FOSS Weekly Recap: Ubuntu Under Siege, Linux Exploits, and More

Welcome to this edition of FOSS Weekly, where we dive into a mix of unsettling and uplifting news from the open-source world. From a major DDoS attack on Ubuntu to the discovery of a new Linux exploit, it's been a challenging week. But don't worry—we've also got heartening stories about governments embracing open source, a critical fix for a coding tool misstep, and a nostalgic open-sourcing of MS-DOS. Let's explore the key highlights.

What happened to Ubuntu this week?

Ubuntu suffered a week-long cyber attack that disrupted several Canonical-owned services. The attack was a DDoS (Distributed Denial of Service), which floods servers with traffic to make websites unavailable. Ubuntu.com, the Snap Store, Launchpad, and other Canonical platforms went offline or became unreliable. If you couldn't run snap install or pull from a PPA, this was why. Later, Ubuntu's official Twitter account was compromised to promote a crypto scam. It's a tough time for Ubuntu, but the DDoS did not cause data loss—just inconvenience.

FOSS Weekly Recap: Ubuntu Under Siege, Linux Exploits, and More — Source: itsfoss.com

What is the 'Copy Fail' Linux exploit?

A new Linux exploit named "Copy Fail" has been discovered. It's a local privilege escalation vulnerability, meaning an attacker needs already to have some access to your system to use it. For desktop Linux users, the risk is minimal—simply keep your system updated, particularly the kernel, to patch it. This exploit is part of a trend where kernel bugs get discovered regularly. The DDoS attack on Ubuntu is separate, but both remind us to stay vigilant with updates.

How is the Dutch government using open source?

The Dutch government is building its own code hosting platform based on Forgejo, a fork of Gitea. The soft launch already includes four ministries, several municipalities, and the Electoral Council's vote-counting software. This move emphasizes digital sovereignty and reducing reliance on proprietary services. It's a positive step for transparency and control over public infrastructure.

What is Germany's Sovereign Tech Agency doing for open source?

Germany's Sovereign Tech Agency is running a paid pilot program to help open-source maintainers participate in standards bodies like IETF, W3C, and ISO. Typically, attending these groups requires time and money that independent developers lack. This program aims to let those who actually build software influence the standards they implement. It's a model that other governments might follow to empower the open-source ecosystem.

Why was VS Code falsely crediting Copilot for human-written commits?

Microsoft's VS Code was incorrectly attributing commits entirely written by humans to Copilot, even on machines where Copilot was disabled. The culprit was a single pull request that changed a default setting without any release note or user notification. This raised concerns about data privacy and the transparency of AI assist tools. Microsoft has since fixed the issue, but it highlights how silent updates can cause unintended consequences. Curiously, Microsoft also open-sourced MS-DOS this week.

What did Microsoft open source on DOS's 45th birthday?

On the 45th birthday of MS-DOS, Microsoft released its original code under the MIT license. Microsoft originally paid just under $100,000 for DOS, and it made billions from it. Open-sourcing the code won't change anything practically, but it's a gift to computing history. The code is available on GitHub for anyone to study or run in an emulator. Meanwhile, Ubuntu's struggles show that even legacy software can teach us about security and openness.

Is Linux running on PlayStation 5 possible?

Yes! One of the highlights this week is that Linux can now run on the PlayStation 5. Enthusiasts have documented the process, allowing anyone to install a full Linux distro on the console. This opens up PS5 hardware for development, experimentation, or just as a powerful personal computer. While not officially supported by Sony, it's a testament to the flexibility of both Linux and the PS5's hardware.

Why did Ubuntu's flavor list shrink with version 26.04?

With the release of Ubuntu 26.04, the official flavor list has been reduced. The argument from Roland is that a passionate community doesn't automatically produce maintainers willing to do release engineering every six months. Some flavors were dropped because they lacked active maintainers. This is seen as a necessary correction to ensure quality and security. Existing users of those flavors may need to switch to a different edition or find alternative community support.

Other news: Linux Mint released new HWE ISOs, an awesome terminal-based file manager emerged, and a paid program for standards development is now available. Stay tuned for more Linux tips, tutorials, and memes!

Tags: