.'" Update: 06/27 20:22 GMT by T : Read on below for one Mono-eschewing attempt at getting the (excellent) Tomboy's functionality, via a similar program called Gnote. Update: 06/27 21:07 GMT by T: On the other side of the coin, reader im_thatoneguy writes "Jo Shields, a Mono Developer, has published an article on 'Why Mono Doesn't Suck,' why it is not a threat to FOSS, why it is desirable to developers and why it should be included in Ubuntu by default."

CNet has a series of interviews with former hackers who ran afoul of the law in their youth, but later turned their skills toward a profession in security consulting. Adrian Lamo discusses taking "normal every day information resources and [arranging] them in improbable ways," describing a time when he broke into Excite@Home's system and ended up answering help desk questions from their users. Kevin Mitnick, famous for gaining access to many high-profile systems, warns today's young hackers not to follow in his footsteps, saying, "A lot of pen testers today have done unethical things in their past during their learning process, especially the older ones because there was no opportunity to learn about security. Back in the '70s and '80s, it was all self-taught. So a lot of the old-school hackers really learned on other people's systems. And at the time, I couldn't even afford my own computer." Mark Abene explains how he got interested in phone phreaking, and how it led to a prison term and a career in computer security. Like Mitnick, he says that easy access to powerful modern computers removes part of the motivation for breaking into other systems.

nerdyH writes "Intel's interesting 3D UI technology has arrived at a significant milestone. Emmanuele Bassi on Monday released Clutter 1.0rc1, commenting 'This is a development release of Clutter 0.9 leading towards the 1.0 stable cycle. It is the first release candidate for the 1.0.0 release.' Clutter is a centerpiece of Intel's Moblin stack for netbooks, MIDs, and IVIs. It aims beyond the traditional 2D 'desktop' UI metaphor, stepping up to a 'theatrical' metaphor in which 2D interface objects are likened to 'actors' moving around on a 3D 'stage,' with developers in the role of 'director.' Also updated Tuesday: the Clutter-GTK+ library, aimed at helping GTK+ developers Clutter up their existing apps."

pallmall1 writes "OS News reports that Debian developer Josselin Mouette got Tomboy accepted as a dependency for gnome in the next release of Debian (codenamed Squeeze). While that may seem like nothing big (except for the 50 MByte size of the Tomboy package), Tomboy requires Mono — meaning that Mono will now be installed by default. Apparently, Debian doesn't have the same concerns over using specifications patented by Microsoft and licensed under undisclosed terms that Red Hat does. Perhaps Debian doesn't believe that Microsoft might do something like Rambus did."

David Gerard writes "Google Chrome includes Ogg support for the <video> element. It also includes support for the hideously encumbered H.264 format. Nice as an extra, but ... they're also testing HTML5 YouTube only for H.264 — meaning the largest video provider on the Net will make H.264 the primary codec and relegate the equally good open format Ogg/Theora firmly to the sidelines. Mike Shaver from Mozilla has fairly unambiguously asked Chris DiBona from Google what the heck Google thinks it's doing." DiBona responded with concerns that switching to Theora while maintaining quality would take up an incredible amount of bandwidth for a site like YouTube, though he made clear his support for the continued improvement of the project. Greg Maxwell jumped into the debate by comparing the quality of Ogg/Theora+Vorbis with the current YouTube implementations using H.263+MP3 and H.264+AAC. At the lower bitrate, Theora seems to have the clear edge, while the higher bitrate may slightly favor H.264. He concludes that YouTube's adoption of "an open unencumbered format in addition to or instead of their current offerings would not cause problems on the basis of quality or bitrate."

diegocgteleline.es writes "Linux kernel 2.6.30 has been released. The list of new features includes NILFS2 (a new, log-structured filesystem), a filesystem for object-based storage devices called exofs, local caching for NFS, the RDS protocol (which delivers high-performance reliable connections between the servers of a cluster), a new distributed networking filesystem (POHMELFS), automatic flushing of files on renames/truncates in ext3, ext4 and btrfs, preliminary support for the 802.11w drafts, support for the Microblaze architecture, the Tomoyo security MAC, DRM support for the Radeon R6xx/R7xx graphic cards, asynchronous scanning of devices and partitions for faster bootup, the preadv/pwritev syscalls, several new drivers and many other small improvements."

An anonymous reader writes "Google has recently added FFMpeg to Chrome to better support HTML5's video element. FFMpeg is licensed under LGPL 2.1, which states that 'if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library.' Google admits to having obtained a patent license for their use, but still claims they are not violating LGPL. Among the confused we find Håkon Wium Lie and Miguel de Icaza, who wonders what FSF might say. Google doesn't feel like asking FSF for clarification."