News Briefs

• Linus Torvalds is taking a break. In an rc4 email update, he writes about his scheduling mix-up with the kernel summit and having a "look yourself in the mirror moment", and then (to summarize), he writes: "hey, I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely. I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately."
• Following Linus Torvalds' apology for his behavior, the Linux Community has announced it will adopt a "Code of Conduct", which pledges to make "participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation."
• Purism launched the Librem Key, the "first and only OpenPGP smart card providing a Heads-firmware-integrated tamper-evident boot process". The Librem key is the size of an average thumb drive, allows you to keep your secret encryption keys in your pocket, and it alerts you if anyone tampers with your kernel or BIOS while you're away from your laptop. The key works with all laptops but has extended features with Purism's Librem laptop line. You can order one from here for $59. See also Kyle Rankin's post for more details on the Librem key.
• Yubico announced the launch of the YubiKey 5 series, which are the first multi-protocol security keys to support FIDO2/WebAuthn and allow you to replace "weak password-based authentication with strong hardware-based authentication". You can purchase them here for $45.
• Google Chrome recently has begun automatically signing your browser in to your Google account for you every time you log in to a Google property, such as Gmail, without asking and without notification. See Matthew Green's blog post for more information on the huge privacy implications of this new practice.
• Mozilla launched Firefox Monitor, a free service that alerts you if you've been part of a data breach. Enter your email at Firefox Monitor for a basic scan.
• Tim Berners-Lee, creator of the world wide web, announced his new project Solid, "an open-source project to restore the power and agency of individuals on the web". He writes "Solid changes the current model where users have to hand over personal data to digital giants in exchange for perceived value. As we've all discovered, this hasn't been in our best interests. Solid is how we evolve the web in order to restore balance—by giving every one of us complete control over data, personal or not, in a revolutionary way."
• Microsoft has joined the Open Invention Network (OIN), an open-source patent consortium. According to ZDNet, this means "Microsoft has essentially agreed to grant a royalty-free and unrestricted license to its entire patent portfolio to all other OIN members." OIN's CEO Keith Bergelt says "This is everything Microsoft has, and it covers everything related to older open-source technologies such as Android, the Linux kernel, and OpenStack; newer technologies such as LF Energy and HyperLedger, and their predecessor and successor versions."
• The Libre Computer Project recently announced its new open-source, libre ARM SBC called La Frite. Phoronix reports the new 512MB model will ship for $5 USD, or you can get the 1GB version for $10 USD. In addition, "the $5 ARM SBC is said to be 10x faster than the Raspberry Pi Zero" and also includes real HDMI, Ethernet and USB ports. La Frite, the miniature version of Le Potato SBC supported by mainline Linux and Android 8, should be available in November 2018. See the Kickstarter page for details.
• Canonical announced that Plex has arrived in its Snap Store. You now can download the multimedia platform as a snap for Ubuntu, KDE Neon, Debian, Fedora, Manjaro, OpenSUSE and Zorin. For more details, see the Ubuntu Blog.
• A grey-hat hacker is breaking into MikroTik routers and patching them so they can't be compromised by cryptojackers or other attackers. According to ZDNet, the hacker, who goes by Alexey, is a system administrator and claims to have disinfected more then 100,000 MikroTik routers. He told ZDNet that he added firewall rules to block access to the routers from outside the local network, and then "in the comments, I wrote information about the vulnerability and left the address of the @router_os Telegram channel, where it was possible for them to ask questions." Evidently, a few folks have said "thanks", but many are outraged.