|
1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
|
Show Descriptions... (Show All/All+Images)
(Single Column)
- Security updates for Friday
Security updates have been issued by Debian (krita and tryton-server), Oracle (bind9.18, ipa, kernel, libssh, redis, redis:7, sqlite, sssd, and vim), Slackware (cups), SUSE (containerd, cups, curl, dovecot24, git-bug, gitea-tea, glib2, grub2, himmelblau, java-25-openjdk, kernel, libmicrohttpd, libvirt, pnpm, powerpc-utils, python311, python313, redis, rnp, runc, sssd, tomcat11, unbound, and xwayland), and Ubuntu (cups, libxml2, openvpn, and webkit2gtk).
- Security updates for Thursday
Security updates have been issued by Debian (kdeconnect, libssh, and samba), Fedora (7zip, docker-buildkit, and docker-buildx), Oracle (bind, buildah, cups, delve and golang, expat, firefox, gimp, go-rpm-macros, haproxy, kernel, lasso, libsoup, libtiff, mingw-expat, openssl, podman, python-kdcproxy, qt5-qt3d, runc, squid, thunderbird, tigervnc, valkey, webkit2gtk3, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (buildah, cloudflared, containerd, expat, firefox, gnutls, helm, kernel, libxslt, mysql-connector-java, ongres-scram, openbao, openexr, openssh, podman, python311, python312, ruby2.5, rubygem-rack, runc, samba, sssd, tiff, unbound, and yelp), and Ubuntu (edk2, ffmpeg, h2o, python3.13, rust-openssl, and valkey).
- KDE Plasma 6.8 will be Wayland-only
KDE's Plasma team has announcedthat KDE Plasma will drop X11 session support with Plasma 6.8:
The Plasma X11 session will be supported by KDE into early2027.
We cannot provide a specific date, as we're exploring thepossibility of shipping some extra bug-fix releases for Plasma6.7. The exact timing of the last one will only be known when we getcloser to its actual release, which we expect will be sometime inearly 2027.
What if I still really need X11?
This is a perfect use case for long term support (LTS)distributions shipping older versions of Plasma. For example,AlmaLinux 9 includes the Plasma X11 session and will be supporteduntil sometime in 2032.
See the blog post for information on running X11 applications(still supported), accessibility, gaming, and more.
- Security updates for Wednesday
Security updates have been issued by AlmaLinux (bind, binutils, delve and golang, expat, firefox, haproxy, kernel, libsoup3, libssh, libtiff, openssh, openssl, pam, podman, python-kdcproxy, shadow-utils, squid, thunderbird, vim, xorg-x11-server-Xwayland, and zziplib), Debian (cups-filters, libsdl2, linux-6.1, net-snmp, pdfminer, rails, and tryton-sao), Fedora (chromium, docker-buildkit, docker-buildx, and sudo-rs), Gentoo (librnp), Mageia (webkit2), SUSE (amazon-ssm-agent, buildah, curl, dpdk, fontforge-20251009, kernel, libIex-3_4-33, librnp0, python311, rclone, and sssd), and Ubuntu (linux, linux-aws, linux-aws-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle, linux-aws-6.14, linux-oracle-6.14, linux-aws-fips, linux-fips, linux-gcp-fips, linux-realtime, linux-realtime-6.8, mupdf, openjdk-17, openjdk-8, and openjdk-lts).
- Security updates for Tuesday
Security updates have been issued by AlmaLinux (buildah, firefox, go-rpm-macros, kernel, kernel-rt, podman, and thunderbird), Debian (erlang, python-gevent, and r-cran-gh), Fedora (buildah, chromium, k9s, kubernetes1.33, kubernetes1.34, podman, python-mkdocs-include-markdown-plugin, and webkitgtk), Gentoo (Chromium, Google Chrome, Microsoft Edge. Opera, qtsvg, redict, redis, UDisks, and WebKitGTK+), Mageia (cups-filters and ruby-rack), Oracle (kernel and libssh), Red Hat (.NET 8.0, tigervnc, xorg-x11-server, and xorg-x11-server-Xwayland), SUSE (act, bind, cups-filters, govulncheck-vulndb, grub2, libebml, python39, and tcpreplay), and Ubuntu (linux-raspi, linux-raspi-realtime, openjdk-21, openjdk-25, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4, and runc-app, runc-stable).
- AlmaLinux 10.1 released
AlmaLinux 10.1 has been released. Inaddition to providing binary compatibility with Red Hat EnterpriseLinux (RHEL) 10.1, the most notable feature in AlmaLinux 10.1 isthe addition of supportfor Btrfs, which is not available in RHEL:
Btrfs support encompasses both kernel and userspace enablement, and itis now possible to install AlmaLinux OS on a Btrfs filesystem from thevery beginning. Initial enablement was scoped to the installer andstorage management stack, and broader support within the AlmaLinuxsoftware collection for Btrfs features is forthcoming.
In addition to Btrfs support, AlmaLinux OS 10.1 includes numerousother improvements to serve our community. We have continued to extendhardware support both by addingdrivers and by adding a secondary version of AlmaLinux OS and EPELto extend support of x86_64_v2 processors.
See the releasenotes for a full list of changes.
- [$] APT Rust requirement raises questions
It is rarely newsworthy when a project or package picks up a newdependency. However, changes in a core tool like Debian's Advanced PackageTool (APT) can have far-reaching effects. For example, JulianAndres Klode's declarationthat APT would require Rust in May 2026 means that a few of Debian'sunofficial ports must either acquire a working Rust toolchain ordepend on an old version of APT. This has raised several questionswithin the project, particularly about the ability of a singlemaintainer to make changes that have widespread impact.
- Security updates for Monday
Security updates have been issued by Fedora (calibre, chromium, cri-o1.32, cri-o1.33, cri-o1.34, dotnet10.0, dovecot, gnutls, gopass, gopass-hibp, gopass-jsonapi, kubernetes1.31, kubernetes1.32, kubernetes1.33, kubernetes1.34, and linux-firmware), Mageia (ffmpeg, kernel, kmod-xtables-addons & kmod-virtualbox, kernel-linus, konsole, and redis), Red Hat (bind and bind-dyndb-ldap and kernel), SUSE (act, alloy, amazon-ssm-agent, ansible-12, ansible-core, blender, chromium, cups-filters, curl, elfutils, expat, firefox, glib2, grub2, helm, kernel, libipa_hbac-devel, libxslt, nvidia-container-toolkit, ongres-scram, openexr, podman, poppler, runc, samba, sssd, thunderbird, and tomcat), and Ubuntu (cups-filters, linux, linux-aws, linux-gcp, linux-hwe-6.14, linux-oracle, linux-realtime, linux-oem-6.14, and linux-realtime-6.14).
- Kernel prepatch 6.18-rc7
Linus has released 6.18-rc7, probably thelast -rc before the 6.18 release.
So the rc6 kernel wasn't great: we had a last-minute core VM regression that caused people problems.
That's not a great thing late in the release cycle like that, but it was a fairly trivial fix, and the cause wasn't some horrid bug, just a latent gotcha that happened to then bite a late VM fix. So while not great, it also doesn't make me worry about the state of 6.18. We're still on track for a final release next weekend unless some big new problem rears its ugly head.
- Racket 9.0 released
The Racket programming languageproject has released Racketversion 9.0. Racket is a descendant of Scheme, so it is part of the Lisp family of languages. The headline feature in the release is parallelthreads, which adds to the concurrency tools in the language: "WhileRacket has had green threads for some time, and supports parallelism viafutures and places, we feel parallel threads is a major addition."Other new features include the black-boxwrapper to prevent the compiler from optimizing calculations away, the decompile-linkletfunction to map linkletsback to an s-expression, theaddition of Weibulldistributions to the math library, and more.
- Improving GCC Buffer Overflow Detection for C Flexible Array Members (Oracle)
The Oracle blog has alengthy article on enhancements to GCC to help detect overflows offlexible array members (FAMs) in C programs.
We describe here two new GNU extensions which specify size information for FAMs. These are a new attribute, "counted_by" and a new builtin function, "__builtin_counted_by_ref". Both extensions can be used in GNU C applications to specify size information for FAMs, improving the buffer overflow detection for FAMs in general.
This work has been covered on LWN as well.
- The 2025 Linux Foundation Technical Advisory Board election
The call forcandidates for the 2025 election for the Linux Foundation TechnicalAdvisory Board has been posted.
The TAB exists to provide advice from the kernel community to the Linux Foundation and holds a seat on the LF's board of directors; it also serves to facilitate interactions both within the community and with outside entities. Over the last year, the TAB has overseen the organization of the Linux Plumbers Conference, advised on the setup of the kernel CVE numbering authority, worked behind the scenes to help resolve a number of contentious community discussions, worked with the Linux Foundation on community conference planning, and more.
Nominations close on December 13.
- [$] Unpacking for Python comprehensions
Unpacking Python iterables of various sorts, such as dictionaries or lists,is useful in a number of contexts, including for function arguments, butthere has long been a call for extending that capability to comprehensions. PEP 798 ("Unpacking inComprehensions") was first proposed in June 2025 to fill that gap. In earlyNovember, the steering council acceptedthe PEP, which means that the feature will be coming to Python 3.15 inOctober 2026. It may be something of a niche feature, but it is aninconsistency that has been apparent for a while—to the point that some Python programmersassume that it is already present in the language.
- PHP 8.5.0 released
Version8.5.0 of the PHP language has been released. Changes include a new"|>" operator that, for some reason, makes these two linesequivalent:
$result = strlen("Hello world"); $result = "Hello world" |> strlen(...);
Other changes include a new function attribute, "#[\NoDiscard]" toindicate that the return value should be used, attributes on constants, andmore; see themigration guide for details.
- Intel Hiring Two More Experienced Linux Kernel Engineers
While there have been a number of Intel Linux engineers laid off over roughly the past year, other Linux kernel engineers opting to pursue employment opportunities elsewhere amid the ongoing challenges and restructuring at the company, and shifts in their open-source strategy, there's some good news as we work toward the 2025 holidays. Intel is currently hiring for two more experienced Linux kernel software engineers...
- Open-Source Nouveau+NVK vs. NVIDIA 580 Linux Gaming/Graphics & Compute Driver Performance
This Black Friday is an in-depth look at the current performance of the open-source NVIDIA Linux driver stack with the Nouveau kernel driver (the Nova driver not yet being ready for end-users) paired with the latest Mesa NVK driver for open-source Vulkan API support. With that NVK Vulkan driver is also looking at the OpenGL performance using the Zink OpenGL-on-Vulkan driver used now for OpenGL on modern NVIDIA GPUs rather than maintaining the Nouveau Gallium3D driver. Plus the Rusticl driver for OpenCL compute atop the NVK driver. This fully open-source and latest NVIDIA Linux driver support was compared to NVIDIA's official 580 series Linux driver. Both RTX 40 Ada and RTX 50 Blackwell graphics cards were tested for this thorough GPU driver comparison.
- Dual-Radio T-Lora Dual Supports LoRa at 150-960 MHz and 2.4 GHz
LILYGO has introduced the T-Lora Dual LR, a compact board that integrates an ESP32-S3R8 microcontroller with two LR1121 transceivers, combining Wi-Fi, Bluetooth LE, and LoRa across sub-GHz and 2.4 GHz bands. The module uses the ESP32-S3R8 as its main processor. It features a dual-core LX7 architecture and includes integrated wireless connectivity for Wi-Fi 802.11 b/g/n […]
- Fanless AIM101 Edge System Integrates Intel Processor N150 and PCIe AI Accelerator Support
Axiomtek’s AIM101 is a compact fanless edge computer built around Intel’s Processor N150, offering PCIe-based AI acceleration, dual 2.5GbE networking, wide-range DC input, and extended-temperature operation for industrial, machine-vision, and real-time inference workloads. The system is powered by the Intel Processor N150, a quad-core N-series SoC with clock speeds up to 3.6GHz. This platform integrates […]
- Beginners Guide for Read Command in Linux
The read command is a built-in Linux utility that allows shell script writers to take single line input from the keyboard or from the file descriptor and store it in a variable.
- GCC 16 Switches To Using C++20 Standard By Default
Following up on the discussion from earlier this month among GCC developers over switching to C++20 by default for the GCC compiler as the default C++ standard when not otherwise set, that change has indeed happened. Merged now is the change defaulting to C++20 (well, the GNU++20 dialect) rather than C++17/GNU++17 when not otherwise specified when compiling C++ code...
- DietPi November 2025 Update Adds BirdNET-Go, Trixie Support Enhancements, and Broad Software Fixes
The November release of DietPi v9.19 introduces a new continuous audio analysis tool, expanded Debian Trixie compatibility across several software packages, and updates that improve performance and stability on popular ARM-based single-board computers. The update also provides fixes for Raspberry Pi systems, Allwinner H3/H5 devices, and several DietPi-Software components. DietPi: DietPi is a lightweight, […]
- Viral Song Created with Suno's genAI Removed From Streaming Platforms, Re-Released With Human Vocals
An EDM song by the British group Haven ran into trouble in October after it shared clips of upcoming song "I Run" on TikTok. The song "was an overnight viral sensation online," writes Digital Music News — racking up millions of plays "even before it hit streaming services." (Although the Washington Post notes that "Record labels and TikTok users began questioning whether 'I Run' used an AI deepfake, modeled off British R&B singer Jorja Smith, for the vocals.") Digital Music News picks up the story:The artist says he used his own voice to record the vocals, and then ran it through layers of processing and filtering to turn it into the female-sounding voice heard in the track. However, that filtering also included the use of the controversial genAI platform Suno — and that's what complicates things... [The article says later that Suno "is currently in the middle of a blockbuster lawsuit with the Big Three major labels over allegations of widespread copyright infringement of sound recordings used during the AI model training process."] Meanwhile, the song was rapidly amassing listenership. It soared to #11 on the U.S. Spotify chart and #25 on Spotify globally. Videos using the song continued going viral on TikTok and Instagram, including one in which rapper Offset had apparently played the song during a Boiler Room set, which later turned out to be falsified. And then, as quickly as it appeared, "I Run" was taken down from streaming services, including Spotify and Apple Music. That was due, in part, to numerous takedown notices from The Orchard, the label to which Jorja Smith is signed, as well as the RIAA and IFPI. The takedown notices alleged various issues with the track, including the "misrepresentation" of another artist, as well as copyright infringement. As a result, the song has also been withheld from the Billboard charts, including the Hot 100, on which it had been predicted to debut this week before the controversy. Billboard points out that it "reserves the right to withhold or remove titles from appearing on the charts that are known to be involved in active legal disputes related to copyright infringement that may extend to the deletion of such content on digital service providers." The song itself has now been re-released with an all-human vocal track. But going forward will the music industry ever work with AI platforms? The Washington Post reports:"I Run" has taken off as record labels remain unsure of the extent to which they should welcome generative AI programs such as Suno or Udio into the industry. After the two AI music companies began growing in popularity, the three major labels — Sony Music, Warner Music Group and Universal Music Group — filed lawsuits against Suno and Udio, claiming that the AI companies have used the labels' sound recordings to train their model. Since then, UMG and Warnerhave reached agreementsto work with Udio, ending their litigation... It comes shortly after all three major labels licensed their catalogue to Klay, a music streaming start-up that allows users to adjust songs using artificial intelligence. Major licensing organizations such as ASCAP and BMI shared that they would register songs that were partially AI-generated — but not fully generated ones. Haven appears to present an uncomfortable edge case. While some AI-generated songs that sound broadly like other artists have been allowed to remain on streaming platforms, the voice in "I Run" appears to have been deemed too duplicative for comfort.
 
Read more of this story at Slashdot.
- OpenAI Partners Amass $100 Billion Debt Pile To Fund Its Ambitions
OpenAI's data centre partners are on course to amass almost $100 billion in borrowing tied to the lossmaking start-up, as the ChatGPT maker benefits from a debt-fuelled spending spree without taking on financial risks itself. Financial Times: SoftBank, Oracle and CoreWeave have borrowed at least $30 billion to invest in the start-up or help build its data centres, according to FT analysis. Investment group Blue Owl Capital and computing infrastructure companies such as Crusoe also rely on deals with OpenAI to service about $28 billion in loans. A group of banks is in talks to lend another $38 billion for Oracle and data centre builder Vantage to fund further sites for OpenAI, according to people familiar with the matter. The deal is expected to be finalised in the coming weeks. OpenAI executives have said they plan to raise substantial debt to help pay for these contracts, but so far the financial burden has fallen to its counterparties and their lenders. "That's been kind of the strategy," said a senior OpenAI executive. "How does [OpenAI] leverage other people's balance sheets?"
Read more of this story at Slashdot.
- Officials Clashed in Investigation of Deadly Air India Crash
The investigation into the June 12 Air India crash that killed 260 people has been marked by tension, suspicion and poor communication between American and Indian officials, including an episode where NTSB chairwoman Jennifer Homendy instructed her black-box specialists not to board a late-night Indian military flight to a remote facility, WSJ reports. When two American recorder experts landed in New Delhi in late June, they received urgent messages from colleagues telling them not to go with the Indians; Homendy had grown concerned about sending U.S. personnel and equipment to an aerospace lab in the remote town of Korwa amid State Department security warnings about terrorism in the region. She made calls to Transportation Secretary Sean Duffy and the CEOs of Boeing and GE Aerospace, and the State Department sent embassy officials to intercept the NTSB specialists at the airport. Homendy eventually delivered an ultimatum: if Indian authorities didn't choose between their Delhi facility and the NTSB's Washington lab within 48 hours, she would withdraw American support from the probe. Indian officials relented. The downloaded data showed someone in the cockpit moved switches that cut off the engines' fuel supply, and India's preliminary report stated one pilot asked the other why he moved the switches while that pilot denied doing so. American government and industry officials now privately believe the captain likely moved the switches deliberately.
Read more of this story at Slashdot.
- The Mysterious Black Fungus From Chernobyl That May Eat Radiation
Black fungus found growing inside Chernobyl's destroyed reactor may be feeding on radiation, and researchers have tested samples of the same species aboard the International Space Station to explore whether it could eventually shield astronauts from cosmic rays. Ukrainian scientist Nelli Zhdanova first discovered the melanin-rich mould colonizing the walls and ceilings of the exploded reactor building during a May 1997 survey. Her research indicated that the fungal hyphae were actually growing toward sources of ionizing radiation rather than merely tolerating it. In 2007, nuclear scientist Ekaterina Dadachova at the Albert Einstein College of Medicine found that melanised fungi grew 10% faster when exposed to radioactive caesium compared to control samples, leading her to propose "radiosynthesis" -- a process where organisms convert radiation into metabolic energy. The same strain, Cladosporium sphaerospermum, traveled to the ISS in December 2018 and grew an average of 1.21 times faster over 26 days compared to Earth-based controls. Nils Averesch, a biochemist at the University of Florida and co-author of that study, remains cautious about attributing the growth boost to radiation harvesting since zero gravity could also be responsible.
Read more of this story at Slashdot.
- Airbus Issues Major A320 Recall, Threatening Global Flight Disruption
Europe's Airbus said on Friday it was ordering immediate repairs to 6,000 of its widely used A320 family of jets in a sweeping recall affecting more than half the global fleet, threatening upheaval during the busiest travel weekend of the year in the United States and disruption worldwide. From a report: The setback appears to be among the largest recalls affecting Airbus in its 55-year history and comes weeks after the A320 overtook the Boeing 737 as the most-delivered model. At the time Airbus issued its bulletin to the plane's more than 350 operators, some 3,000 A320-family jets were in the air. The fix mainly involves reverting to earlier software and is relatively simple, but must be carried out before the planes can fly again, other than repositioning to repair centres, according to the bulletin to airlines seen by Reuters. Airlines from the United States to South America, Europe, India and New Zealand warned the repairs could potentially cause flight delays or cancellations.
Read more of this story at Slashdot.
- EU To Examine If Apple Ads and Maps Subject To Tough Rules, Apple Says No
EU antitrust regulators will examine whether Apple's Apple Ads and Apple Maps should be subject to the onerous requirements of the bloc's digital rules after both services hit key criteria, with the U.S. tech giant saying they should be exempted. From a report: Apple's App Store, iOS operating system and Safari web browser were designated core platform services under the Digital Markets Act two years ago aimed at reining in the power of Big Tech and opening up the field to rivals so consumers can have more choice. The European Commission said that Apple has notified it that Apple Ads and Apple Maps met the Act's two thresholds to be considered "gatekeepers." The DMA designates companies with services with more than 45 million monthly active users and $79 billion in market capitalisation as gatekeepers subject to a list of dos and don'ts.
Read more of this story at Slashdot.
- Scientists Think They've Solved Why One of History's Most Advanced Civilizations Vanished
A new study published in Communications Earth & Environment has reconstructed the climate conditions of the ancient Indus River Valley civilization between 3000 and 1000 B.C., finding that four intense droughts -- each lasting more than 85 years -- likely drove the gradual decline of one of the world's earliest advanced societies. The research team, led by Hiren Solanki at the Indian Institute of Technology, Gandhinagar, combined paleoclimate data from cave formations and lake records with computer models to determine that the region shifted from wetter-than-present monsoon conditions to prolonged dry spells as the tropical Pacific Ocean warmed. The third drought, peaking around 1733 B.C., proved the most severe: it lasted 164 years, reduced annual rainfall by 13%, and affected nearly the entire region. Overall temperatures rose by 0.5 degrees Celsius and rainfall dropped between 10 and 20%. These changes shrank lakes and rivers, dried soils, and made agriculture increasingly difficult in areas away from major waterways. Harappan settlements progressively relocated eastward toward the Indus River over roughly 2,000 years. The civilization's long survival under repeated climate stress -- through crop switching, trade diversification, and settlement relocation -- offers lessons for modern communities facing environmental pressures, the researchers said.
Read more of this story at Slashdot.
- China-Netherlands Chip Fight Turns Into Corporate Civil War
The bitter standoff between Dutch chipmaker Nexperia -- which supplies basic chips crucial to 49% of European automakers, over 85% of medical device companies, and the entire defense industry -- and its Chinese parent company Wingtech escalated on Friday when both Wingtech and Nexperia's Chinese unit accused the Dutch business of secretly building a supply chain that would cut China out entirely. The accusations came one day after Nexperia's Dutch headquarters published an open letter claiming it had repeatedly tried and failed to contact its Chinese unit. Nexperia China demanded the Dutch side halt its overseas expansion plans, specifically a $300 million investment in a Malaysian plant, and alleged an internal company target to source 90% of production outside China by mid-2026. The Chinese unit also accused its European counterparts of deleting employee email accounts and cutting off access to IT systems. The dispute traces back to September when the Dutch government invoked a Cold War-era law to seize control of Nexperia on economic security grounds. An Amsterdam court subsequently stripped Wingtech of its ownership rights. Beijing retaliated by halting exports of finished Nexperia chips on October 4, triggering warnings of production shutdowns from automakers including Nissan and Bosch. Export curbs were relaxed in early November, and the Dutch government suspended its intervention last week following talks, but the court ruling remains in force. Wingtech warned that supply disruptions could return if the control issue remains unresolved.
Read more of this story at Slashdot.
- Australia Risks 2035 Climate Goal Without Bigger Emissions Cuts
Australia warned it's in danger of missing its 2035 climate targets without deeper pollution cuts, which in turn threatens the nation's ambitions to reach net zero by mid-century. From a report: Emissions are set to fall 48% by 2035 from 2005 levels based on current projections [non-paywalled source], the government said in a report on Thursday. That's short of an official pledge to cut greenhouse gases between 62% and 70%. The forecast doesn't take into account new action planned under the nation's Net Zero Plan. Still, the targets remain achievable and officials plan to take additional measures to meet them, Minister for Climate Change and Energy Chris Bowen said in a speech to parliament.
Read more of this story at Slashdot.
- Singapore Takes Top Spot in Global Talent Index
Singapore has claimed the top spot in the 2025 Global Talent Competitiveness Index for the first time, displacing Switzerland from a position the European nation had held since the ranking's inception in 2013. The index, produced by business school INSEAD and the Portulans Institute, measured 135 economies across 77 indicators spanning soft skills, AI talent concentration, and formal education systems. The city-state ranked first globally in formal education and what the report calls "Generalist Adaptive Skills," a category covering soft skills, digital literacy, and innovation-oriented thinking. A key factor in Singapore's rise was a seven-place jump in talent retention, moving from 38th to 31st. The United States fell from third place in 2023 to ninth this year, its weakest showing in 12 years, due to declines in openness and lifelong learning metrics. High-income European countries continue to dominate the top ten, holding seven positions.
Read more of this story at Slashdot.
- Europe Fears It Can't Catch Up in Great Power Competition
European leaders have spent years warning that the continent risked falling behind the U.S., China and Russia in the global contest for economic, technological and military dominance, and officials now believe they have reached that point. The mood darkened over the summer when Europe found itself on the sidelines as Washington and Beijing negotiated a reset of global trade rules, and turned bleak this month when the White House presented a Ukraine cease-fire plan without consulting European capitals. In July, the EU accepted a trade deal allowing the U.S. to impose 15% tariffs without retaliation. President Trump ignored European calls to pressure Moscow before meeting Vladimir Putin in Alaska in August, telling reporters "this is not to do with Europe, Europe's not telling me what to do." Germany has eased its debt brake to pour $580 billion into a decade-long rearmament program, and the EU has set a 2030 rearmament goal -- defense spending across the region is set to exceed $560 billion this year, double what it was a decade ago. "Battle lines for a new world order, based on power, are being drawn right now," European Commission President Ursula von der Leyen said in September. "A new Europe must emerge."
Read more of this story at Slashdot.
- Someone Is Trying To 'Hack' People Through Apple Podcasts
Apple's Podcasts app on both iOS and Mac has been exhibiting strange behavior for months, spontaneously launching and presenting users with obscure religion, spirituality and education podcasts they never subscribed to -- and at least one of these podcasts contains a link attempting a cross-site scripting attack, 404 Media reports. Joseph Cox, a journalist at the outlet, documented the issue after repeatedly finding his Mac had launched the Podcasts app on its own, presenting bizarre podcasts with titles containing garbled code, external URLs to Spotify and Google Play, and in one case, what appears to be XSS attack code embedded directly in the podcast title itself. Patrick Wardle, a macOS security expert and creator of Objective-See, confirmed he could replicate similar behavior: simply visiting a website can trigger the Podcasts app to open and load an attacker-chosen podcast without any user prompt or approval. Wardle said this creates "a very effective delivery mechanism" if a vulnerability exists in the Podcasts app, and the level of probing suggests adversaries are actively evaluating it as a potential target. The XSS-attempting podcast dates from around 2019. A recent review in the app asked "How does Apple allow this attempted XSS attack?" Asked for comment five times by 404 Media, Apple did not respond.
Read more of this story at Slashdot.
- Australia's Streaming Quotas Become Law
Australia's streaming quotas have become law. Legislation requiring the likes of Netflix, Disney+ and HBO Max to spend a portion of their local earnings on original Australian content has been passed in parliament, and now comes into effect. From a report: The quotas were announced earlier this month. This will see global streamers with more than one million Australian subscribers made to spend 10% of their total Australian expenditure -- or 7.5% of their revenues -- on local originals, whether they are dramas, children's shows, docs, or arts and educational programs. Failing to comply with the rules will see streamers fined up to ten times their annual revenues in Australia. This is more than what broadcasters are liable for if they breach their quota rules laws. Streamers will be given three years to get their production operations in line. Streamers have long opposed government-set quotas and content levies, arguing they already meaningfully invest in the production sectors of the countries in which they operate. Producers, in general, have welcomed the systems, but remain wary that they could push streaming services out of their countries.
Read more of this story at Slashdot.
- Robots and AI Are Already Remaking the Chinese Economy
China installed 295,000 industrial robots last year -- nearly nine times as many as the United States and more than the rest of the world combined -- as the country races to automate its manufacturing base amid rising labor costs at home and tariff threats from abroad. The nation's stock of operational robots surpassed 2 million in 2024, according to the International Federation of Robotics. Of 131 factories globally recognized by the World Economic Forum for boosting productivity through cutting-edge technologies like AI, 45 are in mainland China compared to three in the US. At Midea's washing machine factory in Jingzhou, an AI "factory brain" manages 14 virtual agents that coordinate robots and machines on the floor. The home-appliance giant reports that its revenue per employee grew nearly 40% between 2015 and 2024, and processes that once took 15 minutes now take 30 seconds. Down jacket maker Bosideng has cut sample production time from 100 days to 27 days using AI design tools, reducing development costs by 60%. At the port of Tianjin, scheduling that previously required 24 hours now takes 10 minutes, and 88% of large container equipment is automated. The port's operator says it requires 60% fewer workers than traditional facilities.
Read more of this story at Slashdot.
- Violent Conflict Over Water Hit a Record Last Year
Researchers at the Pacific Institute documented 420 water-related conflicts globally in 2024, a record that far surpasses the 355 incidents logged in 2023 and continues a trend that has seen such violence more than quadruple over the past five years. The Oakland-based water think tank's database tracks disputes where water triggered violence, where water systems were targeted, and where infrastructure became collateral damage in broader conflicts. The Middle East reported the most incidents at 138, including 66 tied to the Israeli-Palestinian conflict. The Israeli military destroyed more than 30 wells in Rafah and Khan Yunis, and there were numerous reports of settlers destroying pipelines and tanks in the West Bank. The Russia-Ukraine war accounted for 51 incidents, including strikes that disrupted water service in Ukrainian cities.
Read more of this story at Slashdot.
- Baikonur's only crew-capable pad busted after Soyuz flight
Roscosmos confirms 'damage' as images suggest repairs could stretch into 2027
The pad used by Russia to send Soyuz spacecraft to the International Space Station (ISS) sustained damage during yesterday's crew launch, according to Roscosmos.…
- PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle
Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm
PostHog says the Shai-Hulud 2.0 npm worm compromise was "the largest and most impactful security incident" it's ever experienced after attackers slipped malicious releases into its JavaScript SDKs and tried to auto-loot developer credentials.…
- GrapheneOS bails on OVHcloud over France's privacy stance
Project cites fears of state access as cloud sovereignty row deepens
French cloud outfit OVHcloud took another hit this week after GrapheneOS, a mobile operating system, said it was ditching the company's servers over concerns about France's approach to digital privacy.…
- GPUs aren't worth their weight in gold – it just feels like they are
Nvidia's accelerators look pricey, but bullion still wins on cost per ounce
For as long as I have been a reporter and analyst in the IT sector, November has always been supercomputing month. Way before there was a TOP500 ranking of supercomputers in June 1993 but just as I was leaving university, the first Supercomputing Conference was held in Orlando in 1988. And that November SC show set the cadence for high-performance computing for the decades that followed.…
- OBR drags in cyber bigwig after Budget leak blunder
Ex-NCSC chief Ciaran Martin asked to examine how forecast ended up online ahead of schedule
The Office for Budget Responsibility (OBR) has drafted in former National Cyber Security Centre (NCSC) chief Ciaran Martin to sniff out how its Budget day forecast wandered onto the open internet before the Chancellor had even reached the dispatch box.…
- UK digital ID plan gets a price tag at last – £1.8B
OBR says the scheme will cost £600M a year with no identified savings
The UK government has finally put a £1.8 billion price tag on its digital ID plans – days after the minister responsible refused to name a figure.…
- UK Digital Services Tax raises £800M from global tech giants
Treasury haul beats early forecasts, yet captures only a fraction of the revenue generated in Britain
The UK government collected just £800 million in Digital Services Tax (DST) from companies such as Amazon, Google, Meta, eBay, and TikTok in the most recent tax year.…
- Canadian data order risks blowing a hole in EU sovereignty
OVH stuck between a rock and a hard place as investigators demand access
A Canadian court has ordered French cloud provider OVHcloud to hand over customer data stored in Europe, potentially undermining the provider's claims about digital sovereignty protections.…
- Tiny tweak for Pi OS, big makeover for the Imager
Debian 13.2 freshness, better HiDPI support, and 101 other things to run on your Pi
Raspberry Pi Ltd has shipped two updates for its single-board computers: a very small refresh to Pi OS 6, and a more substantial upgrade to the tool that writes your Pi's operating system to an SD card.…
- HPC won't be an x86 monoculture forever – and it's starting to show
Arm and RISC-V would like a word
Feature Remember when high-performance computing always seemed to be about x86? Exactly a decade ago, almost nine in ten supercomputers in the TOP500 (a list of the beefiest machines maintained twice yearly by academics) were Intel-based. Today, it's down to 57 percent.…
- Norway's most powerful supercomputer will use waste heat to raise salmon
HPE-built system mixes Nvidia's Grace-Hopper superchips with AMD Turin CPUs to maximize HPC potential
This week the Norwegian scientific community celebrated the completion of the Olivia supercomputer, which combines AMD CPUs with Nvidia Superchips to deliver a 16-fold boost to the nation's computing capacity – and eventually put fresh fish on the table.…
- Botnet takes advantage of AWS outage to smack 28 countries
Even worse, it might have been a 'test run' for future attacks
A Mirai-based botnet named ShadowV2 emerged during last October's widespread AWS outage, infecting IoT devices across industries and continents, likely serving as a "test run" for future attacks, according to Fortinet's FortiGuard Labs.…
- Mobile industry warns patchwork cyber regs are driving up costs
GSMA says fragmented, poorly designed laws add burdens without making networks any safer
Mobile operators' core cybersecurity spending is projected to more than double by 2030 as threats evolve, while poorly designed and fragmented policy frameworks add extra compliance costs, according to industry group the GSMA.…
- Doom hits KiCad as PCB traces become demons and doors
Engineer bends layout tool into vector renderer, then pushes frames through a MacBook's headphone jack
There's a certain delight to be had in doing something just to see if you can. Case in point: rendering Doom using PCB design software, or wading through the shores of Hell via the medium of an oscilloscope.…
- Workday confronts existential threat as customers freeze hiring
HR software vendor pushes cross-selling as modest workforce growth exposes vulnerability of per-seat pricing
Workday is confronting a troubling reality. Customers aren't hiring much and some are actively cutting staff. The solution? Cross-selling to squeeze more revenue per user out of its installed base.…
- HSBC spies $207B crater in OpenAI's expansion goals
Gap threatens Oracle, Microsoft, and Amazon despite optimistic forecasts of 3 billion ChatGPT users by 2030
OpenAI needs to secure $207 billion in new financing by 2030 to fulfill its expansion plans, according to HSBC Global Investment Research – a challenge that could ripple across Big Tech.…
- The exascale offensive: America's race to rule AI HPC
From nuclear weapons testing to climate modeling, nine new machines will give the US unprecedented computing firepower
Feature A silent arms race is accelerating in the world's most advanced laboratories. While headlines focus on chatbots and consumer AI, the United States is orchestrating something far more consequential: a massive expansion of supercomputing power that may reshape the future of science, security, and technological supremacy.…
- Seven years later, Airbus is still trying to kick its Microsoft habit
Google Workspace switch drags on amid Excel dependencies, compliance requirements, and compatibility issues
Exclusive Breaking free from Microsoft is harder than it looks. Airbus began migrating its 100,000-plus workforce from Office to Google Workspace more than seven years ago and it still hasn't completed the switch.…
- India has satisfied its supercomputing needs, but not its ambitions
Creating 37 supers in a decade is impressive. The homegrown tech in them, less so
Feature In the decade since India launched its National Supercomputing Mission (NSM), the nation has commissioned 37 machines with a combined power of 39 petaFLOPS, with another 35-petaFLOPS hybrid due to come online later this year. But while plenty of those machines use locally developed technology, India is yet to deliver on its ambition to become a leader or major semiconductor player.…
- Alibaba Cloud can’t deploy servers fast enough to satisfy demand for AI
Chinese giant adds to ‘No AI bubble’ babble by citing oversubscribed infrastructure and surging demand
China’s Alibaba Cloud can’t deploy servers fast enough to keep up with demand for AI, so is rationing access to GPUs so that customers who use all of its services enjoy priority access.…
- Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces
OpenTelemetry (fondly known as OTel) is an open-source project that provides a unified set of APIs, libraries, agents, and instrumentation to capture and export logs, metrics, and traces from applications. The project’s goal is to standardize observability across various services and applications, enabling better monitoring and troubleshooting. Read More at Causely
The post Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces appeared first on Linux.com.
- Xen 4.19 is released
Xen Project 4.19 has been officially out since July 31st, 2024, and it brings significant updates. With enhancements in performance, security, and versatility across various architectures like Arm, PPC, RISC-V, and x86, this release is an important milestone for the Xen community. Read more at XCP-ng Blog
The post Xen 4.19 is released appeared first on Linux.com.
- Advancing Xen on RISC-V: key updates
At Vates, we are heavily invested in the advancement of Xen and the RISC-V architecture. RISC-V, a rapidly emerging open-source hardware architecture, is gaining traction due to its flexibility, scalability and openness, which align perfectly with our ethos of fostering open development ecosystems. Although the upstream version of Xen for RISC-V is not yet fully [0]
The post Advancing Xen on RISC-V: key updates appeared first on Linux.com.
- Arch Linux Based Endeavour OS Updated After ISO Refresh Hiatus
Endeavour OS is one of the popular desktop Linux distributions built around Arch Linux providing a nice out-of-the-box experience. Since their last ISO refresh back in March there hadn't been much news from the project nor any new ISO releases for this rolling-release distro. But thankfully today they are back in the saddle with a new ISO release, Endeavour OS 2025.11.24 "Ganymede"...
- Framework Computer Now Sponsoring LVFS / Fwupd Development
With the Linux Vendor Firmware Service serving more than 135 million downloads for Linux users updating their system and device firmware, LVFS has been working to get more hardware vendors to contribute either engineering resources or directly contributing annual dues as sponsors. Framework Computer is now the first one to have executed an agreement under these new sponsorship efforts...
- Intel Hiring Two More Experienced Linux Kernel Engineers
While there have been a number of Intel Linux engineers laid off over roughly the past year, other Linux kernel engineers opting to pursue employment opportunities elsewhere amid the ongoing challenges and restructuring at the company, and shifts in their open-source strategy, there's some good news as we work toward the 2025 holidays. Intel is currently hiring for two more experienced Linux kernel software engineers...
- Black Friday Reminder For Those Hating Ads But Loving Linux Hardware/Software
As the one and last friendly reminder, if you enjoy the daily and original content found on Phoronix.com but not liking ads and wanting to view multi-page articles on a single page, native dark mode, and more: the 2025 Black Friday / Cyber Week deal is ending Monday to help support the site while enjoying a discounted rate...
- Open-Source Nouveau+NVK vs. NVIDIA 580 Linux Gaming/Graphics & Compute Driver Performance
This Black Friday is an in-depth look at the current performance of the open-source NVIDIA Linux driver stack with the Nouveau kernel driver (the Nova driver not yet being ready for end-users) paired with the latest Mesa NVK driver for open-source Vulkan API support. With that NVK Vulkan driver is also looking at the OpenGL performance using the Zink OpenGL-on-Vulkan driver used now for OpenGL on modern NVIDIA GPUs rather than maintaining the Nouveau Gallium3D driver. Plus the Rusticl driver for OpenCL compute atop the NVK driver. This fully open-source and latest NVIDIA Linux driver support was compared to NVIDIA9s official 580 series Linux driver. Both RTX 40 Ada and RTX 50 Blackwell graphics cards were tested for this thorough GPU driver comparison.
- New Linux Patches Enhance Single-Threaded Performance On Many-Core CPUs
In addition to the proposed Hierarchical Queued NUMA-aware spinlocks for better performance, another interesting performance-enhancing patch series posted in the past 24 hours for the Linux kernel is for improving the performance of single-threaded tasks running on high core count CPU desktops / workstations / servers...
- AMD ISP4 Linux Webcam Driver Updated For HP ZBook Ultra G1a & Future Ryzen Laptops
We eagerly await to see if the AMD ISP4 driver will be ready for mainlining in the imminent Linux v6.19 merge window but it's getting down to the wire and thus looking less likely it will make it unless action is taken in the coming days. Today though a sixth version of this AMD ISP4 image signal processor driver was posted for this last piece of the puzzle in enabling the web camera on the HP ZBook Ultra G1a Strix Halo laptop as well as future Ryzen high-end laptops...
- Vulkan 1.4.335 Released With The Very Notable VK_EXT_present_timing
Vulkan 1.4.335 released a few hours ago as the latest iteration of this high performance graphics and compute API. With being just a week since the prior update and given the US Thanksgiving week, it's on the lighter side in terms of issues addressed. There is one new extension though and it's a big one: VK_EXT_present_timing is finally merged...
- One Of Intel9s Xe Open-Source Linux Graphics Driver Maintainers Is Departing
It's been two months since there were any notable Intel Linux engineering departures to note following various layoffs and voluntary departures this year that have unfortunately impacted their Linux/open-source talent. Sadly this US Thanksgiving is a new departure to note: one of Intel's maintainers for the Xe open-source Linux kernel graphics driver is leaving the company. This is for the modern Xe driver used by default since Lunar Lake and playing a pivotal role for Intel Linux graphics moving forward...
- GCC 16 Switches To Using C++20 Standard By Default
Following up on the discussion from earlier this month among GCC developers over switching to C++20 by default for the GCC compiler as the default C++ standard when not otherwise set, that change has indeed happened. Merged now is the change defaulting to C++20 (well, the GNU++20 dialect) rather than C++17/GNU++17 when not otherwise specified when compiling C++ code...
- Intel Battlemage Graphics Enjoyed Nice GPU Compute Performance Gains In 2025
In addition to Intel Arrow Lake desktop performance evolving nicely on Linux over the course of 2025, the Intel Arc B-Series graphics that launched last December with the Arc B580 have evolved quite nicely too with their open-source driver stack. With it coming up on one year since the Arc B580 launch, here is a look at how the GPU compute performance has evolved since that point. Similar Intel Arc B580 Linux graphics comparisons are also coming up in a follow-up comparison on Phoronix.
- Valve-Backed Color Pipeline API For Linux Is Finally Ready For Upstream
For those Linux desktop users in the US needing another reason to be thankful this Thanksgiving, a huge and long-awaited accomplishment is ready for merging to the kernel: the Color Pipeline API that is important for HDR is ready for merging! As of last night the code is queued in DRM-Misc-Next for this years-in-the-making effort...
- Common Desktop Environment "CDE" 2.5.3 Released After Two Years
Two years and one week since the prior point release, Common Desktop Environment 2.5.3 is now available as the latest iteration of this Unix desktop environment built around the Motif toolkit. CDE has been open-source for more than a decade now but its development not exactly brisk. But for those resisting the likes of Wayland and other modern display tech -- especially with KDE announcing today Plasma 6.8 will be Wayland-exclusive -- CDE 2.5.3 is now available...
- Vulkan9s VK_EXT_present_timing Merged After Five Years In The Making
Originally opened in September 2020 by NVIDIA Linux engineer James Jones, tonight the Vulkan VK_EXT_present_timing extension was finally merged! Five years in the making and incorporating contributions from Google, NVIDIA, AMD, Collabora, Samsung, Unity, and Red Hat is this prominent new addition to the Vulkan API...
- Radeon Software for Linux 25.20.3 Released - "Exclusively Open-Source" With RADV
With the great upstream support for AMD Radeon graphics in the Linux kernel and Mesa, most desktop users / gamers / enthusiasts are best off just using the latest code shipped by their distributions or via the enthusiast-supported third-party archives/repositories. But for those on older enterprise Linux distributions, Radeon Software for Linux 25.20.3 was recently released for shipping that packaged AMD Linux graphics driver stack. This 25.20 series is the big one where they are now officially supporting the Mesa RADV Vulkan driver in place of their own former Vulkan Linux driver...
- Intel Core Ultra 9 285K "Arrow Lake" Linux Performance Up ~9% One Year Later At ~85% Power Use
It9s been just over one year now since the launch of the Core Ultra 9 285K and other Arrow Lake desktop processors. For those that may be considering an Arrow Lake CPU this holiday season for a Linux desktop or just curious how the power and performance has evolved one year later, here are some leading-edge benchmarks of the Intel Core Ultra 9 285K compared to the launch-day performance last October.
- Linux 6.19 Overhauling The Intel TDX Locking Code For KVM
Sean Christopherson of Google sent out the pull requests to the KVM tree of the various x86_64-related areas of virtualization he oversees. With these updates ahead of the Linux 6.19 merge window there is a significant overhaul of Intel's Trust Domain Extensions (TDX) code to address various outstanding problems...
- Genode OS Framework 25.11 released
The release 25.11 wraps up our year of rigidity, clarity, performance! with a bouquet of vast under-the-hood improvements. Genode�s custom kernel received special tuning of its new CPU scheduler for Sculpt-OS workloads, and became much more scalable with respect to virtual-memory management. Combined, those efforts visibly boost the performance of Sculpt OS on performance-starved hardware like the PinePhone or the i.MX8-based MNT Reform laptop. On account of improving clarity, our new configuration format � now named human-inclined data (HID) � proliferates throughout Genode�s tooling. We are also happy to report that almost all Genode components have become interoperable with both XML and HID by now. ↫ Genode OS Framework 25.11 release notes The Genode Framework 25.11 also brings a major change to how important shared components that aren�t strictly part of the framework are handled, such as ports like libSDL, sqlite, or gnutls. Before, these could only be built with the Genode build system, which was suboptimal because this isn�t designed for building individual components. Several changes have been made to now enable the use of multiple build systems and the Goa SDK, which should make it a lot easier to these crucial components to become the responsibility of wider parts of the community. There�s way more, of course, such as the usual driver improvements, including the addition of support for serial-to-USB adapters.
- Dell: about 1 billion PCs will not or cannot be upgraded to Windows 11
During a Dell earnings call, the company mentioned some staggering numbers regarding the amount of PCs that will not or cannot be upgraded to Windows 11. “We have about 500 million of them capable of running Windows 11 that haven’t been upgraded,” said Dell COO Jeffrey Clarke on a Q3 earnings call earlier this week, referring to the overall PC market, not just Dell’s slice of machines. “And we have another 500 million that are four years old that can’t run Windows 11.” He sees this as an opportunity to guide customers towards the latest Windows 11 machines and AI PCs, but warns that the PC market is going to be relatively flat next year. ↫ Tom Warren at The Verge The monumental scale of the Windows 10 install base that simply won�t or cannot upgrade to Windows 11 is massive, and it�s absolutely bonkers to me that we�re mostly just letting them get away with leaving at least a billion users out in the cold when it comes to security updates and bug fixes. The US government (in better times) and the EU should�ve 100% forced Microsoft�s hand, as leaving this many people on outdated, unsupported operating system installations is several disasters waiting to happen. Aside from the dangerous position Microsoft is forcing its Windows 10 users into, there�s also the massive environmental and public health impact of huge swaths of machines, especially in enterprise environments, becoming obsolete overnight. Many of these will end up in landfills, often shipped to third-world countries so we in the west don�t have to deal with our e-waste and its dangerous consequences directly. I can get fined for littering � rightfully so � but when a company like Microsoft makes sweeping decisions which cause untold amounts of dangerous chemicals to be dumped in countless locations all over the globe, governments shrug it off and move on. At least we will get some cheap eBay hardware out of it, I guess.
- CDE 2.5.3 released
So my love for the Common Desktop Environment isn�t exactly a secret, so let�s talk about the project�s latest release, CDE 2.5.3, released a few days ago. As the version number suggests, this first new version in two years is a rather minor release, containing only a few bug fixes. For instance, CDE�s window manager dtwm picked up support for more mouse buttons, its file manager dtfile now uses sh to find files instead of ksh, and a few more of these rather minor, but welcome, changes and bugfixes. Ever since CDE was released as open source over thirteen years ago, and while considerable work has been done to make it build, install, and run on modern platforms, that�s kind of where the steam ran out. CDE isn�t being actively developed to build upon its strengths and add new and welcome features and conveniences, but is instead kept in a sort of buildable stasis. There is absolutely nothing wrong with this � it keeps CDE accessible on modern platforms, and that�s a huge amount of work that deserves respect and gratitude � but it�d be nice if we lived in a world where there was enough interest (and time and money) to have people work on actually improving it. Of course, the reality is that there�d be very little interest in such an improved CDE, and that�s exactly why it isn�t happening. On top op the current work the CDE team is doing, you�d need to not only develop new features, but also improve the Motif toolkit to make such new features possible, and make sure such improvements don�t break anything else. With such an old codebase, that can�t possible be an easy task. Still, I will continue to daydream of a slightly more modernised CDE with some additional niceties we�ve come to expect over the past 30 years, even if I know full well it�s futile.
- Moss: a Linux-compatible kernel written in Rust
Moss is a Unix-like, Linux-compatible kernel written in Rust and Aarch64 assembly. It features a modern, asynchronous core, a modular architecture abstraction layer, and binary compatibility with Linux userspace applications (currently capable of running most BusyBox commands). ↫ Moss� GitHub page I mean, hobby operating systems and kernels written in Rust aren�t exactly the most unique right now, but that doesn�t make them any less interesting for the kinds of people that frequent a site called OSNews. Moss has quite a few things going for it, including support for enough Linux system calls to run most BusyBox commands, complex memory and process management, use of Rust�s async/await model in the kernel, and much more.
- I work for an evil company, but outside work, I’m actually a really good person
I love my job. I make a great salary, there’s a clear path to promotion, and a never-ending supply of cold brew in the office. And even though my job requires me to commit sociopathic acts of evil that directly contribute to making the world a measurably worse place from Monday through Friday, five days a week, from morning to night, outside work, I’m actually a really good person. ↫ Emily Bressler at McSweeney�s The tech industry is full of people like this.
- KDE to drop X11 session in KDE Plasma 6.8
The KDE project has made the call. Well folks, it’s the beginning of a new era: after nearly three decades of KDE desktop environments running on X11, the future KDE Plasma 6.8 release will be Wayland-exclusive! Support for X11 applications will be fully entrusted to Xwayland, and the Plasma X11 session will no longer be included. ↫ The Plasma Team They�re following in the footsteps of the GNOME project, who will also be leaving the legacy windowing system behind. What this means in practice is that official KDE X11 support will cease once KDE Plasma 6.7 is no longer supported, which should be somewhere early 2027. Do note that the KDE developers intend to release a few extra bugfix releases in the 6.7 release cycle to stabilise the X11 session as much as possible for those people who are going to stick with KDE Plasma 6.7 to keep X11 around. For people who wish to keep using X11 after that point, the KDE project advises them to switch to LTS distributions like Alma Linux, which intend to keep supporting Plasma X11 until 2032. Xwayland will handle virtually all X11 applications running inside the Wayland session, including X11 forwarding, with similar functionality implemented in Wayland through Waypipe. Also note that this only applies to Plasma as a whole; KDE applications will continue to support X11 when run in other desktop environments or on other platforms. As for platforms other than Linux � FreeBSD already has relatively robust Wayland support, so if you intend to run KDE on FreeBSD in the near future, you�ll have to move over to Wayland there, as well. The other BSD variants are also dabbling with Wayland support, so it won�t be long before they, too, will be able to run the KDE Plasma Wayland session without any issues. What this means is that the two desktop environments that probably make up like 95% of the desktop Linux user base will now be focusing exclusively on Wayland, which is great news. X11 is a legacy platform and aside from retrocomputing and artisanal, boutique setups, you simply shouldn�t be using it anymore. Less popular desktop environments like Xfce, Cinnamon, Budgie, and LXQt are also adding Wayland support, so it won�t be much longer before virtually no new desktop Linux installations will be using X11. One X down, one more to go.
- Microsoft will start preloading Explorer because it�s so slow
With all the problems Windows is facing, I think one area where Microsoft can make some easy, quick gains is by drastically improving Explorer, Windows� file manager. It seems that in the latest developer releases, they�re doing just that. The most impactful change � possibly � is that Microsoft is going to preload Explorer. We’re exploring preloading File Explorer in the background to help improve File Explorer launch performance. This shouldn’t be visible to you, outside of File Explorer hopefully launching faster when you need to use it. If you have the change, if needed there is an option you can uncheck to disable this called “Enable window preloading for faster launch times” in File Explorer’s Folder Options, under View. ↫ Windows Insider Program Team Microsoft is also reordering the context menu in Explorer, and while this may seem like a small set of changes, the new context menu does look much tidier and less busy. They achieve this by moving a few top-level items to a submenu, and reordering some other elements. Sadly, the context menu still retains its own context menu ( Show more options!), which is a traditional Win32 menu � which I still think is one of the most Windows of Windows things of all time. Regardless, I hope these small changes make Explorer more bearable to use for those of you still using Windows, because we all know you need it.
- Google�s Android for desktops and laptops is called Aluminium
Google has made it very clear that it�s intending to bring Android to laptops and desktops, and replace Chrome OS with Android in the process. We now have a codename, and some more information about what this will look like in practice. Over the weekend, a tipster on Telegram named Frost Core shared a link to an intriguing Google job listing for a ‘Senior Product Manager, Android, Laptop and Tablets.’ While we already know Google is bringing Android to the PC, the listing explicitly states that the role involves ‘working on a new Aluminium, Android-based, operating system.’ This effectively confirms that Aluminium is the codename for the new unified platform. The name appears to be a nod to the project’s roots: like Chromium (the open-source version of ChromeOS), Aluminium is a metal ending in ‘-ium.’ The choice of the British spelling — emphasizing the ‘Al’ prefix — likely pays homage to Android serving as the project’s foundation.” ↫ Mishaal Rahman at Android Authority So we have the codename, and of course, what we also have is a strong focus on AI!, which will be at the core! of desktop Android. Further details uncovered in job openings include a focus not just on entry-level hardware, but also midrange and premium laptops and desktops, as well as Chrome OS being replaced by this new desktop Android variant. I somehow doubt existing Chrome OS devices will be updated to this new desktop Android variant, so Chrome OS will continue to exist as a product for at least quite a few years to come. I still have a considerable amount of doubt that Google would be able to pull this off in a successful way. It�s already hard enough to get anyone to buy any laptop that isn�t running Windows or macOS, and I doubt the Android operating system has the kind of pull with consumers to make them consider switching to it on their laptops or desktops. Enthusiasts will surely eat it up � if only to try � but without any clear, massive success, this desktop Android thing runs the real risk of ending up at Google�s graveyard. These Android laptops can be incredible products, but even if they are, I just won�t trust Google to remain interested in it.
- Microsoft admits almost all major Windows 11 core features are broken
You may have noticed a sharp increase in problems and issues in Windows recently � following the rise of the AI! hype cycle, entirely coincidentally, I�m sure � and it seems Microsoft is finally starting to acknowledge just how bad Windows has become. On the positive side though, following all that backlash, Microsoft acknowledged Windows has issues, and as if on cue, the company in a new support article has admitted that there are problems on almost every major Windows 11 core feature. The issues are related to XAML and this impacts all the Shell components like the Start Menu, Taskbar, Explorer, and Windows Settings. ↫ Sayan Sen at Neowin It�s wild how many core components like this have apparently been broken due to these problems since July of this year. This means countless Windows users have been experiencing weird issues on a daily basis in multiple components for four months now, which is absolutely wild. On top of all the more structural problems in Windows, I wonder how people can get anything done at all � only a few days ago, I had to manually clean out the Installer folder in the Windows folder on my wife�s gaming PC, because for some inexplicable reason, Windows decided to permanently store 18GB�s worth (!) of past Adobe Acrobat updates and installers in there. It�s impossible to reliably say that Microsoft�s incessant focus on crypto NFTs AI! lies at the root of all of these problems, but if 30% of new! code in Microsoft is indeed regurgitated by AI!, it�s hard not to conclude as such.
- The privacy nightmare of browser fingerprinting
I suspect that many people who take an interest in Internet privacy don’t appreciate how hard it is to resist browser fingerprinting. Taking steps to reduce it leads to inconvenience and, with the present state of technology, even the most intrusive approaches are only partially effective. The data collected by fingerprinting is invisible to the user, and stored somewhere beyond the user’s reach. On the other hand, browser fingerprinting produces only statistical results, and usually can’t be used to track or identify a user with certainty. The data it collects has a relatively short lifespan – days to weeks, not months or years. While it probably can be used for sinister purposes, my main concern is that it supports the intrusive, out-of-control online advertising industry, which has made a wasteland of the Internet. ↫ Kevin Boone My view on this matter is probably a bit more extreme than some: I believe it should be illegal to track users for advertising purposes, because the data collected and the targeting it enables not only violate basic privacy rights enshrined in most constitutions, they also pose a massive danger in other ways. This very same targeting data is already being abused by totalitarian states to influence our politics, which has had disastrous results. Of course, our own democratic governments� hands aren�t exactly clean either in this regard, as they increasingly want to use this data to stop terrorists! and otherwise infringe on basic rights. Finally, any time such data ends up on the black market after data breaches, criminals, organised or otherwise, also get their hands on it. I have no idea what such a ban should look like, or if it�s possible to do this even remotely effectively. In the current political climate in many western countries, which are dominated by the wealthy few and corporate interests, it�s highly unlikely that even if such a ban was passed as lip service to concerned constituents, any fines or other deterrents would probably be far too low to make a difference anyway. As such, my desire to have targeted online advertising banned is mostly theory, not practice � further illustrated by the European Union caving like cowards on privacy to even the slightest bit of pressure. Best I can do for now is not partake in this advertising hellhole. I disabled and removed all advertising from OSNews recently, and have always strongly advised everyone to use as many adblocking options as possible. We not only have a Pi-Hole to keep all of our devices at home safe, but also use a second layer of on-device adblockers, and I advise everyone to do the same.
- Americans are holding onto devices longer than ever and it’s costing the economy!
We need to consume. The average American now holds onto their smartphone for 29 months, according to a`recent survey by Reviews.org, and that cycle is getting longer. The average was around 22 months in 2016. While squeezing as much life out of your device as possible may save money in the short run, especially amid widespread fears about the strength of the consumer and job market, it might cost the economy in the long run, especially when device hoarding occurs at the level of corporations. ↫ Kevin Williams at CNBC Line must go up. Ļ̷̩̺̾i̶̼̳͍͂̒ͅn̵͕̉̾e̴̞͛̓̀̍ ̴͙̙̥͋͐m̸͚̉̆u̴̖̰̪̽̔ͅs̶̨̛̾ţ̷̢̂͛̆͝ ̵̱̐̓̾̔͜ğ̷͕̮̮͆o̷̟͈̐̏̄͝ ̷̢̨̞̉u̴̢̪̭̱̿͑͛̌p̴͈̜̫̖̌.
- Tuxedo cancels Snapdragon X Elite Linux laptop project
For the past 18 months, the Linux OEM Tuxedo Computers has been working on bringing a Snapdragon X Elite ARM laptop to market, but now they cancelled the project due to complications. Development turned out to be challenging due to the different architecture, and in the end, the first-generation X1E proved to be less suitable for Linux than expected. In particular, the long battery runtimes—usually one of the strong arguments for ARM devices—were not achieved under Linux. A viable approach for BIOS updates under Linux is also missing at this stage, as is fan control. Virtualization with KVM is not foreseeable on our model, nor are the high USB4 transfer rates. Video hardware decoding is technically possible, but most applications lack the necessary support. Given these conditions, investing several more months of development time does not seem sensible, as it is not foreseeable that all the features you can rightfully expect would be available in the end. In addition, we would be offering you a device with what would then be a more than two-year-old Snapdragon X Elite (X1E), whose successor, the Snapdragon X2 Elite (X2E), was officially introduced in September 2025 and is expected to become available in the first half of 2026. ↫ Tuxedo�s announcement Back when Qualcomm was hyping up these processors, the company made big claims about supporting Linux equally to Windows, but those promises have turned out to be absolutely worthless. Tuxedo already highlighted the problems it was dealing with half a year ago, and now it seems these problems have become impossible to overcome � at least for now. This is a shame, bu also not entirely unexpected, since there�s no way a small Linux OEM can do the work that Qualcomm promised it would do for its own chip. All this sadly means we still don�t really have proper Linux support for modern ARM laptops, which is a crying shame. The problem isn�t so much Linux itself, but the non-standardised world of ARM hardware. Large OEMs are willing to do the work to make Windows work, but despite recent successes, desktop Linux is nowhere near as popular as Windows, so there�s little incentive for OEMs (or Qualcomm) to step up their game. It is what it is.
- The Commodore CHESSmate
The CHESSmate was demonstrated at the January 1978 Consumer Electronics Show in Las Vegas as a prototype in order to assess customer interest in the product. It was available for order at the June 1978 CES in Chicago and the first units, manufactured in Hong Kong, shipped later that year. It was a big seller in Germany from the beginning. ↫ Peter R. Jennings There�s no way I can summarise this story.
- Microsoft removes WINS from future Windows Server releases
Blasts from the pasts are often fun, and in the case of feature removals from Windows, it�s often accompanied by surprise that the feature in question still existed. Case in point: This article provides essential information about the deprecation and planned removal of Windows Internet Name Service (WINS) from future Windows Server releases. Microsoft has announced that WINS will be removed from all Windows Server releases after Windows Server 2025 and will remain under the standard support lifecycle through November 2034. Organizations using WINS are strongly encouraged to migrate to modern DNS-based name resolution solutions. ↫ Microsoft knowledge base article WINS was introduced with Windows NT 3.5 back in 1994, and maps NetBIOS to IP addresses in much the same way DNS maps domains names to IP addresses. Nobody should be using WINS anymore, and Microsoft has been discouraging its use for a long time now. With the ubiquity of DNS, WINS serves very little purpose, so it makes sense Microsoft is removing it from Windows.
- LionsOS: an adaptable OS based on the seL4 microkernel
LionsOS is an operating system based on the seL4 microkernel with the goal of making the achievements of seL4 accessible. That is, to provide performance, security, and reliability. It is not a conventional operating system, but contains composable components for creating custom operating systems that are specific to a particular task. Components are joined together using the Microkit tool. ↫ LionsOS website The project is under active research and development, led by the Trustworthy Systems research group at UNSW Sydney in Australia. The source code is available on GitHub.
- HP, Dell quietly disable HEVC on certain laptops over minute license fee increase
Inter-corporation bullshit screwing over consumers � a tale as old as time. Major laptop vendors have quietly removed hardware decode support for the H.265/HEVC codec in several business and entry-level models, a decision apparently driven by rising licensing fees. Users working with H.265 content may face reduced performance unless they verify codec support or rely on software workarounds. ↫ Hilbert Hagedoornn at The Guru of 3D You may want to know how much these licensing fees are, and by how much they�re increasing next year, making these laptop OEMs remove features to avoid the costs. The HEVC licensing fee is $0.20 per device, and in 2026 it�s increasing to $0.24. Yes, a $0.04 increase per device is forcing! these giant companies to screw over their consumers. Nobody�s coming out a winner here, and everyone loses. We took a wrong turn, but nobody seems to know when and where.
- EU OS: A Bold Step Toward Digital Sovereignty for Europe
Image 
A new initiative, called "EU OS," has been launched to develop a Linux-based operating system tailored specifically for the public sector organizations of the European Union (EU). This community-driven project aims to address the EU's unique needs and challenges, focusing on fostering digital sovereignty, reducing dependency on external vendors, and building a secure, self-sufficient digital ecosystem.
What Is EU OS?
EU OS is not an entirely novel operating system. Instead, it builds upon a Linux foundation derived from Fedora, with the KDE Plasma desktop environment. It draws inspiration from previous efforts such as France's GendBuntu and Munich's LiMux, which aimed to provide Linux-based systems for public sector use. The goal remains the same: to create a standardized Linux distribution that can be adapted to different regional, national, and sector-specific needs within the EU.
Rather than reinventing the wheel, EU OS focuses on standardization, offering a solid Linux foundation that can be customized according to the unique requirements of various organizations. This approach makes EU OS a practical choice for the public sector, ensuring broad compatibility and ease of implementation across diverse environments.
The Vision Behind EU OS
The guiding principle of EU OS is the concept of "public money – public code," ensuring that taxpayer money is used transparently and effectively. By adopting an open-source model, EU OS eliminates licensing fees, which not only lowers costs but also reduces the dependency on a select group of software vendors. This provides the EU’s public sector organizations with greater flexibility and control over their IT infrastructure, free from the constraints of vendor lock-in.
Additionally, EU OS offers flexibility in terms of software migration and hardware upgrades. Organizations can adapt to new technologies and manage their IT evolution at a manageable cost, both in terms of finances and time.
However, there are some concerns about the choice of Fedora as the base for EU OS. While Fedora is a solid and reliable distribution, it is backed by the United States-based Red Hat. Some argue that using European-backed projects such as openSUSE or KDE's upcoming distribution might have aligned better with the EU's goal of strengthening digital sovereignty.
Conclusion
EU OS marks a significant step towards Europe's digital independence by providing a robust, standardized Linux distribution for the public sector. By reducing reliance on proprietary software and vendors, it paves the way for a more flexible, cost-effective, and secure digital ecosystem. While the choice of Fedora as the base for the project has raised some questions, the overall vision of EU OS offers a promising future for Europe's public sector in the digital age.
Source: It's FOSS
European Union
- Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linus Torvalds Acknowledges Missed Release of Linux 6.14 Due to Oversight
Linux kernel lead developer Linus Torvalds has admitted to forgetting to release version 6.14, attributing the oversight to his own lapse in memory. Torvalds is known for releasing new Linux kernel candidates and final versions on Sunday afternoons, typically accompanied by a post detailing the release. If he is unavailable due to travel or other commitments, he usually informs the community ahead of time, so users don’t worry if there’s a delay.
In his post on March 16, Torvalds gave no indication that the release might be delayed, instead stating, “I expect to release the final 6.14 next weekend unless something very surprising happens.” However, Sunday, March 23rd passed without any announcement.
On March 24th, Torvalds wrote in a follow-up message, “I’d love to have some good excuse for why I didn’t do the 6.14 release yesterday on my regular Sunday afternoon schedule,” adding, “But no. It’s just pure incompetence.” He further explained that while he had been clearing up unrelated tasks, he simply forgot to finalize the release. “D'oh,” he joked.
Despite this minor delay, Torvalds’ track record of successfully managing the Linux kernel’s development process over the years remains strong. A single day’s delay is not critical, especially since most Linux users don't urgently need the very latest version.
The new 6.14 release introduces several important features, including enhanced support for writing drivers in Rust—an ongoing topic of discussion among developers—support for Qualcomm’s Snapdragon 8 Elite mobile chip, a fix for the GhostWrite vulnerability in certain RISC-V processors from Alibaba’s T-Head Semiconductor, and a completed NTSYNC driver update that improves the WINE emulator’s ability to run Windows applications, particularly games, on Linux.
Although the 6.14 release went smoothly aside from the delay, Torvalds expressed that version 6.15 may present more challenges due to the volume of pending pull requests. “Judging by my pending pile of pull requests, 6.15 will be much busier,” he noted.
You can download the latest kernel here.
Linus Torvalds kernel
- AerynOS 2025.03 Alpha Released with GNOME 48, Mesa 25, and Linux Kernel 6.13.8
Image 
AerynOS 2025.03 has officially been released, introducing a variety of exciting features for Linux users. The release includes the highly anticipated GNOME 48 desktop environment, which comes with significant improvements like HDR support, dynamic triple buffering, and a Wayland color management protocol. Other updates include a battery charge limiting feature and a Wellbeing option aimed at improving user experience.
This release, while still in alpha, incorporates Linux kernel 6.13.8 and the updated Mesa 25.0.2 graphics stack, alongside tools like LLVM 19.1.7 and Vulkan SDK 1.4.309.0. Additionally, the Moss package manager now integrates os-info to generate more detailed OS metadata via a JSON file.
Future plans for AerynOS include automated package updates, easier rollback management, improved disk handling with Rust, and fractional scaling enabled by default. The installer has also been revamped to support full disk wipes and dynamic partitioning.
Although still considered an alpha release, AerynOS 2025.03 can be downloaded and tested right now from its official website.
Source: 9to5Linux
AerynOS
- Xojo 2025r1: Big Updates for Developers with Linux ARM Support, Web Drag and Drop, and Direct App Store Publishing
Image 
Xojo has just rolled out its latest release, Xojo 2025 Release 1, and it’s packed with features that developers have been eagerly waiting for. This major update introduces support for running Xojo on Linux ARM, including Raspberry Pi, brings drag-and-drop functionality to the Web framework, and simplifies app deployment with the ability to directly submit apps to the macOS and iOS App Stores.
Here’s a quick overview of what’s new in Xojo 2025r1:
1. Linux ARM IDE Support
Xojo 2025r1 now allows developers to run the Xojo IDE on Linux ARM devices, including popular platforms like Raspberry Pi. This opens up a whole new world of possibilities for developers who want to create apps for ARM-based devices without the usual complexity. Whether you’re building for a Raspberry Pi or other ARM devices, this update makes it easier than ever to get started.
2. Web Drag and Drop
One of the standout features in this release is the addition of drag-and-drop support for web applications. Now, developers can easily drag and drop visual controls in their web projects, making it simpler to create interactive, user-friendly web applications. Plus, the WebListBox has been enhanced with support for editable cells, checkboxes, and row reordering via dragging. No JavaScript required!
3. Direct App Store Publishing
Xojo has also streamlined the process of publishing apps. With this update, developers can now directly submit macOS and iOS apps to App Store Connect right from the Xojo IDE. This eliminates the need for multiple steps and makes it much easier to get apps into the App Store, saving valuable time during the development process.
4. New Desktop and Mobile Features
This release isn’t just about web and Linux updates. Xojo 2025r1 brings some great improvements for desktop and mobile apps as well. On the desktop side, all projects now include a default window menu for macOS apps. On the mobile side, Xojo has introduced new features for Android and iOS, including support for ColorGroup and Dark Mode on Android, and a new MobileColorPicker for iOS to simplify color selection.
5. Performance and IDE Enhancements
Xojo’s IDE has also been improved in several key areas. There’s now an option to hide toolbar captions, and the toolbar has been made smaller on Windows. The IDE on Windows and Linux now features modern Bootstrap icons, and the Documentation window toolbar is more compact. In the code editor, developers can now quickly navigate to variable declarations with a simple Cmd/Ctrl + Double-click. Plus, performance for complex container layouts in the Layout Editor has been enhanced.
What Does This Mean for Developers?
Xojo 2025r1 brings significant improvements across all the platforms that Xojo supports, from desktop and mobile to web and Linux. The added Linux ARM support opens up new opportunities for Raspberry Pi and ARM-based device development, while the drag-and-drop functionality for web projects will make it easier to create modern, interactive web apps. The ability to publish directly to the App Store is a game-changer for macOS and iOS developers, reducing the friction of app distribution.
How to Get Started
Xojo is free for learning and development, as well as for building apps for Linux and Raspberry Pi. If you’re ready to dive into cross-platform development, paid licenses start at $99 for a single-platform desktop license, and $399 for cross-platform desktop, mobile, or web development. For professional developers who need additional resources and support, Xojo Pro and Pro Plus licenses start at $799. You can also find special pricing for educators and students.
Download Xojo 2025r1 today at xojo.com.
Final Thoughts
With each new release, Xojo continues to make cross-platform development more accessible and efficient. The 2025r1 release is no exception, delivering key updates that simplify the development process and open up new possibilities for developers working on a variety of platforms. Whether you’re a Raspberry Pi enthusiast or a mobile app developer, Xojo 2025r1 has something for you.
Xojo ARM
- New 'Mirrored' Network Mode Introduced in Windows Subsystem for Linux
Microsoft's Windows Subsystem for Linux (WSL) continues to evolve with the release of WSL 2 version 0.0.2. This update introduces a set of opt-in preview features designed to enhance performance and compatibility.
Key additions include "Automatic memory reclaim" which dynamically optimizes WSL's memory footprint, and "Sparse VHD" to shrink the size of the virtual hard disk file. These improvements aim to streamline resource usage.
Additionally, a new "mirrored networking mode" brings expanded networking capabilities like IPv6 and multicast support. Microsoft claims this will improve VPN and LAN connectivity from both the Windows host and Linux guest.
Complementing this is a new "DNS Tunneling" feature that changes how DNS queries are resolved to avoid compatibility issues with certain network setups. According to Microsoft, this should reduce problems connecting to the internet or local network resources within WSL.
Advanced firewall configuration options are also now available through Hyper-V integration. The new "autoProxy" feature ensures WSL seamlessly utilizes the Windows system proxy configuration.
Microsoft states these features are currently rolling out to Windows Insiders running Windows 11 22H2 Build 22621.2359 or later. They remain opt-in previews to allow testing before final integration into WSL.
By expanding WSL 2 with compelling new capabilities in areas like resource efficiency, networking, and security, Microsoft aims to make Linux on Windows more performant and compatible. This evolutionary approach based on user feedback highlights Microsoft's commitment to WSL as a key part of the Windows ecosystem.
Windows
- Linux Threat Report: Earth Lusca Deploys Novel SprySOCKS Backdoor in Attacks on Government Entities
The threat actor Earth Lusca, linked to Chinese state-sponsored hacking groups, has been observed utilizing a new Linux backdoor dubbed SprySOCKS to target government organizations globally.
As initially reported in January 2022 by Trend Micro, Earth Lusca has been active since at least 2021 conducting cyber espionage campaigns against public and private sector targets in Asia, Australia, Europe, and North America. Their tactics include spear-phishing and watering hole attacks to gain initial access. Some of Earth Lusca's activities overlap with another Chinese threat cluster known as RedHotel.
In new research, Trend Micro reveals Earth Lusca remains highly active, even expanding operations in the first half of 2023. Primary victims are government departments focused on foreign affairs, technology, and telecommunications. Attacks concentrate in Southeast Asia, Central Asia, and the Balkans regions.
After breaching internet-facing systems by exploiting flaws in Fortinet, GitLab, Microsoft Exchange, Telerik UI, and Zimbra software, Earth Lusca uses web shells and Cobalt Strike to move laterally. Their goal is exfiltrating documents and credentials, while also installing additional backdoors like ShadowPad and Winnti for long-term spying.
The Command and Control server delivering Cobalt Strike was also found hosting SprySOCKS - an advanced backdoor not previously publicly reported. With roots in the Windows malware Trochilus, SprySOCKS contains reconnaissance, remote shell, proxy, and file operation capabilities. It communicates over TCP mimicking patterns used by a Windows trojan called RedLeaves, itself built on Trochilus.
At least two SprySOCKS versions have been identified, indicating ongoing development. This novel Linux backdoor deployed by Earth Lusca highlights the increasing sophistication of Chinese state-sponsored threats. Robust patching, access controls, monitoring for unusual activities, and other proactive defenses remain essential to counter this advanced malware.
The Trend Micro researchers emphasize that organizations must minimize attack surfaces, regularly update systems, and ensure robust security hygiene to interrupt the tactics, techniques, and procedures of relentless threat groups like Earth Lusca.
Security
- Linux Kernel Faces Reduction in Long-Term Support Due to Maintenance Challenges
The Linux kernel is undergoing major changes that will shape its future development and adoption, according to Jonathan Corbet, Linux kernel developer and executive editor of Linux Weekly News. Speaking at the Open Source Summit Europe, Corbet provided an update on the latest Linux kernel developments and a glimpse of what's to come.
A major change on the horizon is a reduction in long-term support (LTS) for kernel versions from six years to just two years. Corbet explained that maintaining old kernel branches indefinitely is unsustainable and most users have migrated to newer versions, so there's little point in continuing six years of support. While some may grumble about shortened support lifecycles, the reality is that constantly backporting fixes to ancient kernels strains maintainers.
This maintainer burnout poses a serious threat, as Corbet highlighted. Maintaining Linux is largely a volunteer effort, with only about 200 of the 2,000+ developers paid for their contributions. The endless demands on maintainers' time from fuzz testing, fixing minor bugs, and reviewing contributions takes a toll. Prominent maintainers have warned they need help to avoid collapse. Companies relying on Linux must realize giving back financially is in their interest to sustain this vital ecosystem.
The Linux kernel is also wading into waters new with the introduction of Rust code. While Rust solves many problems, it also introduces new complexities around language integration, evolving standards, and maintainer expertise. Corbet believes Rust will pass the point of no return when core features depend on it, which may occur soon with additions like Apple M1 GPU drivers. Despite skepticism in some corners, Rust's benefits likely outweigh any transition costs.
On the distro front, Red Hat's decision to restrict RHEL cloning sparked community backlash. While business considerations were at play, Corbet noted technical factors too. Using older kernels with backported fixes, as RHEL does, risks creating divergent, vendor-specific branches. The Android model of tracking mainline kernel dev more closely has shown security benefits. Ultimately, Linux works best when aligned with the broader community.
In closing, Corbet recalled the saying "Linux is free like a puppy is free." Using open source seems easy at first, but sustaining it long-term requires significant care and feeding. As Linux is incorporated into more critical systems, that maintenance becomes ever more crucial. The kernel changes ahead are aimed at keeping Linux healthy and vibrant for the next generation of users, businesses, and developers.
kernel
- Linux Celebrates 32 Years with the Release of 6.6-rc2 Version
Today marks the 32nd anniversary of Linus Torvalds introducing the inaugural Linux 0.01 kernel version, and celebrating this milestone, Torvalds has launched the Linux 6.6-rc2. Among the noteworthy updates are the inclusion of a feature catering to the ASUS ROG Flow X16 tablet's mode handling and the renaming of the new GenPD subsystem to pmdomain.
The Linux 6.6 edition is progressing well, brimming with exciting new features that promise to enhance user experience. Early benchmarks are indicating promising results, especially on high-core-count servers, pointing to a potentially robust and efficient update in the Linux series.
Here is what Linus Torvalds had to say in today's announcement:
Another week, another -rc.I think the most notable thing about 6.6-rc2 is simply that it'sexactly 32 years to the day since the 0.01 release. And that's a roundnumber if you are a computer person.Because other than the random date, I don't see anything that reallystands out here. We've got random fixes all over, and none of it looksparticularly strange. The genpd -> pmdomain rename shows up in thediffstat, but there's no actual code changes involved (make sure touse "git diff -M" to see them as zero-line renames).And other than that, things look very normal. Sure, the architecturefixes happen to be mostly parisc this week, which isn't exactly theusual pattern, but it's also not exactly a huge amount of changes.Most of the (small) changes here are in drivers, with some tracingfixes and just random things. The shortlog below is short enough toscroll through and get a taste of what's been going on. Linus Torvalds
- Introducing Bavarder: A User-Friendly Linux Desktop App for Quick ChatGPT Interaction
Want to interact with ChatGPT from your Linux desktop without using a web browser?
Bavarder, a new app, allows you to do just that.
Developed with Python and GTK4/libadwaita, Bavarder offers a simple concept: pose a question to ChatGPT, receive a response, and promptly copy the answer (or your inquiry) to the clipboard for pasting elsewhere.
With an incredibly user-friendly interface, you won't require AI expertise (or a novice blogger) to comprehend it. Type your question in the top box, click the blue send button, and wait for a generated response to appear at the bottom. You can edit or modify your message and repeat the process as needed.
During our evaluation, Bavarder employed BAI Chat, a GPT-3.5/ChatGPT API-based chatbot that's free and doesn't require signups or API keys. Future app versions will incorporate support for alternative backends, such as ChatGPT 4 and Hugging Chat, and allow users to input an API key to utilize ChatGPT3.
At present, there's no option to regenerate a response (though you can resend the same question for a potentially different answer). Due to the lack of a "conversation" view, tracking a dialogue or following up on answers can be challenging — but Bavarder excels for rapid-fire questions.
As with any AI, standard disclaimers apply. Responses might seem plausible but could contain inaccurate or false information. Additionally, it's relatively easy to lead these models into irrational loops, like convincing them that 2 + 2 equals 106 — so stay alert!
Overall, Bavarder is an attractive app with a well-defined purpose. If you enjoy ChatGPT and similar technologies, it's worth exploring.
ChatGPT AI
- LibreOffice 7.5.3 Released: Third Maintenance Update Brings 119 Bug Fixes to Popular Open-Source Office Suite
Today, The Document Foundation unveiled the release and widespread availability of LibreOffice 7.5.3, which serves as the third maintenance update to the current LibreOffice 7.5 open-source and complimentary office suite series.
Approximately five weeks after the launch of LibreOffice 7.5.2, LibreOffice 7.5.3 arrives with a new set of bug fixes for those who have successfully updated their GNU/Linux system to the LibreOffice 7.5 series.
LibreOffice 7.5.3 addresses a total of 119 bugs identified by users or uncovered by LibreOffice developers. For a more comprehensive understanding of these bug fixes, consult the RC1 and RC2 changelogs.
You can download LibreOffice 7.5.3 directly from the LibreOffice websiteor from SourceForge as binary installers for DEB or RPM-based GNU/Linux distributions. A source tarball is also accessible for individuals who prefer to compile the software from sources or for system integrators.
All users operating the LibreOffice 7.5 office suite series should promptly update their installations to the new point release, which will soon appear in the stable software repositories of your GNU/Linux distributions.
In early February 2023, LibreOffice 7.5 debuted as a substantial upgrade to the widely-used open-source office suite, introducing numerous features and improvements. These enhancements encompass major upgrades to dark mode support, new application and MIME-type icons, a refined Single Toolbar UI, enhanced PDF Export, and more.
Seven maintenance updates will support LibreOffice 7.5 until November 30th, 2023. The next point release, LibreOffice 7.5.4, is scheduled for early June and will include additional bug fixes.
The Document Foundation once again emphasizes that the LibreOffice office suite's "Community" edition is maintained by volunteers and members of the Open Source community. For enterprise implementations, they suggest using the LibreOffice Enterprise family of applications from ecosystem partners.
LibreOffice
- KDE Unleashes Plasma 6.5
The Plasma 6.5 desktop environment is now available with new features, improvements, and the usual bug fixes.
- LMDE 7 Now Available
Linux Mint Debian Edition, version 7, has been officially released and is based on upstream Debian.
- Linux Kernel 6.16 Reaches EOL
Linux kernel 6.16 has reached its end of life, which means you'll need to upgrade to the next stable release, Linux kernel 6.17.
- Linux Kernel 6.17 is Available
Linus Torvalds has announced that the latest kernel has been released with plenty of core improvements and even more hardware support.
- Zorin OS 18 Beta Available for Testing
The latest release from the team behind Zorin OS is ready for public testing, and it includes plenty of improvements to make it more powerful, user-friendly, and productive.
- USB4 Maintainer Leaves Intel
Michael Jamet, one of the primary maintainers of USB4 and Thunderbolt drivers, has left Intel, leaving a gaping hole for the Linux community to deal with.
|
